Comment 102 for bug 1779827

@Joseph Salisbury: I am confused. Looking at USN-3718-1 (https://usn.ubuntu.com/3718-1/) and USN-3718-2 (https://usn.ubuntu.com/3718-2/) it seems like CVE-1108 is fixed in Ubuntu 18.04 LTS for several linux kernel flavors (azure, gcp, hwe, kvm, oem and stock) and a subset for Ubuntu 16.04 LTS.

However the table at https://people.canonical.com/~kernel/cve/pkg/ALL-linux.html states 'pending applied'. The table https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1108.html states 'pending' and so on.

So my question is: is CVE-2018-1108 fixed in Ubuntu 18.04 LTS and 16.04 LTS? And if so since which kernel version? Did the new kernel that led to this bugreport fix the vulnerability. Did the fix you developed reintroduce the vulnerability?

Regards and thank you for your efforts!