cip-kernel-sec Updates for Last Week of October

Chen-Yu Tsai (Moxa) <wens@...>

Hi everyone,

Since there's no CIP weekly meeting this week, I'm sharing the details
on the mailing list. If people prefer this format, I can also do this
in the future. This could make up for the merge request which summarized
the information.

Here's this week's update:

New CVEs:
- CVE-2019-0146 [net/i40e] - likely fixed
- CVE-2020-27673 [xen/dom0] - fixed in mainline
- CVE-2020-27675 [xen/dom0] - fixed in mainline

Old CVEs now fixed:
- CVE-2020-14351 [perf] - fixed in mainline
- CVE-2020-27152 [KVM] - fixed in mainline

So we have yet another Intel i40e CVE that has a nearly useless

For the rest, they are all fixed in v5.10-rc1.

- Fixes for CVE-2020-14351 and CVE-2020-27152 have been queued
up for v5.8 and v5.9.

- Fix for CVE-2020-27675 has been queued up for v5.9

- Fix for CVE-2020-27673 has not been backported yet.


Join to automatically receive all group messages.