APPLIED: [SRU][Bionic][PATCH 0/1] Fix for CVE-2018-11506
Khaled Elmously
khalid.elmously at canonical.com
Wed Jul 25 05:12:44 UTC 2018
Applied to Bionic
On 2018-07-20 18:46:36 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11506.html
>
> Description
> The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel
> through 4.16.12 allows local users to cause a denial of service
> (stack-based buffer overflow) or possibly have unspecified other impact
> because sense buffers have different sizes at the CDROM layer and the SCSI
> layer, as demonstrated by a CDROMREADMODE2 ioctl call.
>
> Clean cherry-pick for Bionic.
>
> Jens Axboe (1):
> sr: pass down correctly sized SCSI sense buffer
>
> drivers/scsi/sr_ioctl.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list