An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittil_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
{ "urgency": "not yet assigned" }