]> xenbits.xensource.com Git - qemu-upstream-4.5-testing.git/commit
projects / qemu-upstream-4.5-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4940416) | patch
net: avoid infinite loop when receiving packets(CVE-2015-5278) qemu-xen-4.5.2
authorP J P <pjp@fedoraproject.org>
Tue, 15 Sep 2015 11:16:59 +0000 (16:46 +0530)
committerStefano Stabellini <stefano.stabellini@eu.citrix.com>
Tue, 15 Sep 2015 14:04:42 +0000 (14:04 +0000)
commite5a1bb22cfb307db909dbd3404c48e5bbeb9e66d
tree956a31b18bce869ec4a84b0723f1f405fe679142tree
parent49404164189c6b91dfe3f96f70ae007a5a560e94commit | diff
net: avoid infinite loop when receiving packets(CVE-2015-5278)

Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, leading to an infinite
loop situation.

upstream-commit-id: 737d2b3c41d59eb8f94ab7eb419b957938f24943

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
hw/net/ne2000.c diff | blob | history
Obsolete Upstream Qemu based repository for xen-4.5-testing