blob: eaf0bc92f298cd8edbe42250a2d279f9e58fe430 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
Description: DoS via infinite loop with a zero-length biovec request issued by the block subsystem
References:
https://www.openwall.com/lists/oss-security/2020/09/30/1
Notes:
carnil> The commit mentions that this was broken in 1bdc76aea115
carnil> "iov_iter: use bvec iterator to implement iterate_bvec()" in
carnil> 4.8-rc1, the fixing commit was backported to various stable
carnil> versions 4.9.236, v4.14.197, 4.19.144, 5.4.64, and 5.8.8.
Bugs:
upstream: released (5.9-rc4) [7e24969022cbd61ddc586f14824fc205661bb124]
4.19-upstream-stable: released (4.19.144) [b48bcb664b657ae94b19c0728978c88e012f7a37]
4.9-upstream-stable: released (4.9.236) [0c7cee63ec92b316f8b891b667177a080b670566]
sid: released (5.8.10-1)
4.19-buster-security: released (4.19.146-1)
4.9-stretch-security: pending (4.9.237-1)
|