subject:"\[Kernel\-packages\] \[Bug 1816756\] Re\: squashfs hardening"

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-04-02 Thread Launchpad Bug Tracker

This bug was fixed in the package linux - 4.15.0-47.50

---
linux (4.15.0-47.50) bionic; urgency=medium

  * linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)

  * Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction

  * C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype

  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
- iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout

  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
- nvme-pci: fix out of bounds access in nvme_cqe_pending

  * CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()

  * CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt

  * amdgpu with mst WARNING on blanking (LP: #1814308)
- drm/amd/display: Don't use dc_link in link_encoder
- drm/amd/display: Move wait for hpd ready out from edp power control.
- drm/amd/display: eDP sequence BL off first then DP blank.
- drm/amd/display: Fix unused variable compilation error
- drm/amd/display: Fix warning about misaligned code
- drm/amd/display: Fix MST dp_blank REG_WAIT timeout

  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
- tun: implement carrier change

  * CVE-2019-8980
- exec: Fix mem leak in kernel_read_file

  * raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
(LP: #1811194)
- selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
  adjustments are in progress

  * [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: Add an include directive

  * CVE-2019-7308
- bpf: move {prev_,}insn_idx into verifier env
- bpf: move tmp variable into ax register in interpreter
- bpf: enable access to ax register also from verifier rewrite
- bpf: restrict map value pointer arithmetic for unprivileged
- bpf: restrict stack pointer arithmetic for unprivileged
- bpf: restrict unknown scalars of mixed signed bounds for unprivileged
- bpf: fix check_map_access smin_value test when pointer contains offset
- bpf: prevent out of bounds speculation on pointer arithmetic
- bpf: fix sanitation of alu op with pointer / scalar type from different
  paths
- bpf: add various test cases to selftests

  * CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- bpf: fix inner map masking to prevent oob under speculation

  * BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
- bpf/verifier: disallow pointer subtraction

  * squashfs hardening (LP: #1816756)
- squashfs: more metadata hardening
- squashfs metadata 2: electric boogaloo
- squashfs: more metadata hardening
- Squashfs: Compute expected length from inode size rather than block length

  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
- efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted

  * Update ENA driver to version 2.0.3K (LP: #1816806)
- net: ena: update driver version from 2.0.2 to 2.0.3
- net: ena: fix race between link up and device initalization
- net: ena: fix crash during failed resume from hibernation

  * ipset kernel error: 4.15.0-43-generic (LP: #1811394)
- netfilter: ipset: Fix wraparound in hash:*net* types

  * Silent "Unknown key" message when pressing keyboard backlight hotkey
(LP: #1817063)
- platform/x86: dell-wmi: Ignore new keyboard backlight change event

  * CVE-2018-18021
- arm64: KVM: Tighten guest core register access from userspace
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit
- arm64: KVM: Sanitize PSTATE.M when being set from userspace

  * CVE-2018-14678
- x86/entry/64: Remove %ebx handling from error_entry/exit

  * CVE-2018-19824
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in 
card.c

  * CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer

  * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
- fork: unconditionally clear stack on fork
- spi: spi-s3c64xx: Fix system resume support
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
- kvm, mm: account shadow page tables to kmemcg
- delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
- tracing: Fix double free of event_trigger_data
- tracing: Fix possible double free in event_enable_trigger_func()
- kthread, tracing: Don't expose half-written comm when creating kthreads
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
- tracing: Quiet gcc warning about maybe unused link

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-04-02 Thread Launchpad Bug Tracker

This bug was fixed in the package linux - 4.4.0-145.171

---
linux (4.4.0-145.171) xenial; urgency=medium

  * linux: 4.4.0-145.171 -proposed tracker (LP: #1821724)

  * linux-generic should depend on linux-base >=4.1 (LP: #1820419)
- [Packaging] Fix linux-base dependency

linux (4.4.0-144.170) xenial; urgency=medium

  * linux: 4.4.0-144.170 -proposed tracker (LP: #1819660)

  * Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction

  * C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype

  * CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()

  * CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt

  * Xenial update: 4.4.176 upstream stable release (LP: #1818815)
- net: fix IPv6 prefix route residue
- vsock: cope with memory allocation failure at socket creation time
- hwmon: (lm80) Fix missing unlock on error in set_fan_div()
- net: Fix for_each_netdev_feature on Big endian
- net: Add header for usage of fls64()
- tcp: tcp_v4_err() should be more careful
- net: Do not allocate page fragments that are not skb aligned
- tcp: clear icsk_backoff in tcp_write_queue_purge()
- vxlan: test dev->flags & IFF_UP before calling netif_rx()
- net: stmmac: Fix a race in EEE enable callback
- net: ipv4: use a dedicated counter for icmp_v4 redirect packets
- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32
- mfd: as3722: Handle interrupts on suspend
- mfd: as3722: Mark PM functions as __maybe_unused
- net/x25: do not hold the cpu too long in x25_new_lci()
- mISDN: fix a race in dev_expire_timer()
- ax25: fix possible use-after-free
- Linux 4.4.176

  * sky2 ethernet card don't work after returning from suspension
(LP: #1798921) // Xenial update: 4.4.176 upstream stable release
(LP: #1818815)
- sky2: Increase D3 delay again

  * Xenial update: 4.4.175 upstream stable release (LP: #1818813)
- drm/bufs: Fix Spectre v1 vulnerability
- staging: iio: adc: ad7280a: handle error from __ad7280_read32()
- ASoC: Intel: mrfld: fix uninitialized variable access
- scsi: lpfc: Correct LCB RJT handling
- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
- dlm: Don't swamp the CPU with callbacks queued during recovery
- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
- powerpc/pseries: add of_node_put() in dlpar_detach_node()
- serial: fsl_lpuart: clear parity enable bit when disable parity
- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
- staging:iio:ad2s90: Make probe handle spi_setup failure
- staging: iio: ad7780: update voltage on read
- ARM: OMAP2+: hwmod: Fix some section annotations
- modpost: validate symbol names also in find_elf_symbol
- perf tools: Add Hygon Dhyana support
- soc/tegra: Don't leak device tree node reference
- f2fs: move dir data flush to write checkpoint process
- f2fs: fix wrong return value of f2fs_acl_create
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
- nfsd4: fix crash on writing v4_end_grace before nfsd startup
- arm64: ftrace: don't adjust the LR value
- ARM: dts: mmp2: fix TWSI2
- x86/fpu: Add might_fault() to user_insn()
- media: DaVinci-VPBE: fix error handling in vpbe_initialize()
- smack: fix access permissions for keyring
- usb: hub: delay hub autosuspend if USB3 port is still link training
- timekeeping: Use proper seqcount initializer
- ARM: dts: Fix OMAP4430 SDP Ethernet startup
- mips: bpf: fix encoding bug for mm_srlv32_op
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
- sata_rcar: fix deferred probing
- clk: imx6sl: ensure MMDC CH0 handshake is bypassed
- cpuidle: big.LITTLE: fix refcount leak
- i2c-axxia: check for error conditions first
- udf: Fix BUG on corrupted inode
- ARM: pxa: avoid section mismatch warning
- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
- memstick: Prevent memstick host from getting runtime suspended during card
  detection
- tty: serial: samsung: Properly set flags in autoCTS mode
- arm64: KVM: Skip MMIO insn after emulation
- powerpc/uaccess: fix warning/error with access_ok()
- mac80211: fix radiotap vendor presence bitmap handling
- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
- Bluetooth: Fix unnecessary error message for HCI request completion
- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
- drbd: narrow rcu_read_lock in drbd_sync_handshake
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer
- drbd: skip spurious timeout (ping-timeo) when failing promote
- drbd: Avoid Clang warning about pointless switch statment
- video:

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-03-28 Thread Tyler Hicks

The libreoffice and chromium snaps continued to work just fine after
upgrading to the xenial and bionic -proposed kernels that contain the
squashfs hardening patches. Verification is complete.

** Tags removed: verification-needed-bionic verification-needed-xenial
** Tags added: verification-done-bionic verification-done-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
  squashfs hardening

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

  There are a number of recent squashfs hardening fixes in the upstream
  kernel. They don't have CVE number assigned but it would be good to
  backport the fixes to harden our kernel against malicious squashfs
  images. They would harden Ubuntu kernels against potentially malicious
  snaps.

