test_160_setattr_CVE_2015_1350 in kernel security test failed with 4.4/4.15 kvm
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QA Regression Testing |
Invalid
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Invalid
|
Undecided
|
Unassigned | ||
linux-kvm (Ubuntu) |
Fix Released
|
Undecided
|
Kamal Mostafa | ||
Xenial |
Fix Released
|
Undecided
|
Kamal Mostafa | ||
Bionic |
Fix Released
|
Undecided
|
Kamal Mostafa |
Bug Description
FAIL: test_160_
Ensure unpriv user cannot strip setattr attributes via chown() (CVE-2015-1350)
-----
Traceback (most recent call last):
File "./test-
self.
File "/home/
self.
AssertionError: Got exit code 1, expected 0
Command: 'setcap', 'cap_sys_nice+ep', '/tmp/setattr-
Output:
Failed to set capabilities on file `/tmp/setattr-
The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file
Steps to reproduce:
Deploy the node with Xenial 4.4 kernel, install linux-kvm
sudo apt-get install python-minimal
git clone --depth=1 git://kernel.
git clone --depth=1 git://kernel.
rm -fr autotest/
ln -sf ~/autotest-
AUTOTEST_
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-
ProcVersionSign
Uname: Linux 4.4.0-1019-kvm x86_64
NonfreeKernelMo
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
Date: Mon Apr 2 17:23:14 2018
ProcEnviron:
TERM=xterm-
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: linux-kvm
UpgradeStatus: No upgrade log present (probably fresh install)
summary: |
- test_160_setattr_CVE_2015_1350 in kernel security test failed with 4.4 - X-kvm + test_160_setattr_CVE_2015_1350 in kernel security test failed with + 4.4/4.15 kvm |
Changed in linux-kvm (Ubuntu Xenial): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux-kvm (Ubuntu Bionic): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux-kvm (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in linux-kvm (Ubuntu Bionic): | |
status: | New → In Progress |
Changed in linux-kvm (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux-kvm (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in qa-regression-testing: | |
status: | New → Invalid |
Changed in linux (Ubuntu Bionic): | |
status: | Incomplete → Invalid |
Changed in linux (Ubuntu Xenial): | |
status: | New → Invalid |
tags: | added: bionic |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1760657
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.