n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855341
Title:
CONFIG_USELIB should be disabled
To manage notifications about thi
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855335
Title:
CONFIG_DEBUG_CREDENTIALS should be enabled
To manage notifications
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855339
Title:
CONFIG_LEGACY_PTYS should be disabled
To manage notifications abo
** Changed in: linux (Ubuntu)
Status: In Progress => Triaged
** Changed in: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.ne
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855338
Title:
CONFIG_IO_STRICT_DEVMEM should be enabled
To manage notifications
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855336
Title:
CONFIG_DEBUG_SG should be enabled
To manage notifications about thi
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855337
Title:
CONFIG_DEBUG_NOTIFIERS should be enabled
To manage notifications
** Changed in: linux (Ubuntu)
Status: In Progress => Triaged
** Changed in: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.ne
n: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855334
Title:
CONFIG_DEBUG_LIST should be enabled
To manage notifications about
** Changed in: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1811162
Title:
Turn on CONFIG_REFCOUNT_FULL for non-x86 arches
On 2020-03-02 07:53:18, AceLan Kao wrote:
> Here is the test kernel and the patches I reverted/applied, could
> anyone helps me verify it.
I can confirm that the new kernel does _not_ regress brightness controls
on the machine that caused me to initially open this bug report.
Thanks!
--
You rec
I enabled the KMS debug messages in the drm module:
$ cat /etc/modprobe.d/drm-debug.conf
options drm debug=0x04
$ sudo update-initramfs -u -k $(uname -r) && sudo reboot
...
Unfortunately, it doesn't look like my device_id is set after the
drm_dp_read_desc() in drm_dp_read_desc:
$ dmesg | grep -i
Note that the quirks in the debug output from comment #9 are 0x
because I've got still got commit 3269788061d2 ("USUNTU: SAUCE:
drm/i915: Force DPCD backlight mode on Dell Precision 4K sku") reverted
locally.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
** Tags added: champagne
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1861521
Title:
[FOCAL][REGRESSION] Intel Gen 9 brightness cannot be controlled
To manage notifications about this bug go to:
h
To provide further verification, I built Ubuntu-5.4-5.4.0-14.17 with a
single patch on top that reverts commit 3269788061d2 ("USUNTU: SAUCE:
drm/i915: Force DPCD backlight mode on Dell Precision 4K sku"). My
screen brightness controls are working again and I can undock from my
external monitor with
I noticed that upstream v5.4.18 allowed me to adjust my screen
brightness while Ubuntu-5.4-5.4.0-14.17 does not, which indicates an
Ubuntu SAUCE patch as the culprit. I bisected between the two kernels
and this was the result:
$ git bisect good
3269788061d24e316633165608259de1c110b801 is the first
Hi Brendan - What you're asking for is very different than the intent
behind this bug report. It'll be best if you open a new bug report.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1863234
Title:
Eoan: https://lists.ubuntu.com/archives/kernel-team/2020-February/107613.html
Disco: https://lists.ubuntu.com/archives/kernel-team/2020-February/107616.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bug
** Description changed:
[Impact]
The bpf(2) system call is completely blocked in Disco and Eoan when
Secure Boot is enabled due to overly restrictive Lockdown policies. This
makes it so that all bpf related tools are not usable on those releases.
[Test Case]
Set up test BPF pr
** Description changed:
+ [Impact]
+
+ The bpf(2) system call is completely blocked in Disco and Eoan when
+ Secure Boot is enabled due to overly restrictive Lockdown policies. This
+ makes it so that all bpf related tools are not usable on those releases.
+
+ [Test Case]
+
+ Set up test BPF pr
** Changed in: linux (Ubuntu Disco)
Status: Triaged => In Progress
** Changed in: linux (Ubuntu Eoan)
Status: Triaged => In Progress
** Changed in: linux (Ubuntu Disco)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu Eoan)
Hi Quentin - Thanks for the bug report! I do think that relaxing the
eBPF restrictions in Eoan and Disco would be acceptable for Secure Boot
purposes.
** Also affects: linux (Ubuntu Eoan)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Disco)
Importance: Undecided
I've also verified the fix in 5.3.0-41.33-generic.
** Tags removed: verification-needed-eoan
** Tags added: verification-done-eoan
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1861238
Title:
Root
I've verified the fix in 4.15.0-89.89-generic. The sysrq help message is
printed to the kernel log when trying to lift lockdown with the proof-
of-concept and when trying to lift lockdown with alt+sysrq+x.
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You
I've verified that the proof-of-concept does not show an information
leak when running 4.15.0-89.89-generic.
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to U
Submission to the Ubuntu kernel-team list:
https://lists.ubuntu.com/archives/kernel-team/2020-February/107444.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1862840
Title:
[Bionic] i915 incomp
** Description changed:
[Impact]
Gregory Herrero reported that the proof-of-concept for CVE-2019-14615
indicates that the information leak is not fixed in the Bionic 4.15
kernel as indicated by USN-4255-1:
https://usn.ubuntu.com/4255-1/
This only affects Ubuntu's 4.15 kernel
I've pushed a set of proposed backports which prevents the information
leak when running the proof-of-concept code:
https://git.launchpad.net/~tyhicks/ubuntu/+source/linux/+git/bionic/log/?h=cves/CVE-2020-8832
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
Another Gen 9 GPU that I have is not affected by this bug:
$ glxinfo | grep Device
Device: Mesa DRI Intel(R) HD Graphics 515 (Skylake GT2) (0x191e)
$ cat /proc/version_signature
Ubuntu 5.4.0-12.15-generic 5.4.8
I can increase and decrease the brightness without any issues.
--
You rece
minute or so to ensure that
# the information leak is not possible.
[Regression Potential]
TODO
** Affects: linux (Ubuntu)
Importance: High
Assignee: Tyler Hicks (tyhicks)
Status: Invalid
** Affects: linux (Ubuntu Bionic)
Importance: High
Assignee: Tyler Hicks (ty
Proposed fixes have been sent to the kernel-team list.
Focal: https://lists.ubuntu.com/archives/kernel-team/2020-February/107324.html
Eoan: https://lists.ubuntu.com/archives/kernel-team/2020-February/107326.html
Disco: https://lists.ubuntu.com/archives/kernel-team/2020-February/107328.html
Bionic:
cts: linux (Ubuntu Focal)
Importance: High
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Also affects: linux (Ubuntu Disco)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Eoan)
Importance: Undecided
Status: New
** Changed in: linux (U
achieve a lockdown free environment by running 'mokutil --disable-
validation' and rebooting.
** Changed in: linux (Ubuntu)
Importance: Undecided => High
** Changed in: linux (Ubuntu)
Status: Confirmed => In Progress
** Changed in: linux (Ubuntu)
Assignee: (
** Description changed:
+ [Impact]
+
It's possible to turn off kernel lockdown by emulating a USB keyboard
via USB/IP and sending an Alt+SysRq+X key combination through it.
Ubuntu's kernels have USB/IP enabled (CONFIG_USBIP_VHCI_HCD=m and
CONFIG_USBIP_CORE=m) with signed usbip_core and
The fix for this bug has been released for a little while now. See the
info here:
https://people.canonical.com/~ubuntu-
security/cve/2019/CVE-2019-14615.html
** Changed in: linux (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a membe
I rebooted into Eoan's 5.3.0-29.31 kernel, with Focal's userspace, and
verified that the screen brightness is still adjustable under that
kernel. Additionally, it is worth noting that I saw the same "hp_wmi:
Unknown event_id" warnings mentioned in comment 2 so they probably don't
have anything to d
Public bug reported:
After upgrading from Eoan (5.3.0-29.31) to Focal (5.4.0-12.15), I no
longer have the ability to control the backlight brightness on my HP
EliteBook 840 G5. When pressing the brightness hotkeys, the on-screen
indicator pops up and shows that the brightness setting is being chan
When the privacy screen functionality is enabled, I see the following
warnings in the logs:
[188829.782403] hp_wmi: Unknown event_id - 20 - 0x46fe
[188834.848948] hp_wmi: Unknown event_id - 20 - 0x3c00
[188835.624987] hp_wmi: Unknown event_id - 20 - 0x4600
The first warning is when I press the pr
** Information type changed from Private Security to Public Security
** Summary changed:
- Placeholder bug
+ arm64/KVM debug registers vulnerability
** Description changed:
- Placeholder bug report for arm64 KVM issue.
