Cip-kernel-sec Updates for Week of 2021-04-22
Chen-Yu Tsai (Moxa) <wens@...>
Seven new CVEs this week, though three can be ignored.
- CVE-2021-1076 [nvidia out-of-tree driver DoS] - ignore
- CVE-2021-1077 [nvidia out-of-tree driver DoS] - ignore
- CVE-2021-23133 [net/sctp: race in sctp_destroy_sock] - fixed
Needs backport to kernels before 5.4
- CVE-2021-29155 [bpf: kernel memory content leak] - fixed
Debian notes this likely only affects 5.8 and later.
I intend to mark it as such if no one objects.
- CVE-2021-3492 [shiftfs: double free] - ignore Ubuntu specific
- CVE-2021-3493 [overlayfs: privilege escalation] - fixed
- CVE-2021-3506 [f2fs: out-of-bounds access] - fix queued up for -next
Regarding CVE-2021-29650 from 4/1, it seems Pavel's backport
still didn't hit the stable mailing list. Guenter ended up
posting backports  for all the old LTS kernels, but there
were some other issues and he asked Greg to drop them.