** Also affects: linux-oem-5.6 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-oem-5.6 (Ubuntu)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux-oem-5.6 (Ubuntu)
Importance: Undecided => Critical
** Changed in: linux-oem-5.6 (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1914668
Title:
Exploitable vulnerabilities in AF_VSOCK implementation
Status in linux package in Ubuntu:
Fix Committed
Status in linux-hwe-5.8 package in Ubuntu:
New
Status in linux-oem-5.6 package in Ubuntu:
Fix Committed
Status in linux-riscv package in Ubuntu:
Fix Committed
Status in linux-hwe-5.8 source package in Focal:
In Progress
Status in linux source package in Groovy:
Fix Committed
Status in linux source package in Hirsute:
Fix Committed
Bug description:
https://www.openwall.com/lists/oss-security/2021/02/04/5
The following mainline patch is required for all kernels >= v5.8:
{focal hwe-5.8, groovy, hirsute}:
[linux] c518adafa39f vsock: fix the race conditions in multi-transport
support
or [linux-5.10-y] 55d900415b81 vsock: fix the race conditions in
multi-transport support
[Impact]
* Patches an exploitable vulnerability.
[Test Case]
* See disclosure article.
[Regression Potential]
* Low: straightforward race condition fix; upstream cherry-pick.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1914668/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
