https://lists.ubuntu.com/archives/kernel-team/2021-February/117143.html
** Changed in: linux (Ubuntu Groovy) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu Hirsute) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu Groovy) Importance: Undecided => High ** Changed in: linux (Ubuntu Hirsute) Importance: Undecided => High ** Also affects: linux-hwe-5.8 (Ubuntu) Importance: Undecided Status: New ** No longer affects: linux-hwe-5.8 (Ubuntu Groovy) ** No longer affects: linux-hwe-5.8 (Ubuntu Hirsute) ** Also affects: linux (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: linux-hwe-5.8 (Ubuntu Focal) Importance: Undecided Status: New ** No longer affects: linux (Ubuntu Focal) ** Changed in: linux-hwe-5.8 (Ubuntu Focal) Status: New => In Progress ** Changed in: linux-hwe-5.8 (Ubuntu Focal) Importance: Undecided => High ** Changed in: linux (Ubuntu Groovy) Assignee: (unassigned) => Kamal Mostafa (kamalmostafa) ** Changed in: linux (Ubuntu Hirsute) Assignee: (unassigned) => Kamal Mostafa (kamalmostafa) ** Changed in: linux-hwe-5.8 (Ubuntu Focal) Assignee: (unassigned) => Kamal Mostafa (kamalmostafa) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1914668 Title: Exploitable vulnerabilities in AF_VSOCK implementation Status in linux package in Ubuntu: In Progress Status in linux-hwe-5.8 package in Ubuntu: New Status in linux-hwe-5.8 source package in Focal: In Progress Status in linux source package in Groovy: In Progress Status in linux source package in Hirsute: In Progress Bug description: https://www.openwall.com/lists/oss-security/2021/02/04/5 The following mainline patch is required for all kernels >= v5.8: {focal hwe-5.8, groovy, hirsute}: [linux] c518adafa39f vsock: fix the race conditions in multi-transport support or [linux-5.10-y] 55d900415b81 vsock: fix the race conditions in multi-transport support [Impact] * Patches an exploitable vulnerability. [Test Case] * See disclosure article. [Regression Potential] * Low: straightforward race condition fix; upstream cherry-pick. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1914668/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp