[CVE-2016-10088][Trusty SRU] Fix CVE-2016-10088

Po-Hsu Lin po-hsu.lin at canonical.com
Tue Jun 20 08:58:38 UTC 2017

This patch can be cherry-picked for Trusty, which is the only affected release.

You will see the if statement has been change to call uaccess_kernel() from the
upstream, which is commit db68ce10c4f0, I didn't pick it as this one looks ok.

Al Viro (1):
  sg_write()/bsg_write() is not fit to be called under KERNEL_DS

 block/bsg.c       |    3 +++
 drivers/scsi/sg.c |    3 +++
 2 files changed, 6 insertions(+)


More information about the kernel-team mailing list