Public bug reported:

When a feature abi that does not support network rules is loaded into a
kernel that does, the policy is incorrectly enforced resulting in
network denials.

The kernel should be correctly enforcing the feature abi by not applying
the network mediation that is explicitly not supported by the specified
feature abi.

** Affects: apparmor (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Trusty)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Zesty)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Artful)
     Importance: Undecided
         Status: New

** Also affects: apparmor (Ubuntu Artful)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Xenial)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1728123

Title:
  network rules for policy versions that don't support network rules are
  broken

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1728123/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to