ACK/cmnt: [PATCH 0/2][T] CVE-2015-8539, CVE-2017-15299 - Multiple issues in the kernel keyring
Tyler Hicks
tyhicks at canonical.com
Fri Sep 28 13:21:37 UTC 2018
On 2018-09-28 12:02:56, Kleber Souza wrote:
> On 09/14/18 20:53, Tyler Hicks wrote:
> > https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8539.html
> >
> > The KEYS subsystem in the Linux kernel before 4.4 allows local users to
> > gain privileges or cause a denial of service (BUG) via crafted keyctl
> > commands that negatively instantiate a key, related to
> > security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and
> > security/keys/user_defined.c.
>
> The CVE matrix is stating that Trusty is not affected by CVE-2015-8539,
> but this seems to be an issue with the matrix since this patch is really
> missing on Trusty.
Thanks for pointing this out!
I had previously attempted to fix it up with this commit:
https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=2381eb7987874fccc55094cb65295dfeaa17a013
However, I didn't realize that I needed to manually change the status of
trusty back to needs-triage so that the autotriage bot would act on the
new sha1 break hash. The security team later retired all fixed CVEs and
this one was included in that operation:
https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=746a9daf1def0a4f2d1013f2044245932569afe1
I've fixed this up in the kernel team's UCT tree and I'll keep an eye on
the autotriage results:
https://git.launchpad.net/~canonical-kernel-team/ubuntu-cve-tracker/commit/?id=c1ac3706fb74767f61838066fa33c51bdeed972e
Tyler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180928/621a5241/attachment.sig>
More information about the kernel-team
mailing list