Ubuntu
linux-azure package

[linux-azure] SAUCE patch to "Fix skb protocol value in tpacket_fill_skb()"

Bug #1855461 reported by Joseph Salisbury on 2019-12-06

This bug affects 1 person

	Status	Importance	Assigned to
linux-azure (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	Fix Released	Undecided	Marcelo Cerri
Disco	Won't Fix	Undecided	Marcelo Cerri

Bug Description

The actual fix for this issue would be to backport two related patches that were accepted upstream in Feb/March 2019. But doing a full backport is complicated because of dependencies on other new code. The two upstream commits are:

75c65772c3d1 ("net/packet: Ask driver for protocol if not provided by user")
18bed89107a4 ("af_packet: fix the tx skb protocol in raw sockets with ETH_P_ALL")

Instead of a full backport of these patches, a SAUCE patch was generated to avoid the complicated dependencies. The SAUCE patch is attached to the bug.

Microsoft and the affected customer feel this patch is pretty small and safe. Microsoft and the end customer have tested the backport and confirmed that it solves the problem.

Backports are needed for both the 4.15.0 and the 5.0 azure kernels that are used in Ubuntu 16.04 and Ubuntu 18.04 images in the Azure Marketplace. The customer is using the 4.15 kernel from Ubuntu 16.04, so getting this fix included there is fairly high priority, though not “critical/emergency” level. Getting the fix included in the 5.0 kernel in Ubuntu 18.04 in the Azure Marketplace is low priority.

See original description

Tags:

CVE References

Revision history for this message

Joseph Salisbury (jsalisbury) wrote on 2019-12-06:

0001-af_packet-Fix-skb-protocol-value-in-tpacket_fill_skb.patch Edit (1.2 KiB, text/plain)

Joseph Salisbury (jsalisbury) on 2019-12-06

description:

updated

Ubuntu Foundations Team Bug Bot (crichton) on 2019-12-06

tags:

added: patch

Marcelo Cerri (mhcerri) on 2019-12-12

Changed in linux-azure (Ubuntu Disco):
status:	New → Invalid
Changed in linux-azure (Ubuntu Xenial):
status:	New → In Progress
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Disco):
assignee:	nobody → Marcelo Cerri (mhcerri)

Marcelo Cerri (mhcerri) on 2019-12-12

Changed in linux-azure (Ubuntu Disco):
status:	Invalid → New

Marcelo Cerri (mhcerri) on 2019-12-12

Changed in linux-azure (Ubuntu Disco):
status:	New → In Progress

Marcelo Cerri (mhcerri) on 2019-12-12

Changed in linux-azure (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-01-06:

Download full text (43.7 KiB)

This bug was fixed in the package linux-azure - 4.15.0-1066.71

---------------
linux-azure (4.15.0-1066.71) xenial; urgency=medium

* xenial/linux-azure: 4.15.0-1066.71 -proposed tracker (LP: #1856203)

  * [linux-azure] SAUCE patch to "Fix skb protocol value in tpacket_fill_skb()"
    (LP: #1855461)
    - SAUCE: af_packet: Fix skb protocol value in tpacket_fill_skb()

linux-azure (4.15.0-1065.70) xenial; urgency=medium

* xenial/linux-azure: 4.15.0-1065.70 -proposed tracker (LP: #1854813)

  * [linux-azure] Patch to prevent possible data corruption (LP: #1848739)
    - blk-mq: quiesce queue during switching io sched and updating nr_requests
    - blk-mq: move hctx lock/unlock into a helper
    - blk-mq: factor out a few helpers from __blk_mq_try_issue_directly
    - blk-mq: improve DM's blk-mq IO merging via blk_insert_cloned_request
      feedback
    - dm mpath: fix missing call of path selector type->end_io
    - blk-mq-sched: remove unused 'can_block' arg from blk_mq_sched_insert_request
    - blk-mq: don't dispatch request in blk_mq_request_direct_issue if queue is
      busy
    - blk-mq: introduce BLK_STS_DEV_RESOURCE
    - blk-mq: Rename blk_mq_request_direct_issue() into
      blk_mq_request_issue_directly()
    - blk-mq: don't queue more if we get a busy return
    - blk-mq: dequeue request one by one from sw queue if hctx is busy
    - blk-mq: issue directly if hw queue isn't busy in case of 'none'
    - blk-mq: fix corruption with direct issue
    - blk-mq: fail the request in case issue failure
    - blk-mq: punt failed direct issue to dispatch list

[ Ubuntu: 4.15.0-73.82 ]

This bug was fixed in the package linux-azure - 4.15.0-1066.71

---------------
linux-azure (4.15.0-1066.71) xenial; urgency=medium

* xenial/linux-azure: 4.15.0-1066.71 -proposed tracker (LP: #1856203)

* [linux-azure] SAUCE patch to "Fix skb protocol value in tpacket_fill_skb()"
    (LP: #1855461)
    - SAUCE: af_packet: Fix skb protocol value in tpacket_fill_skb()

linux-azure (4.15.0-1065.70) xenial; urgency=medium

* xenial/linux-azure: 4.15.0-1065.70 -proposed tracker (LP: #1854813)

[ Ubuntu: 4.15.0-73.82 ]

* bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)
  * CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
  * CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor
  * CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
  * Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template
  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling
  * Lenovo dock MAC Address pass through doesn't work in Ubuntu  (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2
  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues
  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table
  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy
  * CVE-2019-19083
    - drm/amd/display: memory leak
  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval
  * CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64 (LP: #1825222)
    - [Config] Enable ROCKCHIP support for arm64
  * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash
  * The alsa hda driver is not loaded due to the missing of PCIID for Comet
    Lake-S [8086:a3f0] (LP: #1852070)
    - SAUCE: ALSA: hda: Add Cometlake-S PCI ID
  * Can't adjust brightness on DELL UHD dGPU AIO (LP: #1813877)
    - SAUCE: platform/x86: dell-uart-backlight: add missing status command
    - SAUCE: platform/x86: dell-uart-backlight: load driver by scalar status
    - SAUCE: platform/x86: dell-uart-backlight: add force parameter
    - SAUCE: platform/x86: dell-uart-backlight: add quirk for old platforms
  * Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens
  * Disable unreliable HPET on CFL-H system (LP: #1852216)
    - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake H platforms
  * i40e: Setting VF MAC address causes General Protection Fault (LP: #1852432)
    - i40e: Fix crash caused by stress setting of VF MAC addresses
  * Bionic update: upstream stable patchset 2019-11-27 (LP: #1854216)
    - spi: mediatek: use correct mata->xfer_len when in fifo transfer
    - tee: optee: add missing of_node_put after of_device_is_available
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - idr: Fix idr_get_next race with idr_remove
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
    - mm/memory_hotplug: fix updating the node span
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - fbdev: Ditch fb_edid_add_monspecs
    - net: ovs: fix return type of ndo_start_xmit function
    - net: xen-netback: fix return type of ndo_start_xmit function
    - ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
    - ARM: dts: omap5: enable OTG role for DWC3 controller
    - f2fs: return correct errno in f2fs_gc
    - ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
    - SUNRPC: Fix priority queue fairness
    - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
    - kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
    - arm64/numa: Report correct memblock range for the dummy node
    - ath10k: fix vdev-start timeout on error
    - ata: ahci_brcm: Allow using driver or DSL SoCs
    - ath9k: fix reporting calculated new FFT upper max
    - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in
      fotg210_get_status()
    - usb: dwc3: gadget: Check ENBLSLPM before sending ep command
    - nl80211: Fix a GET_KEY reply attribute
    - irqchip/irq-mvebu-icu: Fix wrong private data retrieval
    - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
    - KVM: PPC: Inform the userspace about TCE update failures
    - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
    - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
    - ext4: fix build error when DX_DEBUG is defined
    - clk: keystone: Enable TISCI clocks if K3_ARCH
    - sunrpc: Fix connect metrics
    - mei: samples: fix a signedness bug in amt_host_if_call()
    - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
    - cxgb4: Use proper enum in IEEE_FAUX_SYNC
    - powerpc/pseries: Fix DTL buffer registration
    - powerpc/pseries: Fix how we iterate over the DTL entries
    - powerpc/xive: Move a dereference below a NULL test
    - ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
    - ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
    - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
    - PM / hibernate: Check the success of generating md5 digest before
      hibernation
    - tools: PCI: Fix compilation warnings
    - clocksource/drivers/sh_cmt: Fixup for 64-bit machines
    - clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
    - md: allow metadata updates while suspending an array - fix
    - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
    - i40e: Use proper enum in i40e_ndo_set_vf_link_state
    - ixgbe: Fix crash with VFs and flow director on interface flap
    - IB/mthca: Fix error return code in __mthca_init_one()
    - IB/mlx4: Avoid implicit enumerated type conversion
    - ACPICA: Never run _REG on system_memory and system_IO
    - powerpc/time: Use clockevents_register_device(), fixing an issue with large
      decrementer
    - ata: ep93xx: Use proper enums for directions
    - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
    - media: pxa_camera: Fix check for pdev->dev.of_node
    - media: i2c: adv748x: Support probing a single output
    - ALSA: hda/sigmatel - Disable automute for Elo VuPoint
    - KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
    - USB: serial: cypress_m8: fix interrupt-out transfer length
    - mtd: physmap_of: Release resources on error
    - cpu/SMT: State SMT is disabled even with nosmt and without "=force"
    - brcmfmac: reduce timeout for action frame scan
    - brcmfmac: fix full timeout waiting for action frame on-channel tx
    - qtnfmac: pass sgi rate info flag to wireless core
    - qtnfmac: drop error reports for out-of-bounds key indexes
    - clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
    - clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
    - i2c: brcmstb: Allow enabling the driver on DSL SoCs
    - NFSv4.x: fix lock recovery during delegation recall
    - dmaengine: ioat: fix prototype of ioat_enumerate_channels
    - media: cec-gpio: select correct Signal Free Time
    - Input: st1232 - set INPUT_PROP_DIRECT property
    - Input: silead - try firmware reload after unsuccessful resume
    - remoteproc: Check for NULL firmwares in sysfs interface
    - kexec: Allocate decrypted control pages for kdump if SME is enabled
    - x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
    - dmaengine: rcar-dmac: set scatter/gather max segment size
    - crypto: mxs-dcp - Fix SHA null hashes and output length
    - crypto: mxs-dcp - Fix AES issues
    - xfrm: use correct size to initialise sp->ovec
    - ACPI / SBS: Fix rare oops when removing modules
    - iwlwifi: mvm: don't send keys when entering D3
    - x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
    - mmc: tmio: Fix SCC error detection
    - fbdev: sbuslib: use checked version of put_user()
    - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
    - reset: Fix potential use-after-free in __of_reset_control_get()
    - bcache: recal cached_dev_sectors on detach
    - media: dw9714: Fix error handling in probe function
    - s390/kasan: avoid vdso instrumentation
    - proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
    - backlight: lm3639: Unconditionally call led_classdev_unregister
    - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
    - printk: Give error on attempt to set log buffer length to over 2G
    - media: isif: fix a NULL pointer dereference bug
    - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
    - media: cx231xx: fix potential sign-extension overflow on large shift
    - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
