diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-12 15:15:33 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-12 15:15:33 +0200 |
commit | e4c935b98ab666d8c1894f0cc82b35ff1e3e70d3 (patch) | |
tree | 665d664a91f40802ed3a8f874bc6139d1fee8b9d /active/CVE-2021-3640 | |
parent | 6a919fb39244e165f5da13951bcb5ad79188fa38 (diff) |
Update status for CVE-2021-3640
Diffstat (limited to 'active/CVE-2021-3640')
-rw-r--r-- | active/CVE-2021-3640 | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/active/CVE-2021-3640 b/active/CVE-2021-3640 index f30d01c0..b2932d4d 100644 --- a/active/CVE-2021-3640 +++ b/active/CVE-2021-3640 @@ -2,9 +2,16 @@ Description: UAF in sco_send_frame function References: https://www.openwall.com/lists/oss-security/2021/07/22/1 https://bugzilla.suse.com/show_bug.cgi?id=1188172 + https://x-lore.kernel.org/all/883dc4b7-d1a1-3d31-a5a8-8fa1791084b6@i-love.sakura.ne.jp/ Notes: + carnil> Prerequisites before the "last piece for fixing CVE-2021-3640" + carnil> are e04480920d1e ("Bluetooth: defer cleanup of resources in + carnil> hci_unregister_dev()") and 734bc5ff7831 ("Bluetooth: avoid + carnil> circular locks in sco_sock_connect"), ba316be1b6a0 ("Bluetooth: + carnil> schedule SCO timeouts with delayed_work"), 27c24fda62b6 + carnil> ("Bluetooth: switch to lock_sock in SCO") Bugs: -upstream: +upstream: needed 5.10-upstream-stable: 4.19-upstream-stable: 4.9-upstream-stable: |