On Fri, Oct 07, 2016 at 01:09:29PM +0200, Hugo Lefeuvre wrote: > Hi, > > > I'll prepare a patch adding the usb_xhci_exit function and will > > perform some more tests. > > Well, here is what I got after taking some hours to try to produce a > patch for CVE-2016-7466[0]: > > * It is not possible to introduce the usb_xhci_exit function in qemu v1.1.2 > as it has been done in qemu v2.2.0[1] because it would imply a significant > code refactoring. For instance, the diff between hcd-xhci.c in qemu v1.1.2 > and qemu v2.2.0 is 3841 lines long, although hcd-xhci.c itself in v1.1.2 is > 2955 lines long ! > > * I'm not sure I'll be able to develop a patch alone in my assigned time > because I'm far from being a C expert, and the code is far from being > trivial. > > I haven't got any answer from the QEMU team, and it's quite unsure that > upstream will be interested in taking time to patch the 1.1.2 version. > > So, if anybody wants to take time to work on this patch, or, at least, have a > look at the issue, it would be helpful.
I can have a look but not before next week. Cheers, -- Guido > > I wanted to include a fix for this issue in my qemu/qemu-kvm upload, but > if it takes too long, I'll have to put this issue aside. > > Cheers, > Hugo > > [0] https://security-tracker.debian.org/tracker/CVE-2016-7466 > [1] > http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 > > -- > Hugo Lefeuvre (hle) | www.owl.eu.com > 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
