1. posterid:4520395
  2. [Git][cip-project/cip-kernel/cip-kernel-sec][master] 5 commits: Import more data

[Git][cip-project/cip-kernel/cip-kernel-sec][master] 5 commits: Import more data

Agustin Benito Bethencourt
 

Ben Hutchings pushed to branch master at cip-project / cip-kernel / cip-kernel-sec

Commits:

  • 270d9a5d
    by Ben Hutchings at 2019-09-17T15:49:40Z 
    Import more data

Signed-off-by: Ben Hutchings <ben.hutchings@...>
  • f4ac8eba
    by Ben Hutchings at 2019-09-17T18:36:27Z 
    Fill in introduced-by commits for various issues

Signed-off-by: Ben Hutchings <ben.hutchings@...>
  • 9ad72398
    by Ben Hutchings at 2019-09-17T18:40:59Z 
    Fill in fixed-by commit lists for CVE-2019-3900

* The first new commit "vhost: introduce vhost_exceeds_weight()" wasn't
  listed for some branches.
* Fill in the commit list for 4.4.  import_stable.py didn't do this
  because it lacks the fix for vhost_vsock, but that's OK because
  vhost_vsock was added later.
* Note that 4.9 does not have the fix for vhost_vsock, but it is
  present and should be fixed.

Signed-off-by: Ben Hutchings <ben.hutchings@...>
  • 290036da
    by Ben Hutchings at 2019-09-17T18:41:39Z 
    Fill in description and likely commit details for CVE-2019-9445

Signed-off-by: Ben Hutchings <ben.hutchings@...>
  • 6b5c715a
    by Ben Hutchings at 2019-09-29T20:13:30Z 
    Merge branch 'bwh/update-issues' into 'master'

Update issues

See merge request cip-project/cip-kernel/cip-kernel-sec!12

19 changed files:

Changes:

  • issues/CVE-2019-14814.yml
    ... ... @@ -8,3 +8,5 @@ reporters:
    8 8 
     - huangwen of ADLab of Venustech
    9 9 
     introduced-by:
    10 10 
       mainline: [a3c2c4f6d8bcd473a7016db93da4f10b3f10f25f]
    11 
    +fixed-by:
    12 
    +  mainline: [7caac62ed598a196d6ddf8d9c121e12e082cac3a]

  • issues/CVE-2019-14815.yml
    ... ... @@ -8,3 +8,5 @@ reporters:
    8 8 
     - huangwen of ADLab of Venustech
    9 9 
     introduced-by:
    10 10 
       mainline: [113630b581d6d423998d2113a8e892ed6e6af6f9]
    11 
    +fixed-by:
    12 
    +  mainline: [7caac62ed598a196d6ddf8d9c121e12e082cac3a]

  • issues/CVE-2019-14816.yml
    ... ... @@ -8,3 +8,5 @@ reporters:
    8 8 
     - huangwen of ADLab of Venustech
    9 9 
     introduced-by:
    10 10 
       mainline: [2152fe9c2fa4c948347b83cb0649d24d214267f5]
    11 
    +fixed-by:
    12 
    +  mainline: [7caac62ed598a196d6ddf8d9c121e12e082cac3a]

  • issues/CVE-2019-14835.yml
    1 
    +description: 'vhost: make sure log_num < in_num'
    2 
    +references:
    3 
    +- https://www.openwall.com/lists/oss-security/2019/09/17/1
    4 
    +comments:
    5 
    +  Debian-carnil: |-
    6 
    +    commit fixes 3a4d5c94e959 ("vhost_net: a kernel-level virtio
    7 
    +    server") present in all supported releases.
    8 
    +introduced-by:
    9 
    +  mainline: [3a4d5c94e959359ece6d6b55045c3f046677f55c]
    10 
    +fixed-by:
    11 
    +  linux-4.14.y: [7e9480b480a57fb4ef2e4d2c2cddbb1a31d56b33]
    12 
    +  linux-4.19.y: [ba03ee62aed0b0ee2eadfeb4a2fecc7d7eb47871]
    13 
    +  linux-4.4.y: [35b29a78cc9b2523f6b0c080e6b44d2eeb367023]
    14 
    +  linux-4.9.y: [8d8276867b5ac539f1d6e166a028b51c8b1ceda8]
    15 
    +  linux-5.2.y: [e86a7794620a589212636e0f370c98c451c7f065]
    16 
    +  mainline: [060423bfdee3f8bc6e2c1bac97de24d5415e2bc4]

