Re: New CVE entries this week

Home Messages Hashtags Subgroups

Masami Ichikawa #6675 Hi ! On Thu, Aug 12, 2021 at 2:43 PM Pavel Machek <pavel@...> wrote: Hi! * CVE detail New CVEs CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointer xemaclite_of_probe() in drivers/net/ethernet/xilinx/xilinx_emaclite.c leaks kernel memory layout. Fixed status mainline: [d0d62baa7f505bd4c59cd169692ff07ec49dde37] stable/5.13: [8722275b41d5127048e1422a8a1b6370b4878533] This affects our kernels (I looked at 5.10.57 and 4.4.277). On one hand we could ask for backport, on the other... I'm not sure it is serious enough to warrant any action. I think this vulnerability seems to be low priority because an attacker needs another vulnerability to abuse this vulnerability. However, it would be nice to backport the patch too. Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Regards, -- Masami Ichikawa Cybertrust Japan Co., Ltd. Email :masami.ichikawa@... :masami.ichikawa@...
More All Messages By This Member

Join {cip-dev@lists.cip-project.org to automatically receive all group messages.