1 files changed, 0 insertions, 41 deletions

diff --git a/emulators/qemu/patches/patch-CVE-2016-7907 b/emulators/qemu/patches/patch-CVE-2016-7907
deleted file mode 100644
index cdffc685634..00000000000
--- a/emulators/qemu/patches/patch-CVE-2016-7907
+++ /dev/null
@@ -1,41 +0,0 @@
-$NetBSD: patch-CVE-2016-7907,v 1.1 2016/10/30 14:48:00 spz Exp $
-
-from:
-https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05556.html
-
-From: Prasad J Pandit <address@hidden>
-
-i.MX Fast Ethernet Controller uses buffer descriptors to manage
-data flow to/fro receive & transmit queues. While transmitting
-packets, it could continue to read buffer descriptors if a buffer
-descriptor has length of zero and has crafted values in bd.flags.
-Set an upper limit to number of buffer descriptors.
-
-Reported-by: Li Qiang <address@hidden>
-
---- hw/net/imx_fec.c.orig	2016-09-02 15:34:19.000000000 +0000
-+++ hw/net/imx_fec.c
-@@ -220,6 +220,8 @@ static const VMStateDescription vmstate_
- #define PHY_INT_PARFAULT            (1 << 2)
- #define PHY_INT_AUTONEG_PAGE        (1 << 1)
- 
-+#define IMX_MAX_DESC                1024
-+
- static void imx_eth_update(IMXFECState *s);
- 
- /*
-@@ -402,12 +404,12 @@ static void imx_eth_update(IMXFECState *
- 
- static void imx_fec_do_tx(IMXFECState *s)
- {
--    int frame_size = 0;
-+    int frame_size = 0, descnt = 0;
-     uint8_t frame[ENET_MAX_FRAME_SIZE];
-     uint8_t *ptr = frame;
-     uint32_t addr = s->tx_descriptor;
- 
--    while (1) {
-+    while (descnt++ < IMX_MAX_DESC) {
-         IMXFECBufDesc bd;
-         int len;
-