oss-sec mailing list archives
Re: Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array
From: Agostino Sarubbo <ago () gentoo org>
Date: Tue, 18 Dec 2018 12:14:00 +0100
On martedì 18 dicembre 2018 10:44:32 CET saar amar wrote:
Thanks all I'm happy it fixed, thanks for the response guys! I'm wondering why it says "DOS" and not "execute arbitrary code on the host, in the context of the QEMU process"? I have stack overflow, it pretty clear I could gain more than simple DOS:) What do your day?
Maybe because of the -fstack-protector* flag used by default in the build process. -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array P J P (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array saar amar (Dec 18)
- Re: Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array Agostino Sarubbo (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array P J P (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array saar amar (Dec 18)