From: "Masami Ichikawa" <masami.ichikawa@miraclelinux.com>
To: cip-dev <cip-dev@lists.cip-project.org>
Subject: [cip-dev] New CVE entry this week
Date: Thu, 16 Sep 2021 09:43:58 +0900 [thread overview]
Message-ID: <CAODzB9rpFGi8xKkocVfEy-4wJFfR9AwkebC9kSrO3W=zK_PsTQ@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 3038 bytes --]
Hi !
It's this week's CVE report.
This week reported 4 new CVEs.
* New CVEs
CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
This bug is in the AMD Cryptographic Coprocessor (CCP) driver. This
bug is related to CVE-2021-3744.
In the cip-kernel-config directory, 4.4 kernel uses this driver.
$ find . -type f | xargs grep -n "ccp-ops.c"
./4.4.y-cip-rt/x86/siemens_i386-rt.sources:1716:drivers/crypto/ccp/ccp-ops.c
./4.4.y-cip-rt/all.sources:3665:drivers/crypto/ccp/ccp-ops.c
Fixed status
Patch is available but it hasn't been merged yet.
CVE-2021-3764: DoS in ccp_run_aes_gcm_cmd() function
This vulnerability is a memory leak which will cause Dos attack.
This bug is in the AMD Cryptographic Coprocessor (CCP) driver. This
bug is related to CVE-2021-3764.
Fixed status
Patch is available but it hasn't been merged yet.
CVE-2021-3752: UAF in bluetooth
There is a use after free bug in bluetooth module.
Fixed status
This CVE hasn't been fixed in the mainline yet.
CVE-2021-38300: bpf, mips: Validate conditional branch offsets
This bug only affects bpf in mips architecture. Patch is available,
but hasn't been merged yet.
Fixed status:
Not yet.
* Updated CVEs
CVE-2021-40490: A race condition was discovered in
ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
in the Linux kernel through 5.13.13
kernel 5.4 has been fixed.
Fixed status
mainline: [a54c4613dac1500b40e4ab55199f7c51f028e848]
stable/5.10: [09a379549620f122de3aa4e65df9329976e4cdf5]
stable/5.13: [c764e8fa4491da66780fcb30a0d43bfd3fccd12c]
stable/5.14: [f8ea208b3fbbc0546d71b47e8abaf98b0961dec1]
stable/5.4: [9b3849ba667af99ee99a7853a021a7786851b9fd]
CVE-2021-3635: flowtable list del corruption with kernel BUG at
lib/list_debug.c:50
This vulnerability has been affected from 4.16-rc1 to 5.5-rc7.
Therefore 4.4 kernel, and above 5.5 kernels aren't affected.
Fixed status
cip/4.19: [8260ce5aeee4d7c4a6305e469edeae1066de2800]
cip/4.19-rt: [8260ce5aeee4d7c4a6305e469edeae1066de2800]
mainline: [335178d5429c4cee61b58f4ac80688f556630818]
stable/4.19: [8260ce5aeee4d7c4a6305e469edeae1066de2800]
stable/5.4: [8f4dc50b5c12e159ac846fdc00702c547fdf2e95]
Currently tracking CVEs
CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2
There is no fix information.
CVE-2021-3640: UAF in sco_send_frame function
There is no fix information.
CVE-2020-26555: BR/EDR pin code pairing broken
No fix information
CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning
No fix information.
CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM
No fix information.
CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning
No fix information.
CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning
No fix information.
Regards,
--
Masami Ichikawa
Cybertrust Japan Co., Ltd.
Email :masami.ichikawa@cybertrust.co.jp
:masami.ichikawa@miraclelinux.com
[-- Attachment #2: Type: text/plain, Size: 429 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6739): https://lists.cip-project.org/g/cip-dev/message/6739
Mute This Topic: https://lists.cip-project.org/mt/85642333/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/10495289/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
next reply other threads:[~2021-09-16 0:44 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-16 0:43 Masami Ichikawa [this message]
2021-09-16 4:55 ` [cip-dev] New CVE entry this week Nobuhiro Iwamatsu
-- strict thread matches above, loose matches on Subject: below --
2021-10-21 1:21 Masami Ichikawa
2021-10-21 8:41 ` [cip-dev] " nobuhiro1.iwamatsu
2021-10-21 12:05 ` Masami Ichikawa
2021-10-13 23:54 Masami Ichikawa
2021-10-13 23:54 ` [cip-dev] " Masami Ichikawa
2021-10-14 6:55 ` Pavel Machek
2021-10-14 6:55 ` Pavel Machek
2021-10-07 0:59 Masami Ichikawa
2021-10-07 0:59 ` [cip-dev] " Masami Ichikawa
2021-10-07 7:30 ` Pavel Machek
2021-10-07 7:30 ` Pavel Machek
2021-10-07 11:38 ` Masami Ichikawa
2021-10-07 11:38 ` Masami Ichikawa
2021-09-30 0:12 Masami Ichikawa
2021-09-30 0:12 ` [cip-dev] " Masami Ichikawa
2021-09-30 6:33 ` nobuhiro1.iwamatsu
2021-09-30 6:33 ` Nobuhiro Iwamatsu
2021-09-30 12:11 ` Masami Ichikawa
2021-09-30 12:11 ` Masami Ichikawa
2021-09-23 1:52 Masami Ichikawa
2021-09-09 2:39 Masami Ichikawa
2021-09-09 6:41 ` Pavel Machek
2021-09-09 12:23 ` Masami Ichikawa
[not found] ` <CAMLqsBZCbrdOaxhuc81kvZsinS+_bFPp2tpmuVnczC1EXCA3Zg@mail.gmail.com>
2021-09-10 0:40 ` Masami Ichikawa
2021-09-02 1:05 Masami Ichikawa
2021-09-02 6:27 ` Pavel Machek
2021-09-02 7:10 ` Nobuhiro Iwamatsu
2021-09-02 12:17 ` Masami Ichikawa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAODzB9rpFGi8xKkocVfEy-4wJFfR9AwkebC9kSrO3W=zK_PsTQ@mail.gmail.com' \
--to=masami.ichikawa@miraclelinux.com \
--cc=cip-dev@lists.cip-project.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).