* [cip-dev] Cip-kernel-sec Updates for Week of 2021-03-11
@ 2021-03-11 9:23 Chen-Yu Tsai (Moxa)
0 siblings, 0 replies; only message in thread
From: Chen-Yu Tsai (Moxa) @ 2021-03-11 9:23 UTC (permalink / raw)
To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo
[-- Attachment #1: Type: text/plain, Size: 671 bytes --]
Hi everyone,
Seven new CVEs this week:
- CVE-2021-20265 [af_unix: memory leak] - fixed
- CVE-2021-20268 [ebpf: signed type overflow] - fixed
- CVE-2021-27363 [iscsi: iscsi_host_get_param() allows sysfs params
larger than 4k] - fixed
- CVE-2021-27364 [iscsi: iscsi_if_recv_msg allows non-root user] - fixed
- CVE-2021-27365 [iscsi: heap buffer overflow] - fixed
- CVE-2021-28038 [xen: netback: fails to honor errors] - fixed
- CVE-2021-28039 [xen: incorrect foreign pages mapping under special
config] - fixed
All fixes have been backported to all relevant stable kernels.
Also, 4.9.y specific follow-up patch for CVE-2020-29368 was merged in 4.9.259.
Regards
ChenYu
[-- Attachment #2: Type: text/plain, Size: 428 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6274): https://lists.cip-project.org/g/cip-dev/message/6274
Mute This Topic: https://lists.cip-project.org/mt/81249415/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-03-11 9:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-11 9:23 [cip-dev] Cip-kernel-sec Updates for Week of 2021-03-11 Chen-Yu Tsai (Moxa)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).