diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-06-21 00:09:15 +0200 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-06-21 00:12:37 +0200 |
commit | fd8cdb05b848fa4628f42bce87a3719993030764 (patch) | |
tree | 509a1d364730ff44469255ce800f2bc4dd2b41fb /active/CVE-2022-20166 | |
parent | 62e8c058e38f5ff4d5d5165af4d91f22b8f2dbbe (diff) |
Fill in status for several issues
Diffstat (limited to 'active/CVE-2022-20166')
-rw-r--r-- | active/CVE-2022-20166 | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/active/CVE-2022-20166 b/active/CVE-2022-20166 index d13c8ae2..3c96d5de 100644 --- a/active/CVE-2022-20166 +++ b/active/CVE-2022-20166 @@ -1,13 +1,21 @@ Description: drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions References: https://source.android.com/security/bulletin/pixel/2022-06-01 + https://android.googlesource.com/kernel/common/+/37c7c8d4f0856ca30c2583adead91f42711f9c2f%5E%21/ Notes: + bwh> Based on the Android backport of this, the specific case where a + bwh> buffer overflow was possible must be in the name attribute of a + bwh> wakeup_source. This code was introduced in 5.4 by commit + bwh> c8377adfa781 "PM / wakeup: Show wakeup sources stats in sysfs". + bwh> If wakelocks are enabled (CONFIG_PM_WAKELOCKS=y) then user-space + bwh> can create a wakeup_source with an arbitrary name. However, we + bwh> never enabled this. Bugs: upstream: released (5.10-rc1) [aa838896d87af561a33ecefea1caa4c15a68bc47] 5.10-upstream-stable: N/A "Fixed before branching point" -4.19-upstream-stable: -4.9-upstream-stable: +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" sid: released (5.10.4-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: -4.9-stretch-security: +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" |