kernel-packages team mailing list archive

Thread
Date
[Bug 1595350] Missing required logs.

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
Date: Thu, 23 Jun 2016 06:30:13 -0000
Reply-to: Bug 1595350 <1595350@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:

apport-collect 1595350

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.

** Changed in: linux (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1595350

Title:
  Linux netfilter local privilege escalation issues

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  The upstream stable rc git tree
  (http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
  rc.git/log/?h=linux-4.6.y) currently has the following commits for
  netfilter that address (with unprivileged user namespaces enabled)
  local privilege escalation. These are the commit references in linus'
  tree:

  f24e230d257af1ad7476c6e81a8dc3127a74204e
     netfilter: x_tables: don't move to non-existent next rule
  36472341017529e2b12573093cc0f68719300997
     netfilter: x_tables: validate targets of jumps
  7d35812c3214afa5b37a675113555259cfd67b98
     netfilter: x_tables: add and use xt_check_entry_offsets
  aa412ba225dd3bc36d404c28cdc3d674850d80d0
     netfilter: x_tables: kill check_entry helper
  a08e4e190b866579896c09af59b3bdca821da2cd
     netfilter: x_tables: assert minimum target size
  fc1221b3a163d1386d1052184202d5dc50d302d1
     netfilter: x_tables: add compat version of xt_check_entry_offsets
  7ed2abddd20cf8f6bd27f65bd218f26fa5bf7f44
     netfilter: x_tables: check standard target size too
  ce683e5f9d045e5d67d1312a42b359cb2ab2a13c
     netfilter: x_tables: check for bogus target offset
  13631bfc604161a9d69cd68991dff8603edd66f9
     netfilter: x_tables: validate all offsets and sizes in a rule
  7b7eba0f3515fca3296b8881d583f7c1042f5226
     netfilter: x_tables: don't reject valid target size on some architectures
  8dddd32756f6fe8e4e82a63361119b7e2384e02f
     netfilter: arp_tables: simplify translate_compat_table args
  7d3f843eed29222254c9feab481f55175a1afcc9
     netfilter: ip_tables: simplify translate_compat_table args
  329a0807124f12fe1c8032f95d8a8eb47047fb0e
     netfilter: ip6_tables: simplify translate_compat_table args
  0188346f21e6546498c2a0f84888797ad4063fc5
     netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
  09d9686047dbbe1cf4faa558d3ecc4aae2046054
     netfilter: x_tables: do compat validation via translate_table
  d7591f0c41ce3e67600a982bab6989ef0f07b3ce
     netfilter: x_tables: introduce and use xt_copy_counters_from_user

  They have also been backported to the 4.4
  (http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
  rc.git/log/?h=linux-4.4.y) and 3.14
  (http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-
  rc.git/log/?h=linux-3.14.y) stable trees, with 3 additional
  prerequisite backported commits:

  bdf533de6968e9686df777dc178486f600c6e617
     netfilter: x_tables: validate e->target_offset early
  6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
     netfilter: x_tables: make sure e->next_offset covers remaining blob size
  54d83fc74aa9ec72794373cb47432c5f7fb1a309
     netfilter: x_tables: fix unconditional helper

  CRD: Public

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1595350/+subscriptions