New kernel CVE
Yang, Cheng C
cheng.c.yang at linux.intel.com
Fri Dec 6 19:11:42 AEDT 2019
Hi Joel,
We found three CVE on our current OpenBMC kernel 5.3.11 which has been
fixed in kernel 5.4
Two of them are about crypto and the other is for trace. Do you have any
plan to update kernel to fix them?
https://nvd.nist.gov/vuln/detail/CVE-2019-19062
Fixed in
https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc
https://nvd.nist.gov/vuln/detail/CVE-2019-19072
Fixed in
https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35
https://nvd.nist.gov/vuln/detail/CVE-2019-19050
Fixed in
https://github.com/torvalds/linux/commit/c03b04dcdba1da39903e23cc4d072abf8f68f2dd
Thank you very much!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20191206/22ff87ad/attachment-0001.htm>
More information about the openbmc
mailing list