All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Pavel Machek" <pavel@denx.de>
To: cip-dev@lists.cip-project.org
Subject: Re: [cip-dev] New CVE entry this week
Date: Thu, 2 Sep 2021 08:27:59 +0200	[thread overview]
Message-ID: <20210902062759.GA25051@amd> (raw)
In-Reply-To: <CAODzB9orf2AFV9fRwu-VBJxOiJTKvcyhHmihpy3EXH3yB5PEXA@mail.gmail.com>


[-- Attachment #1.1: Type: text/plain, Size: 2922 bytes --]

Hi!

> * CVE short summary

These summaries are not so short; I simply skip them and go to full
list. Perhaps they don't need to be included, or could include only
CVEs where we need to take an action?

> * CVE detail
> 
> New CVEs
> 
> CVE-2021-3739: btrfs: fix NULL pointer dereference when deleting
> device by invalid id
> 
> Fixed in btrfs tree but not fixed in mainline yet.
> This vulnerability has been introduced since 4.20-rc1 so before 4.20
> kernel aren't affected this vulnerability.
> 
> Fixed status
> 
> mainline: [e4571b8c5e9ffa1e85c0c671995bd4dcc5c75091]

This one is queued for 5.10.62, so this is getting fixed for us.

> CVE-2021-3743: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
> 
> The Qualcomm's IPC router protocol(qrtr) has been introduced since
> 4.15-rc1 so before 4.15 kernels aren't affected.
> Checked on cip-kernel-config, it looks like no CIP member enables QRTR.
> 
> Fixed status
> 
> mainline: [7e78c597c3ebfd0cb329aa09a838734147e4f117]

Fixes are queued for 4.19 and 5.10.62, so this is getting fixed for us.

> CVE-2021-3753: A out-of-bounds caused by the race of KDSETMODE in vt
> 
> Commit ffb324e6f874121f7dce5bdae5e05d02baae7269 introduced race
> condition and oob bug. The commit ffb324e6f874 have been backported to
> 4.4 and 4.19.

Agreed, fixed in 4.19.192 and 4.4.270. Nothing for us to do there.

> Updated CVEs
> 
> CVE-2020-3702: Specifically timed and handcrafted traffic can cause
> internal errors in a WLAN device that lead to improper layer 2 Wi-Fi
> encryption with a consequent possibility of information disclosure
> over the air for a discrete set of traffic
> 
> Vulnerability in ath9k driver. 4.4.y-cip/arm/siemens_imx6_defconfig
> and 4.4.y-cip/arm/moxa_mxc_defconfig use ath9k.

Fixed in 4.14 but not 4.4.

> stable/4.14: [2cbb22fd4b4fb4d0822d185bf5bd6d027107bfda,
> 20e7de09cbdb76a38f28fb71709fae347123ddb7,
>   995586a56748c532850870523d3a9080492b3433,
> f4d4f4473129e9ee55b8562250adc53217bad529,
>   61b014a8f8de02bedc56f76620170437f5638588]

Diffstat looks like this:

 key.c |   11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)
 main.c |    5 +++++
 1 file changed, 5 insertions(+)
 ath.h |    1 +
 key.c |    4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)
 ath.h                |    2 +-
 ath5k/mac80211-ops.c |    2 +-
 ath9k/htc_drv_main.c |    2 +-
 ath9k/main.c         |    5 ++---
 key.c                |   34 +++++++++++++++++-----------------
 5 files changed, 22 insertions(+), 23 deletions(-)
 hw.h   |    1 
 main.c |   87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 87 insertions(+), 1 deletion(-)

Best regards,
								Pavel

-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

[-- Attachment #1.2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]

[-- Attachment #2: Type: text/plain, Size: 429 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6715): https://lists.cip-project.org/g/cip-dev/message/6715
Mute This Topic: https://lists.cip-project.org/mt/85318439/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/10495289/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


  reply	other threads:[~2021-09-02  6:28 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-02  1:05 [cip-dev] New CVE entry this week Masami Ichikawa
2021-09-02  6:27 ` Pavel Machek [this message]
2021-09-02  7:10   ` Nobuhiro Iwamatsu
2021-09-02 12:17   ` Masami Ichikawa
2021-09-09  2:39 Masami Ichikawa
2021-09-09  6:41 ` Pavel Machek
2021-09-09 12:23   ` Masami Ichikawa
     [not found] ` <CAMLqsBZCbrdOaxhuc81kvZsinS+_bFPp2tpmuVnczC1EXCA3Zg@mail.gmail.com>
2021-09-10  0:40   ` Masami Ichikawa
2021-09-16  0:43 Masami Ichikawa
2021-09-16  4:55 ` Nobuhiro Iwamatsu
2021-09-23  1:52 Masami Ichikawa
2021-09-30  0:12 Masami Ichikawa
2021-09-30  0:12 ` Masami Ichikawa
2021-09-30  6:33   ` nobuhiro1.iwamatsu
2021-09-30  6:33     ` Nobuhiro Iwamatsu
2021-09-30 12:11     ` Masami Ichikawa
2021-09-30 12:11       ` Masami Ichikawa
2021-10-07  0:59 Masami Ichikawa
2021-10-07  0:59 ` Masami Ichikawa
2021-10-07  7:30   ` Pavel Machek
2021-10-07  7:30     ` Pavel Machek
2021-10-07 11:38     ` Masami Ichikawa
2021-10-07 11:38       ` Masami Ichikawa
2021-10-13 23:54 Masami Ichikawa
2021-10-13 23:54 ` Masami Ichikawa
2021-10-14  6:55   ` Pavel Machek
2021-10-14  6:55     ` Pavel Machek
2021-10-21  1:21 Masami Ichikawa
2021-10-21  8:41 ` [cip-dev] " nobuhiro1.iwamatsu
2021-10-21 12:05   ` Masami Ichikawa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210902062759.GA25051@amd \
    --to=pavel@denx.de \
    --cc=cip-dev@lists.cip-project.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.