+ [Impact]
+
+ https://www.openwall.com/lists/oss-security/2020/01/30/5
+
FWIW, fatrace works fine for me under the same kernel and fatrace
version:
$ sudo fatrace
...
bash(51938): O /tmp/hi
bash(51938): CW /tmp/hi
...
tyhicks@elm:~$ cat /proc/version_signature
Ubuntu 5.4.0-12.15-generic 5.4.8
$ apt policy fatrace
fatrace:
Installed: 0.13-2
Candidate: 0.13-2
Vers
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1861238
Title:
Root can lift kernel lockdown via USB/IP
To manage notifications about this b
Upstream submission:
https://lore.kernel.org/lkml/20200123091713.12623-1-stefan.ba...@canonical.com/T/#t
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1860231
Title:
5.4.0-11 crash on cryptsetup op
Fix submitted by smb:
https://lists.ubuntu.com/archives/kernel-team/2020-January/107055.html
** Changed in: linux (Ubuntu)
Assignee: Andrea Righi (arighi) => Stéphane Graber (stgraber)
** Changed in: linux (Ubuntu)
Assignee: Stéphane Graber (stgraber) => Stefan Bader (smb)
--
You re
** Description changed:
- An attempt to run cryptsetup open on a newly created LUKS partition on
- Ubuntu Core 20 causes a kernel crash. This happens in 100% of the
- attempts on the snapd Core 20 installation test, but on an image created
- to reproduce this bug it happens only when certain param
** Description changed:
An attempt to run cryptsetup open on a newly created LUKS partition on
Ubuntu Core 20 causes a kernel crash. This happens in 100% of the
attempts on the snapd Core 20 installation test, but on an image created
to reproduce this bug it happens only when certain param
On 2020-01-19 16:15:58, aaronleung wrote:
> My OS have this bug, i try to install kernel 5.4 in my linuxmint19.3,
> bug, instailing not found samething with from /lib/firmware/i915/ ,again.
> i try to download from
> https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/
** Description changed:
-
+ We should disable CONFIG_USELIB to make the uselib(2) system call
+ unreachable in an effort to reduce the kernel attack surface.
+
+ The system call is only used by very old libc implementations and is
+ unlikely to be used today.
+
+ This config option is recommend
** Description changed:
-
+ Legacy BSD PTYs have been replaced by UNIX 98 PTYs a long time ago.
+ Disable legacy BSD PTY support as it is no longer needed.
+
+ This config option is recommended by the Kernel Self Protection
+ Project[1] and a 2019 study performed by Capsule 8 shows that it is
+
** Description changed:
-
+ We should enable CONFIG_IO_STRICT_DEVMEM to restrict userspace access of
+ active io-memory ranges.
+
+ This could impact kernel debugability. In that case, you may reboot with
+ iomem=relaxed on the kernel commandline to override this setting.
+
+
+ This config opt
** Description changed:
-
+ We should enable CONFIG_DEBUG_NOTIFIERS to ensure that notifier functions are
present in the core kernel text or module text sections before calling
+ those functions.
+
+ If an invalid function pointer is detected, a warning is issued and the
+ function is not calle
** Description changed:
-
+ Enable CONFIG_DEBUG_SG to perform sanity checks when performing
+ operations on scatterlists. If a sanity check fails a loud warning is
+ printed to the logs.
+
+ This change may help in detection of an attack that relies on
+ scatterlist manipulation.
** Description
** Description changed:
-
+ We should enable CONFIG_DEBUG_CREDENTIALS to perform sanity checks, such as
verifying usage counts and proper magic values, when handling cred
+ structs. If a cred sanity check fails a loud warning is printed to the
+ logs.
