GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/1.0/patches/2221397/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2221397,
    "url": "http://patchwork.ozlabs.org/api/1.0/patches/2221397/?format=api",
    "project": {
        "id": 15,
        "url": "http://patchwork.ozlabs.org/api/1.0/projects/15/?format=api",
        "name": "Ubuntu Kernel",
        "link_name": "ubuntu-kernel",
        "list_id": "kernel-team.lists.ubuntu.com",
        "list_email": "kernel-team@lists.ubuntu.com",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null
    },
    "msgid": "<20260409121732.3979312-2-georgia.garcia@canonical.com>",
    "date": "2026-04-09T12:17:32",
    "name": "[SRU,Q,v2,1/1] apparmor: fix NULL pointer dereference in __unix_needs_revalidation",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "4ba2d64bda95ec8f61f8f9c71ad2d2e4326c4bbd",
    "submitter": {
        "id": 82129,
        "url": "http://patchwork.ozlabs.org/api/1.0/people/82129/?format=api",
        "name": "Georgia Garcia",
        "email": "georgia.garcia@canonical.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/ubuntu-kernel/patch/20260409121732.3979312-2-georgia.garcia@canonical.com/mbox/",
    "series": [
        {
            "id": 499284,
            "url": "http://patchwork.ozlabs.org/api/1.0/series/499284/?format=api",
            "date": "2026-04-09T12:17:31",
            "name": "apparmor: fix NULL pointer dereference in __unix_needs_revalidation",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/499284/mbox/"
        }
    ],
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2221397/checks/",
    "tags": {},
    "headers": {
        "Return-Path": "<kernel-team-bounces@lists.ubuntu.com>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (4096-bit key;\n unprotected) header.d=canonical.com header.i=@canonical.com\n header.a=rsa-sha256 header.s=20251003 header.b=KiU76Zk/;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com\n (client-ip=185.125.189.65; helo=lists.ubuntu.com;\n envelope-from=kernel-team-bounces@lists.ubuntu.com;\n receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4frzTw584Cz1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 09 Apr 2026 22:17:55 +1000 (AEST)",
            "from localhost ([127.0.0.1] helo=lists.ubuntu.com)\n\tby lists.ubuntu.com with esmtp (Exim 4.86_2)\n\t(envelope-from <kernel-team-bounces@lists.ubuntu.com>)\n\tid 1wAoKP-0001ot-7O; Thu, 09 Apr 2026 12:17:45 +0000",
            "from smtp-relay-internal-0.internal ([10.131.114.225]\n helo=smtp-relay-internal-0.canonical.com)\n by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.86_2) (envelope-from <georgia.garcia@canonical.com>)\n id 1wAoKN-0001o7-If\n for kernel-team@lists.ubuntu.com; Thu, 09 Apr 2026 12:17:43 +0000",
            "from mail-vs1-f70.google.com (mail-vs1-f70.google.com\n [209.85.217.70])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 70D063F656\n for <kernel-team@lists.ubuntu.com>; Thu,  9 Apr 2026 12:17:43 +0000 (UTC)",
            "by mail-vs1-f70.google.com with SMTP id\n ada2fe7eead31-605664a1046so227830137.0\n for <kernel-team@lists.ubuntu.com>; Thu, 09 Apr 2026 05:17:43 -0700 (PDT)",
