From: "masashi.kudo@cybertrust.co.jp" <masashi.kudo@cybertrust.co.jp>
To: <jan.kiszka@siemens.com>, <minmin@plathome.co.jp>,
<cip-dev@lists.cip-project.org>
Cc: <pavel@denx.de>, <nobuhiro1.iwamatsu@toshiba.co.jp>, <wens@csie.org>
Subject: [cip-dev] [Feedback Requested] RE: Cip-kernel-sec Updates for Week of 2021-03-18
Date: Thu, 18 Mar 2021 18:33:02 +0900 [thread overview]
Message-ID: <TY2PR01MB4972E1E07AE85D162237E83CA0699@TY2PR01MB4972.jpnprd01.prod.outlook.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 2587 bytes --]
Hi, Jan-san, Minda-san,
Please find the CVE report as follows.
In the analysis of those CVEs, we found some doubts about the configs.
- CVE-2020-35519 is relating to X.25.
X.25 is enabled as follows, but we wonder whether X.25 is really used or not.
> 4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m
> 4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m
> 5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m
Please confirm, and let us know whether X.25 should be disabled.
- CVE-2021-20261 is relating to floppy.
It is enabled as follows.
> 4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m
Please confirm that this can be also disabled.
Best regards,
--
M. Kudo
> -----Original Message-----
> From: Chen-Yu Tsai <wens@csie.org>
> Sent: Thursday, March 18, 2021 5:48 PM
> To: cip-dev@lists.cip-project.org
> Cc: Pavel Machek <pavel@denx.de>; Nobuhiro Iwamatsu
> <nobuhiro1.iwamatsu@toshiba.co.jp>; 工藤 雅司(CTJ OSS事業推進室)
> <masashi.kudo@cybertrust.co.jp>
> Subject: Cip-kernel-sec Updates for Week of 2021-03-18
>
> Hi everyone,
>
> Six new issues this week from the Ubuntu tracker:
>
> - CVE-2020-35519 [net/x25: buffer overflow] - fixed
> Looks like a few configs still have X.25 enabled:
> 4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m
> 4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m
> 5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m
> Maybe they should be revisited? cip-kernel-config also gives warnings
> for CONFIG_X25.
>
> - CVE-2021-20219 [improper synchronization in flush_to_ldisc()] - likely RedHat
> only
> Report mentions incorrect backport in RedHat kernels.
>
> - CVE-2021-20261 [floppy: race condition data corruption] - fixed
> No member enables this except:
> 4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m
> which should probably be turned off.
>
> - CVE-2021-28375 [fastrpc: allows sending kernel RPCs] - fixed
> No member enables this.
>
> - CVE-2021-28660 [rtl8188eu: array access out-of-bounds] - fixed
> No member enables this.
>
> - CVE-2021-3428 [integer overflow in ext4_es_cache_extent] - unclear [1]
> Requires a specially-crafted ext4 FS image, so we likely don't care.
>
> Unfortunately Debian's Salsa service, where the Debian kernel security issue
> tracker is hosted, is currently down, so we only have one source of data this week.
>
>
> Regards
> ChenYu
>
>
> [1] https://lore.kernel.org/stable/20210317151834.GE2541@quack2.suse.cz/
[-- Attachment #2: Type: text/plain, Size: 428 bytes --]
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#6294): https://lists.cip-project.org/g/cip-dev/message/6294
Mute This Topic: https://lists.cip-project.org/mt/81425316/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/4520388/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-
next reply other threads:[~2021-03-18 9:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-18 9:33 masashi.kudo [this message]
2021-03-19 6:55 ` [cip-dev] [Feedback Requested] RE: Cip-kernel-sec Updates for Week of 2021-03-18 minmin
2021-03-19 7:05 ` masashi.kudo
2021-04-08 2:00 ` Nobuhiro Iwamatsu
2021-03-19 8:05 ` Jan Kiszka
2021-03-19 8:47 ` masashi.kudo
2021-04-08 1:55 ` Nobuhiro Iwamatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=TY2PR01MB4972E1E07AE85D162237E83CA0699@TY2PR01MB4972.jpnprd01.prod.outlook.com \
--to=masashi.kudo@cybertrust.co.jp \
--cc=cip-dev@lists.cip-project.org \
--cc=jan.kiszka@siemens.com \
--cc=minmin@plathome.co.jp \
--cc=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=pavel@denx.de \
--cc=wens@csie.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).