From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001 From: takeshi_hoshina Date: Mon, 2 Nov 2020 11:07:33 +0900 Subject: basesystem-jj recipes --- .../qemu/qemu/CVE-2019-12155.patch | 38 ---------------------- 1 file changed, 38 deletions(-) delete mode 100644 external/poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch (limited to 'external/poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch') diff --git a/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch b/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch deleted file mode 100644 index 8a5ece51..00000000 --- a/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch +++ /dev/null @@ -1,38 +0,0 @@ -From d52680fc932efb8a2f334cc6993e705ed1e31e99 Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit -Date: Thu, 25 Apr 2019 12:05:34 +0530 -Subject: [PATCH] qxl: check release info object - -When releasing spice resources in release_resource() routine, -if release info object 'ext.info' is null, it leads to null -pointer dereference. Add check to avoid it. - -Reported-by: Bugs SysSec -Signed-off-by: Prasad J Pandit -Message-id: 20190425063534.32747-1-ppandit@redhat.com -Signed-off-by: Gerd Hoffmann - -Upstream-Status: Backport -https://git.qemu.org/?p=qemu.git;a=commit;h=d52680fc932efb8a2f334cc6993e705ed1e31e99 - -CVE: CVE-2019-12155 -Affects: <= 4.0.0 -Signed-off-by: Armin Kuster ---- - hw/display/qxl.c | 3 +++ - 1 file changed, 3 insertions(+) - -Index: qemu-3.0.0/hw/display/qxl.c -=================================================================== ---- qemu-3.0.0.orig/hw/display/qxl.c -+++ qemu-3.0.0/hw/display/qxl.c -@@ -764,6 +764,9 @@ static void interface_release_resource(Q - QXLReleaseRing *ring; - uint64_t *item, id; - -+ if (!ext.info) { -+ return; -+ } - if (ext.group_id == MEMSLOT_GROUP_HOST) { - /* host group -> vga mode update request */ - QXLCommandExt *cmdext = (void *)(intptr_t)(ext.info->id); -- cgit 1.2.3-korg