projects / scm / bb / tizen-distro.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 770319d) | patch
qemu: security patch for CVE-2014-3471
authorDaniel BORNAZ <daniel.bornaz@enea.com>
Thu, 17 Jul 2014 12:24:11 +0000 (14:24 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 18 Jul 2014 23:09:02 +0000 (00:09 +0100)
commite6f54ab51c5be9024c8c394e576e49600987d452
tree28543dc4eda7c4c9c10619bc6b94ddebba32e5e8tree | snapshot
parent770319d61398d8db940c0bf1a49a50ad8cea9247commit | diff
qemu: security patch for CVE-2014-3471

Qemu PCIe bus support is vulnerable to a use-after-free flaw. It could
occur via guest, when it tries to hotplug/hotunplug devices on the
guest.

A user able to add & delete Virtio block devices on a guest could use
this flaw to crash the Qemu instance resulting in DoS.

Originated-by: Marcel Apfelbaum <address@hidden>
Updated the qemu recipe to include the security patch.

Upstream-Status: Submitted

(From OE-Core rev: a84e1749b489cee5ea219799c35e29b6edead30f)

Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/qemu/files/pcie_better_hotplug_support.patch [new file with mode: 0644] blob
meta/recipes-devtools/qemu/qemu_2.0.0.bb diff | blob | history
Domain: SCM / BB;