[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
This bug is awaiting verification that the linux- gcp-5.13/5.13.0-1013.16~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
Yes, hopefully you can do that without resorting to a rescue image. Booting with `init=/bin/bash` may help if you can't uninstall it gently. Thanks -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
Hello Seth, Yes I've just installed McAfee antivirus. So should I remove antivirus tool? Thank you, Tu -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
Nguyen, do you have any antivirus tools installed? That's the usual cause of errors like this. Thanks -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
I applied 'sudo sysctl kernel.unprivileged_bpf_disabled=1' But it is still failed while install 'sudo apt install linux- image-5.11.0-46-generic' dpkg: error processing archive /var/cache/apt/archives/linux-image-5.11.0-46-generic_5.11.0-46.51~20.04.1_amd64.deb (--unpack): unable to open '/boot/vmlinuz-5.11.0-46-generic.dpkg-new': Operation not permitted -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
This was assigned CVE-2021-4204. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4204 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
** Description changed: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: - $ sudo sysctl kernel.unprivileged_bpf_disabled=1 + $ sudo sysctl kernel.unprivileged_bpf_disabled=1 + + Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See + https://www.kernel.org/doc/html/latest/admin- + guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the + configuration setting. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
** Description changed: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 + + Mitigation: + + Disable unprivileged ebpf with: + + $ sudo sysctl kernel.unprivileged_bpf_disabled=1 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 Mitigation: Disable unprivileged ebpf with: $ sudo sysctl kernel.unprivileged_bpf_disabled=1 Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See https://www.kernel.org/doc/html/latest/admin- guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the configuration setting. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1956585] Re: OOB write on BPF_RINGBUF
** Information type changed from Private Security to Public Security ** Description changed: - Placeholder bug. + tr3e wang discovered that an OOB write existed in the eBPF subsystem in + the Linux kernel on BPF_RINGBUF. + + Mitigation commit: https://git.launchpad.net/~ubuntu- + kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1956585 Title: OOB write on BPF_RINGBUF Status in linux package in Ubuntu: Fix Released Bug description: tr3e wang discovered that an OOB write existed in the eBPF subsystem in the Linux kernel on BPF_RINGBUF. Mitigation commit: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
