** Package changed: linux-signed-hwe-5.19 (Ubuntu) => linux (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2008823
Title:
/sys/kernel/boot_params/data leaks random data
Status in linux package in Ubuntu:
New
Bug description:
Looking at /sys/kernel/boot_params/data I see that much of the 4096 byte
buffer is old kernel data.
It really stood out as I saw parts of email contents in there.
It seems be random RAM contents from what was present before rebooting.
This was seen on Ubuntu 22.04.2 LTS with kernel 5.19.0-32-generic.
After rebooting again I
saw a fragment of yet another email in there.
A couple of ubuntu 22.10 systems show similar non-zero data, but nothing as
recognizable.
Nothing after the entries at the front of e820_table was zeroed out as it
should be.
This could leak a substantial amount of data such as encryption keys.
/sys/kernel/boot_params/data is readable by all users.
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: linux-image-5.19.0-32-generic 5.19.0-32.33~22.04.1
ProcVersionSignature: Ubuntu 5.19.0-32.33~22.04.1-generic 5.19.17
Uname: Linux 5.19.0-32-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.3
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Tue Feb 28 13:24:06 2023
InstallationDate: Installed on 2019-10-17 (1229 days ago)
InstallationMedia: Ubuntu-Server 18.04.3 LTS "Bionic Beaver" - Release amd64
(20190805)
ProcEnviron:
TERM=screen-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: linux-signed-hwe-5.19
UpgradeStatus: Upgraded to jammy on 2022-08-13 (199 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2008823/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
