subject:"\[PATCH v2 0\/9\] hw\/sd\/sdcard\: Fix CVE\-2020\-13253"

Re: [PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253

2020-07-14 Thread Philippe Mathieu-Daudé

On 7/13/20 8:32 PM, Philippe Mathieu-Daudé wrote: > This series fixes CVE-2020-13253 by only allowing SD card image > sizes power of 2, and not switching to SEND_DATA state when the > address is invalid (out of range). > > Patches missing review: > 3: boot_linux: Tag tests using a SD card with 'd

[PATCH v2 0/9] hw/sd/sdcard: Fix CVE-2020-13253

2020-07-13 Thread Philippe Mathieu-Daudé

This series fixes CVE-2020-13253 by only allowing SD card image sizes power of 2, and not switching to SEND_DATA state when the address is invalid (out of range). Patches missing review: 3: boot_linux: Tag tests using a SD card with 'device:sd' 4: boot_linux: Expand SD card image to power of 2