On Wed, Oct 14, 2020 at 10:14 PM Pavel Machek <email@example.com> wrote:
given the exposure of such a device but also the fact that I can't tell
for sure if/where it's used (not only by us), I would recommend backporting.
It is interesting this one is listed in both CVE-145, CVE-147 in
There are multiple patches fixed for 4.19, which can be separated by feature.
- i40e: add num_vectors checker in iwarp handler
This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
e3219ce6a7754 is not included in 4.4.y and can be ignored.
cip-kernel-sec. Is that an error?
Given that Intel's security notice did not state which patches fixed which
issues, nor which commits caused them, I tried to guess which patch fixed
which issue, based solely on their descriptions. Then I looked at the history
of the driver to see which commit the patches fixed.
Grouping by feature is probably a better way to determine if the backport
is required or not.
I see also
- i40e: Wrong truncation from u16 to u8
This can be apply in 4.4.y.
- i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter").
It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied.
- i40e: Set RX_ONLY mode for unicast promiscuous on VLAN
which apparently allows people to listen to packets they should not
see. But I assume this requires elevated priviledges to begin with...
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany