From a778a0da0079c1a8df41d57c410d7ef637e38432 Mon Sep 17 00:00:00 2001
From: Yonghua Huang <yonghua.huang@intel.com>
Date: Sun, 12 Dec 2021 16:03:57 +0300
Subject: [PATCH] doc: update 'asa.rst' for 2.7 release

Update security advisory 2.7 release.

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
---
 doc/asa.rst | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/doc/asa.rst b/doc/asa.rst
index 5cfc7ae4f..9bd96d03a 100644
--- a/doc/asa.rst
+++ b/doc/asa.rst
@@ -3,6 +3,21 @@
 Security Advisory
 #################
 
+Addressed in ACRN v2.7
+************************
+
+We recommend that all developers upgrade to this v2.7 release (or later), which
+addresses the following security issue discovered in previous releases:
+
+-----
+
+-  Heap-use-after-free happens in ``MEVENT mevent_handle``
+    The file descriptor of ``mevent`` could be closed in another thread while being
+    monitored by ``epoll_wait``. This causes a heap-use-after-free error in
+    the ``mevent_handle()`` function.
+
+    **Affected Release:** v2.6 and earlier
+
 Addressed in ACRN v2.6
 ************************