About corresponding CVE-2020-25669 from CIP kernel config side

Home Messages Hashtags Subgroups

Nobuhiro Iwamatsu #5806 Hi Jan, CVE-2020-25669[0] is a CVE for SUNKBD (sun4/sun5 keyboard), which is enabled in siemens_i386-rt kernel. ``` $ git grep SUNKBD 4.19.y-cip-rt/x86/siemens_i386-rt.config:# CONFIG_KEYBOARD_SUNKBD is not set 4.19.y-cip/x86/plathome_obsvx2.config:# CONFIG_KEYBOARD_SUNKBD is not set 4.19.y-cip/x86/siemens_iot2000.config:# CONFIG_KEYBOARD_SUNKBD is not set 4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_KEYBOARD_SUNKBD=m 4.4.y-cip/arm/siemens_am57xx-pxm3.config:# CONFIG_KEYBOARD_SUNKBD is not set 4.4.y-cip/arm/siemens_imx6_defconfig:# CONFIG_KEYBOARD_SUNKBD is not set 4.4.y-cip/x86/plathome_obsvx1.config:# CONFIG_KEYBOARD_SUNKBD is not set 4.4.y-cip/x86/siemens_iot2000.config:# CONFIG_KEYBOARD_SUNKBD is not set ``` Is this driver used? If you're not using it, I'd consider removing it from the kernel's config to support this CVE. Could you give me your opinion on this? Best regards, Nobuhiro [0]: https://security-tracker.debian.org/tracker/CVE-2020-25669
More All Messages By This Member

Join cip-dev@lists.cip-project.org to automatically receive all group messages.