qemu/virtio at 92c89f9f7adb5bd35ff1df42f2bddda63ea3762a - qemu - openSUSE Gitea

dfaggioli/qemu

Files

History

zhenwei pi 47414315b2 virtio-crypto: verify src&dst buffer length for sym request bsc#1213925 (CVE-2023-3180)

For symmetric algorithms, the length of ciphertext must be as same
as the plaintext.
The missing verification of the src_len and the dst_len in
virtio_crypto_sym_op_helper() may lead buffer overflow/divulged.

This patch is originally written by Yiming Tao for QEMU-SECURITY,
resend it(a few changes of error message) in qemu-devel.

Fixes: CVE-2023-3180
Fixes: 04b9b37edda("virtio-crypto: add data queue processing handler")
Cc: Gonglei <arei.gonglei@huawei.com>
Cc: Mauro Matteo Cascella <mcascell@redhat.com>
Cc: Yiming Tao <taoym@zju.edu.cn>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20230803024314.29962-2-pizhenwei@bytedance.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
(cherry picked from commit 9d38a84347)
References: bsc#1213925
References: CVE-2023-3180
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>

2023-10-06 15:50:54 +02:00

..

Kconfig

vhost-user-rng: Add vhost-user-rng implementation

2021-10-20 04:37:55 -04:00

meson.build

vhost-user-rng-pci: Add vhost-user-rng-pci implementation

2021-10-20 04:37:55 -04:00

trace-events

vdpa: Check for iova range at mappings changes

2021-10-20 04:37:55 -04:00

trace.h

trace: switch position of headers to what Meson requires

2020-08-21 06:18:24 -04:00

vhost-backend.c

hw/virtio: move vhost_set_backend_type() to vhost.c

2021-09-04 09:07:46 -04:00

vhost-scsi-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

vhost-stub.c

vhost-user: simplify vhost_user_init/vhost_user_cleanup

2019-03-12 21:22:31 -04:00

vhost-user-blk-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

vhost-user-fs-pci.c

vhost-user-fs: add the "bootindex" property

2021-01-13 09:06:37 -05:00

vhost-user-fs.c

vhost: Add Error parameter to vhost_dev_init()

2021-06-30 13:15:44 +02:00

vhost-user-i2c-pci.c

hw/virtio: add vhost-user-i2c-pci boilerplate

2021-07-16 11:10:45 -04:00

vhost-user-i2c.c

hw/virtio: add boilerplate for vhost-user-i2c device

2021-07-16 11:10:40 -04:00

vhost-user-input-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

vhost-user-rng-pci.c

vhost-user-rng-pci: Add vhost-user-rng-pci implementation

2021-10-20 04:37:55 -04:00

vhost-user-rng.c

vhost-user-rng: Add vhost-user-rng implementation

2021-10-20 04:37:55 -04:00

vhost-user-scsi-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

vhost-user-vsock-pci.c

vhost-user-vsock-pci: force virtio version 1

2020-09-29 02:15:24 -04:00

vhost-user-vsock.c

vhost-vsock: handle common features in vhost-vsock-common

2021-10-05 17:30:57 -04:00

vhost-user.c

vhost-user: fix duplicated notifier MR init

2021-10-20 04:37:55 -04:00

vhost-vdpa.c

vhost: Rename last_index to vq_index_end

2021-11-11 03:13:05 -05:00

vhost-vsock-common.c

vhost-vsock: detach the virqueue element in case of error

2023-07-31 19:20:26 +02:00

vhost-vsock-pci.c

vhost-vsock-pci: force virtio version 1

2020-09-29 02:15:24 -04:00

vhost-vsock.c

vhost-vsock: handle common features in vhost-vsock-common

2021-10-05 17:30:57 -04:00

vhost.c

memory: Name all the memory listeners

2021-09-30 15:30:24 +02:00

virtio-9p-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-balloon-pci.c

hw/virtio/virtio-balloon: Remove the "class" property

2021-02-05 08:52:59 -05:00

virtio-balloon.c

virtio-balloon: correct used length

2021-11-29 08:49:36 -05:00

virtio-blk-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-bus.c

virtio-bus: introduce iommu_enabled()

2021-09-04 16:35:17 -04:00

virtio-crypto-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-crypto.c

virtio-crypto: verify src&dst buffer length for sym request bsc#1213925 (CVE-2023-3180)

2023-10-06 15:50:54 +02:00

virtio-input-host-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-input-pci.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

virtio-iommu-pci.c

virtio-iommu: Drop base_name and change generic_name

2021-10-20 04:37:55 -04:00

virtio-iommu.c

virtio-iommu: Handle non power of 2 range invalidations

2021-03-12 12:40:10 +00:00

virtio-mem-pci.c

qapi: Include qom-path in MEMORY_DEVICE_SIZE_CHANGE qapi events

2021-10-02 08:43:21 +02:00

virtio-mem-pci.h

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-mem.c

virtio-mem: Drop precopy notifier

2021-11-01 22:56:44 +01:00

virtio-mmio.c

virtio-mmio : fix the crash in the vm shutdown

2021-11-28 17:03:52 -05:00

virtio-net-pci.c

virtio-net: calculating proper msix vectors on init

2021-03-15 16:41:22 +08:00

virtio-pci.c

qbus: Rename qbus_create_inplace() to qbus_init()

2021-09-30 13:42:10 +01:00

virtio-pci.h

virtio-pci: compat page aligned ATS

2021-04-06 07:11:36 -04:00

virtio-pmem-pci.c

virtio-pmem-pci: force virtio version 1

2020-09-29 02:14:30 -04:00

virtio-pmem-pci.h

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-pmem.c

virtio-pmem: fix virtio_pmem_resp assign problem

2021-03-22 10:17:53 -04:00

virtio-rng-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-rng.c

sysemu: Let VMChangeStateHandler take boolean 'running' argument

2021-03-09 23:13:57 +01:00

virtio-scsi-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio-serial-pci.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

virtio.c

virtio: use virtio accessor to access packed event

2021-11-15 09:44:46 -05:00