From: "Michael S. Tsirkin" <mst@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Eric Auger <eric.auger@redhat.com>,
qemu-devel@nongnu.org, Wentao Liang <Wentao_Liang_g@163.com>
Subject: Re: [PATCH for-7.0] virtio-iommu: use-after-free fix
Date: Thu, 7 Apr 2022 10:50:09 -0400 [thread overview]
Message-ID: <20220407104905-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <CAFEAcA8upf6nA8dUPeAyY_Q-F_oscqZonPGCKT2OUZORcX4FuQ@mail.gmail.com>
On Thu, Apr 07, 2022 at 11:03:16AM +0100, Peter Maydell wrote:
> On Thu, 7 Apr 2022 at 10:52, Michael S. Tsirkin <mst@redhat.com> wrote:
> >
> > From: Wentao Liang <Wentao_Liang_g@163.com>
> >
> > A potential Use-after-free was reported in virtio_iommu_handle_command
> > when using virtio-iommu:
> >
> > > I find a potential Use-after-free in QEMU 6.2.0, which is in
> > > virtio_iommu_handle_command() (./hw/virtio/virtio-iommu.c).
>
> So, this isn't a regression. Do you think it's critically necessary
> it goes in 7.0, or is it in the category "put it into 7.0 if we
> need an rc4 for some other reason anyway" ?
>
> (I have a feeling we'll need an rc4, but we'll see.)
>
> thanks
> -- PMM
I am concerned it can be used to trigger a CVE but I could not
find a way. So I would say if there's an rc4 pls include it
but if not then we can pick it up in stable.
--
MST
next prev parent reply other threads:[~2022-04-07 14:51 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-07 9:51 [PATCH for-7.0] virtio-iommu: use-after-free fix Michael S. Tsirkin
2022-04-07 10:03 ` Peter Maydell
2022-04-07 14:50 ` Michael S. Tsirkin [this message]
2022-04-09 8:57 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220407104905-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=Wentao_Liang_g@163.com \
--cc=eric.auger@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.