2021-09-03 13:58:01 |
Kleber Sacilotto de Souza |
bug |
|
|
added bug |
2021-09-03 13:58:15 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu) |
|
2021-09-03 13:58:22 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Bionic |
|
2021-09-03 13:58:22 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Bionic) |
|
2021-09-03 13:58:22 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Focal |
|
2021-09-03 13:58:22 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Focal) |
|
2021-09-03 13:58:49 |
Kleber Sacilotto de Souza |
summary |
cve-2017-7616 in cve from ubuntu_ltp failed with b/hwe-5.4 on i386 |
cve-2017-7616 in cve from ubuntu_ltp failed on bionic with linux/linux-hwe-5.4 on i386 |
|
2021-09-03 14:00:07 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
2021-09-03 14:00:10 |
Ubuntu Kernel Bot |
linux (Ubuntu Bionic): status |
New |
Incomplete |
|
2021-09-03 14:00:12 |
Ubuntu Kernel Bot |
linux (Ubuntu Focal): status |
New |
Incomplete |
|
2021-09-03 14:00:16 |
Ubuntu Kernel Bot |
tags |
|
bionic |
|
2021-09-03 14:00:19 |
Kleber Sacilotto de Souza |
description |
ubuntu_ltp.cve cve-2017-7616 testcase output:
16:10:41 DEBUG| [stdout] startup='Sun Aug 29 15:53:35 2021'
16:10:41 DEBUG| [stdout] tst_test.c:1346: TINFO: Timeout per run is 0h 05m 00s
16:10:41 DEBUG| [stdout] set_mempolicy05.c:66: TINFO: stack pattern is in 0xbf996ccc-0xbf9970cc
16:10:41 DEBUG| [stdout] set_mempolicy05.c:111: TFAIL: set_mempolicy should fail with EFAULT or EINVAL, instead returned 38
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be missing kernel fixes, see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be vulnerable to CVE(s), see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2017-7616
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] Summary:
16:10:41 DEBUG| [stdout] passed 0
16:10:41 DEBUG| [stdout] failed 1
16:10:41 DEBUG| [stdout] broken 0
16:10:41 DEBUG| [stdout] skipped 0
16:10:41 DEBUG| [stdout] warnings 0
16:10:41 DEBUG| [stdout] tag=cve-2017-7616 stime=1630252415 dur=0 exit=exited stat=1 core=no cu=0 cs=0
This is not a regression as this is a new testcase which runs only on 32-bit systems (i386 and powerpc).
The commit sha1 (cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 - mm/mempolicy.c: fix error handling in set_mempolicy and mbind.) which fixes this CVE, according to https://ubuntu.com/security/CVE-2017-7616, was applied upstream for v4.11-rc6, so both focal/linux and bionic/linux supposedly contain the fix. |
ubuntu_ltp.cve cve-2017-7616 testcase output:
16:10:41 DEBUG| [stdout] startup='Sun Aug 29 15:53:35 2021'
16:10:41 DEBUG| [stdout] tst_test.c:1346: TINFO: Timeout per run is 0h 05m 00s
16:10:41 DEBUG| [stdout] set_mempolicy05.c:66: TINFO: stack pattern is in 0xbf996ccc-0xbf9970cc
16:10:41 DEBUG| [stdout] set_mempolicy05.c:111: TFAIL: set_mempolicy should fail with EFAULT or EINVAL, instead returned 38
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be missing kernel fixes, see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf01fb9985e8
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] HINT: You _MAY_ be vulnerable to CVE(s), see:
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2017-7616
16:10:41 DEBUG| [stdout]
16:10:41 DEBUG| [stdout] Summary:
16:10:41 DEBUG| [stdout] passed 0
16:10:41 DEBUG| [stdout] failed 1
16:10:41 DEBUG| [stdout] broken 0
16:10:41 DEBUG| [stdout] skipped 0
16:10:41 DEBUG| [stdout] warnings 0
16:10:41 DEBUG| [stdout] tag=cve-2017-7616 stime=1630252415 dur=0 exit=exited stat=1 core=no cu=0 cs=0
This is not a regression as this is a new testcase which runs only on 32-bit systems (i386 and powerpc). This test was added by ltp commit 6feed808040a86c54b7ab2dd3839fefd819a42cc (Add set_mempolicy05, CVE-2017-7616).
The commit sha1 (cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 - mm/mempolicy.c: fix error handling in set_mempolicy and mbind.) which fixes this CVE according to https://ubuntu.com/security/CVE-2017-7616, was applied upstream for v4.11-rc6, so both focal/linux and bionic/linux supposedly contain the fix. |
|
2021-09-03 14:01:26 |
Kleber Sacilotto de Souza |
tags |
bionic |
4.15 5.4 bionic focal hwe-5.4 i386 sru-20210816 ubuntu-ltp |
|
2021-09-03 14:02:15 |
Kleber Sacilotto de Souza |
linux (Ubuntu Bionic): status |
Incomplete |
Confirmed |
|
2021-09-03 14:02:18 |
Kleber Sacilotto de Souza |
linux (Ubuntu Focal): status |
Incomplete |
Confirmed |
|
2021-12-24 02:42:39 |
Po-Hsu Lin |
tags |
4.15 5.4 bionic focal hwe-5.4 i386 sru-20210816 ubuntu-ltp |
4.15 5.4 bionic focal hwe-5.4 i386 sru-20210816 sru-20211129 ubuntu-ltp |
|
2023-12-20 01:56:37 |
Po-Hsu Lin |
tags |
4.15 5.4 bionic focal hwe-5.4 i386 sru-20210816 sru-20211129 ubuntu-ltp |
4.15 5.4 bionic focal hwe-5.4 i386 sru-20210816 sru-20211129 ubuntu-ltp-cve |
|