File CVE-2014-3689-qemut-vmware-vga-turn-off-hw-accel.patch of Package xen.5015

References: bsc#962611 CVE-2014-3689

Subject: vmware-vga: CVE-2014-3689: turn off hw accel
From: Gerd Hoffmann kraxel@redhat.com Mon Oct 6 11:42:34 2014 +0200
Date: Tue Oct 28 10:39:58 2014 +0100:
Git: 83afa38eb20ca27e30683edc7729880e091387fc

Quick & easy stopgap for CVE-2014-3689:  We just compile out the
hardware acceleration functions which lack sanity checks.  Thankfully
we have capability bits for them (SVGA_CAP_RECT_COPY and
SVGA_CAP_RECT_FILL), so guests should deal just fine, in theory.

Subsequent patches will add the missing checks and re-enable the
hardware acceleration emulation.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Don Koch <dkoch@verizon.com>

Index: xen-4.4.3-testing/tools/qemu-xen-traditional-dir-remote/hw/vmware_vga.c
===================================================================
--- xen-4.4.3-testing.orig/tools/qemu-xen-traditional-dir-remote/hw/vmware_vga.c
+++ xen-4.4.3-testing/tools/qemu-xen-traditional-dir-remote/hw/vmware_vga.c
@@ -28,8 +28,10 @@
 #define VERBOSE
 #define EMBED_STDVGA
 #undef DIRECT_VRAM
+#if 0
 #define HW_RECT_ACCEL
 #define HW_FILL_ACCEL
+#endif
 #define HW_MOUSE_ACCEL
 
 #ifdef EMBED_STDVGA

Places

File CVE-2014-3689-qemut-vmware-vga-turn-off-hw-accel.patch of Package xen.5015

Places