Chen-Yu Tsai (Moxa) <wens@...>
Two new CVEs this week:
- CVE-2021-31829 [bpf: stack pointer protection from speculative
arithmetic] - fixed
Fixes just landed in mainline as part of the merge window. Fixes not
tagged for stable.
- CVE-2021-31916 [md: dm_ioctl: out-of-bounds array access] - fixed
Likely needs backport to 4.9 and earlier.
Additionally, one old CVE is now fixed: