CIP-dev Archive on lore.kernel.org
 help / color / Atom feed
* [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
@ 2021-02-11  8:50 Chen-Yu Tsai (Moxa)
  2021-02-11  9:48 ` Chen-Yu Tsai (Moxa)
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Chen-Yu Tsai (Moxa) @ 2021-02-11  8:50 UTC (permalink / raw)
  To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo


[-- Attachment #1: Type: text/plain, Size: 562 bytes --]

Hi everyone,

Six new issues this week:
- CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
  CVEs from Intel Advisory affecting Intel Graphics Driver. Details unknown

- CVE-2021-20194 [bpf heap overflow] - fixed for relevant kernels
- CVE-2021-20226 [io_uring UAF] - likely a duplicate of
CVE-2020-29534, already fixed
- CVE-2021-26708 [AF_VSOCK: local priv. escalation] - fixed for relevant kernels

Additionally, CVE-2021-3347 is fixed for 4.4 and 4.9.
I still need to match patches for 4.4 against 4.9, but it looks like
the fixes are there.


Regards
ChenYu

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6167): https://lists.cip-project.org/g/cip-dev/message/6167
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
  2021-02-11  8:50 [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11 Chen-Yu Tsai (Moxa)
@ 2021-02-11  9:48 ` Chen-Yu Tsai (Moxa)
  2021-02-11 11:39 ` Pavel Machek
  2021-02-24 15:07 ` Chen-Yu Tsai (Moxa)
  2 siblings, 0 replies; 5+ messages in thread
From: Chen-Yu Tsai (Moxa) @ 2021-02-11  9:48 UTC (permalink / raw)
  To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo


[-- Attachment #1: Type: text/plain, Size: 1031 bytes --]

On Thu, Feb 11, 2021 at 4:50 PM Chen-Yu Tsai <wens@csie.org> wrote:
>
> Hi everyone,
>
> Six new issues this week:
> - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
>   CVEs from Intel Advisory affecting Intel Graphics Driver. Details unknown
>
> - CVE-2021-20194 [bpf heap overflow] - fixed for relevant kernels
> - CVE-2021-20226 [io_uring UAF] - likely a duplicate of
> CVE-2020-29534, already fixed
> - CVE-2021-26708 [AF_VSOCK: local priv. escalation] - fixed for relevant kernels
>
> Additionally, CVE-2021-3347 is fixed for 4.4 and 4.9.
> I still need to match patches for 4.4 against 4.9, but it looks like
> the fixes are there.

Based on fixes for 4.9 reported by Debian, CVE-2021-3347 is now fixed for 4.4 by
6510e4a2d04f33e4bfd221760faab23e55d8772b..46358277b2da868763517f79aa0ac25ce78c4f68
inclusive.

Lee Jones just posted a few follow-up fixes for futexes for 4.9 [1]. I
wonder if they
would also be posted for 4.4.


Regards
ChenYu

[1] https://lore.kernel.org/stable/20210211092700.11772-1-lee.jones@linaro.org/

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6170): https://lists.cip-project.org/g/cip-dev/message/6170
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
  2021-02-11  8:50 [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11 Chen-Yu Tsai (Moxa)
  2021-02-11  9:48 ` Chen-Yu Tsai (Moxa)
@ 2021-02-11 11:39 ` Pavel Machek
  2021-02-24 15:04   ` Chen-Yu Tsai (Moxa)
  2021-02-24 15:07 ` Chen-Yu Tsai (Moxa)
  2 siblings, 1 reply; 5+ messages in thread
From: Pavel Machek @ 2021-02-11 11:39 UTC (permalink / raw)
  To: Chen-Yu Tsai; +Cc: cip-dev, Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo

[-- Attachment #1.1: Type: text/plain, Size: 1661 bytes --]

Hi!

> Six new issues this week:
> - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
>   CVEs from Intel Advisory affecting Intel Graphics Driver. Details
> unknown

It seems there's more for the intel graphics, but it is not mentioned
in our repository. OTOH trailer there that these are rather old
issues, fixed in 5.5...

Best regards,
								Pavel

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

CVEID: CVE-2020-0544

Description: Insufficient control flow management in the kernel mode
driver for some Intel(R) Graphics Drivers before version 15.36.39.5145
may allow an authenticated user to potentially enable escalation of
privilege via local access.

CVSS Base Score: 8.8 High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H



CVEID: CVE-2020-0521

Description: Insufficient control flow management in some Intel(R)
Graphics Drivers before version 15.45.32.5145 may allow an
authenticated user to potentially enable escalation of privilege via
local access.

CVSS Base Score: 7.7 High

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L

...

Affected Products:
Intel® Graphics Drivers for 3rd, 4th, 5th, 6th, 7th, 8th, 9th and 10th
Generation Intel® Processors for Windows* 7, 8.1 and 10 before
versions 15.33.51.5146, 15.36.39.5145, 15.40.46.5144, 15.45.32.5164,
26.20.100.8141, 27.20.100.8587 and Intel® Graphics Drivers for Linux
before Linux kernel version 5.5.

