Bug 1220766 (CVE-2021-47053) - VUL-0: CVE-2021-47053: kernel: crypto: sun8i-ss - Fix memory leak of pad
Summary: VUL-0: CVE-2021-47053: kernel: crypto: sun8i-ss - Fix memory leak of pad
Status: RESOLVED FIXED
Alias: CVE-2021-47053
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/395500/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-01 11:10 UTC by SMASH SMASH
Modified: 2024-06-10 12:12 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 2 Gabriele Sonnu 2024-03-01 16:09:24 UTC 
All affected branches already contain the fix. Closing.
Comment 4 Nicolai Stange 2024-04-29 10:00:30 UTC 
The commit from the Fixes tag, upstream commit d9b45418a917 ("crypto: sun8i-ss - support hash algorithms") first appeared in upstream v5.10 and has never been backported manually to any of our branches based on earlier kernel versions. The fix, upstream 50274b01ac16 ("crypto: sun8i-ss - Fix memory leak of pad"), is included in upstream v5.13.

So, judging from the Fixes tagging, none of our kernels has ever been vulnerable, there's no backport accordingly and hence there are no References to amend either AFAICT.

Reassigning back to security-team.
Comment 5 Gabriele Sonnu 2024-06-10 12:12:52 UTC 
All done, closing.