Quoting ${URL}: ``` TLTR; The issue reported to the Linux security team allowed one to read and/or write up to 65kB of kernel memory past buffer boundaries by exploiting lack of limiting of the usb control transfer request wLength in certain gadget functions. ``` fixed: 5.15.8, 5.10.85, 5.4.165 Thanks to Sam for noticing and checking affected versions!
kernel@: please stabilize fixed versions for gentoo-sources.
Affected gentoo-sources kernels are removed, newer ones are stabilized
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e7a45f555a91fcf9cd8d0848c6528e280c95ee8 commit 4e7a45f555a91fcf9cd8d0848c6528e280c95ee8 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-04-13 06:00:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-04-13 06:00:19 +0000 profiles: drop obsolete 5.14 masks Bug: https://bugs.gentoo.org/829491 Signed-off-by: Sam James <sam@gentoo.org> profiles/package.mask | 8 -------- 1 file changed, 8 deletions(-)
The two patches that address this CVE are have been in kernels since: 4.4.296 4.9.294 4.14.259 4.19.222 5.4.168 5.10.88 5.15.11 5.16 Feel free to close as this is mitigated by much more recents kernels in the tree.
Agreed, thanks!
