ACK: [SRU Groovy,Focal/linux-oem-5.10/Hirsute 0/2] CVE-2021-3490 fixups
Kleber Souza
kleber.souza at canonical.com
Thu May 27 14:10:01 UTC 2021
On 27.05.21 02:12, Thadeu Lima de Souza Cascardo wrote:
> We ended up applying a different fix for CVE-2021-3490. The upstream version is
> less restricted on the bounds for the cases where the lower 32-bits are known.
>
> This has been tested against reproducers for the original issue. Other tests
> for different bounds have been tested as well.
>
> Daniel Borkmann (1):
> gpf: Fix alu32 const subreg bound tracking on bitwise operations
>
> Thadeu Lima de Souza Cascardo (1):
> UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds
> tracking with bitwise ops"
>
> kernel/bpf/verifier.c | 22 +++++++++++++++++++++-
> 1 file changed, 21 insertions(+), 1 deletion(-)
>
Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Thanks
More information about the kernel-team
mailing list