+-- On Thu, 25 Oct 2018, Daniel P. Berrangé wrote --+
| On Thu, Oct 25, 2018 at 04:26:16PM +0530, P J P wrote:
| > +-- On Thu, 25 Oct 2018, Gerd Hoffmann wrote --+
| > | We have a lovely, guest-triggerable buffer overflow in opl2 emulation.
| > |
| > | Reproducer:
| > | outw(0xff60, 0x220);
| > | outw(0x1020, 0x220);
| > | outw(0xffb0, 0x220);
| > | Result:
| > | Will overflow FM_OPL->AR_TABLE[] (see hw/audio/fmopl.[ch])
| >
| > + Reported-by: Wangjunqing <wangjunqing(a)huawei.com>
|
| So you have a CVE number for this ?
No, since the adlib device is not used as much and is being deprecated, I'm
not inclined to get one.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F