Re: [Xen-devel] Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy

Michael Young Fri, 10 Feb 2017 14:16:10 -0800

On Fri, 10 Feb 2017, Xen.org security team wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


           Xen Security Advisory CVE-2017-2615 / XSA-208

                  oob access in cirrus bitblt copy

The qemu-xen-traditional patch is malformed, as the file it tries to patchis at the xen-qemu location and the before and after line counts arewrong, so


--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -307,11 +307,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,

should be (if I have got the offset right)

--- a/hw/cirrus_vga.c
+++ b/hw/cirrus_vga.c
@@ -308,10 +308,9 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s,

        Michael Young

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: [Xen-devel] Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy

Reply via email to