On Wed, May 5, 2021 at 3:51 PM Pavel Machek <pavel@...> wrote:
Hi!
Two new CVEs this week:
- CVE-2021-31829 [bpf: stack pointer protection from speculative arithmetic] - fixed Fixes just landed in mainline as part of the merge window. Fixes not tagged for stable.
Could you push your changes to cip-kernel-sec?
Done. Sorry about that.
These are queued for 5.10.35 and 4.19, I believe they may be related.
v |8373088d4 b9b34d o: 5.10| bpf: Fix masking negation logic upon negative dst register a |fbb1ea771 b9b34d o: 4.19| bpf: Fix masking negation logic upon negative dst register a |024fb2412 801c60 o: 5.10| bpf: Fix leakage of uninitialized bpf stack under speculation
I only looked through my inbox. And our scripts don't pick things up from the stable-queue. In any case they will be picked up once the stable kernels including them are released.
