Re: [PATCH] cdrom: fix improper type cast, which can leat to information leak.

From: Jens Axboe
Date: Wed Oct 03 2018 - 12:21:12 EST


On 10/3/18 6:54 AM, Yang Xiao wrote:
> From: Young_X <YangX92@xxxxxxxxxxx>
>
> There is another cast from unsigned long to int which causes
> a bounds check to fail with specially crafted input. The value is
> then used as an index in the slot array in cdrom_slot_status().
>
> This issue is similar to CVE-2018-16658 and CVE-2018-10940.

Applied, thanks.

--
Jens Axboe