    - gpio: syscon: Fix possible NULL ptr usage
    - spi: fsl-lpspi: Prevent FIFO under/overrun by default
    - pinctrl: gemini: Mask and set properly
    - spi: spidev: Fix OF tree warning logic
    - ARM: 8802/1: Call syscall_trace_exit even when system call skipped
    - orangefs: rate limit the client not running info message
    - pinctrl: gemini: Fix up TVC clock group
    - hwmon: (pwm-fan) Silence error on probe deferral
    - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
    - netfilter: nft_compat: do not dump private area
    - misc: cxl: Fix possible null pointer dereference
    - mac80211: minstrel: fix using short preamble CCK rates on HT clients
    - mac80211: minstrel: fix CCK rate group streams value
    - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
    - spi: rockchip: initialize dma_slave_config properly
    - mlxsw: spectrum_switchdev: Check notification relevance based on upper
      device
    - ARM: dts: omap5: Fix dual-role mode on Super-Speed port
    - tools: PCI: Fix broken pcitest compilation
    - powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
    - mmc: tmio: fix SCC error handling to avoid false positive CRC error
    - ARM: dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet
      PHY
    - tcp: up initial rmem to 128KB and SYN rwin to around 64KB
    - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq
    - f2fs: keep lazytime on remount
    - IB/hfi1: Error path MAD response size is incorrect
    - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules.
    - PM / devfreq: Fix handling of min/max_freq == 0
    - PM / devfreq: stopping the governor before device_unregister()
    - watchdog: core: fix null pointer dereference when releasing cdev
    - watchdog: renesas_wdt: stop when unregistering
    - watchdog: sama5d4: fix timeout-sec usage
    - printk: Do not miss new messages when replaying the log
    - printk: CON_PRINTBUFFER console registration is a bit racy
    - ALSA: hda: Fix mismatch for register mask and value in ext controller.
    - x86/PCI: Apply VMD's AERSID fixup generically
    - IB/rxe: avoid srq memory leak
    - RDMA/hns: Bugfix for reserved qp number
    - RDMA/hns: Submit bad wr when post send wr exception
    - RDMA/hns: Bugfix for CM test
    - RDMA/hns: Limit the size of extend sge of sq
    - rpmsg: glink: smem: Support rx peak for size less than 4 bytes
    - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers
    - clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume
    - printk: Correct wrong casting
    - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size
    - atmel_lcdfb: support native-mode display-timings
    - fbdev: fix broken menu dependencies
    - bcache: account size of buckets used in uuid write to
      ca->meta_sectors_written
    - media: cx18: Don't check for address of video_dev
    - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync
    - scsi: arcmsr: clean up clang warning on extraneous parentheses
    - hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors
    - tcp: start receiver buffer autotuning sooner
    - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
      hibernate
    - PM / devfreq: Fix static checker warning in try_then_request_governor
    - x86/resctrl: Fix rdt_find_domain() return value and checks
  * Bionic update: upstream stable patchset 2019-11-25 (LP: #1853915)
    - kvm: mmu: Don't read PDPTEs when paging is not enabled
    - KVM: x86: introduce is_pae_paging
    - MIPS: BCM63XX: fix switch core reset on BCM6368
    - scsi: core: Handle drivers which set sg_tablesize to zero
    - Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs"
    - ax88172a: fix information leak on short answers
    - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
    - slip: Fix memory leak in slip_open error path
    - ALSA: usb-audio: Fix missing error check at mixer resolution test
    - ALSA: usb-audio: not submit urb for stopped endpoint
    - Input: ff-memless - kill timer in destroy()
    - Input: synaptics-rmi4 - fix video buffer size
    - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
    - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
    - Input: synaptics-rmi4 - clear IRQ enables for F54
    - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
    - IB/hfi1: Ensure full Gen3 speed in a Gen4 system
    - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
    - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
    - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
    - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
    - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
    - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
    - mmc: sdhci-of-at91: fix quirk2 overwrite
    - iio: adc: max9611: explicitly cast gain_selectors
    - tee: optee: take DT status property into account
    - ath10k: fix kernel panic by moving pci flush after napi_disable
    - iio: dac: mcp4922: fix error handling in mcp4922_write_raw
    - arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
    - arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
    - ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
    - arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
    - ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
    - rtc: rv8803: fix the rv8803 id in the OF table
    - remoteproc/davinci: Use %zx for formating size_t
    - extcon: cht-wc: Return from default case to avoid warnings
    - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
    - ALSA: seq: Do error checks at creating system ports
    - ath9k: fix tx99 with monitor mode interface
    - ath10k: limit available channels via DT ieee80211-freq-limit
    - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
    - ASoC: dpcm: Properly initialise hw->rate_max
    - pinctrl: ingenic: Probe driver at subsys_initcall
    - MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
    - ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
    - liquidio: fix race condition in instruction completion processing
    - ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
    - i40e: use correct length for strncpy
    - i40e: hold the rtnl lock on clearing interrupt scheme
    - i40e: Prevent deleting MAC address from VF when set by PF
    - IB/rxe: fixes for rdma read retry
    - iwlwifi: don't WARN on trying to dump dead firmware
    - iwlwifi: mvm: avoid sending too many BARs
    - ARM: dts: pxa: fix the rtc controller
    - ARM: dts: pxa: fix power i2c base address
    - rtl8187: Fix warning generated when strncpy() destination length matches the
      sixe argument
    - soc: imx: gpc: fix PDN delay
    - ASoC: rsnd: ssi: Fix issue in dma data address assignment
    - net: phy: mscc: read 'vsc8531,vddmac' as an u32
    - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
    - ARM: dts: meson8: fix the clock controller register size
    - ARM: dts: meson8b: fix the clock controller register size
    - net: lan78xx: Bail out if lan78xx_get_endpoints fails
    - ASoC: sgtl5000: avoid division by zero if lo_vag is zero
    - ARM: dts: exynos: Disable pull control for S5M8767 PMIC
    - ath10k: wmi: disable softirq's while calling ieee80211_rx
    - IB/ipoib: Ensure that MTU isn't less than minimum permitted
    - RDMA/core: Rate limit MAD error messages
    - RDMA/core: Follow correct unregister order between sysfs and cgroup
    - mips: txx9: fix iounmap related issue
    - ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
    - of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
    - ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in
      other DTS files
