OOB write on BPF_RINGBUF

This bug was fixed in the package linux - 5.13.0-25.26

---------------
linux (5.13.0-25.26) impish; urgency=medium

  * amdgpu hangs for 90 seconds at a time in 5.13.0-23, but 5.13.0-22 works
    (LP: #1956401)
    - drm/amdkfd: fix boot failure when iommu is disabled in Picasso.

  * OOB write on BPF_RINGBUF (LP: #1956585)
    - SAUCE: bpf: prevent helper argument PTR_TO_ALLOC_MEM to have offset other
      than 0

 -- Kleber Sacilotto de Souza <email address hidden> Fri, 07 Jan 2022 16:16:40 +0100

This was assigned CVE-2021-4204.

I applied 'sudo sysctl kernel.unprivileged_bpf_disabled=1'

But it is still failed while install 'sudo apt install linux-image-5.11.0-46-generic'

dpkg: error processing archive /var/cache/apt/archives/linux-image-5.11.0-46-generic_5.11.0-46.51~20.04.1_amd64.deb (--unpack):
 unable to open '/boot/vmlinuz-5.11.0-46-generic.dpkg-new': Operation not permitted

Nguyen, do you have any antivirus tools installed? That's the usual cause of errors like this.

Thanks

Hello Seth,

Yes I've just installed McAfee antivirus. So should I remove antivirus tool?

Thank you,
Tu

Yes, hopefully you can do that without resorting to a rescue image. Booting with `init=/bin/bash` may help if you can't uninstall it gently.

Thanks

This bug is awaiting verification that the linux-gcp-5.13/5.13.0-1013.16~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

The fix for this bug has been awaiting testing feedback in the -proposed repository for focal for more than 90 days. Please test this fix and update the bug appropriately with the results. In the event that the fix for this bug is still not verified 15 days from now, the package will be removed from the -proposed repository.