This bug is awaiting verification that the linux-xilinx- zynqmp/5.4.0-1018.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification- done-focal'. If the problem still exists, change the tag 'verification- needed-focal' to 'verification-failed-focal'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1961338 Title: Disable unprivileged BPF by default Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Status in linux source package in Bionic: Fix Released Status in linux source package in Focal: Fix Released Bug description: [Impact] Unprivileged users have access to BPF, allowing them to execute code in the kernel under their control. Though restricted and verified, a lot of security issues have been uncovered over the years, indicating that it should be disabled by default in order to protect our users. Admins can reenable that access or give CAP_BPF to programs if needed. [Test case] A qa-regression-testing testcase has been added that checks for the ability to load BPF programs under different circumstances. [Potential regression] Users who rely on unprivileged BPF access will need to change the setting or give CAP_BPF to their programs. Also, sysctl and bpf code might be affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1961338/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
