This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed- bionic'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815259 Title: BPF: kernel pointer leak to unprivileged userspace Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Bug description: [Impact] Per Jann Horn, "Upstream commit dd066823db2ac4e22f721ec85190817b58059a54 ("bpf/verifier: disallow pointer subtraction") fixes a security bug (kernel pointer leak to unprivileged userspace)." https://lore.kernel.org/netdev/CAG48ez1=zogmdsue38hkg73ea4en+5qotltmzme+pgcthhw...@mail.gmail.com/ [Test Case] Run the "check subtraction on pointers for unpriv" test from tools/testing/selftests/bpf/test_verifier.c. The test should pass if the bug is fixed, fail otherwise. [Regression Potential] The change could cause a regression in an unprivileged process that is using eBPF. I suspect that this is unlikely. The alternative is to leave a potential security hole open. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1815259/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
