blob: d83b8b9a9eef296a97d559668d368177e295eb1f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: Kernel lockdown bypass bug
References:
https://www.openwall.com/lists/oss-security/2022/07/19/4
Notes:
carnil> Released as well in 5.18.15 for 5.18.y.
carnil> Commit fixes 29d3c1c8dfe7 ("kexec: Allow kexec_file() with
carnil> appropriate IMA policy when locked down") in 5.4-rc1.
carnil> CONFIG_IMA was only re-enabled in Debian in 5.13.9-1~exp1
carnil> and the issue does not affect bullseye's built binary packages.
Bugs:
upstream: released (5.19-rc8) [543ce63b664e2c2f9533d089a4664b559c3e6b5b]
5.10-upstream-stable: released (5.10.134) [ab5050fd7430dde3a9f073129036d3da3facc8ec]
4.19-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (5.18.16-1)
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerable code introduced later"
|