2023-04-26 17:13:12 |
Tim Gardner |
bug |
|
|
added bug |
2023-04-26 17:13:25 |
Tim Gardner |
affects |
linux (Ubuntu) |
linux-azure (Ubuntu) |
|
2023-04-26 17:13:44 |
Tim Gardner |
nominated for series |
|
Ubuntu Focal |
|
2023-04-26 17:13:44 |
Tim Gardner |
bug task added |
|
linux-azure (Ubuntu Focal) |
|
2023-04-26 17:13:51 |
Tim Gardner |
linux-azure (Ubuntu): status |
New |
Fix Released |
|
2023-04-26 17:14:03 |
Tim Gardner |
linux-azure (Ubuntu Focal): importance |
Undecided |
Medium |
|
2023-04-26 17:14:03 |
Tim Gardner |
linux-azure (Ubuntu Focal): status |
New |
In Progress |
|
2023-04-26 17:14:03 |
Tim Gardner |
linux-azure (Ubuntu Focal): assignee |
|
Tim Gardner (timg-tpi) |
|
2023-04-26 17:16:21 |
Tim Gardner |
description |
SRU Justification
[Impact]
The key which gets cached in task structure from a kernel thread does not
get invalidated even after expiry. Due to which, a new key request from
kernel thread will be served with the cached key if it's present in task
struct irrespective of the key validity.
[Fix]
commit 47f9e4c924025c5be87959d3335e66fcbb7f6b5c ('keys: Do not cache key in task struct if key is requested from kernel thread')
Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct")
[Regression potential]
DNS keys could get confused.
[Other Info]
Though this commit is part of stable updates v5.4.240, MSFT has requested that it be applied in advance since Focal is only up to v5.4.233. Linux-azure 5.4 is the only kernel that does not have this patch.
SF: #00359129 |
SRU Justification
[Impact]
The key which gets cached in task structure from a kernel thread does not
get invalidated even after expiry. Due to which, a new key request from
kernel thread will be served with the cached key if it's present in task
struct irrespective of the key validity.
[Fix]
commit 47f9e4c924025c5be87959d3335e66fcbb7f6b5c ('keys: Do not cache key in task struct if key is requested from kernel thread')
Fixes: 7743c48e54ee ("keys: Cache result of request_key*() temporarily in task_struct")
[Regression potential]
DNS keys used by CIFS could get confused.
[Other Info]
Though this commit is part of stable updates v5.4.240, MSFT has requested that it be applied in advance since Focal is only up to v5.4.233. Linux-azure 5.4 is the only kernel that does not have this patch.
SF: #00359129 |
|
2023-04-26 19:17:16 |
Tim Gardner |
linux-azure (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2023-06-06 12:53:01 |
Ubuntu Kernel Bot |
tags |
|
kernel-spammed-focal-linux-azure verification-needed-focal |
|
2023-06-08 18:15:14 |
Tim Gardner |
tags |
kernel-spammed-focal-linux-azure verification-needed-focal |
kernel-spammed-focal-linux-azure verification-done-focal |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
linux-azure (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2021-3669 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-2196 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-2663 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-2978 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-29901 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3028 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3061 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3108 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3524 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3545 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3564 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3565 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3566 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3567 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3594 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3621 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3643 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-3903 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-40768 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-41218 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-4139 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-42703 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-42719 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-42896 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-4382 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-43945 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-45934 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2022-47520 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-0266 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-0461 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1075 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1118 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1281 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1380 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1670 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1829 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-1859 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-23559 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-2612 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-26545 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-30456 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-31436 |
|
2023-06-21 12:03:25 |
Launchpad Janitor |
cve linked |
|
2023-32233 |
|