blob: 7b66a887a20fa646bd96cd68ed08a13e9d2525fb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: scsi: libsas: defer ata device eh commands to libata
References:
https://bugzilla.suse.com/show_bug.cgi?id=1089281#c1
Notes:
carnil> Negligable security impact, failure can only occur for physically
carnil> proximate attackers who unplug SAS Host Bus Adapter cables.
bwh> The vulnerable code was added in Linux 3.4.
Bugs:
upstream: released (4.16-rc7) [318aaf34f1179b39fa9c30fa0f3288b645beee39]
4.9-upstream-stable: released (4.9.103) [e420d98384760f55ffac9951b9b5cccbf2edd752]
3.16-upstream-stable: released (3.16.58) [scsi-libsas-defer-ata-device-eh-commands-to-libata.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.15.17-1) [bugfix/all/scsi-libsas-defer-ata-device-eh-commands-to-libata.patch]
4.9-stretch-security: released (4.9.107-1)
3.16-jessie-security: released (3.16.59-1)
3.2-wheezy-security: N/A "Vulnerable code not present"
|