    - ARM: dts: omap3-gta04: fixes for tvout / venc
    - ARM: dts: omap3-gta04: tvout: enable as display1 alias
    - ARM: dts: omap3-gta04: fix touchscreen tsc2007
    - ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
    - ARM: dts: omap3-gta04: keep vpll2 always on
    - sched/debug: Use symbolic names for task state constants
    - arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
    - dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
    - dmaengine: dma-jz4780: Further residue status fix
    - EDAC, sb_edac: Return early on ADDRV bit and address type test
    - rtc: mt6397: fix possible race condition
    - rtc: pl030: fix possible race condition
    - ath9k: add back support for using active monitor interfaces for tx99
    - IB/hfi1: Missing return value in error path for user sdma
    - signal: Always ignore SIGKILL and SIGSTOP sent to the global init
    - signal: Properly deliver SIGILL from uprobes
    - signal: Properly deliver SIGSEGV from x86 uprobes
    - f2fs: fix memory leak of percpu counter in fill_super()
    - scsi: qla2xxx: Fix iIDMA error
    - scsi: qla2xxx: Defer chip reset until target mode is enabled
    - scsi: qla2xxx: Fix dropped srb resource.
    - scsi: lpfc: Fix errors in log messages.
    - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
    - ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
    - scsi: pm80xx: Corrected dma_unmap_sg() parameter
    - scsi: pm80xx: Fixed system hang issue during kexec boot
    - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
    - Drivers: hv: vmbus: Fix synic per-cpu context initialization
    - nvmem: core: return error code instead of NULL from nvmem_device_get
    - media: dt-bindings: adv748x: Fix decimal unit addresses
    - media: fix: media: pci: meye: validate offset to avoid arbitrary access
    - media: dvb: fix compat ioctl translation
    - arm64: dts: meson: libretech: update board model
    - ALSA: intel8x0m: Register irq handler after register initializations
    - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
    - llc: avoid blocking in llc_sap_close()
    - ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
    - soc: qcom: wcnss_ctrl: Avoid string overflow
    - ARM: dts: socfpga: Fix I2C bus unit-address error
    - pinctrl: at91: don't use the same irqchip with multiple gpiochips
    - cxgb4: Fix endianness issue in t4_fwcache()
    - blok, bfq: do not plug I/O if all queues are weight-raised
    - arm64: dts: meson: Fix erroneous SPI bus warnings
    - power: supply: ab8500_fg: silence uninitialized variable warnings
    - power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
    - power: supply: max8998-charger: Fix platform data retrieval
    - component: fix loop condition to call unbind() if bind() fails
    - kernfs: Fix range checks in kernfs_get_target_path
    - ip_gre: fix parsing gre header in ipgre_err
    - ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
    - ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
    - ath9k: Fix a locking bug in ath9k_add_interface()
    - s390/qeth: invoke softirqs after napi_schedule()
    - PCI/ACPI: Correct error message for ASPM disabling
    - serial: uartps: Fix suspend functionality
    - serial: samsung: Enable baud clock for UART reset procedure in resume
    - serial: mxs-auart: Fix potential infinite loop
    - samples/bpf: fix a compilation failure
    - spi: mediatek: Don't modify spi_transfer when transfer.
    - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
    - net: hns3: fix return type of ndo_start_xmit function
    - powerpc/iommu: Avoid derefence before pointer check
    - powerpc/64s/hash: Fix stab_rr off by one initialization
    - powerpc/pseries: Disable CPU hotplug across migrations
    - powerpc: Fix duplicate const clang warning in user access code
    - RDMA/i40iw: Fix incorrect iterator type
    - libfdt: Ensure INT_MAX is defined in libfdt_env.h
    - power: supply: twl4030_charger: fix charging current out-of-bounds
    - power: supply: twl4030_charger: disable eoc interrupt on linear charge
    - net: toshiba: fix return type of ndo_start_xmit function
    - net: xilinx: fix return type of ndo_start_xmit function
    - net: broadcom: fix return type of ndo_start_xmit function
    - net: amd: fix return type of ndo_start_xmit function
    - net: sun: fix return type of ndo_start_xmit function
    - nfp: provide a better warning when ring allocation fails
    - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already
      started
    - usb: chipidea: Fix otg event handler
    - mlxsw: spectrum: Init shaper for TCs 8..15
    - ARM: dts: am335x-evm: fix number of cpsw
    - f2fs: fix to recover inode's uid/gid during POR
    - ARM: dts: ux500: Correct SCU unit address
    - ARM: dts: ux500: Fix LCDA clock line muxing
    - ARM: dts: ste: Fix SPI controller node names
    - spi: pic32: Use proper enum in dmaengine_prep_slave_rg
    - cpufeature: avoid warning when compiling with clang
    - crypto: arm/crc32 - avoid warning when compiling with Clang
    - ARM: dts: marvell: Fix SPI and I2C bus warnings
    - x86/mce-inject: Reset injection struct after injection
    - ARM: dts: clearfog: fix sdhci supply property name
    - bnx2x: Ignore bandwidth attention in single function mode
    - samples/bpf: fix compilation failure
    - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
    - net: micrel: fix return type of ndo_start_xmit function
    - net: freescale: fix return type of ndo_start_xmit function
    - x86/CPU: Use correct macros for Cyrix calls
    - x86/CPU: Change query logic so CPUID is enabled before testing
    - MIPS: kexec: Relax memory restriction
    - arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
    - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
    - media: au0828: Fix incorrect error messages
    - media: davinci: Fix implicit enum conversion warning
    - ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
    - usb: gadget: uvc: configfs: Drop leaked references to config items
    - usb: gadget: uvc: configfs: Prevent format changes after linking header
    - i2c: aspeed: fix invalid clock parameters for very large divisors
    - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
    - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
    - phy: phy-twl4030-usb: fix denied runtime access
    - usb: gadget: uvc: Factor out video USB request queueing
    - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
    - coresight: Fix handling of sinks
    - coresight: perf: Fix per cpu path management
    - coresight: perf: Disable trace path upon source error
    - coresight: etm4x: Configure EL2 exception level when kernel is running in
      HYP
    - coresight: tmc: Fix byte-address alignment for RRP
    - misc: kgdbts: Fix restrict error
    - misc: genwqe: should return proper error value.
    - vfio/pci: Fix potential memory leak in vfio_msi_cap_len
    - vfio/pci: Mask buggy SR-IOV VF INTx support
    - scsi: libsas: always unregister the old device if going to discover new
    - phy: lantiq: Fix compile warning
    - ARM: dts: tegra30: fix xcvr-setup-use-fuses
    - ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
    - ARM: dts: paz00: fix wakeup gpio keycode
    - net: smsc: fix return type of ndo_start_xmit function
    - net: faraday: fix return type of ndo_start_xmit function
    - f2fs: fix to recover inode's project id during POR
    - f2fs: mark inode dirty explicitly in recover_inode()
    - EDAC: Raise the maximum number of memory controllers
    - ARM: dts: realview: Fix SPI controller node names
    - firmware: dell_rbu: Make payload memory uncachable
    - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto
      races
    - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
    - x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
    - crypto: s5p-sss: Fix Fix argument list alignment
    - crypto: fix a memory leak in rsa-kcs1pad's encryption mode
    - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug
      dump
    - iwlwifi: api: annotate compressed BA notif array sizes
    - iwlwifi: mvm: Allow TKIP for AP mode
    - scsi: NCR5380: Clear all unissued commands on host reset
    - scsi: NCR5380: Have NCR5380_select() return a bool
    - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
    - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
    - scsi: NCR5380: Check for invalid reselection target
    - scsi: NCR5380: Don't clear busy flag when abort fails
    - scsi: NCR5380: Don't call dsprintk() following reselection interrupt
    - scsi: NCR5380: Handle BUS FREE during reselection
    - scsi: NCR5380: Check for bus reset
    - arm64: dts: amd: Fix SPI bus warnings
    - arm64: dts: lg: Fix SPI controller node names
    - ARM: dts: lpc32xx: Fix SPI controller node names
    - rtc: armada38x: fix possible race condition
    - netfilter: masquerade: don't flush all conntracks if only one address
      deleted on device
    - usb: xhci-mtk: fix ISOC error when interval is zero
    - fuse: use READ_ONCE on congestion_threshold and max_background
    - IB/iser: Fix possible NULL deref at iser_inv_desc()
    - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
    - memfd: Use radix_tree_deref_slot_protected to avoid the warning.
    - slcan: Fix memory leak in error path
    - ipmr: Fix skb headroom in ipmr_get_route().
    - IB/hfi1: Use a common pad buffer for 9B and 16B packets
    - net: ethernet: dwmac-sun8i: Use the correct function in exit path
    - mm: mempolicy: fix the wrong return value and potential pages leak of mbind
    - scsi: bfa: use proper time accessor for stats_reset_time
    - y2038: make do_gettimeofday() and get_seconds() inline
    - ARM: dts: rcar: Correct SATA device sizes to 2 MiB
    - ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
    - ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
    - i40evf: Validate the number of queues a PF sends
    - i40evf: set IFF_UNICAST_FLT flag for the VF
    - i40evf: cancel workqueue sync for adminq when a VF is removed
    - IB/rxe: avoid back-to-back retries
    - brcmfmac: fix wrong strnchr usage
    - mtd: rawnand: fsl_ifc: check result of SRAM initialization
    - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
    - rtnetlink: move type calculation out of loop
    - udf: Fix crash during mount
    - sched/debug: Explicitly cast sched_feat() to bool
    - usb: mtu3: disable vbus rise/fall interrupts of ltssm
    - dmaengine: at_xdmac: remove a stray bottom half unlock
    - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
    - scsi: qla2xxx: Fix deadlock between ATIO and HW lock
    - scsi: qla2xxx: Fix port speed display on chip reset
    - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
    - net: aquantia: fix hw_atl_utils_fw_upload_dwords
    - ALSA: hda: Fix implicit definition of pci_iomap() on SH
    - net: bcmgenet: Fix speed selection for reverse MII
    - arm64: dts: broadcom: Fix I2C and SPI bus warnings
    - ARM: dts: bcm: Fix SPI bus warnings
    - ARM: dts: aspeed: Fix I2C bus warnings
    - ARM: dts: sunxi: Fix I2C bus warnings
    - ARM: dts: sun9i: Fix I2C bus warnings
    - arm64: fix for bad_mode() handler to always result in panic
    - netfilter: nf_tables: avoid BUG_ON usage
    - media: vsp1: Fix YCbCr planar formats pitch calculation
    - PCI: mediatek: Fix unchecked return value
    - ARM: dts: xilinx: Fix I2C and SPI bus warnings
    - ipmi_si_pci: fix NULL device in ipmi_si error message
    - ipmi_si: fix potential integer overflow on large shift
    - net: cavium: fix return type of ndo_start_xmit function
    - net: ibm: fix return type of ndo_start_xmit function
    - selftests/powerpc: Do not fail with reschedule
    - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
    - s390/zcrypt: enable AP bus scan without a valid default domain
    - s390/vdso: avoid 64-bit vdso mapping for compat tasks
    - brcmsmac: allocate ucode with GFP_KERNEL
    - brcmsmac: Use kvmalloc() for ucode allocations
    - EDAC: Correct DIMM capacity unit symbol
    - gpiolib: Fix gpio_direction_* for single direction GPIOs
    - arm64: dts: fsl: Fix I2C and SPI bus warnings
    - ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
    - f2fs: update i_size after DIO completion
    - RDMA: Fix dependencies for rdma_user_mmap_io
    - crypto: s5p-sss: Fix race in error handling
    - iwlwifi: pcie: gen2: build A-MSDU only for GSO
    - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
    - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
    - s390/vdso: correct vdso mapping for compat tasks
  * Bionic update: upstream stable patchset 2019-11-21 (LP: #1853519)
    - bonding: fix state transition issue in link monitoring
    - CDC-NCM: handle incomplete transfer of MTU
    - ipv4: Fix table id reference in fib_sync_down_addr
    - net: ethernet: octeon_mgmt: Account for second possible VLAN header
    - net: fix data-race in neigh_event_send()
    - net: qualcomm: rmnet: Fix potential UAF when unregistering
    - net: usb: qmi_wwan: add support for DW5821e with eSIM support
    - NFC: fdp: fix incorrect free object
    - nfc: netlink: fix double device reference drop
    - NFC: st21nfca: fix double free
    - qede: fix NULL pointer deref in __qede_remove()
    - ALSA: timer: Fix incorrectly assigned timer instance
    - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite
      Saffire Pro i/o series
    - ALSA: hda/ca0132 - Fix possible workqueue stall
    - mm: thp: handle page cache THP correctly in PageTransCompoundMap
    - mm, vmstat: hide /proc/pagetypeinfo from normal users
    - dump_stack: avoid the livelock of the dump_lock
    - tools: gpio: Use !building_out_of_srctree to determine srctree
    - perf tools: Fix time sorting
    - drm/radeon: fix si_enable_smc_cac() failed issue
    - HID: wacom: generic: Treat serial number and related fields as unsigned
    - arm64: Do not mask out PTE_RDONLY in pte_same()
    - ceph: fix use-after-free in __ceph_remove_cap()
    - ceph: add missing check in d_revalidate snapdir handling
    - iio: adc: stm32-adc: fix stopping dma
    - iio: imu: adis16480: make sure provided frequency is positive
    - iio: srf04: fix wrong limitation in distance measuring
    - netfilter: nf_tables: Align nft_expr private data to 64-bit
    - netfilter: ipset: Fix an error code in ip_set_sockfn_get()
    - intel_th: pci: Add Comet Lake PCH support
    - intel_th: pci: Add Jasper Lake PCH support
    - can: usb_8dev: fix use-after-free on disconnect
    - can: c_can: c_can_poll(): only read status register after status IRQ
    - can: peak_usb: fix a potential out-of-sync while decoding packets
    - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid
      skb mem leak
    - can: gs_usb: gs_can_open(): prevent memory leak
    - can: mcba_usb: fix use-after-free on disconnect
    - can: peak_usb: fix slab info leak
    - configfs: stash the data we need into configfs_buffer at open time
    - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts
    - configfs: new object reprsenting tree fragments
    - configfs: provide exclusion between IO and removals
    - configfs: fix a deadlock in configfs_symlink()
    - usb: dwc3: Allow disabling of metastability workaround
    - mfd: palmas: Assign the right powerhold mask for tps65917
    - ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes
    - ARM: dts: dra7: Disable USB metastability workaround for USB2
    - [Config] updateconfigs for SGL_ALLOC
    - lib/scatterlist: Introduce sgl_alloc() and sgl_free()
    - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path
    - usbip: Implement SG support to vhci-hcd and stub driver
    - PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
    - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config
    - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring()
    - RDMA/qedr: Fix reported firmware version
    - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq
    - scsi: qla2xxx: fixup incorrect usage of host_byte
    - RDMA/uverbs: Prevent potential underflow
    - net: openvswitch: free vport unless register_netdevice() succeeds
    - scsi: lpfc: Honor module parameter lpfc_use_adisc
    - scsi: qla2xxx: Initialized mailbox to prevent driver load failure
    - ipvs: don't ignore errors in case refcounting ip_vs module fails
    - ipvs: move old_secure_tcp into struct netns_ipvs
    - bonding: fix unexpected IFF_BONDING bit unset
    - macsec: fix refcnt leak in module exit routine
    - usb: fsl: Check memory resource before releasing it
    - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode.
    - usb: gadget: composite: Fix possible double free memory bug
    - usb: gadget: configfs: fix concurrent issue between composite APIs
    - usb: dwc3: remove the call trace of USBx_GFLADJ
    - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise
      RIP validity
    - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h)
    - USB: Skip endpoints with 0 maxpacket length
    - USB: ldusb: use unsigned size format specifiers
    - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case
    - scsi: qla2xxx: stop timer in shutdown path
    - fjes: Handle workqueue allocation failure
    - net: hisilicon: Fix "Trying to free already-free IRQ"
    - hv_netvsc: Fix error handling in netvsc_attach()
    - NFSv4: Don't allow a cached open with a revoked delegation
    - net: ethernet: arc: add the missed clk_disable_unprepare
    - igb: Fix constant media auto sense switching when no cable is connected
    - e1000: fix memory leaks
    - x86/apic: Move pending interrupt check code into it's own function
    - x86/apic: Drop logical_smp_processor_id() inline
    - x86/apic/32: Avoid bogus LDR warnings
    - can: flexcan: disable completely the ECC mechanism
    - mm/filemap.c: don't initiate writeback if mapping has no dirty pages
    - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is
      dead
    - usbip: Fix free of unallocated memory in vhci tx
    - net: prevent load/store tearing on sk->sk_stamp
    - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
    - x86/cpu: Add Tremont to the cpu vulnerability whitelist
    - Documentation: Add ITLB_MULTIHIT documentation
    - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path
    - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges
    - mm, meminit: recalculate pcpu batch and high limits after init completes
    - SMB3: Fix persistent handles reconnect
    - dmaengine: sprd: Fix the possible memory leak issue
    - iw_cxgb4: fix ECN check on the passive accept
    - perf/x86/uncore: Fix event group support
    - usbip: tools: Fix read_usb_vudc_device() error path handling
    - RDMA/hns: Prevent memory leaks of eq->buf_list
    - drm/amdgpu: If amdgpu_ib_schedule fails return back the error.
    - drm/amd/display: Passive DP->HDMI dongle detection fix
    - pinctrl: intel: Initialize GPIO properly when used through irqchip
    - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode
    - pinctrl: cherryview: Fix irq_valid_mask calculation
    - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
    - vsock/virtio: fix sock refcnt holding during the shutdown
  * Bionic update: upstream stable patchset 2019-11-19 (LP: #1853208)
    - arm64: dts: Fix gpio to pinmux mapping
    - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
    - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe()
      could be uninitialized
    - ASoC: wm_adsp: Don't generate kcontrols without READ flags
    - ASoc: rockchip: i2s: Fix RPM imbalance
    - ARM: dts: logicpd-torpedo-som: Remove twl_keypad
    - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable()
    - ARM: mm: fix alignment handler faults under memory pressure
    - scsi: scsi_dh_alua: handle RTPG sense code correctly during state
      transitions
    - scsi: sni_53c710: fix compilation error
    - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
    - ARM: dts: imx7s: Correct GPT's ipg clock source
    - perf c2c: Fix memory leak in build_cl_output()
    - perf kmem: Fix memory leak in compact_gfp_flags()
    - ARM: davinci: dm365: Fix McBSP dma_slave_map entry
    - scsi: target: core: Do not overwrite CDB byte 1
    - ARM: 8926/1: v7m: remove register save to stack before svc
    - of: unittest: fix memory leak in unittest_data_add
    - MIPS: bmips: mark exception vectors as char arrays
    - i2c: stm32f7: remove warning when compiling with W=1
    - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
    - nbd: handle racing with error'ed out commands
    - cxgb4: fix panic when attaching to ULD fail
    - dccp: do not leak jiffies on the wire
    - net: annotate accesses to sk->sk_incoming_cpu
    - net: annotate lockless accesses to sk->sk_napi_id
    - net: dsa: bcm_sf2: Fix IMP setup for port different than 8
    - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum
    - net: fix sk_page_frag() recursion from memory reclaim
    - net: hisilicon: Fix ping latency when deal with high throughput
    - net/mlx4_core: Dynamically set guaranteed amount of counters per VF
    - selftests: net: reuseport_dualstack: fix uninitalized parameter
    - udp: fix data-race in udp_set_dev_scratch()
    - net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
    - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget
    - net: dsa: b53: Do not clear existing mirrored port mask
    - net: usb: lan78xx: Connect PHY before registering MAC
    - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2
    - net: dsa: fix switch tree list
    - net: bcmgenet: reset 40nm EPHY on energy detect
    - net: add skb_queue_empty_lockless()
    - udp: use skb_queue_empty_lockless()
    - net: use skb_queue_empty_lockless() in poll() handlers
    - net: use skb_queue_empty_lockless() in busy poll contexts
    - vxlan: check tun_info options_len properly
    - erspan: fix the tun_info options_len check for erspan
    - inet: stop leaking jiffies on the wire
    - net/flow_dissector: switch to siphash
    - kbuild: use -fmacro-prefix-map to make __FILE__ a relative path
    - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI
      table
    - iio: adc: stm32-adc: move registers definitions
    - powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
    - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
    - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
    - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc
    - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay
    - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay
    - scsi: qla2xxx: fix a potential NULL pointer dereference
    - irqchip/gic-v3-its: Use the exact ITSList for VMOVP
    - netns: fix GFP flags in rtnl_net_notifyid()
    - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq()
    - wireless: Skip directory when generating certificates
    - ASoC: pcm3168a: The codec does not support S32_LE
    - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending
      driver fails

