On 1/27/22 15:14, Jon Maloy wrote:
On 11/18/21 06:57, Philippe Mathieu-Daudé wrote:
Trivial fix for CVE-2021-3507.
Philippe Mathieu-Daudé (2):
hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507)
tests/qtest/fdc-test: Add a regression test for CVE-2021-3507
hw/block/fdc.c | 8 ++++++++
tests/qtest/fdc-test.c | 20 ++++++++++++++++++++
2 files changed, 28 insertions(+)
Series
Acked-by: Jon Maloy <jma...@redhat.com>
Philippe,
I hear from other sources that you earlier have qualified this one as
"incomplete".
I am of course aware that this one, just like my own patch, is just a
mitigation and not a complete correction of the erroneous calculation.
Or did you have anything else in mind?
Regards
///jon
