qemu: fix CVE-2023-42467 - openembedded-core

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2023-10-05 11:12:52 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-10-06 11:50:54 +0100
commit	7c42b976d7a72acf917bae9d055768a1350e507d (patch)
tree	ed59099907ff06dd76a872be865826951e87953d /meta/recipes-core/busybox
parent	53d9d8789efc701609a5a1e985287344c2209d62 (diff)
download	openembedded-core-7c42b976d7a72acf917bae9d055768a1350e507d.tar.gz

qemu: fix CVE-2023-42467

QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. References: https://nvd.nist.gov/vuln/detail/CVE-2023-42467 https://gitlab.com/qemu-project/qemu/-/issues/1813 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-core/busybox')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: