Cip-kernel-sec Updates for Week of 2020-12-03


Chen-Yu Tsai (Moxa) <wens@...>
 

New issues:

- CVE-2019-20934 [fair scheduler UAF in NUMA code]
- CVE-2020-27815 [fs/jfs: array index out-of-bounds]
- CVE-2020-29368 [mm/THP: COW race condition]
- CVE-2020-29369 [mm/mmap: race condition between expand functions and munmap]
- CVE-2020-29370 [mm/slub: missing TID increment]
- CVE-2020-29371 [fs/romfs: uninitialized memory leaked to userspace]
- CVE-2020-29372 [fs/io_uring: IORING_OP_MADVISE race condition]
- CVE-2020-29373 [fs/io_uring: mount namespace escape]
- CVE-2020-29374 [mm/gup: get_user_pages() and COW ambiguity]

All are fixed in all relevant stable kernels or (CVE-2020-27815) have
fixes queued up for mainline.

Old issues now marked as fixed:

- CVE-2020-10135 [bluetooth: BR/EDR Bluetooth Impersonation Attacks (BIAS)]

Fixes found from backport request.

All in all no action is required for CIP kernels this week.


Regards
ChenYu
Moxa

Join cip-dev@lists.cip-project.org to automatically receive all group messages.