+
+ The config option raises the bar on the
** Description changed:
-
+ We should turn on CONFIG_DEBUG_LIST which does some sanity checking on the
+ surrounding linked list elements when adding or removing an element. If the
sanity check fails, the list manipulation operation is not and a loud warning
is printed to the logs in the form o
Importance: Undecided => High
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14615
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bu
This is CVE-2020-7053
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-7053
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1859522
Title:
use-after-free in i915_ppgtt_close
To mana
** Information type changed from Private Security to Public Security
** Description changed:
[Impact]
Quan Luo and ycq from Codesafe Team of Legendsec at Qi'anxin Group
reported a use-after-free issue in the i915 driver. This issue has been
fixed in the upstream kernel starting in v5.2
Hi Neil - I think that's a good idea since we haven't seen any progress
on this private bug report. I'm not sure of the cause here but I think
that we would have received a lot more reports if this was a widespread
issue when using wg-quick (as we have in the past).
** Information type changed fro
** Description changed:
[Impact]
It was discovered that upstream kernel commit cab15ce604e5 ("arm64:
Introduce execute-only page access permissions"), which introduced
execute-only user mappings, subverted the Privileged Access Never
protections.
The fix is to effectively revert
In Progress
** Changed in: linux (Ubuntu Disco)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu Bionic)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu Eoan)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Chan
*** This bug is a security vulnerability ***
Public security bug reported:
[Impact]
It was discovered that upstream kernel commit cab15ce604e5 ("arm64:
Introduce execute-only page access permissions"), which introduced
execute-only user mappings, subverted the Privileged Access Never
protections
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855341
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855339
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855342
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855340
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855337
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855334
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855336
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855335
Public bug reported:
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855338
On 2019-11-30 21:44:33, A. Denton wrote:
> Will the required pat set be backported to older kernel, such as Ubuntu
> 4.15.0-70.79-generic 4.15.18?
No, there are no plans to backport them at this time.
If you'd like to make use of a kernel containing those patches in Ubuntu
18.04 LTS, please consi
** Also affects: lttng-modules (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: lttng-modules (Ubuntu Bionic)
Status: New => In Progress
** Changed in: lttng-modules (Ubuntu Bionic)
Importance: Undecided => Medium
** Changed in: lttng-modules (Ubuntu Bionic)
I've sponsored an upload from Paolo to address this issue. I've asked
him to fill in the SRU template and I'm hoping that he's able to do that
before the SRU team gets to the upload.
** Changed in: ndiswrapper (Ubuntu Bionic)
Assignee: Thadeu Lima de Souza Cascardo (cascardo) => Paolo Pisati
I've sponsored an upload from Paolo to address this issue in Bionic.
I've asked him to fill in the SRU template and I'm hoping that he's able
to do that before the SRU team gets to the upload.
** Also affects: xtables-addons (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed i
Sorry Thadeu but Paolo had already passed me a debdiff to sponsor for
this bug.
** Changed in: ndiswrapper (Ubuntu Bionic)
Assignee: Thadeu Lima de Souza Cascardo (cascardo) => Paolo Pisati
(p-pisati)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is s
I've sponsored an upload from Paolo to address this issue. I've asked
him to fill in the SRU template and I'm hoping that he's able to do that
before the SRU team gets to the upload.
** Also affects: dahdi-linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: dahdi-linu
Hi Martin - Thanks for the bug report. Please follow the instructions
mentioned in comment 1 so that we can have a better view into what's
going on.
In the meantime, can you tell us if you use full disk encryption with
LUKS/dm-crypt? Thanks!
--
You received this bug notification because you are
Thanks for the report, Shaform. There are a few other bug reports
against 5.3.0-22 and we're trying to understand if there's a common
link. It looks like you're using LUKS/dm-crypt to do full disk
encryption of your root partition so we're waiting to hear if that's
common throughout the other repor
Hi Eugen - Thanks for the bug report and sorry about the trouble you're
experiencing.
I'm trying to figure out if there is any link between a few different
bug reports that I'm seeing come in for 5.3.0-22. It looks like the
dm_crypt module is loaded on your system so I'd like for you to verify
her
Hi Andrej - Thanks for the bug report and sorry for the trouble.
The 5.3.0-22 kernel had a bunch of changes in addition to the Intel
related security fixes. Lets start by ruling some things out.
I'd like for you to *separately* try two different kernel command-line
parameters.
