Cip-kernel-sec Updates for Week of 2021-03-11


Chen-Yu Tsai (Moxa) <wens@...>
 

Hi everyone,

Seven new CVEs this week:
- CVE-2021-20265 [af_unix: memory leak] - fixed
- CVE-2021-20268 [ebpf: signed type overflow] - fixed
- CVE-2021-27363 [iscsi: iscsi_host_get_param() allows sysfs params
larger than 4k] - fixed
- CVE-2021-27364 [iscsi: iscsi_if_recv_msg allows non-root user] - fixed
- CVE-2021-27365 [iscsi: heap buffer overflow] - fixed
- CVE-2021-28038 [xen: netback: fails to honor errors] - fixed
- CVE-2021-28039 [xen: incorrect foreign pages mapping under special
config] - fixed

All fixes have been backported to all relevant stable kernels.

Also, 4.9.y specific follow-up patch for CVE-2020-29368 was merged in 4.9.259.


Regards
ChenYu

Join cip-dev@lists.cip-project.org to automatically receive all group messages.