multiboot: validate multiboot header address values - bwlp/qemu.git - Experimental fork of QEMU with video encoding patches

diff options

author	Prasad J Pandit	2017-09-07 08:32:56 +0200
committer	Paolo Bonzini	2017-09-19 14:09:33 +0200
commit	ed4f86e8b6eff8e600c69adee68c7cd34dd2cccb (patch)
tree	35e7cad7148de76b5a352782471920844ef5fa93 /scripts
parent	scsi/esp: Rename the ESP macro to ESP_STATE (diff)
download	qemu-ed4f86e8b6eff8e600c69adee68c7cd34dd2cccb.tar.gz qemu-ed4f86e8b6eff8e600c69adee68c7cd34dd2cccb.tar.xz qemu-ed4f86e8b6eff8e600c69adee68c7cd34dd2cccb.zip

multiboot: validate multiboot header address values

While loading kernel via multiboot-v1 image, (flags & 0x00010000) indicates that multiboot header contains valid addresses to load the kernel image. These addresses are used to compute kernel size and kernel text offset in the OS image. Validate these address values to avoid an OOB access issue. This is CVE-2017-14167. Reported-by: Thomas Garnier <thgarnie@google.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20170907063256.7418-1-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: