Description: Kernel lockdown bypass bug
References:
 https://www.openwall.com/lists/oss-security/2022/07/19/4
Notes:
 carnil> Released as well in 5.18.15 for 5.18.y.
 carnil> Commit fixes 29d3c1c8dfe7 ("kexec: Allow kexec_file() with
 carnil> appropriate IMA policy when locked down") in 5.4-rc1.
 carnil> CONFIG_IMA was only re-enabled in Debian in 5.13.9-1~exp1
 carnil> and the issue does not affect bullseye's built binary packages.
Bugs:
upstream: released (5.19-rc8) [543ce63b664e2c2f9533d089a4664b559c3e6b5b]
5.10-upstream-stable: released (5.10.134) [ab5050fd7430dde3a9f073129036d3da3facc8ec]
4.19-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (5.18.16-1)
5.10-bullseye-security: released (5.10.136-1)
4.19-buster-security: N/A "Vulnerable code introduced later"