CIP-dev Archive on lore.kernel.org
 help / color / Atom feed
* [cip-dev] Cip-kernel-sec Updates for Week of 2021-04-01
@ 2021-03-31 17:27 Chen-Yu Tsai (Moxa)
  0 siblings, 0 replies; only message in thread
From: Chen-Yu Tsai (Moxa) @ 2021-03-31 17:27 UTC (permalink / raw)
  To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo


[-- Attachment #1: Type: text/plain, Size: 1220 bytes --]

Hi everyone,

Nine new CVEs this week:

- CVE-2021-28688 [xen: blkback leak persistent grants] - fixed (ignore for CIP)
- CVE-2021-29264 [gianfar: jumbo frame overrun] - fixed (ignore for CIP)
  Needs backport to 4.9 and 4.14.
- CVE-2021-29265 [usbip: access race] - fixed (ignore for CIP)
- CVE-2021-29266 [vhost: vdpa: UAF] - fixed (ignore for CIP)
- CVE-2021-29646 [net: tipc: user data validation] - fixed
- CVE-2021-29647 [net: qrtr: kernel info leak] - fixed (ignore for CIP)
- CVE-2021-29648 [bpf: vmlinux BTF usage leads to crash] - fixed
- CVE-2021-29649 [bpf: umd: memleak] - fixed (ignore for CIP)
- CVE-2021-29650 [netfilter: x_tables: incorrect memory barrier led to
crash] - fixed
  Needs backport to 4.14 and earlier.


Regarding issues from last week,

CVE-2021-3444 - Debian added the following notes:

This last pre-requisite commit though would depend on
092ed0968bb6 ("bpf: verifier support JMP32") which does not
seem to make it possible to backport the fixes in 4.19.y
easily.

CVE-2021-20292 - Ubuntu tagged the commit introducing the
issue as 8e7e70522d76 ("drm/ttm: isolate dma data from ttm_tt V4")
from v3.3-rc1. So it looks like the fix needs to be backport to
v4.4 as well.


Regards
ChenYu

[-- Attachment #2: Type: text/plain, Size: 428 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6336): https://lists.cip-project.org/g/cip-dev/message/6336
Mute This Topic: https://lists.cip-project.org/mt/81755792/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-31 17:27 [cip-dev] Cip-kernel-sec Updates for Week of 2021-04-01 Chen-Yu Tsai (Moxa)

CIP-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/cip-dev/0 cip-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 cip-dev cip-dev/ https://lore.kernel.org/cip-dev \
		cip-dev@lists.cip-project.org
	public-inbox-index cip-dev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.cip-project.lists.cip-dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git