Security Advisory
CVE-2021-47039
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of bounds in do_format() The function uses "type" as an array index: q = unit[drive].disk[type]->queue; Unfortunately the bounds check on "type" isnt done until later in the function. Fix this by moving the bounds check to the start.