From: <nobuhiro1.iwamatsu@toshiba.co.jp>
To: <cip-dev@lists.cip-project.org>
Subject: RE: [cip-dev] New CVE entry this week
Date: Thu, 21 Oct 2021 08:41:56 +0000 [thread overview]
Message-ID: <TYAPR01MB6252AC6CD63FCF8BEC76A78C92BF9@TYAPR01MB6252.jpnprd01.prod.outlook.com> (raw)
In-Reply-To: <CAODzB9pMmbJugyNLdvOOifW1Tm+1NhnsUi+zQBdRaj3Z=aC+fw@mail.gmail.com>
Hi,
> -----Original Message-----
> From: cip-dev@lists.cip-project.org [mailto:cip-dev@lists.cip-project.org] On Behalf Of Masami Ichikawa
> Sent: Thursday, October 21, 2021 10:21 AM
> To: cip-dev <cip-dev@lists.cip-project.org>
> Subject: [cip-dev] New CVE entry this week
>
> Hi !
>
> It's this week's CVE report.
>
> This week reported 7 new CVEs.
>
> * New CVEs
>
> CVE-2021-20320: kernel: s390 eBPF JIT miscompilation issues fixes.
>
> This bug is in BPF subsystem and s390 architecture specific. Patches
> haven't been backported to 4.4 kernel. However, according to the
> cip-kernel-config, it looks like no one uses s390, so can it ignore it
> until someone backport patches?
>
> CVSS v3 score is not provided.
>
> Fixed status
>
> mainline: [db7bee653859ef7179be933e7d1384644f795f26,
> 6e61dc9da0b7a0d91d57c2e20b5ea4fd2d4e7e53,
> 1511df6f5e9ef32826f20db2ee81f8527154dc14]
> stable/4.19: [ddf58efd05b5d16d86ea4638675e8bd397320930]
> stable/4.9: [c22cf38428cb910f1996839c917e9238d2e44d4b,
> 8a09222a512bf7b32e55bb89a033e08522798299]
> stable/5.10: [d92d3a9c2b6541f29f800fc2bd44620578b8f8a6,
> 4320c222c2ffe778a8aff5b8bc4ac33af6d54eba,
> ab7cf225016159bc2c3590be6fa12965565d903b]
> stable/5.14: [7a31ec4d215a800b504de74b248795f8be666f8e,
> 6a8787093b04057d855822094d63d04a2506444a,
> a7593244dc31ad0eea70319f6110975f9c738dca]
>
> CVE-2021-20321: kernel: In Overlayfs missing a check for a negative
> dentry before calling vfs_rename()
>
> CVSS v3 score is not provided.
>
> A local attacker can escalate their privileges up to root via
> overlayfs vulnerability.
> Patch for 4.4 is applied
> failed(https://lore.kernel.org/stable/163378772914820@kroah.com/). It
> needs to modify the patch. I attached a patch, if it looks good, I'll
> send it to the stable mailing list.
Thanks, I checked your patch. LGTM.
Best regards,
Nobuhiro
next prev parent reply other threads:[~2021-10-21 8:42 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-21 1:21 New CVE entry this week Masami Ichikawa
2021-10-21 8:41 ` nobuhiro1.iwamatsu [this message]
2021-10-21 12:05 ` [cip-dev] " Masami Ichikawa
-- strict thread matches above, loose matches on Subject: below --
2021-10-13 23:54 Masami Ichikawa
2021-10-13 23:54 ` [cip-dev] " Masami Ichikawa
2021-10-14 6:55 ` Pavel Machek
2021-10-14 6:55 ` Pavel Machek
2021-10-07 0:59 Masami Ichikawa
2021-10-07 0:59 ` [cip-dev] " Masami Ichikawa
2021-10-07 7:30 ` Pavel Machek
2021-10-07 7:30 ` Pavel Machek
2021-10-07 11:38 ` Masami Ichikawa
2021-10-07 11:38 ` Masami Ichikawa
2021-09-30 0:12 Masami Ichikawa
2021-09-30 0:12 ` [cip-dev] " Masami Ichikawa
2021-09-30 6:33 ` nobuhiro1.iwamatsu
2021-09-30 6:33 ` Nobuhiro Iwamatsu
2021-09-30 12:11 ` Masami Ichikawa
2021-09-30 12:11 ` Masami Ichikawa
2021-09-23 1:52 Masami Ichikawa
2021-09-16 0:43 Masami Ichikawa
2021-09-16 4:55 ` Nobuhiro Iwamatsu
2021-09-09 2:39 Masami Ichikawa
2021-09-09 6:41 ` Pavel Machek
2021-09-09 12:23 ` Masami Ichikawa
[not found] ` <CAMLqsBZCbrdOaxhuc81kvZsinS+_bFPp2tpmuVnczC1EXCA3Zg@mail.gmail.com>
2021-09-10 0:40 ` Masami Ichikawa
2021-09-02 1:05 Masami Ichikawa
2021-09-02 6:27 ` Pavel Machek
2021-09-02 7:10 ` Nobuhiro Iwamatsu
2021-09-02 12:17 ` Masami Ichikawa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=TYAPR01MB6252AC6CD63FCF8BEC76A78C92BF9@TYAPR01MB6252.jpnprd01.prod.outlook.com \
--to=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=cip-dev@lists.cip-project.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).