From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Nv3p=RO=vger.kernel.org=netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9FE3DC10F0C
	for <netdev@archiver.kernel.org>; Mon, 11 Mar 2019 09:18:44 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 73370206BA
	for <netdev@archiver.kernel.org>; Mon, 11 Mar 2019 09:18:44 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727078AbfCKJSn (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Mon, 11 Mar 2019 05:18:43 -0400
Received: from szxga07-in.huawei.com ([45.249.212.35]:54824 "EHLO huawei.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1726897AbfCKJSn (ORCPT <rfc822;netdev@vger.kernel.org>);
        Mon, 11 Mar 2019 05:18:43 -0400
Received: from DGGEMS414-HUB.china.huawei.com (unknown [172.30.72.58])
        by Forcepoint Email with ESMTP id 9293E63CF0EBD3145E06;
        Mon, 11 Mar 2019 17:18:40 +0800 (CST)
Received: from [127.0.0.1] (10.177.96.203) by DGGEMS414-HUB.china.huawei.com
 (10.3.19.214) with Microsoft SMTP Server id 14.3.408.0; Mon, 11 Mar 2019
 17:18:34 +0800
To:     <daniel@iogearbox.net>, Jann Horn <jannh@google.com>,
        <ast@kernel.org>, <gregkh@linuxfoundation.org>,
        "zhangyi (F)" <yi.zhang@huawei.com>,
        Zhaohongjiang <zhaohongjiang@huawei.com>,
        <netdev@vger.kernel.org>, <stable@vger.kernel.org>
From:   Jason Yan <yanaijie@huawei.com>
Subject: 979d63d50c0c0f7bc537bf821e056cc9fe5abd38 bpf: prevent out of bounds
 speculation on pointer arithmetic
Message-ID: <5d71646c-f897-2178-9d4a-fababe999f36@huawei.com>
Date:   Mon, 11 Mar 2019 17:18:33 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.5.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.177.96.203]
X-CFilter-Loop: Reflected
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Hi, Daniel & Greg

This patch (979d63d50c0c bpf: prevent out of bounds speculation on 
pointer arithmetic) was assigned a CVE (CVE-2019-7308) with a high score:

CVSS v3.0 Severity and Metrics:
Base Score: 9.8 CRITICAL

And this patch is not in stable-4.4, would you please backport this 
patch to 4.4?

Thanks,
Jason