Trivial fix for CVE-2021-3507. Philippe Mathieu-Daudé (2): hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 hw/block/fdc.c | 8 ++++++++ tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ 2 files changed, 28 insertions(+) -- 2.31.1
ping for 6.2? On 11/18/21 12:57, Philippe Mathieu-Daudé wrote: > Trivial fix for CVE-2021-3507. > > Philippe Mathieu-Daudé (2): > hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) > tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 > > hw/block/fdc.c | 8 ++++++++ > tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ > 2 files changed, 28 insertions(+) >
On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: > Trivial fix for CVE-2021-3507. > > Philippe Mathieu-Daudé (2): > hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) > tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 > > hw/block/fdc.c | 8 ++++++++ > tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ > 2 files changed, 28 insertions(+) > Series Acked-by: Jon Maloy <jmaloy@redhat.com>
On Thu, Jan 27, 2022 at 3:11 PM Jon Maloy <jmaloy@redhat.com> wrote: > > > On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: > > Trivial fix for CVE-2021-3507. > > > > Philippe Mathieu-Daudé (2): > > hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) > > tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 > > > > hw/block/fdc.c | 8 ++++++++ > > tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ > > 2 files changed, 28 insertions(+) > > > Series > Acked-by: Jon Maloy <jmaloy@redhat.com> > I could have sworn that Philippe said that this patch was incomplete and to not merge it for 6.2, but maybe I mistook that for a different series. I seem to recall that this series didn't apply correctly in conjunction with the fix for 2021-20196, but if there was a followup, I missed it. --js
On 1/27/22 15:14, Jon Maloy wrote: > > On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: >> Trivial fix for CVE-2021-3507. >> >> Philippe Mathieu-Daudé (2): >> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) >> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 >> >> hw/block/fdc.c | 8 ++++++++ >> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ >> 2 files changed, 28 insertions(+) >> > Series > Acked-by: Jon Maloy <jmaloy@redhat.com> Philippe, I hear from other sources that you earlier have qualified this one as "incomplete". I am of course aware that this one, just like my own patch, is just a mitigation and not a complete correction of the erroneous calculation. Or did you have anything else in mind? Regards ///jon
Trying again with correct email address. ///jon On 2/6/22 14:15, Jon Maloy wrote: > > > On 1/27/22 15:14, Jon Maloy wrote: >> >> On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: >>> Trivial fix for CVE-2021-3507. >>> >>> Philippe Mathieu-Daudé (2): >>> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) >>> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 >>> >>> hw/block/fdc.c | 8 ++++++++ >>> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ >>> 2 files changed, 28 insertions(+) >>> >> Series >> Acked-by: Jon Maloy <jmaloy@redhat.com> > > Philippe, > I hear from other sources that you earlier have qualified this one as > "incomplete". > I am of course aware that this one, just like my own patch, is just a > mitigation and not a complete correction of the erroneous calculation. > Or did you have anything else in mind? > > Regards > ///jon >
On 06/02/2022 20.19, Jon Maloy wrote: > Trying again with correct email address. > ///jon > > On 2/6/22 14:15, Jon Maloy wrote: >> >> >> On 1/27/22 15:14, Jon Maloy wrote: >>> >>> On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: >>>> Trivial fix for CVE-2021-3507. >>>> >>>> Philippe Mathieu-Daudé (2): >>>> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) >>>> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 >>>> >>>> hw/block/fdc.c | 8 ++++++++ >>>> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ >>>> 2 files changed, 28 insertions(+) >>>> >>> Series >>> Acked-by: Jon Maloy <jmaloy@redhat.com> >> >> Philippe, >> I hear from other sources that you earlier have qualified this one as >> "incomplete". >> I am of course aware that this one, just like my own patch, is just a >> mitigation and not a complete correction of the erroneous calculation. >> Or did you have anything else in mind? Any news on this one? It would be nice to get the CVE fixed for 7.0 ? Thomas
