Adjust notes for CVE-2021-4204

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-30 09:32:43 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-30 09:32:43 +0100
commit: 72fa1fc214ff26a467df266681cda4eb13095cee (patch)
tree: dc6260b3f0ed0812ba5587dc7be8147560caccb3 /active/CVE-2021-4204
parent: 9c8269ea284cd0a65c1faf55f1d730ace3ada677 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/active/CVE-2021-4204 b/active/CVE-2021-4204
index badb7d31f..8fed3f7ae 100644
--- a/active/CVE-2021-4204
+++ b/active/CVE-2021-4204
@@ -8,7 +8,9 @@ Notes:
  carnil> | PTR_MAYBE_NULL")?
  carnil> Introduced after 457f44363a88 ("bpf: Implement BPF ring buffer
  carnil> and verifier support for it") in 5.8-rc1.
- carnil> Fixed as well in 5.15.17 for 5.157.y.
+ carnil> Fixed as well in 5.15.17 for 5.15.y.
+ carnil> The main fix seems to be 64620e0a1e71 ("bpf: Fix out of bounds
+ carnil> access for ringbuf helpers") but has pre-requisite work done.
 Bugs:
 upstream: released (5.17-rc1) [be80a1d3f9dbe5aee79a325964f7037fe2d92f30, d400a6cf1c8a57cdf10f35220ead3284320d85ff, 6788ab23508bddb0a9d88e104284922cb2c22b77, 64620e0a1e712a778095bd35cbb277dc2259281f, a672b2e36a648afb04ad3bda93b6bda947a479a5, 722e4db3ae0d52b2e3801280afbe19cf2d188e91, 37c8d4807d1b8b521b30310dce97f6695dc2c2c6]
 5.10-upstream-stable: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-30 09:32:43 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-30 09:32:43 +0100
commit	72fa1fc214ff26a467df266681cda4eb13095cee (patch)
tree	dc6260b3f0ed0812ba5587dc7be8147560caccb3 /active/CVE-2021-4204
parent	9c8269ea284cd0a65c1faf55f1d730ace3ada677 (diff)