Hi everyone,

Five new issues this week:
- CVE-2020-24502 [e810: local DoS] - out-of-tree?
- CVE-2020-24503 [e810: local information leak] - out-of-tree?
- CVE-2020-24504 [e810: local DoS] - out-of-tree?
- CVE-2020-35501 [auditd: open_by_handle_at not covered by file watch] - no fix
- CVE-2021-3411 [broken KRETPROBES on x86] - fixed

Regarding e810, the Intel advisory [1] seems to be referring to the
out-of-tree driver, of which version 1.0.4 was released on 7/14/2020.

Also, a bug was found in the Debian import script. The script was not
picking up fixes which spanned multiple stable kernel releases. This
has now been fixed and a re-import was attempted, though it may be
insufficient to fix all the data already in the repository.

Last, CVE-2020-12362, CVE-2020-12363, and CVE-2020-12364 are now known
to be fixed by a firmware update. However to use the new firmware, a
kernel patch [2] is required.


Regards
ChenYu

[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
[2] https://git.kernel.org/linus/c784e5249e773689e38d2bc1749f08b986621a26