Hi! I was asked to backport a fix for a CVE to our of our powerkvm products. This one:
https://exchange.xforce.ibmcloud.com/vulnerabilities/111187 === qemu-cve20158817-dos (111187) reported Mar 1, 2016 Qemu, built to use address_space_translate to map an address to a MemoryRegionSection, is vulnerable to a denial of service, when doing pci_dma_read/write calls. A remote authenticated attacker from within the local network could exploit this vulnerability to cause the guest instance to crash. === There is a link to this one [1]: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459 Which was reverted with a sensible explanation [2]: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=4025446f0ac6213335c22ec43f3c3d8362ce7286 However it is still in the tree as [3]: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3 The only difference between [1] and [3] is a fixed typo in the subject, other than that they are identical. Is not the explanation from [2] correct any more and [3] is a correct final fix? Or [3] should not be in the tree at all? Thanks! -- Alexey
