Date: Mon, 29 Aug 2022 22:38:26 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264521 --- Comment #4 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=bb31aee26bd13307d97c5d5bf2b10bf05bdc18fd commit bb31aee26bd13307d97c5d5bf2b10bf05bdc18fd Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2022-08-29 22:36:11 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2022-08-29 22:37:27 +0000 bhyve virtio-scsi: Avoid out of bounds accesses to guest requests. - Ignore I/O requests with insufficiently sized input or output buffers (those not containing compete request headers). - Ignore control requests with improperly sized buffers. - While here, explicitly zero the output header of an I/O request to avoid leaking malloc garbage from the host if the header is not fully populated. PR: 264521 Reported by: Robert Morris <firstname.lastname@example.org> Reviewed by: mav, emaste MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D36271 usr.sbin/bhyve/pci_virtio_scsi.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) -- You are receiving this mail because: You are on the CC list for the bug.