summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2021-29155
blob: 27e84d84277fe852b479e11ee2c2220c3eddb01e (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

Description: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
References:
 https://www.openwall.com/lists/oss-security/2021/04/18/4
 https://lore.kernel.org/stable/215e98bf-21c7-0074-129d-49a51526418b@iogearbox.net/T/#t
 https://lore.kernel.org/stable/20210528103810.22025-1-ovidiu.panait@windriver.com/
Notes:
 carnil> Might be only a problem starting in 5.8-rc1 where 2c78ee898d8f
 carnil> ("bpf: Implement CAP_BPF") is implemented.
 bwh> I believe this does not apply to 4.9 for the same reason that
 bwh> CVE-2019-7308 does not.
 carnil> Patch series to address in 4.19.y is
 carnil> https://lore.kernel.org/stable/20210527173732.20860-1-ovidiu.panait@windriver.com/
 carnil> and Daniel noted in
 carnil> https://lore.kernel.org/stable/215e98bf-21c7-0074-129d-49a51526418b@iogearbox.net/
 carnil> the needed fixes to not open up CVE-2021-33200.
Bugs:
upstream: released (5.12-rc8) [9601148392520e2e134936e76788fc2a6371e7be, 6f55b2f2a1178856c19bbce2f71449926e731914, 24c109bb1537c12c02aeed2d51a347b4d6a9b76e, b658bbb844e28f1862867f37e8ca11a8e2aa94a3, a6aaece00a57fa6f22575364b3903dfbccf5345d, 073815b756c51ba9d8384d924c5d1c03ca3d1ae4, f528819334881fd622fdadeddb3f7edaed8b7c9b, 7fedb63a8307dda0ec3b8969a3b233a1dd7ea8e0]
5.10-upstream-stable: released (5.10.32) [4f3ff11204eac0ee23acf64deecb3bad7b0db0c6, 480d875f12424a86fd710e8762ed1e23b7f02572, 589fd9684dfafee37c60abde4ca3c0af723be3b3, 55565c30790839b40311c270a8b1a437ae9b2769, 7723d3243857ab20f6450cfbbd765d8594e5e308], released (5.10.33) [2982ea926b5cb97ff79fbb27eba72521568811ff]
4.19-upstream-stable: released (4.19.193) [f1c2a82c11c8f16dbf028b7b0ee15ea0adcfaf40, 167743a5eae1c586aa408c6fac4429224e4e4663, 8ab6572e2081f82eef28a972af86676467192225, 656b3f9ef4471e4ea242a3975c0dfa0051d9f548, 8827288cb63949f5d79f84feaf2f7baf35d484fd, 7d2617351898876e6e51f010f3abe8000226583e, 45bfdd767e235a5f20d43d6abbdfb267d372430a]
4.9-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.10.38-1)
4.19-buster-security: released (4.19.194-1)
4.9-stretch-security: N/A "Vulnerability introduced later"

© 2014-2024 Faster IT GmbH | imprint | privacy policy