<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Greg KH <greg () kroah com>
Date: Wed, 30 Sep 2020 08:32:54 +0200
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
On Wed, Sep 30, 2020 at 10:35:56AM +1000, Wade Mealing wrote:
Gday,
A flaw was found in the Linux kernels implementation of biovec usage. A
zero-length biovec request issued to the block subsystem could cause the
kernel to enter an infinite loop causing a denial of service. An attacker
with a local account can issue requests to a block device can cause a
denial of service.
This has been assigned CVE-2020-25641,
According to the fix commits "Introduced in":
# git tag --contains 1bdc76aea115 | head -n 1
v4.10
That's odd, and not the best way to do this, the commit really showed up
in 4.8-rc1:
$ git describe --contains 1bdc76aea115
v4.8-rc1~162^2~21
You forgot to sort by "version", which is what you need to do if you
want to try to look at tags, but then it's still a bit off:
$ git tag --contains 1bdc76aea115 | sort -V | head -n 10
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
hope this helps,
greg k-h
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs. Wade Mealing (Sep 29)
Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs. Greg KH (Sep 29)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->