diff options
author | Yogita Urade <yogita.urade@windriver.com> | 2023-10-05 11:12:52 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-10-06 11:50:54 +0100 |
commit | 7c42b976d7a72acf917bae9d055768a1350e507d (patch) | |
tree | ed59099907ff06dd76a872be865826951e87953d /meta/recipes-core/busybox | |
parent | 53d9d8789efc701609a5a1e985287344c2209d62 (diff) | |
download | openembedded-core-7c42b976d7a72acf917bae9d055768a1350e507d.tar.gz |
qemu: fix CVE-2023-42467
QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset
in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not
prevent s->qdev.blocksize from being 256. This stops QEMU and the guest
immediately.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-42467
https://gitlab.com/qemu-project/qemu/-/issues/1813
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/busybox')
0 files changed, 0 insertions, 0 deletions