blob: 464d4e70e8434ea1a09c2ad57b62379d0fe4fad7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Description:
References:
https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/
https://www.openwall.com/lists/oss-security/2020/03/30/3
https://bugzilla.redhat.com/show_bug.cgi?id=1817350
Notes:
carnil> CRD: Monday, March 30th, 16:00 UTC.
carnil> Introduced by commit 581738a681b6 ("bpf: Provide better
carnil> register bounds after jmp32 instructions") in 5.5-rc1 and was
carnil> backported to 5.4.7.
carnil> CVE as well known as ZDI-CAN-10780.
Bugs:
upstream: needed
4.19-upstream-stable: N/A "Vulnerable code introduced later"
4.9-upstream-stable: N/A "Vulnerable code introduced later"
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: needed
4.19-buster-security: N/A "Vulnerable code introduced later"
4.9-stretch-security: N/A "Vulnerable code introduced later"
3.16-jessie-security: N/A "Vulnerable code introduced later"
|