In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSIIOCTLSENDCOMMAND ioctl with outlen set to 0xd42, SCSI command set to ATA16 PASS-THROUGH, ATA command set to ATANOP, and protocol set to ATAPROTPIO, can cause atapiosector() to write outside the allocated buffer, overwriting random memory. While a ATA device is supposed to abort a ATANOP command, there does seem to be a bug either in libata-sff or QEMU, where either this status is not set, or the status is cleared before read by atasffhsmmove(). Anyway, that is most likely a separate bug. Looking at _atapipiobytes(), it already has a safety check to ensure that _atapipiobytes() cannot write outside the allocated buffer. Add a similar check to atapiosector(), such that also atapiosector() cannot write outside the allocated buffer.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-7.7", "binary_name": "linux-bpf-dev" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-buildinfo-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-buildinfo-6.14.0-7-generic-64k" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-cloud-tools-6.14.0-7" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-cloud-tools-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-cloud-tools-common" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-doc" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-headers-6.14.0-7" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-headers-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-headers-6.14.0-7-generic-64k" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-6.14.0-7-generic-dbgsym" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-unsigned-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-unsigned-6.14.0-7-generic-64k" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-unsigned-6.14.0-7-generic-64k-dbgsym" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-image-unsigned-6.14.0-7-generic-dbgsym" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-lib-rust-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-libc-dev" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-modules-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-modules-6.14.0-7-generic-64k" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-modules-extra-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-modules-usbio-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-modules-vision-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-source-6.14.0" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-tools-6.14.0-7" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-tools-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-tools-6.14.0-7-generic-64k" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-tools-common" }, { "binary_version": "6.14.0-7.7", "binary_name": "linux-tools-host" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1003.3", "binary_name": "linux-aws-cloud-tools-6.14.0-1003" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-aws-headers-6.14.0-1003" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-aws-tools-6.14.0-1003" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-buildinfo-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-cloud-tools-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-headers-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-image-unsigned-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-image-unsigned-6.14.0-1003-aws-dbgsym" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-modules-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-modules-extra-6.14.0-1003-aws" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-tools-6.14.0-1003-aws" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1002.2", "binary_name": "linux-azure-cloud-tools-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-azure-headers-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-azure-tools-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-buildinfo-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-cloud-tools-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-headers-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-azure-dbgsym" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-extra-6.14.0-1002-azure" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-tools-6.14.0-1002-azure" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1002.2", "binary_name": "linux-buildinfo-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-buildinfo-6.14.0-1002-gcp-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-gcp-headers-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-gcp-tools-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-headers-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-headers-6.14.0-1002-gcp-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-gcp-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-gcp-64k-dbgsym" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-gcp-dbgsym" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-6.14.0-1002-gcp-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-extra-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-extra-6.14.0-1002-gcp-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-tools-6.14.0-1002-gcp" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-tools-6.14.0-1002-gcp-64k" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1002.2", "binary_name": "linux-buildinfo-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-buildinfo-6.14.0-1002-oracle-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-headers-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-headers-6.14.0-1002-oracle-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-oracle-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-oracle-64k-dbgsym" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-image-unsigned-6.14.0-1002-oracle-dbgsym" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-6.14.0-1002-oracle-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-extra-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-modules-extra-6.14.0-1002-oracle-64k" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-oracle-headers-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-oracle-tools-6.14.0-1002" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-tools-6.14.0-1002-oracle" }, { "binary_version": "6.14.0-1002.2", "binary_name": "linux-tools-6.14.0-1002-oracle-64k" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1003.3", "binary_name": "linux-buildinfo-6.14.0-1003-raspi" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-headers-6.14.0-1003-raspi" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-image-6.14.0-1003-raspi" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-image-6.14.0-1003-raspi-dbgsym" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-modules-6.14.0-1003-raspi" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-raspi-headers-6.14.0-1003" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-raspi-tools-6.14.0-1003" }, { "binary_version": "6.14.0-1003.3", "binary_name": "linux-tools-6.14.0-1003-raspi" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-1001.1", "binary_name": "linux-buildinfo-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-cloud-tools-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-headers-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-image-unsigned-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-image-unsigned-6.14.0-1001-realtime-dbgsym" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-modules-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-modules-extra-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-modules-iwlwifi-6.14.0-1001-realtime" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-realtime-cloud-tools-6.14.0-1001" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-realtime-headers-6.14.0-1001" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-realtime-tools-6.14.0-1001" }, { "binary_version": "6.14.0-1001.1", "binary_name": "linux-tools-6.14.0-1001-realtime" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-buildinfo-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-headers-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-image-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-image-6.14.0-7-generic-dbgsym" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-modules-6.14.0-7-generic" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-riscv-headers-6.14.0-7" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-riscv-tools-6.14.0-7" }, { "binary_version": "6.14.0-7.7.1", "binary_name": "linux-tools-6.14.0-7-generic" } ] }