diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2022-05-15 21:22:51 +0200 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2022-05-15 21:25:05 +0200 |
| commit | d082da7610901f6e5718151a1cc52b7e89e5491d (patch) | |
| tree | 6caf95b53c7309c37f79abfb87fc74cc4402d956 /active/CVE-2021-34556 | |
| parent | 95642170dc992fb38a4a17f1af746df78deea5b0 (diff) | |
Ignore eBPF information leaks in stretch
Diffstat (limited to 'active/CVE-2021-34556')
| -rw-r--r-- | active/CVE-2021-34556 | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/active/CVE-2021-34556 b/active/CVE-2021-34556 index 7945edc4..cb6a8f3b 100644 --- a/active/CVE-2021-34556 +++ b/active/CVE-2021-34556 @@ -3,6 +3,9 @@ References: https://www.openwall.com/lists/oss-security/2021/08/01/3 https://lore.kernel.org/stable/20210913153537.2162465-1-ovidiu.panait@windriver.com/ Notes: + bwh> I think this can be ignored. Privileged users can generally read + bwh> kernel memory through kprobes/tracepoints. Unprivileged use of + bwh> eBPF is now disabled by default in all Debian suites. Bugs: upstream: released (5.14-rc4) [f5e81d1117501546b7be050c5fbafa6efd2c722c, 2039f26f3aca5b0e419b98f65dd36481337b86ee] 5.10-upstream-stable: released (5.10.56) [bea9e2fd180892eba2574711b05b794f1d0e7b73, 0e9280654aa482088ee6ef3deadef331f5ac5fb0] @@ -11,4 +14,4 @@ upstream: released (5.14-rc4) [f5e81d1117501546b7be050c5fbafa6efd2c722c, 2039f26 sid: released (5.10.46-4) [bugfix/all/bpf-introduce-bpf-nospec-instruction-for-mitigating-.patch, bugfix/all/bpf-fix-leakage-due-to-insufficient-speculative-stor.patch] 5.10-bullseye-security: N/A "Fixed before branching point" 4.19-buster-security: released (4.19.208-1) -4.9-stretch-security: needed +4.9-stretch-security: ignored "Too risky to backport, and mitigated by default" |