Re: CVE-2021-47188: scsi: ufs: core: Improve SCSI abort handling

From: Cengiz Can
Date: Mon Aug 05 2024 - 12:48:31 EST

Next message: Jiri Olsa: "Re: NULL pointer deref when running BPF monitor program (6.11.0-rc1)"
Previous message: David Matlack: "Re: [RFC PATCH 0/9] KVM: x86/mmu: Preserve Accessed bits on PROT changes"
Next in thread: Greg Kroah-Hartman: "Re: CVE-2021-47188: scsi: ufs: core: Improve SCSI abort handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I'm trying to figure out the security impact here:

> That warning is triggered by the following statement:
>
> WARN_ON(lrbp->cmd);

This is just a fix to silence a warning. How is this worthy of a CVE? What was
the criteria here?

If there are security implications of not nullifying `lrbp->cmd`, shouldn't they
be noted in the CVE description?

If this just a fix to the warning, this CVE should be rejected.

Cengiz Can

Next message: Jiri Olsa: "Re: NULL pointer deref when running BPF monitor program (6.11.0-rc1)"
Previous message: David Matlack: "Re: [RFC PATCH 0/9] KVM: x86/mmu: Preserve Accessed bits on PROT changes"
Next in thread: Greg Kroah-Hartman: "Re: CVE-2021-47188: scsi: ufs: core: Improve SCSI abort handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]