[Kernel-packages] [Bug 2038942] Re: [MIR] protection-domain-mapper & qrtr
I reviewed qrtr 1.0-2 as checked into mantic. This shouldn't be considered a full audit but rather a quick gauge of maintainability. qrtr: Userspace reference for net/qrtr in the Linux kernel - CVE History: - no CVE history - no security policy - CVE-2019-19079 and CVE-2021-29647 affect kernel implementation - Build-Depends? - no explicit dependencies in d/control - pre/post inst/rm scripts? - postinst configures and starts qrtr-ns.service - prerm stops qrtr-ns.service - postrm runs daemon-reload and purges qrtr-ns.service - init scripts? - init - systemd units? - ./lib/systemd/system/qrtr-ns.service - spartan documentation - starts qrtr-ns - dbus services? - none - setuid binaries? - none - binaries in PATH? - ./usr/bin/qrtr-cfg - ./usr/bin/qrtr-lookup - ./usr/bin/qrtr-ns - sudo fragments? - none - polkit files? - none - udev rules? - none - unit tests / autopkgtests? - tests, hardware tests, are needed - cron jobs? - none - Build logs: - mostly clean - see -proposed - Processes spawned? - none - Memory management? - memory use appears safe - if values are confidential, memset_s should be used - File IO? - only sockets - Logging? - yes, see PLOGE - string use looks safe - Environment variable usage? - none - Use of privileged functions? - none - Use of cryptography / random number sources etc? - none - Use of temp files? - none - Use of networking? - heavy, most of codebase - nothing obviously concerning - Use of WebKit? - none - Use of PolicyKit? - none - Any significant cppcheck results? - none - Any significant Coverity results? - rc appears to be false positive - src/ns.c:796:2 appears to be an infinite loop - Any significant shellcheck results? - none - Any significant bandit results? - none - ./qrtr.py is python2.7 We should be cautious of IPC routers running root permissions. Similar code has enabled vendor backdoors [0]. Qualcomm IPC will only be enabled in kernels which require it, such as for the x13s. Some mitigations exist to prevent spoofing and non-local observers. Fuzzing seems worthwhile. Possibly zero in-line comments. No documentation. This is a major maintenance issue. slyon's recommendations are great! Thank you for adding a hardened systemd profile to -proposed for promotion \o/ http://launchpadlibrarian.net/691288509/qrtr_1.0-2_1.0-2ubuntu1.diff.gz Security team ACK for promoting qrtr to main. [0] https://redmine.replicant.us/projects/replicant/wiki/samsunggalaxybackdoor ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19079 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29647 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to qrtr in Ubuntu. https://bugs.launchpad.net/bugs/2038942 Title: [MIR] protection-domain-mapper & qrtr Status in protection-domain-mapper package in Ubuntu: Fix Committed Status in qrtr package in Ubuntu: Fix Committed Bug description: [Availability] The package protection-domain-mapper is already in Ubuntu universe. The package protection-domain-mapper build for the architectures it is designed to work on. It currently builds and works for architectures: any, verified as working on arm64 Link to package https://launchpad.net/ubuntu/+source/protection-domain-mapper [Rationale] - The package protection-domain-mapper is required in Ubuntu main for ubuntu-desktop on ARM64, as it enables power-indicator (among other things) on most Windows on Arm laptops (qcom based laptops ~7 SKUs and more coming). There is no other way to implement this. - protection-domain-mapper depends on qrtr for library and a systemd service it provides. - There is no other/better way to solve this that is already in main or should go universe->main instead of this. As this is the only implementation of talking to the qcom hardware. - The package protection-domain-mapper is required in Ubuntu main no later than today due to Mantic release, if we want to have the best impression of Ubuntu Desktop in the live session on x13s. - If that fails, having it fixed as SRU is the next best option. [Security] - No CVEs/security issues in this software in the past. This is a reference open source implementation of these tools, which otherwise are used on qcom Android devices - no `suid` or `sgid` binaries no executables in `/sbin` and `/usr/sbin` - Package does install services: pd-mapper.service & qrtr-ns.service which allow runtime access to the qcom hardware which are run as root - Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features: - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software (filters, sc
[Kernel-packages] [Bug 2038942] Re: [MIR] protection-domain-mapper & qrtr
I reviewed protection-domain-mapper as checked into mantic. This shouldn't be considered a full audit but rather a quick gauge of maintainability. pd-mapper: [no upstream description] - CVE History: - no CVE history - possible security issues in commit messages - no security policy - upstream may not be reporting security issues - this is a maintenance issue - Build-Depends? - qrtr - pre/post inst/rm scripts? - postinst configures and starts pd-mapper.service - prerm stops pd-mapper.service - postrm runs daemon-reload and purges pd-mapper.service - init scripts? - none - systemd units? - ./lib/systemd/system/pd-mapper.service - spartan documentation - starts pd-mapper - dbus services? - none - setuid binaries? - none - binaries in PATH? - ./usr/bin/pd-mapper - sudo fragments? - none - polkit files? - none - udev rules? - none - unit tests / autopkgtests? - tests, hardware tests, are needed - cron jobs? - none - Build logs: - no-manual-page - Processes spawned? - none - Memory management? - owning team has agreed to fix issues - File IO? - pd_enumerate_jsons looks dangerous - statically opens /sys/class/remoteproc/ - only root should own these files - if continues, without consequence - /lib/firmware/ also set - interprets json - Logging? - minimal, mostly stderr - Environment variable usage? - none - Use of privileged functions? - none - Use of cryptography / random number sources etc? - none - Use of temp files? - none - Use of networking? - through qrtr - Use of WebKit? - none - Use of PolicyKit? - none - Any significant cppcheck results? - none - Any significant Coverity results? - high density for only ~1k loc - owning team agreed to address all positive results - Any significant shellcheck results? - none - Any significant bandit results? - none This deserves fuzzing and a deeper review. Hardware enablement is a priority and urgent. slyon's recommendations are great! There is no release or changelog history. Commit messages are the only context Possibly zero in-line comments. No documentation. This project does not even have a description. This is a major maintenance issue. Thank you for adding a hardened systemd profile in -proposed for promotion \o/ http://launchpadlibrarian.net/691288606/protection-domain-mapper_1.0-4ubuntu1_1.0-4ubuntu2.diff.gz Security team ACK for promoting protection-domain-mapper to main. ** Attachment added: "coverity-protection-domain-mapper.txt" https://bugs.launchpad.net/ubuntu/+source/qrtr/+bug/2038942/+attachment/5708388/+files/coverity-protection-domain-mapper.txt ** Changed in: protection-domain-mapper (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) ** Changed in: qrtr (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) ** Changed in: protection-domain-mapper (Ubuntu) Status: Confirmed => Fix Committed ** Changed in: qrtr (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to qrtr in Ubuntu. https://bugs.launchpad.net/bugs/2038942 Title: [MIR] protection-domain-mapper & qrtr Status in protection-domain-mapper package in Ubuntu: Fix Committed Status in qrtr package in Ubuntu: Fix Committed Bug description: [Availability] The package protection-domain-mapper is already in Ubuntu universe. The package protection-domain-mapper build for the architectures it is designed to work on. It currently builds and works for architectures: any, verified as working on arm64 Link to package https://launchpad.net/ubuntu/+source/protection-domain-mapper [Rationale] - The package protection-domain-mapper is required in Ubuntu main for ubuntu-desktop on ARM64, as it enables power-indicator (among other things) on most Windows on Arm laptops (qcom based laptops ~7 SKUs and more coming). There is no other way to implement this. - protection-domain-mapper depends on qrtr for library and a systemd service it provides. - There is no other/better way to solve this that is already in main or should go universe->main instead of this. As this is the only implementation of talking to the qcom hardware. - The package protection-domain-mapper is required in Ubuntu main no later than today due to Mantic release, if we want to have the best impression of Ubuntu Desktop in the live session on x13s. - If that fails, having it fixed as SRU is the next best option. [Security] - No CVEs/security issues in this software in the past. This is a reference open source implementation of these tools, which otherwise are used on qcom Android devices - no `suid` or `sgid` binaries no executables in `/sbin` and `/usr/sbin` - Package does install services: pd-mapper.service & qrtr-ns.service which allow runtime access to the qcom hardware which
[Kernel-packages] [Bug 2080290] Re: tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2080290 Title: tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs Status in linux package in Ubuntu: New Bug description: cpupower utility reports incorrect pstates in one portion of its output on Turin. root@volcano-ef0fhost:/home/amd# cpupower frequency-info analyzing CPU 0: driver: acpi-cpufreq CPUs which run at the same hardware frequency: 0 CPUs which need to have their frequency coordinated by software: 0 maximum transition latency: Cannot determine or is not supported. hardware limits: 1.50 GHz - 3.25 GHz available frequency steps: 1.90 GHz, 1.70 GHz, 1.50 GHz available cpufreq governors: conservative ondemand userspace powersave performance schedutil current policy: frequency should be within 1.50 GHz and 1.90 GHz. The governor "schedutil" may decide which speed to use within this range. current CPU frequency: 1.50 GHz (asserted by call to hardware) boost state support: Supported: yes Active: yes Boost States: 0 Total States: 3 Pstate-P0: 24800MHz Pstate-P1: 16800MHz Pstate-P2: 8800MHz This issue occurs both with the distro cpufreq utility that comes with Ubuntu 22.04 5.15.0.87 kernel-tools package as well as the upstream cpufreq utility. The fix is commit 43cad521c6d : tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2080290/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2045931] Re: ps3 sixasis controller request pin to connect to bt
Regardless of how the bluetooth device works, enabling unbonded devices in BlueZ makes a computer vulnerable to CVE-2023-45866. It won't be enabled by the security team. Perhaps GNOME or other desktops could become more aware of gaming controllers with these issues to make pairing easier, without needing to open a terminal. If there are feature requests for this, please link them in this bug for others. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/2045931 Title: ps3 sixasis controller request pin to connect to bt Status in bluez package in Ubuntu: Won't Fix Bug description: [ Workaround ] 1. Set ClassicBondedOnly=false in /etc/bluetooth/input.conf 2. Run: systemctl restart bluetooth # or reboot [ Original Description ] Once my Ubuntu updated bluez package to 5.64-0ubuntu1.1 I was not able to connect my PS3 Sixasis controller via bluetooth. It is aking to enter a PIN in the device (not possible to enter a pin in the gamepad). Source pacakge (from "apt list -a bluez"): bluez/jammy-updates,jammy-security 5.64-0ubuntu1.1 amd64 Once downgraded to 5.64-0ubuntu1 version, gamepad connects OK again without asking for a connection PIN. Ubuntu release: Description: Ubuntu 22.04.3 LTS Release: 22.04 Package version: bluez: Installed: 5.64-0ubuntu1.1 Expected to happen: Connect PS3 Controller by Bluetooth without asking for a PIN code Happened instead: PS3 Controller cannot connect because PIN code is requested To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/2045931/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1904391] Re: Touchpad and Keyboard not detectable in the new kernel
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1904391 Title: Touchpad and Keyboard not detectable in the new kernel Status in linux package in Ubuntu: Confirmed Bug description: Hello! I had to abruptly shutdown my pc while update for new groovy was on. Upon rebooting, the touchpad and keyboard is not detectable in the new kernel. They're working fine in older kernel which I had to select in boot options. Please kindly resolve this issue. Thank you! ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: linux-image-5.8.0-28-generic 5.8.0-28.30 ProcVersionSignature: Ubuntu 5.8.0-28.30-generic 5.8.14 Uname: Linux 5.8.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu50.1 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: niraj 6806 F pulseaudio /dev/snd/pcmC0D0p: niraj 6806 F...m pulseaudio CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Mon Nov 16 14:14:33 2020 InstallationDate: Installed on 2018-09-09 (798 days ago) InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 005: ID 04ca:3018 Lite-On Technology Corp. Bus 001 Device 003: ID 13d3:5a01 IMC Networks USB2.0 VGA UVC WebCam Bus 001 Device 002: ID 0bda:0129 Realtek Semiconductor Corp. RTS5129 Card Reader Controller Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: ASUSTeK COMPUTER INC. X556URK ProcFB: 0 EFI VGA ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-28-generic root=UUID=a268e846-0346-4124-855c-4a0a45bd4c8e ro recovery nomodeset dis_ucode_ldr RelatedPackageVersions: linux-restricted-modules-5.8.0-28-generic N/A linux-backports-modules-5.8.0-28-generic N/A linux-firmware1.190.1 SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 10/24/2016 dmi.bios.release: 5.12 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: X556URK.302 dmi.board.asset.tag: ATN12345678901234567 dmi.board.name: X556URK dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: 1.0 dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: ASUSTeK COMPUTER INC. dmi.chassis.version: 1.0 dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrX556URK.302:bd10/24/2016:br5.12:svnASUSTeKCOMPUTERINC.:pnX556URK:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnX556URK:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0: dmi.product.family: X dmi.product.name: X556URK dmi.product.version: 1.0 dmi.sys.vendor: ASUSTeK COMPUTER INC. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1904391/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1919150] Re: My keyboard stop working
