Description: scsi: libsas: defer ata device eh commands to libata
References:
 https://bugzilla.suse.com/show_bug.cgi?id=1089281#c1
Notes:
 carnil> Negligable security impact, failure can only occur for physically
 carnil> proximate attackers who unplug SAS Host Bus Adapter cables.
 bwh> The vulnerable code was added in Linux 3.4.
Bugs:
upstream: released (4.16-rc7) [318aaf34f1179b39fa9c30fa0f3288b645beee39]
4.9-upstream-stable: released (4.9.103) [e420d98384760f55ffac9951b9b5cccbf2edd752]
3.16-upstream-stable: released (3.16.58) [scsi-libsas-defer-ata-device-eh-commands-to-libata.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.15.17-1) [bugfix/all/scsi-libsas-defer-ata-device-eh-commands-to-libata.patch]
4.9-stretch-security: released (4.9.107-1)
3.16-jessie-security: released (3.16.59-1)
3.2-wheezy-security: N/A "Vulnerable code not present"