mirror of
https://git.yoctoproject.org/poky
synced 2026-03-10 01:09:40 +01:00
e50d61d7df
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. CVE-2023-3019-0002 is the CVE fix and CVE-2023-3019-0001 is dependent CVE fix. fix indent issue in qemu.inc file. CVE-2023-3019 patch required Mem ReenttranceyGuard structure definition, it's defined in commit:a2e1753b80but the patch is causing errors: Failed: qemux86 does not shutdown within timeout(120) so backported only required structure definition. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-3019 Upstream patches:7d0fefdf813c0463a650(From OE-Core rev: 3782e1b21882ffc5e4cc466418e066179470241e) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>