  • issues/CVE-2019-15030.yml
    ... ... @@ -14,6 +14,10 @@ introduced-by:
    14 14 
       linux-4.9.y: [a685601f85331ec7f8cda1975bddba311441f333]
    15 15 
       mainline: [f48e91e87e67b56bef63393d1a02c6e22c1d7078]
    16 16 
     fixed-by:
    17 
    +  linux-4.14.y: [32b803e81ce17eec816f09d5388ef0a1cc9e4c2f]
    18 
    +  linux-4.19.y: [47a0f70d7d9ac3d6b1a96b312d07bc67af3834e9]
    19 
    +  linux-4.9.y: [acdf558ef62ceb71938d87f5b700b7ecc0bbee90]
    20 
    +  linux-5.2.y: [7f20c56c0b7a79e310ed6b4bf13bc009f339529a]
    17 21 
       mainline: [8205d5d98ef7f155de211f5e2eb6ca03d95a5a60]
    18 22 
     ignore:
    19 23 
       linux-4.19.y-cip: No members are using powerpc

  • issues/CVE-2019-15031.yml
    ... ... @@ -3,6 +3,7 @@ references:
    3 3 
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15031
    4 4 
     - https://git.kernel.org/linus/a8318c13e79badb92bc6640704a64cc022a6eb97
    5 5 
     - https://launchpad.net/bugs/1843533
    6 
    +- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1843533
    6 7 
     comments:
    7 8 
       Debian-carnil: |-
    8 9 
         Commit fixes a7771176b439 ("powerpc: Don't enable FP/Altivec if
    ... ... @@ -11,6 +12,8 @@ comments:
    11 12 
     introduced-by:
    12 13 
       mainline: [a7771176b4392fbc3a17399c51a8c11f2f681afe]
    13 14 
     fixed-by:
    15 
    +  linux-4.19.y: [569775bd536416ed9049aa580d9f89a0b4307d60]
    16 
    +  linux-5.2.y: [398f2c8277f2de2299fb92e38d9982afc780329b]
    14 17 
       mainline: [a8318c13e79badb92bc6640704a64cc022a6eb97]
    15 18 
     ignore:
    16 19 
       linux-4.19.y-cip: No members are using powerpc

  • issues/CVE-2019-15213.yml
    ... ... @@ -6,6 +6,8 @@ references:
    6 6 
     - https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced
    7 7 
     - https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel@.../
    8 8 
     - https://bugzilla.kernel.org/show_bug.cgi?id=204597
    9 
    +- https://lore.kernel.org/linux-media/fe983331d14442a96db3f71066ca0488a8921840.camel%40decadent.org.uk/
    10 
    +- https://lore.kernel.org/linux-media/20190822104147.4420-1-vasilyev@.../
    9 11 
     comments:
    10 12 
       Debian-bwh: |-
    11 13 
         This is supposed to be fixed by commit 6cf97230cd5f "media: dvb:

  • issues/CVE-2019-15504.yml
    ... ... @@ -15,6 +15,8 @@ reporters:
    15 15 
     - Mathias Payer
    16 16 
     introduced-by:
    17 17 
       mainline: [a1854fae1414dd8edfff4857fd26c3e355d43e19]
    18 
    +fixed-by:
    19 
    +  mainline: [8b51dc7291473093c821195c4b6af85fadedbc2f]
    18 20 
     ignore:
    19 21 
       linux-4.19.y-cip: No member enables rsi_usb
    20 22 
       linux-4.19.y-cip-rt: No member enables rsi_usb

  • issues/CVE-2019-15918.yml
    ... ... @@ -7,4 +7,5 @@ references:
    7 7 
     introduced-by:
    8 8 
       mainline: [9764c02fcbad40001fd3f63558d918e4d519bb75]
    9 9 
     fixed-by:
    10 
    +  linux-4.19.y: [4061e662c8e9f5fb796b05fd2ab58fed8cd16d59]
    10 11 
       mainline: [b57a55e2200ede754e4dc9cce4ba9402544b9365]

