No idea. All the servers I touched at work were still booting via legacy BIOS. Mind you that these were old servers. The latest machine we have, an AMD EPYC 7002, is UEFI only. I never looked at the s

Done. Sorry about that. I only looked through my inbox. And our scripts don't pick things up from the stable-queue. In any case they will be picked up once the stable kernels including them are releas

Hi everyone, Two new CVEs this week: - CVE-2021-31829 [bpf: stack pointer protection from speculative arithmetic] - fixed Fixes just landed in mainline as part of the merge window. Fixes not tagged fo

Hi everyone, This was a quiet week. Only one new issue: - CVE-2021-3501 [x86: KVM: VMX: data race condition] - fixed Nothing else to report on. Regards ChenYu

Hi everyone, Seven new CVEs this week, though three can be ignored. - CVE-2021-1076 [nvidia out-of-tree driver DoS] - ignore - CVE-2021-1077 [nvidia out-of-tree driver DoS] - ignore - CVE-2021-23133 [

Hi everyone, Two new issues this week: - CVE-2020-36322 [fuse: bad inode] - fixed Needs backport to kernels earlier than 5.4. - CVE-2021-29154 [x86: bpf: jit: incorrect computation of branch displacem

Hi everyone, Eight new issues this week: - CVE-2020-36310 [x86/kvm: svm: infinite loop] - fixed auto-backport failed. - CVE-2020-36311 [x86/kvm: svm: sev: softhang] - fixed (ignore for CIP) - CVE-2020

Hi everyone, Nine new CVEs this week: - CVE-2021-28688 [xen: blkback leak persistent grants] - fixed (ignore for CIP) - CVE-2021-29264 [gianfar: jumbo frame overrun] - fixed (ignore for CIP) Needs bac

Hi everyone, Ten new issues this week: - CVE-2020-27170 [bpf: alu ops on pointer types] - fixed - CVE-2020-27171 [bpf: mask off-by-one] - fixed - CVE-2021-3444 [bpf: truncation handling mod32] - fixed

Hi everyone, Six new issues this week from the Ubuntu tracker: - CVE-2020-35519 [net/x25: buffer overflow] - fixed Looks like a few configs still have X.25 enabled: 4.4.y-cip/x86/plathome_obsvx1.confi

Hi everyone, Seven new CVEs this week: - CVE-2021-20265 [af_unix: memory leak] - fixed - CVE-2021-20268 [ebpf: signed type overflow] - fixed - CVE-2021-27363 [iscsi: iscsi_host_get_param() allows sysf

Hi, This week there are three new issues: - CVE-2021-0399 [net/xt_qtaguid] - Android kernel only - CVE-2021-0447 [l2tp] - Fixed in all kernels - CVE-2021-0448 [netfilter/ctnetlink] - Duplicate of CVE-

Hi everyone, Five new issues this week: - CVE-2020-24502 [e810: local DoS] - out-of-tree? - CVE-2020-24503 [e810: local information leak] - out-of-tree? - CVE-2020-24504 [e810: local DoS] - out-of-tre

Hi, So the fix for these three are a firmware update. However to use the newer firmware, a kernel patch [1] is required. Not sure how we should mark this in our repository... ignore or fixed by said p

Hi, Looks like CVE-2020-0544 and CVE-2020-0521 are for Windows. Debian lists them as such [1][2]. Seems the Intel advisory directly refers to Linux drivers by kernel version. Any other version string

I see Renesas and Siemens have it enabled. Is Xen still relevant? Or has everyone switched over to KVM + QEMU? I read the headline on Phoronix, but didn't know it was this bad. That also explains why

Hi everyone, Five new issues this week: CVE-2021-20239 [setsockopt copy_from_user error] - fixed in 5.4 and removed from 5.10 CVE-2021-26930 [xen-blkback error handling] - PR sent CVE-2021-26931 [xen

<masashi.kudo@...> wrote: FTR, fixes have now been incorporated into 4.4. ChenYu

Based on fixes for 4.9 reported by Debian, CVE-2021-3347 is now fixed for 4.4 by 6510e4a2d04f33e4bfd221760faab23e55d8772b..46358277b2da868763517f79aa0ac25ce78c4f68 inclusive. Lee Jones just posted a f

Hi everyone, Six new issues this week: - CVE-2020-12362, CVE-2020-12363, CVE-2020-12364: CVEs from Intel Advisory affecting Intel Graphics Driver. Details unknown - CVE-2021-20194 [bpf heap overflow]