| Message ID | 20210730060805.342577-1-nobuhiro1.iwamatsu@toshiba.co.jp |
|---|---|
| Headers | show |
| Series | Backports CVE-2021-21781 for 4.4 and 4.9 | expand |
On Fri, Jul 30, 2021 at 08:27:20AM +0200, Greg KH wrote: > On Fri, Jul 30, 2021 at 03:08:03PM +0900, Nobuhiro Iwamatsu wrote: > > Hi, > > > > This is a patch series to CVE-2021-21781. > > Given that this looks to be a "private" CVE at this point in time: > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21781 > you are going to have to provide a bit more information here :( Ah, nevermind, patch 2 explains things, this is fine, thanks for the backports. greg k-h
Hi, This is a patch series to CVE-2021-21781. The patch 9c698bff66ab ("RM: ensure the signal page contains defined contents") depepds on memset32. However, this function is not provided in 4.4 and 4.9. Therefore, we need the patch 3b3c4babd898 ("lib/string.c: add multibyte memset functions") to apply this feature. Another option is to implement only the memset32 function in arch/arm/kernel/signal.c only or using loop memset, but for simplicity we have taken the way of applying the original patch 3b3c4babd898 ("lib/string.c: add multibyte memset functions") that provides memset32 in mainline kernel. Best regards, Nobuhiro Matthew Wilcox (1): lib/string.c: add multibyte memset functions Russell King (1): ARM: ensure the signal page contains defined contents arch/arm/kernel/signal.c | 14 +++++---- include/linux/string.h | 30 ++++++++++++++++++ lib/string.c | 66 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 6 deletions(-)