blob: fe49bebbf2bc49e5390274f6a499ebc534b9a7db (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: lockdown: also lock down previous kgdb use
References:
https://www.openwall.com/lists/oss-security/2022/05/24/7
Notes:
carnil> Lockdown firstly introduced upstream in 5.4-rc1. On the other
carnil> hand though, Debian ships since 4.11-1~exp1 the lockdown
carnil> patches (replaced from the securelevel patch). Issue possibly
carnil> as well present already in the securelevel patchset.
carnil> Fixed as well in 5.17.10 for 5.17.y.
bwh> I think we can ignore this since we don't enable kgdb.
Bugs:
upstream: released (5.19-rc1) [eadb2f47a3ced5c64b23b90fd2a3463f63726066]
5.10-upstream-stable: released (5.10.119) [a8f4d63142f947cd22fa615b8b3b8921cdaf4991]
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.17.11-1)
5.10-bullseye-security: released (5.10.120-1)
4.19-buster-security: ignored "CONFIG_KGDB not enabled"
4.9-stretch-security: N/A "Vulnerable code not present"
|
