2018-06-05 07:55:51 |
Juerg Haefliger |
bug |
|
|
added bug |
2018-06-05 07:56:00 |
Juerg Haefliger |
nominated for series |
|
Ubuntu Xenial |
|
2018-06-05 07:56:07 |
Juerg Haefliger |
nominated for series |
|
Ubuntu Trusty |
|
2018-06-05 07:56:12 |
Juerg Haefliger |
nominated for series |
|
Ubuntu Precise |
|
2018-06-05 08:00:06 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
2018-06-06 11:31:11 |
Juerg Haefliger |
description |
Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial is lacking it as well. All the other stable upstream kernels include it, so add it to Xenial. Specifically, the following patches are needed:
c7f631cb07e7 x86/get_user: Use pointer masking to limit speculation
304ec1b05031 x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
b5c4ae4f3532 x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
b3bbfb3fb5d2 x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec |
== SRU Justification ==
Upstream's Spectre v1 mitigation prevents speculation on a user controlled pointer. This part of the Spectre v1 patchset was never backported to 4.4 (for unknown reasons) so Xenial/Trusty/Precise are lacking it as well. All the other stable upstream kernels include it, so add it to our older kernels.
== Fix ==
Backport the following patches:
x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
== Regression Potential ==
Low. Patches have been in upstream (and other distro kernels) for quite a while now and the changes only introduce a barrier on copy_from_user operations.
== Test Case ==
TBD. |
|
2018-06-06 15:05:28 |
Stefan Bader |
bug task added |
|
linux (Ubuntu Xenial) |
|
2018-06-06 21:55:29 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Precise) |
|
2018-06-06 21:55:34 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Trusty) |
|
2018-06-07 22:53:08 |
Khaled El Mously |
linux (Ubuntu Xenial): status |
New |
Fix Committed |
|
2018-06-13 11:03:40 |
Brad Figg |
tags |
|
verification-needed-xenial |
|
2018-06-22 06:53:58 |
Juerg Haefliger |
tags |
verification-needed-xenial |
verification-done-xenial |
|
2018-07-02 08:29:08 |
Launchpad Janitor |
linux (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2018-07-02 08:29:08 |
Launchpad Janitor |
cve linked |
|
2018-3639 |
|
2018-07-02 08:29:08 |
Launchpad Janitor |
cve linked |
|
2018-3665 |
|
2018-07-02 08:29:08 |
Launchpad Janitor |
cve linked |
|
2018-7755 |
|
2018-07-27 15:26:48 |
Kleber Sacilotto de Souza |
linux (Ubuntu Trusty): status |
New |
Fix Committed |
|
2018-08-02 16:03:08 |
Brad Figg |
tags |
verification-done-xenial |
verification-done-xenial verification-needed-trusty |
|
2018-08-22 14:14:33 |
Juerg Haefliger |
tags |
verification-done-xenial verification-needed-trusty |
verification-done-trusty verification-done-xenial |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
linux (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2016-10208 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-11472 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-11473 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-14991 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-15649 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16526 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16527 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16529 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16531 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16532 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16533 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16535 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16536 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16537 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16538 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16643 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16644 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16645 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16650 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16911 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16912 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16913 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-16914 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-17558 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-18255 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-18270 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-2583 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-2584 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-2671 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-5549 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-5715 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-5897 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-6345 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-6348 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-7518 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-7645 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-8831 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2017-9984 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-1000204 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10021 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10087 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10124 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10323 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10675 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10877 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10881 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-1092 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-1093 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-10940 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-12233 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-13094 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-13405 |
|
2018-08-23 21:59:21 |
Launchpad Janitor |
cve linked |
|
2018-13406 |
|
2018-11-12 06:56:13 |
Juerg Haefliger |
linux (Ubuntu Precise): status |
New |
In Progress |
|
2018-11-12 06:56:23 |
Juerg Haefliger |
linux (Ubuntu Precise): assignee |
|
Juerg Haefliger (juergh) |
|
2018-12-04 11:30:04 |
Kleber Sacilotto de Souza |
linux (Ubuntu Precise): status |
In Progress |
Fix Committed |
|
2019-05-14 11:06:36 |
Juerg Haefliger |
linux (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
2019-06-13 07:10:04 |
Juerg Haefliger |
linux (Ubuntu): status |
Incomplete |
Invalid |
|
2019-07-24 21:24:51 |
Brad Figg |
tags |
verification-done-trusty verification-done-xenial |
cscc verification-done-trusty verification-done-xenial |
|