diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2021-03-26 01:41:18 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2021-03-26 01:41:18 +0100 |
commit | 4f357619cf52a5d338d3aa19f5278b47263d5297 (patch) | |
tree | ed705968158d0270bd82c20834544961c8b5d2b4 /active | |
parent | 892854354a68430df16c8e57a705b5d7eb7b06ca (diff) |
Fill in details for several issues
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2020-27170 | 6 | ||||
-rw-r--r-- | active/CVE-2020-27171 | 6 | ||||
-rw-r--r-- | active/CVE-2021-20292 | 12 | ||||
-rw-r--r-- | active/CVE-2021-28950 | 10 |
4 files changed, 23 insertions, 11 deletions
diff --git a/active/CVE-2020-27170 b/active/CVE-2020-27170 index d9629552..b1e0e447 100644 --- a/active/CVE-2020-27170 +++ b/active/CVE-2020-27170 @@ -3,11 +3,13 @@ References: https://www.openwall.com/lists/oss-security/2021/03/19/2 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=f232326f6966cf2a1d1db7bc917a4ce5f9f55f76 Notes: + bwh> 4.9 is also missing commit 979d63d50c0c "bpf: prevent out of bounds + bwh> speculation on pointer arithmetic" which this fix depends on. Bugs: upstream: pending [f232326f6966cf2a1d1db7bc917a4ce5f9f55f76] 5.10-upstream-stable: released (5.10.25) [c4d37eea1c641a9319baf34253cc373abb39d3e1] 4.19-upstream-stable: released (4.19.182) [bc49612a0e2c379a0d997375901c5371ba015518] -4.9-upstream-stable: +4.9-upstream-stable: needed sid: released (5.10.24-1) [bugfix/all/bpf-Prohibit-alu-ops-for-pointer-types-not-defining-.patch] 4.19-buster-security: needed -4.9-stretch-security: +4.9-stretch-security: needed diff --git a/active/CVE-2020-27171 b/active/CVE-2020-27171 index fea26bb7..f1880a4e 100644 --- a/active/CVE-2020-27171 +++ b/active/CVE-2020-27171 @@ -3,11 +3,13 @@ References: https://www.openwall.com/lists/oss-security/2021/03/19/3 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=10d2bb2e6b1d8c4576c56a748f697dbeb8388899 Notes: + bwh> 4.9 is also missing commit 979d63d50c0c "bpf: prevent out of bounds + bwh> speculation on pointer arithmetic" which this fix depends on. Bugs: upstream: pending [10d2bb2e6b1d8c4576c56a748f697dbeb8388899] 5.10-upstream-stable: released (5.10.25) [ac1b87a18c1ffbe3d093000b762121b5aae0a3f9] 4.19-upstream-stable: released (4.19.182) [ec5307f2ed2377fc55f0a8c990c6004c63014a54] -4.9-upstream-stable: +4.9-upstream-stable: needed sid: released (5.10.24-1) [bugfix/all/bpf-Fix-off-by-one-for-area-size-in-creating-mask-to.patch] 4.19-buster-security: needed -4.9-stretch-security: +4.9-stretch-security: needed diff --git a/active/CVE-2021-20292 b/active/CVE-2021-20292 index 601c31c3..cb3dc6b7 100644 --- a/active/CVE-2021-20292 +++ b/active/CVE-2021-20292 @@ -2,11 +2,17 @@ Description: drm/ttm/nouveau: don't call tt destroy callback on alloc failure. References: https://bugzilla.redhat.com/show_bug.cgi?id=1939686 Notes: + bwh> From my reading of the fix, the bug did not affect nouveau but + bwh> all the other ttm-based drivers (amdgpu, qxl, radeon, virtgpu, + bwh> and vmwgfx). The fix is to make the API behave the way the + bwh> other drivers expected it to, and change nouveau accordingly. + bwh> This will create a potential memory leak in any OOT drivers + bwh> that were using the API correctly. Bugs: upstream: released (5.9-rc1) [5de5b6ecf97a021f29403aa272cb4e03318ef586] 5.10-upstream-stable: N/A "Fixed before branching point" -4.19-upstream-stable: (4.19.140) [10c8a526b2db1fcdf9e2d59d4885377b91939c55] -4.9-upstream-stable: +4.19-upstream-stable: released (4.19.140) [10c8a526b2db1fcdf9e2d59d4885377b91939c55] +4.9-upstream-stable: needed sid: released (5.7.17-1) 4.19-buster-security: released (4.19.146-1) -4.9-stretch-security: +4.9-stretch-security: needed diff --git a/active/CVE-2021-28950 b/active/CVE-2021-28950 index 0456d42c..82d3c02a 100644 --- a/active/CVE-2021-28950 +++ b/active/CVE-2021-28950 @@ -4,11 +4,13 @@ Notes: carnil> Commit fixes 5d069dbe8aaf ("fuse: fix bad inode") which is only carnil> present in 5.4.88, 5.10.6 and 5.11-rc1 so might not affect carnil> older versions. + bwh> Commit 5d069dbe8aaf "fuse: fix bad inode" fixed another DoS issue, + bwh> so we'll need to backport both of them. Bugs: upstream: released (5.12-rc4) [775c5033a0d164622d9d10dd0f0a5531639ed3ed] 5.10-upstream-stable: released (5.10.25) [d955f13ea2120269319d6133d0dd82b66d1eeca3] -4.19-upstream-stable: -4.9-upstream-stable: +4.19-upstream-stable: needed +4.9-upstream-stable: needed sid: released (5.10.24-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch] -4.19-buster-security: -4.9-stretch-security: +4.19-buster-security: needed +4.9-stretch-security: needed |