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1919150 Title: My keyboard stop working Status in linux package in Ubuntu: Confirmed Bug description: I am using UBUNTU 18. My keyboard and mouse do not work. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-136-generic 4.15.0-136.140 ProcVersionSignature: Ubuntu 4.15.0-136.140-generic 4.15.18 Uname: Linux 4.15.0-136-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.23 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: elham 1797 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Mon Mar 15 13:24:06 2021 HibernationDevice: RESUME=UUID=0cd3cd69-2564-4117-a21b-1c28c2a83019 InstallationDate: Installed on 2018-11-15 (850 days ago) InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725) MachineType: LENOVO 20L8S02D00 ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-136-generic root=UUID=17a0324e-ead9-4861-bdd0-60ece73973f5 ro quiet splash atkbd.reset vt.handoff=1 RelatedPackageVersions: linux-restricted-modules-4.15.0-136-generic N/A linux-backports-modules-4.15.0-136-generic N/A linux-firmware 1.173.18 SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/18/2018 dmi.bios.vendor: LENOVO dmi.bios.version: N22ET48W (1.25 ) dmi.board.asset.tag: Not Available dmi.board.name: 20L8S02D00 dmi.board.vendor: LENOVO dmi.board.version: Not Defined dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: None dmi.modalias: dmi:bvnLENOVO:bvrN22ET48W(1.25):bd07/18/2018:svnLENOVO:pn20L8S02D00:pvrThinkPadT480s:rvnLENOVO:rn20L8S02D00:rvrNotDefined:cvnLENOVO:ct10:cvrNone: dmi.product.family: ThinkPad T480s dmi.product.name: 20L8S02D00 dmi.product.version: ThinkPad T480s dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1919150/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 927225] Re: Yukon Optima 88E8059 fails to come up as a network interface when system is powered on without AC or network cable
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/927225 Title: Yukon Optima 88E8059 fails to come up as a network interface when system is powered on without AC or network cable Status in Linux: Confirmed Status in linux package in Ubuntu: Triaged Bug description: I'm sure I've seen a bug report regarding this before, but I've searched and have been unable to find it, and it has occurred in both Oneiric and now Precise. On my laptop, an HP ProBook 6555b, using a Yukon Optima 88E8059, if I do not have the charger or a network cable plugged in when I power the machine on, I am unable to use the wired network port; I have to shut down the machine and plug AC or a network cable in before powering it up again. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: linux-image-3.2.0-12-generic 3.2.0-12.21 ProcVersionSignature: Ubuntu 3.2.0-12.21-generic 3.2.2 Uname: Linux 3.2.0-12-generic x86_64 NonfreeKernelModules: wl fglrx AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 1.91-0ubuntu1 Architecture: amd64 ArecordDevices: List of CAPTURE Hardware Devices card 0: SB [HDA ATI SB], device 0: STAC92xx Analog [STAC92xx Analog] Subdevices: 1/1 Subdevice #0: subdevice #0 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: dave 2152 F pulseaudio /dev/snd/controlC0: dave 2152 F pulseaudio Card0.Amixer.info: Card hw:0 'SB'/'HDA ATI SB at 0xd650 irq 16' Mixer name : 'IDT 92HD75B3X5' Components : 'HDA:111d7603,103c1457,00100202 HDA:11c11040,103c3066,00100200' Controls : 18 Simple ctrls : 9 Card1.Amixer.info: Card hw:1 'HDMI'/'HDA ATI HDMI at 0xd641 irq 19' Mixer name : 'ATI RS690/780 HDMI' Components : 'HDA:1002791a,00791a00,0010' Controls : 4 Simple ctrls : 1 Card1.Amixer.values: Simple mixer control 'IEC958',0 Capabilities: pswitch pswitch-joined penum Playback channels: Mono Mono: Playback [on] Date: Sun Feb 5 17:07:09 2012 HibernationDevice: RESUME=UUID=08571619-07bd-4539-aaa1-abf52c468bbe InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110426) MachineType: Hewlett-Packard HP ProBook 6555b ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.2.0-12-generic root=/dev/mapper/sda1_crypt ro quiet splash acpi_os_name=Linux vt.handoff=7 PulseSinks: Error: command ['pacmd', 'list-sinks'] failed with exit code 1: Home directory /home/dave not ours. No PulseAudio daemon running, or not running as session daemon. PulseSources: Error: command ['pacmd', 'list-sources'] failed with exit code 1: Home directory /home/dave not ours. No PulseAudio daemon running, or not running as session daemon. RelatedPackageVersions: linux-restricted-modules-3.2.0-12-generic N/A linux-backports-modules-3.2.0-12-generic N/A linux-firmware1.68 SourcePackage: linux UpgradeStatus: Upgraded to precise on 2012-02-05 (0 days ago) dmi.bios.date: 01/26/2011 dmi.bios.vendor: Hewlett-Packard dmi.bios.version: 68DTM Ver. F.07 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 1455 dmi.board.vendor: Hewlett-Packard dmi.board.version: KBC Version 75.11 dmi.chassis.asset.tag: CNU1072YY7 dmi.chassis.type: 10 dmi.chassis.vendor: Hewlett-Packard dmi.modalias: dmi:bvnHewlett-Packard:bvr68DTMVer.F.07:bd01/26/2011:svnHewlett-Packard:pnHPProBook6555b:pvr:rvnHewlett-Packard:rn1455:rvrKBCVersion75.11:cvnHewlett-Packard:ct10:cvr: dmi.product.name: HP ProBook 6555b dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/927225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1696859] Re: package linux-image-4.10.0-22-generic (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1696859 Title: package linux-image-4.10.0-22-generic (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128 Status in linux package in Ubuntu: Confirmed Bug description: ... ProblemType: Package DistroRelease: Ubuntu 17.04 Package: linux-image-4.10.0-22-generic (not installed) ProcVersionSignature: Ubuntu 4.10.0-21.23-generic 4.10.11 Uname: Linux 4.10.0-21-generic x86_64 ApportVersion: 2.20.4-0ubuntu4.1 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: johnnybegood 1415 F pulseaudio /dev/snd/controlC1: johnnybegood 1415 F pulseaudio Date: Wed Jun 7 06:52:02 2017 ErrorMessage: subprocess new pre-installation script returned error exit status 128 HibernationDevice: RESUME=UUID=8e8fcdb0-767f-4fa7-a8e3-e06bf12ae742 InstallationDate: Installed on 2017-04-15 (53 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) MachineType: Hewlett-Packard HP EliteBook Folio 1020 G1 ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.10.0-21-generic.efi.signed root=UUID=9056280d-1b43-47b6-b5ed-5b796780a968 ro quiet splash vt.handoff=7 PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon. RelatedPackageVersions: grub-pc N/A SourcePackage: linux Title: package linux-image-4.10.0-22-generic (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128 UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/26/2016 dmi.bios.vendor: Hewlett-Packard dmi.bios.version: M77 Ver. 01.14 dmi.board.name: 2271 dmi.board.vendor: Hewlett-Packard dmi.board.version: KBC Version 91.50 dmi.chassis.asset.tag: 5CG5517PNY dmi.chassis.type: 10 dmi.chassis.vendor: Hewlett-Packard dmi.modalias: dmi:bvnHewlett-Packard:bvrM77Ver.01.14:bd09/26/2016:svnHewlett-Packard:pnHPEliteBookFolio1020G1:pvrA3009FD18303:rvnHewlett-Packard:rn2271:rvrKBCVersion91.50:cvnHewlett-Packard:ct10:cvr: dmi.product.name: HP EliteBook Folio 1020 G1 dmi.product.version: A3009FD18303 dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1696859/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1884207] Re: Wifi Enterprice Login Page does not appear at connect
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1884207 Title: Wifi Enterprice Login Page does not appear at connect Status in linux package in Ubuntu: Confirmed Bug description: Wifi Enterprice Login Page does not appear at connect. Therefore I cannot log in into my enterprice. Our Enterprice has a wifi where employees can login , after connect to the SID a loginpage should appear somewhere , or at least at the first request in a browser. Does not workin in Firefox (newest) and not in Chrome (newest) ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: linux-image-5.4.0-33-generic 5.4.0-33.37 ProcVersionSignature: Ubuntu 5.4.0-33.37-generic 5.4.34 Uname: Linux 5.4.0-33-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: mike 4416 F pulseaudio CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Fri Jun 19 09:51:01 2020 InstallationDate: Installed on 2019-05-16 (399 days ago) InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416) MachineType: Dell Inc. XPS 15 9570 ProcFB: 0 i915drmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-33-generic root=UUID=d4e13886-b582-4019-bf6a-200113126da3 ro mem_sleep_default=deep nouveau.modeset=0 RelatedPackageVersions: linux-restricted-modules-5.4.0-33-generic N/A linux-backports-modules-5.4.0-33-generic N/A linux-firmware1.187 SourcePackage: linux UpgradeStatus: Upgraded to focal on 2020-06-03 (15 days ago) dmi.bios.date: 04/21/2020 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.16.2 dmi.board.name: 0HWTMH dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.16.2:bd04/21/2020:svnDellInc.:pnXPS159570:pvr:rvnDellInc.:rn0HWTMH:rvrA00:cvnDellInc.:ct10:cvr: dmi.product.family: XPS dmi.product.name: XPS 15 9570 dmi.product.sku: 087C dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1884207/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1231178] Re: Altec Lansing speakers remote control not working
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1231178 Title: Altec Lansing speakers remote control not working Status in linux package in Ubuntu: Confirmed Bug description: This has been ongoing since 2010 ... I initially thought that it was a hardware (Altec-Lansing speakers and/or Altec-Lansing remote control) issue, but noting the timing of linux header updates (remote intermittently working: range ~20 minutes to a couple of weeks or more working, interspaced with prolonged periods - up to 6+ months NOT working), I believe it is linux (Ubuntu) problem. == From: Altec Lansing Customer Service Subject: Request received: Wireless remote not workling (VS 4221 speakers) (ticket #1630) Date: Fri, 4 Nov 2011 19:46:44 + Request received: Wireless remote not workling (VS 4221 speakers) (ticket #1630) Hi - Your request (#1630) has been received, and is being reviewed by our support staff. -- Hello: I have the VS 4221 speakers and two of the wireless remotes; neither of the remotes works, even with new button batteries. I cannot change the treble/bass, etc. Restarting my computer has no effect, nor doe unplugging the speakers (electrical outlet), then plugging them back in again. == - Original Message(s): - Date: 2010 Apr 24 (Sat) 14:02 From: "Altec Lansing Support" Subject: Altec Lansing vs4221 remote does not work [Incident: 100425-06] Your question has been received. You should expect a response from us within 72 hours. To access your question from our support site, click the following link or paste it into your web browser. http://alteclansing.custhelp.com/cgi- bin/alteclansing.cfg/php/enduser/acct_login.php?p_next_page=myq_upd.php&p_iid=477391&p_created=1272142931 Question Reference #100425-06 Summary: Altec Lansing VS4221 remote does not work Product Level 1: Powered Audio Product Level 2: Satellite Speaker System Date Created: 04/24/2010 02:02 PM Last Updated: 04/24/2010 02:02 PM Status: Unresolved Date of Purchase: 11/13/2009 First Name : Victoria Region: Canada Discussion Thread: Customer (Victoria S) - 04/24/2010 02:02 PM April 24, 2010 Hi: I purchased these speakers (VS4221) in Nov. 2009. This week, the remote suddenly stopped working; I thought it was the battery, but a fresh (new) battery did nothing: the remote still fails to work, at all. I cannot use the standby function,or more importantly adjust bass / treble. Please advise. Thanks, Victoria === ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: linux-image-3.2.0-53-generic 3.2.0-53.81 ProcVersionSignature: Ubuntu 3.2.0-53.81-generic 3.2.50 Uname: Linux 3.2.0-53-generic x86_64 NonfreeKernelModules: nvidia AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 2.0.1-0ubuntu17.4 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: victoria 2169 F pulseaudio /dev/snd/controlC0: victoria 2169 F pulseaudio /dev/snd/pcmC0D0p: victoria 2169 F...m pulseaudio CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. Card0.Amixer.info: Card hw:0 'Intel'/'HDA Intel at 0xeb22 irq 48' Mixer name : 'SigmaTel STAC9271D' Components : 'HDA:83847627,80863001,00100201' Controls : 44 Simple ctrls : 25 Card1.Amixer.info: Card hw:1 'U0x46d0x825'/'USB Device 0x46d:0x825 at usb-:00:1a.7-6.1, high speed' Mixer name : 'USB Mixer' Components : 'USB046d:0825' Controls : 2 Simple ctrls : 1 Card1.Amixer.values: Simple mixer control 'Mic',0 Capabilities: cvolume cvolume-joined cswitch cswitch-joined penum Capture channels: Mono Limits: Capture 0 - 6144 Mono: Capture 4608 [75%] [24.00dB] [on] Date: Wed Sep 25 15:49:08 2013 HibernationDevice: RESUME=UUID=91c758d2-001a-4a17-baba-f49fb267dd6f InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425) IwConfig: lono wireless extensions. eth0 no wireless extensions. MarkForUpload: True ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.2.0-53-generic root=UUID=7dfce011-0edb-4c59-af1c-88e4f3b85c0e ro quiet splash RelatedPackageVersions: linux-restricted-modules-3.2.0-53-generic N/A linux-backports-modules-3.2.0-53-generic N/A linux-firmware1.79.6 RfKill: SourcePackage: linux StagingDrivers: mei UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/21/2008
[Kernel-packages] [Bug 2045855] Re: package bluez 5.64-0ubuntu1.1 failed to install/upgrade: end of file on stdin at conffile prompt
hi @yudamjoo o/
Please check the end of your `DpkgTerminalLog.txt` file.
To fix CVE-2023-45866 [0] a configuration file
(`/etc/bluetooth/input.conf`) was changed. If there had been edits made
to this file before updating BlueZ, apt will ask what you want to do
with the configuration file. "Y" is likely the right option if you do
not intend to have custom changes in `/etc/bluetooth/input.conf`.
Here's an example of me asking apt to show the config differences ("D") before
accepting the new changes ("Y"):
```
$ sudo apt install bluez
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be upgraded:
bluez
1 upgraded, 0 newly installed, 0 to remove and 157 not upgraded.
Need to get 1,106 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 https://redacted.launchpadcontent.net/ubuntu-security/ppa/ubuntu
jammy/main amd64 bluez amd64 5.64-0ubuntu1.1 [1,106 kB]
Fetched 1,106 kB in 1s (884 kB/s)
(Reading database ... 161840 files and directories currently installed.)
Preparing to unpack .../bluez_5.64-0ubuntu1.1_amd64.deb ...
Unpacking bluez (5.64-0ubuntu1.1) over (5.64-0ubuntu1) ...
Setting up bluez (5.64-0ubuntu1.1) ...
Configuration file '/etc/bluetooth/input.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** input.conf (Y/I/N/O/D/Z) [default=N] ? D
--- /etc/bluetooth/input.conf 2023-03-21 08:04:20.023928226 -0500
+++ /etc/bluetooth/input.conf.dpkg-new 2023-11-29 05:31:28.0 -0600
@@ -17,8 +17,8 @@
# platforms may want to make sure that input connections only come from bonded
# device connections. Several older mice have been known for not supporting
# pairing/encryption.
-# Defaults to false to maximize device compatibility.
-ClassicBondedOnly=true
+# Defaults to true for security.
+#ClassicBondedOnly=true
# LE upgrade security
# Enables upgrades of security automatically if required.
Configuration file '/etc/bluetooth/input.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** input.conf (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/bluetooth/input.conf ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for dbus (1.12.20-2ubuntu4.1) ...
```
[0] https://ubuntu.com/security/notices/USN-6540-1
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45866
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/2045855
Title:
package bluez 5.64-0ubuntu1.1 failed to install/upgrade: end of file
on stdin at conffile prompt
Status in bluez package in Ubuntu:
New
Bug description:
I did not recognized the error.
ProblemType: Package
DistroRelease: Ubuntu 22.04
Package: bluez 5.64-0ubuntu1.1
ProcVersionSignature: Ubuntu 6.2.0-37.38~22.04.1-generic 6.2.16
Uname: Linux 6.2.0-37-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.5
AptOrdering:
bluez:amd64: Install
NULL: ConfigurePending
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Thu Dec 7 15:44:57 2023
ErrorMessage: end of file on stdin at conffile prompt
InstallationDate: Installed on 2021-01-30 (1040 days ago)
InstallationMedia: Ubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731)
InterestingModules: rfcomm bnep btusb bluetooth
MachineType: Dell Inc. OptiPlex 7010
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-37-generic
root=UUID=1aa27b2f-8d22-4b4e-931f-bd8e304ed0d4 ro quiet splash vt.handoff=7
Python3Details: /usr/bin/python3.10, Python 3.10.12, unpackaged
PythonDetails: N/A
RelatedPackageVersions:
dpkg 1.21.1ubuntu2.2
apt 2.4.11
SourcePackage: bluez
Title: package bluez 5.64-0ubuntu1.1 failed to install/upgrade: end of file
on stdin at conffile prompt
UpgradeStatus: Upgraded to jammy on 2023-03-28 (253 days ago)
dmi.bios.date: 03/25/2013
dmi.bios.release: 4.6
dmi.bios.vendor: Dell Inc.
dmi.bios.version: A13
dmi.board.name: 0GY6Y8
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 6
dmi.chassis.vendor: Dell Inc.
[Kernel-packages] [Bug 2045931] Re: ps3 sixasis controller request pin to connect to bt
Hello all o/ This is intentional. And easy to reverse. The patch for CVE-2023-45866 works as intended and is not a regression. https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/input?id=25a471a83e02e1effb15d5a488b3f0085eaeb675 If ClassicBondedOnly is not enforced, a nearby attacker can create a HID (like a keyboard and mouse) on the victims PC when bluetooth is discoverable. An HID can be used as a keyloggers or, of course, give direct control of the session. The CVE reporter has discussed this further on https://github.com/skysafe/reblog/tree/main/cve-2023-45866 And a talk and PoC release is forthcoming. Fortunately, it is easy to enable legacy devices by setting `ClassicBondedOnly=false` in `/etc/bluetooth/input.conf`, and then running `systemctl restart bluetooth`. I ver ified that a PS3 controller works well after this :) All other distros *should* be fixing this CVE. I would love it if bloggers in the Linux gaming sphere could raise awareness about this CVE and share how to enable legacy bluetooth device support. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45866 ** Changed in: bluez (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: bluez (Ubuntu) Assignee: Nishit Majithia (0xnishit) => Mark Esler (eslerm) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/2045931 Title: ps3 sixasis controller request pin to connect to bt Status in bluez package in Ubuntu: Won't Fix Bug description: Once my Ubuntu updated bluez package to 5.64-0ubuntu1.1 I was not able to connect my PS3 Sixasis controller via bluetooth. It is aking to enter a PIN in the device (not possible to enter a pin in the gamepad). Source pacakge (from "apt list -a bluez"): bluez/jammy-updates,jammy-security 5.64-0ubuntu1.1 amd64 Once downgraded to 5.64-0ubuntu1 version, gamepad connects OK again without asking for a connection PIN. Ubuntu release: Description: Ubuntu 22.04.3 LTS Release: 22.04 Package version: bluez: Installed: 5.64-0ubuntu1.1 Expected to happen: Connect PS3 Controller by Bluetooth without asking for a PIN code Happened instead: PS3 Controller cannot connect because PIN code is requested To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/2045931/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2046116] Re: bluetooth device connected but not recognised as output device
hi @werdem o/ What bluetooth device are you using? Your version of BlueZ has a security patch for vulnerability CVE-2023-45866 which disables support for certain legacy bluetooth devices. If your device does not support Classic Bonding, you can re-enable it by setting `ClassicBondedOnly=false` in `/etc/bluetooth/input.conf`, and then running `systemctl restart bluetooth`. More info in https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/2045931/comments/6 Please let me know if that enables your device. Keep in mind that enabling legacy devices enables the exploit. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45866 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/2046116 Title: bluetooth device connected but not recognised as output device Status in bluez package in Ubuntu: New Bug description: bluetooth device connected but not recognised as output device ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: bluez 5.64-0ubuntu1.1 ProcVersionSignature: Ubuntu 6.2.0-37.38~22.04.1-generic 6.2.16 Uname: Linux 6.2.0-37-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.4 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Mon Dec 11 15:28:00 2023 InterestingModules: rfcomm bnep btusb bluetooth MachineType: LENOVO 81EK ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-37-generic root=UUID=6f698382-a806-46af-9a4b-472e96795c6f ro quiet splash vt.handoff=7 SourcePackage: bluez UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 08/02/2018 dmi.bios.release: 1.28 dmi.bios.vendor: LENOVO dmi.bios.version: 7QCN28WW dmi.board.asset.tag: NO Asset Tag dmi.board.name: LNVNB161216 dmi.board.vendor: LENOVO dmi.board.version: SDK0J40709 WIN dmi.chassis.asset.tag: NO Asset Tag dmi.chassis.type: 31 dmi.chassis.vendor: LENOVO dmi.chassis.version: Lenovo YOGA 530-14IKB dmi.ec.firmware.release: 1.28 dmi.modalias: dmi:bvnLENOVO:bvr7QCN28WW:bd08/02/2018:br1.28:efr1.28:svnLENOVO:pn81EK:pvrLenovoYOGA530-14IKB:rvnLENOVO:rnLNVNB161216:rvrSDK0J40709WIN:cvnLENOVO:ct31:cvrLenovoYOGA530-14IKB:skuLENOVO_MT_81EK_BU_idea_FM_YOGA530-14IKB: dmi.product.family: YOGA 530-14IKB dmi.product.name: 81EK dmi.product.sku: LENOVO_MT_81EK_BU_idea_FM_YOGA 530-14IKB dmi.product.version: Lenovo YOGA 530-14IKB dmi.sys.vendor: LENOVO hciconfig: hci0:Type: Primary Bus: USB BD Address: 0C:54:15:91:FA:4F ACL MTU: 1021:5 SCO MTU: 96:6 UP RUNNING PSCAN RX bytes:83770 acl:295 sco:0 events:4208 errors:0 TX bytes:879445 acl:1667 sco:0 commands:1184 errors:0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/2046116/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2062667] Re: Fails on (and should be removed from) raspi desktop
This impacts all arm64 installs, not just raspberry pi. The MIR for qrtr and protection-domain-mapper [0] was requested late in the Mantic cycle and was only approved by Security since it was promised to only be used for x13s hardware enablement. Hopefully Qualcomm IPC is only enabled for x13s kernels. As noted in the qrtr MIR: > We should be cautious of IPC routers running root permissions. Similar code > has > enabled vendor backdoors [1]. Furthermore, qrtr has nearly no documentation and has no inline code comments [2]. Please remove this from the mantic and noble's ubuntu-meta package. [0] https://bugs.launchpad.net/ubuntu/+source/qrtr/+bug/2038942 [1] https://redmine.replicant.us/projects/replicant/wiki/samsunggalaxybackdoor [2] https://github.com/linux-msm/qrtr -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to qrtr in Ubuntu. https://bugs.launchpad.net/bugs/2062667 Title: Fails on (and should be removed from) raspi desktop Status in protection-domain-mapper package in Ubuntu: Confirmed Status in qrtr package in Ubuntu: Confirmed Status in ubuntu-meta package in Ubuntu: Confirmed Bug description: The protection-domain-mapper package (and qrtr-tools) are both installed by default on the Ubuntu Desktop for Raspberry Pi images, thanks to their inclusion in the desktop-minimal seed for arm64. However, there's no hardware that they target on these platforms, and the result is a permanently failed service (pd-mapper.service). It appears these were added to support the X13s laptop [1]. I've attempted to work around the issue by excluding these packages in the desktop-raspi seed (experimentally in my no-pd-mapper branch [2]) but this does not work (the packages still appear in the built images). Ideally, these packages should be moved into a hardware-specific seed for the X13s (and/or whatever other laptops need these things). Alternatively, at a bare minimum, the package should have some conditional that causes the service not to attempt to start when it's not on Qualcomm hardware. [1]: https://git.launchpad.net/~ubuntu-core-dev/ubuntu- seeds/+git/ubuntu/commit/desktop- minimal?id=afe820cd49514896e96d02303298ed873d8d7f8a [2]: https://git.launchpad.net/~waveform/ubuntu- seeds/+git/ubuntu/commit/?id=875bddac19675f7e971f56d9c5d39a9912dc6e38 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/protection-domain-mapper/+bug/2062667/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2073500] Re: Ubuntu RT2x00 USB Driver Kernel Use-After-Free Vulnerability
