Security Vulnerabilities for LTS Kernel 5.10

Herbert220930

New Member
Joined
Sep 30, 2022
Messages
3
Reaction score
0
Credits
34
A commercial security scan of Linux Kernel 5.10.136 (linux-5.10.136.tar.gz at https://cdn.kernel.org/pub/linux/kernel/v5.x) returned the following high severity vulnerabilities: CVE-2021-3493, CVE-2022-39189, WS-2021-0553, CVE-2021-32078, CVE-2017-15868, WS-2021-0561, WS-2021-0566, CVE-2022-1943, CVE-2021-20194, WS-2021-0557, WS-2021-0274

I believe that most of them are false positives because:
I took a deeper look into CVE-2021-3493 which is fixed by https://github.com/gregkh/linux/commit/7c03e2cda4a584cadc398e8f6641ca9988a39d52. It is merged to kernel versions 5.11 or higher but NOT to version 5.10.

This raises the following questions:
  • What is the policy regarding fixes of security bugs for the Kernel 5.10?
  • Is anywhere a documentation for security vulnerabilities available which minimum kernel release introduced this vulnerability?
  • Is there any other LTS/stable branch with a lower number of known vulnerabilities?
 


kc1di

Well-Known Member
Joined
May 14, 2021
Messages
1,987
Reaction score
1,854
Credits
14,374
which distro are you using? The answer to your last question will depend somewhat on the distro in use. For instance ubuntu has their own kernel team and produces modified kernels for their releases that are also used by Linux Mint and others.
 

wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
9,134
Reaction score
8,100
Credits
39,110
@Herbert220930

Just in case of any misapprehension on your part, we are not an official arm nor organ of Linux, just scored the dot org name - we are manned by volunteer staff who share a love of Linux and have varying skills in various departments.

So basically, most of us would not a clue regarding your questions.

You are better advised to ask at kernel.org

Chris Turner
wizardfromoz
 
OP
H

Herbert220930

New Member
Joined
Sep 30, 2022
Messages
3
Reaction score
0
Credits
34
Hi Chris,

Thanks for your hint. Can you give me a more specific hint (like email address or full URL) where I can ask this question?

Many thanks,
Herbert
 

Members online


Top