Hello Thomas, or anyone else affected, Accepted systemd into artful-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/234-2ubuntu12.3 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-artful to verification-done-artful. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-artful. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: systemd (Ubuntu Artful) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-artful -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1725348 Title: Systemd - Bypassing MemoryDenyWriteExecution policy Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: Invalid Status in systemd source package in Zesty: Won't Fix Status in systemd source package in Artful: Fix Committed Status in systemd source package in Bionic: Fix Released Bug description: [Impact] * MemoryDenyWritePolicy can be bypassed by using a slightly different syscall. [Test Case] * Check that MemoryDenyWritePolicy, blocks pkey_mprotect as well as mprotect. [Regression Potential] * Upstream fix cherrypick, security vulnerability. [Other Info] * Original report Hello, We would like to report to you a vulnerability about systemd which allows to bypass the MemoryDenyWriteExecution policy on Linux 4.9+. The vulnerability is described in the attached PDF file. Sincerely, Thomas IMBERT To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725348/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
