CVE-2019-12456

Priority
Description
** DISPUTED ** An issue was discovered in the MPT3COMMAND case in
_ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel
through 5.1.5. It allows local users to cause a denial of service or
possibly have unspecified other impact by changing the value of ioc_number
between two kernel reads of that value, aka a "double fetch" vulnerability.
NOTE: a third party reports that this is unexploitable because the doubly
fetched value is not used.
Notes
tyhicksThere seems to be no security impact as the ioc_number is never used
after the "double fetch"
Package
Source: linux (LP Ubuntu Debian)
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Patches:
Introduced by
f92363d12359498f9a9960511de1a550f0ec41c2
Fixed by
f9e3ebeea4521652318af903cddeaf033527e93e
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
Package
Upstream:pending
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (double fetched value is not used)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (double fetched value is not used)
Ubuntu 19.10 (Eoan Ermine):ignored (double fetched value is not used)
More Information

Updated: 2020-01-29 20:06:01 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)