1 files changed, 15 insertions, 0 deletions

diff --git a/gitlab/issues/target_missing/host_missing/accel_missing/1171.toml b/gitlab/issues/target_missing/host_missing/accel_missing/1171.toml
new file mode 100644
index 000000000..8f56c25da
--- /dev/null
+++ b/gitlab/issues/target_missing/host_missing/accel_missing/1171.toml
@@ -0,0 +1,15 @@
+id = 1171
+title = "tulip: DMA reentrancy issue leads to stack overflow (CVE-2022-2962)"
+state = "closed"
+created_at = "2022-08-23T16:23:58.564Z"
+closed_at = "2022-09-14T21:02:00.854Z"
+labels = ["Networking", "Security"]
+url = "https://gitlab.com/qemu-project/qemu/-/issues/1171"
+host-os = "n/a"
+host-arch = "n/a"
+qemu-version = "n/a"
+guest-os = "n/a"
+guest-arch = "n/a"
+description = """A DMA reentrancy issue was found in the tulip emulation. When tulip reads or writes to  rx/tx descriptor ( tulip_desc_read/write ) or copies  rx/tx frame(tulip_copy_rx_bytes / tulip_copy_tx_buffers), it doesn't check whether the destination address is its own MMIO address. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host."""
+reproduce = "n/a"
+additional = "n/a"