diff options
author | Ariadne Conill <ariadne@dereferenced.org> | 2021-05-04 16:51:04 -0600 |
---|---|---|
committer | Ariadne Conill <ariadne@dereferenced.org> | 2021-05-04 16:51:31 -0600 |
commit | 76bd06da608677a8e5d05549d914632b03248442 (patch) | |
tree | acb8c1835d587aeaec6b3e9779a49200372c1522 | |
parent | ed5c5416f115842b6c9068f6d5b55fe2180882da (diff) |
community/qemu: add mitigation for CVE-2021-20255
-rw-r--r-- | community/qemu/APKBUILD | 13 | ||||
-rw-r--r-- | community/qemu/CVE-2021-20255.patch | 43 |
2 files changed, 53 insertions, 3 deletions
diff --git a/community/qemu/APKBUILD b/community/qemu/APKBUILD index a27467ebea1..2da854e1ee6 100644 --- a/community/qemu/APKBUILD +++ b/community/qemu/APKBUILD @@ -4,7 +4,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=qemu pkgver=6.0.0 -pkgrel=0 +pkgrel=1 pkgdesc="QEMU is a generic machine emulator and virtualizer" url="https://qemu.org/" arch="all" @@ -177,6 +177,8 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch + CVE-2021-20255.patch + $pkgname-guest-agent.confd $pkgname-guest-agent.initd 80-kvm.rules @@ -184,6 +186,8 @@ source="https://wiki.qemu-project.org/download/qemu-$pkgver.tar.xz " # secfixes: +# 6.0.0-r1: +# - CVE-2021-20255 # 5.1.0-r1: # - CVE-2020-14364 # 2.8.1-r1: @@ -395,7 +399,8 @@ _all_modules() { mkdir -p "$subpkgdir" } -sha512sums="ee3ff00aebec4d8891d2ff6dabe4e667e510b2a4fe3f6190aa34673a91ea32dcd2db2e9bf94c2f1bf05aa79788f17cfbbedc6027c0988ea08a92587b79ee05e4 qemu-6.0.0.tar.xz +sha512sums=" +ee3ff00aebec4d8891d2ff6dabe4e667e510b2a4fe3f6190aa34673a91ea32dcd2db2e9bf94c2f1bf05aa79788f17cfbbedc6027c0988ea08a92587b79ee05e4 qemu-6.0.0.tar.xz 98db5e23397cfad4a7210f9f7e1c5fa5c48f065785439521c5b39325c429f2dc367c40925adff6aa8677b3192a1a98a30e93d5b9c879df523deb019c40edd9d9 0006-linux-user-signal.c-define-__SIGRTMIN-MAX-for-non-GN.patch 1ac043312864309e19f839a699ab2485bca51bbf3d5fdb39f1a87b87e3cbdd8cbda1a56e6b5c9ffccd65a8ac2f600da9ceb8713f4dbba26f245bc52bcd8a1c56 0001-linux-user-fix-build-with-musl-on-aarch64.patch 224f5b44da749921e8a821359478c5238d8b6e24a9c0b4c5738c34e82f3062ec4639d495b8b5883d304af4a0d567e38aa6623aac1aa3a7164a5757c036528ac0 musl-F_SHLCK-and-F_EXLCK.patch @@ -407,7 +412,9 @@ d7de79ea74e36702cac4a59e472564a55f0a663be7e63c3755e32b4b5dfbc04b390ee79f09f43f6a d6b81846cefd46b8fd1fb04450d4898f97dc77d11e049fb1bc8e2553bbb88c8325151d0e4bec70cc6820a5863c1d1749b99100b4747d91182856c3ca1946cb28 guest-agent-shutdown.patch 9541a94685cfe411120c4073e6714fd3e307d8a4954e7a760532224b3b018fc8948ee03f2338edbb6626b20b751263249c731ac1de83333048d80982371e1874 0001-virtio-host-input-use-safe-64-bit-time-accessors-for.patch be84d316ebe4ec883e4d02a05721be5b5d478aaa5897bb8cf25431a893397b6834e46253f139b7b94d0f4186c0c90bba78968deb47a82fc06865097f8f4d7a1a 0002-virtio-user-input-use-safe-64-bit-time-accessors-for.patch +e9389a6e3b2c3b59f66ea13eb7a3515e87341a68ca14afeb1ddd0084717bf4a13f5f58dc41dadbf0f2faf8fe1ae94ba7d1469c41539c79e45fa1624c6081e904 CVE-2021-20255.patch d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f qemu-guest-agent.confd 1cd24c2444c5935a763c501af2b0da31635aad9cf62e55416d6477fcec153cddbe7de205d99616def11b085e0dd366ba22463d2270f831d884edbc307c7864a6 qemu-guest-agent.initd 9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2 80-kvm.rules -749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf" +749efa2e764006555b4fd3a8e2f6d1118ad2ea4d45acf99104a41a93cfe66dc9685f72027c17d8211e5716246c2a52322c962cf4b73b27541b69393cd57f53bb bridge.conf +" diff --git a/community/qemu/CVE-2021-20255.patch b/community/qemu/CVE-2021-20255.patch new file mode 100644 index 00000000000..970c00ceb7a --- /dev/null +++ b/community/qemu/CVE-2021-20255.patch @@ -0,0 +1,43 @@ +CVE-2021-20255 patch adapted from QEMU patch by Stefan Weil + +Link: https://bugzilla.redhat.com/show_bug.cgi?id=1930646 + +Signed-off-by: Neha Agarwal <nehaagarwal@microsoft.com> +--- +diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c +index 16e95ef9cc..2474cf3dc2 100644 +--- a/hw/net/eepro100.c ++++ b/hw/net/eepro100.c +@@ -279,6 +279,9 @@ typedef struct { + /* Quasi static device properties (no need to save them). */ + uint16_t stats_size; + bool has_extended_tcb_support; ++ ++ /* Flag to avoid recursions. */ ++ bool busy; + } EEPRO100State; + + /* Word indices in EEPROM. */ +@@ -837,6 +840,14 @@ static void action_command(EEPRO100State *s) + Therefore we limit the number of iterations. */ + unsigned max_loop_count = 16; + ++ if (s->busy) { ++ /* Prevent recursions. */ ++ logout("recursion in %s:%u\n", __FILE__, __LINE__); ++ return; ++ } ++ ++ s->busy = true; ++ + for (;;) { + bool bit_el; + bool bit_s; +@@ -933,6 +944,7 @@ static void action_command(EEPRO100State *s) + } + TRACE(OTHER, logout("CU list empty\n")); + /* List is empty. Now CU is idle or suspended. */ ++ s->busy = false; + } + + static void eepro100_cu_command(EEPRO100State * s, uint8_t val) |