  • issues/CVE-2019-15925.yml
    ... ... @@ -7,6 +7,11 @@ references:
    7 7 
     - https://git.kernel.org/linus/04f25edb48c441fc278ecc154c270f16966cbb90
    8 8 
     - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
    9 9 
     - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04f25edb48c441fc278ecc154c270f16966cbb90
    10 
    +comments:
    11 
    +  Debian-carnil: |-
    12 
    +    Needs check when introduced but likely 848440544b41 ("net:
    13 
    +    hns3: Add support of TX Scheduler & Shaper to HNS3 driver") in
    14 
    +    4.14-rc1.
    10 15 
     introduced-by:
    11 16 
       mainline: [848440544b41fbe21f36072ee7dc7c3c59ce62e2]
    12 17 
     fixed-by:

  • issues/CVE-2019-2181.yml
    1 
    +description: 'binder: check for overflow when alloc for security context'
    2 
    +references:
    3 
    +- https://source.android.com/security/bulletin/pixel/2019-09-01
    4 
    +introduced-by:
    5 
    +  mainline: [ec74136ded792deed80780a2f8baf3521eeb72f9]
    6 
    +fixed-by:
    7 
    +  mainline: [0b0509508beff65c1d50541861bc0d4973487dc5]

  • issues/CVE-2019-2182.yml
    1 
    +description: 'arm64: Enforce BBM for huge IO/VMAP mappings'
    2 
    +references:
    3 
    +- https://source.android.com/security/bulletin/pixel/2019-09-01
    4 
    +comments:
    5 
    +  Debian-carnil: |-
    6 
    +    Commit fixes 324420bf91f6 ("arm64: add support for ioremap()
    7 
    +    block mappings") which is in 4.6-rc1.
    8 
    +introduced-by:
    9 
    +  mainline: [324420bf91f60582bb481133db9547111768ef17]
    10 
    +fixed-by:
    11 
    +  mainline: [15122ee2c515a253b0c66a3e618bc7ebe35105eb]

