APPLIED[E]: [PATCH 0/5][SRU][X/B/D/E] CVE-2019-1705{2, 3, 4, 5, 6}: Missing CAP_NET_RAW checks
Seth Forshee
seth.forshee at canonical.com
Thu Oct 3 20:55:17 UTC 2019
On Thu, Oct 03, 2019 at 06:13:13PM +0000, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17052.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17053.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17054.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17055.html
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17056.html
>
> It was discovered that a number of old and rarely used network
> protocols allow unprivileged users to create a raw socket without
> requiring CAP_NET_RAW.
>
> Clean cherry picks to all releases. Build logs are clean.
>
> I can provide pull requests for each release, if desired, but I think
> sending the patches over email may end up being easier to apply since
> all the patches can be easily git-am'ed to all of our kernels. So that
> means modifying the patches with the ack's once and then git-am'ing the
> same patches everywhere instead of adding the acks to each patch in each
> individual pull request.
Applied to eoan/master-next, thanks!
More information about the kernel-team
mailing list