Described commit for the fix:
* commit 9392a27d88b9707145d713654eb26f0c29789e50
* Author: Jens Axboe <ax...@kernel.dk>
* Date: Thu Feb 6 21:42:51 2020 -0700
*
* io-wq: add support for inheriting ->fs
*
* commit ff002b30181d30cdfbca316dadd099c3ca0d739c
* Author: Jens Axboe <ax...@kernel.dk>
* Date: Fri Feb 7 16:05:21 2020 -0700
*
* io_uring: grab ->fs as part of async preparation
Can be found in G/H.
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Tags added: ubuntu-ltp-syscalls
** Also affects: linux (Ubuntu Hirsute)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Groovy)
Status: New => Fix Released
** Changed in: linux (Ubuntu Hirsute)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-29373
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1916046
Title:
cve-2020-29373 in cve from ubuntu_ltp failed
Status in ubuntu-kernel-tests:
New
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Focal:
New
Status in linux source package in Groovy:
Fix Released
Status in linux source package in Hirsute:
Fix Released
Bug description:
Not a regression, this is a new test added Feb 8, 2021:
https://github.com/linux-test-
project/ltp/commit/c4f669f13106862b6d8be38adf7825ae00ca7ac5
The log shows:
13260. 02/08 21:37:31 DEBUG| utils:0153| [stdout] startup='Mon Feb 8
21:37:30 2021'
13261. 02/08 21:37:31 DEBUG| utils:0153| [stdout] tst_test.c:1261:
TINFO: Timeout per run is 0h 05m 00s
13262. 02/08 21:37:31 DEBUG| utils:0153| [stdout] io_uring02.c:148:
TFAIL: Write outside chroot succeeded.
13263. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
13264. 02/08 21:37:31 DEBUG| utils:0153| [stdout] HINT: You _MAY_ be
missing kernel fixes, see:
13265. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
13266. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9392a27d88b9
13267. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff002b30181d
13268. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
13269. 02/08 21:37:31 DEBUG| utils:0153| [stdout] HINT: You _MAY_ be
vulnerable to CVE(s), see:
13270. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
13271. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29373
13272. 02/08 21:37:31 DEBUG| utils:0153| [stdout]
13273. 02/08 21:37:31 DEBUG| utils:0153| [stdout] Summary:
13274. 02/08 21:37:31 DEBUG| utils:0153| [stdout] passed 0
13275. 02/08 21:37:31 DEBUG| utils:0153| [stdout] failed 1
13276. 02/08 21:37:31 DEBUG| utils:0153| [stdout] broken 0
13277. 02/08 21:37:31 DEBUG| utils:0153| [stdout] skipped 0
13278. 02/08 21:37:31 DEBUG| utils:0153| [stdout] warnings 0
13279. 02/08 21:37:31 DEBUG| utils:0153| [stdout] tag=cve-2020-29373
stime=1612820250 dur=0 exit=exited stat=1 core=no cu=0
As of Feb 18, 2021, this CVE is not mitigated yet:
https://ubuntu.com/security/CVE-2020-29373
Seen with linux-kvm 5.4.0-1033.34.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1916046/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