  • issues/CVE-2019-3900.yml
    ... ... @@ -10,22 +10,27 @@ references:
    10 10 
     - https://usn.ubuntu.com/usn/usn-4116-1
    11 11 
     - https://usn.ubuntu.com/usn/usn-4117-1
    12 12 
     - https://usn.ubuntu.com/usn/usn-4118-1
    13 
    +comments:
    14 
    +  bwh: 4.9 is still missing a fix for vhost_vsock.
    13 15 
     reporters:
    14 16 
     - Jason Wang
    15 17 
     introduced-by:
    16 18 
       mainline: [3a4d5c94e959359ece6d6b55045c3f046677f55c]
    17 19 
     fixed-by:
    18 
    -  linux-3.16.y: [f3a64b1071c414e59233b769110872a026f8d254, 6c74f68cf3ca570f39ff8a9e3b0ae357839c4560]
    19 
    -  linux-4.14.y: [ae446749492d8bd23f1d0b81adba16e5739dc740, 46c7fce709dccb4b0e4a5a06bfacdf2bb1a4fc43,
    20 
    -    011942d12cc28c58fdeb2ca77e745c4c370fc250]
    21 
    -  linux-4.19.y: [3af3b843aee41ed22343b011a4cf3812a80d2f38, 239910101c4ebf91a00e6f4a81ac3144b121f0c4,
    22 
    -    02cdc166128cf9cb2be4786b997eebbc0b976bfa]
    23 
    -  linux-4.19.y-cip: [3af3b843aee41ed22343b011a4cf3812a80d2f38, 239910101c4ebf91a00e6f4a81ac3144b121f0c4,
    24 
    -    02cdc166128cf9cb2be4786b997eebbc0b976bfa]
    20 
    +  linux-3.16.y: [2a59b04bcdb2f009906982e711b20bcd40fd253f, f3a64b1071c414e59233b769110872a026f8d254,
    21 
    +    6c74f68cf3ca570f39ff8a9e3b0ae357839c4560]
    22 
    +  linux-4.14.y: [c051fb9788281fa308ef614a7317f7fabadb8363, ae446749492d8bd23f1d0b81adba16e5739dc740,
    23 
    +    46c7fce709dccb4b0e4a5a06bfacdf2bb1a4fc43, 011942d12cc28c58fdeb2ca77e745c4c370fc250]
    24 
    +  linux-4.19.y: [ad5fc8953d61b99f445db447ac1eadc99a00d47e, 3af3b843aee41ed22343b011a4cf3812a80d2f38,
    25 
    +    239910101c4ebf91a00e6f4a81ac3144b121f0c4, 02cdc166128cf9cb2be4786b997eebbc0b976bfa]
    26 
    +  linux-4.19.y-cip: [ad5fc8953d61b99f445db447ac1eadc99a00d47e, 3af3b843aee41ed22343b011a4cf3812a80d2f38,
    27 
    +    239910101c4ebf91a00e6f4a81ac3144b121f0c4, 02cdc166128cf9cb2be4786b997eebbc0b976bfa]
    28 
    +  linux-4.4.y: [9e0b3406326401f4f7f1ce84194a29a595dc7aa9, bb85b4cbd8f69cdea3a0caa9aa4edb1d4d7bc24f,
    29 
    +    6ca24361c2a4c28e69cac96b0bbe476043f5d866]
    25 30 
       linux-4.9.y: [66c8d9d53e657d5068d9f234bc4ec1d703107a48, 4b586288578a3a2aa4efb969feed86f2d760f082,
    26 31 
         02b40edda9fd2e42abae40f5dd85122f13dbe7b8]
    27 
    -  mainline: [e2412c07f8f3040593dfb88207865a3cd58680c0, e79b431fb901ba1106670bcc80b9b617b25def7d,
    28 
    -    c1ea02f15ab5efb3e93fc3144d895410bf79fcf2]
    32 
    +  mainline: [e82b9b0727ff6d665fff2d326162b460dded554d, e2412c07f8f3040593dfb88207865a3cd58680c0,
    33 
    +    e79b431fb901ba1106670bcc80b9b617b25def7d, c1ea02f15ab5efb3e93fc3144d895410bf79fcf2]
    29 34 
     ignore:
    30 35 
       linux-4.19.y-cip-rt: No member enables vhost drivers
    31 36 
       linux-4.4.y-cip-rt: No member enables vhost drivers

  • issues/CVE-2019-9245.yml
    1 
    +description: 'f2fs: sanity check of xattr entry size'
    2 
    +introduced-by:
    3 
    +  mainline: [af48b85b8cd3fbb12c9b6759c16db6d69c0b03da]
    4 
    +fixed-by:
    5 
    +  linux-4.19.y: [5036fcd9b14516f62efae6ed0c42dfbb9798b643]
    6 
    +  linux-4.19.y-cip: [5036fcd9b14516f62efae6ed0c42dfbb9798b643]
    7 
    +  linux-4.19.y-cip-rt: [5036fcd9b14516f62efae6ed0c42dfbb9798b643]
    8 
    +  mainline: [64beba0558fce7b59e9a8a7afd77290e82a22163]

  • issues/CVE-2019-9445.yml
    1 
    +description: Out-of-bounds read in f2fs
    2 
    +references:
    3 
    +- https://source.android.com/security/bulletin/pixel/2019-09-01
    4 
    +- https://android-review.googlesource.com/c/kernel/common/+/864649
    5 
    +- https://nvd.nist.gov/vuln/detail/CVE-2019-9445
    6 
    +comments:
    7 
    +  Debian-carnil: Not fully clear (to me) which specific commit is meant.
    8 
    +  bwh: |
    9 
    +    The CVE description mentions an "out-of bounds read", so the most
    10 
    +    likely fix seemed to be commit 64beba0558fc "f2fs: sanity check of
    11 
    +    xattr entry size".  However that addresses CVE-2019-9245.  The
    12 
    +    other candidate I could see was commit 720db068634c "f2fs: check
    13 
    +    if file namelen exceeds max value".
    14 
    +introduced-by:
    15 
    +  mainline: [6b4ea0160ae236a6561defa28e19f973aedda9ff]
    16 
    +fixed-by:
    17 
    +  mainline: [720db068634c91553a8e1d9a0fcd8c7050e06d2b]

