Old CVE entries worth watching -- was Re: [cip-dev] New CVE entries this week

Pavel Machek


I was going through CVE entries for a month or so and these
accumulated in that time. Would it make sense to add them to the
current "watch list"?

** Bluetooth

Unfortunately, not enough info is present here:

CVE-2020-26555 -- BR/EDR pin code pairing broken
CVE-2020-26556 CVE-2020-26557 CVE-2020-26559 CVE-2020-26560 -- bluetooth mesh

** BPF

CVE-2021-3600 -- More eBPF issues. 4.19+, but we still may need to
fix 4.19

Best regards,
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join cip-dev@lists.cip-project.org to automatically receive all group messages.