Re: cip-kernel-sec Updates for Last Week of October


masashi.kudo@cybertrust.co.jp <masashi.kudo@...>
 

Hi, Chen-Yu san,

Thanks for your report! This is very helpful.

Could you add the backporting status for 4.4 and 4.19 stable kernels?
We may want to discuss the necessity of the backporting for them.

Best regards,
--
M. Kudo

-----Original Message-----
From: cip-dev@lists.cip-project.org <cip-dev@lists.cip-project.org> On Behalf Of
Chen-Yu Tsai (Moxa)
Sent: Thursday, October 29, 2020 11:42 AM
To: cip-dev@lists.cip-project.org
Cc: Pavel Machek <pavel@denx.de>; Nobuhiro Iwamatsu
<nobuhiro1.iwamatsu@toshiba.co.jp>
Subject: [cip-dev] cip-kernel-sec Updates for Last Week of October

Hi everyone,

Since there's no CIP weekly meeting this week, I'm sharing the details on the
mailing list. If people prefer this format, I can also do this in the future. This could
make up for the merge request which summarized the information.

Here's this week's update:

New CVEs:
- CVE-2019-0146 [net/i40e] - likely fixed
- CVE-2020-27673 [xen/dom0] - fixed in mainline
- CVE-2020-27675 [xen/dom0] - fixed in mainline

Old CVEs now fixed:
- CVE-2020-14351 [perf] - fixed in mainline
- CVE-2020-27152 [KVM] - fixed in mainline

So we have yet another Intel i40e CVE that has a nearly useless description.

For the rest, they are all fixed in v5.10-rc1.

- Fixes for CVE-2020-14351 and CVE-2020-27152 have been queued
up for v5.8 and v5.9.

- Fix for CVE-2020-27675 has been queued up for v5.9

- Fix for CVE-2020-27673 has not been backported yet.


Regards
ChenYu
Moxa

Join cip-dev@lists.cip-project.org to automatically receive all group messages.