blob: 570ebebb8668dcc0be4b578a523348f1bc82c1db (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
Description: bpf: Fix off-by-one for area size in creating mask to left
References:
https://www.openwall.com/lists/oss-security/2021/03/19/3
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=10d2bb2e6b1d8c4576c56a748f697dbeb8388899
Notes:
bwh> Introduced in 5.0 by commit 979d63d50c0c "bpf: prevent out of bounds
bwh> speculation on pointer arithmetic" and backported into 4.19.19.
Bugs:
upstream: released (5.12-rc5) [10d2bb2e6b1d8c4576c56a748f697dbeb8388899]
5.10-upstream-stable: released (5.10.25) [ac1b87a18c1ffbe3d093000b762121b5aae0a3f9]
4.19-upstream-stable: released (4.19.182) [ec5307f2ed2377fc55f0a8c990c6004c63014a54]
4.9-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.10.24-1) [bugfix/all/bpf-Fix-off-by-one-for-area-size-in-creating-mask-to.patch]
4.19-buster-security: released (4.19.181-1) [bugfix/all/bpf-Fix-off-by-one-for-area-size-in-creating-mask-to.patch]
4.9-stretch-security: N/A "Vulnerability introduced later"
|
