Disco update: 5.0.13 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Medium
|
Connor Kuehl |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
5.0.13 upstream stable release
from git://git.
The following patches were applied:
* ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
* ipv6: A few fixes on dereferencing rt->from
* ipv6: fix races in ip6_dst_destroy()
* ipv6/flowlabel: wait rcu grace period before put_pid()
* ipv6: invert flowlabel sharing check in process and user mode
* l2ip: fix possible use-after-free
* l2tp: use rcu_dereference
* net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
* net: phy: marvell: Fix buffer overrun with stats counters
* net/tls: avoid NULL pointer deref on nskb->sk in fallback
* rxrpc: Fix net namespace cleanup
* sctp: avoid running the sctp state machine recursively
* selftests: fib_rule_tests: print the result and return 1 if any tests failed
* packet: validate msg_namelen in send directly
* packet: in recvmsg msg_name return at least sizeof sockaddr_ll
* selftests: fib_rule_tests: Fix icmp proto with ipv6
* tcp: add sanity tests in tcp_add_backlog()
* udp: fix GRO reception in case of length mismatch
* udp: fix GRO packet of death
* bnxt_en: Improve multicast address setup logic.
* bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
* bnxt_en: Fix possible crash in bnxt_hwrm_
* bnxt_en: Pass correct extended TX port statistics size to firmware.
* bnxt_en: Fix statistics context reservation logic.
* bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt().
* net/tls: don't copy negative amounts of data in reencrypt
* net/tls: fix copy to fragments in reencrypt
* KVM: x86: Whitelist port 0x7e for pre-incrementing %rip
* KVM: nVMX: Fix size checks in vmx_set_
* ALSA: line6: use dynamic buffers
* iwlwifi: mvm: properly check debugfs dentry before using it
* ath10k: Drop WARN_ON()s that always trigger during system resume
* Linux 5.0.13
CVE References
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
description: | updated |
description: | updated |
Changed in linux (Ubuntu Disco): | |
status: | New → Fix Committed |
importance: | Undecided → Medium |
assignee: | nobody → Connor Kuehl (connork) |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
These patches had merge conflicts that needed to be resolved when applying:
* selftests: fib_rule_tests: Fix icmp proto with ipv6
- minor offset adjustment
* udp: fix GRO reception in case of length mismatch
- Our tree has had some touch-up work to the variables here. The stable tree was using something like this: "uh->len > uh2->len", but our tree uses "ulen > ntohs(uh2->len)" -- where ulen is declared further up in the function (from uh->len) and we're using "ntohs" on the other value.