Re: Cip-kernel-sec Updates for Week of 2021-05-05


Chen-Yu Tsai (Moxa) <wens@...>
 

On Wed, May 5, 2021 at 3:51 PM Pavel Machek <pavel@denx.de> wrote:

Hi!

Two new CVEs this week:

- CVE-2021-31829 [bpf: stack pointer protection from speculative
arithmetic] - fixed
Fixes just landed in mainline as part of the merge window. Fixes not
tagged for stable.
Could you push your changes to cip-kernel-sec?
Done. Sorry about that.

These are queued for 5.10.35 and 4.19, I believe they may be related.

v |8373088d4 b9b34d o: 5.10| bpf: Fix masking negation logic upon negative dst register
a |fbb1ea771 b9b34d o: 4.19| bpf: Fix masking negation logic upon negative dst register
a |024fb2412 801c60 o: 5.10| bpf: Fix leakage of uninitialized bpf stack under speculation
I only looked through my inbox. And our scripts don't pick things up
from the stable-queue. In any case they will be picked up once the
stable kernels including them are released.


ChenYu

Join cip-dev@lists.cip-project.org to automatically receive all group messages.