Re: [OE-core] [PATCH] qemu: CVE-2018-18438 Security Advisory

Fri, 22 Jan 2021 02:14:45 -0800 

On Fri, 2021-01-22 at 15:15 +0800, Wang Mingyu wrote:
> References
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18438
> 
> Signed-off-by: Wang Mingyu <wan...@cn.fujitsu.com>
> ---
>  meta/recipes-devtools/qemu/qemu.inc           |   1 +
>  .../qemu/qemu/CVE-2018-18438.patch            | 697 ++++++++++++++++++
>  2 files changed, 698 insertions(+)
>  create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch
> 
> diff --git a/meta/recipes-devtools/qemu/qemu.inc 
> b/meta/recipes-devtools/qemu/qemu.inc
> index c894b81b10..d7f3613c3f 100644
> --- a/meta/recipes-devtools/qemu/qemu.inc
> +++ b/meta/recipes-devtools/qemu/qemu.inc
> @@ -30,6 +30,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
>             file://mmap.patch \
>             file://mmap2.patch \
>             
> file://0001-tests-meson.build-use-relative-path-to-refer-to-file.patch \
> +        file://CVE-2018-18438.patch \
>             "
>  UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
>  
> 
> 
> 
> 
> 
> 
> 
> diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch 
> b/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch
> new file mode 100644
> index 0000000000..b6ce8fa57d
> --- /dev/null
> +++ b/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch
> @@ -0,0 +1,697 @@
> +From:        Philippe Mathieu-Daudé
> +Subject:     [Qemu-devel] [PATCH v2 07/11] chardev: Let IOReadHandler use 
> unsigned type
> +Date:        Fri, 12 Oct 2018 02:22:13 +0200
> +
> +The number of bytes can not be negative nor zero.
> +
> +Fixed 2 format string:
> +- hw/char/spapr_vty.c
> +- hw/usb/ccid-card-passthru.c

No Upstream-Status. 

Its also unclear what the status of these patches is upstream, they're
submitted, there was discussion but they weren't merged. I'm also
wondering whether there are more of the 11 patches in the series needed
to address the issue? Or perhaps the issue was ultimately addressed by
other patches?

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147115): 
https://lists.openembedded.org/g/openembedded-core/message/147115
Mute This Topic: https://lists.openembedded.org/mt/80025435/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to