diff -urN linux-2.6.15.i686/drivers/scsi/scsi_lib.c linux-2.6.15.i686-fix/drivers/scsi/scsi_lib.c
--- linux-2.6.15.i686/drivers/scsi/scsi_lib.c	2006-02-20 18:18:47.000000000 -0500
+++ linux-2.6.15.i686-fix/drivers/scsi/scsi_lib.c	2006-02-20 18:45:48.000000000 -0500
@@ -1895,6 +1895,18 @@
 		data->header_length = header_length;
 		if(use_10_for_ms) {
 			data->length = buffer[0]*256 + buffer[1] + 2;
+			if (unlikely(data->length == 0x860b)) {
+				/* Initio breakage? */
+				if (modepage == 6 || modepage == 8) {
+					data->header_length = 0;
+					data->length = 12;
+					data->medium_type = 0;
+					data->device_specific = 0;
+					data->longlba = 0;
+					data->block_descriptor_length = 0;
+					return result;
+				}	
+			}
 			data->medium_type = buffer[2];
 			data->device_specific = buffer[3];
 			data->longlba = buffer[4] & 0x01;
diff -urN linux-2.6.15.i686/drivers/scsi/sd.c linux-2.6.15.i686-fix/drivers/scsi/sd.c
--- linux-2.6.15.i686/drivers/scsi/sd.c	2006-02-20 18:18:47.000000000 -0500
+++ linux-2.6.15.i686-fix/drivers/scsi/sd.c	2006-02-20 18:45:43.000000000 -0500
@@ -1328,6 +1328,9 @@
 	if (!scsi_status_is_good(res))
 		goto bad_sense;
 
+	if (!data.header_length)
+		goto missing_header;
+
 	/* that went OK, now ask for the proper length */
 	len = data.length;
 
@@ -1342,8 +1345,11 @@
 
 	/* Take headers and block descriptors into account */
 	len += data.header_length + data.block_descriptor_length;
+	if (len > 512)
+		goto bad_sense;
 
 	/* Get the data */
+read_it:
 	res = sd_do_mode_sense(sdp, dbd, modepage, buffer, len, &data, &sshdr);
 
 	if (scsi_status_is_good(res)) {
@@ -1354,8 +1360,15 @@
 		int ct = 0;
 		int offset = data.header_length + data.block_descriptor_length;
 
+		if (offset >= 512 - 2) {
+			printk(KERN_ERR "%s: malformed MODE SENSE response",
+				diskname);
+			goto defaults;
+		}
+
 		if ((buffer[offset] & 0x3f) != modepage) {
-			printk(KERN_ERR "%s: got wrong page\n", diskname);
+			printk(KERN_ERR "%s: got wrong page (%d -> %d)\n",
+				 diskname, modepage, buffer[offset] & 0x3f);
 			goto defaults;
 		}
 
@@ -1398,6 +1411,12 @@
 	       diskname);
 	sdkp->WCE = 0;
 	sdkp->RCD = 0;
+	return;
+missing_header:
+	modepage = 6;
+	printk("KERN_ERR "%s: missing header in MODE_SENSE response\n",
+		diskname);
+	goto read_it;
 }
 
 /**