[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] CVE-2018-7550 (was: multiboot: bss_end_addr can be zer
From: |
P J P |
Subject: |
Re: [Qemu-stable] CVE-2018-7550 (was: multiboot: bss_end_addr can be zero / cleanup) |
Date: |
Thu, 15 Mar 2018 11:43:30 +0530 (IST) |
+-- On Wed, 14 Mar 2018, Kevin Wolf wrote --+
| Well, it seems to me that this patch was created for a different
| purpose, but it happens to fix the bug for which this CVE was assigned
| now.
Right. I had sent another patch to fix it, there Jack mentioned about his
series from before.
| I think PJP knew that this CVE was coming before the patches were merged
| into master, so if he had told us, we could have had a better commit
| message.
For non-embargoed issues we request CVE from Mitre after a proposed patch is
reviewed and acked for upstream QEMU. Nevertheless, going forward I'll mention
the CVE-ID here on the list, as soon as it is assigned.
| I don't think a problem like this would be embargoed at all.
True.
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F