Cip-kernel-sec Updates for Week of 2020-12-17


Chen-Yu Tsai (Moxa) <wens@...>
 

Hi everyone,

Here is the cip-kernel-sec report for this week.

This week we have four new issues:

- CVE-2020-27825 [UAF in kernel/trace/ring_buffer.c]
- CVE-2020-27835 [IF/hfi1: incorrect mm_struct usage]
- CVE-2020-29660 [tty: possible freed kernel memory leak to userspace]
- CVE-2020-29661 [tty: possible UAF]

All four have been fixed in all relevant stable kernel branches.

In addition, CVE-2020-27815 [jfs] is now fixed in Linus's tree.
Also, the fix for CVE-2020-28588 from last week is now backported
to v5.4 and v5.9.


Regards
ChenYu

Join cip-dev@lists.cip-project.org to automatically receive all group messages.