** Description changed:
[Impact]
s390 BPF JIT vulnerabilities allow the eBPF verifier to be bypassed, leading
to possible local privilege escalation.
[Mitigation]
Disable unprivileged eBPF.
sysctl -w kernel.unprivileged_bpf_disabled=1
[Potential regression]
BPF programs might execute incorrectly, affecting seccomp, socket filters,
tracing and other BPF users.
+
+ Commits to address this are upstream in Linus' tree; they are:
+
+ 1511df6f5e9e ("s390/bpf: Fix branch shortening during codegen pass")
+ 6e61dc9da0b7 ("s390/bpf: Fix 64-bit subtraction of the -0x80000000
constant")
+ db7bee653859 ("s390/bpf: Fix optimizing out zero-extensions")
+
+ and have been applied to the 5.14, 5.4 , 4.19, and 4.4 stable branches.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1943960
Title:
s390x BPF JIT vulnerabilities
Status in Ubuntu on IBM z Systems:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Bug description:
[Impact]
s390 BPF JIT vulnerabilities allow the eBPF verifier to be bypassed, leading
to possible local privilege escalation.
[Mitigation]
Disable unprivileged eBPF.
sysctl -w kernel.unprivileged_bpf_disabled=1
[Potential regression]
BPF programs might execute incorrectly, affecting seccomp, socket filters,
tracing and other BPF users.
Commits to address this are upstream in Linus' tree; they are:
1511df6f5e9e ("s390/bpf: Fix branch shortening during codegen pass")
6e61dc9da0b7 ("s390/bpf: Fix 64-bit subtraction of the -0x80000000
constant")
db7bee653859 ("s390/bpf: Fix optimizing out zero-extensions")
and have been applied to the 5.14, 5.4 , 4.19, and 4.4 stable
branches.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1943960/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
