[UBUNTU 20.04] zkey: Fix display of XTS attribute for validate command
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu on IBM z Systems |
Fix Released
|
High
|
Canonical Foundations Team | ||
| s390-tools (Ubuntu) |
Fix Released
|
Undecided
|
Skipper Bug Screeners | ||
Bug Description
Description: zkey: Fix display of XTS attribute for validate command
Symptom: The 'zkey validate' command shows an invalid value for
the XTS attribute.
Problem: Due to a use after free of the secure key, the XTS attribute
is not determined correctly, and is displayed incorrectly.
This bug has been introduced with feature SEC1717 "Cipher
key support" with commit 298fab68fee8 "zkey: Preparations for
Solution: Free the secure key only after the last use.
Reproduction: Generate an XTS key of type CCA-AESDATA or CCA-AESCIPHER
and then run 'zkey validate'.
Upstream Commit ID: f75f4aff8f6e4ae
https:/
Need to be applied on top of 2.12.
| tags: | added: architecture-s39064 bugnameltc-183695 severity-high targetmilestone-inin2004 |
| Changed in ubuntu: | |
| assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
| affects: | ubuntu → linux (Ubuntu) |
| affects: | linux (Ubuntu) → s390-tools (Ubuntu) |
| Changed in ubuntu-z-systems: | |
| status: | New → Triaged |
| importance: | Undecided → High |
| assignee: | nobody → Canonical Foundations Team (canonical-foundations) |
| Changed in s390-tools (Ubuntu): | |
| status: | New → Incomplete |
| status: | Incomplete → Fix Released |
| Changed in ubuntu-z-systems: | |
| status: | Triaged → Fix Released |
| bugproxy (bugproxy) wrote Comment bridged from LTC Bugzilla | #1 |
------- Comment From <email address hidden> 2020-03-05 10:42 EDT-------
IBM bugzilla status-> Fix Released with focal