On Mon, Aug 23, 2021 at 04:08:44PM +0200, Pali Rohár wrote: > Hello Sasha and Greg! > > Last week I sent request for backporting ath9k wifi fixes for security > issue CVE-2020-3702 into stable LTS kernels because Qualcomm/maintainers > did not it for more months... details are in email: > https://lore.kernel.org/stable/20210818084859.vcs4vs3yd6zetmyt@pali/t/#u > > And now I got reports that in stable LTS kernels (4.14, 4.19) are > missing also other fixes for other Qualcomm wifi security issues, > covered by FragAttacks codename: CVE-2020-26145 CVE-2020-26139 > CVE-2020-26141 Then someone needs to provide us backports if they care about these very old kernels and these issues. Just like any other driver subsystem where patches are not able to be easily backported. Or just use a newer kernel, that's almost always a better idea. thanks, greg k-h