  • issues/CVE-2019-9453.yml
    1 
    +description: 'f2fs: fix to avoid accessing xattr across the boundary'
    2 
    +references:
    3 
    +- https://source.android.com/security/bulletin/pixel/2019-09-01
    4 
    +introduced-by:
    5 
    +  mainline: [af48b85b8cd3fbb12c9b6759c16db6d69c0b03da]
    6 
    +fixed-by:
    7 
    +  linux-4.19.y: [ae3787d433f7b87ebf6b916e524c6e280e4e5804]
    8 
    +  linux-4.19.y-cip: [ae3787d433f7b87ebf6b916e524c6e280e4e5804]
    9 
    +  mainline: [2777e654371dd4207a3a7f4fb5fa39550053a080]

  • issues/CVE-2019-9455.yml
    1 
    +description: 'media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()'
    2 
    +references:
    3 
    +- https://source.android.com/security/bulletin/pixel/2019-09-01
    4 
    +introduced-by:
    5 
    +  mainline: [f61bf13b6a07a93b9348e77808d369803f40b681]
    6 
    +fixed-by:
    7 
    +  linux-4.14.y: [8d6df5097c0005320ab6f3cd8dda2ef31db6c6d1]
    8 
    +  linux-4.19.y: [573d423a9bd76b396954ddf847ff24d97658453d]
    9 
    +  linux-4.19.y-cip: [573d423a9bd76b396954ddf847ff24d97658453d]
    10 
    +  linux-4.19.y-cip-rt: [573d423a9bd76b396954ddf847ff24d97658453d]
    11 
    +  linux-4.4.y: [7b5115689bf9dafc5127b28ace4589f698d4adfa]
    12 
    +  linux-4.4.y-cip: [7b5115689bf9dafc5127b28ace4589f698d4adfa]
    13 
    +  linux-4.4.y-cip-rt: [7b5115689bf9dafc5127b28ace4589f698d4adfa]
    14 
    +  linux-4.9.y: [7f422aa63d5a0905232455a8953cd9bc02eab4da]
    15 
    +  mainline: [5e99456c20f712dcc13d9f6ca4278937d5367355]

  • issues/CVE-2019-9506.yml
    ... ... @@ -7,13 +7,10 @@ references:
    7 7 
     - https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
    8 8 
     - https://usn.ubuntu.com/usn/usn-4115-1
    9 9 
     - https://usn.ubuntu.com/usn/usn-4118-1
    10 
    +- https://bugzilla.kernel.org/show_bug.cgi?id=203997
    10 11 
     comments:
    11 12 
       Debian-carnil: HW issue, but some mitigations are applied in Linux
    12 
    -  Ubuntu-mdeslaur: |-
    13 
    -    As of 2019-08-16, no exact details on what the fix for this
    14 
    -    issue is, but likely to be implemented in bluetooth firmware.
    15 
    -    As such, and since this requires that the attacker be in
    16 
    -    Bluetooth range, downgrading priority to medium.
    13 
    +  Ubuntu-mdeslaur: Mitigation for this issue was added to the kernel
    17 14 
       Ubuntu-sbeattie: CERT VU#918987
    18 15 
     reporters:
    19 16 
     - Daniele Antonioli

  • issues/CVE-2019-kvm-guest-xcr0.yml
    ... ... @@ -10,6 +10,7 @@ comments:
    10 10 
         subdirectory arch/x86/kvm/vmx/vmx.c so backport to 4.19 and
    11 11 
         older need to account for that.
    12 12 
     fixed-by:
    13 
    +  linux-4.19.y: [7a74d806bdaa4718b96577068fe86fcdb91436e1]
    13 14 
       mainline: [1811d979c71621aafc7b879477202d286f7e863b]
    14 15 
     ignore:
    15 16 
       linux-4.19.y-cip-rt: No member enables KVM


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.com. If you'd like to receive fewer emails, you can adjust your notification settings.

    Join cip-dev@lists.cip-project.org to automatically receive all group messages.