test-kernel-security failure on 3.0.0-5
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook |
Bug Description
while running the QRT tests on current Oneiric kernel, I found this error (running under KVM).
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: linux-image-
ProcVersionSign
Uname: Linux 3.0.0-5-server x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 2011-07-13 10:40 seq
crw-rw---- 1 root audio 116, 33 2011-07-13 10:40 timer
AplayDevices: Error: [Errno 2] No such file or directory
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory
Date: Wed Jul 13 12:18:59 2011
HibernationDevice: RESUME=
InstallationMedia: Ubuntu-Server 11.10 "Oneiric Ocelot" - Alpha amd64 (20110713)
IwConfig:
lo no wireless extensions.
eth0 no wireless extensions.
Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: Bochs Bochs
PciMultimedia:
ProcEnviron:
LC_TIME=en_DK.utf8
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=
RelatedPackageV
linux-
linux-
linux-firmware 1.56
RfKill: Error: [Errno 2] No such file or directory
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 01/01/2007
dmi.bios.vendor: Bochs
dmi.bios.version: Bochs
dmi.chassis.type: 1
dmi.chassis.vendor: Bochs
dmi.modalias: dmi:bvnBochs:
dmi.product.name: Bochs
dmi.sys.vendor: Bochs
CVE References
Changed in linux (Ubuntu): | |
assignee: | nobody → Kees Cook (kees) |
status: | Confirmed → Fix Released |
Running test: './test- kernel- security. py' distro: 'Ubuntu 11.10' kernel: '3.0.0-5.6 (Ubuntu 3.0.0-5.6-server 3.0.0-rc7)' arch: 'amd64' uid: 0/0 SUDO_USER: 'ubuntu') _.KernelSecurit yTest) _.KernelSecurit yTest) aslr_00_ proc (__main_ _.KernelSecurit yTest) aslr_dapper_ stack (__main_ _.KernelSecurit yTest) aslr_dapper_ libs (__main_ _.KernelSecurit yTest) aslr_dapper_ mmap (__main_ _.KernelSecurit yTest) aslr_hardy_ text (__main_ _.KernelSecurit yTest) aslr_hardy_ vdso (__main_ _.KernelSecurit yTest) aslr_intrepid_ brk (__main_ _.KernelSecurit yTest) _.KernelSecurit yTest) _.KernelSecurit yTest) _.KernelSecurit yTest) _.KernelSecurit yTest) syn_cookies (__main_ _.KernelSecurit yTest) _.KernelSecurit yTest) personality (__main_ _.KernelSecurit yTest) 1/personality) ok _.KernelSecurit yTest) _.KernelSecurit yTest) _.KernelSecurit yTest) config_ devkmem (__main_ _.KernelSecurit yTest) config_ security (__main_ _.KernelSecurit yTest) config_ security_ selinux (__main_ _.KernelSecurit yTest) SECURITY_ SELINUX enabled ... ok config_ syn_cookies (__main_ _.KernelSecurit yTest) config_ seccomp (__main_ _.KernelSecurit yTest) config_ compat_ vdso (__main_ _.KernelSecurit yTest) config_ debug_rodata (__main_ _.KernelSecurit yTest) config_ debug_set_ module_ ronx (__main_ _.KernelSecurit yTest) DEBUG_SET_ MODULE_ RONX enabled ... ok config_ security_ apparmor (__main_ _.KernelSecurit yTest) SECURITY_ APPARMOR enabled ... ok config_ strict_ devmem (__main_ _.KernelSecurit yTest) STRICT_ DEVMEM enabled ... ok strict_ devmem (__main_ _.KernelSecurit yTest) config_ security_ file_capabiliti es (__main_ _.KernelSecurit yTest) SECURITY_ FILE_CAPABILITI ES enabled ... (skipped: only Intrepid through Lucid) ok config_ security_ smack (__main_ _.KernelSecurit yTest) SECURITY_ SMACK enabled ... ok config_ security_ default_ mmap_min_ addr (__main_ _.KernelSecurit yTest)
test_000_make (__main_
Build helper tools ... (4.6.1 (Ubuntu/Linaro 4.6.1-2ubuntu2)) ok
test_010_proc_maps (__main_
/proc/$pid/maps is correctly protected ... ok
test_020_
ASLR enabled ... ok
test_020_
ASLR of stack ... ok
test_021_
ASLR of libs ... ok
test_021_
ASLR of mmap ... ok
test_022_
ASLR of text ... ok
test_022_
ASLR of vdso ... ok
test_022_
ASLR of brk ... ok
test_030_mmap_min (__main_
Low memory allocation respects mmap_min_addr ... (65536) ok
test_031_apparmor (__main_
AppArmor loaded ... ok
test_031_seccomp (__main_
PR_SET_SECCOMP works ... ok
test_032_dev_kmem (__main_
/dev/kmem not available ... ok
test_033_
SYN cookies is enabled ... ok
test_040_pcaps (__main_
init's CAPABILITY list is clean ... FAIL
test_050_
init missing READ_IMPLIES_EXEC ... (/proc/
test_060_nx (__main_
NX bit is working ... ok
test_061_guard_page (__main_
Userspace stack guard page exists (CVE-2010-2240) ... ok
test_070_config_brk (__main_
CONFIG_COMPAT_BRK disabled ... ok
test_070_
CONFIG_DEVKMEM disabled ... ok
test_070_
CONFIG_SECURITY enabled ... ok
test_070_
CONFIG_
test_070_
CONFIG_SYN_COOKIES enabled ... ok
test_071_
CONFIG_SECCOMP enabled ... ok
test_072_
CONFIG_COMPAT_VDSO disabled ... ok
test_072_
CONFIG_DEBUG_RODATA enabled ... ok
test_072_
CONFIG_
test_072_
CONFIG_
test_072_
CONFIG_
test_072_
/dev/mem unreadable for kernel memory ... (using 0x1c23968L) (exit code 0) ok
test_073_
CONFIG_
test_073_
CONFIG_
test_074_
CONFIG_DEFAULT...