The first is "miti
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1850867
Title:
refcount underflow and type confusion in shiftfs
To manage notifica
** Description changed:
[Impact]
The initial set of Ubuntu kernel updates to address CVE-2019-0155 are
not complete for 64-bit x86 kernels (amd64). The 32-bit x86 kernel
(i386) updates are complete. It may be possible for an attacker to
bypass the mitigations on 64-bit systems.
+
+ T
Public bug reported:
Starting with 4.15.0-68.77, currently in bionic-proposed, I can no
longer launch VMs when I disable EPT support in the kvm_intel module.
This works fine under 4.15.0-66.75 from bionic-security.
ubuntu@vought:~$ cat /proc/version_signature
Ubuntu 4.15.0-68.77-generic 4.15.18
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1851412
Title:
Verify kexec image signatures on arm64
To manage notifications abou
Hello - Does the recent switch from New -> Triaged for charm-cinder and
charm-nova-compute mean that someone was able to determine that the
charms are to blame and perhaps not the kernel?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I've verified the kernel in xenial-proposed:
tyhicks@sec-xenial-amd64:~$ cat /proc/version_signature
Ubuntu 4.4.0-167.196-generic 4.4.197
tyhicks@sec-xenial-amd64:~$ cat test.c
#include
#include
int main(void)
{
int rc = clock_gettime(10, 0);
if (rc < 0)
perror(
This is CVE-2019-18198
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-18198
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847478
Title:
eoan kernel does not contain "ipv6: do no
Thanks for pointing that out! I'm marking this bug as fixed for nvidia-
graphics-drivers-340.
** Changed in: nvidia-graphics-drivers-340 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
We're considering disabling CONFIG_HARDENED_USERCOPY_FALLBACK in
preparation for 20.04 LTS so getting this fixed soon would be necessary
to keep the driver working.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad
** Changed in: linux (Ubuntu)
Status: Confirmed => Triaged
** Changed in: linux (Ubuntu)
Importance: Undecided => High
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Ub
Fix submitted: https://lists.ubuntu.com/archives/kernel-
team/2019-October/104623.html
Since we're just about one week from the release of Eoan, this fix may
not make the Eoan release. If that's the case, it will be included in
the initial set of Stable Release Updates (SRU) for the Eoan kernels.
Thanks to Jason for alerting us of this issue and pointing us at the
fix!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847478
Title:
eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKU
** Description changed:
+ [Impact]
+
+ An unprivileged local attacker could cause a denial of service, or
+ possibly execute arbitrary code due to an ipv6 regression.
+
+ [Test Case]
+
+ An unpatched system will crash with the following command:
+
+ $ unshare -rUn sh -c 'ip link add dummy1 typ
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Status: New => In Progress
** Changed in: linux (Ubuntu)
Importance: Undecided => High
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Tyler Hicks
Fix submitted: https://lists.ubuntu.com/archives/kernel-
team/2019-October/104582.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847189
Title:
Bad posix clock speculation mitigation backport
T
)
Importance: Undecided
Status: Invalid
** Affects: linux (Ubuntu Xenial)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Xeni
A pull request for 5.4 included a fix to make SafeSetID useful due to a
bug in 5.3. Details can be read here:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c
The needed commit is located here:
https://git.kernel.org/pub/scm/l
,apparmor
Documentation on configuring SafeSetID can be found here:
https://www.kernel.org/doc/html/latest/admin-guide/LSM/SafeSetID.html
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
--
You received this bug notification because
ot;yama,integrity,apparmor"
[Regression Potential]
Low. This just limits the CONFIG_LSM value to only contain LSMs that are
being built.
** Affects: linux (Ubuntu)
Importance: Low
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Affects: linux (Ubuntu Disco)
Import
This has been fixed for some time. Please see the Ubuntu CVE Tracker for
kernel version information:
https://people.canonical.com/~ubuntu-
security/cve/2019/CVE-2019-11815.html
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because y
I've sponsored an upload from Connor to Bionic. Thanks, Connor!
** Changed in: openafs (Ubuntu Bionic)
Status: Incomplete => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1839890
T
1 - 100 of 2533 matches
Mail list logo
