On Thu, Feb 11, 2021 at 8:48 PM Philippe Mathieu-Daudé <f4...@amsat.org> wrote:
>
> On 2/11/21 9:52 AM, Mauro Matteo Cascella wrote:
> > Hello,
> >
> > On Wed, Feb 10, 2021 at 11:27 PM Alistair Francis <alistai...@gmail.com> 
> > wrote:
> >>
> >> On Tue, Feb 9, 2021 at 2:55 AM Bin Meng <bmeng...@gmail.com> wrote:
> >>>
> >>> At the end of sdhci_send_command(), it starts a data transfer if
> >>> the command register indicates a data is associated. However the
> >>> data transfer should only be initiated when the command execution
> >>> has succeeded.
> >>
> >> Isn't this already fixed?
>
> The previous patch was enough to catch the previous reproducer,
> but something changed elsewhere making the same reproducer crash
> QEMU again...
>
> > It turned out the bug was still reproducible on master. I'm actually
> > thinking of assigning a new CVE for this, to make it possible for
> > distros to apply this fix.
>
> It sounds fair. Do you have an ETA for the new CVE?

This is now CVE-2021-3409.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1928146



--
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0


Reply via email to