diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-08-18 16:51:47 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-08-18 16:51:47 +0200 |
commit | 274dde792e93610e4d9763fb72cfd23f9cf1bb68 (patch) | |
tree | 7890b63e685f82f8f4dc87fb338dc9c5704b10c3 | |
parent | d3c7ca90af6e8ee8d5322af1023f1c4cb78ce8a1 (diff) |
Update information on CVE-2022-20158
-rw-r--r-- | active/CVE-2022-20158 | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/active/CVE-2022-20158 b/active/CVE-2022-20158 index 8ff7a7d7..98f2cd51 100644 --- a/active/CVE-2022-20158 +++ b/active/CVE-2022-20158 @@ -3,16 +3,22 @@ References: https://source.android.com/security/bulletin/pixel/2022-08-01 https://android.googlesource.com/kernel/common/+/69e8f03c5ced3e4e6fb4181f4dac185104e3420b https://android.googlesource.com/kernel/common/+/80d91b86a199798ee2321a0ab0f09e6e12764678 + https://lore.kernel.org/all/420a6c4a-e526-4e8b-d5bd-563c40aa94e1@huaweicloud.com/ + https://lore.kernel.org/all/YvYAmmaJgvydex4p@google.com/ Notes: carnil> The second commit is 0b3ea0926afb ("fs: explicitly unregister carnil> per-superblock BDIs") in 5.16-rc1. carnil> Is this an Android specific issue? 5.16-rc1 contains as well carnil> 702f2d1e3b33 ("mm: don't automatically unregister bdis") as carnil> "All BDI users now unregister explicitly" at that point. + carnil> Lee Jones clarified that the issue is specific to Android + carnil> released kernel versions which had an internal, device specific + carnil> commit, causing the issue. This does not affect upstream or + carnil> stable kernels accordingly. Bugs: -upstream: -5.10-upstream-stable: -4.19-upstream-stable: -sid: -5.10-bullseye-security: -4.19-buster-security: +upstream: N/A "Vulnerable code not present; issue specific to Android kernel" +5.10-upstream-stable: N/A "Vulnerable code not present; issue specific to Android kernel" +4.19-upstream-stable: N/A "Vulnerable code not present; issue specific to Android kernel" +sid: N/A "Vulnerable code not present; issue specific to Android kernel" +5.10-bullseye-security: N/A "Vulnerable code not present; issue specific to Android kernel" +4.19-buster-security: N/A "Vulnerable code not present; issue specific to Android kernel" |