Description: Memory corruption in SCSI generic device interface
References:
 https://marc.info/?l=linux-scsi&m=148010092224801&w=2
 https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff93b45/gistfile1.txt
Notes:
 bwh> This CVE is for the vulnerability fixed by commit a0ac402cfcdc
 bwh> "Don't feed anything but regular iovec's to blk_rq_map_user_iov",
 bwh> but that only addresses half the problem.  The remaining issue is
 bwh> covered by CVE-2016-10088, and commit 128394eff343 "sg_write()/
 bwh> bsg_write() is not fit to be called under KERNEL_DS" is a
 bwh> complete fix for both CVEs.
Bugs:
upstream: released (4.9) [a0ac402cfcdc904f9772e1762b3fda112dcc56a0]
3.16-upstream-stable: released (3.16.40) [sg_write-bsg_write-is-not-fit-to-be-called-under-kernel_ds.patch]
3.2-upstream-stable: released (3.2.85) [sg_write-bsg_write-is-not-fit-to-be-called-under-kernel_ds.patch]
sid: released (4.8.15-1)
3.16-jessie-security: released (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]