On 12/21/25 05:43, zhenwei pi wrote:
From: zhenwei pi <[email protected]>
v2:
- Fix possible overflow
- Append tag "Fixes: CVE-2025-14876" in commit message
v1:
Fix two issues in this series:
- Verify asym request size from device level
- Limit the maximum size for cryptodev builtin driver
zhenwei pi (2):
hw/virtio/virtio-crypto: verify asym request size
cryptodev-builtin: Limit the maximum size
backends/cryptodev-builtin.c | 9 +++------
hw/virtio/virtio-crypto.c | 7 +++++++
2 files changed, 10 insertions(+), 6 deletions(-)
I'm picking these two patches up for qemu stable releases.
Please let me know if I shouldn't.
Thanks,
/mjt
