APPLIED[G/H]: [SRU Groovy,Focal/linux-oem-5.10/Hirsute 0/2] CVE-2021-3490 fixups
Kleber Souza
kleber.souza at canonical.com
Thu May 27 15:27:37 UTC 2021
On 27.05.21 02:12, Thadeu Lima de Souza Cascardo wrote:
> We ended up applying a different fix for CVE-2021-3490. The upstream version is
> less restricted on the bounds for the cases where the lower 32-bits are known.
>
> This has been tested against reproducers for the original issue. Other tests
> for different bounds have been tested as well.
>
> Daniel Borkmann (1):
> gpf: Fix alu32 const subreg bound tracking on bitwise operations
>
> Thadeu Lima de Souza Cascardo (1):
> UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds
> tracking with bitwise ops"
>
> kernel/bpf/verifier.c | 22 +++++++++++++++++++++-
> 1 file changed, 21 insertions(+), 1 deletion(-)
>
Applied to [groovy/hirsute]:linux.
Thanks,
Kleber
More information about the kernel-team
mailing list