Fix CVE-2024-26327

2024-10-30 18:32:48 +08:00 · 2024-10-30 18:32:48 +08:00 · d9d04d29d7
parent 0a817841f8
commit d9d04d29d7
3 changed files with 30 additions and 1 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,10 +1,16 @@
+qemu (1:8.2.2+ds-ok2) nile; urgency=medium
+
+  * CVE-2024-26327
+
+ -- root <zengchi@kylinos.cn>  Wed, 30 Oct 2024 18:29:14 +0800
+
 qemu (1:8.2.2+ds-ok1) nile; urgency=medium

  * Sync upstream version.

 -- zhouganqing <zhouganqing@kylinos.cn>  Fri, 17 May 2024 15:15:53 +0800

-qemu (1:7.1.0-ok13ubuntu1) yangtze; urgency=medium
+qemu (1:7.1.0-ok14) yangtze; urgency=medium

  * CVE-2023-3354

--- a/debian/patches/0003-Fix-CVE-2024-26327.patch
+++ b/debian/patches/0003-Fix-CVE-2024-26327.patch
@ -0,0 +1,22 @@
+From: zeng_chi <11612732+zeng_chi@user.noreply.gitee.com>
+Date: Wed, 30 Oct 2024 18:32:48 +0800
+Subject: Fix CVE-2024-26327
+
+---
+ hw/pci/pcie_sriov.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/hw/pci/pcie_sriov.c b/hw/pci/pcie_sriov.c
+index a1fe65f..da209b7 100644
+--- a/hw/pci/pcie_sriov.c
+++ b/hw/pci/pcie_sriov.c
+@@ -176,6 +176,9 @@ static void register_vfs(PCIDevice *dev)
+ 
+     assert(sriov_cap > 0);
+     num_vfs = pci_get_word(dev->config + sriov_cap + PCI_SRIOV_NUM_VF);
+    if (num_vfs > pci_get_word(dev->config + sriov_cap + PCI_SRIOV_TOTAL_VF)) {
+        return;
+    }
+ 
+     dev->exp.sriov_pf.vf = g_new(PCIDevice *, num_vfs);
+ 
--- a/debian/patches/series
+++ b/debian/patches/series
@ -1,2 +1,3 @@
 0001-add-missing-files.patch
 0002-virtio-gpu-virgl-Add-support-for-virgl-video-acceler.patch
+0003-Fix-CVE-2024-26327.patch