| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8aa33d58-c46f-46d3-b10c-f6b9998cb8a8@kernel.org> Date: Tue, 15 Jul 2025 17:36:02 +0200 From: Krzysztof Kozlowski <krzk@...nel.org> To: Bart Van Assche <bvanassche@....org>, jackysliu <1972843537@...com> Cc: James.Bottomley@...senPartnership.com, linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org, martin.petersen@...cle.com Subject: Re: [PATCH v2] scsi: fix out of bounds error in /drivers/scsi On 15/07/2025 15:00, Bart Van Assche wrote: > On 6/18/25 9:03 PM, jackysliu wrote: >> 6.15-stable review patch, vulnerability exists since v6.9 >> >> Out-of-bounds vulnerability found in ./drivers/scsi/sd.c >> The vulnerability is found by is found by Wukong-Agent >> (formerly Tencent Woodpecker), a code security AI agent, >> through static code analysis. >> >> sd_read_block_limits_ext Function Due to Unreasonable boundary checks. >> Out-of-bounds read vulnerability exists in the >> Linux kernel's SCSI disk driver (./drivers/scsi/sd.c). >> The flaw occurs in the sd_read_block_limits_ext function >> when processing Vital Product Data (VPD) page B7 (Block Limits Extension) >> responses from storage devices >> >> A maliciously crafted 4-byte VPD page (0xB7) would cause Out-of-Bounds >> Memory Read, leading to potential system Instability >> and Driver State Corruption. > > Reviewed-by: Bart Van Assche <bvanassche@....org> Just checking - are you sure? Please be careful with this work, that's AI generated stuff which in some cases did not even compile or did not actually follow C code. Best regards, Krzysztof
Powered by blists - more mailing lists