This bug was fixed in the package shim - 15.8-0ubuntu1
---------------
shim (15.8-0ubuntu1) mantic; urgency=medium
* New upstream version 15.8 (LP: #2051151):
- pe: Align section size up to page size for mem attrs (LP: #2036604)
- SBAT level: shim,4
- SBAT policy:
- Latest: "shim,4\ngrub,3\ngrub.debian,4\n"
- Automatic: "shim,2\ngrub,3\ngrub.debian,4\n"
- Note that this does not yet revoke pre NTFS CVE fix GRUB binaries.
* SECURITY UPDATE: a bug in an error message [LP: #2051151]
- mok: fix LogError() invocation
- CVE-2023-40546
* SECURITY UPDATE: out-of-bounds write and UEFI Secure Boot bypass
when booting via HTTP [LP: #2051151]
- avoid incorrectly trusting HTTP headers
- CVE-2023-40547
* SECURITY UPDATE: out-of-bounds write and possible bug [LP: #2051151]
- Fix integer overflow on SBAT section size on 32-bit system
- CVE-2023-40548
* SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
- Authenticode: verify that the signature header is in bounds.
- CVE-2023-40549
* SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
- pe: Fix an out-of-bound read in verify_buffer_sbat()
- CVE-2023-40550
* SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
- pe-relocate: Fix bounds check for MZ binaries
- CVE-2023-40551
* debian/rules: Update COMMIT_ID
-- Mate Kukri <mate.ku...@canonical.com> Thu, 25 Jan 2024 08:55:28
+0000
** Changed in: shim (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40546
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40547
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40548
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40549
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40550
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40551
--
You received this bug notification because you are a member of
Canonical's Ubuntu QA, which is subscribed to autopkgtest in Ubuntu.
https://bugs.launchpad.net/bugs/2036604
Title:
Synchronous Exception when booting VMs via qemu-efi-aarch64
Status in cloud-images:
New
Status in autopkgtest package in Ubuntu:
Confirmed
Status in edk2 package in Ubuntu:
Fix Released
Status in qemu package in Ubuntu:
Confirmed
Status in shim package in Ubuntu:
Fix Released
Status in edk2 package in Debian:
Fix Released
Bug description:
I try to create an autopkgtest VM on an arm64 system with
autopkgtest-buildvm-ubuntu-cloud -v --release mantic
or on an amd64 system with
autopkgtest-buildvm-ubuntu-cloud --arch arm64 -v --release mantic
In both cases I get:
Found linux image: /boot/vmlinuz-6.5.0-5-generic
Found initrd image: /boot/initrd.img-6.5.0-5-generic
Found linux image: /boot/vmlinuz-6.3.0-7-generic
Found initrd image: /boot/initrd.img-6.3.0-7-generic
Found linux image: /boot/vmlinuz-6.2.0-20-generic
Found initrd image: /boot/initrd.img-6.2.0-20-generic
Warning: os-prober will not be executed to detect other bootable partitions.
BdsDxe: loading Boot0001 "UEFI Misc Device" from PciRoot(0x0)/Pci(0x5,0x0)
BdsDxe: starting Boot0001 "UEFI Misc Device" from PciRoot(0x0)/Pci(0x5,0x0)
Synchronous Exception at 0x000000005C328000
Synchronous Exception at 0x000000005C328000
^A^Cqemu-system-aarch64: terminating on signal 2
Traceback (most recent call last):
/var/crash has no entries.
ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: qemu-system-arm 1:8.0.4+dfsg-1ubuntu1
ProcVersionSignature: Ubuntu 6.3.0-7.7-generic 6.3.5
Uname: Linux 6.3.0-7-generic aarch64
NonfreeKernelModules: zfs
ApportVersion: 2.27.0-0ubuntu2
Architecture: arm64
CasperMD5CheckResult: pass
CloudArchitecture: aarch64
CloudID: none
CloudName: none
CloudPlatform: none
CloudSubPlatform: config
Date: Tue Sep 19 15:37:20 2023
InstallationDate: Installed on 2021-08-17 (763 days ago)
InstallationMedia: Ubuntu-Server 21.10 "Impish Indri" - Alpha arm64 (20210813)
KvmCmdLine: COMMAND STAT EUID RUID PID PPID %CPU COMMAND
Lspci-vt:
-[0000:00]-+-00.0 NVIDIA Corporation GK208B [GeForce GT 730]
\-00.1 NVIDIA Corporation GK208 HDMI/DP Audio Controller
MachineType: {report['dmi.sys.vendor']} {report['dmi.product.name']}
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-6.3.0-7-generic
root=/dev/mapper/ubuntu--vg-ubuntu--lv ro
RebootRequiredPkgs: Error: path contained symlinks.
SourcePackage: qemu
UpgradeStatus: No upgrade log present (probably fresh install)
acpidump:
dmi.bios.date: Mar 26 2020
dmi.bios.release: 1.0
dmi.bios.vendor: EFI Development Kit II / Marvell
dmi.bios.version: EDK II
dmi.board.name: Armada 8040 MacchiatoBin
dmi.board.vendor: SolidRun
dmi.board.version: Rev. 1.3
dmi.chassis.type: 2
dmi.chassis.vendor: SolidRun
dmi.chassis.version: Rev. 1.3
dmi.modalias:
dmi:bvnEFIDevelopmentKitII/Marvell:bvrEDKII:bdMar262020:br1.0:svnSolidRun:pnArmada8040MacchiatoBin:pvrRev.1.3:rvnSolidRun:rnArmada8040MacchiatoBin:rvrRev.1.3:cvnSolidRun:ct2:cvrRev.1.3:sku:
dmi.product.name: Armada 8040 MacchiatoBin
dmi.product.version: Rev. 1.3
dmi.sys.vendor: SolidRun
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/2036604/+subscriptions
--
Mailing list: https://launchpad.net/~canonical-ubuntu-qa
Post to : canonical-ubuntu-qa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-ubuntu-qa
More help : https://help.launchpad.net/ListHelp
