Ubuntu 23.04 (Lunar Lobster) has reached end of life, so this bug will
not be fixed for that specific release.

** Changed in: gnutls28 (Ubuntu Lunar)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2031093

Title:
  libgnutls report "trap invalid opcode" when trying to install packages
  over https

Status in ubuntu-kernel-tests:
  New
Status in gnutls28 package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Confirmed
Status in gnutls28 source package in Focal:
  Confirmed
Status in linux source package in Focal:
  Fix Released
Status in gnutls28 source package in Jammy:
  Confirmed
Status in linux source package in Jammy:
  Fix Released
Status in gnutls28 source package in Lunar:
  Won't Fix
Status in linux source package in Lunar:
  Fix Released

Bug description:
  [Impact]
  When booting linux with Gather Data Sampling mitigations without updated 
microcode on an affected CPU, AVX will be disabled. This will cause programs 
connecting to https using gnutls on Jammy to break, including apt and git.

  [Test case]
  git clone 
https://git.launchpad.net/~canonical-kernel-team/+git/autotest-client-tests
  Cloning into 'autotest-client-tests'...
  error: git-remote-https died of signal 4

  dmesg:
  [  806.072080] traps: git-remote-http[2561] trap invalid opcode 
ip:7fa2e7dac44a sp:7ffed6796480 error:0 in 
libgnutls.so.30.31.0[7fa2e7c85000+129000]

  Works fine with the mitigation disabled by default.

  [Potential regressions]
  Users booting on affected parts without microcode updates will be subject to 
Gather Data Sampling attacks (which can be done by local untrusted attackers), 
which may leak confidential data, including keys.

  
  -------------------------------------------------

  When trying to install linux-libc-dev on Oracle BM.Standard2.52 (seems to be 
the only affected instance) with Jammy 5.15.0-81-generic, it will get 
interrupted with:
      E: Method https has died unexpectedly!
      E: Sub-process https received signal 4.

  $ sudo apt install linux-libc-dev
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  The following NEW packages will be installed:
    linux-libc-dev
  0 upgraded, 1 newly installed, 0 to remove and 54 not upgraded.
  Need to get 1353 kB of archives.
  After this operation, 6943 kB of additional disk space will be used.
  E: Method https has died unexpectedly!
  E: Sub-process https received signal 4.

  From dmesg you will see:
  [ 1078.750067] traps: https[4572] trap invalid opcode ip:7f3c1e6316be 
sp:7ffea26b61c0 error:0 in libgnutls.so.30.31.0[7f3c1e50f000+129000]

  Also, git clone is not working as well.

  $ git clone --depth=1 
https://git.launchpad.net/~canonical-kernel-team/+git/autotest-client-tests
  Cloning into 'autotest-client-tests'...
  error: git-remote-https died of signal 4

  dmesg:
  [  806.072080] traps: git-remote-http[2561] trap invalid opcode 
ip:7fa2e7dac44a sp:7ffed6796480 error:0 in 
libgnutls.so.30.31.0[7fa2e7c85000+129000]

  libgnutls30 version:3.7.3-4ubuntu1.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2031093/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to