Re: [Feedback Requested] RE: Cip-kernel-sec Updates for Week of 2021-03-18


Nobuhiro Iwamatsu
 

Hi all,

I dropped each config from config files.

Best regards,
Nobuhiro

-----Original Message-----
From: cip-dev@... [mailto:cip-dev@...] On Behalf Of
masashi.kudo@...
Sent: Friday, March 19, 2021 5:48 PM
To: jan.kiszka@...; minmin@...; cip-dev@...
Cc: pavel@...; iwamatsu nobuhiro(岩松 信洋 □SWC◯ACT) <nobuhiro1.iwamatsu@...>; wens@...
Subject: Re: [cip-dev] [Feedback Requested] RE: Cip-kernel-sec Updates for Week of 2021-03-18

Hi, Jan-san,

Thanks for your confirmation!

Iwamatsu-san,

Could you turn off both features from the following configs?

- CVE-2020-35519 is relating to X.25.
4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m
5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m
- CVE-2021-20261 is relating to floppy.
4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m
Best regards,
--
M. Kudo

-----Original Message-----
From: Jan Kiszka <jan.kiszka@...>
Sent: Friday, March 19, 2021 5:06 PM
To: 工藤 雅司(CTJ OSS事業推進室) <masashi.kudo@...>;
minmin@...; cip-dev@...
Cc: pavel@...; nobuhiro1.iwamatsu@...; wens@...
Subject: Re: [Feedback Requested] RE: Cip-kernel-sec Updates for Week of
2021-03-18

On 18.03.21 10:33, masashi.kudo@... wrote:
Hi, Jan-san, Minda-san,

Please find the CVE report as follows.
In the analysis of those CVEs, we found some doubts about the configs.

- CVE-2020-35519 is relating to X.25.
X.25 is enabled as follows, but we wonder whether X.25 is really used or not.
4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m
4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m
5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m
Please confirm, and let us know whether X.25 should be disabled.

- CVE-2021-20261 is relating to floppy.
It is enabled as follows.
4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m
Please confirm that this can be also disabled.
Yes, both features can be turned off.

Thanks,
Jan

Best regards,
--
M. Kudo

-----Original Message-----
From: Chen-Yu Tsai <wens@...>
Sent: Thursday, March 18, 2021 5:48 PM
To: cip-dev@...
Cc: Pavel Machek <pavel@...>; Nobuhiro Iwamatsu
<nobuhiro1.iwamatsu@...>; 工藤 雅司(CTJ OSS事業推進室)
<masashi.kudo@...>
Subject: Cip-kernel-sec Updates for Week of 2021-03-18

Hi everyone,

Six new issues this week from the Ubuntu tracker:

- CVE-2020-35519 [net/x25: buffer overflow] - fixed
Looks like a few configs still have X.25 enabled:
4.4.y-cip/x86/plathome_obsvx1.config:CONFIG_X25=m
4.19.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_X25=m
5.10.y-cip-rt/x86/siemens_i386-rt_defconfig:CONFIG_X25=m
Maybe they should be revisited? cip-kernel-config also gives warnings
for CONFIG_X25.

- CVE-2021-20219 [improper synchronization in flush_to_ldisc()] -
likely RedHat only
Report mentions incorrect backport in RedHat kernels.

- CVE-2021-20261 [floppy: race condition data corruption] - fixed
No member enables this except:
4.4.y-cip-rt/x86/siemens_i386-rt.config:CONFIG_BLK_DEV_FD=m
which should probably be turned off.

- CVE-2021-28375 [fastrpc: allows sending kernel RPCs] - fixed
No member enables this.

- CVE-2021-28660 [rtl8188eu: array access out-of-bounds] - fixed
No member enables this.

- CVE-2021-3428 [integer overflow in ext4_es_cache_extent] - unclear [1]
Requires a specially-crafted ext4 FS image, so we likely don't care.

Unfortunately Debian's Salsa service, where the Debian kernel
security issue tracker is hosted, is currently down, so we only have one source
of data this week.


Regards
ChenYu


[1]
https://lore.kernel.org/stable/20210317151834.GE2541@quack2.suse.cz/

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux

Join cip-dev@lists.cip-project.org to automatically receive all group messages.