blob: fbe4ba4bb33e923c64af5124c3fa7eb61f74b841 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: dpt_i2o: TOCTTOU in adpt_i2o_passthru()
References:
https://www.zerodayinitiative.com/advisories/ZDI-23-440/
https://lore.kernel.org/stable/b1d71ba992d0adab2519dff17f6d241279c0f5f1.camel@debian.org/
Notes:
carnil> Issue upstream fixed by removing the driver.
carnil> For other stable backports "scsi: dpt_i2o: Remove broken pass-
carnil> through ioctl (I2OUSERCMD)" fixes the issue.
Bugs:
upstream: released (6.0-rc1) [b04e75a4a8a81887386a0d2dbf605a48e779d2a0]
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.183) [a2cd7599b558d6c70c01880d470f6eedaf6a8f23]
4.19-upstream-stable: released (4.19.285) [1b88816a9499608c736e192e0f442e65d4b71de1]
sid: released (6.0.2-1)
6.1-bookworm-security: N/A "Fixed before branch point"
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: released (4.19.289-1)
|
