Cip-kernel-sec Updates for Week of 2021-04-01

Chen-Yu Tsai (Moxa) <wens@...>

Hi everyone,

Nine new CVEs this week:

- CVE-2021-28688 [xen: blkback leak persistent grants] - fixed (ignore for CIP)
- CVE-2021-29264 [gianfar: jumbo frame overrun] - fixed (ignore for CIP)
Needs backport to 4.9 and 4.14.
- CVE-2021-29265 [usbip: access race] - fixed (ignore for CIP)
- CVE-2021-29266 [vhost: vdpa: UAF] - fixed (ignore for CIP)
- CVE-2021-29646 [net: tipc: user data validation] - fixed
- CVE-2021-29647 [net: qrtr: kernel info leak] - fixed (ignore for CIP)
- CVE-2021-29648 [bpf: vmlinux BTF usage leads to crash] - fixed
- CVE-2021-29649 [bpf: umd: memleak] - fixed (ignore for CIP)
- CVE-2021-29650 [netfilter: x_tables: incorrect memory barrier led to
crash] - fixed
Needs backport to 4.14 and earlier.

Regarding issues from last week,

CVE-2021-3444 - Debian added the following notes:

This last pre-requisite commit though would depend on
092ed0968bb6 ("bpf: verifier support JMP32") which does not
seem to make it possible to backport the fixes in 4.19.y

CVE-2021-20292 - Ubuntu tagged the commit introducing the
issue as 8e7e70522d76 ("drm/ttm: isolate dma data from ttm_tt V4")
from v3.3-rc1. So it looks like the fix needs to be backport to
v4.4 as well.


Join to automatically receive all group messages.