ACK: [Xenial][SRU][CVE-2017-18232][PATCH 0/1] SAS DoS

Kamal Mostafa kamal at canonical.com
Mon Sep 30 15:48:40 UTC 2019


Port looks good to me.

Acked-by: Kamal Mostafa <kamal at canonical.com>

 -Kamal

On Fri, Sep 27, 2019 at 09:19:22AM -0700, Connor Kuehl wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18232.html
> 
> From the link above:
> 
> 	"The Serial Attached SCSI (SAS) implementation in the Linux kernel through
> 	4.15.9 mishandles a mutex within libsas, which allows local users to cause
> 	a denial of service (deadlock) by triggering certain error-handling
> 	code."
> 
> Context adjustment was required for one of the hunks (see the patch for
> more information).
> 
> Booted and modprobed libsas.
> 
> Jason Yan (1):
>   scsi: libsas: direct call probe and destruct
> 
>  drivers/scsi/libsas/sas_ata.c      |  1 -
>  drivers/scsi/libsas/sas_discover.c | 32 +++++++++++++++++-------------
>  drivers/scsi/libsas/sas_expander.c |  8 +++-----
>  drivers/scsi/libsas/sas_internal.h |  1 +
>  drivers/scsi/libsas/sas_port.c     |  3 +++
>  include/scsi/libsas.h              | 13 ++++++------
>  include/scsi/scsi_transport_sas.h  |  1 +
>  7 files changed, 32 insertions(+), 27 deletions(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team



More information about the kernel-team mailing list