            "from localhost.localdomain ([177.92.51.93])\n by smtp.gmail.com with ESMTPSA id\n a1e0cc1a2514c-953fb7ef8c2sm17874205241.3.2026.04.09.05.17.39\n for <kernel-team@lists.ubuntu.com>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 09 Apr 2026 05:17:40 -0700 (PDT)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;\n s=20251003; t=1775737063;\n bh=dFwT2I6r/L+SnR4gT67pnZeVLYh8eVT2dO29B6j1Nug=;\n h=From:To:Subject:Date:Message-ID:In-Reply-To:References:\n MIME-Version:Content-Type;\n b=KiU76Zk/PKw+xXRoKJF0/T4rE2GA8w2GjPfiHwtQnA1creEkg0q7U73n4IIkhDxxd\n tbVjXg9yuldbLBQ3niANpAIUVahqzGFjeGjomxZ2tClzkaMzN6riX1c6hNZYo+u+jm\n aT47eomuVoRKb8vmXWeJQH/ZUjKrW+vK8x4yFlw9+LUQFlokpU1fhLcMlYGr4EDeuF\n LvyjlrvKl/PZ1UhWTHAeXdU89IO40ZKh9ij+D5g++grrqJRphFNJbkva5blikvyR18\n OCT7ByDvROSxbQDC0eeEAaBBCTlJVlnNDXL6A1nXQZ6GpPIJLmEAk0YyzGvZFfambR\n ibE7T16+9oryxidcs9Jvoawi1cmKq+VBoMDlHIvCUtCLCs5+MU+lFyd8N9eBep7fJP\n o+A+dillVEMjCik0H55eDz6SVptegF5nt/LVqreW16Ue5RXBMUf2ckWcZ/ee86icCz\n o1a/gRIcBxJEMe2HRI7wAHlmELtmqdbYKDND7CzekvkznSDpyrmwtceTK5kxh8ac5d\n 9s+H7HxFp2Ou76Kzl4rTM6iEJluibethfk4YcQtwOqyHUQDIt/0BsbrF4yL0205m1Z\n 70P0CtSKCpUMTS5yOlZvVMwxlMfUQbQDDNEV5AbK7OIqwy6TNa6mDQdkGSlQ6nD8Qu\n VPS1/GpfZRMeZMS+E0SBqr9U=",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1775737062; x=1776341862;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=dFwT2I6r/L+SnR4gT67pnZeVLYh8eVT2dO29B6j1Nug=;\n b=nCzYf/anVC7eFL34ErQiZ3JCmnU0ohRZ1jb3OlX35akG6EPTJxmcxoRfk4kQ11T2fH\n Qlt+Z1G/oPoaRmKJrtx3d1H6aHHTydfM7rfn9DzjoljweyrnX02OQeG4zfdrZ1+SQMd5\n R17iRM/XTnm5qvSlj6o9HDn7JT1AMj4AzZyxBaGPnVq2kZDLdgp8DI7fmG0oBFzsiahP\n lqa8u38JrBAjPRtlSrVjUxhbaQtC1nyxE9oTcV7f3Je4E03TfhwroJmqv0LVZVTBmMAH\n bi2TqBJxmKlSdNYJ9xfUilRpBkTTyb9UZsY5DNAQxIwWtXTYt1P9P3TTFXQFasmduLok\n 1uJA==",
        "X-Gm-Message-State": "AOJu0YyAsWovr4KgQd/Taufu77aZQscSx5hgBEx2QtGk9XXMnhip2rql\n i0ofyfI02e0/kiAlmdTT+DabFFoXhT15c2Kg/zOQqQuCTACsygw7Rned2yS9Pujyw2vIUr1i3x4\n UM3mf2NXBY4eWYNOyK2crKJeQH6R56ZYARrsJRx9YaErqM3Ka02NrzXYpS0TVMzfGyoiAQ8qt7L\n +TqeTInL7j8cBVnA==",
        "X-Gm-Gg": "AeBDiesXP4ehUW7dVbkcGev4rzRdP2Awd5z2qXnupgLaJHtbMef8SwyOF/PsX2nrIpR\n IWJzWC4mguzN1nu/V7HaFDOtTFKqzrzSj/r2iDoYbMsuAfRyAo4+PBirlyVtxgf6mfY4MgWlfp4\n kUA/+BYakp3aRdl11Va2tbEVoKG9EE8vwX/gL45Y/1uuMSsZIf6RwGUVi56gF47nZuBN+X76vtJ\n 7Dj9hGFFufPv0Nqdiozyj6xnMGreLclvaT8h71DGduQXCQS7G80p9Lya8oGTzO+agqJUps3ZI+a\n lPPvsFQSoQrzxLKHf5Zae7hOjWh06ofWTIhD0HJlqtk1gaYP8WKvLgeKsPygCBtUcKyQjyQh1NO\n qu2VGxLgads9aSmzf3aOrDHpDf+cKnO6zgs8PLyTBJ47tjtXNRznWE3FeD3Qqq8yBOyPHDW/2BH\n o=",
        "X-Received": [
            "by 2002:a05:6102:1613:b0:609:33e7:94e1 with SMTP id\n ada2fe7eead31-60933e798f9mr355095137.31.1775737061836;\n Thu, 09 Apr 2026 05:17:41 -0700 (PDT)",
            "by 2002:a05:6102:1613:b0:609:33e7:94e1 with SMTP id\n ada2fe7eead31-60933e798f9mr355092137.31.1775737061442;\n Thu, 09 Apr 2026 05:17:41 -0700 (PDT)"
        ],
        "From": "Georgia Garcia <georgia.garcia@canonical.com>",
        "To": "kernel-team@lists.ubuntu.com",
        "Subject": "[SRU][Q][PATCH v2 1/1] apparmor: fix NULL pointer dereference in\n __unix_needs_revalidation",
        "Date": "Thu,  9 Apr 2026 09:17:32 -0300",
        "Message-ID": "<20260409121732.3979312-2-georgia.garcia@canonical.com>",
        "X-Mailer": "git-send-email 2.43.0",
        "In-Reply-To": "<20260409121732.3979312-1-georgia.garcia@canonical.com>",
