In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.16.7-1 | linux_5.16.7-1_all.deb |
Debian | 11 | all | linux | < 5.10.103-1 | linux_5.10.103-1_all.deb |
Debian | 10 | all | linux | <= 4.19.249-2 | linux_4.19.249-2_all.deb |
Debian | 999 | all | linux | < 5.16.7-1 | linux_5.16.7-1_all.deb |
Debian | 13 | all | linux | < 5.16.7-1 | linux_5.16.7-1_all.deb |