This bug was fixed in the package linux - 3.13.0-166.216
---------------
linux (3.13.0-166.216) trusty; urgency=medium
* linux: 3.13.0-166.216 -proposed tracker (LP: #1814645)
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] limit preparation to linux-libc-dev in headers
- [Packaging] commonise debhelper invocation
- [Packaging] ABI -- accumulate abi information at the end of the build
- [Packaging] buildinfo -- add basic build information
- [Packaging] buildinfo -- add firmware information to the flavour ABI
- [Packaging] buildinfo -- add compiler information to the flavour ABI
- [Packaging] buildinfo -- add buildinfo support to getabis
- [Config] buildinfo -- add retpoline version markers
- [Packaging] getabis -- handle all known package combinations
- [Packaging] getabis -- support parsing a simple version
- [Packaging] autoreconstruct -- base tag is always primary mainline version
* signing: only install a signed kernel (LP: #1764794)
- [Debian] usbip tools packaging
- [Debian] Don't fail if a symlink already exists
- [Debian] perf -- build in the context of the full generated local headers
- [Debian] basic hook support
- [Debian] follow rename of DEB_BUILD_PROFILES
- [Debian] standardise on stage1 for the bootstrap stage in line with debian
- [Debian] set do_*_tools after stage1 or bootstrap is determined
- [Debian] initscripts need installing when making the package
- [Packaging] reconstruct -- automatically reconstruct against base tag
- [Debian] add feature interlock with mainline builds
- [Debian] Remove generated intermediate files on clean
- [Packaging] prevent linux-*-tools-common from being produced from non
linux
packages
- SAUCE: ubuntu: vbox -- elide the new symlinks and reconstruct on clean:
- [Debian] Update to new signing key type and location
- [Packaging] autoreconstruct -- generate extend-diff-ignore for links
- [Packaging] reconstruct -- update when inserting final changes
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Packaging] printenv -- add signing options
- [Packaging] fix invocation of header postinst hooks
- [Packaging] signing -- add support for signing Opal kernel binaries
- [Debian] Use src_pkg_name when constructing udeb control files
- [Debian] Dynamically determine linux udebs package name
- [Packaging] handle both linux-lts* and linux-hwe* as backports
- [Config] linux-source-* is in the primary linux namespace
- [Packaging] lookup the upstream tag
- [Packaging] switch up to debhelper 9
- [Packaging] autopkgtest -- disable d-i when dropping flavours
- [debian] support for ship_extras_package=false
- [Debian] do_common_tools should always be on
- [debian] do not force do_tools_common
- [Packaging] skip cloud tools packaging when not building package
- [debian] prep linux-libc-dev only if do_libc_dev_package=true
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* kernel oops in bcache module (LP: #1793901)
- SAUCE: bcache: never writeback a discard operation
* iptables connlimit allows more connections than the limit when using
multiple CPUs (LP: #1811094)
- netfilter: connlimit: improve packet-to-closed-connection logic
- netfilter: nf_conncount: fix garbage collection confirm race
- netfilter: nf_conncount: don't skip eviction when age is negative
* CVE-2019-6133
- fork: record start_time late
* test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
(LP: #1813001)
- procfs: make /proc/*/{stack, syscall, personality} 0400
-- Kleber Sacilotto de Souza <[email protected]> Thu, 07 Feb
2019 11:31:21 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6133
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1813001
Title:
test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
Status in ubuntu-kernel-tests:
In Progress
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Trusty:
Fix Released
Bug description:
[Impact]
The testcase test_095_kernel_symbols_missing_proc_self_stack from
ubuntu_qrt_kernel_security testsuite started to fail with Trusty
kernel (3.13) after the fix for CVE-2018-17972 ("proc: restrict kernel
stack dumps to root"), which prevents a regular user to read from
/proc/self/stack.
Kernel: 3.13.0-165.215~precise1
The test failed with:
AssertionError: cat: /proc/self/stack: Permission denied
FAIL: test_095_kernel_symbols_missing_proc_self_stack
(__main__.KernelSecurityTest)
kernel addresses in /proc/self/stack are zeroed out
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 1364, in
test_095_kernel_symbols_missing_proc_self_stack
self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack,
expected=expected)
File "./test-kernel-security.py", line 1209, in _check_pK_files
test_function(expected_restricted)
File "./test-kernel-security.py", line 1320, in
_095_kernel_symbols_missing_proc_self_stack
expected, retry=True)
File "./test-kernel-security.py", line 1146, in _read_twice
self.assertEqual(rc, 0, regular)
AssertionError: cat: /proc/self/stack: Permission denied
The testcase checks the file permission before trying to read it, and
for kernel 3.13 the permissions became inconsistent with what the user
can actually do:
$ cat /proc/self/stack
cat: /proc/self/stack: Permission denied
$ ls -l /proc/self/stack
-r--r--r-- 1 ubuntu ubuntu 0 Jan 24 04:06 /proc/self/stack
[Test Case]
Run 'cat' and 'ls' on the file as stated above, or run the
ubuntu_qrt_kernel_security testsuite and check for the results of the
test_095_kernel_symbols_missing_proc_self_stack testcase.
[Fix]
Upstream commit 35a35046e4f9 ("procfs: make
/proc/*/{stack,syscall,personality} 0400") applied for v3.15-rc1 fixes the
issue.
[Regression Potential]
The upstream fix changes the permissions of the files
/proc/*/{stack,syscall,personality}, so userspace which relies on reading these
files as regular users might fail. However, this fixes a security issue and is
already applied on our later series.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1813001/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
