This series contains 3 fixes for issues spotted by Claude Code. The first one is to avoid out-of-bound accesses in virtqueues array in the case we have the maximum supported queue pairs and control queue.
Second one is a security issue that could result in theory in a denial of service, but a CVE was not created because the control queue support cannot currently be negotiated with the Kernel VDUSE driver. Last patch is fixing mmap error handling in the VDUSE IOTLB miss handler. Maxime Coquelin (3): vhost: fix virtqueue array size for control queue vhost: fix descriptor chain bounds check in control queue vhost: fix mmap error check in VDUSE IOTLB miss handler lib/vhost/vduse.c | 5 +++-- lib/vhost/vhost.h | 5 +++-- lib/vhost/virtio_net_ctrl.c | 22 ++++++++++++++++++++-- 3 files changed, 26 insertions(+), 6 deletions(-) -- 2.52.0
