** Description changed: [Impact] The initial set of Ubuntu kernel updates to address CVE-2019-0155 are not complete for 64-bit x86 kernels (amd64). The 32-bit x86 kernel (i386) updates are complete. It may be possible for an attacker to bypass the mitigations on 64-bit systems. + + The following upstream patch is needed: + + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea0b163b13ffc52818c079adb00d55e227a6da6f [Test Case] Upstream has ran the proposed fix through their regression test suite. We don't have a reproducer for CVE-2019-0155 so the test case is simply to ensure that desktop graphics continue to work. [Regression Potential] Low, the fix is obviously correct and, AAUI, the affected code path should only be legitimately used by the test suite.
** Description changed: [Impact] The initial set of Ubuntu kernel updates to address CVE-2019-0155 are not complete for 64-bit x86 kernels (amd64). The 32-bit x86 kernel (i386) updates are complete. It may be possible for an attacker to bypass the mitigations on 64-bit systems. The following upstream patch is needed: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea0b163b13ffc52818c079adb00d55e227a6da6f [Test Case] Upstream has ran the proposed fix through their regression test suite. We don't have a reproducer for CVE-2019-0155 so the test case is simply to ensure that desktop graphics continue to work. [Regression Potential] - Low, the fix is obviously correct and, AAUI, the affected code path - should only be legitimately used by the test suite. + Low, the fix is simple, tested, and, AAUI, the affected code path should + only be legitimately used by the test suite. ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1852141 Title: CVE-2019-0155: incomplete fix for 64-bit x86 kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1852141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
