From ${URL} : Linux kernel built with the Compaq SMART2(CONFIG_BLK_CPQ_DA) & Compaq Smart Array 5xxx(CONFIG_BLK_CPQ_CISS_DA) support is vulnerable to an information leakage flaw. This could occur while doing ioctl(2) calls on block devices - /dev/ida/* & /dev/cciss/* - with command `IDAGETPCIINFO' or `CCISS_PASSTHRU32'. A user/program able to access above devices could use this flaw to leak kernel memory bytes. Upstream fixes: --------------- -> https://lkml.org/lkml/2013/6/3/131 -> https://lkml.org/lkml/2013/6/3/127
CVE-2013-2147 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2147): The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.
...hm. I don't see these patches in linux.git.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/block/cpqarray.c?id=627aad1c01da6f881e7f98d71fd928ca0c316b1a https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/block/cciss.c?id=58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e
Fixed in 3.12