2020-01-29 00:16:57 |
Andrey Konovalov |
bug |
|
|
added bug |
2020-01-29 00:30:08 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
2020-01-29 13:57:34 |
Tyler Hicks |
information type |
Public |
Public Security |
|
2020-01-29 13:57:38 |
Tyler Hicks |
bug |
|
|
added subscriber Tyler Hicks |
2020-01-29 14:22:17 |
Andy Whitcroft |
linux (Ubuntu): status |
Incomplete |
Confirmed |
|
2020-02-03 16:44:18 |
Niklas Sombert |
bug |
|
|
added subscriber Niklas Sombert |
2020-02-07 17:39:45 |
Tyler Hicks |
description |
It's possible to turn off kernel lockdown by emulating a USB keyboard via USB/IP and sending an Alt+SysRq+X key combination through it.
Ubuntu's kernels have USB/IP enabled (CONFIG_USBIP_VHCI_HCD=m and CONFIG_USBIP_CORE=m) with signed usbip_core and vhci_hcd modules provided in the linux-extra-modules-* package.
See the PoC here: https://github.com/xairy/unlockdown#method-1-usbip |
[Impact]
It's possible to turn off kernel lockdown by emulating a USB keyboard via USB/IP and sending an Alt+SysRq+X key combination through it.
Ubuntu's kernels have USB/IP enabled (CONFIG_USBIP_VHCI_HCD=m and CONFIG_USBIP_CORE=m) with signed usbip_core and vhci_hcd modules provided in the linux-extra-modules-* package.
See the PoC here: https://github.com/xairy/unlockdown#method-1-usbip
[Test Case]
$ git clone https://github.com/xairy/unlockdown.git
$ cd unlockdown/01-usbip/
$ sudo ./run.sh
$ dmesg
# Ensure there are no log entries talking about lifting lockdown:
sysrq: SysRq : Disabling Secure Boot restrictions
Lifting lockdown
# You should see a SysRq help log entry because the Alt+SysRq+X
# combination should be disabled
sysrq: SysRq : HELP : loglevel(0-9) reboot(b) crash(c) terminate-all-tasks(e) memory-full-oom-kill(f) kill-all-tasks(i) thaw-filesystems(j) sak(k) show-backtrace-all-active-cpus(l) show-memory-usage(m) nice-all-RT-tasks(n) poweroff(o) show-registers(p) show-all-timers(q) unraw(r) sync(s) show-task-states(t) unmount(u) force-fb(V) show-blocked-tasks(w) dump-ftrace-buffer(z)
[Regression Potential]
Some users may see a usability regression due to the Lockdown lift sysrq combination being removed. Some users are known to disable lockdown, using the sysrq combination, in order to perform some "dangerous" operation such as writing to an MSR. It is believed that this is a small number of users but it is impossible to know for sure.
Users that rely on this functionality may need to permanently disable secure boot using 'mokutil --disable-validation'. |
|
2020-02-07 17:49:41 |
Tyler Hicks |
linux (Ubuntu): importance |
Undecided |
High |
|
2020-02-07 17:49:41 |
Tyler Hicks |
linux (Ubuntu): status |
Confirmed |
In Progress |
|
2020-02-07 17:49:41 |
Tyler Hicks |
linux (Ubuntu): assignee |
|
Tyler Hicks (tyhicks) |
|
2020-02-07 17:55:25 |
Tyler Hicks |
nominated for series |
|
Ubuntu Bionic |
|
2020-02-07 17:55:25 |
Tyler Hicks |
bug task added |
|
linux (Ubuntu Bionic) |
|
2020-02-07 17:55:25 |
Tyler Hicks |
nominated for series |
|
Ubuntu Xenial |
|
2020-02-07 17:55:25 |
Tyler Hicks |
bug task added |
|
linux (Ubuntu Xenial) |
|
2020-02-07 17:55:25 |
Tyler Hicks |
nominated for series |
|
Ubuntu Focal |
|
2020-02-07 17:55:25 |
Tyler Hicks |
bug task added |
|
linux (Ubuntu Focal) |
|
2020-02-07 17:55:25 |
Tyler Hicks |
nominated for series |
|
Ubuntu Disco |
|
2020-02-07 17:55:25 |
Tyler Hicks |
bug task added |
|
linux (Ubuntu Disco) |
|
2020-02-07 17:55:25 |
Tyler Hicks |
nominated for series |
|
Ubuntu Eoan |
|
2020-02-07 17:55:25 |
Tyler Hicks |
bug task added |
