group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1725348] Re: Systemd - Bypassing MemoryDenyWriteExecution policy

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1725348@xxxxxxxxxxxxxxxxxx>
Date: Wed, 29 Nov 2017 19:09:40 -0000
Reply-to: Bug 1725348 <1725348@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package systemd - 235-3ubuntu2

---------------
systemd (235-3ubuntu2) bionic; urgency=medium

  * systemd-fsckd: Fix ADT tests to work on s390x too.

systemd (235-3ubuntu1) bionic; urgency=medium

  * Merge 235-3 from debian:
    - Drop UBUNTU-CVE-2017-15908 included in Debian.

  * Remaining delta from Debian:
    - ship dhclient enter hook for dhclient integration with resolved
    - ship resolvconf integration via stub-resolv.conf
    - ship s390x virtio interface names migration
    - do not disable systemd-resolved upon libnss-resolve removal
    - do not remote fs in containers, for non-degrated boot
    - CVE-2017-15908 in resolved fix loop on packets with pseudo dns types
    - Unlink invocation id key, upon chown failure in containers
    - Change default to UseDomains by default
    - Do not treat failure to set Nice= setting as error in containers
    - Add a condition to systemd-journald-audit.socet to not start in
      containers (fails)
    - Build without any built-in/fallback DNS server setting
    - Enable resolved by default
    - Update autopkgtests for reliability/raciness, and testing for typical
      defaults
    - Always upgrade udev, when running adt tests
    - Skip test-execute on armhf
    - Cherry-pick a few testsuite fixes

  * UBUNTU Do not use nested kvm during ADT tests.

systemd (235-3) unstable; urgency=medium

  [ Michael Biebl ]
  * Switch from XC-Package-Type to Package-Type. As of dpkg-dev 1.15.7
    Package-Type is recognized as an official field name.
  * Install modprobe configuration file to /lib/modprobe.d.
    Otherwise it is not read by kmod. (Closes: #879191)

  [ Felipe Sateler ]
  * Backport upstream (partial) fix for combined DynamicUser= + User=
    UID was not allowed to be different to GID, which is normally the case in
    debian, due to the group users being allocated the GID 100 without an
    equivalent UID 100 being allocated.
  * Backport upstream patches to fully make DynamicUser=yes + static,
    pre-existing User= work.

  [ Martin Pitt ]
  * Add missing python3-minimal dependency to systemd-tests
  * Drop long-obsolete systemd-bus-proxy system user
    systemd-bus-proxy hasn't been shipped since before stretch and never
    created any files. Thus clean up the obsolete system user on upgrades.
    (Closes: #878182)
  * Drop static systemd-journal-gateway system user
    systemd-journal-gatewayd.service now uses DynamicUser=, so we don't need
    to create this statically any more. Don't remove the user on upgrades
    though, as there is likely still be a running process. (Closes: #878183)
  * Use DynamicUser= for systemd-journal-upload.service.
  * Add Recommends: libnss-systemd to systemd-sysv.
    This is useful to actually be able to resolve dynamically created system
    users with DynamicUser=true. This concept is going to be used much more
    in future versions and (hopefully) third-party .services, so pulling it
    into the default installation seems prudent now.
  * resolved: Fix loop on packets with pseudo dns types.
    (CVE-2017-15908, Closes: #880026, LP: #1725351)
  * bpf-firewall: Properly handle kernels without BPF cgroup but with TRIE maps.
    Fixes "Detaching egress BPF: Invalid argument" log spam. (Closes: #878965)
  * Fix MemoryDenyWriteExecution= bypass with pkey_mprotect() (LP: #1725348)

 -- Dimitri John Ledkov <xnox@xxxxxxxxxx>  Tue, 21 Nov 2017 16:41:15
+0000

** Changed in: systemd (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15908

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1725348

Title:
  Systemd - Bypassing MemoryDenyWriteExecution policy

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  New
Status in systemd source package in Zesty:
  New
Status in systemd source package in Artful:
  New
Status in systemd source package in Bionic:
  Fix Released

Bug description:
  Hello,

  We would like to report to you a vulnerability about systemd which
  allows to bypass the MemoryDenyWriteExecution policy on Linux 4.9+.

  The vulnerability is described in the attached PDF file.

  
  Sincerely, 
  Thomas IMBERT

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725348/+subscriptions