Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.

[Greg KH <greg () kroah com>]

On Wed, Sep 30, 2020 at 10:35:56AM +1000, Wade Mealing wrote:
> Gday,
>
> A flaw was found in the Linux kernels implementation of biovec usage.  A
> zero-length biovec request issued to the block subsystem could cause the
> kernel to enter an infinite loop causing a denial of service. An attacker
> with a local account can issue requests to a block device can cause a
> denial of service.
>
> This has been assigned CVE-2020-25641,
>
> According to the fix commits "Introduced in":
> # git tag --contains 1bdc76aea115 | head -n 1
> v4.10

That's odd, and not the best way to do this, the commit really showed up
in 4.8-rc1:
        $ git describe --contains 1bdc76aea115
        v4.8-rc1~162^2~21

You forgot to sort by "version", which is what you need to do if you
want to try to look at tags, but then it's still a bit off:
        $ git tag --contains 1bdc76aea115 | sort -V | head -n 10
        v4.8
        v4.8-rc1
        v4.8-rc2
        v4.8-rc3
        v4.8-rc4
        v4.8-rc5
        v4.8-rc6
        v4.8-rc7
        v4.8-rc8
        v4.9

hope this helps,

greg k-h