[cip-dev] Cip-kernel-sec Updates for Week of 2021-02-04

[cip-dev] Cip-kernel-sec Updates for Week of 2021-02-04

[Chen-Yu Tsai (Moxa)]

[-- Attachment #1: Type: text/plain, Size: 993 bytes --]

Hi everyone,

Two new issue this week:
- CVE-2021-3347 [UAF in futex]: fixed for 4.14 and later [1]
- CVE-2021-3348 [nbd: UAF when adding connections while operations are
running]: fixed in all kernels

For CVE-2021-3347, based on [1], more patches are needed for 4.4 and 4.9.
The second batch:

12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9..34b1a1ce1458f50ef27c54e28eb9b1947012907a
inclusive

has not been included yet. Lee Jones seems to be handling it [2].

For CVE-2020-27825 from two weeks ago, the fix has been backported to
all stable kernels.

For CVE-2020-16120, Ubuntu mentions a regression due to the backported fix [3].
We probably don't care either way since this requires unprivileged
user namespace
is enabled.


Regards
ChenYu

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/pending/futex_issues.txt
[2] https://lore.kernel.org/stable/20210203134539.2583943-1-lee.jones@linaro.org/
[2] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1900141

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6162): https://lists.cip-project.org/g/cip-dev/message/6162
Mute This Topic: https://lists.cip-project.org/mt/80374042/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-04

[Chen-Yu Tsai (Moxa)]

[-- Attachment #1: Type: text/plain, Size: 1256 bytes --]

On Thu, Feb 4, 2021 at 1:26 PM Chen-Yu Tsai <wens@csie.org> wrote:
>
> Hi everyone,
>
> Two new issue this week:
> - CVE-2021-3347 [UAF in futex]: fixed for 4.14 and later [1]
> - CVE-2021-3348 [nbd: UAF when adding connections while operations are
> running]: fixed in all kernels
>
> For CVE-2021-3347, based on [1], more patches are needed for 4.4 and 4.9.
> The second batch:
>
> 12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9..34b1a1ce1458f50ef27c54e28eb9b1947012907a
> inclusive
>
> has not been included yet. Lee Jones seems to be handling it [2].

FTR, a second backport series for 4.4 was also posted:

https://lore.kernel.org/stable/20210204172903.2860981-1-lee.jones@linaro.org/


ChenYu

> For CVE-2020-27825 from two weeks ago, the fix has been backported to
> all stable kernels.
>
> For CVE-2020-16120, Ubuntu mentions a regression due to the backported fix [3].
> We probably don't care either way since this requires unprivileged
> user namespace
> is enabled.
>
>
> Regards
> ChenYu
>
> [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/pending/futex_issues.txt
> [2] https://lore.kernel.org/stable/20210203134539.2583943-1-lee.jones@linaro.org/
> [2] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1900141

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6164): https://lists.cip-project.org/g/cip-dev/message/6164
Mute This Topic: https://lists.cip-project.org/mt/80374042/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [cip-dev] Cip-kernel-sec Updates for Week of 2021-02-04

[masashi.kudo]

[-- Attachment #1: Type: text/plain, Size: 1874 bytes --]

Hi, Chen-Yu san,

Thanks for reporting this!

Best regards,
--
M. Kudo

> -----Original Message-----
> From: Chen-Yu Tsai <wens@csie.org>
> Sent: Friday, February 5, 2021 11:33 AM
> To: cip-dev@lists.cip-project.org
> Cc: Pavel Machek <pavel@denx.de>; Nobuhiro Iwamatsu
> <nobuhiro1.iwamatsu@toshiba.co.jp>; 工藤　雅司（CTJ　OSS事業推進室）
> <masashi.kudo@cybertrust.co.jp>
> Subject: Re: Cip-kernel-sec Updates for Week of 2021-02-04
> 
> On Thu, Feb 4, 2021 at 1:26 PM Chen-Yu Tsai <wens@csie.org> wrote:
> >
> > Hi everyone,
> >
> > Two new issue this week:
> > - CVE-2021-3347 [UAF in futex]: fixed for 4.14 and later [1]
> > - CVE-2021-3348 [nbd: UAF when adding connections while operations are
> > running]: fixed in all kernels
> >
> > For CVE-2021-3347, based on [1], more patches are needed for 4.4 and 4.9.
> > The second batch:
> >
> >
> 12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9..34b1a1ce1458f50ef27c54e28eb
> 9
> > b1947012907a
> > inclusive
> >
> > has not been included yet. Lee Jones seems to be handling it [2].
> 
> FTR, a second backport series for 4.4 was also posted:
> 
> https://lore.kernel.org/stable/20210204172903.2860981-1-lee.jones@linaro.org
> /
> 
> 
> ChenYu
> 
> > For CVE-2020-27825 from two weeks ago, the fix has been backported to
> > all stable kernels.
> >
> > For CVE-2020-16120, Ubuntu mentions a regression due to the backported fix
> [3].
> > We probably don't care either way since this requires unprivileged
> > user namespace is enabled.
> >
> >
> > Regards
> > ChenYu
> >
> > [1]
> > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.gi
> > t/tree/pending/futex_issues.txt [2]
> > https://lore.kernel.org/stable/20210203134539.2583943-1-lee.jones@lina
> > ro.org/ [2]
> > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1900141

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6165): https://lists.cip-project.org/g/cip-dev/message/6165
Mute This Topic: https://lists.cip-project.org/mt/80374042/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-