** Description changed: - [drivers/vhost/scsi.c: potential memory corruption] + Array index error in the tcm_vhost_make_tpg function in + drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS + users to cause a denial of service (memory corruption) or possibly have + unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl + call. NOTE: the affected function was renamed to vhost_scsi_make_tpg + before the vulnerability was announced. Break-Fix: 057cbf49a1f08297877e46c82f707b1bfea806a8 59c816c1f24df0204e01851431d3bab3eb76719c
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1457807 Title: CVE-2015-4036 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1457807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs