blob: a6d4a4cab37deec4d4c2e963b999c319326b5eb6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: information leak vulnerablility
References:
https://github.com/johnsonwangqize/cve-linux/blob/master/CVE-2018-7754.md
https://elixir.bootlin.com/linux/v4.16-rc4/source/drivers/block/aoe/aoeblk.c#L421
Notes:
carnil> Likely as other reports from "ADLab of VenusTech" not reported to
carnil> upstream?
bwh> The upstream fix was to obscure logged pointer values by
bwh> default.
Bugs:
upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
4.9-upstream-stable: ignored "debugfs restricted to root by default"
3.16-upstream-stable: ignored "debugfs restricted to root by default"
sid: released (4.15.4-1)
4.9-stretch-security: ignored "debugfs restricted to root by default"
3.16-jessie-security: ignored "debugfs restricted to root by default"
|