Hi, > I'll prepare a patch adding the usb_xhci_exit function and will > perform some more tests. Well, here is what I got after taking some hours to try to produce a patch for CVE-2016-7466[0]: * It is not possible to introduce the usb_xhci_exit function in qemu v1.1.2 as it has been done in qemu v2.2.0[1] because it would imply a significant code refactoring. For instance, the diff between hcd-xhci.c in qemu v1.1.2 and qemu v2.2.0 is 3841 lines long, although hcd-xhci.c itself in v1.1.2 is 2955 lines long ! * I'm not sure I'll be able to develop a patch alone in my assigned time because I'm far from being a C expert, and the code is far from being trivial. I haven't got any answer from the QEMU team, and it's quite unsure that upstream will be interested in taking time to patch the 1.1.2 version. So, if anybody wants to take time to work on this patch, or, at least, have a look at the issue, it would be helpful. I wanted to include a fix for this issue in my qemu/qemu-kvm upload, but if it takes too long, I'll have to put this issue aside. Cheers, Hugo [0] https://security-tracker.debian.org/tracker/CVE-2016-7466 [1] http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34 -- Hugo Lefeuvre (hle) | www.owl.eu.com 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
Attachment:
signature.asc
Description: PGP signature