Kernel fix for CVE-2022-34918 and other vulnerabilities

Started by mossroy, July 27, 2022, 01:48:00 PM

Previous topic - Next topic


See and/or It allows escalation of privileges.
Several other vulnerabilities have also been recently fixed in the kernel of Debian Bullseye:

The current 5.10.105-olimex kernel (provided by Olimex in its images and apt repo) is most probably affected too.

Please provide a kernel upgrade to fix these security issues


Does the latest kernel provided by Olimex (5.10.105-olimex #072307 SMP Wed Oct 12 07:24:41 UTC 2022) fix this security vulnerability?

I did not find anything related in the latest commits of


I see that a new kernel branch appeared on your github repo.

But I did not see any fix for this serious vulnerability (or for the other ones that appeared in between). Did I miss them?

If not, maybe you could base your branch on a more recent version of 5.10.x kernel (instead of staying on 5.10.105): at least 5.10.130, where this vulnerability has been fixed upstream (see and, but hopefully latest 5.10.x (currently 5.10.169, see to have more security and stability fixes?


Technical support and documentation manager at Olimex


Quote from: LubOlimex on March 09, 2023, 04:10:21 PMthis breaks the gui

Could you please elaborate?

You mean that the kernel fix prevents the desktop environment to work properly?
Strange, as this fix is included in upstream debian


So we do no deserve any kernel security patch since 14 months?

Kernel 5.10.105 was out in March 2022, see


It looks like we finally had a kernel update in olimex repo, at the end of July 2023:
I did not see any regression with it, so far. And I suppose it fixes the vulnerabilities I mentioned. Thanks.

However, no new image has been released with this new kernel, in It's not a blocker when the board has internet access (a simple apt update/upgrade does what is necessary), but can be for boards without internet access.

That kernel update is unfortunately not mentioned in the
* linux
- stm32mp1: backported rpmsg_tty driver

My opinion is that kernel security updates from olimex are not frequent enough (16 months to have an update from 5.10.105 to 5.10.180, here), and without enough communication (in this case, I did not see any?)