An out of bounds (OOB) memory access flaw was found in set_fdc in drivers/block/floppy.c in floppy driver module . This could allow a local attacker to crash the system or leak kernel internal information.
Reference and upstream commit:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1810687]
This was fixed for Fedora with the 5.5.7 stable kernel updates.
Mitigation for this issue is to skip loading the affected floppy driver module onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
How do I blacklist a kernel module to prevent it from loading automatically?
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:2104 https://access.redhat.com/errata/RHSA-2020:2104
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):