Diffusion FreeBSD src repository bfe8e339eb77

bhyve: Fix a global buffer overread in the PCI hda device model.
bfe8e339eb77
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

bhyve: Fix a global buffer overread in the PCI hda device model.

hda_write did not validate the relative register offset before using
it as an index into the hda_set_reg_table array to lookup a function
pointer to execute after updating the register's value.

PR: 264435
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: corvink, markj, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38127

Details

Provenance

jhb	Authored on Jan 20 2023, 5:57 PM

Reviewer

Differential Revision

D38127: bhyve: Fix a global buffer overread in the PCI hda device model.

Parents

rG520590881667: Revert "ifconfig: abort if loading a module fails other than for ENOENT"

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rGbfe8e339eb77: bhyve: Fix a global buffer overread in the PCI hda device model. (authored by jhb).Jan 20 2023, 5:57 PM

jhb added an edge: D38127: bhyve: Fix a global buffer overread in the PCI hda device model..

jhb mentioned this in rGf31dc54deed4: bhyve: Fix a global buffer overread in the PCI hda device model..Jan 26 2023, 10:36 PM

Changes (1)

Path

Size

usr.sbin/

bhyve/

rGbfe8e339eb77

usr.sbin/bhyve/pci_hda.c

Loading...