[SRU Groovy,Focal/linux-oem-5.10/Hirsute 0/2] CVE-2021-3490 fixups
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu May 27 00:12:10 UTC 2021
We ended up applying a different fix for CVE-2021-3490. The upstream version is
less restricted on the bounds for the cases where the lower 32-bits are known.
This has been tested against reproducers for the original issue. Other tests
for different bounds have been tested as well.
Daniel Borkmann (1):
gpf: Fix alu32 const subreg bound tracking on bitwise operations
Thadeu Lima de Souza Cascardo (1):
UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds
tracking with bitwise ops"
kernel/bpf/verifier.c | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
--
2.30.2
More information about the kernel-team
mailing list