Comment 145 for bug 2004555

Revision history for this message
Alan Bishop (alan-bishop) wrote : Re: Unauthorized volume access through deleted volume attachments (CVE-2023-2088)

I wish I could offer more details and a definitive answer, but Gorka is on holiday this week and so I have to take a stab at answering this one. I believe the osbrick-fc-2004555-master_to_zed.patch patch from comment #130 may not supersede the osbrick-leak-2004555-master.patch attachment in comment #123. I think the former (the -fc patch) is an additional patch that adds "force detach" to FC connections. That is, it only applies to FC connections. The osbrick-leak-2004555-master.patch is also part of the solution, and is distinct from the FC-only patch. Hopefully Brian and/or Rajat can confirm or deny my response.