From 6f25fcaf3301727fece74ca5015cf214d80459c4 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 9 Aug 2022 20:04:22 +0200 Subject: Mark CVE-2022-2590 as pending for sid --- active/CVE-2022-2590 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/active/CVE-2022-2590 b/active/CVE-2022-2590 index c8aaf933..4764df14 100644 --- a/active/CVE-2022-2590 +++ b/active/CVE-2022-2590 @@ -5,10 +5,15 @@ References: Notes: carnil> Commit fixes 9ae0f87d009c ("mm/shmem: unconditionally set pte carnil> dirty in mfill_atomic_install_pte") in 5.16-rc1. + carnil> David Hildenbrand reports that "Kernels before extended uffd-wp + carnil> support and before PageAnonExclusive (< 5.19) can simply revert + carnil> the problematic commit instead and be safe regarding + carnil> UFFDIO_CONTINUE. A backport to v5.19 requires minor adjustments + carnil> due to lack of vma_soft_dirty_enabled()." Bugs: upstream: needed 5.10-upstream-stable: N/A "Vulnerable code introduced later" 4.19-upstream-stable: N/A "Vulnerable code introduced later" -sid: needed +sid: pending (5.18.16-1) [bugfix/all/Revert-mm-shmem-unconditionally-set-pte-dirty-in-mfi.patch] 5.10-bullseye-security: N/A "Vulnerable code introduced later" 4.19-buster-security: N/A "Vulnerable code introduced later" -- cgit v1.2.3