Kernel SRU Workflow

lunar/linux-raspi: 6.2.0-1009.11 -proposed tracker

Series promote-to-updates
Bug #2026749

Bug #2026749 reported by Thadeu Lima de Souza Cascardo on 2023-07-10

This bug affects 1 person

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Invalid	Medium	Unassigned
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Canonical Hardware Certification
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Juerg Haefliger
Prepare-package-meta	Fix Released	Medium	Juerg Haefliger
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Rodrigo Figueiredo Zaiden
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-raspi (Ubuntu)
Lunar	Fix Released	Medium	Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
built:
  from: b680bae962aa3bab
  route-entry: 2
delta:
  promote-to-proposed: [main, meta]
  promote-to-security: []
  promote-to-updates: [main, meta]
flag:
  boot-testing-requested: true
  bugs-spammed: true
  proposed-announcement-sent: true
  proposed-testing-requested: true
  stream-from-cycle: true
issue: KSRU-8505
kernel-stable-master-bug: 2026753
packages:
  main: linux-raspi
  meta: linux-meta-raspi
phase: Complete
phase-changed: Monday, 24. July 2023 21:10 UTC
reason: {}
synthetic:
  :promote-to-as-proposed: Invalid
variant: debs
versions:
  main: 6.2.0-1009.11
  meta: 6.2.0.1009.12
~~:
  clamps:
    new-review: b680bae962aa3bab
    promote-to-proposed: b680bae962aa3bab
    self: 6.2.0-1009.11
    sru-review: b680bae962aa3bab

See original description

Tags:

CVE References

Thadeu Lima de Souza Cascardo (cascardo) on 2023-07-10

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-s2023.06.12-1
description:	updated
tags:	added: kernel-sru-derivative-of-2026753
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-10

Changed in linux-raspi (Ubuntu Lunar):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged
description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

tags:	added: kernel-jira-issue-ksru-8505
tags:	added: kernel-jira-issue-ksru-8579

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Juerg Haefliger (juergh) on 2023-07-17

summary:

- lunar/linux-raspi: <version to be filled> -proposed tracker
+ lunar/linux-raspi: 6.2.0-1009.11 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-18

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-19

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-07-24:

This bug was fixed in the package linux-raspi - 6.2.0-1009.11

---------------
linux-raspi (6.2.0-1009.11) lunar; urgency=medium

* lunar/linux-raspi: 6.2.0-1009.11 -proposed tracker (LP: #2026749)

[ Ubuntu: 6.2.0-26.26 ]

  * lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
  * CVE-2023-2640 // CVE-2023-32629
    - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
      ovl_do_(set|remove)xattr"
    - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
      trusted.overlayfs.* xattrs"
    - SAUCE: overlayfs: default to userxattr when mounted from non initial user
      namespace
  * CVE-2023-35001
    - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
  * CVE-2023-31248
    - netfilter: nf_tables: do not ignore genmask when looking up chain by id
  * CVE-2023-3389
    - io_uring/poll: serialize poll linked timer start with poll removal
  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
  * CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb
  * CVE-2023-3269
    - mm: introduce new 'lock_mm_and_find_vma()' page fault helper
    - mm: make the page fault mmap locking killable
    - arm64/mm: Convert to using lock_mm_and_find_vma()
    - powerpc/mm: Convert to using lock_mm_and_find_vma()
    - mips/mm: Convert to using lock_mm_and_find_vma()
    - riscv/mm: Convert to using lock_mm_and_find_vma()
    - arm/mm: Convert to using lock_mm_and_find_vma()
    - mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
    - powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
    - mm: make find_extend_vma() fail if write lock not held
    - execve: expand new process stack manually ahead of time
    - mm: always expand the stack with the mmap write lock held
    - [CONFIG]: Set CONFIG_LOCK_MM_AND_FIND_VMA

-- Juerg Haefliger <email address hidden> Mon, 17 Jul 2023 10:31:31 +0200

Changed in linux-raspi (Ubuntu Lunar):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-07-24: Workflow done!

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-11

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.