[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen stable-4.3] net: avoid infinite loop when receiving packets(CVE-2015-5278)



*** New tip has no discernable common ancestor with previous history ***

commit b188780861662e8cf1847ec562799b32bb44f05e
Author:     P J P <pjp@xxxxxxxxxxxxxxxxx>
AuthorDate: Tue Sep 15 14:29:21 2015 +0000
Commit:     Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
CommitDate: Tue Sep 15 14:29:21 2015 +0000

    net: avoid infinite loop when receiving packets(CVE-2015-5278)
    
    Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
    bytes to process network packets. While receiving packets
    via ne2000_receive() routine, a local 'index' variable
    could exceed the ring buffer size, leading to an infinite
    loop situation.
    
    upstream-commit-id: 737d2b3c41d59eb8f94ab7eb419b957938f24943
    
    Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx>
    Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx>
    Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx>
    Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
--
generated by git-patchbot for /home/xen/git/qemu-xen.git#stable-4.3

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.