diff options
Diffstat (limited to 'results/scraper/launchpad/1736376')
| -rw-r--r-- | results/scraper/launchpad/1736376 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/results/scraper/launchpad/1736376 b/results/scraper/launchpad/1736376 new file mode 100644 index 000000000..cbd8215b2 --- /dev/null +++ b/results/scraper/launchpad/1736376 @@ -0,0 +1,16 @@ +CVE-2017-7471 repeated? + +In the hw/9pfs/9p-proxy.c file I can see the following which is changed because of CVE-2017-7471 in the hw/9pfs/9p-local.c. I might be wrong but I guess that should be changed as well. + +if(dir_path){ +v9fs_path_sprintf(target,"%s/%s",dir_path->data,name); +} +else{ +v9fs_path_sprintf(target,"%s",name); +} + +When using the proxy backend, all accesses to the host filesystem are handled by an external process running in a chroot() jail. No need to bother about paths in this case. + +CVE-2017-7471 is only applicable to the local backend, because accesses are handled by QEMU directly in this case. + + |