Re: [PATCH] cdrom: fix improper type cast, which can leat to information leak.

From: Jens Axboe
Date: Wed Oct 03 2018 - 12:21:12 EST

Next message: Jan Kara: "Re: [PATCH 0/4] get_user_pages*() and RDMA: first steps"
Previous message: Takashi Iwai: "Re: [PATCH] ALSA: intel8x0: Fix fall-through annotations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/3/18 6:54 AM, Yang Xiao wrote:
> From: Young_X <YangX92@xxxxxxxxxxx>
>
> There is another cast from unsigned long to int which causes
> a bounds check to fail with specially crafted input. The value is
> then used as an index in the slot array in cdrom_slot_status().
>
> This issue is similar to CVE-2018-16658 and CVE-2018-10940.

Applied, thanks.

--
Jens Axboe

Next message: Jan Kara: "Re: [PATCH 0/4] get_user_pages*() and RDMA: first steps"
Previous message: Takashi Iwai: "Re: [PATCH] ALSA: intel8x0: Fix fall-through annotations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]