On Fri, 20 Dec 2024 11:49:55 +0800
Yunjian Wang wrote:
> The hdr->csum_start does two successive reads from user space to read a
> variable length data structure. The result overflow if the data structure
> changes between the two reads.
>
> To fix this, we can prevent double fetch issue by copy
The hdr->csum_start does two successive reads from user space to read a
variable length data structure. The result overflow if the data structure
changes between the two reads.
To fix this, we can prevent double fetch issue by copying virtio_hdr to
the temporary variable.
Fixes: 4dc4e33ffa10 ("ne
2 matches
Mail list logo
