Description: Race condition vulnerability in VOP driver
References:
Notes:
 From Red Hat Bugzilla: The VOP driver is "new" in the 4.6 kernel only
 in that the functionality was moved out of the host MIC driver into a
 new driver entirely with commit
 61e9c905df78c253752971e200f0ac6d8667dda6.  Prior to that, the
 functionality was in the drivers/misc/mic/host/mic_virtio.c host driver,
 which was introduced with commit f69bcbf3b4c4 (v3.13).
 .
 If you look at versions of the kernel prior to 4.6, you will see the
 code sequence that is fixed by the mentioned upstream patch is still in
 the host driver in the mic_copy_dp_entry function.  That needs to be
 patched with a similar fix.
 .
 Introduced in 3.13-rc1 with f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5
Bugs:
 https://bugzilla.kernel.org/show_bug.cgi?id=116651
upstream: released (4.7-rc1) [9bf292bfca94694a721449e3fd752493856710f6]
3.16-upstream-stable: released (3.16.37) [misc-mic-fix-for-double-fetch-security-bug-in-vop-driver.patch]
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.13-rc1 with f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5"
sid: released (4.6.1-1) [2a9369456a384d84c521c8ebb48d247e8738f84f]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/x86/misc-mic-fix-for-double-fetch-security-bug-in-vop-dr.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"