group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1779848] Re: Cleanup Meltdown/Spectre implementation

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1779848@xxxxxxxxxxxxxxxxxx>
Date: Mon, 03 May 2021 12:49:43 -0000
Reply-to: Bug 1779848 <1779848@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package linux - 3.2.0-150.197

---------------
linux (3.2.0-150.197) precise; urgency=medium

  * precise/linux: 3.2.0-150.197 -proposed tracker (LP: #1919172)

  * CVE-2021-27365
    - scsi: iscsi: Verify lengths on passthrough PDUs
    - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
    - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE

  * CVE-2021-27363 // CVE-2021-27364
    - scsi: iscsi: Restrict sessions and handles to admin capabilities

  * CVE-2021-27364
    - scsi: iscsi: respond to netlink with unicast when appropriate
    - Add file_ns_capable() helper function for open-time capability checking
    - net: Add variants of capable for use on on sockets
    - netlink: Make the sending netlink socket availabe in NETLINK_CB

 -- Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>  Mon, 05 Apr
2021 14:23:29 -0300

** Changed in: linux (Ubuntu Precise)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27363

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27364

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27365

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1779848

Title:
  Cleanup Meltdown/Spectre implementation

Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Xenial:
  Invalid

Bug description:
  == SRU Justification ==

  Ubuntu kernels contain Meltdown and Spectre mitigations that are
  largely based on embargoed patches but what eventually landed in
  upstream is different in some places. We should clean up the different
  kernels to bring them closer in line with upstream.

  == Fix ==

  Add missing upstream patches.

  == Regression Potential ==

  Medium. The patches have been in upstream for quite a while now and
  are baked in but some of the backporting is not completely trivial and
  without risk.

  == Test Case ==

  TBD.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1779848/+subscriptions