Bug #1905786 “perf_event_open is not restricted to admin by defa...” : Bionic (18.04) : Bugs : linux-raspi2 package : Ubuntu

Thadeu Lima de Souza Cascardo (cascardo) on 2020-11-26

Changed in linux (Ubuntu):
status:	New → Invalid
Changed in linux (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-raspi2 (Ubuntu):
status:	New → Invalid
Changed in linux-raspi2 (Ubuntu Bionic):
status:	New → In Progress
assignee:	nobody → Thadeu Lima de Souza Cascardo (cascardo)
importance:	Undecided → Medium

Ian May (ian-may) on 2020-12-18

Changed in linux-raspi2 (Ubuntu Bionic):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-01-26:

#1

Download full text (6.8 KiB)

This bug was fixed in the package linux-raspi2 - 4.15.0-1078.83

---------------
linux-raspi2 (4.15.0-1078.83) bionic; urgency=medium

* bionic/linux-raspi2: 4.15.0-1078.83 -proposed tracker (LP: #1911270)

* perf_event_open is not restricted to admin by default (LP: #1905786)
- [Config]: set CONFIG_SECURITY_PERF_EVENTS_RESTRICT

[ Ubuntu: 4.15.0-133.137 ]

  * bionic/linux: 4.15.0-133.137 -proposed tracker (LP: #1911295)
  * [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
    config: (LP: #1908219)
    - qxl: remove qxl_io_log()
    - qxl: move qxl_send_monitors_config()
    - qxl: hook monitors_config updates into crtc, not encoder.
  * Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
    - Input: i8042 - add ByteSpeed touchpad to noloop table
  * vmx_nm_test in ubuntu_kvm_unit_tests interrupted on X-oracle-4.15 /
    B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
    - KVM: nVMX: Always reflect #NM VM-exits to L1
  * stack trace in kernel (LP: #1903596)
    - net: napi: remove useless stack trace
  * CVE-2020-27777
    - [Config]: Set CONFIG_PPC_RTAS_FILTER
  * Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
    - regulator: defer probe when trying to get voltage from unresolved supply
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - nbd: don't update block size after device is started
    - btrfs: sysfs: init devices outside of the chunk_mutex
    - btrfs: reschedule when cloning lots of extents
    - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
    - hv_balloon: disable warning when floor reached
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: rx-offload: don't call kfree_skb() from IRQ context
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is
      on
    - xfs: flush new eof page on truncate to avoid post-eof corruption
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: Add missing truncate_inode_pages_final for sd_aspace
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - scsi: hpsa: Fix memory leak in hpsa_init_one()
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - scsi: scsi_dh_alua: Avoid crash during alua_bus...

This bug was fixed in the package linux-raspi2 - 4.15.0-1078.83

---------------
linux-raspi2 (4.15.0-1078.83) bionic; urgency=medium

* bionic/linux-raspi2: 4.15.0-1078.83 -proposed tracker (LP: #1911270)

* perf_event_open is not restricted to admin by default (LP: #1905786)
    - [Config]: set CONFIG_SECURITY_PERF_EVENTS_RESTRICT

[ Ubuntu: 4.15.0-133.137 ]