[ Ubuntu: 4.15.0-72.81 ]

* bionic/linux: 4.15.0-72.81 -proposed tracker (LP: #1854027)
  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
    (LP: #1853326)
    - Revert "arm64: Use firmware to detect CPUs that are not affected by
      Spectre-v2"
    - Revert "arm64: Get rid of __smccc_workaround_1_hvc_*"
  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX2 and
    Kunpeng920 (LP: #1852723)
    - SAUCE: arm64: capabilities: Move setup_boot_cpu_capabilities() call to
      correct place

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Thu, 12 Dec 2019 16:15:46 -0300

Changed in linux-azure (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Marcelo Cerri (mhcerri) on 2020-01-09

Changed in linux-azure (Ubuntu Disco):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-02-03:

Download full text (22.7 KiB)

This bug was fixed in the package linux-azure - 5.0.0-1029.31~18.04.1

---------------
linux-azure (5.0.0-1029.31~18.04.1) bionic; urgency=medium

* bionic/linux-azure: 5.0.0-1029.31~18.04.1 -proposed tracker (LP: #1858533)

[ Ubuntu: 5.0.0-1029.31 ]

This bug was fixed in the package linux-azure - 5.0.0-1029.31~18.04.1

---------------
linux-azure (5.0.0-1029.31~18.04.1) bionic; urgency=medium

* bionic/linux-azure: 5.0.0-1029.31~18.04.1 -proposed tracker (LP: #1858533)

[ Ubuntu: 5.0.0-1029.31 ]

