On Sun, Oct 26, 2025 at 11:02:48AM +0300, Michael Tokarev wrote: > On 10/3/25 18:02, Daniel P. Berrangé wrote: > > See patch 3 for the description of the problem and reproducer > > > > Changes in v2: > > > > - Improve finalizer robustness of TLS source > > - Keep cleanup in finalizer of websock, just augment > > it in the close method > > - Fix resetting of hs_ioc_tag value when callback > > is complete > > - Add CVE assignemnt in 3rd patch > > > > Daniel P. Berrangé (3): > > io: release active GSource in TLS channel finalizer > > io: move websock resource release to close method > > io: fix use after free in websocket handshake code > > > > include/io/channel-websock.h | 3 ++- > > io/channel-tls.c | 10 ++++++++++ > > io/channel-websock.c | 33 ++++++++++++++++++++++++++------- > > 3 files changed, 38 insertions(+), 8 deletions(-) > > Hi Daniel! > > Is this patchset not supposed to go to the stable qemu series? > I think it should?
Yes, it is applicable to all active stable branches - the bug has been present since 2.6.0 AFAICT. I've just sent a pull request for master https://lists.nongnu.org/archive/html/qemu-devel/2025-10/msg06571.html these three websock related patches will probably cherry-pick without trouble. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
