Public bug reported: Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment.
** Affects: linux (Ubuntu) Importance: Undecided Assignee: Tim Gardner (timg-tpi) Status: In Progress ** Affects: linux (Ubuntu Trusty) Importance: Undecided Assignee: Tim Gardner (timg-tpi) Status: In Progress ** Affects: linux (Ubuntu Xenial) Importance: Undecided Assignee: Tim Gardner (timg-tpi) Status: In Progress ** Affects: linux (Ubuntu Yakkety) Importance: Undecided Assignee: Tim Gardner (timg-tpi) Status: In Progress ** Affects: linux (Ubuntu Zesty) Importance: Undecided Assignee: Tim Gardner (timg-tpi) Status: In Progress ** Also affects: linux (Ubuntu Zesty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Trusty) Status: New => In Progress ** Changed in: linux (Ubuntu Trusty) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Yakkety) Status: New => In Progress ** Changed in: linux (Ubuntu Yakkety) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Zesty) Status: New => In Progress ** Changed in: linux (Ubuntu Zesty) Assignee: (unassigned) => Tim Gardner (timg-tpi) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1642368 Title: linux: Staging modules should be unsigned Status in linux package in Ubuntu: In Progress Status in linux source package in Trusty: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: In Progress Bug description: Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1642368/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp