vmlinuz is world-readable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-signed (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Thadeu Lima de Souza Cascardo | ||
Disco |
Fix Released
|
Medium
|
Thadeu Lima de Souza Cascardo | ||
linux-signed-hwe (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Kleber Sacilotto de Souza | ||
Disco |
Invalid
|
Undecided
|
Unassigned |
Bug Description
[Impact]
ppc64el vmlinuz is world-readable, possibly impacting security on that platform.
[Test case]
Verify vmlinuz is not world-readable after the fix.
[Regression potential]
File permissions may be wrong, possibly allowing attack.
-------
=====
FAIL: test_096_
kernel addresses in /boot are not world readable
-----
Traceback (most recent call last):
File "./test-
self.
AssertionError: /boot/vmlinux-
-----
Ran 125 tests in 31.183s
FAILED (failures=1)
This currently affects ppc64el.
Changed in linux-signed (Ubuntu Disco): | |
importance: | Undecided → Medium |
Changed in linux-signed (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in linux-signed (Ubuntu Disco): | |
status: | New → In Progress |
Changed in linux-signed (Ubuntu Bionic): | |
status: | New → In Progress |
Changed in linux-signed (Ubuntu Disco): | |
assignee: | nobody → Thadeu Lima de Souza Cascardo (cascardo) |
Changed in linux-signed (Ubuntu Bionic): | |
assignee: | nobody → Thadeu Lima de Souza Cascardo (cascardo) |
Changed in linux-signed (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in linux-signed (Ubuntu Disco): | |
status: | In Progress → Fix Committed |
Changed in linux-signed (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in linux-signed-hwe (Ubuntu): | |
status: | New → Fix Released |
Changed in linux-signed-hwe (Ubuntu Disco): | |
status: | New → Invalid |
Changed in linux-signed-hwe (Ubuntu Bionic): | |
status: | New → Confirmed |
assignee: | nobody → Kleber Sacilotto de Souza (kleber-souza) |
Changed in linux-signed-hwe (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in linux-signed-hwe (Ubuntu Bionic): | |
status: | Confirmed → In Progress |
Changed in linux-signed (Ubuntu Xenial): | |
status: | New → Invalid |
Changed in linux-signed-hwe (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux-signed-hwe (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Status changed to 'Confirmed' because the bug affects multiple users.