blob: f23a71ecee4509811cb438a3ac939b3df33340e3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
mistranslation: 0.802
device: 0.522
graphic: 0.481
semantic: 0.478
network: 0.462
instruction: 0.435
vnc: 0.368
other: 0.334
socket: 0.326
boot: 0.240
assembly: 0.116
KVM: 0.024
CVE-2017-7471 repeated?
In the hw/9pfs/9p-proxy.c file I can see the following which is changed because of CVE-2017-7471 in the hw/9pfs/9p-local.c. I might be wrong but I guess that should be changed as well.
if(dir_path){
v9fs_path_sprintf(target,"%s/%s",dir_path->data,name);
}
else{
v9fs_path_sprintf(target,"%s",name);
}
When using the proxy backend, all accesses to the host filesystem are handled by an external process running in a chroot() jail. No need to bother about paths in this case.
CVE-2017-7471 is only applicable to the local backend, because accesses are handled by QEMU directly in this case.
|