Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end

From:	Paolo Bonzini
Subject:	Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end
Date:	Tue, 1 Dec 2020 16:42:32 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0

On 01/12/20 16:30, Peter Maydell wrote:

On Tue, 1 Dec 2020 at 15:28, Philippe Mathieu-Daudé <philmd@redhat.com> wrote:

About reproducer, Michael asked about CVE-2020-24352 (ati_vga OOB in
ati_2d_blt) this morning. What happens to reproducers when a CVE is
assigned, but the bug is marked as "out of the QEMU security boundary"?


Also, why are we assigning CVEs for bugs we don't consider security bugs?

Sometimes CVEs are requested by other entities even before reaching theQEMU security mailing list.


Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini, 2020/12/01
- Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, P J P, 2020/12/01
  - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Philippe Mathieu-Daudé, 2020/12/01
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Peter Maydell, 2020/12/01
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini <=
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini, 2020/12/01
  - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini, 2020/12/01
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Markus Armbruster, 2020/12/02
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, P J P, 2020/12/02
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini, 2020/12/02
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Philippe Mathieu-Daudé, 2020/12/02
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, P J P, 2020/12/03
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Wenxiang Qian, 2020/12/11
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, Paolo Bonzini, 2020/12/11
    - Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end, P J P, 2020/12/11

Prev by Date: Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end
Next by Date: Re: [PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns
Previous by thread: Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end
Next by thread: Re: [PATCH] ide:atapi: check io_buffer_index in ide_atapi_cmd_reply_end
Index(es):
- Date
- Thread