From: "Chen-Yu Tsai (Moxa)" <wens@csie.org>
To: cip-dev@lists.cip-project.org
Cc: Pavel Machek <pavel@denx.de>,
Nobuhiro Iwamatsu <nobuhiro1.iwamatsu@toshiba.co.jp>,
masashi.kudo@cybertrust.co.jp
Subject: Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
Date: Thu, 11 Feb 2021 17:48:50 +0800 [thread overview]
Message-ID: <CAGb2v67Pwbpn6gTTfLzUrNQE2Ubph_LMGC_VZUNRb_BWrneAAg@mail.gmail.com> (raw)
In-Reply-To: <CAGb2v64SEFQBXfGhC_WDP-2SyJbtAdzmsdZjbiygUhP9pE4a0g@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1031 bytes --]
On Thu, Feb 11, 2021 at 4:50 PM Chen-Yu Tsai <wens@csie.org> wrote:
>
> Hi everyone,
>
> Six new issues this week:
> - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
> CVEs from Intel Advisory affecting Intel Graphics Driver. Details unknown
>
> - CVE-2021-20194 [bpf heap overflow] - fixed for relevant kernels
> - CVE-2021-20226 [io_uring UAF] - likely a duplicate of
> CVE-2020-29534, already fixed
> - CVE-2021-26708 [AF_VSOCK: local priv. escalation] - fixed for relevant kernels
>
> Additionally, CVE-2021-3347 is fixed for 4.4 and 4.9.
> I still need to match patches for 4.4 against 4.9, but it looks like
> the fixes are there.
Based on fixes for 4.9 reported by Debian, CVE-2021-3347 is now fixed for 4.4 by
6510e4a2d04f33e4bfd221760faab23e55d8772b..46358277b2da868763517f79aa0ac25ce78c4f68
inclusive.
Lee Jones just posted a few follow-up fixes for futexes for 4.9 [1]. I
wonder if they
would also be posted for 4.4.
Regards
ChenYu
[1] https://lore.kernel.org/stable/20210211092700.11772-1-lee.jones@linaro.org/
[-- Attachment #2: Type: text/plain, Size: 420 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6170): https://lists.cip-project.org/g/cip-dev/message/6170
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2021-02-11 9:49 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-11 8:50 [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11 Chen-Yu Tsai (Moxa)
2021-02-11 9:48 ` Chen-Yu Tsai (Moxa) [this message]
2021-02-11 11:39 ` Pavel Machek
2021-02-24 15:04 ` Chen-Yu Tsai (Moxa)
2021-02-24 15:07 ` Chen-Yu Tsai (Moxa)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGb2v67Pwbpn6gTTfLzUrNQE2Ubph_LMGC_VZUNRb_BWrneAAg@mail.gmail.com \
--to=wens@csie.org \
--cc=cip-dev@lists.cip-project.org \
--cc=masashi.kudo@cybertrust.co.jp \
--cc=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=pavel@denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).