[Qemu-devel] [PULL for-2.6 0/2] ehci: fix (s)iTD looping issue (CVE-2015-8558) in a different way.

Gerd Hoffmann Mon, 18 Apr 2016 23:26:47 -0700

  Hi,

CVE-2015-8558 fix turned out to break FreeBSD and being
incomplete -- go for a different approach to fix things.


please pull,
  Gerd

The following changes since commit c6c598ca5fba68fbd6612f3330c4015142f2f86a:

  Merge remote-tracking branch 'remotes/weil/tags/pull-wxx-20160415' into 
staging (2016-04-18 09:55:16 +0100)

are available in the git repository at:


  git://git.kraxel.org/qemu tags/pull-usb-20160419-1

for you to fetch changes up to a49923d2837d20510d645d3758f1ad87c32d0730:

  Revert "ehci: make idt processing more robust" (2016-04-19 08:20:56 +0200)

----------------------------------------------------------------
ehci: fix (s)iTD looping issue (CVE-2015-8558) in a different way.

----------------------------------------------------------------
Gerd Hoffmann (2):
      ehci: apply limit to iTD/sidt descriptors
      Revert "ehci: make idt processing more robust"

 hw/usb/hcd-ehci.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

[Qemu-devel] [PULL for-2.6 0/2] ehci: fix (s)iTD looping issue (CVE-2015-8558) in a different way.

Reply via email to