Published: 23 December 2011
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.
From the Ubuntu Security Team
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device.
This seems to be seens as the right thing to do, but not so late in 3.2, expect to see something applied in the early merge window https://lkml.org/lkml/2011/12/22/366 The fixes have now hit mainline, there is a strong possibility that when these are applied to older releases we will get functionality regressions, will get them on precise as soon as possible.