group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1788563] Re: L1TF mitigation not effective in some CPU and RAM combinations

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1788563@xxxxxxxxxxxxxxxxxx>
Date: Mon, 03 May 2021 12:49:43 -0000
Reply-to: Bug 1788563 <1788563@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 3.2.0-150.197

---------------
linux (3.2.0-150.197) precise; urgency=medium

  * precise/linux: 3.2.0-150.197 -proposed tracker (LP: #1919172)

  * CVE-2021-27365
    - scsi: iscsi: Verify lengths on passthrough PDUs
    - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
    - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE

  * CVE-2021-27363 // CVE-2021-27364
    - scsi: iscsi: Restrict sessions and handles to admin capabilities

  * CVE-2021-27364
    - scsi: iscsi: respond to netlink with unicast when appropriate
    - Add file_ns_capable() helper function for open-time capability checking
    - net: Add variants of capable for use on on sockets
    - netlink: Make the sending netlink socket availabe in NETLINK_CB

 -- Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>  Mon, 05 Apr
2021 14:23:29 -0300

** Changed in: linux (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27363

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27364

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27365

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1788563

Title:
  L1TF mitigation not effective in some CPU and RAM combinations

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Precise:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Bionic:
  Fix Released
Status in linux source package in Cosmic:
  Fix Released

Bug description:
  == SRU Justification ==
  This bug has been reported in multiple bugs and affects Trusty,
  Xenial and Bionic.  All releases need different backports, so T and X
  will be sent in separate SRU requests.

  Due to this bug in the original L1TF patch set, L1TF mitigation not
  effective in certain CPU and installed RAM configurations.

  == Fixes ==
  9df9516940a6 ("x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit")
  b0a182f87568 ("x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM")
  cc51e5428ea5 ("x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+")

  == Regression Potential ==
  Low.  These are security fixes and have all been cc'd to upstream
  stable, so they have had additional upstream review.

  == Test Case ==
  A test kernel was built with these patches and tested by the original bug reporter.
  The bug reporter states the test kernel resolved the bug.

  Lenovo Thinkpad W530 system with 32 GB RAM

  dmesg | grep -i l1tf
  [    0.038386] L1TF: System has more than MAX_PA/2 memory. L1TF mitigation not effective.
  [ 2652.469669] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.

  Related:
  https://bugzilla.opensuse.org/show_bug.cgi?id=1105536

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-32-generic 4.15.0-32.35
  ProcVersionSignature: Ubuntu 4.15.0-32.35-generic 4.15.18
  Uname: Linux 4.15.0-32-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.2
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  pgera      2809 F.... pulseaudio
  CurrentDesktop: Unity:Unity7:ubuntu
  Date: Thu Aug 23 03:38:40 2018
  InstallationDate: Installed on 2018-08-11 (12 days ago)
  InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
  MachineType: LENOVO 24382LU
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-32-generic root=UUID=e2607c8a-4bd1-49fe-ad07-83046492fac5 ro quiet splash vt.handoff=1
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-32-generic N/A
   linux-backports-modules-4.15.0-32-generic  N/A
   linux-firmware                             1.173.1
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 06/11/2018
  dmi.bios.vendor: LENOVO
  dmi.bios.version: G5ETB2WW (2.72 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 24382LU
  dmi.board.vendor: LENOVO
  dmi.board.version: NO DPK
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Not Available
  dmi.modalias: dmi:bvnLENOVO:bvrG5ETB2WW(2.72):bd06/11/2018:svnLENOVO:pn24382LU:pvrThinkPadW530:rvnLENOVO:rn24382LU:rvrNODPK:cvnLENOVO:ct10:cvrNotAvailable:
  dmi.product.family: ThinkPad W530
  dmi.product.name: 24382LU
  dmi.product.version: ThinkPad W530
  dmi.sys.vendor: LENOVO

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1788563/+subscriptions