+-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+ | On Thu, Oct 25, 2018 at 04:26:16PM +0530, P J P wrote: | > +-- On Thu, 25 Oct 2018, Gerd Hoffmann wrote --+ | > | We have a lovely, guest-triggerable buffer overflow in opl2 emulation. | > | | > | Reproducer: | > | outw(0xff60, 0x220); | > | outw(0x1020, 0x220); | > | outw(0xffb0, 0x220); | > | Result: | > | Will overflow FM_OPL->AR_TABLE[] (see hw/audio/fmopl.[ch]) | > | > + Reported-by: Wangjunqing <wangjunq...@huawei.com> | | So you have a CVE number for this ?
No, since the adlib device is not used as much and is being deprecated, I'm not inclined to get one. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
