Skip to content
Commit fca5f37f authored by Prasad J Pandit's avatar Prasad J Pandit Committed by Michael Roth
Browse files

multiboot: validate multiboot header address values 



While loading kernel via multiboot-v1 image, (flags & 0x00010000)
indicates that multiboot header contains valid addresses to load
the kernel image. These addresses are used to compute kernel
size and kernel text offset in the OS image. Validate these
address values to avoid an OOB access issue.

This is CVE-2017-14167.

Reported-by: default avatarThomas Garnier <thgarnie@google.com>
Signed-off-by: default avatarPrasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170907063256.7418-1-ppandit@redhat.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit ed4f86e8)
Signed-off-by: default avatarMichael Roth <mdroth@linux.vnet.ibm.com>
parent 2965be1f
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment