[Kernel-packages] [Bug 1959173] Re: Vulnerability in af_packet handling
This bug was fixed in the package linux-gke - 5.4.0-1061.64 --- linux-gke (5.4.0-1061.64) focal; urgency=medium * focal/linux-gke: 5.4.0-1061.64 -proposed tracker (LP: #1959355) * Vulnerability in af_packet handling (LP: #1959173) - net/packet: rx_owner_map depends on pg_vec linux-gke (5.4.0-1060.63) focal; urgency=medium * focal/linux-gke: 5.4.0-1060.63 -proposed tracker (LP: #1955227) [ Ubuntu: 5.4.0-97.110 ] * icmp_redirect from selftests fails on F/kvm (unary operator expected) (LP: #1938964) - selftests: icmp_redirect: pass xfail=0 to log_test() * Focal: CIFS stable updates (LP: #1954926) - cifs: use the expiry output of dns_query to schedule next resolution - cifs: set a minimum of 120s for next dns resolution - cifs: To match file servers, make sure the server hostname matches * seccomp_bpf in seccomp from ubuntu_kernel_selftests failed to build on B-5.4 (LP: #1896420) - SAUCE: selftests/seccomp: fix "storage size of 'md' isn't known" build issue - SAUCE: selftests/seccomp: Fix s390x regs not defined issue * system crash when removing ipmi_msghandler module (LP: #1950666) - ipmi: Move remove_work to dedicated workqueue - ipmi: msghandler: Make symbol 'remove_work_wq' static * zcrypt DD: Toleration for new IBM Z Crypto Hardware - (Backport to Ubuntu 20.04) (LP: #1954680) - s390/AP: support new dynamic AP bus size limit * [UBUNTU 20.04] KVM hardware diagnose data improvements for guest kernel - kernel part (LP: #1953334) - s390/setup: diag 318: refactor struct - s390/kvm: diagnose 0x318 sync and reset - KVM: s390: remove diag318 reset code - KVM: s390: add debug statement for diag 318 CPNC data * Updates to ib_peer_memory requested by Nvidia (LP: #1947206) - SAUCE: RDMA/core: Updated ib_peer_memory * Include Infiniband Peer Memory interface (LP: #1923104) - IB: Allow calls to ib_umem_get from kernel ULPs - SAUCE: RDMA/core: Introduce peer memory interface * Focal update: v5.4.162 upstream stable release (LP: #1954834) - arm64: zynqmp: Do not duplicate flash partition label property - arm64: zynqmp: Fix serial compatible string - ARM: dts: NSP: Fix mpcore, mmc node names - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - arm64: dts: hisilicon: fix arm,sp805 compatible string - RDMA/bnxt_re: Check if the vlan is valid before reporting - usb: musb: tusb6010: check return value after calling platform_get_resource() - usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency - arm64: dts: freescale: fix arm,sp805 compatible string - ASoC: SOF: Intel: hda-dai: fix potential locking issue - clk: imx: imx6ul: Move csi_sel mux to correct base register - ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect - scsi: advansys: Fix kernel pointer leak - firmware_loader: fix pre-allocated buf built-in firmware use - ARM: dts: omap: fix gpmc,mux-add-data type - usb: host: ohci-tmio: check return value after calling platform_get_resource() - ARM: dts: ls1021a: move thermal-zones node out of soc/ - ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible for flash - ALSA: ISA: not for M68K - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - MIPS: sni: Fix the build - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr() - powerpc/5200: dts: fix memory node unit name - ALSA: gus: fix null pointer dereference on pointer block - powerpc/dcr: Use cmplwi instead of 3-argument cmpli - sh: check return code of request_irq - maple: fix wrong return value of maple_bus_init(). - f2fs: fix up f2fs_lookup tracepoints - sh: fix kconfig unmet dependency warning for FRAME_POINTER - sh: math-emu: drop unused functions - sh: define __BIG_ENDIAN for math-emu - clk: ingenic: Fix bugs with divided dividers - clk/ast2600: Fix soc revision for AHB - clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk - mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - tracing: Save normal string variables - tracing/histogram: Do not copy the fixed-size char array field over the field size - RDMA/netlink: Add __maybe_unused to static inline in C file - perf bpf: Avoid memory leak from perf_env__insert_btf() - perf bench futex: Fix memory leak of perf_cpu_map__new() - perf tests: Remove bash construct from record+zstd_comp_decomp.sh - net: bnx2x: fix variable dereferenced before check - iavf: check for null in iavf_fix_features - iavf: free q_vectors before queues in iavf_disable_vf - iavf: Fix failure to
