There are cves based on OpenHarmony-4.19 as follows:
CVE-2021-21781
CVE-2021-22555
CVE-2021-35039
CVE-2021-3609
CVE-2021-34693
CVE-2021-32078
CVE-2021-33624
note CVE-2021-33624 has some bpf selftests pre-dependent patches.
-----------------------------------
Alexei Starovoitov (1):
bpf: extend is_branch_taken to registers
Andrey Ignatov (1):
selftests/bpf: Test narrow loads with off > 0 in test_verifier
Daniel Borkmann (5):
bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test
bpf: Update selftests to reflect new error states
bpf: Inherit expanded/patched seen count from old aux data
bpf: Do not mark insn as seen under speculative path verification
bpf: Fix leakage under speculation on mispredicted branches
Florian Westphal (1):
netfilter: x_tables: fix compat match/target pad out-of-bound write
John Fastabend (1):
bpf: Test_verifier, bpf_get_stack return value add <0
Mimi Zohar (1):
module: limit enabling module.sig_enforce
Norbert Slusarek (1):
can: bcm: fix infoleak in struct bcm_msg_head
Ovidiu Panait (2):
bpf: fix up selftests after backports were fixed
selftests/bpf: add selftest part of "bpf: improve verifier branch
analysis"
Piotr Krysiuk (1):
bpf, selftests: Fix up some test_verifier cases for unprivileged
Russell King (2):
ARM: footbridge: remove personal server platform
ARM: ensure the signal page contains defined contents
Thadeu Lima de Souza Cascardo (1):
can: bcm: delay release of struct bcm_op after synchronize_rcu()
arch/arm/configs/footbridge_defconfig | 1 -
arch/arm/kernel/signal.c | 14 +--
arch/arm/mach-footbridge/Kconfig | 21 ----
arch/arm/mach-footbridge/Makefile | 2 -
arch/arm/mach-footbridge/personal-pci.c | 58 ----------
arch/arm/mach-footbridge/personal.c | 25 -----
kernel/bpf/verifier.c | 95 +++++++++++++----
kernel/module.c | 9 ++
net/can/bcm.c | 10 +-
net/ipv4/netfilter/arp_tables.c | 2 +
net/ipv4/netfilter/ip_tables.c | 2 +
net/ipv6/netfilter/ip6_tables.c | 2 +
net/netfilter/x_tables.c | 10 +-
tools/testing/selftests/bpf/test_verifier.c | 112 +++++++++++++++-----
14 files changed, 196 insertions(+), 167 deletions(-)
delete mode 100644 arch/arm/mach-footbridge/personal-pci.c
delete mode 100644 arch/arm/mach-footbridge/personal.c
--
2.22.0
There are cves based on OpenHarmony-4.19 as follows:
CVE: CVE-2021-3573
CVE: CVE-2021-0129
CVE: CVE-2021-0512
CVE: CVE-2021-3587
CVE: CVE-2021-3564
CVE: CVE-2020-36385
CVE: CVE-2021-33200
Daniel Borkmann (3):
bpf: Wrap aux data inside bpf_sanitize_info container
bpf: Fix mask direction swap upon off reg sign change
bpf: No need to simulate speculative domain for immediates
Jason Gunthorpe (1):
RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
Krzysztof Kozlowski (1):
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed
connect
Lin Ma (2):
Bluetooth: fix the erroneous flush_work() order
Bluetooth: use correct lock to prevent UAF of hdev object
Luiz Augusto von Dentz (1):
Bluetooth: SMP: Fail if remote and local public keys are identical
Will McVicker (1):
HID: make arrays usage and value to be the same
drivers/hid/hid-core.c | 6 +--
drivers/infiniband/core/ucma.c | 78 +++++++++++++---------------------
kernel/bpf/verifier.c | 46 ++++++++++++--------
net/bluetooth/hci_core.c | 7 ++-
net/bluetooth/hci_sock.c | 4 +-
net/bluetooth/smp.c | 9 ++++
net/nfc/llcp_sock.c | 2 +
7 files changed, 79 insertions(+), 73 deletions(-)
--
2.25.1