On Wed, May 5, 2021 at 3:51 PM Pavel Machek <email@example.com> wrote:
Two new CVEs this week:Could you push your changes to cip-kernel-sec?
- CVE-2021-31829 [bpf: stack pointer protection from speculative
arithmetic] - fixed
Fixes just landed in mainline as part of the merge window. Fixes not
tagged for stable.
Done. Sorry about that.
These are queued for 5.10.35 and 4.19, I believe they may be related.
v |8373088d4 b9b34d o: 5.10| bpf: Fix masking negation logic upon negative dst register
a |fbb1ea771 b9b34d o: 4.19| bpf: Fix masking negation logic upon negative dst register
a |024fb2412 801c60 o: 5.10| bpf: Fix leakage of uninitialized bpf stack under speculation
I only looked through my inbox. And our scripts don't pick things up
from the stable-queue. In any case they will be picked up once the
stable kernels including them are released.