Overview

File CVE-2016-4020-qemuu-leakage-of-stack-memory-to-guest.patch of Package xen.11298

References: bsc#975907 CVE-2016-4020

When processing Task Priorty Register(TPR) access, it could leak
automatic stack variable 'imm32' in patch_instruction().
Initialise the variable to avoid it.

Reported by: Donghai Zdh <address@hidden>

Signed-off-by: Prasad J Pandit <address@hidden>
---
 hw/i386/kvmvapic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: xen-4.5.3-testing/tools/qemu-xen-dir-remote/hw/i386/kvmvapic.c
===================================================================
--- xen-4.5.3-testing.orig/tools/qemu-xen-dir-remote/hw/i386/kvmvapic.c
+++ xen-4.5.3-testing/tools/qemu-xen-dir-remote/hw/i386/kvmvapic.c
@@ -394,7 +394,7 @@ static void patch_instruction(VAPICROMSt
     CPUX86State *env = &cpu->env;
     VAPICHandlers *handlers;
     uint8_t opcode[2];
-    uint32_t imm32;
+    uint32_t imm32 = 0;
     target_ulong current_pc = 0;
     target_ulong current_cs_base = 0;
     int current_flags = 0;
openSUSE Build Service is sponsored by
Places