blob: 83dfc78419776ce8c5a4adb9dfe2efd69665e550 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Description: drm/ttm: Out-of-bounds access in THP handling in ttm_put_pages()
References:
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19927
https://github.com/torvalds/linux/commit/453393369dc9806d2455151e329c599684762428
https://github.com/torvalds/linux/commit/a66477b0efe511d98dde3e4aaeb189790e6f0a39
https://github.com/torvalds/linux/commit/ac1e516d5a4c56bf0cb4a3dfc0672f689131cfd4
Notes:
carnil> One of the commits, a66477b0efe5 ("drm/ttm: fix out-of-bounds
carnil> read in ttm_put_pages() v2") was as well backported to 4.19.37.
carnil> What is relevant to the supported branches to be backported?
carnil> All three commits need to be applied, cf.
carnil> https://lore.kernel.org/stable/20200116064439.GA62849@google.com/
bwh> This is related to THP (transparent huge page) support which was
bwh> added in 4.15.
Bugs:
upstream: released (5.1-rc6) [453393369dc9806d2455151e329c599684762428, a66477b0efe511d98dde3e4aaeb189790e6f0a39, ac1e516d5a4c56bf0cb4a3dfc0672f689131cfd4]
4.19-upstream-stable: released (4.19.97) [8c2cdfb2c81bb533b9e6a3874ee5399102c4c580, 96800ba9e565ab752774cd88328f96aed28a1436, 83a88fb92950ef34b9924c39ff7554ae92c9af69]
4.9-upstream-stable: N/A "Vulnerable code not present"
3.16-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.2.6-1)
4.19-buster-security: released (4.19.98-1)
4.9-stretch-security: N/A "Vulnerable code not present"
3.16-jessie-security: N/A "Vulnerable code not present"
|