On 3/10/22 12:14, Thomas Huth wrote: > On 06/02/2022 20.19, Jon Maloy wrote: >> Trying again with correct email address. >> ///jon >> >> On 2/6/22 14:15, Jon Maloy wrote: >>> >>> >>> On 1/27/22 15:14, Jon Maloy wrote: >>>> >>>> On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: >>>>> Trivial fix for CVE-2021-3507. >>>>> >>>>> Philippe Mathieu-Daudé (2): >>>>> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) >>>>> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 >>>>> >>>>> hw/block/fdc.c | 8 ++++++++ >>>>> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ >>>>> 2 files changed, 28 insertions(+) >>>>> >>>> Series >>>> Acked-by: Jon Maloy <jmaloy@redhat.com> >>> >>> Philippe, >>> I hear from other sources that you earlier have qualified this one >>> as "incomplete". >>> I am of course aware that this one, just like my own patch, is just >>> a mitigation and not a complete correction of the erroneous >>> calculation. >>> Or did you have anything else in mind? > > Any news on this one? It would be nice to get the CVE fixed for 7.0 ? > > Thomas > The ball is currently with John Snow, as I understand it. The concern is that this fix may not take the driver back to a consistent state, so that we may have other problems later. Maybe Philippe can chip in with a comment here? ///jon
On 10/03/2022 18.53, Jon Maloy wrote: > > On 3/10/22 12:14, Thomas Huth wrote: >> On 06/02/2022 20.19, Jon Maloy wrote: >>> Trying again with correct email address. >>> ///jon >>> >>> On 2/6/22 14:15, Jon Maloy wrote: >>>> >>>> >>>> On 1/27/22 15:14, Jon Maloy wrote: >>>>> >>>>> On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: >>>>>> Trivial fix for CVE-2021-3507. >>>>>> >>>>>> Philippe Mathieu-Daudé (2): >>>>>> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) >>>>>> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 >>>>>> >>>>>> hw/block/fdc.c | 8 ++++++++ >>>>>> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ >>>>>> 2 files changed, 28 insertions(+) >>>>>> >>>>> Series >>>>> Acked-by: Jon Maloy <jmaloy@redhat.com> >>>> >>>> Philippe, >>>> I hear from other sources that you earlier have qualified this one as >>>> "incomplete". >>>> I am of course aware that this one, just like my own patch, is just a >>>> mitigation and not a complete correction of the erroneous calculation. >>>> Or did you have anything else in mind? >> >> Any news on this one? It would be nice to get the CVE fixed for 7.0 ? >> >> Thomas >> > The ball is currently with John Snow, as I understand it. > The concern is that this fix may not take the driver back to a consistent > state, so that we may have other problems later. > Maybe Philippe can chip in with a comment here? John, Philippe, any ideas how to move this forward? Thomas
On Fri, Mar 18, 2022 at 2:50 PM Thomas Huth <thuth@redhat.com> wrote: > > On 10/03/2022 18.53, Jon Maloy wrote: > > > > On 3/10/22 12:14, Thomas Huth wrote: > >> On 06/02/2022 20.19, Jon Maloy wrote: > >>> Trying again with correct email address. > >>> ///jon > >>> > >>> On 2/6/22 14:15, Jon Maloy wrote: > >>>> > >>>> > >>>> On 1/27/22 15:14, Jon Maloy wrote: > >>>>> > >>>>> On 11/18/21 06:57, Philippe Mathieu-Daudé wrote: > >>>>>> Trivial fix for CVE-2021-3507. > >>>>>> > >>>>>> Philippe Mathieu-Daudé (2): > >>>>>> hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) > >>>>>> tests/qtest/fdc-test: Add a regression test for CVE-2021-3507 > >>>>>> > >>>>>> hw/block/fdc.c | 8 ++++++++ > >>>>>> tests/qtest/fdc-test.c | 20 ++++++++++++++++++++ > >>>>>> 2 files changed, 28 insertions(+) > >>>>>> > >>>>> Series > >>>>> Acked-by: Jon Maloy <jmaloy@redhat.com> > >>>> > >>>> Philippe, > >>>> I hear from other sources that you earlier have qualified this one as > >>>> "incomplete". > >>>> I am of course aware that this one, just like my own patch, is just a > >>>> mitigation and not a complete correction of the erroneous calculation. > >>>> Or did you have anything else in mind? > >> > >> Any news on this one? It would be nice to get the CVE fixed for 7.0 ? > >> > >> Thomas > >> > > The ball is currently with John Snow, as I understand it. > > The concern is that this fix may not take the driver back to a consistent > > state, so that we may have other problems later. > > Maybe Philippe can chip in with a comment here? > > John, Philippe, any ideas how to move this forward? > > Thomas > The ball is indeed in my court. I need to audit this properly and get the patch re-applied, and get tests passing. As a personal favor: Could you please ping me on IRC tomorrow about this? (Well, later today, for you.)
© 2016 - 2024 Red Hat, Inc.