blob: fbbac8c0ef202cbbb9f9461f0a98c760bce319c7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
Description: ACPI: configfs: Disallow loading ACPI tables when locked down
References:
https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh
https://www.openwall.com/lists/oss-security/2020/06/15/3
https://www.openwall.com/lists/oss-security/2020/07/30/2
Notes:
carnil> We do not enable CONFIG_ACPI_CONFIGFS so this is not a problem
carnil> for the images built.
Bugs:
upstream: released (5.8-rc3) [75b0cea7bf307f362057cc778efe89af4c615354]
4.19-upstream-stable: N/A "lockdown not implemented"
4.9-upstream-stable: N/A "lockdown not implemented"
sid: released (5.7.10-1)
4.19-buster-security: released (4.19.146-1) [features/all/lockdown/ACPI-configfs-Disallow-loading-ACPI-tables-when-lock.patch]
4.9-stretch-security: ignored "securelevel included but not supported"
|
