On Thu, Aug 12, 2021 at 2:43 PM Pavel Machek <pavel@...> wrote:
* CVE detail
CVE-2021-38205: net: xilinx_emaclite: Do not print real IOMEM pointerThis affects our kernels (I looked at 5.10.57 and 4.4.277). On one
xemaclite_of_probe() in drivers/net/ethernet/xilinx/xilinx_emaclite.c
leaks kernel memory layout.
hand we could ask for backport, on the other... I'm not sure it is
serious enough to warrant any action.
I think this vulnerability seems to be low priority because an
attacker needs another vulnerability to abuse this vulnerability.
However, it would be nice to backport the patch too.
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Cybertrust Japan Co., Ltd.