blob: ae6e76ac2513580d834fe79cbfe519b534e3255a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: netfilter: Kernel info leaks from various modules
References:
https://source.android.com/security/bulletin/pixel/2021-12-01
Notes:
carnil> This one seems a bit compliated to track, the commits from the
carnil> pixel/2021-12-01 are spread over two versions. But it's not
carnil> very clear to what CVE-2021-39636 is referring to, assuming it
carnil> is for the pointer leak to userspace?
bwh> Pretty sure this is about leaking pointers. The last 2 commits
bwh> are fixing that and the first 3 are dependencies for the fix.
Bugs:
upstream: released (4.11-rc1) [f32815d21d4d8287336fb9cef4d2d9e0866214c2, f77bc5b23fb1af51fc0faa8a479dea8969eb5079, e47ddb2c4691fd2bd8d25745ecb6848408899757, ec23189049651b16dc2ffab35a4371dc1f491aca], released (4.16-rc1) [1e98ffea5a8935ec040ab72299e349cb44b8defd]
5.10-upstream-stable: N/A "Fixed before branch point"
4.19-upstream-stable: N/A "Fixed before branch point"
4.9-upstream-stable: needed
sid: released (4.16.5-1)
5.10-bullseye-security: N/A "Fixed before branch point"
4.19-buster-security: N/A "Fixed before branch point"
4.9-stretch-security: needed
|
