New CVE entries this week


Masami Ichikawa
 

Hi!

These are the new issues this week:

* 2021/06/30

CVE-2020-28097 -- vgacon_scrolldelta out-of-bounds read

This commit removes software scrollback support. So,
CONFIG_VGACON_SOFT_SCROLLBACK option is removed from kernel.
Accoring to the cip-kernel-config repo, following configs set
CONFIG_VGACON_SOFT_SCROLLBACK option.

- 4.19.y-cip/x86/cip_qemu_defconfig
- 4.19.y-cip/x86/plathome_obsvx2.config
- 4.19.y-cip-rt/x86/siemens_i386-rt.config
- 4.4.y-cip/x86/cip_qemu_defconfig

This vulnerability affects before Linux 5.8.10 therefore Linux 5.10.y
series do not affect.

CVE-2020-36387 -- fs/io_uring.c has a use-after-free related to
io_async_task_func and ctx reference holding

This CVE affects before Linux 5.8.2. However io_uring was introduced
at Linux 5.1 so that CIP kernels aren't affected by this
vulnerability.

CVE-2021-29256.yml -- Mali GPU Kernel Driver elevates CPU RO pages to writable

Following GPU architectures are affected.

- Bifrost r16p0 through r29p0 before r30p0
- Valhall r19p0 through r29p0 before r30p0
- Midgard r28p0 through r30p0

CVE-2021-31615 -- InjectaBLE: Injecting malicious traffic into
established Bluetooth Low Energy connections

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core
Specifications 4.0 through 5.2 are affected.

* 2021/07/08

CVE-2021-35039 -- Without CONFIG_MODULE_SIG, verification that a
kernel module is signed, for loading via init_module, does not occur
for a module.sig_enforce=1 command-line argument.

This CVE affects v4.15 to v5.12, so v4.4 kernel doesn't affect.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@cybertrust.co.jp
:masami.ichikawa@miraclelinux.com

Join cip-dev@lists.cip-project.org to automatically receive all group messages.