On 10/3/18 6:54 AM, Yang Xiao wrote: > From: Young_X <yang...@hotmail.com> > > There is another cast from unsigned long to int which causes > a bounds check to fail with specially crafted input. The value is > then used as an index in the slot array in cdrom_slot_status(). > > This issue is similar to CVE-2018-16658 and CVE-2018-10940.
Applied, thanks. -- Jens Axboe