* [cip-dev] Cip-kernel-sec Updates for Week of 2021-04-15
@ 2021-04-14 11:43 Chen-Yu Tsai (Moxa)
0 siblings, 0 replies; only message in thread
From: Chen-Yu Tsai (Moxa) @ 2021-04-14 11:43 UTC (permalink / raw)
To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo
[-- Attachment #1: Type: text/plain, Size: 689 bytes --]
Hi everyone,
Two new issues this week:
- CVE-2020-36322 [fuse: bad inode] - fixed
Needs backport to kernels earlier than 5.4.
- CVE-2021-29154 [x86: bpf: jit: incorrect computation of branch
displacement] - fixed
Fixed in latest stable 4.4.y, though not yet in CIP 4.4.y.
In other news, the following old CVEs have been fixed:
- CVE-2020-25670 [net/nfc/llcp res. leak]
- CVE-2020-25671 [net/nfc/llcp res. leak]
- CVE-2020-25672 [net/nfc/llcp res. leak]
In addition, a possible fix for this one was merged:
- CVE-2020-25673 [net/nfc/llcp res. leak]
Fixes for these still need to be backported to kernels earlier than 4.19.
All four are ignored for CIP kernels.
Regards
ChenYu
[-- Attachment #2: Type: text/plain, Size: 428 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6376): https://lists.cip-project.org/g/cip-dev/message/6376
Mute This Topic: https://lists.cip-project.org/mt/82088841/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-04-14 11:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-14 11:43 [cip-dev] Cip-kernel-sec Updates for Week of 2021-04-15 Chen-Yu Tsai (Moxa)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).