** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/1798441
Title:
Allow signed kernels to be kexec'ed under lockdown
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
In Progress
Bug description:
[Impact]
Under kernel lockdown, one can't kexec unless it's using kexec_file_load with a signed kernel.
[Test case]
It was verified that a signed kernel could be loaded with kexec -s, and properly booted.
[Regression Potential]
A security issue, as we allow more kernels to be loaded than we would like to. Though, that's already the case in cosmic.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798441/+subscriptions
Комментариев нет:
Отправить комментарий