[Kernel-packages] [Bug 1959173] Re: Vulnerability in af_packet handling
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-gke in Ubuntu. https://bugs.launchpad.net/bugs/1959173 Title: Vulnerability in af_packet handling Status in linux-gke package in Ubuntu: Invalid Status in linux-gke source package in Focal: In Progress Bug description: CVE-2021-22600 A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function packet_set_ring of the file net/packet/af_packet.c. The manipulation with an unknown input leads to a memory corruption vulnerability. This is going to have an impact on confidentiality, integrity, and availability. The weakness was released 01/26/2022. The advisory is shared for download at git.kernel.org. This vulnerability is traded as CVE-2021-22600 since 01/05/2021. The exploitability is told to be easy. It is possible to launch the attack remotely. A authentication is required for exploitation. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 01/26/2022). Applying a patch is able to eliminate this problem. The fix is https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 More information at: https://partnerissuetracker.corp.google.com/issues/215427453 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-gke/+bug/1959173/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1959173] Re: Vulnerability in af_packet handling
This bug is awaiting verification that the linux-gke/5.4.0-1061.64 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-gke in Ubuntu. https://bugs.launchpad.net/bugs/1959173 Title: Vulnerability in af_packet handling Status in linux-gke package in Ubuntu: Invalid Status in linux-gke source package in Focal: In Progress Bug description: CVE-2021-22600 A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function packet_set_ring of the file net/packet/af_packet.c. The manipulation with an unknown input leads to a memory corruption vulnerability. This is going to have an impact on confidentiality, integrity, and availability. The weakness was released 01/26/2022. The advisory is shared for download at git.kernel.org. This vulnerability is traded as CVE-2021-22600 since 01/05/2021. The exploitability is told to be easy. It is possible to launch the attack remotely. A authentication is required for exploitation. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 01/26/2022). Applying a patch is able to eliminate this problem. The fix is https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 More information at: https://partnerissuetracker.corp.google.com/issues/215427453 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-gke/+bug/1959173/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1959173] Re: Vulnerability in af_packet handling
** Changed in: linux-gke (Ubuntu) Status: New => Invalid ** Changed in: linux-gke (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: linux-gke (Ubuntu Focal) Status: New => In Progress ** Changed in: linux-gke (Ubuntu Focal) Assignee: (unassigned) => Khaled El Mously (kmously) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-gke in Ubuntu. https://bugs.launchpad.net/bugs/1959173 Title: Vulnerability in af_packet handling Status in linux-gke package in Ubuntu: Invalid Status in linux-gke source package in Focal: In Progress Bug description: CVE-2021-22600 A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function packet_set_ring of the file net/packet/af_packet.c. The manipulation with an unknown input leads to a memory corruption vulnerability. This is going to have an impact on confidentiality, integrity, and availability. The weakness was released 01/26/2022. The advisory is shared for download at git.kernel.org. This vulnerability is traded as CVE-2021-22600 since 01/05/2021. The exploitability is told to be easy. It is possible to launch the attack remotely. A authentication is required for exploitation. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 01/26/2022). Applying a patch is able to eliminate this problem. The fix is https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 More information at: https://partnerissuetracker.corp.google.com/issues/215427453 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-gke/+bug/1959173/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp