Bug#978753: usercopy: Kernel memory exposure attempt

To: Salvatore Bonaccorso <carnil@debian.org>, 978753@bugs.debian.org
Subject: Bug#978753: usercopy: Kernel memory exposure attempt
From: Markus Bäcklund <markus.backlund@pp.inet.fi>
Date: Thu, 7 Jan 2021 14:45:40 +0200
Message-id: <[🔎] fd348abf-10cf-9d82-eb75-b5d6ebedea48@pp.inet.fi>
Reply-to: Markus Bäcklund <markus.backlund@pp.inet.fi>, 978753@bugs.debian.org
In-reply-to: <X+3Te2TPdTKyr8y6@eldamar.lan>
References: <160941154750.28063.4714443212521339046.reportbug@pullasorsa> <X+3Te2TPdTKyr8y6@eldamar.lan> <160941154750.28063.4714443212521339046.reportbug@pullasorsa>

Hi,

I already upgraded my system completely. Kernel version 5.4.86 wasinstalled after this error and thus included in the report.


How can I provide kernel log now?


Best regards,

Markus


On 31/12/2020 15.34, Salvatore Bonaccorso wrote:

Control: tags -1 + moreinfo

Hi Markus,

Thanks for your report.

On Thu, Dec 31, 2020 at 12:45:47PM +0200, Markus Bäcklund wrote:

Package: src:linux-image-4.19.0-13-amd64
Version: 4.19.160-2
Severity: critical
Justification: breaks the whole system



-- Package-specific info:
** Kernel log: boot messages should be attached


-- System Information:
Debian Release: 10.7
   APT prefers stable-updates
   APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.86 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_UNSIGNED_MODULE

5.4.86 is not a Debian kernel in buster and was tainted. Can you
please provide the kernel logs as well? This might give some better
clue.

Regards,
Salvatore

Reply to:

Prev by Date: Processed: reassign 979505 to src:linux, forcibly merging 972968 979505
Next by Date: linux_5.9.15-1~bpo10+1_source.changes ACCEPTED into buster-backports, buster-backports
Previous by thread: Processed: reassign 979505 to src:linux, forcibly merging 972968 979505
Next by thread: linux_5.9.15-1~bpo10+1_source.changes ACCEPTED into buster-backports, buster-backports
Index(es):
- Date
- Thread