On 09/15/2015 02:50 PM, Markus Armbruster wrote:
> John Snow writes:
>
>> On 09/15/2015 02:11 PM, Markus Armbruster wrote:
>>> John Snow writes:
>>>
On 09/15/2015 02:53 AM, Markus Armbruster wrote:
> John Snow writes:
>
>> We're a little too lenient with what we'll let an ATA
John Snow writes:
> On 09/15/2015 02:11 PM, Markus Armbruster wrote:
>> John Snow writes:
>>
>>> On 09/15/2015 02:53 AM, Markus Armbruster wrote:
John Snow writes:
> We're a little too lenient with what we'll let an ATAPI drive handle.
> Clamp down on the IDE command executio
On 09/15/2015 02:11 PM, Markus Armbruster wrote:
> John Snow writes:
>
>> On 09/15/2015 02:53 AM, Markus Armbruster wrote:
>>> John Snow writes:
>>>
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK per
John Snow writes:
> On 09/15/2015 02:53 AM, Markus Armbruster wrote:
>> John Snow writes:
>>
>>> We're a little too lenient with what we'll let an ATAPI drive handle.
>>> Clamp down on the IDE command execution table to remove CD_OK permissions
>>> from commands that are not and have never been
On 09/15/2015 02:53 AM, Markus Armbruster wrote:
> John Snow writes:
>
>> We're a little too lenient with what we'll let an ATAPI drive handle.
>> Clamp down on the IDE command execution table to remove CD_OK permissions
>> from commands that are not and have never been ATAPI commands.
>>
>> Fo
Am 14.09.2015 um 20:49 hat John Snow geschrieben:
> On 09/14/2015 02:43 PM, Michael Tokarev wrote:
> > 14.09.2015 21:04, John Snow wrote:
> >> On 09/11/2015 02:56 AM, Michael Tokarev wrote:
> >>> 09.09.2015 19:28, John Snow wrote:
> We're a little too lenient with what we'll let an ATAPI drive
John Snow writes:
> We're a little too lenient with what we'll let an ATAPI drive handle.
> Clamp down on the IDE command execution table to remove CD_OK permissions
> from commands that are not and have never been ATAPI commands.
>
> For ATAPI command validity, please see:
> - ATA4 Section 6.5 (
On 09/14/2015 02:43 PM, Michael Tokarev wrote:
> 14.09.2015 21:04, John Snow wrote:
>> On 09/11/2015 02:56 AM, Michael Tokarev wrote:
>>> 09.09.2015 19:28, John Snow wrote:
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution tabl
14.09.2015 21:04, John Snow wrote:
> On 09/11/2015 02:56 AM, Michael Tokarev wrote:
>> 09.09.2015 19:28, John Snow wrote:
>>> We're a little too lenient with what we'll let an ATAPI drive handle.
>>> Clamp down on the IDE command execution table to remove CD_OK permissions
>>> from commands that ar
On 09/11/2015 02:56 AM, Michael Tokarev wrote:
> 09.09.2015 19:28, John Snow wrote:
>> We're a little too lenient with what we'll let an ATAPI drive handle.
>> Clamp down on the IDE command execution table to remove CD_OK permissions
>> from commands that are not and have never been ATAPI command
09.09.2015 19:28, John Snow wrote:
> We're a little too lenient with what we'll let an ATAPI drive handle.
> Clamp down on the IDE command execution table to remove CD_OK permissions
> from commands that are not and have never been ATAPI commands.
FWIW, this issue has been assigned CVE-2015-6855 i
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
-
12 matches
Mail list logo
