On Tue, Dec 03, 2013 at 06:24:24PM +0000, Peter Maydell wrote: > On 3 December 2013 16:28, Michael S. Tsirkin <m...@redhat.com> wrote: > > For example: > > > > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c8 > > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c9 > > I get "not authorized" errors on both of those.
Oh, sorry :( You'll have to take my word on it that what happened there was that a bug reporter saved state and suggested that developer attempt to load it to reproduce the bug. > > This patchset is the result of that audit: it addresses this set of > > security issues by adding input validation and failing migration on > > invalid input. > > I notice that some but not all of these patches have CVE numbers > in the commit messages -- what's the distinction that meant some > of them get CVEs and some don't? > > thanks > -- PMM The one that does not have a CVE is 23/23, this is a NULL pointer dereference on invalid input, which is not nice but probably not exploitable. -- MST