This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1942612
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
** Changed in: linux (Ubuntu Bionic)
Status: New => Incomplete
** Changed in: linux (Ubuntu Focal)
Status: New => Incomplete
** Tags added: bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1942612
Title:
cve-2017-7616 in cve from ubuntu_ltp failed on bionic with
linux/linux-hwe-5.4 on i386
Status in ubuntu-kernel-tests:
New
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Bionic:
Confirmed
Status in linux source package in Focal:
Confirmed
Bug description:
ubuntu_ltp.cve cve-2017-7616 testcase output:
16:10:41 DEBUG| [stdout] startup='Sun Aug 29 15:53:35 2021'
16:10:41 DEBUG| [stdout] tst_test.c:1346: TINFO: Timeout per run is 0h 05m 00s
16:10:41 DEBUG| [stdout] set_mempolicy05.c:66: TINFO: stack pattern is in
0xbf996ccc-0xbf9970cc
16:10:41 DEBUG| [stdout] set_mempolicy05.c:111: TFAIL: set_mempolicy should
fail with EFAULT or EINVAL, instead returned 38
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be missing kernel fixes, see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be vulnerable to CVE(s), see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout]
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2017-7616
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] Summary:
16:10:41 DEBUG| [stdout] passed 0
16:10:41 DEBUG| [stdout] failed 1
16:10:41 DEBUG| [stdout] broken 0
16:10:41 DEBUG| [stdout] skipped 0
16:10:41 DEBUG| [stdout] warnings 0
16:10:41 DEBUG| [stdout] tag=cve-2017-7616 stime=1630252415 dur=0 exit=exited
stat=1 core=no cu=0 cs=0
This is not a regression as this is a new testcase which runs only on
32-bit systems (i386 and powerpc). This test was added by ltp commit
6feed808040a86c54b7ab2dd3839fefd819a42cc (Add set_mempolicy05,
CVE-2017-7616).
The commit sha1 (cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 -
mm/mempolicy.c: fix error handling in set_mempolicy and mbind.) which
fixes this CVE according to https://ubuntu.com/security/CVE-2017-7616,
was applied upstream for v4.11-rc6, so both focal/linux and
bionic/linux supposedly contain the fix.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1942612/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
