On 18.03.21 10:33, masashi.kudo@cybertrust.co.jp wrote: > Hi, Jan-san, Minda-san, > > Please find the CVE report as follows. > In the analysis of those CVEs, we found some doubts about the configs. > > - CVE-2020-35519 is relating to X.25. > X.25 is enabled as follows, but we wonder whether X.25 is really used or not. >> 4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m >> 4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m >> 5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m > > Please confirm, and let us know whether X.25 should be disabled. > > - CVE-2021-20261 is relating to floppy. > It is enabled as follows. >> 4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m > > Please confirm that this can be also disabled. > Yes, both features can be turned off. Thanks, Jan > Best regards, > -- > M. Kudo > >> -----Original Message----- >> From: Chen-Yu Tsai >> Sent: Thursday, March 18, 2021 5:48 PM >> To: cip-dev@lists.cip-project.org >> Cc: Pavel Machek ; Nobuhiro Iwamatsu >> ; 工藤 雅司(CTJ OSS事業推進室) >> >> Subject: Cip-kernel-sec Updates for Week of 2021-03-18 >> >> Hi everyone, >> >> Six new issues this week from the Ubuntu tracker: >> >> - CVE-2020-35519 [net/x25: buffer overflow] - fixed >> Looks like a few configs still have X.25 enabled: >> 4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m >> 4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m >> 5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m >> Maybe they should be revisited? cip-kernel-config also gives warnings >> for CONFIG_X25. >> >> - CVE-2021-20219 [improper synchronization in flush_to_ldisc()] - likely RedHat >> only >> Report mentions incorrect backport in RedHat kernels. >> >> - CVE-2021-20261 [floppy: race condition data corruption] - fixed >> No member enables this except: >> 4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m >> which should probably be turned off. >> >> - CVE-2021-28375 [fastrpc: allows sending kernel RPCs] - fixed >> No member enables this. >> >> - CVE-2021-28660 [rtl8188eu: array access out-of-bounds] - fixed >> No member enables this. >> >> - CVE-2021-3428 [integer overflow in ext4_es_cache_extent] - unclear [1] >> Requires a specially-crafted ext4 FS image, so we likely don't care. >> >> Unfortunately Debian's Salsa service, where the Debian kernel security issue >> tracker is hosted, is currently down, so we only have one source of data this week. >> >> >> Regards >> ChenYu >> >> >> [1] https://lore.kernel.org/stable/20210317151834.GE2541@quack2.suse.cz/ -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux