CVE-2021-4159 was fixed by this same commit.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4159
** Information type changed from Private Security to Public Security
** Changed in: linux (Ubuntu)
Status: New => Fix Released
--
You received this bug notification becaus
Thanks, neoni. We appreciate the report. Sorry it took this long to get
a response.
Those fixes are already applied in our 5.15 kernels and we don't support
5.19 and 6.0 anymore. Since these have been fixed in 6.1 and later
kernels and 5.4 do not carry those features, we consider this issue
fixed
It needs to be reproduced on more recent kernels.
** Information type changed from Private Security to Public Security
** Changed in: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Kernel
Packages, which is s
on TIOCSTI may break.
** Affects: linux (Ubuntu)
Importance: Medium
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu)
Impo
The kernel mitigations for this vulnerability were provided back in
August, when Mantic was still the development released. So, though the
Mantic target kernel had not been in the release pocket yet, the fixes
were there, so it was marked as pending for the development release.
When Mantic got rele
cases.
[Potential regression]
io_uring users only would be affected given most changes are restricted to it.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Mantic)
Importance: Medium
Assignee: Thadeu Lima de Souza Cascardo
** Changed in: linux (Ubuntu Mantic)
Status: New => Confirmed
** Changed in: linux (Ubuntu Mantic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Lunar)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu L
aslr32 libs regressed because of upstream commit 1854bc6e2420
("mm/readahead: Align file mappings for non-DAX").
Some filesystems mmap will try to align the address by the size and when
glibc loaded maps the ELF file, a randomized address will be chosen but
then aligned to the PMD size (21 bits on
my)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2037667
Title:
Regression on Jammy's kernel 5.15 when
Upstream commit b0ad3c179059089d809b477a1d445c1183a7b8fe ("rtnetlink:
call validate_linkmsg in rtnl_create_link") sounds like a good candidate
as the culprit here. I see no fixes referencing it upstream, though.
--
You received this bug notification because you are a member of Kernel
Packages, wh
> BPF LSM is the only major LSM that has a potential platform available
for targeting generic sw security solutions and generic performance sw
solutions between multiple distros.
So no specific software solution in mind? Only generic hypothetical
solutions?
--
You received this bug notification
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2035390
Title:
kvm-amd crashes when loaded at svm_init
Status in linux package in Ubuntu:
Invali
** Changed in: linux (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2035390
Title:
kvm-amd crashes when loaded at svm_init
St
Adding BPF LSM by default will cause memory and CPU impact to all users.
Right now, it is possible to add this by changing the kernel boot
command line parameters.
What is the justification to change the default? Another distro enabling
it does not justify it. And one unknown software using it doe
** Affects: linux (Ubuntu Bionic)
Importance: Critical
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Changed in: linux (Ubuntu)
Status: New => In Progress
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status:
** Changed in: linux (Ubuntu Jammy)
Status: Incomplete => Won't Fix
** Changed in: linux (Ubuntu Lunar)
Status: Incomplete => Won't Fix
** Changed in: linux (Ubuntu)
Status: Incomplete => Won't Fix
** Changed in: nftables (Ubuntu)
Status: New => Invalid
--
You recei
** Also affects: nftables (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2035285
Title:
nft cannot load certain rulesets after kernel
Upstream nftables commits below apply cleanly on 1.0.6 (lunar upstream
version) and produce the correct results.
784597a4ed63b9decb10d74fdb49a1b021e22728
27c753e4a8d4744f479345e3f5e34cafef751602
3975430b12d97c92cdf03753342f2269153d5624
--
You received this bug notification because you are a memb
Public bug reported:
[Impact]
After kernel fixes for CVE-2023-4147/CVE-2023-3995 were applied, the kernel
nftables module does not accept certain bogus rules that were built by the nft
tool. A fix for nft was provided to produce rules as now expected by the kernel.
[Test case]
Running nftables
** Changed in: linux (Ubuntu Bionic)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2035133
Title:
linux-libc-dev:i386 is not produced anymore
Status: Invalid
** Affects: linux (Ubuntu Bionic)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Confirmed
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Status: New
** Description changed:
[Impact]
io_uring has been an important attack vector in the recent years in local
privilege escalation attacks. Allowing admins that don't use io_uring to
disable it in their systems allows them to reduce their attack surface.
[Test case]
sysctl -w kernel.io_u
** Changed in: linux (Ubuntu Mantic)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Lunar)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Jammy)
Status: Incomplete => Triaged
** Changed in: linux (Ubuntu Focal)
Status: Incomplete => Tri
=> Medium
** Changed in: linux (Ubuntu Mantic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Lunar)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Jammy)
Assignee: (unassigned) =>
Public bug reported:
[Impact]
io_uring has been an important attack vector in the recent years in local
privilege escalation attacks. Allowing admins that don't use io_uring to
disable it in their systems allows them to reduce their attack surface.
[Test case]
sysctl -w kernel.io_uring_disabled
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-6.1 in Ubuntu.
https://bugs.launchpad.net/bugs/2023220
Title:
Some INVLPG implementations can le
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2023577
Title:
cls_flower: off-by-one in fl_set_geneve_op
** Changed in: linux-gcp (Ubuntu Jammy)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/2020319
Title:
Encountering an issue with memcpy_fr
t; Medium
** Changed in: linux-gcp (Ubuntu Jammy)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/20
signed) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux-gcp (Ubuntu Kinetic)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux-gcp (Ubuntu Jammy)
Importance: Undecided => Medium
--
You received this bug notification because y
** Also affects: linux-gcp (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux-gcp-5.19 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gcp-5.19 (Ubuntu Kinetic)
Status: New => Invalid
** Changed in: linux-gcp (Ubuntu Jammy)
S
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-6.1 in Ubuntu.
https://bugs.launchpad.net/bugs/2023220
Title:
Some INVLPG implementations can le
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2023577
Title:
cls_flower: off-by-one in fl_set_geneve_op
** Tags removed: verification-needed-lunar
** Tags added: verification-done-lunar
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy verification-done-kinetic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to
** Tags removed: verification-needed-lunar
** Tags added: verification-done-lunar
** Tags added: verification-done-kinetic
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
--
You received this bug notification because you are a member of Kernel
Packages, which i
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2020279
Title:
Kernel warning after upgrade to 4.15.0.211.194
Status in linux package in Ubuntu:
Hi, @morc, this should release into the public repo with version
4.15.0-213.224. It should be in -proposed now. Can you verify that it
works, please?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.n
** Changed in: linux (Ubuntu Bionic)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2020279
Title:
Kernel warning after upgrade to 4.15.0.211.19
rtance: Undecided => Medium
** Changed in: linux-oem-6.1 (Ubuntu Jammy)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux-oem-6.1 (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Kernel
.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux (Ubuntu Focal)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: New
** Affects: linux (Ubuntu Jammy)
Importance: High
Assignee: Thadeu Lima de Souza
** Changed in: linux-oem-6.1 (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-oem-6.1 (Ubuntu Bionic)
Status: New => Invalid
** Changed in: linux-oem-6.1 (Ubuntu Focal)
Status: New => Invalid
** Changed in: linux-oem-6.1 (Ubuntu Kinetic)
Status: New => Inva
** Changed in: linux (Ubuntu Jammy)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Focal)
Status: Incomplete => In Progress
** Also affects: linux-oem-6.1 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-oem-6.1 (Ubuntu Trusty)
Status
** Changed in: linux (Ubuntu Mantic)
Status: Incomplete => Fix Released
** Changed in: linux (Ubuntu Lunar)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Kinetic)
Status: Incomplete => In Progress
--
You received this bug notification because you are a memb
case]
There is no particular test case.
[Potential regressions]
This affects performance on the affected systems. TLB behavior could also be
affected.
** Affects: linux (Ubuntu)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Fix Released
** Affects
Can you try to reproduce the issue with only 5.15.0-70, given the
changes in 5.15.0-71 would not justify these symptoms by itself?
Thank you very much.
Cascardo.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bug
Public bug reported:
When running xfstests ext4/054 test, the kernel will BUG_ON. This
requires a mangled filesystem (the test uses debugfs, the tool, not the
kernel filesystem).
[23967.165615] [ cut here ]
[23967.169587] kernel BUG at
/build/linux-aws-wwoDm1/linux-aws-4.
We should skip this test when running xfstests on ext4 on 4.4 kernels.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2015213
Title:
xfstests ext4/054 will BUG_ON
Status in ubuntu-kerne
btrfs send ioctl requires CAP_SYS_ADMIN on the initial user namespace.
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Status: New => Invalid
** Changed in: linux (Ubuntu Xenial)
Status: New => Won't Fix
** Changed i
Adding ubuntu-kernel-tests as this won't be fixed in the kernel, so we
should skip this particular test when running on 4.4.
Cascardo.
** Changed in: ubuntu-kernel-tests
Importance: Undecided => Medium
** Changed in: ubuntu-kernel-tests
Status: New => Triaged
--
You received this bug
Public bug reported:
When running xfstests btrfs/187, btrfs send will cause a NULL pointer
dereference or a BUG.
[ 308.924126] BTRFS error (device xvdb2): did not find backref in send_root.
inode=44681, offset=0, disk_byte=3193700352 found extent=3193700352
[ 310.054883] BTRFS info (device xv
** Also affects: linux-gcp (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gcp (Ubuntu Jammy)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.laun
Hey, Po-Hsu Lin.
I marked this as a duplicate of #1999554, as I did some research on it
before. So, many of these tests use a loop device and then try to clear
it. The clear function will retry multiple times because udev may have a
hold on the device. After a number of tries with some timeout, it
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1814234
Title:
rtcpie in timers from ubuntu_kernel_selftes
** Also affects: linux (Ubuntu Kinetic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2009271
Title:
Too many BDL entries regression
Status
** Changed in: linux (Ubuntu)
Status: Expired => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1999554
Title:
LTP uevent01 will fail on GCP n2d-standard-64
Status in l
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2002889
Title:
5.15.0-58.64 breaks xen bridge networking (
** Also affects: linux-gcp (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gcp (Ubuntu Jammy)
Status: New => Fix Committed
** Changed in: linux-gcp (Ubuntu Jammy)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu)
Status: New => Invalid
--
s: New => In Progress
** Changed in: linux-oem-6.0 (Ubuntu Jammy)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux-oem-6.0 (Ubuntu Jammy)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Kernel
Focal)
Status: New => In Progress
** Changed in: linux (Ubuntu Jammy)
Status: New => In Progress
** Changed in: linux (Ubuntu Kinetic)
Status: New => In Progress
** Changed in: linux (Ubuntu Kinetic)
Assignee: (unassigned) => Thadeu Lima de Souza
** Changed in: linux-gcp (Ubuntu Jammy)
Assignee: (unassigned) => Khaled El Mously (kmously)
** Changed in: linux-gcp (Ubuntu Jammy)
Importance: Undecided => Critical
** Changed in: linux-gcp (Ubuntu Jammy)
Status: New => Fix Committed
--
You received this bug notification becaus
** Changed in: linux (Ubuntu Kinetic)
Status: Incomplete => Confirmed
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/
Public bug reported:
[Impact]
kvm-unit-tests of PMU chained counter will fail as KVM does not behave like the
hardware implementation.
[Test case]
Run kvm-unit-tests pmu-chained-counters test.
[Potential regression]
PMU on KVM guests on ARM64 may misbehave.
** Affects: linux (Ubuntu)
Impo
Upstream commit bead02204e9806807bb290137b1ccabfcb4b16fd is likely
necessary.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2002319
Title:
KVM: fix PMU chained counter on ARM64
Status
** Changed in: linux-azure-4.15 (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure-4.15 in Ubuntu.
https://bugs.launchpad.net/bugs/1996093
Title:
[RELEASE BLOCKER] Cal
On focal, this reproduces with 5.4 and 5.15 kernels.
One of the causes for the delay is that udev is reading efivars for
secure boot, which takes 0.3 seconds. And it does it multiple times.
When running a 5.19 kernel on focal, however, the test seems to be able
to detach the device before udev st
Public bug reported:
Because udev takes too long to release the loop device, LTP test
uevent01 (and some other tests) may warn about not being able to detach
the loop device. This is identified as a failure.
ubuntu@selfprovisioned-cascardo-n2d:~$ sudo ./uevent01
tst_test.c:1423: TINFO: Timeout
Public bug reported:
18272 03:33:07 DEBUG| Persistent state client._record_indent now set
to 2
18273 03:33:07 DEBUG| Persistent state
client.unexpected_reboot now set to
('ubuntu_kernel_selftests.net:fib_nexthop_nongw.sh',
'ubuntu_kernel_selftests.net:fib_ne
Notice that the fix is available at ppa:canonical-kernel-team/ppa2 as
linux 5.15.0-56.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1996740
Title:
5.15.0-53-generic no longer boots
St
There is also an alternative fix, which is the one we want to release
with building at ppa:canonical-kernel-team/ppa2. The data point with the
other kernel is still useful, though.
Thanks.
Cascardo.
--
You received this bug notification because you are a member of Kernel
Packages, which is subsc
** Summary changed:
- 1.5.9-0ubuntu1~20.04.5 sporadic timeouts
+ containerd sporadic timeouts
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1996678
Title:
containerd sporadic timeouts
=> Invalid
** Changed in: linux (Ubuntu Focal)
Status: New => In Progress
** Changed in: linux (Ubuntu Focal)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Focal)
Importance: Undecided => Critical
--
You recei
** Changed in: linux-gcp (Ubuntu Focal)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/1958416
Title:
b/linux-gcp-5.4: log_check WARNING o
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Focal)
Status: New => Triaged
** Changed in: linux (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu Focal)
Assignee: (unassigned) => Thade
Focal)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Focal)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launch
** Changed in: linux-gcp (Ubuntu Jammy)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/1953575
Title:
Update gvnic driver code
Status in linux-gc
** Changed in: linux (Ubuntu Kinetic)
Importance: High => Low
** Changed in: linux (Ubuntu Jammy)
Importance: High => Low
** Changed in: linux (Ubuntu Focal)
Importance: High => Low
** Changed in: linux (Ubuntu Bionic)
Importance: High => Low
** Changed in: linux (Ubuntu Xenial)
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1961338
Title:
Disable unprivileged BPF by default
Status in linux package in Ubuntu:
Fix Release
When changing the interface hardware address, it also works: ip link set
eth0 addr XX:XX:XX:XX:XX:XX.
It also works when using virtio_net.
It has been tested with e1000e, where it fails when setting the
interface up.
When changing the address, __dev_xmit_skb will call sch_direct_xmit and
the pac
it is expected to be caused in such
scenarions anyway. That should affecte direct I/O.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux (Ubuntu Bionic)
Importance: Medium
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Pr
** Also affects: linux (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Trusty)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Trusty)
Importance: Undecided => High
** Changed in: linux (
Public bug reported:
[Impact]
Building some arches will take a long time. Disabling the ones that are not
supported will help accelerate release of emergency respins.
[Test case]
Verify that when building on a PPA, only amd64 is built.
[Potential regression]
Some packages may stop being built.
memory leaks.
[Potential regression]
AWS Xen instances can see failures on their block devices.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux (Ubuntu Xenial)
Importance: Critical
Assignee: Thadeu Lima de Souza Cascardo (cascardo
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1983030
Title:
Kernel fails to boot on some AMD systems
S
*** This bug is a security vulnerability ***
Private security bug reported:
[Impact]
When adding objects/sets/elements on the same nftables netlink batch, there can
be cross-table references. When a table is deleted, references to freed objects
may be left, leading to use-after-free vulnerabili
vulnerabilities. Unneeded TLB flushes
lead to performance impact.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Xenial)
Importance: Medium
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Also
: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu)
Status: New => Fix Released
** Changed in: linux (Ubuntu)
Importance: Undecided => Critical
** Description changed:
- placeholder
+ [Impact]
+ An unprivileged user could exploit a use-a
** Summary changed:
- upcoming update - nf oob
+ netfilter newset OOB write
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1976363
Title:
netfilter newset OOB write
Status in linux pac
This is CVE-2022-1972.
** Information type changed from Private Security to Public Security
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1972
** Description changed:
- placeholder - embargoed until June 2nd
+ [Impact]
+ An unprivileged user could write out-of-bounds by usin
Hi, Guilherme.
I think you misunderstood and we are in agreement. What I mean by the
first point is that, on Focal, we need to support 5.4 and 5.15. I don't
even think we need to support 5.8 and 5.11 any longer, though 5.13, as
it will still be supported for a while needs supporting. But I also me
There are two risks with that plan that we should overcome.
One is testing, such updates should not cause regressions. As of right
now, the small testing that makedumpfile receives is not sufficient and
gives a lot of false negatives. We should be testing that new kernels
are still dumpable (and f
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1972281
Title:
ext4: limit length to bitmap_maxbytes
S
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1972740
Title:
Unprivileged users may use PTRACE_SEIZE
** Tags removed: verification-needed-impish
** Tags added: verification-done-impish
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1972281
Title:
ext4: limit length to bitmap_maxbytes
S
** Tags removed: verification-needed-impish
** Tags added: verification-done-impish
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1972740
Title:
Unprivileged users may use PTRACE_SEIZE
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://b
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://b
Ubuntu Impish)
Status: New => In Progress
** Changed in: linux (Ubuntu Impish)
Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)
** Changed in: linux (Ubuntu Bionic)
Status: New => In Progress
** Changed in: linux (Ubuntu Bionic)
Assignee: (unassigned)
with seccomp.
** Affects: linux (Ubuntu)
Importance: High
Status: Fix Committed
** Affects: linux (Ubuntu Xenial)
Importance: High
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: Triaged
** Affects: linux (Ubuntu Bionic)
Importance: High
Fails with the kernel in -updates, 4.15.0-176.
Works with kernel in -proposed, 4.15.0-177.
ubuntu@bionic:~$ uname -r
4.15.0-177-generic
ubuntu@bionic:~$ sudo modprobe ip6_gre
ubuntu@bionic:~$ unshare -Urn true
ubuntu@bionic:~$ unshare -Urn true
ubuntu@bionic:~$ unshare -Urn true
ubuntu@bionic:~$
ay regress.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: linux (Ubuntu Xenial)
Importance: Low
Assignee: Thadeu Lima de Souza Cascardo (cascardo)
Status: In Progress
** Affects: linux (Ubuntu Bionic)
Importance: Low
Assign
1 - 100 of 1831 matches
Mail list logo