a0b032ad85
Fixes the following security issues: CVE-2018-16872: A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
8 lines
459 B
Plaintext
8 lines
459 B
Plaintext
# Locally computed, tarball verified with GPG signature
|
|
sha256 d7c69fef3fb4bfbac99e3f2ac9fb8d6409db4faadf2e37337d544e3fdb4fde3a qemu-3.1.1.tar.xz
|
|
sha256 6f04ae8364d0079a192b14635f4b1da294ce18724c034c39a6a41d1b09df6100 COPYING
|
|
sha256 48ffe9fc7f1d5462dbd19340bc4dd1d8a9e37c61ed535813e614cbe4a5f0d4df COPYING.LIB
|
|
|
|
# Locally computed
|
|
sha256 61091767ffd16002e77f005155d096208094e69dee35e6d5ddcaa6c8a13b5e26 qemu-b517e1dc3125a57555d67a8deed9eac7b42288e2.tar.gz
|