|
linux (Ubuntu Eoan) |
|
2020-02-07 17:55:48 |
Tyler Hicks |
linux (Ubuntu Eoan): importance |
Undecided |
High |
|
2020-02-07 17:55:51 |
Tyler Hicks |
linux (Ubuntu Eoan): status |
New |
In Progress |
|
2020-02-07 17:55:53 |
Tyler Hicks |
linux (Ubuntu Disco): status |
New |
In Progress |
|
2020-02-07 17:55:56 |
Tyler Hicks |
linux (Ubuntu Disco): importance |
Undecided |
High |
|
2020-02-07 17:56:00 |
Tyler Hicks |
linux (Ubuntu Bionic): status |
New |
In Progress |
|
2020-02-07 17:56:02 |
Tyler Hicks |
linux (Ubuntu Bionic): importance |
Undecided |
High |
|
2020-02-07 17:56:07 |
Tyler Hicks |
linux (Ubuntu Disco): assignee |
|
Tyler Hicks (tyhicks) |
|
2020-02-07 17:56:09 |
Tyler Hicks |
linux (Ubuntu Bionic): assignee |
|
Tyler Hicks (tyhicks) |
|
2020-02-07 17:56:11 |
Tyler Hicks |
linux (Ubuntu Eoan): assignee |
|
Tyler Hicks (tyhicks) |
|
2020-02-07 17:56:14 |
Tyler Hicks |
linux (Ubuntu Xenial): status |
New |
Invalid |
|
2020-02-08 15:26:16 |
Florian Weimer |
bug |
|
|
added subscriber Florian Weimer |
2020-02-14 10:32:53 |
Kleber Sacilotto de Souza |
linux (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
2020-02-14 10:35:48 |
Kleber Sacilotto de Souza |
linux (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
2020-02-14 10:37:47 |
Kleber Sacilotto de Souza |
linux (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
2020-02-17 21:28:49 |
Ubuntu Kernel Bot |
tags |
|
verification-needed-bionic |
|
2020-02-17 22:52:25 |
Ubuntu Kernel Bot |
tags |
verification-needed-bionic |
verification-needed-bionic verification-needed-eoan |
|
2020-02-18 23:20:32 |
Tyler Hicks |
tags |
verification-needed-bionic verification-needed-eoan |
verification-done-bionic verification-needed-eoan |
|
2020-02-18 23:57:14 |
Tyler Hicks |
tags |
verification-done-bionic verification-needed-eoan |
verification-done-bionic verification-done-eoan |
|
2020-02-25 08:00:49 |
AceLan Kao |
bug task added |
|
linux-oem (Ubuntu) |
|
2020-02-25 08:00:58 |
AceLan Kao |
bug task deleted |
linux-oem (Ubuntu Xenial) |
|
|
2020-02-25 08:01:07 |
AceLan Kao |
bug task deleted |
linux-oem (Ubuntu Disco) |
|
|
2020-02-25 08:01:14 |
AceLan Kao |
bug task deleted |
linux-oem (Ubuntu Eoan) |
|
|
2020-02-25 08:01:21 |
AceLan Kao |
bug task deleted |
linux-oem (Ubuntu Focal) |
|
|
2020-02-25 08:01:33 |
AceLan Kao |
linux-oem (Ubuntu Bionic): status |
New |
Fix Committed |
|
2020-03-12 10:43:15 |
Ubuntu Kernel Bot |
tags |
verification-done-bionic verification-done-eoan |
verification-done-bionic verification-done-eoan verification-needed-focal |
|
2020-03-16 10:39:46 |
Launchpad Janitor |
linux (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2020-03-16 10:39:46 |
Launchpad Janitor |
cve linked |
|
2019-3016 |
|
2020-03-16 10:39:46 |
Launchpad Janitor |
cve linked |
|
2020-2732 |
|
2020-03-16 10:53:57 |
Launchpad Janitor |
linux (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2020-03-16 10:53:57 |
Launchpad Janitor |
cve linked |
|
2019-14615 |
|
2020-03-16 10:53:57 |
Launchpad Janitor |
cve linked |
|
2020-8832 |
|
2020-03-16 23:19:02 |
Launchpad Janitor |
linux (Ubuntu Focal): status |
In Progress |
Fix Released |
|
2020-03-16 23:19:02 |
Launchpad Janitor |
cve linked |
|
2019-19076 |
|
2020-03-17 13:54:53 |
Launchpad Janitor |
linux-oem (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2020-03-18 11:20:51 |
Launchpad Janitor |
linux-oem (Ubuntu): status |
New |
Fix Released |
|
2020-07-02 19:51:49 |
Steve Langasek |
linux (Ubuntu Disco): status |
Fix Committed |
Won't Fix |
|