Re: CVE-2020-25641 kernel: soft lockup when submitting zero length bvecs.

[Michael Ellerman <mpe () ellerman id au>]

Greg KH <greg () kroah com> writes:
> On Wed, Sep 30, 2020 at 10:35:56AM +1000, Wade Mealing wrote:
> > Gday,
> >
> > A flaw was found in the Linux kernels implementation of biovec usage.  A
> > zero-length biovec request issued to the block subsystem could cause the
> > kernel to enter an infinite loop causing a denial of service. An attacker
> > with a local account can issue requests to a block device can cause a
> > denial of service.
> >
> > This has been assigned CVE-2020-25641,
> >
> > According to the fix commits "Introduced in":
> > # git tag --contains 1bdc76aea115 | head -n 1
> > v4.10
>
> That's odd, and not the best way to do this, the commit really showed up
> in 4.8-rc1:
>       $ git describe --contains 1bdc76aea115
>       v4.8-rc1~162^2~21
>
> You forgot to sort by "version", which is what you need to do if you
> want to try to look at tags, but then it's still a bit off:
>       $ git tag --contains 1bdc76aea115 | sort -V | head -n 10
>       v4.8
>       v4.8-rc1
>       v4.8-rc2
>       v4.8-rc3
>       v4.8-rc4
>       v4.8-rc5
>       v4.8-rc6
>       v4.8-rc7
>       v4.8-rc8
>       v4.9

Git can do the sorting for you with --sort.

And if you have other tags in your repo that can confuse things, so
specifying that you want "v*" tags avoids that.

eg:

$ git tag -l "v*" --sort=v:refname --contains 1bdc76aea115 | head -n 10
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9

Obviously for ease of use you want that in an alias or script.

cheers