Bug #2036561 “focal/linux-intel-iotg-5.15: 5.15.0-1041.47~20.04....” : Series boot-testing : Bugs : Kernel SRU Workflow

Stefan Bader (smb) on 2023-09-19

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2023.09.04-5
description:	updated
description:	updated
tags:	added: kernel-sru-backport-of-2036562
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-19

Changed in linux-intel-iotg-5.15 (Ubuntu Focal):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-19

description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-19

tags:	added: kernel-jira-issue-ksru-9842
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-23

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Philip Cox (philcox) on 2023-09-25

summary:

- focal/linux-intel-iotg-5.15: <version to be filled> -proposed tracker
+ focal/linux-intel-iotg-5.15: 5.15.0-1041.47~20.04.1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-25

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-26

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-26

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-28:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-intel-iotg-5.15 (Ubuntu Focal):
status:	New → Confirmed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Andy Whitcroft (apw) on 2023-09-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-29

description:

updated

Revision history for this message

Kevin Yeh (kevinyeh) wrote on 2023-10-03:

#2

Test result are available at http://10.102.156.15:8080/view/cert-stock-iotg-sru-focal/
No regression found.

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-03

description:

updated

Philip Cox (philcox) on 2023-10-03

tags:

added: verification-done-focal

Philip Cox (philcox) on 2023-10-03

tags:

added: verification-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-03

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-10-19

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-10-23:

#3

Download full text (3.3 KiB)

This bug was fixed in the package linux-intel-iotg-5.15 - 5.15.0-1043.49~20.04.1

---------------
linux-intel-iotg-5.15 (5.15.0-1043.49~20.04.1) focal; urgency=medium

* focal/linux-intel-iotg-5.15: 5.15.0-1043.49~20.04.1 -proposed tracker
(LP: #2038195)

* CVE-2023-42755
- [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

[ Ubuntu: 5.15.0-1043.49 ]

  * jammy/linux-intel-iotg: 5.15.0-1043.49 -proposed tracker (LP: #2038196)
  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * jammy/linux: 5.15.0-87.97 -proposed tracker (LP: #2038209)
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
  * CVE-2023-4244
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-5197
    - netfilter: nf_tables: skip bound chain in netns release path
    - netfilter: nf_tables: disallow rule removal from chain binding
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write

[ Ubuntu: 5.15.0-1042.48 ]

  * jammy/linux-intel-iotg: 5.15.0-1042.48 -proposed tracker (LP: #2036562)
  * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
  * 5.15.0-85 live migration regression (LP: #2036675)
    - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
    - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
  * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * `refcount_t: underflow; use-afte...

This bug was fixed in the package linux-intel-iotg-5.15 - 5.15.0-1043.49~20.04.1

---------------
linux-intel-iotg-5.15 (5.15.0-1043.49~20.04.1) focal; urgency=medium

* focal/linux-intel-iotg-5.15: 5.15.0-1043.49~20.04.1 -proposed tracker
    (LP: #2038195)

* CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

[ Ubuntu: 5.15.0-1043.49 ]

* jammy/linux-intel-iotg: 5.15.0-1043.49 -proposed tracker (LP: #2038196)
  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * jammy/linux: 5.15.0-87.97 -proposed tracker (LP: #2038209)
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
  * CVE-2023-4244
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-5197
    - netfilter: nf_tables: skip bound chain in netns release path
    - netfilter: nf_tables: disallow rule removal from chain binding
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write

[ Ubuntu: 5.15.0-1042.48 ]

* jammy/linux-intel-iotg: 5.15.0-1042.48 -proposed tracker (LP: #2036562)
  * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
  * 5.15.0-85 live migration regression (LP: #2036675)
    - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
    - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
  * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
    (LP: #2034447)
    - crypto: rsa-pkcs1pad - Use helper to set reqsize

-- Philip Cox <philip.cox@canonical.com>  Wed, 11 Oct 2023 16:50:56 -0400

Changed in linux-intel-iotg-5.15 (Ubuntu Focal):
status:	Confirmed → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-11-28

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Kernel SRU Workflow

focal/linux-intel-iotg-5.15: 5.15.0-1041.47~20.04.1 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Abi-testing	New	Undecided	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Fix Released	Medium	Canonical Hardware Certification
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Philip Cox
Prepare-package-generate	Fix Released	Medium	Philip Cox
Prepare-package-lrg	Fix Released	Medium	Philip Cox
Prepare-package-lrm	Fix Released	Medium	Philip Cox
Prepare-package-lrs	Fix Released	Medium	Philip Cox
Prepare-package-meta	Fix Released	Medium	Philip Cox
Prepare-package-signed	Fix Released	Medium	Philip Cox
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Canonical Security Team
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-intel-iotg-5.15 (Ubuntu)
Focal	Fix Released	Medium	Unassigned