[Ubuntu] s390/crypto: Fix return code checking in cbc_paes_crypt.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
High
|
Canonical Kernel Team | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Seth Forshee | ||
Bionic |
Fix Released
|
Medium
|
Seth Forshee | ||
Cosmic |
Fix Released
|
Undecided
|
Seth Forshee |
Bug Description
SRU Justification
Impact: An incorrect return value check can result in a protected key not being re-transformed when it became invalid.
Fix: Upstream commit b81126e01a8c604
Regression Potential: This is a trivial patch to an architecture-
---
Description: s390/crypto: Fix return code checking in cbc_paes_crypt.
Symptom: A protected key is not re-transformed when it became invalid
Problem: The return code of cpacf_kmc() is less than the number of bytes to process in case of an error, not greater.
Solution: Correct return code checking.
Commit- ID: b81126e01a8c604
kernel 4.19
For all releases which contains paes_s390 kernel module , which are kernel > 4.11 => Ubuntu 18.04, Ubuntu 18.10,
CVE References
tags: | added: architecture-s39064 bugnameltc-171714 severity-high targetmilestone-inin1804 |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → linux (Ubuntu) |
Changed in ubuntu-z-systems: | |
status: | New → Triaged |
importance: | Undecided → High |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
Changed in linux (Ubuntu): | |
assignee: | Skipper Bug Screeners (skipper-screen-team) → Seth Forshee (sforshee) |
status: | New → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | Triaged → In Progress |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
tags: | added: cscc |
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- bionic' to 'verification- done-bionic' . If the problem still exists, change the tag 'verification- needed- bionic' to 'verification- failed- bionic' .
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!