  The changes are:

  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01cfb7937a9af2abb1136c7e89fbf3fd92952956
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/id=d512584780d3e6a7cacb2f482834849453d444a1
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdbb65c4c7ead680ebe54f4f0d486e2847a500ea
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71755ee5350b63fb1f283de8561cdb61b47f4d1d
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3f94cb99a854fa381fe7fadd97c4f61633717a5

  [Test Case]

  Unfortunately, we don't have access to the reproducers and I'm unaware
  of any regression tests for the squashfs kernel driver. It is very
  important that we don't regress snap usage in Ubuntu. In previous
  squashfs/snap testing, we've noticed that large snaps, such as
  chromium and libreoffice, do a good job of exercising the squashfs
  code. It should be sufficient if we make sure those snaps continue to
  install and work correctly.

  $ sudo snap install chromium
  $ sudo snap install libreoffice
  $ chromium
  < ensure you can browse to various websites >
  $ libreoffice
  < ensure you can create, save, open documents >

  [ Regression Potential ]

  Fairly low. The patches are intended to catch corrupted and/or
  malicious squashfs images. They should not affect well formed squashfs
  images. These patches are already present in the Cosmic (and Disco)
  kernel with no known bug reports despite a considerable number of
  Cosmic users exercising these changes via snaps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-03-15 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
bionic' to 'verification-done-bionic'. If the problem still exists,
change the tag 'verification-needed-bionic' to 'verification-failed-
bionic'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-bionic

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
squashfs hardening

Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Bionic:
Fix Committed

Bug description:
[Impact]

There are a number of recent squashfs hardening fixes in the upstream
kernel. They don't have CVE number assigned but it would be good to
backport the fixes to harden our kernel against malicious squashfs
images. They would harden Ubuntu kernels against potentially malicious
snaps.

The changes are:

*
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01cfb7937a9af2abb1136c7e89fbf3fd92952956
*
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/id=d512584780d3e6a7cacb2f482834849453d444a1
*
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdbb65c4c7ead680ebe54f4f0d486e2847a500ea
*
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71755ee5350b63fb1f283de8561cdb61b47f4d1d
*
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3f94cb99a854fa381fe7fadd97c4f61633717a5

[Test Case]

Unfortunately, we don't have access to the reproducers and I'm unaware
of any regression tests for the squashfs kernel driver. It is very
important that we don't regress snap usage in Ubuntu. In previous
squashfs/snap testing, we've noticed that large snaps, such as
chromium and libreoffice, do a good job of exercising the squashfs
code. It should be sufficient if we make sure those snaps continue to
install and work correctly.

$ sudo snap install chromium
$ sudo snap install libreoffice
$ chromium
< ensure you can browse to various websites >
$ libreoffice
< ensure you can create, save, open documents >

[ Regression Potential ]

Fairly low. The patches are intended to catch corrupted and/or
malicious squashfs images. They should not affect well formed squashfs
images. These patches are already present in the Cosmic (and Disco)
kernel with no known bug reports despite a considerable number of
Cosmic users exercising these changes via snaps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-03-15 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-xenial

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
squashfs hardening

Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Bionic:
Fix Committed

Bug description:
[Impact]

The changes are:

[Test Case]

$ sudo snap install chromium
$ sudo snap install libreoffice
$ chromium
< ensure you can browse to various websites >
$ libreoffice
< ensure you can create, save, open documents >

[ Regression Potential ]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-03-03 Thread Khaled El Mously

** Changed in: linux (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
  squashfs hardening

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

  There are a number of recent squashfs hardening fixes in the upstream
  kernel. They don't have CVE number assigned but it would be good to
  backport the fixes to harden our kernel against malicious squashfs
  images. They would harden Ubuntu kernels against potentially malicious
  snaps.

  The changes are:

  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01cfb7937a9af2abb1136c7e89fbf3fd92952956
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/id=d512584780d3e6a7cacb2f482834849453d444a1
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdbb65c4c7ead680ebe54f4f0d486e2847a500ea
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71755ee5350b63fb1f283de8561cdb61b47f4d1d
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3f94cb99a854fa381fe7fadd97c4f61633717a5

  [Test Case]

  Unfortunately, we don't have access to the reproducers and I'm unaware
  of any regression tests for the squashfs kernel driver. It is very
  important that we don't regress snap usage in Ubuntu. In previous
  squashfs/snap testing, we've noticed that large snaps, such as
  chromium and libreoffice, do a good job of exercising the squashfs
  code. It should be sufficient if we make sure those snaps continue to
  install and work correctly.

