APPLIED: [SRU][Xenial][CVE-2019-2054] Prevent ptrace from following stale syscall
Kleber Souza
kleber.souza at canonical.com
Mon Jul 8 07:23:00 UTC 2019
On 7/5/19 10:38 PM, Connor Kuehl wrote:
> On 7/1/19 2:02 AM, Kleber Souza wrote:
>> On 6/4/19 12:22 AM, Connor Kuehl wrote:
>>> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-2054.html
>>>
>>> CVE description from above URL: In the seccomp implementation prior to kernel
>>> version 4.8, there is a possible seccomp bypass due to seccomp policies that
>>> allow the use of ptrace. This could lead to local escalation of privilege
>>> with no additional execution privileges needed. User interaction is not needed
>>> for exploitation.
>>>
>>> Clean cherry pick. No manual adjustments required.
>>>
>>> Kees Cook (1):
>>> arm/ptrace: run seccomp after ptrace
>>>
>>> arch/arm/kernel/ptrace.c | 11 ++++++-----
>>> 1 file changed, 6 insertions(+), 5 deletions(-)
>>>
>>
>> Applied to xenial/master-next branch.
>
> I can't find this commit in our tree. I wonder if it got lost during the
> previous cycle?
>
Hi Connor,
This commit was applied to Xenial kernel 4.4.0-155.182, which is currently
in -proposed.
https://launchpad.net/ubuntu/+source/linux/4.4.0-155.182
---
* CVE-2019-2054
- arm/ptrace: run seccomp after ptrace
---
This is the commit in our tree:
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial/commit/?h=master-next&id=75271a79a61de2a6365970b7a91883eff556872c
Thanks,
Kleber
More information about the kernel-team
mailing list