        "References": "<20260409121732.3979312-1-georgia.garcia@canonical.com>",
        "MIME-Version": "1.0",
        "X-BeenThere": "kernel-team@lists.ubuntu.com",
        "X-Mailman-Version": "2.1.20",
        "Precedence": "list",
        "List-Id": "Kernel team discussions <kernel-team.lists.ubuntu.com>",
        "List-Unsubscribe": "<https://lists.ubuntu.com/mailman/options/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>",
        "List-Archive": "<https://lists.ubuntu.com/archives/kernel-team>",
        "List-Post": "<mailto:kernel-team@lists.ubuntu.com>",
        "List-Help": "<mailto:kernel-team-request@lists.ubuntu.com?subject=help>",
        "List-Subscribe": "<https://lists.ubuntu.com/mailman/listinfo/kernel-team>,\n <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "base64",
        "Errors-To": "kernel-team-bounces@lists.ubuntu.com",
        "Sender": "\"kernel-team\" <kernel-team-bounces@lists.ubuntu.com>"
    },
    "content": "From: System Administrator <root@localhost>\n\nBugLink: http://bugs.launchpad.net/bugs/2147374\n\nWhen receiving file descriptors via SCM_RIGHTS, both the socket pointer\nand the socket's sk pointer can be NULL during socket setup or teardown,\ncausing NULL pointer dereferences in __unix_needs_revalidation().\n\nThis is a regression in AppArmor 5.0.0 (kernel 6.17+) where the new\n__unix_needs_revalidation() function was added without proper NULL checks.\n\nThe crash manifests as:\n  BUG: kernel NULL pointer dereference, address: 0x0000000000000018\n  RIP: aa_file_perm+0xb7/0x3b0 (or +0xbe/0x3b0, +0xc0/0x3e0)\n  Call Trace:\n   apparmor_file_receive+0x42/0x80\n   security_file_receive+0x2e/0x50\n   receive_fd+0x1d/0xf0\n   scm_detach_fds+0xad/0x1c0\n\nThe function dereferences sock->sk->sk_family without checking if either\nsock or sock->sk is NULL first.\n\nAdd NULL checks for both sock and sock->sk before accessing sk_family.\n\nFixes: 88fec3526e841 (\"apparmor: make sure unix socket labeling is correctly updated.\")\nReported-by: Jamin Mc <jaminmc@gmail.com>\nCloses: https://bugzilla.proxmox.com/show_bug.cgi?id=7083\nCloses: https://gitlab.com/apparmor/apparmor/-/issues/568\nSigned-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>\nSigned-off-by: System Administrator <root@localhost>\nSigned-off-by: John Johansen <john.johansen@canonical.com>\n(cherry picked from commit e2938ad00b21340c0362562dfedd7cfec0554d67)\nSigned-off-by: Georgia Garcia <georgia.garcia@canonical.com>\n---\n security/apparmor/file.c | 3 +++\n 1 file changed, 3 insertions(+)",
    "diff": "diff --git a/security/apparmor/file.c b/security/apparmor/file.c\nindex d30be1979ced..50785b4dd746 100644\n--- a/security/apparmor/file.c\n+++ b/security/apparmor/file.c\n@@ -777,6 +777,9 @@ static bool __unix_needs_revalidation(struct file *file, struct aa_label *label,\n \t\treturn false;\n \tif (request & NET_PEER_MASK)\n \t\treturn false;\n+\t/* sock and sock->sk can be NULL for sockets being set up or torn down */\n+\tif (!sock || !sock->sk)\n+\t\treturn false;\n \tif (sock->sk->sk_family == PF_UNIX) {\n \t\tstruct aa_sk_ctx *ctx = aa_sock(sock->sk);\n \n",
    "prefixes": [
        "SRU",
        "Q",
        "v2",
        "1/1"
    ]
}