Hi ! It's this week's CVE report. This week reported 2 new CVEs. * New CVEs CVE-2021-41073: io_uring: ensure symmetry in handling iter types in loop_rw_iter() CVSS v3 score is not provided. This CVE is affected from 5.10-rc1 to 5.15-rc2. All stable kernels are fixed. Fixed status mainline: [16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc] stable/5.10: [ce8f81b76d3bef7b9fe6c8f84d029ab898b19469] stable/5.14: [71e32edd2210d0304e93ac110814b5a4b3a81dc0] CVE-2021-3773: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients CVSS v3 score is not provided. The details of the vulnerability has been published on https://breakpointingbad.com/2021/09/08/Port-Shadows-via-Network-Alchemy.html . Fixed status Not fixed yet. * Updated CVEs CVE-2020-16119: net: dccp: fix structure use-after-free stable kernels have been fixed this week. All stable kernels are fixed. Fixed status mainline: [d9ea761fdd197351890418acd462c51f241014a7] stable/4.14: [a1bb3c064bf5f2d8c3e9368a9152b1224a9dd64a] stable/4.19: [dfec82f3e5b8bd93ab65b7417a64886ec8c42f14] stable/4.4: [1969452d411a73a3125c326c6db0c8433f31dfd5] stable/4.9: [40ea36ffa7207456c3f155bbab76754d3f37ce04] stable/5.10: [6c3cb65d561e76fd0398026c023e587fec70e188] stable/5.14: [51f7b364a2d120cea956b2bb5ccaad29bbf8abce] stable/5.4: [5ab04a4ffed02f66e8e6310ba8261a43d1572343] CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic stable kernel 4.4 and 4.9 have been fixed this week. This vulnerability has been fixed since 5.12-rc1-dontuse. All stable kernels are fixed. Fixed status mainline: [56c5485c9e444c2e85e11694b6c44f1338fc20fd, 73488cb2fa3bb1ef9f6cf0d757f76958bd4deaca, d2d3e36498dd8e0c83ea99861fac5cf9e8671226, 144cd24dbc36650a51f7fe3bf1424a1432f1f480, ca2848022c12789685d3fab3227df02b863f9696] stable/4.14: [2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda, 20e7de09cbdb76a38f28fb71709fae347123ddb7, 995586a56748c532850870523d3a9080492b3433, f4d4f4473129e9ee55b8562250adc53217bad529, 61b014a8f8de02bedc56f76620170437f5638588] stable/4.19: [dd5815f023b89c9a28325d8a2a5f0779b57b7190, d2fd9d34210f34cd0ff5b33fa94e9fcc2a513cea, fb924bfcecc90ca63ca76b5a10f192bd0e1bb35d, 7c5a966edd3c6eec4a9bdf698c1f27712d1781f0, 08c613a2cb06c68ef4e7733e052af067b21e5dbb] stable/4.4: [4d6b4335838fd89419212e1e486c415ec36fb610, 5d97f20dc21f3f4b14105590f729e513b0c4921d, 85d371eb7259c2e6aecd0b77c3f8c193c9593624, 1c8e25862a00a539803fa60eb7a907143688b178, 3fd07178fbf012db0b38488ea2e0069412250dd2] stable/4.9: [ea3f7df20fc8e0b82ec0e065b0b0d38e55fd7775, 74adc24d162e67d8862edaf701de620f36f98215, d7d4c3c60342deba706fd76ef09d8af68b9a64d8, 13c51682b07a5db4d9efb514e700407c6da22ff9, 7afed8faf42d8358a165ba554891085e10b1f7a0] stable/5.10: [8f05076983ddeaae1165457b6aa4eca9fe0e5498, 6566c207e5767deb37d283ed9f77b98439a1de4e, 2925a8385ec746bf09c11dcadb9af13c26091a4d, 609c0cfd07f0ae6c444e064a59b46c5f3090b705, e2036bc3fc7daa03c15fda27e1818192da817cea] stable/5.4: [0c049ce432b37a51a0da005314ac32e5d9324ccf, add283e2517a90468ce223465e0f4360128bb650, b7d593705eb4f0655a70f0207f573fb1edb80bda, c6feaf806da6a0deecc2fe41adb3443cdecba347, 23f77ad13f8176314b7c51f71b9ac7c5c6d10b7b] CVE-2021-40490: ext4: fix race writing to an inline_data file while its xattrs are changing 4.4, 4.9, 4.14, and 4.19 kernels have been fixed this week. All stable kernels are fixed. Fixed status mainline: [a54c4613dac1500b40e4ab55199f7c51f028e848] stable/4.14: [9569234645f102025aaf0fc83d3dcbf1b8cbf2dc] stable/4.19: [c481607ba522e31e6ed01efefc19cc1d0e0a46fa] stable/4.4: [69d82df68fbc5e368820123200d7b88f6c058350] stable/4.9: [7067b09fe587cbd47544a3047a40c64e4d636fff] stable/5.10: [09a379549620f122de3aa4e65df9329976e4cdf5] stable/5.13: [c764e8fa4491da66780fcb30a0d43bfd3fccd12c] stable/5.14: [f8ea208b3fbbc0546d71b47e8abaf98b0961dec1] stable/5.4: [9b3849ba667af99ee99a7853a021a7786851b9fd] Currently tracking CVEs CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 There is no fix information. CVE-2021-3640: UAF in sco_send_frame function There is no fix information. CVE-2020-26555: BR/EDR pin code pairing broken No fix information CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning No fix information. CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM No fix information. CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning No fix information. CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning No fix information. Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@cybertrust.co.jp :masami.ichikawa@miraclelinux.com