Hi!

> CVE-2021-3759: memcg: charge semaphores and sem_undo objects
> 
> This causes DoS attack. Patch was merged into mainline this week.
> 
> for 4.19, it needs modify or apply following patches to apply commit
> 18319498fdd4.

I don't think we need to care about this one. Embedded systems don't
usually run untrusted code...

> CVE-2021-40490: A race condition was discovered in
> ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
> in the Linux kernel through 5.13.13.

This is already queued to 4.4 and 4.19; we can simply wait.

> CVE-2021-38198: KVM: X86: MMU: Use the correct inherited permissions
> to get shadow page
> 
> 4.14 has been fixed this week.
> 
> mainline: [b1bd5cba3306691c771d558e94baa73e8b0b96b7]
> stable/4.14: [cea9e8ee3b8059bd2b36d68f1f428d165e5d13ce]

KVM. Tricky code and not exactly focus on CIP code. But perhaps
someone fixes it for us :-).

Best regards,
								Pavel
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany