TLTR; The issue reported to the Linux security team allowed one to read
and/or write up to 65kB of kernel memory past buffer boundaries by exploiting
lack of limiting of the usb control transfer request wLength in certain
fixed: 5.15.8, 5.10.85, 5.4.165
Thanks to Sam for noticing and checking affected versions!
kernel@: please stabilize fixed versions for gentoo-sources.
Affected gentoo-sources kernels are removed, newer ones are stabilized
The bug has been referenced in the following commit(s):
Author: Sam James <firstname.lastname@example.org>
AuthorDate: 2022-04-13 06:00:19 +0000
Commit: Sam James <email@example.com>
CommitDate: 2022-04-13 06:00:19 +0000
profiles: drop obsolete 5.14 masks
Signed-off-by: Sam James <firstname.lastname@example.org>
profiles/package.mask | 8 --------
1 file changed, 8 deletions(-)