panda [Security] use-after-free in panda/hw/net/virtio-net.c

[Security] use-after-free in panda/hw/net/virtio-net.c

Open the-Chain-Warden-thresh opened this issue 1 year ago • 0 comments

I've found that this repo reuse some of the qemu code, and remains some unfixed CVE.ssize_t virtio_net_receive_rcu (NetClientState *nc,const uint8_t *buf,size_t size) in hw/net/virtio-net.c seems to be vunlerable to CVE-2021-3748. Would you please fix this so that I can use this repo safer?

Nov 01 '23 07:11 the-Chain-Warden-thresh

panda panda copied to clipboard

[Security] use-after-free in panda/hw/net/virtio-net.c

panda
panda copied to clipboard