This issue was reported publicly to https://lore.kernel.org/linux- wireless/caov16xesck0-smenjfxvwikqogbj4pqwa2dvjbvwq-g+ntv...@mail.gmail.com/T/#u Therefore, I am making this bug report public as well. The new report claims that "Debian systems are not affected.". If Ubuntu is truly the only distro affected, the Canonical CNA can assign a CVE. Otherwise, CVE assignment should be made by upstream, MITRE, or a Root CNA like Red Hat. To restate this, it is not known if Ubuntu is an affected downstream of this vulnerability or if the issue truly originates in Ubuntu as the upstream provider. My hunch is the prior. ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2073500 Title: Ubuntu RT2x00 USB Driver Kernel Use-After-Free Vulnerability Status in linux package in Ubuntu: New Bug description: Description: While performing USB interface fuzzing tests on a NetGear WNDA4100 network card (Bus 001 Device 018: ID 0846:9013), I observed a system crash on multiple PCs running Ubuntu 22.04. The issue appears to be related to the USB drivers or kernel handling of the device, as indicated by the kernel logs. Impact: Affected systems include Ubuntu 22.04 running on different hardware configurations with the NetGear WNDA4100 network card. This vulnerability may allow an attacker to trigger a system crash through the USB interface, leading to denial of service. Reproduction Steps: Connect the NetGear WNDA4100 network card (ID 0846:9013) to a system running Ubuntu 22.04. Run the provided fuzzing script to interact with the USB interface of the network card. Observe the system behavior and check for crashes or instability. Logs and Error Messages: The following are excerpts from the kernel log during the crash: [ +0.351900] [ cut here ] [ +0.03] WARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1738 __run_timers+0x2dd/0x310 [ +0.07] Modules linked in: veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user tls xfrm_algo xt_addrtype nft_compat nf_tables libcrc32c nfnetlink br_netfilter bridge stp llc ccm snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_sof_pci_intel_tgl snd_sof_intel_hda_common soundwire_intel snd_sof_intel_hda_mlink soundwire_cadence snd_sof_intel_hda snd_sof_pci intel_uncore_frequency snd_sof_xtensa_dsp intel_uncore_frequency_common joydev overlay snd_sof snd_sof_utils snd_soc_hdac_hda snd_hda_ext_core snd_soc_acpi_intel_match snd_soc_acpi soundwire_generic_allocation soundwire_bus snd_soc_core snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi x86_pkg_temp_thermal snd_hda_codec intel_powerclamp coretemp snd_hda_core snd_hwdep snd_pcm kvm_intel snd_seq_midi i915 kvm snd_seq_midi_event rt2800usb snd_rawmidi uvcvideo irqbypass iwlmvm rt2x00usb crct10dif_pclmul rt2800lib [ +0.34] polyval_clmulni videobuf2_vmalloc polyval_generic drm_buddy uvc ghash_clmulni_intel rt2x00lib videobuf2_memops sha256_ssse3 ttm snd_seq videobuf2_v4l2 sha1_ssse3 aesni_intel binfmt_misc mei_hdcp mei_pxp drm_display_helper crypto_simd videodev snd_seq_device pmt_telemetry cryptd mac80211 iwlwifi pmt_class intel_rapl_msr nls_iso8859_1 cmdlinepart input_leds snd_timer cec rapl huawei_wmi videobuf2_common processor_thermal_device_pci ledtrig_audio spi_nor rc_core processor_thermal_device intel_cstate wmi_bmof sparse_keymap libarc4 serio_raw mc snd cfg80211 drm_kms_helper mei_me mtd processor_thermal_rfim hid_multitouch processor_thermal_mbox i2c_algo_bit mei soundcore processor_thermal_rapl intel_vsec intel_rapl_common int3400_thermal int3403_thermal int340x_thermal_zone acpi_thermal_rel mac_hid acpi_pad sch_fq_codel msr parport_pc ppdev lp parport drm efi_pstore ip_tables x_tables autofs4 hid_generic nvme crc32_pclmul nvme_core spi_intel_pci intel_lpss_pci i2c_i801 spi_intel xhci_pci intel_lpss nvme_common [ +0.42] i2c_smbus xhci_pci_renesas idma64 i2c_hid_acpi i2c_hid video hid wmi pinctrl_tigerlake [ +0.05] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 6.5.0-35-generic #35~22.04.1-Ubuntu [ +0.02] Hardware name: HONOR GLO-GXXX/GLO-GXXX-PCB, BIOS 1.09 06/27/2023 [ +0.00] RIP: 0010:__run_timers+0x2dd/0x310 [ +0.03] Code: 3e 02 48 85 c0 74 0c 48 8b 78 08 4c 89 ee e8 ba cf ff ff 65 ff 0d 2b 1e 44 57 0f 85 38 ff ff ff 0f 1f 44 00 00 e9 2e ff ff ff <0f> 0b e9 0b ff ff ff 41 0f b6 5f 26 80 fb 01 0f 87 44 da ec 00 83 [ +0.01] RSP: 0018:aedb4048cea0 EFLAGS: 00010046 [ +0.01] RAX: RBX: RCX: [ +0.01] RDX: aedb4048ced0 RSI: 7618 RDI: [ +0.01] RBP: aedb4
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
Thank you @superm1 and @juergh! I have not made packages outside of security patches and I immensely appreciate the advice. Since not everyone who needs linux-firmware wants amd64-micocode, I believe it should be #9: "Reorg: A and B existed; move some files from A to B; new A does not require new B". So linux-firmware needs: Depends: amd64-microcode (
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
In the above comment I did not apply rule 9 to linux-firmware properly. Since the next linux-firmware version number is unknown, the amd64-microcode relationship to linux-firmware will use earlier or equal to (<=) the current linux-firmware version https://www.debian.org/doc/debian-policy/ch-relationships.html So linux-firmware needs: Breaks: amd64-microcode (<< 3.20220411.1ubuntu1) [amd64] and amd64-microcode needs: Breaks: linux-firmware (<= 20220711.gitdfa29317-0ubuntu1) Replaces: linux-firmware (<= 20220711.gitdfa29317-0ubuntu1) Keeping replaces feels odd. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: In Progress Status in linux-firmware package in Ubuntu: In Progress Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
An updated merge is ready for review.
https://launchpad.net/~eslerm/+archive/ubuntu/share2/+sourcepub/13867943/+listing-archive-extra
This package has a d/control with:
```
Source: amd64-microcode
Section: non-free/admin
Priority: standard
Maintainer: Ubuntu Developers
XSBC-Original-Maintainer: Henrique de Moraes Holschuh
Uploaders: Giacomo Catenazzi
Build-Depends: debhelper (>= 9)
Standards-Version: 3.9.8
Vcs-Git: https://salsa.debian.org/hmh/amd64-microcode.git
Vcs-Browser: https://salsa.debian.org/hmh/amd64-microcode
XS-Autobuild: yes
Package: amd64-microcode
Architecture: i386 amd64 x32
Recommends: initramfs-tools (>= 0.113~) | dracut (>= 044) | tiny-initramfs
Depends: ${misc:Depends}
Breaks: intel-microcode (<< 2), linux-firmware (<=
20220711.gitdfa29317-0ubuntu1)
Replaces: linux-firmware (<= 20220711.gitdfa29317-0ubuntu1)
Description: Processor microcode firmware for AMD CPUs
This package contains microcode patches for all AMD AMD64
processors. AMD releases microcode patches to correct
processor behavior as documented in the respective processor
revision guides. This package includes both AMD CPU microcode
patches and AMD SEV firmware updates.
.
For Intel processors, please refer to the intel-microcode package.
