Ubuntu
linux package

Activity log for bug #2035116

Date	Who	What changed	Old value	New value	Message
2023-09-11 15:15:31	Thadeu Lima de Souza Cascardo	bug			added bug
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	nominated for series		Ubuntu Mantic
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	bug task added		linux (Ubuntu Mantic)
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	nominated for series		Ubuntu Lunar
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	bug task added		linux (Ubuntu Lunar)
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	nominated for series		Ubuntu Focal
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	bug task added		linux (Ubuntu Focal)
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	nominated for series		Ubuntu Jammy
2023-09-11 15:15:45	Thadeu Lima de Souza Cascardo	bug task added		linux (Ubuntu Jammy)
2023-09-11 15:27:40	Thadeu Lima de Souza Cascardo	linux (Ubuntu Focal): importance	Undecided	Medium
2023-09-11 15:27:43	Thadeu Lima de Souza Cascardo	linux (Ubuntu Jammy): importance	Undecided	Medium
2023-09-11 15:27:46	Thadeu Lima de Souza Cascardo	linux (Ubuntu Lunar): importance	Undecided	Medium
2023-09-11 15:27:49	Thadeu Lima de Souza Cascardo	linux (Ubuntu Mantic): importance	Undecided	Medium
2023-09-11 15:27:52	Thadeu Lima de Souza Cascardo	linux (Ubuntu Mantic): assignee		Thadeu Lima de Souza Cascardo (cascardo)
2023-09-11 15:27:55	Thadeu Lima de Souza Cascardo	linux (Ubuntu Lunar): assignee		Thadeu Lima de Souza Cascardo (cascardo)
2023-09-11 15:27:58	Thadeu Lima de Souza Cascardo	linux (Ubuntu Jammy): assignee		Thadeu Lima de Souza Cascardo (cascardo)
2023-09-11 15:28:00	Thadeu Lima de Souza Cascardo	linux (Ubuntu Focal): assignee		Thadeu Lima de Souza Cascardo (cascardo)
2023-09-11 15:30:06	Ubuntu Kernel Bot	linux (Ubuntu): status	New	Incomplete
2023-09-11 15:30:07	Ubuntu Kernel Bot	linux (Ubuntu Focal): status	New	Incomplete
2023-09-11 15:30:08	Ubuntu Kernel Bot	linux (Ubuntu Jammy): status	New	Incomplete
2023-09-11 15:30:09	Ubuntu Kernel Bot	linux (Ubuntu Lunar): status	New	Incomplete
2023-09-11 15:30:33	Thadeu Lima de Souza Cascardo	linux (Ubuntu Mantic): status	Incomplete	In Progress
2023-09-11 15:30:37	Thadeu Lima de Souza Cascardo	linux (Ubuntu Lunar): status	Incomplete	In Progress
2023-09-11 15:30:41	Thadeu Lima de Souza Cascardo	linux (Ubuntu Jammy): status	Incomplete	Triaged
2023-09-11 15:30:45	Thadeu Lima de Souza Cascardo	linux (Ubuntu Focal): status	Incomplete	Triaged
2023-09-11 18:23:28	Thadeu Lima de Souza Cascardo	description	[Impact] io_uring has been an important attack vector in the recent years in local privilege escalation attacks. Allowing admins that don't use io_uring to disable it in their systems allows them to reduce their attack surface. [Test case] sysctl -w kernel.io_uring_disabled=1 then try to use io_uring from an unprivileged user, then try it with privileges (CAP_SYS_ADMIN) [Potential regression] Uses can be denied from using io_uring.	[Impact] io_uring has been an important attack vector in the recent years in local privilege escalation attacks. Allowing admins that don't use io_uring to disable it in their systems allows them to reduce their attack surface. [Test case] sysctl -w kernel.io_uring_disabled=1 then try to use io_uring from an unprivileged user, then try it with privileges (CAP_SYS_ADMIN) Actually also tried setting kernel.io_uring_disabled=2 and checking that neither (privileged or unprivileged worked). Then testing setting it back to 0. Then tested with io_uring_disabled set to 1 and io_uring_group=1000 and that it worked for group 1000, then set it to 1001 and verified that it didn't work anymore for group 1000. [Potential regression] Uses can be denied from using io_uring.
2023-09-15 13:14:29	Timo Aaltonen	bug task added		linux-oem-6.1 (Ubuntu)
2023-09-15 13:14:37	Timo Aaltonen	linux-oem-6.1 (Ubuntu Jammy): status	New	Fix Committed
2023-09-15 13:14:43	Timo Aaltonen	linux-oem-6.1 (Ubuntu Focal): status	New	Invalid
2023-09-15 13:14:51	Timo Aaltonen	linux-oem-6.1 (Ubuntu Lunar): status	New	Invalid
2023-09-15 13:14:58	Timo Aaltonen	linux-oem-6.1 (Ubuntu Mantic): status	New	Invalid
2023-09-15 23:16:19	Ubuntu Kernel Bot	tags		kernel-spammed-jammy-linux-oem-6.1-v2 verification-needed-jammy-linux-oem-6.1
2023-10-04 09:34:13	Stefan Bader	linux (Ubuntu Lunar): status	In Progress	Fix Committed
2023-10-04 09:35:38	Stefan Bader	linux (Ubuntu Mantic): status	In Progress	Fix Committed
2023-10-04 15:38:16	Launchpad Janitor	linux-oem-6.1 (Ubuntu Jammy): status	Fix Committed	Fix Released
2023-10-04 15:38:16	Launchpad Janitor	cve linked		2023-20569
2023-10-04 15:55:26	Stefan Bader	linux (Ubuntu Jammy): status	Triaged	Fix Committed
2023-10-04 15:55:39	Stefan Bader	linux (Ubuntu Focal): status	Triaged	Fix Committed
2023-10-05 12:42:48	Ubuntu Kernel Bot	tags	kernel-spammed-jammy-linux-oem-6.1-v2 verification-needed-jammy-linux-oem-6.1	kernel-spammed-jammy-linux-oem-6.1-v2 kernel-spammed-jammy-linux-v2 verification-needed-jammy-linux verification-needed-jammy-linux-oem-6.1
2023-10-05 21:20:37	Ubuntu Kernel Bot	tags	kernel-spammed-jammy-linux-oem-6.1-v2 kernel-spammed-jammy-linux-v2 verification-needed-jammy-linux verification-needed-jammy-linux-oem-6.1	kernel-spammed-focal-linux-v2 kernel-spammed-jammy-linux-oem-6.1-v2 kernel-spammed-jammy-linux-v2 verification-needed-focal-linux verification-needed-jammy-linux verification-needed-jammy-linux-oem-6.1
2023-10-06 11:23:25	Ubuntu Kernel Bot	tags	kernel-spammed-focal-linux-v2 kernel-spammed-jammy-linux-oem-6.1-v2 kernel-spammed-jammy-linux-v2 verification-needed-focal-linux verification-needed-jammy-linux verification-needed-jammy-linux-oem-6.1	kernel-spammed-focal-linux-v2 kernel-spammed-jammy-linux-oem-6.1-v2 kernel-spammed-jammy-linux-v2 kernel-spammed-lunar-linux-v2 verification-needed-focal-linux verification-needed-jammy-linux verification-needed-jammy-linux-oem-6.1 verification-needed-lunar-linux

Ubuntulinux package

Activity log for bug #2035116

Ubuntu
linux package