xenial/linux-hwe: 4.15.0-67.76~16.04.1 -proposed tracker
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Kernel SRU Workflow |
Fix Released
|
Medium
|
Unassigned | ||
Automated-testing |
Incomplete
|
Medium
|
Canonical Kernel Team | ||
Certification-testing |
Confirmed
|
Medium
|
Canonical Hardware Certification | ||
Prepare-package |
Fix Released
|
Medium
|
Khaled El Mously | ||
Prepare-package-meta |
Fix Released
|
Medium
|
Khaled El Mously | ||
Prepare-package-signed |
Fix Released
|
Medium
|
Khaled El Mously | ||
Promote-to-proposed |
Fix Released
|
Medium
|
Andy Whitcroft | ||
Promote-to-security |
New
|
Medium
|
Ubuntu Stable Release Updates Team | ||
Promote-to-updates |
New
|
Medium
|
Ubuntu Stable Release Updates Team | ||
Regression-testing |
In Progress
|
Medium
|
Canonical Kernel Team | ||
Security-signoff |
In Progress
|
Medium
|
Canonical Security Team | ||
Verification-testing |
In Progress
|
Medium
|
Canonical Kernel Team | ||
linux-hwe (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Unassigned |
Bug Description
This bug will contain status and test results related to a kernel source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https:/
-- swm properties --
boot-testing-
kernel-
packages:
main: linux-hwe
meta: linux-meta-hwe
signed: linux-signed-hwe
phase: Testing
phase-changed: Thursday, 24. October 2019 19:36 UTC
proposed-
proposed-
reason:
automated-
certification
regression-
security-signoff: Stalled -- waiting for signoff
verification-
trackers:
xenial/
xenial/
variant: debs
CVE References
tags: | added: kernel-release-tracking-bug xenial |
Changed in linux-hwe (Ubuntu Xenial): | |
status: | New → Confirmed |
Changed in linux-hwe (Ubuntu): | |
status: | New → Invalid |
Changed in linux-hwe (Ubuntu Xenial): | |
importance: | Undecided → Medium |
tags: | added: kernel-release-tracking-bug-live |
description: | updated |
tags: | added: kernel-sru-cycle-2019.10.21-1 |
description: | updated |
tags: | added: kernel-sru-backport-of-1849035 |
Changed in kernel-sru-workflow: | |
status: | New → In Progress |
Changed in kernel-sru-workflow: | |
importance: | Undecided → Medium |
tags: | removed: kernel-sru-backport-of-1849035 |
tags: | added: kernel-sru-backport-of-1849035 |
summary: |
- linux-hwe: <version to be filled> -proposed tracker + xenial/linux-hwe: <version to be filled> -proposed tracker |
description: | updated |
description: | updated |
summary: |
- xenial/linux-hwe: <version to be filled> -proposed tracker + xenial/linux-hwe: 4.15.0-67.76~16.04.1 -proposed tracker |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: | added: block-proposed-xenial |
tags: | added: block-proposed |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: |
added: kernel-sru-backport-of-1849855 removed: kernel-sru-backport-of-1849035 |
tags: | removed: kernel-release-tracking-bug-live |
Changed in kernel-sru-workflow: | |
status: | In Progress → Fix Released |
This bug was fixed in the package linux-hwe - 4.15.0- 69.78~16. 04.1
--------------- 69.78~16. 04.1) xenial; urgency=medium
linux-hwe (4.15.0-
[ Ubuntu: 4.15.0-69.78 ]
* KVM NULL pointer deref (LP: #1851205) page_get_ gfn BUG_ON to WARN_ON arch_cap_ msr() /taa: Add mitigation for TSX Async Abort /taa: Add sysfs reporting for TSX Async Abort /taa: Add documentation for TSX Async Abort /taa: Call tsx_init() >needs_ cmd_parser to engine->flags
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation
- x86/speculation
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine-
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support...