diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-09 09:44:22 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-09 09:44:22 +0200 |
commit | ca55e0e9d4f83b79bf312005dc6da4447730da09 (patch) | |
tree | 81697cb53610a50dcc7abc220e7ef375c3ede22d /retired/CVE-2021-3444 | |
parent | f938e2d3183e17467d915f4f68659da593a85017 (diff) |
Retire some CVEs
Diffstat (limited to 'retired/CVE-2021-3444')
-rw-r--r-- | retired/CVE-2021-3444 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/retired/CVE-2021-3444 b/retired/CVE-2021-3444 new file mode 100644 index 00000000..1ad266f1 --- /dev/null +++ b/retired/CVE-2021-3444 @@ -0,0 +1,23 @@ +Description: bpf: Fix truncation handling for mod32 dst reg wrt zero +References: + https://www.openwall.com/lists/oss-security/2021/03/23/2 +Notes: + carnil> Introduced by 468f6eafa6c4 ("bpf: fix 32-bit ALU op + carnil> verification") (4.15-rc5) but f6b1b3bf0d5f ("bpf: fix subprog + carnil> verifier bypass by div/mod by 0 exception") (4.16-rc1) is + carnil> necessary to exploit the issue. + carnil> Will require as well e88b2c6e5a4d ("bpf: Fix 32 bit src + carnil> register truncation on div/mod") as prerequisite. + carnil> This last pre-requisite commit though would depend on + carnil> 092ed0968bb6 ("bpf: verifier support JMP32") which does not + carnil> seem to make it possible to backport the fixes in 4.19.y + carnil> easily. +Bugs: +upstream: released (5.12-rc1) [9b00f1b78809309163dda2d044d9e94a3c0248a3] +5.10-upstream-stable: released (5.10.19) [3320bae8c115863b6f17993c2b7970f7f419da57] +4.19-upstream-stable: released (4.19.206) [39f74b7c81cca139c05757d9c8f9d1e35fbbf56b] +4.9-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (5.10.19-1) +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: released (4.19.208-1) +4.9-stretch-security: N/A "Vulnerable code introduced later" |