** Changed in: linux (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Jammy)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Lunar)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Mantic)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Mantic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Lunar)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Jammy)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Focal)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2035116
Title:
allow io_uring to be disabled in runtime
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Focal:
Triaged
Status in linux source package in Jammy:
Triaged
Status in linux source package in Lunar:
In Progress
Status in linux source package in Mantic:
In Progress
Bug description:
[Impact]
io_uring has been an important attack vector in the recent years in local
privilege escalation attacks. Allowing admins that don't use io_uring to
disable it in their systems allows them to reduce their attack surface.
[Test case]
sysctl -w kernel.io_uring_disabled=1
then try to use io_uring from an unprivileged user, then try it with
privileges (CAP_SYS_ADMIN)
[Potential regression]
Uses can be denied from using io_uring.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2035116/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