```
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-firmware in Ubuntu.
https://bugs.launchpad.net/bugs/1983409
Title:
Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable
(non-free)
Status in amd64-microcode package in Ubuntu:
In Progress
Status in linux-firmware package in Ubuntu:
In Progress
Bug description:
Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2
to 3.20220411.1ubuntu1.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
@vorlon suggested to use "linux-firmware (<< 20220711.gitdfa29317-0~)" to make this SRU-proof for the future. d/control now contains: ``` Breaks: intel-microcode (<< 2), linux-firmware (<< 20220711.gitdfa29317-0~) Replaces: linux-firmware (<< 20220711.gitdfa29317-0~) ``` Please see the latest proposed merge: https://launchpad.net/~eslerm/+archive/ubuntu/share3/+sourcepub/13868029/+listing-archive-extra -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: In Progress Status in linux-firmware package in Ubuntu: In Progress Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
Please see the proposed diff for the next linux-firmware update: https://launchpad.net/~eslerm/+archive/ubuntu/share/+sourcepub/13868068/+listing-archive-extra I was not able to specify [amd64] in the Breaks line, since that broke build: "error: the Breaks field ... 'linux-firmware' is architecture all" -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: In Progress Status in linux-firmware package in Ubuntu: In Progress Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
** Changed in: amd64-microcode (Ubuntu) Assignee: Mark Esler (eslerm) => (unassigned) ** Changed in: linux-firmware (Ubuntu) Assignee: Mark Esler (eslerm) => (unassigned) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: In Progress Status in linux-firmware package in Ubuntu: In Progress Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
I am setting this to confirmed and assigning owning teams per https://wiki.ubuntu.com/UbuntuDevelopment/Merging Please let me know if I assigned teams incorrectly or if I can do more work for this merge. ** Changed in: amd64-microcode (Ubuntu) Status: In Progress => Confirmed ** Changed in: linux-firmware (Ubuntu) Status: In Progress => Confirmed ** Changed in: amd64-microcode (Ubuntu) Assignee: (unassigned) => Canonical Foundations Team (canonical-foundations) ** Changed in: linux-firmware (Ubuntu) Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: Confirmed Status in linux-firmware package in Ubuntu: Confirmed Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1986796] Re: amd64-microcode conflicts with linux-firmware
The conflicts are resolved with patches for amd64-microcode and linux- firmware here: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1986796 Title: amd64-microcode conflicts with linux-firmware Status in amd64-microcode package in Ubuntu: Triaged Status in linux-firmware package in Ubuntu: Triaged Bug description: Occurs on kubuntu, gnome and xfce versions of kinetic proposed -- most recent updates ProblemType: Bug DistroRelease: Ubuntu 22.10 Package: amd64-microcode 3.20191218.1ubuntu2 ProcVersionSignature: Ubuntu 5.19.0-15.15-generic 5.19.0 Uname: Linux 5.19.0-15-generic x86_64 ApportVersion: 2.22.0-0ubuntu4 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Wed Aug 17 08:07:09 2022 InstallationDate: Installed on 2022-06-10 (67 days ago) InstallationMedia: Xubuntu 22.10 "Kinetic Kudu" - Alpha amd64 (20220610) SourcePackage: amd64-microcode UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1986796/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
@juergh, the amd64-microcode in kinetic proposed could be fixed by using the control file in https://launchpad.net/~eslerm/+archive/ubuntu/share3/+sourcepub/13868029/+listing- archive-extra -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: Fix Committed Status in linux-firmware package in Ubuntu: Fix Committed Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
The current version of linux-firmware (20220819.git8413c63c-0ubuntu1) contains a Breaks line with: `amd64-microcode (<= 3.20220411.1ubuntu1)`. The linux-firmware patch proposed in comment 16 contains a Breaks line with: `amd64-microcode (<< 3.20220411.1~)`. The patch in comment 16 works. Using the Breaks line `amd64-microcode (<< 3.20220411.1~)` in the current version of linux-firmware (20220819.git8413c63c-0ubuntu1) I was able to install both linux-firmware and amd64-microcode in a fresh kinetic VM with: sudo apt install linux-firmware sudo apt --fix-broken install sudo apt install linux-firmware eslerm@sec-kinetic-amd64:~$ apt-cache policy linux-firmware linux-firmware: Installed: 20220819.git8413c63c-0ubuntu3 Candidate: 20220819.git8413c63c-0ubuntu3 Version table: *** 20220819.git8413c63c-0ubuntu3 500 500 http://192.168.122.1/debs/testing kinetic/ Packages 100 /var/lib/dpkg/status 20220819.git8413c63c-0ubuntu2 500 500 http://archive.ubuntu.com/ubuntu kinetic-proposed/main amd64 Packages 500 http://archive.ubuntu.com/ubuntu kinetic-proposed/main i386 Packages 20220711.gitdfa29317-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu kinetic/main amd64 Packages 500 http://archive.ubuntu.com/ubuntu kinetic/main i386 Packages eslerm@sec-kinetic-amd64:~$ apt-cache policy amd64-microcode amd64-microcode: Installed: 3.20220411.1ubuntu2 Candidate: 3.20220411.1ubuntu2 Version table: *** 3.20220411.1ubuntu2 500 500 http://archive.ubuntu.com/ubuntu kinetic-proposed/main amd64 Packages 100 /var/lib/dpkg/status 3.20191218.1ubuntu2 500 500 http://archive.ubuntu.com/ubuntu kinetic/main amd64 Packages ** Changed in: amd64-microcode (Ubuntu) Importance: Medium => Critical ** Changed in: linux-firmware (Ubuntu) Importance: Medium => Critical -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: Triaged Status in linux-firmware package in Ubuntu: Fix Committed Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
\o/ woo! Thanks everyone who helped get this into Kinetic before feature freeze! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: Triaged Status in linux-firmware package in Ubuntu: Fix Committed Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1983409] Re: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free)
Juerg, yes. The Breaks line of comment 15 used the most recently available version (<< 20220711.gitdfa29317-0~). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-firmware in Ubuntu. https://bugs.launchpad.net/bugs/1983409 Title: Please merge amd64-microcode 3.20220411.1 (main) from Debian unstable (non-free) Status in amd64-microcode package in Ubuntu: Triaged Status in linux-firmware package in Ubuntu: Fix Committed Bug description: Request to update amd64-micrcode in kinetic from 3.20191218.1ubuntu2 to 3.20220411.1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1983409/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2080555] Re: ubunutu 20 has many vulnerability for the package linux-aws-5.15
For the 8 non-kernel cves, I matched our internal priority to NVDs CVSS ratings when higher. https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=ef4355cdd0cb2677d21681b42615d7208eb0c187 ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-aws-5.15 in Ubuntu. https://bugs.launchpad.net/bugs/2080555 Title: ubunutu 20 has many vulnerability for the package linux-aws-5.15 Status in linux-aws-5.15 package in Ubuntu: New Bug description: Hello Team, We are testing the ubunutu 20 AMI and it has more than 200+ vulnerability for the package linux-aws-5.15 AMI - ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20240821 AMI-ID - ami-079467ea8dd191734 Region - us-west-2 We are reaching out to check if there is any ETA we can expect the patched version of this package Regards, Varun Agarwal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws-5.15/+bug/2080555/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
