diff --git a/Fix-the-missing-hmp_nbd_server_start-change-in-CVE-2.patch b/Fix-the-missing-hmp_nbd_server_start-change-in-CVE-2.patch new file mode 100644 index 0000000000000000000000000000000000000000..542367212c27b843c93433c5d68a49ad57d13020 --- /dev/null +++ b/Fix-the-missing-hmp_nbd_server_start-change-in-CVE-2.patch @@ -0,0 +1,26 @@ +From 8d0a13959c6dde9c73dd85add4a95a33d57b8d9a Mon Sep 17 00:00:00 2001 +From: xiao-yuliang +Date: Wed, 16 Oct 2024 10:50:44 +0800 +Subject: [PATCH] Fix the missing hmp_nbd_server_start change in CVE-2024-7409 + +--- + monitor/hmp-cmds.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c +index bf468fe8eb..c1ffaba0ce 100644 +--- a/monitor/hmp-cmds.c ++++ b/monitor/hmp-cmds.c +@@ -2365,7 +2365,8 @@ void hmp_nbd_server_start(Monitor *mon, const QDict *qdict) + goto exit; + } + +- nbd_server_start(addr, NULL, NULL, 0, &local_err); ++ nbd_server_start(addr, NULL, NULL, NBD_DEFAULT_MAX_CONNECTIONS, ++ &local_err); + qapi_free_SocketAddress(addr); + if (local_err != NULL) { + goto exit; +-- +2.28.0.windows.1 + diff --git a/qemu.spec b/qemu.spec index 1facaac15ab185fc0436288bbfb31b66a1a23440..878892ca5d6f334c719044bd739cf9be8dac83c5 100644 --- a/qemu.spec +++ b/qemu.spec @@ -1,6 +1,6 @@ Name: qemu Version: 4.1.0 -Release: 88 +Release: 89 Epoch: 10 Summary: QEMU is a generic and open source machine emulator and virtualizer License: GPLv2 and BSD and MIT and CC-BY-SA-4.0 @@ -429,6 +429,7 @@ Patch0416: system-physmem-Per-AddressSpace-bounce-buffering.patch Patch0417: qdev-properties-add-size32-property-type.patch Patch0418: softmmu-Support-concurrent-bounce-buffers-CVE-2024-8.patch Patch0419: mac_dbdma-Remove-leftover-dma_memory_unmap-calls-CVE.patch +Patch0420: Fix-the-missing-hmp_nbd_server_start-change-in-CVE-2.patch BuildRequires: flex BuildRequires: bison @@ -829,6 +830,9 @@ getent passwd qemu >/dev/null || \ %endif %changelog +* Mon Jan 06 2025 xiaoyuliang - 10:4.1.0-89 +- nbd: Fix the missing hmp_nbd_server_start change in CVE-2024-7409 + * Mon Oct 14 2024 Jiabo Feng - 10:4.1.0-88 - mac_dbdma: Remove leftover `dma_memory_unmap` calls(CVE-2024-8612) - softmmu: Support concurrent bounce buffers(CVE-2024-8612)