CVE-2014-8181 (retired)

Priority
Description
In sg_io, blk_rq_map_user{,_iov} may allocate a set of bounce buffer
pages to do the bio, if it finds the user buffer cannot be directly
mapped. But the allocated pages are not cleared. If the bounce
buffer is also not written to by device, garbage data is left,
and copied back to user in blk_rq_unmap_user. The allocated pages
should be cleared. This also eliminates the risk of leaking sensitive
information to userspace, which may have a security impact.
Notes
 jdstrand> android kernels (flo, goldfish, grouper, maguro, mako and manta) are
  not supported on the Ubuntu Touch 14.10 and earlier preview kernels
 jdstrand> linux-lts-saucy no longer receives official support
 jdstrand> linux-lts-quantal no longer receives official support
 sbeattie> possibly only affects RHEL-7
Package
Source: linux (LP Ubuntu Debian)
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
linux-krillin:not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (RHEL 7 kernel only)
Package
Upstream:not-affected (RHEL 7 kernel only)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
linux-vegetahd:not-affected (RHEL 7 kernel only)
More Information

Updated: 2019-05-15 17:18:56 UTC (commit 2d71aefac924bf16479c12958688c37878e881eb)