Ubuntu
linux-ec2 package

Lucid on EC2 /dev/mem does not return EPERM

Bug #725308 reported by C de-Avillez
264
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-ec2 (Ubuntu)
Invalid
Undecided
Unassigned
Karmic
Won't Fix
Wishlist
Unassigned
Lucid
Won't Fix
Wishlist
Unassigned

Bug Description

Release of Ubuntu: Lucid
Package Version: 2.6.32-29.58
Expected Results: /dev/mem should not be readable
Actual Results: QRT kernel-security test failed on /dev/mem; see http://reports.qa.ubuntu.com/reports/kernel-sru/home/ubuntu/sru-kernel-test/lucid-2.6.32-313.25-ec2/m1.small-i386/qrt-kernel-security.txt

Tags: lucid qa
Revision history for this message
Kees Cook (kees) wrote :

I've masked this out of the -ec2 tests for now.

security vulnerability: no → yes
Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Kees Cook (kees) wrote :

On EC2, /dev/mem appears to depend slightly on the Xen _host_. It will either correctly return EPERM on RAM reads, or if not, it will return all zeros. So, this is technically safe, but likely due to the Xen host.

affects: linux (Ubuntu) → linux-ec2 (Ubuntu)
Changed in linux-ec2 (Ubuntu):
importance: Undecided → Low
summary: - Lucid 2.6.32-29.58 /dev/mem is readable
+ Lucid on EC2 /dev/mem does not return EPERM
Changed in linux-ec2 (Ubuntu):
status: Confirmed → Invalid
importance: Low → Undecided
Changed in linux-ec2 (Ubuntu Karmic):
importance: Undecided → Wishlist
status: New → Confirmed
Changed in linux-ec2 (Ubuntu Lucid):
status: New → Confirmed
importance: Undecided → Wishlist
Jamie Strandboge (jdstrand)
Changed in linux-ec2 (Ubuntu Karmic):
status: Confirmed → Won't Fix
Revision history for this message
Rolf Leggewie (r0lf) wrote :

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in linux-ec2 (Ubuntu Lucid):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.