APPLIED[G/H]: [SRU Groovy,Focal/linux-oem-5.10/Hirsute 0/2] CVE-2021-3489 fixups

Kleber Souza kleber.souza at canonical.com
Thu May 27 15:25:19 UTC 2021


On 27.05.21 02:11, Thadeu Lima de Souza Cascardo wrote:
> We ended up applying a version of the fix that had a bug that prevents the
> mapping from being mprotect(PROT_WRITE).
> 
> We revert our version of the fix and apply the upstream version.
> 
> This was tested against reproducers for the original issue. Also tested by
> doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails
> without this change. It works fine with this patchset.
> 
> Andrii Nakryiko (1):
>    bpf: Prevent writable memory-mapping of read-only ringbuf pages
> 
> Thadeu Lima de Souza Cascardo (1):
>    UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable
>      memory-mapping of read-only ringbuf pages"
> 
>   kernel/bpf/ringbuf.c | 8 ++++----
>   1 file changed, 4 insertions(+), 4 deletions(-)
> 

Applied to [groovy/hirsute]:linux.

Thanks,
Kleber



More information about the kernel-team mailing list