Tested prior to update: PID 4732 Seccomp: 2 Seccomp: 0 Update: $ sudo apt install qemu-block-extra qemu-kvm qemu-system-common qemu-system-x86 qemu-utils Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: grub-pc-bin Use 'sudo apt autoremove' to remove it. Suggested packages: samba vde2 ovmf The following packages will be upgraded: qemu-block-extra qemu-kvm qemu-system-common qemu-system-x86 qemu-utils 5 upgraded, 0 newly installed, 0 to remove and 68 not upgraded. Need to get 6782 kB of archives. After this operation, 8192 B of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 qemu-utils amd64 1:2.11+dfsg-1ubuntu7.6 [868 kB] Get:2 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 qemu-system-common amd64 1:2.11+dfsg-1ubuntu7.6 [661 kB] Get:3 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 qemu-block-extra amd64 1:2.11+dfsg-1ubuntu7.6 [39.0 kB] Get:4 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 qemu-kvm amd64 1:2.11+dfsg-1ubuntu7.6 [13.2 kB] Get:5 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 qemu-system-x86 amd64 1:2.11+dfsg-1ubuntu7.6 [5201 kB] Fetched 6782 kB in 1s (7023 kB/s) (Reading database ... 86373 files and directories currently installed.) Preparing to unpack .../qemu-utils_1%3a2.11+dfsg-1ubuntu7.6_amd64.deb ... Unpacking qemu-utils (1:2.11+dfsg-1ubuntu7.6) over (1:2.11+dfsg-1ubuntu7.5) ... Preparing to unpack .../qemu-system-common_1%3a2.11+dfsg-1ubuntu7.6_amd64.deb ... Unpacking qemu-system-common (1:2.11+dfsg-1ubuntu7.6) over (1:2.11+dfsg-1ubuntu7.5) ... Preparing to unpack .../qemu-block-extra_1%3a2.11+dfsg-1ubuntu7.6_amd64.deb ... Unpacking qemu-block-extra:amd64 (1:2.11+dfsg-1ubuntu7.6) over (1:2.11+dfsg-1ubuntu7.5) ... Preparing to unpack .../qemu-kvm_1%3a2.11+dfsg-1ubuntu7.6_amd64.deb ... Unpacking qemu-kvm (1:2.11+dfsg-1ubuntu7.6) over (1:2.11+dfsg-1ubuntu7.5) ... Preparing to unpack .../qemu-system-x86_1%3a2.11+dfsg-1ubuntu7.6_amd64.deb ... Unpacking qemu-system-x86 (1:2.11+dfsg-1ubuntu7.6) over (1:2.11+dfsg-1ubuntu7.5) ... Setting up qemu-block-extra:amd64 (1:2.11+dfsg-1ubuntu7.6) ... Setting up qemu-utils (1:2.11+dfsg-1ubuntu7.6) ... Processing triggers for man-db (2.8.3-2) ... Setting up qemu-system-common (1:2.11+dfsg-1ubuntu7.6) ... Setting up qemu-system-x86 (1:2.11+dfsg-1ubuntu7.6) ... Setting up qemu-kvm (1:2.11+dfsg-1ubuntu7.6) ...
After the update: PID 5482 Seccomp: 2 Seccomp: 2 Also worked with bigger configurations, setting verified. ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1789551 Title: qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1789551/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
