In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of bounds in do_format() The function uses "type" as an array index: q = unitdrive].disk[type]->queue; Unfortunately the bounds check on "type" isn't done until later in the function. Fix this by moving the bounds check to the start. CREATE(Triage):(User=admin) [CVE-2021-47039 (https://nvd.nist.gov/vuln/detail/CVE-2021-47039)