Date: Fri, 7 May 2021 16:07:04 +0200 From: Mauro Matteo Cascella <mcascell@...hat.com> To: oss-security@...ts.openwall.com Cc: Remy Noel <remy.noel@...de-group.com> Subject: Re: CVE-2021-3527 QEMU: usb: unbounded stack allocation in usbredir On Wed, May 5, 2021 at 7:09 PM Mauro Matteo Cascella <mcascell@...hat.com> wrote: > > Upstream patchset: > https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg00564.html Note that the xhci patch was dropped  and a new USB patchset has been proposed without it . As discussed upstream, this could leave room for unbound allocation on the heap, although more difficult to exploit by the guest to crash the QEMU process on the host.  https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01372.html  https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01373.html -- Mauro Matteo Cascella Red Hat Product Security PGP-Key ID: BB3410B0
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.