From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:55683)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1TpEHM-0007Pu-BR
	for qemu-devel@nongnu.org; Sun, 30 Dec 2012 03:29:57 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1TpEHI-0007xA-TK
	for qemu-devel@nongnu.org; Sun, 30 Dec 2012 03:29:56 -0500
Received: from isrv.corpit.ru ([86.62.121.231]:44622)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1TpEHI-0007vr-MB
	for qemu-devel@nongnu.org; Sun, 30 Dec 2012 03:29:52 -0500
Message-ID: <50DFFB75.8090402@msgid.tls.msk.ru>
Date: Sun, 30 Dec 2012 12:29:41 +0400
From: Michael Tokarev <mjt@tls.msk.ru>
MIME-Version: 1.0
References: <20121205121317.GC6887@stefanha-thinkpad.redhat.com>
	<20121205183130.GA26052@inetric.com>
	<20121218134420.GC6697@stefanha-thinkpad.redhat.com>
	<50D097D6.1020008@msgid.tls.msk.ru>
	<CAJSP0QXsEBX4vzs0kdtAmgi71ksn+n+44Sq9NSUYm++u37fC9w@mail.gmail.com>
	<20121218173422.GA16762@inetric.com>
In-Reply-To: <20121218173422.GA16762@inetric.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on
 SBP|LPE
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Michael Contreras <michael@inetric.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>, kangli@virtualdevicetech.com, Andreas Faerber <afaerber@suse.de>, Anthony Liguori <anthony@codemonkey.ws>, qemu-devel <qemu-devel@nongnu.org>

18.12.2012 21:34, Michael Contreras =D0=BF=D0=B8=D1=88=D0=B5=D1=82:
> On Tue, Dec 18, 2012 at 05:49:16PM +0100, Stefan Hajnoczi wrote:
>> On Tue, Dec 18, 2012 at 5:20 PM, Michael Tokarev <mjt@tls.msk.ru> wrot=
e:
>>> On 18.12.2012 17:44, Stefan Hajnoczi wrote:
>>>> On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote:
>>>>> Discard packets longer than 16384 when !SBP to match the hardware b=
ehavior.
>>>>>
>>>>> Signed-off-by: Michael Contreras <michael@inetric.com>
>>>>> ---
>>>>>   hw/e1000.c | 7 +++++--
>>>>>   1 file changed, 5 insertions(+), 2 deletions(-)
>>>
>>> It looks like another very good candidate for -stable (up to quite so=
me
>>> releases of qemu ago), together with the previous similar patch.
>>
>> Yes, it's good for -stable.
>>
>> Stefan
>
> Thanks guys. Any update on the CVE number? Seems the KVM qemu git tree
> still has this vulnerability. Xen has the fix in their qemu unstable
> git mirror, but hasn't applied it yet either.

This issue has been assigned CVE-2012-6075.

qemu-kvm does not exist anymore, it is just an internal development
tree for qemu, sort of like a subsystem tree - there will be no
more qemu-kvm releases.

So we care only about qemu (main, older versions, incl. 0.12 and 0.15,
are also affected), old qemu-kvm, and xen.  CC'ing afaerber for 0.15.

Thank you!

/mjt