This has been addressed in Ubuntu kernels derived from upstream 5.4 and later. 4.15 kernels and older still need to be addressed.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1918960 Title: kernel does not honor mokx revocations, allowing kexec lockdown bypass Status in linux package in Ubuntu: Confirmed Bug description: All kernels do not honor mokx certificate revocations, and thus does not honor the 2012 certificate revocation, nor the post 2017 certificate signed kernels that allow acpi bypass. This can allow bypass of lockdown restrictions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1918960/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
