[PATCH 5.10.y] scsi: core: Backport fixes for CVE-2021-47182

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The patch titled "scsi: core: Fix scsi_mode_sense() buffer length handling"
addresses CVE-2021-47182, fixing the following issues in `scsi_mode_sense()`
buffer length handling:  

1. Incorrect handling of the allocation length field in the MODE SENSE(10)
   command, causing truncation of buffer lengths larger than 255 bytes.  

2. Memory corruption when handling small buffer lengths due to lack of proper
   validation.  

Original patch submission:  
https://lore.kernel.org/all/20210820070255.682775-2-damien.lemoal@xxxxxxx/  

CVE announcement in linux-cve-announce:  
https://lore.kernel.org/linux-cve-announce/2024041032-CVE-2021-47182-377e@gregkh/  
Fixed versions:  
- Fixed in 5.15.5 with commit e15de347faf4  
- Fixed in 5.16 with commit 17b49bcbf835  

Official CVE entry:  
https://cve.org/CVERecord/?id=CVE-2021-47182

[PATCH 5.10.y] scsi: core: Fix scsi_mode_sense() buffer length handling





[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux