openembedded-core.git - Mirror of openembedded-core

diff options

author	Daniel BORNAZ <daniel.bornaz@enea.com>	2014-07-17 14:24:11 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-07-19 00:08:50 +0100
commit	a84e1749b489cee5ea219799c35e29b6edead30f (patch)
tree	c3b5b5d2d04afd7a4bbe3626e499639ff275b654 /meta-skeleton
parent	687cfed641e6ce3d7e2de7e7b8ed55e0324743a6 (diff)
download	openembedded-core-a84e1749b489cee5ea219799c35e29b6edead30f.tar.gz openembedded-core-a84e1749b489cee5ea219799c35e29b6edead30f.tar.bz2 openembedded-core-a84e1749b489cee5ea219799c35e29b6edead30f.zip

qemu: security patch for CVE-2014-3471

Qemu PCIe bus support is vulnerable to a use-after-free flaw. It could occur via guest, when it tries to hotplug/hotunplug devices on the guest. A user able to add & delete Virtio block devices on a guest could use this flaw to crash the Qemu instance resulting in DoS. Originated-by: Marcel Apfelbaum <address@hidden> Updated the qemu recipe to include the security patch. Upstream-Status: Submitted Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta-skeleton')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: