From a95e01904516f051cfcb6972fde720559a540bc0 Mon Sep 17 00:00:00 2001
From: Yonghua Huang <yonghua.huang@intel.com>
Date: Wed, 2 Dec 2020 00:02:39 +0800
Subject: [PATCH] doc: update 'asa.rst' for 2.3 release

  update fixed security issue for 2.3 release.

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
---
 doc/asa.rst | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/asa.rst b/doc/asa.rst
index b285e008c..01642cb8f 100644
--- a/doc/asa.rst
+++ b/doc/asa.rst
@@ -3,6 +3,22 @@
 Security Advisory
 #################
 
+Addressed in ACRN v2.3
+************************
+
+We recommend that all developers upgrade to this v2.3 release (or later), which
+addresses the following security issue that was discovered in previous releases:
+
+------
+
+- NULL Pointer Dereference in ``devicemodel\hw\pci\virtio\virtio_mei.c``
+   ``vmei_proc_tx()`` function tries to find the ``iov_base`` by calling
+   function ``paddr_guest2host()``, which may return NULL (the ``vd``
+   struct control by the User VM OS).  There is a use of ``iov_base``
+   afterward that can cause a NULL pointer dereference (CVE-2020-28346).
+
+   **Affected Release:** v2.2 and earlier.
+
 Addressed in ACRN v2.1
 ************************