On Thu, Dec 16, 2021 at 6:55 PM Philippe Mathieu-Daudé
wrote:
>
> Fixes: CVE-2021-3929
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2020298
> Reported-by: Qiuhao Li
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> hw/nvme/ctrl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>
On Thu, Dec 16, 2021 at 06:55:10PM +0100, Philippe Mathieu-Daudé wrote:
> Async DMA requests might access MMIO regions and re-program the
> NVMe controller internal registers while DMA requests are still
> scheduled or in flight. Avoid that by prohibing the controller
> to access non-memories regio
Async DMA requests might access MMIO regions and re-program the
NVMe controller internal registers while DMA requests are still
scheduled or in flight. Avoid that by prohibing the controller
to access non-memories regions.
The bug has been audited looking at the following report from
Qiuhao Li: