New CVE entries in this week


Masami Ichikawa
 

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2.  Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@.../) and 5.10(https://lore.kernel.org/stable/1637577215186161@.../) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
          :masami.ichikawa@...

Join cip-dev@lists.cip-project.org to automatically receive all group messages.