[SRU][OEM-5.14, OEM-5.17][PATCH 0/1] CVE-2022-21505
Magali Lemes
magali.lemes.do.sacramento at canonical.com
Tue Mar 21 19:38:02 UTC 2023
[Impact]
Kernel lockdown can be bypassed when UEFI secure boot is disabled or
unavailable and IMA appraisal is enabled.
[Backport]
Clean cherry-pick.
[Test]
Compile tested.
[Regression potential]
Low, but IMA appraisal could be affected as another check is added to the
ima_appraise_signature() function.
Eric Snowberg (1):
lockdown: Fix kexec lockdown bypass with ima policy
security/integrity/ima/ima_policy.c | 4 ++++
1 file changed, 4 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list