All of lore.kernel.org
 help / color / mirror / Atom feed
From: 市川正美 <masami.ichikawa@miraclelinux.com>
To: cip-dev <cip-dev@lists.cip-project.org>
Subject: [cip-dev] New CVE entries this week
Date: Thu, 15 Jul 2021 10:00:47 +0900	[thread overview]
Message-ID: <CAODzB9rgNngZ9GMZgJYGNr-+ruYxhYSr7q4dXCKgrO89PAAfWA@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 3674 bytes --]

Hi !

It's this week's CVE report.

CVE Summary

There is one new CVE.

CVE-2021-22555: Affects all CIP kernels

There is two updated CVEs

CVE-2021-34693: CIP kernel 4.19, 4.19-rt, 4.4 are fixed
CVE-2021-35039: CIP kernel 4.19 and 4.4 are fixed

From last week CVEs

CVE-2020-28097: CIP kernels are fixed
CVE-2021-29256: it seems not fixed in mainline yet
CVE-2021-31615: it seems not fixed in mainline yet
CVE-2021-35039: CIP kernel 4.4 and 4.4-rt aren't affected. 4.19 is fixed

* New CVEs detail

- 2021/07/12

CVE-2021-22555 -- Heap Out-Of-Bounds Write in xt_compat_target_from_user

The compat IPT_SO_SET_REPLACE/IP6T_SO_SET_REPLACE setsockopt
implementation in the netfilter subsystem in the Linux kernel allows
local users to gain privileges or cause a denial of service (heap
memory corruption) via user namespace.

This vulnerability affects from v2.6.19-rc1 to v5.11.

Fixed status.
cip/4.19: [12ec80252edefff00809d473a47e5f89c7485499]
cip/4.19-rt: [12ec80252edefff00809d473a47e5f89c7485499]
cip/4.4: [b0d98b2193a38ef93c92e5e1953d134d0f426531]
cip/4.4-rt: not fixed yet
cip/5.10: not fixed yet

* Updated CVEs detail

CVE-2021-34693 -- can: bcm: fix infoleak in struct bcm_msg_head

Fixed status

cip/4.19: [8899857d7e450805e6410de5004126491f197146]
cip/4.19-rt: not fixed yet
cip/4.4: [f638caa211e7a121a5596986d29ebbdaf9156398]
cip/4.4-rt: not fixed yet
cip/5.10: not fixed yet

CVE-2021-35039 -- module: limit enabling module.sig_enforce

Fixed status

cip/4.19: [ff660863628fb144badcb3395cde7821c82c13a6]
cip/4.19-rt: not fixed yet
cip/4.4: not affected
cip/4.4-rt: not affected
cip/5.10: not fixed yet

* From last week CVE report

CVE-2020-28097 -- vgacon_scrolldelta out-of-bounds read

This vulnerability affects before v5.9-rc6, so v5.10 kernel doesn't affect.

Fixed status

cip/4.19: [f5fa64c8daf7b97280865c73903edc0a3eea819e]
cip/4.19-rt: [f5fa64c8daf7b97280865c73903edc0a3eea819e]
cip/4.4: [5f76b4c6ac297ce836abe17f495123f45bfc4fb3]
cip/4.4-rt: [5f76b4c6ac297ce836abe17f495123f45bfc4fb3]
cip/5.10: not affected

Since CONFIG_VGACON_SOFT_SCROLLBACK option has been removed by this
CVE fix, we can remove this option from these configs in
cip-kernel-config repo.

- 4.19.y-cip/x86/cip_qemu_defconfig
- 4.19.y-cip/x86/plathome_obsvx2.config
- 4.19.y-cip-rt/x86/siemens_i386-rt.config
- 4.4.y-cip/x86/cip_qemu_defconfig


CVE-2021-29256.yml -- Mali GPU Kernel Driver elevates CPU RO pages to writable

According to the
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
, it said "This issue is fixed in Bifrost and Valhall GPU Kernel
Driver r30p0. It will be fixed in future Midgard release. Users are
recommended to upgrade if they are impacted by this issue." so it
seems that CVE hasn't been fixed yet.

