qemu: fix CVE-2024-7409
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-7409 Upstream Patches: https://github.com/qemu/qemu/commit/fb1c2aaa981e0a2fa6362c9985f1296b74f055ac https://github.com/qemu/qemu/commit/c8a76dbd90c2f48df89b75bef74917f90a59b623 https://gitlab.com/qemu-project/qemu/-/commit/b9b72cb3ce15b693148bd09cef7e50110566d8a0 https://gitlab.com/qemu-project/qemu/-/commit/3e7ef738c8462c45043a1d39f702a0990406a3b3 (From OE-Core rev: d84ab04dc66cb83638f96fcd2f4c67e67489c410) Signed-off-by:Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by:
Steve Sakoman <steve@sakoman.com>
Showing
- meta/recipes-devtools/qemu/qemu.inc 4 additions, 0 deletionsmeta/recipes-devtools/qemu/qemu.inc
- meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0001.patch 162 additions, 0 deletionsmeta/recipes-devtools/qemu/qemu/CVE-2024-7409-0001.patch
- meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0002.patch 174 additions, 0 deletionsmeta/recipes-devtools/qemu/qemu/CVE-2024-7409-0002.patch
- meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0003.patch 122 additions, 0 deletionsmeta/recipes-devtools/qemu/qemu/CVE-2024-7409-0003.patch
- meta/recipes-devtools/qemu/qemu/CVE-2024-7409-0004.patch 163 additions, 0 deletionsmeta/recipes-devtools/qemu/qemu/CVE-2024-7409-0004.patch
Loading
Please register or sign in to comment