An out-of-bounds write flaw was found in the Linux kernel's seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information.
Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b Included in: >=linux-5.13.4 >=linux-5.10.52 >=linux-5.4.134 >=linux-4.19.198 >=linux-4.14.240 >=linux-4.9.276 >=linux-4.4.276
These kernels were stabilized before this bug was opened.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b9a1ff8f90810a533a7c11c6c145e61f69d1974 commit 6b9a1ff8f90810a533a7c11c6c145e61f69d1974 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2021-07-23 21:40:33 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2021-07-23 21:42:10 +0000 package.mask: Last rite sys-kernel/bliss-kernel-bin Bug: https://bugs.gentoo.org/803212 Signed-off-by: Michał Górny <mgorny@gentoo.org> profiles/package.mask | 6 ++++++ 1 file changed, 6 insertions(+)
Package list is empty or all packages have requested keywords.
(In reply to John Helmert III from comment #2) > These kernels were stabilized before this bug was opened. ...and now we've long been cleaned up.