[PATCH for-9.1 v3 0/2] NBD CVE-2024-7409

Eric Blake posted 2 patches 3 months, 2 weeks ago
include/block/nbd.h |  4 +++-
blockdev-nbd.c      | 39 +++++++++++++++++++++++++++++++++++++--
nbd/server.c        | 15 ++++++++++++---
qemu-nbd.c          |  2 +-
4 files changed, 53 insertions(+), 7 deletions(-)
[PATCH for-9.1 v3 0/2] NBD CVE-2024-7409
Posted by Eric Blake 3 months, 2 weeks ago
v2 was here:
https://lists.gnu.org/archive/html/qemu-devel/2024-08/msg00253.html

Since then:
 - CVE number assigned
 - drop old patch 1. Instead of tracking nbd_server generation, the
   code now ensures that nbd_server can't be set to NULL until all
   clients have disconnected
 - rewrite to force qio shutdown coupled with AIO_WAIT to ensure all
   clients actually disconnect quickly (from the server's
   perspective. A client may still hold its socket open longer, but
   will eventually see EPIPE or EOF when finally using it)
 - patch 2 is optional, although I like the notion of a doubly-linked
   list (where the client has to remember an opaque pointer) over a
   singly-linked one (where the client is unchanged, but a lot of
   repeated client connect/disconnect over a long-lived server can
   chew up memory and slow down the eventual nbd-server-stop)

Eric Blake (2):
  nbd: CVE-2024-7409: Close stray client sockets at server shutdown
  nbd: Clean up clients more efficiently

 include/block/nbd.h |  4 +++-
 blockdev-nbd.c      | 39 +++++++++++++++++++++++++++++++++++++--
 nbd/server.c        | 15 ++++++++++++---
 qemu-nbd.c          |  2 +-
 4 files changed, 53 insertions(+), 7 deletions(-)

-- 
2.45.2