The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel allows local users to cause a denial of service via a stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer. An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f7068114d45ec55996b9040e98111afa56e010fe
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1583213]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948