Re: New CVE entries in this week

Masami Ichikawa

Hi !

On Sun, Jan 30, 2022 at 6:03 AM Pavel Machek <pavel@...> wrote:

CVE-2022-0330: drm/i915: Flush TLBs before releasing backing store

CVSS v3 score is not provided

Vulnerability in the i915 driver. Without an active IOMMU malicious
userspace can gain access (from the
code executing on the GPU) to random memory pages.

Fixed status

mainline: [7938d61591d33394a21bdd7797a245b65428f44c]
Wow. This must have been important. It looks like 5.10.95 (+4.4 and
4.19) was released just to get this fixed. Fix is "interesting" but...
it should be fixed.
Yes. Stable kernels were fixed :)

stable/4.14: [eed39c1918f1803948d736c444bfacba2a482ad0]
stable/4.19: [b188780649081782e341e52223db47c49f172712]
stable/4.4: [db6a2082d5a2ebc5ffa41f7213a544d55f73793a]
stable/4.9: [84f4ab5b47d955ad2bb30115d7841d3e8f0994f4]
stable/5.10: [6a6acf927895c38bdd9f3cd76b8dbfc25ac03e88]
stable/5.15: [8a17a077e7e9ecce25c95dbdb27843d2d6c2f0f7]
stable/5.16: [ec1b6497a2bc0293c064337e981ea1f6cbe57930]
stable/5.4: [1b5553c79d52f17e735cd924ff2178a2409e6d0b]

Best regards,
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...

Join to automatically receive all group messages.