From: Richard Purdie <richard.purdie@linuxfoundation.org>
To: Steve Sakoman <steve@sakoman.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][kirkstone 01/29] qemu: CVE-2022-35414 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash
Date: Tue, 02 Aug 2022 15:41:11 +0100 [thread overview]
Message-ID: <8470e905aa3fbdcf2cd34594b4e06800dcfd1683.camel@linuxfoundation.org> (raw)
In-Reply-To: <5f236e744b5b528bdf8d95c9580c273f63c04452.1659105705.git.steve@sakoman.com>
On Fri, 2022-07-29 at 04:46 -1000, Steve Sakoman wrote:
> From: Hitendra Prajapati <hprajapati@mvista.com>
>
> Source: https://github.com/qemu/qemu
> MR: 119830
> Type: Security Fix
> Disposition: Backport from https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c
> ChangeID: 41d6646e06319e629da574b9b2e8a3a197a73441
> Description:
> CVE-2022-35414 qemu: can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash.
>
> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
> ---
> meta/recipes-devtools/qemu/qemu.inc | 1 +
> .../qemu/qemu/CVE-2022-35414.patch | 53 +++++++++++++++++++
> 2 files changed, 54 insertions(+)
> create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2022-35414.patch
This isn't fixed in master yet?
Cheers,
Richard
next prev parent reply other threads:[~2022-08-02 14:41 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-29 14:46 [OE-core][kirkstone 00/29] Patch review Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 01/29] qemu: CVE-2022-35414 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash Steve Sakoman
2022-08-02 14:41 ` Richard Purdie [this message]
2022-08-02 17:13 ` Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 02/29] libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 03/29] mkfontscale: upgrade 1.2.1 -> 1.2.2 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 04/29] xdpyinfo: upgrade 1.3.2 -> 1.3.3 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 05/29] xorg-app: Tweak handling of compression changes in SRC_URI Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 06/29] xev: update 1.2.4 -> 1.2.5 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 07/29] xmodmap: update 1.0.10 -> 1.0.11 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 08/29] xf86-input-synaptics: update 1.9.1 -> 1.9.2 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 09/29] encodings: update 1.0.5 -> 1.0.6 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 10/29] font-util: update 1.3.2 -> 1.3.3 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 11/29] xserver-xorg: update 21.1.3 -> 21.1.4 Steve Sakoman
2022-08-02 5:56 ` Marta Rybczynska
2022-08-02 5:57 ` Marta Rybczynska
2022-08-02 14:09 ` Steve Sakoman
2022-08-02 14:37 ` Steve Sakoman
[not found] ` <17078DEC65A79A88.27835@lists.openembedded.org>
2022-08-02 14:57 ` Steve Sakoman
2022-08-02 16:19 ` Marta Rybczynska
2022-08-02 17:06 ` Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 12/29] linux-firmware: update 20220610 -> 20220708 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 13/29] libuv: upgrade 1.44.1 -> 1.44.2 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 14/29] log4cplus: upgrade 2.0.7 -> 2.0.8 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 15/29] vala: upgrade 0.56.0 -> 0.56.1 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 16/29] vala: upgrade 0.56.1 -> 0.56.2 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 17/29] webkitgtk: upgrade 2.36.3 -> 2.36.4 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 18/29] xwayland: upgrade 22.1.1 -> 22.1.2 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 19/29] xwayland: upgrade 22.1.2 -> 22.1.3 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 20/29] epiphany: upgrade 42.2 -> 42.3 Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 21/29] oeqa/runtime: add test that the kernel has CONFIG_PREEMPT_RT enabled Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 22/29] wic/plugins/rootfs: Fix NameError for 'orig_path' Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 23/29] systemd: Added base_bindir into pkg_postinst:udev-hwdb Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 24/29] udev-extraconf:mount.sh: fix a umount issue Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 25/29] perf: fix reproduciblity in older releases of Linux Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 26/29] base/reproducible: Change Source Date Epoch generation methods Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 27/29] efivar: fix import functionality Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 28/29] bind: Remove legacy python3 PACKAGECONFIG code Steve Sakoman
2022-07-29 14:46 ` [OE-core][kirkstone 29/29] initscripts: run umountnfs as a KILL script Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8470e905aa3fbdcf2cd34594b4e06800dcfd1683.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=openembedded-core@lists.openembedded.org \
--cc=steve@sakoman.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox