On Thu, Apr 09, 2026 at 05:49:58PM +0200, Mikulas Patocka wrote: > Luckily, this bug has no security implications because: > 1. Only root can issue device mapper ioctls > 2. The commonly used libraries that communicate with device mapper > (libdevmapper and devicemapper-rs) use buffer size that is aligned to > 8 bytes - thus, "outptr = align_ptr(outptr)" can't overshoot the input > buffer and the bug can't happen accidentally > > Reported-by: Tony Asleson <[email protected]> > Signed-off-by: Mikulas Patocka <[email protected]>
Reviewed-by: Bryn M. Reeves <[email protected]>
