Headline
CVE-2023-40360: hw/nvme: fix null pointer access in directive receive (6c8f8456) · Commits · Klaus Jensen / QEMU · GitLab
QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.
Skip to content
GitLab
- GitLab: the DevOps platform
- Explore GitLab
- Install GitLab
- How GitLab compares
- Get started
- GitLab docs
- GitLab Learn
Pricing
Talk to an expert
/
Help
Help
Support
Community forum
Submit feedback
Contribute to GitLab
Switch to GitLab Next
Projects Groups Topics Snippets
Register
Sign in
Klaus Jensen
QEMU
Commits
6c8f8456
Commit 6c8f8456 authored Aug 08, 2023 by Klaus Jensen 🍻
Browse files
hw/nvme: fix null pointer access in directive receive
nvme_directive_receive() does not check if an endurance group has been configured (set) prior to testing if flexible data placement is enabled or not.
Fix this.
Cc: [email protected] Resolves: #1815 Fixes: 73064edf
(“hw/nvme: flexible data placement emulation”) Reviewed-by: Jesper Wendel Devantier <[email protected]> Signed-off-by: Klaus Jensen <[email protected]>
parent a8fc5165
- Changes 1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment
Related news
Ubuntu Security Notice 6567-2 - USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behavior change leading to a regression in certain environments. This update fixes the problem. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. Various other issues were also addressed.
Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.