Best regards,
								Pavel
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

[-- Attachment #1.2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6171): https://lists.cip-project.org/g/cip-dev/message/6171
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
  2021-02-11 11:39 ` Pavel Machek
@ 2021-02-24 15:04   ` Chen-Yu Tsai (Moxa)
  0 siblings, 0 replies; 5+ messages in thread
From: Chen-Yu Tsai (Moxa) @ 2021-02-24 15:04 UTC (permalink / raw)
  To: Pavel Machek; +Cc: cip-dev, Nobuhiro Iwamatsu, masashi.kudo


[-- Attachment #1: Type: text/plain, Size: 2324 bytes --]

Hi,

On Thu, Feb 11, 2021 at 7:39 PM Pavel Machek <pavel@denx.de> wrote:
>
> Hi!
>
> > Six new issues this week:
> > - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
> >   CVEs from Intel Advisory affecting Intel Graphics Driver. Details
> > unknown
>
> It seems there's more for the intel graphics, but it is not mentioned
> in our repository. OTOH trailer there that these are rather old
> issues, fixed in 5.5...

Looks like CVE-2020-0544 and CVE-2020-0521 are for Windows. Debian lists
them as such [1][2]. Seems the Intel advisory directly refers to Linux
drivers by kernel version. Any other version string likely refers to
the Windows drivers.


ChenYu

[1] https://security-tracker.debian.org/tracker/CVE-2020-0521
[2] https://security-tracker.debian.org/tracker/CVE-2020-0544

> Best regards,
>                                                                 Pavel
>
> https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
>
> CVEID: CVE-2020-0544
>
> Description: Insufficient control flow management in the kernel mode
> driver for some Intel(R) Graphics Drivers before version 15.36.39.5145
> may allow an authenticated user to potentially enable escalation of
> privilege via local access.
>
> CVSS Base Score: 8.8 High
>
> CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
>
>
>
> CVEID: CVE-2020-0521
>
> Description: Insufficient control flow management in some Intel(R)
> Graphics Drivers before version 15.45.32.5145 may allow an
> authenticated user to potentially enable escalation of privilege via
> local access.
>
> CVSS Base Score: 7.7 High
>
> CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
>
> ...
>
> Affected Products:
> Intel® Graphics Drivers for 3rd, 4th, 5th, 6th, 7th, 8th, 9th and 10th
> Generation Intel® Processors for Windows* 7, 8.1 and 10 before
> versions 15.33.51.5146, 15.36.39.5145, 15.40.46.5144, 15.45.32.5164,
> 26.20.100.8141, 27.20.100.8587 and Intel® Graphics Drivers for Linux
> before Linux kernel version 5.5.
>
> Best regards,
>                                                                 Pavel
> --
> DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

[-- Attachment #2: Type: text/plain, Size: 428 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6192): https://lists.cip-project.org/g/cip-dev/message/6192
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11
  2021-02-11  8:50 [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11 Chen-Yu Tsai (Moxa)
  2021-02-11  9:48 ` Chen-Yu Tsai (Moxa)
  2021-02-11 11:39 ` Pavel Machek
@ 2021-02-24 15:07 ` Chen-Yu Tsai (Moxa)
  2 siblings, 0 replies; 5+ messages in thread
From: Chen-Yu Tsai (Moxa) @ 2021-02-24 15:07 UTC (permalink / raw)
  To: cip-dev; +Cc: Pavel Machek, Nobuhiro Iwamatsu, masashi.kudo


[-- Attachment #1: Type: text/plain, Size: 962 bytes --]

Hi,

On Thu, Feb 11, 2021 at 4:50 PM Chen-Yu Tsai <wens@csie.org> wrote:
>
> Hi everyone,
>
> Six new issues this week:
> - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364:
>   CVEs from Intel Advisory affecting Intel Graphics Driver. Details unknown

So the fix for these three are a firmware update. However to use the newer
firmware, a kernel patch [1] is required.

Not sure how we should mark this in our repository... ignore or fixed by
said patch?


Thanks
ChenYu

[1] https://git.kernel.org/linus/c784e5249e773689e38d2bc1749f08b986621a26

> - CVE-2021-20194 [bpf heap overflow] - fixed for relevant kernels
> - CVE-2021-20226 [io_uring UAF] - likely a duplicate of
> CVE-2020-29534, already fixed
> - CVE-2021-26708 [AF_VSOCK: local priv. escalation] - fixed for relevant kernels
>
> Additionally, CVE-2021-3347 is fixed for 4.4 and 4.9.
> I still need to match patches for 4.4 against 4.9, but it looks like
> the fixes are there.
>
>
> Regards
> ChenYu

[-- Attachment #2: Type: text/plain, Size: 428 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6193): https://lists.cip-project.org/g/cip-dev/message/6193
Mute This Topic: https://lists.cip-project.org/mt/80553474/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-11  8:50 [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-11 Chen-Yu Tsai (Moxa)
2021-02-11  9:48 ` Chen-Yu Tsai (Moxa)
2021-02-11 11:39 ` Pavel Machek
2021-02-24 15:04   ` Chen-Yu Tsai (Moxa)
2021-02-24 15:07 ` Chen-Yu Tsai (Moxa)

CIP-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/cip-dev/0 cip-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 cip-dev cip-dev/ https://lore.kernel.org/cip-dev \
		cip-dev@lists.cip-project.org
	public-inbox-index cip-dev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.cip-project.lists.cip-dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git