* bionic/linux: 4.15.0-133.137 -proposed tracker (LP: #1911295)
  * [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
    config: (LP: #1908219)
    - qxl: remove qxl_io_log()
    - qxl: move qxl_send_monitors_config()
    - qxl: hook monitors_config updates into crtc, not encoder.
  * Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
    - Input: i8042 - add ByteSpeed touchpad to noloop table
  * vmx_nm_test in ubuntu_kvm_unit_tests interrupted on X-oracle-4.15 /
    B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
    - KVM: nVMX: Always reflect #NM VM-exits to L1
  * stack trace in kernel (LP: #1903596)
    - net: napi: remove useless stack trace
  * CVE-2020-27777
    - [Config]: Set CONFIG_PPC_RTAS_FILTER
  * Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
    - regulator: defer probe when trying to get voltage from unresolved supply
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - nbd: don't update block size after device is started
    - btrfs: sysfs: init devices outside of the chunk_mutex
    - btrfs: reschedule when cloning lots of extents
    - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
    - hv_balloon: disable warning when floor reached
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: rx-offload: don't call kfree_skb() from IRQ context
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is
      on
    - xfs: flush new eof page on truncate to avoid post-eof corruption
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: Add missing truncate_inode_pages_final for sd_aspace
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - scsi: hpsa: Fix memory leak in hpsa_init_one()
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
    - iommu/amd: Increase interrupt remapping table limit to 512 entries
    - pinctrl: intel: Set default bias in case no particular value given
    - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
    - pinctrl: aspeed: Fix GPI only function problem.
    - nbd: fix a block_device refcount leak in nbd_release
    - xfs: fix flags argument to rmap lookup when converting shared file rmaps
    - xfs: fix rmap key and record comparison functions
    - xfs: fix a missing unlock on error in xfs_fs_map_blocks
    - of/address: Fix of_node memory leak in of_dma_is_coherent
    - cosa: Add missing kfree in error path of cosa_write
    - perf: Fix get_recursion_context()
    - ext4: correctly report "not supported" for {usr,grp}jquota when
      !CONFIG_QUOTA
    - ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
    - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
    - uio: Fix use-after-free in uio_unregister_device()
    - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
    - mei: protect mei_cl_mtu from null dereference
    - futex: Don't enable IRQs unconditionally in put_pi_state()
    - ocfs2: initialize ip_next_orphan
    - selinux: Fix error return code in sel_ib_pkey_sid_slow()
    - don't dump the threads that had been already exiting when zapped.
    - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
    - pinctrl: amd: use higher precision for 512 RtcClk
    - pinctrl: amd: fix incorrect way to disable debounce filter
    - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
    - IPv6: Set SIT tunnel hard_header_len to zero
    - net/af_iucv: fix null pointer dereference on shutdown
    - net/x25: Fix null-ptr-deref in x25_connect
    - vrf: Fix fast path output packet handling with async Netfilter rules
    - r8169: fix potential skb double free in an error path
    - net: Update window_clamp if SOCK_RCVBUF is set
    - random32: make prandom_u32() output unpredictable
    - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
      on STIBP
    - perf/core: Fix bad use of igrab()
    - perf/core: Fix crash when using HW tracing kernel filters
    - perf/core: Fix a memory leak in perf_event_parse_addr_filter()
    - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
    - reboot: fix overflow parsing reboot cpu number
    - Convert trailing spaces and periods in path components
    - xfs: fix scrub flagging rtinherit even if there is no rt device
    - drm/amd/pm: perform SMC reset on suspend/hibernation
    - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
    - s390/smp: move rcu_cpu_starting() earlier
    - tpm_tis: Disable interrupts on ThinkPad T490s
    - tick/common: Touch watchdog in tick_unfreeze() on all CPUs
    - mfd: sprd: Add wakeup capability for PMIC IRQ
    - btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod
    - thunderbolt: Fix memory leak if ida_simple_get() fails in
      enumerate_services()
    - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch
    - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove

[ Ubuntu: 4.15.0-132.136 ]

* bionic/linux: 4.15.0-132.136 -proposed tracker (LP: #1911147)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2020-28374
    - SAUCE: target: fix XCOPY NAA identifier lookup

[ Ubuntu: 4.15.0-130.134 ]

* Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-1052 // CVE-2021-1053
    - [Packaging] NVIDIA -- Add the NVIDIA 460 driver

-- Khalid Elmously <khalid.elmously@canonical.com>  Fri, 15 Jan 2021 02:48:35 -0500

Changed in linux-raspi2 (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Ubuntu
linux-raspi2 package

perf_event_open is not restricted to admin by default

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Undecided	Unassigned
Bionic	Invalid	Undecided	Unassigned
linux-raspi2 (Ubuntu)	Invalid	Undecided	Unassigned
Bionic	Fix Released	Medium	Thadeu Lima de Souza Cascardo

Ubuntulinux-raspi2 package