Re: [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than INT_MAX

Jason Wang Tue, 25 Sep 2018 19:02:57 -0700



On 2018年09月25日 22:13, Michael S. Tsirkin wrote:

On Tue, Sep 25, 2018 at 03:23:23PM +0800, Jason Wang wrote:

Hi:

This series tries to address the buffer overflow caused by converting
from size_t to int in several nic model and net core. This is
CVE-2018-10839.

Please review.

Thanks

Reviewed-by: Michael S. Tsirkin <m...@redhat.com>


Applied.

Thanks

Jason Wang (4):
   ne2000: fix possible out of bound access in ne2000_receive
   rtl8139: fix possible out of bound access
   pcnet: fix possible buffer overflow
   net: ignore packet size greater than INT_MAX

  hw/net/ne2000.c  | 4 ++--
  hw/net/pcnet.c   | 4 ++--
  hw/net/rtl8139.c | 8 ++++----
  net/net.c        | 7 ++++++-
  4 files changed, 14 insertions(+), 9 deletions(-)

--
2.17.1

Re: [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than INT_MAX

Reply via email to