*** This bug is a security vulnerability *** Public security bug reported:
Whilst discussing https://discourse.ubuntu.com/t/improvements-for-hardware-support-in- ubuntu-desktop-installation-media/20606 We have noticed a reference to somebody not having working backport- iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8 switch. However, kernel meta switch was pushed to security pocket, but the dkms modules are all in -updates only. This may result in people automatically installing the new kernel with unatanded upgrades; dkms modules failing to build; and a reboot required flag left on disk. At this point launching update manager will not offer to install dkms modules from updates, and will guide the users to reboot..... which will then cause them to boot the new kernel without the dkms modules that might be providing networking for them. Should dkms modules SRUs always getting published into -security pocket, as well as the -updates pocket? Should linux maintainer scripts prevent touching reboot required flag if any dkms modules fail to build? Should apt / unattanded-upgrades / update-manager always update dkms modules with kernels? ** Affects: apt (Ubuntu) Importance: Undecided Status: New ** Affects: dkms (Ubuntu) Importance: Undecided Status: New ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Affects: linux-meta (Ubuntu) Importance: Undecided Status: New ** Affects: unattended-upgrades (Ubuntu) Importance: Undecided Status: New ** Affects: update-manager (Ubuntu) Importance: Undecided Status: New ** Also affects: dkms (Ubuntu) Importance: Undecided Status: New ** Also affects: linux-meta (Ubuntu) Importance: Undecided Status: New ** Also affects: apt (Ubuntu) Importance: Undecided Status: New ** Also affects: update-manager (Ubuntu) Importance: Undecided Status: New ** Also affects: unattended-upgrades (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1914279 Title: linux from security may force reboots without complete dkms modules Status in apt package in Ubuntu: New Status in dkms package in Ubuntu: New Status in linux package in Ubuntu: New Status in linux-meta package in Ubuntu: New Status in unattended-upgrades package in Ubuntu: New Status in update-manager package in Ubuntu: New Bug description: Whilst discussing https://discourse.ubuntu.com/t/improvements-for-hardware-support-in- ubuntu-desktop-installation-media/20606 We have noticed a reference to somebody not having working backport- iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8 switch. However, kernel meta switch was pushed to security pocket, but the dkms modules are all in -updates only. This may result in people automatically installing the new kernel with unatanded upgrades; dkms modules failing to build; and a reboot required flag left on disk. At this point launching update manager will not offer to install dkms modules from updates, and will guide the users to reboot..... which will then cause them to boot the new kernel without the dkms modules that might be providing networking for them. Should dkms modules SRUs always getting published into -security pocket, as well as the -updates pocket? Should linux maintainer scripts prevent touching reboot required flag if any dkms modules fail to build? Should apt / unattanded-upgrades / update-manager always update dkms modules with kernels? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1914279/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
