CVE-2020-3702: Specifically timed and handcrafted traffic can cause
internal errors in a WLAN device that lead to improper layer 2 Wi-Fi
encryption with a consequent possibility of information disclosure
over the air for a discrete set of traffic
This CVE affects ath9k driver.
At least some of the relevant fixes are queued for
5.10.61/4.19. Likely this will resolve itself.
CVE-2021-3600: eBPF 32-bit source register truncation on div/mod
The vulnerability has been introduced since 4.15-rc9. 4.4 is not
affected. 4.19 is not fixed yet as of 2021/08/26.
I took a look into this. Apparently 4.14 and 4.19 is affected. (https://seclists.org/oss-sec/2021/q2/228
Due to BPF 32-bit subregister requirements (see bpf_design_QA.rst)
top 32 bits should be always zero when the 32 bit registers are in
use. So it could be possible to use BPF_JMP instead of BPF_JMP32.
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany