Bug 1089281 (CVE-2018-10021) - VUL-0: CVE-2018-10021: kernel-source: drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows localusers to cause a denial of service (ata qc leak) by triggering certain failureconditions.
Summary: VUL-0: CVE-2018-10021: kernel-source: drivers/scsi/libsas/sas_scsi_host.c in ...
Status: RESOLVED WONTFIX
Alias: CVE-2018-10021
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/203774/
Whiteboard: CVSSv3:SUSE:CVE-2018-10021:4.7:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-04-12 06:41 UTC by Marcus Meissner
Modified: 2020-06-13 00:56 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-04-12 06:41:05 UTC
CVE-2018-10021

drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local
users to cause a denial of service (ata qc leak) by triggering certain failure
conditions.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10021
http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-10021.html
https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39
Comment 1 Johannes Thumshirn 2018-04-12 12:31:02 UTC
Ah I fail to see the security impact of this. It's a memory leak via the ATA Error Handler behind a SAS HBA. If I can physically unplug the drive to trigger the EH I can get more than just a simple memory leak.
Comment 2 Marcus Meissner 2018-04-12 14:27:50 UTC
i agree :/ someone blind assigning CVEs again :(
Comment 4 Marcus Meissner 2018-04-16 09:47:58 UTC
I filed a rejection request, lets see if I get lucky this time.
Comment 7 Marcus Meissner 2018-09-10 14:13:18 UTC
we will not be addressing this issue, as it is a denial of service that needs to be triggered by someone able to pull cables.