Ubuntu
linux package

Bug #2016269
Activity log

Activity log for bug #2016269

Date	Who	What changed	Old value	New value	Message
2023-04-14 08:47:20	Nicolas Dichtel	bug			added bug
2023-04-14 08:48:06	Nicolas Dichtel	bug			added subscriber 6WIND
2023-04-14 08:52:45	Nicolas Dichtel	description	[Impact] after the last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained.	[Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained.
2023-04-14 09:00:07	Ubuntu Kernel Bot	linux (Ubuntu): status	New	Incomplete
2023-04-18 18:57:22	Luke Nowakowski-Krijger	nominated for series		Ubuntu Jammy
2023-04-18 18:57:22	Luke Nowakowski-Krijger	bug task added		linux (Ubuntu Jammy)
2023-04-18 18:57:22	Luke Nowakowski-Krijger	nominated for series		Ubuntu Kinetic
2023-04-18 18:57:22	Luke Nowakowski-Krijger	bug task added		linux (Ubuntu Kinetic)
2023-04-18 18:57:32	Luke Nowakowski-Krijger	linux (Ubuntu): status	Incomplete	In Progress
2023-04-18 18:57:37	Luke Nowakowski-Krijger	linux (Ubuntu): assignee		Luke Nowakowski-Krijger (lukenow)
2023-05-10 13:30:51	Luke Nowakowski-Krijger	description	[Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained.	SRU justification sent to ML: [Impact] There was a commit 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark") that introduces a regression where the "mark" variable is no longer dumped in netlink netfilter conntrack messages, which userspace tools use to mark and track connections. [Fix] Introduce the upstream fix 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type") that always dumps the 'mark' variable for conntrack entries. This fix has also landed in 5.15 upstream stable. [Test] Run 'conntrack -E' and check the output of connection entries. The 'mark' variable should now be present in connection entries after the fix. before fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 after fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 [Where problems could occur] The fixes are pretty straight forward so regression potential should be minimal. ---------------------------------------- [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained.
2023-05-10 15:53:27	Luke Nowakowski-Krijger	linux (Ubuntu Jammy): status	New	Confirmed
2023-05-10 15:53:27	Luke Nowakowski-Krijger	linux (Ubuntu Kinetic): status	New	Confirmed
2023-05-10 15:53:35	Luke Nowakowski-Krijger	linux (Ubuntu): status	In Progress	Invalid
2023-05-10 15:54:17	Luke Nowakowski-Krijger	linux (Ubuntu Jammy): status	Confirmed	In Progress
2023-05-10 15:54:19	Luke Nowakowski-Krijger	linux (Ubuntu Kinetic): status	Confirmed	In Progress
2023-05-11 15:35:33	Luke Nowakowski-Krijger	linux (Ubuntu Jammy): status	In Progress	Fix Committed
2023-05-11 15:35:35	Luke Nowakowski-Krijger	linux (Ubuntu Kinetic): status	In Progress	Fix Committed
2023-05-15 20:16:25	Ubuntu Kernel Bot	tags		kernel-spammed-jammy-linux verification-needed-jammy
2023-05-16 14:55:15	Nicolas Dichtel	tags	kernel-spammed-jammy-linux verification-needed-jammy	kernel-spammed-jammy-linux verification-done-jammy
2023-05-17 22:01:05	Ubuntu Kernel Bot	tags	kernel-spammed-jammy-linux verification-done-jammy	kernel-spammed-jammy-linux kernel-spammed-kinetic-linux verification-done-jammy verification-needed-kinetic
2023-05-22 11:18:11	Nicolas Dichtel	tags	kernel-spammed-jammy-linux kernel-spammed-kinetic-linux verification-done-jammy verification-needed-kinetic	kernel-spammed-jammy-linux kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic
2023-06-06 16:34:27	Ubuntu Kernel Bot	tags	kernel-spammed-jammy-linux kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic	kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-kinetic verification-needed-jammy
2023-06-08 14:40:55	Nicolas Dichtel	tags	kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-kinetic verification-needed-jammy	kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic
2023-06-13 20:01:25	Ubuntu Kernel Bot	tags	kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic verification-needed-focal
2023-06-15 22:17:27	Launchpad Janitor	linux (Ubuntu Jammy): status	Fix Committed	Fix Released
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-1380
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-1670
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-1859
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-2612
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-30456
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-31436
2023-06-15 22:17:27	Launchpad Janitor	cve linked		2023-32233
2023-06-15 22:20:36	Launchpad Janitor	linux (Ubuntu Kinetic): status	Fix Committed	Fix Released
2023-06-15 22:20:36	Launchpad Janitor	cve linked		2022-4269
2023-06-16 12:50:44	Nicolas Dichtel	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-jammy verification-done-kinetic verification-needed-focal	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-focal verification-done-jammy verification-done-kinetic
2023-07-10 19:31:29	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-kinetic-linux verification-done-focal verification-done-jammy verification-done-kinetic	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy
2023-07-13 02:26:05	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy
2023-07-19 09:39:04	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-azure kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy
2023-07-19 13:24:51	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-azure kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-aws kernel-spammed-jammy-linux-azure kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy
2023-09-09 14:18:16	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-aws kernel-spammed-jammy-linux-azure kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-jammy	kernel-spammed-focal-linux-aws-5.15-v2 kernel-spammed-focal-linux-intel-iotg-5.15 kernel-spammed-jammy-linux kernel-spammed-jammy-linux-aws kernel-spammed-jammy-linux-azure kernel-spammed-jammy-linux-nvidia-5.19 kernel-spammed-jammy-linux-nvidia-tegra kernel-spammed-jammy-linux-nvidia-tegra-igx kernel-spammed-kinetic-linux verification-done-focal verification-done-kinetic verification-needed-focal-linux-aws-5.15 verification-needed-jammy

Ubuntulinux package

Activity log for bug #2016269

Ubuntu
linux package