CVE-2020-9383: 
Linux Kernel vulnerability analysis and mitigation

An issue was discovered in the Linux kernel 3.16 through 5.5.6. The vulnerability (CVE-2020-9383) involves an incorrect range check in the set_fdc function in drivers/block/floppy.c that leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (NVD, MITRE). The vulnerability was discovered by Jordy Zomer and was disclosed in February 2020.

The vulnerability stems from a flaw in the floppy driver where the FDC (Floppy Disk Controller) index is assigned before being validated for errors. The issue occurs specifically in the set_fdc function within drivers/block/floppy.c. The CVSS v3.1 base score is 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD, Kernel Patch).

When successfully exploited, this vulnerability could allow a local user with access to a floppy drive to cause a denial of service (system crash or memory corruption) or potentially escalate privileges through an out-of-bounds read operation (Ubuntu Notice, Debian Notice).

The issue has been fixed in the Linux kernel through a patch that adds proper validation of the FDC index before assignment. Various distributions have released updates including Ubuntu (versions 19.10, 18.04 LTS, 16.04 LTS, 14.04 LTS) and Debian (version 4.9.210-1+deb9u1) (Ubuntu Notice, Debian Notice).

Linus Torvalds, in the kernel patch comments, acknowledged that the floppy driver code is problematic, describing it as a 'disgrace' with origins in his original design. He noted that the driver lacks proper maintenance as nobody has the hardware or motivation to properly maintain it, though it remains in use for virtual environments (Kernel Patch).