From: "Chen-Yu Tsai (Moxa)" <wens@csie.org>
To: cip-dev@lists.cip-project.org
Cc: Pavel Machek <pavel@denx.de>,
Nobuhiro Iwamatsu <nobuhiro1.iwamatsu@toshiba.co.jp>,
masashi.kudo@cybertrust.co.jp
Subject: [cip-dev] Cip-kernel-sec Updates for Week of 2021-04-01
Date: Thu, 1 Apr 2021 01:27:10 +0800 [thread overview]
Message-ID: <CAGb2v65SkZpyGfFGF51NSDjWj=rH1m8eddYy7gy4y+RA5j8nWQ@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1220 bytes --]
Hi everyone,
Nine new CVEs this week:
- CVE-2021-28688 [xen: blkback leak persistent grants] - fixed (ignore for CIP)
- CVE-2021-29264 [gianfar: jumbo frame overrun] - fixed (ignore for CIP)
Needs backport to 4.9 and 4.14.
- CVE-2021-29265 [usbip: access race] - fixed (ignore for CIP)
- CVE-2021-29266 [vhost: vdpa: UAF] - fixed (ignore for CIP)
- CVE-2021-29646 [net: tipc: user data validation] - fixed
- CVE-2021-29647 [net: qrtr: kernel info leak] - fixed (ignore for CIP)
- CVE-2021-29648 [bpf: vmlinux BTF usage leads to crash] - fixed
- CVE-2021-29649 [bpf: umd: memleak] - fixed (ignore for CIP)
- CVE-2021-29650 [netfilter: x_tables: incorrect memory barrier led to
crash] - fixed
Needs backport to 4.14 and earlier.
Regarding issues from last week,
CVE-2021-3444 - Debian added the following notes:
This last pre-requisite commit though would depend on
092ed0968bb6 ("bpf: verifier support JMP32") which does not
seem to make it possible to backport the fixes in 4.19.y
easily.
CVE-2021-20292 - Ubuntu tagged the commit introducing the
issue as 8e7e70522d76 ("drm/ttm: isolate dma data from ttm_tt V4")
from v3.3-rc1. So it looks like the fix needs to be backport to
v4.4 as well.
Regards
ChenYu
[-- Attachment #2: Type: text/plain, Size: 428 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6336): https://lists.cip-project.org/g/cip-dev/message/6336
Mute This Topic: https://lists.cip-project.org/mt/81755792/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
reply other threads:[~2021-03-31 17:27 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGb2v65SkZpyGfFGF51NSDjWj=rH1m8eddYy7gy4y+RA5j8nWQ@mail.gmail.com' \
--to=wens@csie.org \
--cc=cip-dev@lists.cip-project.org \
--cc=masashi.kudo@cybertrust.co.jp \
--cc=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=pavel@denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).