mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-03 11:02:05 +00:00
qemu: fix CVE-2020-28916
While receiving packets via e1000e_write_packet_to_guest an infinite loop could be triggered if the receive descriptor had a NULL buffer address. A privileged guest user could use this to induce a DoS Scenario. Fixes: CVE-2020-28916
This commit is contained in:
parent
72cb12e4ab
commit
c3f268000e
|
@ -83,6 +83,12 @@ stdenv.mkDerivation rec {
|
|||
./fix-qemu-ga.patch
|
||||
./9p-ignore-noatime.patch
|
||||
./CVE-2020-27617.patch
|
||||
(fetchpatch {
|
||||
# e1000e: infinite loop scenario in case of null packet descriptor, remove for QEMU >= 5.2.0-rc3
|
||||
name = "CVE-2020-28916.patch";
|
||||
url = "https://git.qemu.org/?p=qemu.git;a=patch;h=c2cb511634012344e3d0fe49a037a33b12d8a98a";
|
||||
sha256 = "1kvm6wl4vry0npiisxsn76h8nf1iv5fmqsyjvb46203f1yyg5pis";
|
||||
})
|
||||
] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
|
||||
++ optionals stdenv.hostPlatform.isMusl [
|
||||
(fetchpatch {
|
||||
|
|
Loading…
Reference in a new issue