| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 May 2013 15:58:19 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: tj@...nel.org
Subject: [PATCH v3 part1 0/4] Fix SG_IO ambiguity between READ SUBCHANNEL and UNMAP (and other similar cases)
The SG_IO ioctl's command whitelist is designed for MMC devices (roughly,
"play/burn CDs without requiring root") but some opcodes overlap across SCSI
device classes and have different meanings for different classes.
To fix this, use different bitmaps for the various device classes.
This is CVE-2012-4542.
v2->v3: patches are now split differently, according to Tejun's indications;
added conflict on operation code A4h.
Paolo Bonzini (4):
sg_io: pass request_queue to blk_verify_command
sg_io: prepare to introduce per-class command filters
sg_io: use different default filters for each device class
sg_io: resolve conflicts between commands assigned to multiple classes
(CVE-2012-4542)
block/bsg.c | 2 +-
block/scsi_ioctl.c | 193 +++++++++++++++++++++++++++--------------------
drivers/scsi/scsi_scan.c | 2 +
drivers/scsi/sg.c | 3 +-
include/linux/blkdev.h | 5 +-
5 files changed, 118 insertions(+), 87 deletions(-)
--
1.8.1.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists