This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1914668
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
** Changed in: linux (Ubuntu Groovy)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1914668
Title:
Exploitable vulnerabilities in AF_VSOCK implementation
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Groovy:
Incomplete
Status in linux source package in Hirsute:
Incomplete
Bug description:
https://www.openwall.com/lists/oss-security/2021/02/04/5
The following mainline patch is required for all kernels >= v5.8:
{focal hwe-5.8, groovy, hirsute}:
[linux] c518adafa39f vsock: fix the race conditions in multi-transport
support
or [linux-5.10-y] 55d900415b81 vsock: fix the race conditions in
multi-transport support
[Impact]
* Patches an exploitable vulnerability.
[Test Case]
* See disclosure article.
[Regression Potential]
* Low: straightforward race condition fix; upstream cherry-pick.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1914668/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