CVE-2021-31615 -- InjectaBLE: Injecting malicious traffic into
established Bluetooth Low Energy connections

According to the
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
, it said "This issue is fixed in Bifrost and Valhall GPU Kernel
Driver r30p0. It will be fixed in future Midgard release. Users are
recommended to upgrade if they are impacted by this issue." so it
seems that CVE hasn't been fixed yet.

CVE-2021-35039 -- Without CONFIG_MODULE_SIG, verification that a
kernel module is signed, for loading via init_module, does not occur
for a module.sig_enforce=1 command-line argument.

Fixed status

cip/4.19: [ff660863628fb144badcb3395cde7821c82c13a6]
cip/linux-4.4: not affected
cip/linux-4.4-rt: not affected
cip/5.10: not fixed yet

Regards,

-- 
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@cybertrust.co.jp
          :masami.ichikawa@miraclelinux.com

[-- Attachment #2: Type: text/plain, Size: 428 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6621): https://lists.cip-project.org/g/cip-dev/message/6621
Mute This Topic: https://lists.cip-project.org/mt/84216032/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


             reply	other threads:[~2021-07-15  1:01 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-15  1:00 市川正美 [this message]
  -- strict thread matches above, loose matches on Subject: below --
2023-07-26 23:15 New CVE entries this week Masami Ichikawa
2023-07-27  9:26 ` [cip-dev] " Pavel Machek
2023-07-27 11:30   ` Masami Ichikawa
2023-06-14 22:43 Masami Ichikawa
2023-06-15  8:41 ` [cip-dev] " Pavel Machek
2023-06-15 11:52   ` Masami Ichikawa
2022-11-09 23:02 Masami Ichikawa
2022-11-10  8:33 ` [cip-dev] " Pavel Machek
2022-10-20  0:48 Masami Ichikawa
2022-10-20  7:58 ` [cip-dev] " Pavel Machek
2022-10-20 13:10   ` Masami Ichikawa
2022-06-15 23:44 Masami Ichikawa
2022-06-16 12:04 ` [cip-dev] " Pavel Machek
2022-06-08 23:44 Masami Ichikawa
2022-06-09  9:41 ` [cip-dev] " Pavel Machek
2022-06-09 12:06   ` Masami Ichikawa
2022-02-17  0:09 Masami Ichikawa
2022-02-17 11:55 ` [cip-dev] " Pavel Machek
2021-08-26  1:09 Masami Ichikawa
2021-08-26 10:01 ` Pavel Machek
     [not found] ` <169ED2F66B4753DB.9667@lists.cip-project.org>
2021-08-26 11:51   ` Pavel Machek
2021-08-26 12:43     ` Masami Ichikawa
2021-08-19  0:12 市川正美
2021-08-19  7:10 ` Pavel Machek
2021-08-19  8:37   ` Masami Ichikawa
2021-08-19  8:55   ` Nobuhiro Iwamatsu
2021-08-12  0:33 市川正美
2021-08-12  5:43 ` Pavel Machek
2021-08-12  8:40   ` 市川正美
2021-08-05  0:47 市川正美
2021-08-05  9:00 ` Pavel Machek
2021-08-06  0:46   ` 市川正美
2021-07-29  1:18 市川正美
2021-07-29  7:47 ` Pavel Machek
2021-07-29  8:11   ` 市川正美
2021-07-29  8:58     ` Pavel Machek
2021-07-29  7:50 ` Nobuhiro Iwamatsu
2021-07-29  8:12   ` 市川正美
2021-07-22  2:02 市川正美
2021-07-08  0:21 市川正美
2021-07-11  8:32 ` Pavel Machek
2021-07-11 11:13   ` masashi.kudo
2021-06-18  8:03 Pavel Machek
2021-06-20 23:51 ` 市川正美
2021-06-10 17:05 Pavel Machek
2021-06-17  2:09 ` 市川正美
2021-06-17 11:04   ` Masami Ichikawa
2021-06-18  8:01   ` Pavel Machek
2021-06-17  2:45 ` 市川正美

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAODzB9rgNngZ9GMZgJYGNr-+ruYxhYSr7q4dXCKgrO89PAAfWA@mail.gmail.com \
    --to=masami.ichikawa@miraclelinux.com \
    --cc=cip-dev@lists.cip-project.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.