[DATA] CVE-2021-39800 and CVE-2021-39801 version information - Githubissues

nluedtke / linux_kernel_cves

Tracking CVEs for the linux Kernel

Apache License 2.0

739 stars 71 forks source link

[DATA] CVE-2021-39800 and CVE-2021-39801 version information #274

Open DerDakon opened 2 years ago

DerDakon commented 2 years ago

Change Type Requested Update

CVE id number CVE-2021-39801

References https://source.android.com/security/bulletin/2022-04-01

Additional context The Android bulletin links to 3 commits, which I don't know which one actually fixed the issue:

All went into 4.9.299. I don't see these commits in any other stable tree.

Android ION has been removed from the tree in https://github.com/torvalds/linux/commit/3db1a3fa98808aa90f95ec3e0fa2fc7abf28f5c9 (i.e. 5.11-rc1).

I'm not sure when this was actually introduced, but a lower bound is v3.14-rc1 as this is the first commit the ION driver appears in, see https://github.com/torvalds/linux/commit/c30707be128e952ca2ba77417cb5509e254a4aac.

DerDakon commented 2 years ago

This also applies to CVE-2021-39800, which lists the same commits.