  $ sudo snap install chromium
  $ sudo snap install libreoffice
  $ chromium
  < ensure you can browse to various websites >
  $ libreoffice
  < ensure you can create, save, open documents >

  [ Regression Potential ]

  Fairly low. The patches are intended to catch corrupted and/or
  malicious squashfs images. They should not affect well formed squashfs
  images. These patches are already present in the Cosmic (and Disco)
  kernel with no known bug reports despite a considerable number of
  Cosmic users exercising these changes via snaps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-03-03 Thread Khaled El Mously

** Changed in: linux (Ubuntu Xenial)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
  squashfs hardening

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

  There are a number of recent squashfs hardening fixes in the upstream
  kernel. They don't have CVE number assigned but it would be good to
  backport the fixes to harden our kernel against malicious squashfs
  images. They would harden Ubuntu kernels against potentially malicious
  snaps.

  The changes are:

  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01cfb7937a9af2abb1136c7e89fbf3fd92952956
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/id=d512584780d3e6a7cacb2f482834849453d444a1
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdbb65c4c7ead680ebe54f4f0d486e2847a500ea
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71755ee5350b63fb1f283de8561cdb61b47f4d1d
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3f94cb99a854fa381fe7fadd97c4f61633717a5

  [Test Case]

  Unfortunately, we don't have access to the reproducers and I'm unaware
  of any regression tests for the squashfs kernel driver. It is very
  important that we don't regress snap usage in Ubuntu. In previous
  squashfs/snap testing, we've noticed that large snaps, such as
  chromium and libreoffice, do a good job of exercising the squashfs
  code. It should be sufficient if we make sure those snaps continue to
  install and work correctly.

  $ sudo snap install chromium
  $ sudo snap install libreoffice
  $ chromium
  < ensure you can browse to various websites >
  $ libreoffice
  < ensure you can create, save, open documents >

  [ Regression Potential ]

  Fairly low. The patches are intended to catch corrupted and/or
  malicious squashfs images. They should not affect well formed squashfs
  images. These patches are already present in the Cosmic (and Disco)
  kernel with no known bug reports despite a considerable number of
  Cosmic users exercising these changes via snaps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

2019-02-20 Thread Tyler Hicks

Bionic: https://lists.ubuntu.com/archives/kernel-team/2019-February/098532.html
Xenial: https://lists.ubuntu.com/archives/kernel-team/2019-February/098538.html

** Also affects: linux (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Bionic)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Xenial)
 Assignee: (unassigned) => Paolo Pisati (p-pisati)

** Changed in: linux (Ubuntu Bionic)
 Assignee: (unassigned) => Paolo Pisati (p-pisati)

** Changed in: linux (Ubuntu Xenial)
   Status: New => In Progress

** Changed in: linux (Ubuntu Bionic)
   Status: New => In Progress

** Changed in: linux (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1816756

Title:
  squashfs hardening

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  In Progress
Status in linux source package in Bionic:
  In Progress

Bug description:
  [Impact]

  There are a number of recent squashfs hardening fixes in the upstream
  kernel. They don't have CVE number assigned but it would be good to
  backport the fixes to harden our kernel against malicious squashfs
  images. They would harden Ubuntu kernels against potentially malicious
  snaps.

  The changes are:

  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01cfb7937a9af2abb1136c7e89fbf3fd92952956
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/id=d512584780d3e6a7cacb2f482834849453d444a1
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdbb65c4c7ead680ebe54f4f0d486e2847a500ea
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71755ee5350b63fb1f283de8561cdb61b47f4d1d
  * 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3f94cb99a854fa381fe7fadd97c4f61633717a5

  [Test Case]

  Unfortunately, we don't have access to the reproducers and I'm unaware
  of any regression tests for the squashfs kernel driver. It is very
  important that we don't regress snap usage in Ubuntu. In previous
  squashfs/snap testing, we've noticed that large snaps, such as
  chromium and libreoffice, do a good job of exercising the squashfs
  code. It should be sufficient if we make sure those snaps continue to
  install and work correctly.

  $ sudo snap install chromium
  $ sudo snap install libreoffice
  $ chromium
  < ensure you can browse to various websites >
  $ libreoffice
  < ensure you can create, save, open documents >

  [ Regression Potential ]

  Fairly low. The patches are intended to catch corrupted and/or
  malicious squashfs images. They should not affect well formed squashfs
  images. These patches are already present in the Cosmic (and Disco)
  kernel with no known bug reports despite a considerable number of
  Cosmic users exercising these changes via snaps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1816756/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

[Kernel-packages] [Bug 1816756] Re: squashfs hardening

8 matches

Site Navigation

Mail list logo

Footer information