CVE-2018-10021

Published: 4/11/2018 Last updated: 8/5/2024 Reserved: 4/11/2018

drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
n/a	n/a	< adccdf702b4ea913ded5ff512239e382d7473b63

References (22)

https://usn.ubuntu.com/3678-2/
https://usn.ubuntu.com/3696-1/
https://usn.ubuntu.com/3678-1/
https://bugzilla.suse.com/show_bug.cgi?id=1089281
https://usn.ubuntu.com/3754-1/
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://usn.ubuntu.com/3678-3/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39
https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39
https://usn.ubuntu.com/3696-2/
https://usn.ubuntu.com/3678-4/
https://usn.ubuntu.com/3678-2/
https://usn.ubuntu.com/3696-1/
https://usn.ubuntu.com/3678-1/
https://bugzilla.suse.com/show_bug.cgi?id=1089281
https://usn.ubuntu.com/3754-1/
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://usn.ubuntu.com/3678-3/
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39
https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39
https://usn.ubuntu.com/3696-2/
https://usn.ubuntu.com/3678-4/