New kernel CVE
Joel Stanley
joel at jms.id.au
Mon Dec 9 14:38:03 AEDT 2019
On Fri, 6 Dec 2019 at 08:11, Yang, Cheng C <cheng.c.yang at linux.intel.com> wrote:
>
> Hi Joel,
>
> We found three CVE on our current OpenBMC kernel 5.3.11 which has been fixed in kernel 5.4
>
> Two of them are about crypto and the other is for trace. Do you have any plan to update kernel to fix them?
Yes, we plan to move to the 5.4 kernel. This kernel is ready to go,
with the exception of the broken dbus-sensors application, which
itself depends on PECI being enabled in the kernel and userspace
headers.
This work is being tracked here:
https://github.com/openbmc/openbmc/issues/3634
Cheers,
Joel
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2019-19062
>
> Fixed in https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2019-19072
>
> Fixed in https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2019-19050
>
> Fixed in https://github.com/torvalds/linux/commit/c03b04dcdba1da39903e23cc4d072abf8f68f2dd
>
>
>
>
>
> Thank you very much!
More information about the openbmc
mailing list