qemu-stable
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/sd: sdhci: Do not transfer any data when command fails

From: Mauro Matteo Cascella
Subject: Re: [PATCH] hw/sd: sdhci: Do not transfer any data when command fails
Date: Fri, 12 Feb 2021 14:55:35 +0100 
On Thu, Feb 11, 2021 at 8:48 PM Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>
> On 2/11/21 9:52 AM, Mauro Matteo Cascella wrote:
> > Hello,
> >
> > On Wed, Feb 10, 2021 at 11:27 PM Alistair Francis <alistair23@gmail.com> 
> > wrote:
> >>
> >> On Tue, Feb 9, 2021 at 2:55 AM Bin Meng <bmeng.cn@gmail.com> wrote:
> >>>
> >>> At the end of sdhci_send_command(), it starts a data transfer if
> >>> the command register indicates a data is associated. However the
> >>> data transfer should only be initiated when the command execution
> >>> has succeeded.
> >>
> >> Isn't this already fixed?
>
> The previous patch was enough to catch the previous reproducer,
> but something changed elsewhere making the same reproducer crash
> QEMU again...
>
> > It turned out the bug was still reproducible on master. I'm actually
> > thinking of assigning a new CVE for this, to make it possible for
> > distros to apply this fix.
>
> It sounds fair. Do you have an ETA for the new CVE?

This is now CVE-2021-3409.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1928146



--
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]