[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.
From: Greg KH <greg () kroah ! com>
Date: 2020-09-30 6:32:54
Message-ID: 20200930063254.GB1474755 () kroah ! com
[Download RAW message or body]
On Wed, Sep 30, 2020 at 10:35:56AM +1000, Wade Mealing wrote:
> Gday,
>
> A flaw was found in the Linux kernels implementation of biovec usage. A
> zero-length biovec request issued to the block subsystem could cause the
> kernel to enter an infinite loop causing a denial of service. An attacker
> with a local account can issue requests to a block device can cause a
> denial of service.
>
> This has been assigned CVE-2020-25641,
>
> According to the fix commits "Introduced in":
> # git tag --contains 1bdc76aea115 | head -n 1
> v4.10
That's odd, and not the best way to do this, the commit really showed up
in 4.8-rc1:
$ git describe --contains 1bdc76aea115
v4.8-rc1~162^2~21
You forgot to sort by "version", which is what you need to do if you
want to try to look at tags, but then it's still a bit off:
$ git tag --contains 1bdc76aea115 | sort -V | head -n 10
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
hope this helps,
greg k-h
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic