Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
hw/scsi/scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467
] We are doing things like nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE); in the code here (e.g. in scsi_disk_emulate_mode_sense()), so if the blocksize is smaller than BDRV_SECTOR_SIZE (=512), this crashes with a division by 0 exception. Thus disallow block sizes of 256 bytes to avoid this situation. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1813 CVE: 2023-42467 Signed-off-by: Thomas Huth <thuth@redhat.com> Message-ID: <20230925091854.49198-1-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 7cfcc79) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
- Loading branch information