Headline
CVE-2020-15469: [PATCH v3 0/9] memory: assert and define MemoryRegionOps callbacks
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
From:
P J P
Subject:
[PATCH v3 0/9] memory: assert and define MemoryRegionOps callbacks
Date:
Tue, 30 Jun 2020 17:57:01 +0530
From: Prasad J Pandit [email protected]
Hello,
* This series asserts that MemoryRegionOps objects define read/write callback methods. Thus avoids potential NULL pointer dereference. ex. -> https://git.qemu.org/?p=qemu.git;a=commit;h=bb15013ef34617eb1344f5276292cadd326c21b2
* Also adds various undefined MemoryRegionOps read/write functions to avoid potential assert failure.
Thank you.
Prasad J Pandit (9): hw/pci-host: add pci-intack write method pci-host: add pcie-msi read method vfio: add quirk device write method prep: add ppc-parity write method nvram: add nrf51_soc flash read method spapr_pci: add spapr msi read method tz-ppc: add dummy read/write methods imx7-ccm: add digprog mmio write method memory: assert MemoryRegionOps callbacks are defined
hw/misc/imx7_ccm.c | 7 +++++++ hw/misc/tz-ppc.c | 14 ++++++++++++++ hw/nvram/nrf51_nvm.c | 5 +++++ hw/pci-host/designware.c | 9 +++++++++ hw/pci-host/prep.c | 8 ++++++++ hw/ppc/prep_systemio.c | 8 ++++++++ hw/ppc/spapr_pci.c | 13 ++++++++++±- hw/vfio/pci-quirks.c | 8 ++++++++ memory.c | 10 ++++++++± 9 files changed, 79 insertions(+), 3 deletions(-)
– 2.26.2
[PATCH v3 0/9] memory: assert and define MemoryRegionOps callbacks, P J P <=
- [PATCH v3 1/9] hw/pci-host: add pci-intack write method, P J P, 2020/06/30
- [PATCH v3 2/9] pci-host: add pcie-msi read method, P J P, 2020/06/30
- [PATCH v3 3/9] vfio: add quirk device write method, P J P, 2020/06/30
- [PATCH v3 4/9] prep: add ppc-parity write method, P J P, 2020/06/30
- [PATCH v3 5/9] nvram: add nrf51_soc flash read method, P J P, 2020/06/30
- [PATCH v3 6/9] spapr_pci: add spapr msi read method, P J P, 2020/06/30
- [PATCH v3 7/9] tz-ppc: add dummy read/write methods, P J P, 2020/06/30
- Re: [PATCH v3 7/9] tz-ppc: add dummy read/write methods, Philippe Mathieu-Daudé, 2020/06/30
- Re: [PATCH v3 7/9] tz-ppc: add dummy read/write methods, Li Qiang, 2020/06/30
- [PATCH v3 8/9] imx7-ccm: add digprog mmio write method, P J P, 2020/06/30
Prev by Date: Re: [PATCH RFC] virtio-fs: force virtio 1.x usage
Next by Date: [PATCH v3 1/9] hw/pci-host: add pci-intack write method
Previous by thread: [PATCH] Revert “chardev: fix backend events regression with mux chardev”
Next by thread: [PATCH v3 1/9] hw/pci-host: add pci-intack write method
Index(es):
- Date
- Thread
Related news
An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.