Back to bug 2089529
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marco Benatto | 2022-05-23 22:49:51 UTC | CC | security-response-team | |
| Marco Benatto | 2022-05-23 22:52:25 UTC | Summary | EMBARGOED CVE-2022-1665 Kernel for IBM Power: Signed build of Red Hat Entrprise Linux for IBM Power can boot pre-production kernels | EMBARGOED CVE-2022-1665 Kernel for IBM Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels |
| Marco Benatto | 2022-05-23 22:53:14 UTC | Comment | 0 | updated |
| Marco Benatto | 2022-06-17 16:14:28 UTC | Depends On | 2098231 | |
| Marco Benatto | 2022-06-17 16:16:34 UTC | Deadline | 2022-06-07 | |
| CC | jburrell, kernel-mgr, vkumar | |||
| Group | qe_staff, security | |||
| Summary | EMBARGOED CVE-2022-1665 Kernel for IBM Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels | CVE-2022-1665 Kernel for IBM Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels | ||
| Marco Benatto | 2022-07-04 16:26:26 UTC | Doc Text | A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This allows kernel versions targeted for testing only to be eventually booted in PowerPC environments with Secure Boot feature enabled. An attacker needs high privilege to be able to install the non-production kernel packages in the target machine and make it the default boot option on grub2. | |
| RaTasha Tillery-Smith | 2022-07-05 12:57:22 UTC | Doc Text | A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This allows kernel versions targeted for testing only to be eventually booted in PowerPC environments with Secure Boot feature enabled. An attacker needs high privilege to be able to install the non-production kernel packages in the target machine and make it the default boot option on grub2. | A flaw was found in the Linux kernel, where a set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This issue allows kernel versions targeted for testing to eventually boot in PowerPC environments with the Secure Boot feature enabled. An attacker needs high privilege to install the non-production kernel packages in the target machine and make it the default boot option on grub2. |
| Red Hat Bugzilla | 2022-07-16 03:20:56 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-31 23:36:30 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:42:20 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-07-07 08:33:22 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 2089529