New CVE entries this week
Masami Ichikawa
Hi !
It's this week's CVE report.
* CVE short summary
** New CVEs
CVE-2020-3702: mainline is fixed
CVE-2021-3732: mainline and stable kernels are fixed
** Updated CVEs
There is no update.
** Tracking CVEs
CVE-2021-31615: No fix information as of 2021/08/26.
CVE-2021-3640: No fix information as of 2021/08/26.
CVE-2020-26555: No fix information as of 2021/08/26.
CVE-2020-26556: No fix information as of 2021/08/26.
CVE-2020-26557: No fix information as of 2021/08/26.
CVE-2020-26559: No fix information as of 2021/08/26.
CVE-2020-26560: No fix information as of 2021/08/26.
CVE-2021-3600: mainline, 5.10, 5.4 are fixed. 4.4 isn't affected. 4.19
isn't fixed.
* CVE detail
New CVEs
CVE-2020-3702: Specifically timed and handcrafted traffic can cause
internal errors in a WLAN device that lead to improper layer 2 Wi-Fi
encryption with a consequent possibility of information disclosure
over the air for a discrete set of traffic
This CVE affects ath9k driver.
Fixed status
mainline: [56c5485c9e444c2e85e11694b6c44f1338fc20fd,
73488cb2fa3bb1ef9f6cf0d757f76958bd4deaca,
d2d3e36498dd8e0c83ea99861fac5cf9e8671226,
144cd24dbc36650a51f7fe3bf1424a1432f1f480,
ca2848022c12789685d3fab3227df02b863f9696]
CVE-2021-3732: kernel: overlayfs: Mounting overlayfs inside an
unprivileged user namespace can reveal files
cip/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8]
cip/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571]
mainline: [427215d85e8d1476da1a86b8d67aceb485eb3631]
stable/4.14: [517b875dfbf58f0c6c9e32dc90f5cf42d71a42ce]
stable/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8]
stable/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571]
stable/4.9: [e3eee87c846dc47f6d8eb6d85e7271f24122a279]
stable/5.10: [6a002d48a66076524f67098132538bef17e8445e]
stable/5.13: [41812f4b84484530057513478c6770590347dc30]
stable/5.4: [812f39ed5b0b7f34868736de3055c92c7c4cf459]
Updated CVEs
There is no update.
Currently tracking CVEs
CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2
There is no fix information as of 2021/08/26.
CVE-2021-3640: UAF in sco_send_frame function
There is no fix information as of 2021/08/26.
CVE-2020-26555: BR/EDR pin code pairing broken
There is no fix information as of 2021/08/26.
CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM
No fix information as of 2021/08/26.
CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2021-3600: eBPF 32-bit source register truncation on div/mod
The vulnerability has been introduced since 4.15-rc9. 4.4 is not
affected. 4.19 is not fixed yet as of 2021/08/26.
mainline: [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90]
stable/5.10: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90]
stable/5.4: [78e2f71b89b22222583f74803d14f3d90cdf9d12]
Regards,
--
Masami Ichikawa
Cybertrust Japan Co., Ltd.
Email :masami.ichikawa@...
:masami.ichikawa@...
It's this week's CVE report.
* CVE short summary
** New CVEs
CVE-2020-3702: mainline is fixed
CVE-2021-3732: mainline and stable kernels are fixed
** Updated CVEs
There is no update.
** Tracking CVEs
CVE-2021-31615: No fix information as of 2021/08/26.
CVE-2021-3640: No fix information as of 2021/08/26.
CVE-2020-26555: No fix information as of 2021/08/26.
CVE-2020-26556: No fix information as of 2021/08/26.
CVE-2020-26557: No fix information as of 2021/08/26.
CVE-2020-26559: No fix information as of 2021/08/26.
CVE-2020-26560: No fix information as of 2021/08/26.
CVE-2021-3600: mainline, 5.10, 5.4 are fixed. 4.4 isn't affected. 4.19
isn't fixed.
* CVE detail
New CVEs
CVE-2020-3702: Specifically timed and handcrafted traffic can cause
internal errors in a WLAN device that lead to improper layer 2 Wi-Fi
encryption with a consequent possibility of information disclosure
over the air for a discrete set of traffic
This CVE affects ath9k driver.
Fixed status
mainline: [56c5485c9e444c2e85e11694b6c44f1338fc20fd,
73488cb2fa3bb1ef9f6cf0d757f76958bd4deaca,
d2d3e36498dd8e0c83ea99861fac5cf9e8671226,
144cd24dbc36650a51f7fe3bf1424a1432f1f480,
ca2848022c12789685d3fab3227df02b863f9696]
CVE-2021-3732: kernel: overlayfs: Mounting overlayfs inside an
unprivileged user namespace can reveal files
cip/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8]
cip/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571]
mainline: [427215d85e8d1476da1a86b8d67aceb485eb3631]
stable/4.14: [517b875dfbf58f0c6c9e32dc90f5cf42d71a42ce]
stable/4.19: [963d85d630dabe75a3cfde44a006fec3304d07b8]
stable/4.4: [c6e8810d25295acb40a7b69ed3962ff181919571]
stable/4.9: [e3eee87c846dc47f6d8eb6d85e7271f24122a279]
stable/5.10: [6a002d48a66076524f67098132538bef17e8445e]
stable/5.13: [41812f4b84484530057513478c6770590347dc30]
stable/5.4: [812f39ed5b0b7f34868736de3055c92c7c4cf459]
Updated CVEs
There is no update.
Currently tracking CVEs
CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2
There is no fix information as of 2021/08/26.
CVE-2021-3640: UAF in sco_send_frame function
There is no fix information as of 2021/08/26.
CVE-2020-26555: BR/EDR pin code pairing broken
There is no fix information as of 2021/08/26.
CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM
No fix information as of 2021/08/26.
CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning
No fix information as of 2021/08/26.
CVE-2021-3600: eBPF 32-bit source register truncation on div/mod
The vulnerability has been introduced since 4.15-rc9. 4.4 is not
affected. 4.19 is not fixed yet as of 2021/08/26.
mainline: [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90]
stable/5.10: [1d16cc210fabd0a7ebf52d3025f81c2bde054a90]
stable/5.4: [78e2f71b89b22222583f74803d14f3d90cdf9d12]
Regards,
--
Masami Ichikawa
Cybertrust Japan Co., Ltd.
Email :masami.ichikawa@...
:masami.ichikawa@...