Block layer patches (CVE-2024-4467)

[PULL 0/4] Block layer patches (CVE-2024-4467)

Kevin Wolf posted 4 patches 2 months, 1 week ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20240702163943.276618-1-kwolf@redhat.com

Maintainers: Kevin Wolf <kwolf@redhat.com>, Hanna Reitz <hreitz@redhat.com>

block.c                    | 90 +++++++++++++++++++++++++++++-----------------
block/qcow2.c              | 17 ++++++++-
tests/qemu-iotests/061     |  6 ++--
tests/qemu-iotests/061.out |  8 +++--
tests/qemu-iotests/244     | 19 ++++++++--
tests/qemu-iotests/270     | 14 ++++++--
6 files changed, 110 insertions(+), 44 deletions(-)

Expand all Fold all

[PULL 0/4] Block layer patches (CVE-2024-4467)

Posted by Kevin Wolf 2 months, 1 week ago

The following changes since commit c80a339587fe4148292c260716482dd2f86d4476:

  Merge tag 'pull-target-arm-20240701' of https://git.linaro.org/people/pmaydell/qemu-arm into staging (2024-07-01 10:41:45 -0700)

are available in the Git repository at:

  https://repo.or.cz/qemu/kevin.git tags/for-upstream

for you to fetch changes up to 7ead946998610657d38d1a505d5f25300d4ca613:

  block: Parse filenames only when explicitly requested (2024-07-02 18:12:30 +0200)

----------------------------------------------------------------
Block layer patches (CVE-2024-4467)

- Don't open qcow2 data files in 'qemu-img info'
- Disallow protocol prefixes for qcow2 data files, VMDK extent files and
  other child nodes that are neither 'file' nor 'backing'

----------------------------------------------------------------
Kevin Wolf (4):
      qcow2: Don't open data_file with BDRV_O_NO_IO
      iotests/244: Don't store data-file with protocol in image
      iotests/270: Don't store data-file with json: prefix in image
      block: Parse filenames only when explicitly requested

 block.c                    | 90 +++++++++++++++++++++++++++++-----------------
 block/qcow2.c              | 17 ++++++++-
 tests/qemu-iotests/061     |  6 ++--
 tests/qemu-iotests/061.out |  8 +++--
 tests/qemu-iotests/244     | 19 ++++++++--
 tests/qemu-iotests/270     | 14 ++++++--
 6 files changed, 110 insertions(+), 44 deletions(-)

Re: [PULL 0/4] Block layer patches (CVE-2024-4467)

Posted by Richard Henderson 2 months ago

On 7/2/24 09:39, Kevin Wolf wrote:
> The following changes since commit c80a339587fe4148292c260716482dd2f86d4476:
> 
>    Merge tag 'pull-target-arm-20240701' ofhttps://git.linaro.org/people/pmaydell/qemu-arm  into staging (2024-07-01 10:41:45 -0700)
> 
> are available in the Git repository at:
> 
>    https://repo.or.cz/qemu/kevin.git  tags/for-upstream
> 
> for you to fetch changes up to 7ead946998610657d38d1a505d5f25300d4ca613:
> 
>    block: Parse filenames only when explicitly requested (2024-07-02 18:12:30 +0200)
> 
> ----------------------------------------------------------------
> Block layer patches (CVE-2024-4467)
> 
> - Don't open qcow2 data files in 'qemu-img info'
> - Disallow protocol prefixes for qcow2 data files, VMDK extent files and
>    other child nodes that are neither 'file' nor 'backing'

Applied, thanks.  Please update https://wiki.qemu.org/ChangeLog/9.1 as appropriate.


r~