group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1725348] Re: Systemd - Bypassing MemoryDenyWriteExecution policy

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1725348@xxxxxxxxxxxxxxxxxx>
Date: Wed, 21 Mar 2018 11:42:35 -0000
Reply-to: Bug 1725348 <1725348@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package systemd - 234-2ubuntu12.3

---------------
systemd (234-2ubuntu12.3) artful; urgency=medium

  [ Dimitri John Ledkov ]
  * Fix test-functions failing with Ubuntu units. LP: #1750608
  * tests: switch to using ext4 by default, instead of ext3. LP: #1750608
  * Fix kdump service not starting, due to systemd not loading dropins.
    Cherrypick a fix from upstream. (LP: #1708409)
  * systemd-fsckd: Fix ADT tests to work on s390x too. (LP: #1736955)
  * netwokrd: add support for RequiredForOnline stanza. (LP: #1737570)
  * resolved.service: set DefaultDependencies=no (LP: #1734167)
  * systemd.postinst: enable persistent journal. (LP: #1618188)
  * core: add support for non-writable unified cgroup hierarchy for container support.
    Rebase and de-fuzz. (LP: #1734410)
  * Prevent MemoryDenyWriteExecution policy bypass, by disallowing pkey_mprotect when mprotect is disallowed.
    CVE-2017-15908 (LP: #1725348)
  * networkd: enable promote_secondaries on networkd managed dhcp links.
    This fixes failing to renew DHCP lease, on networkd managed devices.
    (LP: #1721223)

  [ Kleber Sacilotto de Souza ]
  * systemd-rfkill service times out when a new rfkill device is added
    - rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch: Comparing
    udev_device_get_sysname(device) and sysname will always return true. We need to
    check the device received from udev monitor instead.
    - rfkill-fix-typo.patch: Fix typo in rfkill log message. (LP: #1734908)

 -- Dimitri John Ledkov <xnox@xxxxxxxxxx>  Tue, 20 Feb 2018 16:11:58
+0000

** Changed in: systemd (Ubuntu Artful)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1725348

Title:
  Systemd - Bypassing MemoryDenyWriteExecution policy

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  Invalid
Status in systemd source package in Zesty:
  Won't Fix
Status in systemd source package in Artful:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released

Bug description:
  [Impact]

   * MemoryDenyWritePolicy can be bypassed by using a slightly different
  syscall.

  [Test Case]

   * Check that MemoryDenyWritePolicy, blocks pkey_mprotect as well as
  mprotect.

  [Regression Potential]

   * Upstream fix cherrypick, security vulnerability.

  [Other Info]
   
   * Original report

  Hello,

  We would like to report to you a vulnerability about systemd which
  allows to bypass the MemoryDenyWriteExecution policy on Linux 4.9+.

  The vulnerability is described in the attached PDF file.

  Sincerely,
  Thomas IMBERT

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725348/+subscriptions