Mark issues pending for stretch

author: Ben Hutchings <ben@decadent.org.uk> 2021-11-29 12:13:57 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2021-11-29 23:28:03 +0100
commit: 961332f27b8eb7b7a685d640c7e1a41166c1e6c2 (patch)
tree: 62362253ea9ea44ee5c84f14fd9168279acb018a /active/CVE-2021-3600
parent: d47fdd86afa5cee26ac4ac3cd705ef869f9f957b (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/active/CVE-2021-3600 b/active/CVE-2021-3600
index 0fd38bbe..96a22802 100644
--- a/active/CVE-2021-3600
+++ b/active/CVE-2021-3600
@@ -6,6 +6,9 @@ Notes:
  carnil> in 4.15-rc9 (and was backported to 4.9.79). Though the specifc
  carnil> attach will not work on v4.9.y as pointer arithmetic is
  carnil> prohibited on those kernels.
+ bwh> For 4.9, commits f6b1b3bf0d5f "bpf: fix subprog verifier bypass by
+ bwh> div/mod by 0 exception" and d405c7407a54 "bpf: allocate 0x06 to new
+ bwh> eBPF instruction class JMP32" etc. need to be applied first.
 Bugs:
 upstream: released (5.11) [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90]
 5.10-upstream-stable: released (5.10.16) [1d16cc210fabd0a7ebf52d3025f81c2bde054a90]
@@ -14,4 +17,4 @@ upstream: released (5.11) [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90]
 sid: released (5.10.19-1)
 5.10-bullseye-security: N/A "Fixed before branching point"
 4.19-buster-security: released (4.19.208-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.290-1) [bugfix/all/bpf-fix-32-bit-src-register-truncation-on-div-mod.patch]
author	Ben Hutchings <ben@decadent.org.uk>	2021-11-29 12:13:57 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2021-11-29 23:28:03 +0100
commit	961332f27b8eb7b7a685d640c7e1a41166c1e6c2 (patch)
tree	62362253ea9ea44ee5c84f14fd9168279acb018a /active/CVE-2021-3600
parent	d47fdd86afa5cee26ac4ac3cd705ef869f9f957b (diff)