* disco/linux-azure: 5.0.0-1029.31 -proposed tracker (LP: #1858534)
  * [linux-azure] SAUCE patch to "Fix skb protocol value in tpacket_fill_skb()"
    (LP: #1855461)
    - SAUCE: af_packet: Fix skb protocol value in tpacket_fill_skb()
  *  Integrate Intel SGX driver into linux-azure (LP: #1844245)
    - SAUCE: linux-azure: Include Intel SGX driver to the main modules package
    - [Packaging] linux-azure: Prevent intel_sgx from being automatically loaded
  * disco/linux: 5.0.0-39.43 -proposed tracker (LP: #1858547)
  * [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
    (LP: #1856608)
    - SAUCE: Revert "usb: handle warm-reset port requests on hub resume"
  * PAN is broken for execute-only user mappings on ARMv8 (LP: #1858815)
    - arm64: Revert support for execute-only user mappings
  * Fix unusable USB hub on Dell TB16 after S3 (LP: #1855312)
    - SAUCE: USB: core: Make port power cycle a seperate helper function
    - SAUCE: USB: core: Attempt power cycle port when it's in eSS.Disabled state
  * [sas-1126]scsi: hisi_sas: Fix out of bound at debug_I_T_nexus_reset()
    (LP: #1853992)
    - scsi: hisi_sas: Fix out of bound at debug_I_T_nexus_reset()
  * [sas-1126]scsi: hisi_sas: Assign NCQ tag for all NCQ commands (LP: #1853995)
    - scsi: hisi_sas: Assign NCQ tag for all NCQ commands
  * [sas-1126]scsi: hisi_sas: Fix the conflict between device gone and host
    reset (LP: #1853997)
    - scsi: hisi_sas: Fix the conflict between device gone and host reset
  * scsi: hisi_sas: Check sas_port before using it (LP: #1855952)
    - scsi: hisi_sas: Check sas_port before using it
  * CVE-2019-18885
    - btrfs: refactor btrfs_find_device() take fs_devices as argument
    - btrfs: merge btrfs_find_device and find_device
  *  Integrate Intel SGX driver into linux-azure (LP: #1844245)
    - [Packaging] Add systemd service to load intel_sgx
  * [SRU][B/OEM-B/OEM-OSP1/D/E/F] Add LG I2C touchscreen multitouch support
    (LP: #1857541)
    - SAUCE: HID: multitouch: Add LG MELF0410 I2C touchscreen support
  * cifs: DFS Caching feature causing problems traversing multi-tier DFS setups
    (LP: #1854887)
    - cifs: Fix retrieval of DFS referrals in cifs_mount()
  * qede driver causes 100% CPU load (LP: #1855409)
    - qede: Handle infinite driver spinning for Tx timestamp.
  * [roce-1126]RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
    (LP: #1853989)
    - RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
    - RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
  * [roce-1126]RDMA/hns: Fixs hw access invalid dma memory error (LP: #1853990)
    - RDMA/hns: Fixs hw access invalid dma memory error
  * [hns-1126]net: hns3: revert to old channel when setting new channel num fail
    (LP: #1853983)
    - net: hns3: revert to old channel when setting new channel num fail
  * [hns-1126]net: hns3: fix port setting handle for fibre port
    (LP: #1853984)
    - net: hns3: fix port setting handle for fibre port
  * [hns-1126] net: hns: add support for vlan TSO (LP: #1853937)
    - net: hns: add support for vlan TSO
  * [hns-1126]net: hns3: fix flow control configure issue for fibre port
    (LP: #1853948)
    - net: hns3: fix flow control configure issue for fibre port
  * mce: ras:  When inject 1bit ecc error,  there is no mce log recorded in the
    dmesg (LP: #1857413)
    - RAS/CEC: Increment cec_entered under the mutex lock
    - RAS/CEC: Check count_threshold unconditionally
  * efivarfs test in ubuntu_kernel_selftest failed on the second run
    (LP: #1809704)
    - selftests/efivarfs: clean up test files from test_create*()
  * CVE-2019-19082
    - drm/amd/display: prevent memory leak
  * CVE-2019-19078
    - ath10k: fix memory leak
  * CVE-2019-19077
    - RDMA: Fix goto target to release the allocated memory
  * Disco update: upstream stable patchset 2019-12-17 (LP: #1856754)
    - rsi: release skb if rsi_prepare_beacon fails
    - arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
    - sparc64: implement ioremap_uc
    - lp: fix sparc64 LPSETTIMEOUT ioctl
    - usb: gadget: u_serial: add missing port entry locking
    - tty: serial: fsl_lpuart: use the sg count from dma_map_sg
    - tty: serial: msm_serial: Fix flow control
    - serial: pl011: Fix DMA ->flush_buffer()
    - serial: serial_core: Perform NULL checks for break_ctl ops
    - serial: ifx6x60: add missed pm_runtime_disable
    - autofs: fix a leak in autofs_expire_indirect()
    - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
    - iwlwifi: pcie: don't consider IV len in A-MSDU
    - exportfs_decode_fh(): negative pinned may become positive without the parent
      locked
    - audit_get_nd(): don't unlock parent too early
    - NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
    - xfrm: release device reference for invalid state
    - Input: cyttsp4_core - fix use after free bug
    - sched/core: Avoid spurious lock dependencies
    - perf/core: Consistently fail fork on allocation failures
    - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
    - drm/sun4i: tcon: Set min division of TCON0_DCLK to 1.
    - selftests: kvm: fix build with glibc >= 2.30
    - rsxx: add missed destroy_workqueue calls in remove
    - net: ep93xx_eth: fix mismatch of request_mem_region in remove
    - i2c: core: fix use after free in of_i2c_notify
    - fuse: verify nlink
    - fuse: verify attributes
    - ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC
    - ALSA: pcm: oss: Avoid potential buffer overflows
    - ALSA: hda - Add mute led support for HP ProBook 645 G4
    - Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus
    - Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash
    - Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers
    - Input: goodix - add upside-down quirk for Teclast X89 tablet
    - coresight: etm4x: Fix input validation for sysfs.
    - Input: Fix memory leak in psxpad_spi_probe
    - x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all()
    - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
    - CIFS: Fix SMB2 oplock break processing
    - tty: vt: keyboard: reject invalid keycodes
    - can: slcan: Fix use-after-free Read in slcan_open
    - kernfs: fix ino wrap-around detection
    - jbd2: Fix possible overflow in jbd2_log_space_left()
    - drm/msm: fix memleak on release
    - drm/i810: Prevent underflow in ioctl
    - arm64: dts: exynos: Revert "Remove unneeded address space mapping for soc
      node"
    - KVM: arm/arm64: vgic: Don't rely on the wrong pending table
    - KVM: x86: do not modify masked bits of shared MSRs
    - KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
    - KVM: x86: Grab KVM's srcu lock when setting nested state
    - crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
    - crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize
    - crypto: af_alg - cast ki_complete ternary op to int
    - crypto: ccp - fix uninitialized list head
    - crypto: ecdh - fix big endian bug in ECC library
    - crypto: user - fix memory leak in crypto_report
    - spi: atmel: Fix CS high support
    - mwifiex: update set_mac_address logic
    - can: ucan: fix non-atomic allocation in completion handler
    - RDMA/qib: Validate ->show()/store() callbacks before calling them
    - iomap: Fix pipe page leakage during splicing
    - thermal: Fix deadlock in thermal thermal_zone_device_check
    - vcs: prevent write access to vcsu devices
    - binder: Fix race between mmap() and binder_alloc_print_pages()
    - binder: Handle start==NULL in binder_update_page_range()
    - ALSA: hda - Fix pending unsol events at shutdown
    - watchdog: aspeed: Fix clock behaviour for ast2600
    - perf script: Fix invalid LBR/binary mismatch error
    - xfs: add missing error check in xfs_prepare_shift()
    - KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
    - net: qrtr: fix memort leak in qrtr_tun_write_iter
    - appletalk: Fix potential NULL pointer dereference in unregister_snap_client
    - appletalk: Set error code if register_snap_client failed
    - time: Zero the upper 32-bits in __kernel_timespec on 32-bit
    - RDMA/hns: Correct the value of srq_desc_size
    - ecryptfs: fix unlink and rmdir in face of underlying fs modifications
    - x86/resctrl: Fix potential lockdep warning
    - ravb: implement MTU change while device is up
    - net: hns3: reallocate SSU' buffer size when pfc_en changes
    - net: hns3: fix ETS bandwidth validation bug
    - media: rc: mark input device as pointing stick
    - nfsd: Ensure CLONE persists data and metadata changes to the target file
    - drm: damage_helper: Fix race checking plane->state->fb
    - KVM: nVMX: Always write vmcs02.GUEST_CR3 during nested VM-Enter
    - crypto: geode-aes - switch to skcipher for cbc(aes) fallback
    - spi: stm32-qspi: Fix kernel oops when unbinding driver
    - spi: Fix SPI_CS_HIGH setting when using native and GPIO CS
    - spi: Fix NULL pointer when setting SPI_CS_HIGH for GPIO CS
    - EDAC/ghes: Fix locking and memory barrier issues
    - kselftest: Fix NULL INSTALL_PATH for TARGETS runlist
    - ALSA: hda: hdmi - fix pin setup on Tigerlake
  * Realtek ALC256M with DTS Audio Processing internal microphone doesn't work
    on Redmi Book 14 2019 (LP: #1846148) // Disco update: upstream stable
    patchset 2019-12-17 (LP: #1856754)
    - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
  * Disco update: upstream stable patchset 2019-12-12 (LP: #1856213)
    - clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate
    - clocksource/drivers/mediatek: Fix error handling
    - ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX
    - ASoC: compress: fix unsigned integer overflow check
    - reset: Fix memory leak in reset_control_array_put()
    - clk: samsung: exynos5433: Fix error paths
    - ASoC: kirkwood: fix external clock probe defer
    - ASoC: kirkwood: fix device remove ordering
    - clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume
    - pinctrl: cherryview: Allocate IRQ chip dynamic
    - ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts
    - reset: fix reset_control_ops kerneldoc comment
    - clk: at91: avoid sleeping early
    - clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup
    - clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18
    - ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend
    - samples/bpf: fix build by setting HAVE_ATTR_TEST to zero
    - powerpc/bpf: Fix tail call implementation
    - idr: Fix integer overflow in idr_for_each_entry
    - idr: Fix idr_alloc_u32 on 32-bit systems
    - x86/resctrl: Prevent NULL pointer dereference when reading mondata
    - clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call
    - clk: ti: clkctrl: Fix failed to enable error with double udelay timeout
    - net: fec: add missed clk_disable_unprepare in remove
    - bridge: ebtables: don't crash when using dnat target in output chains
    - can: peak_usb: report bus recovery as well
    - can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open
    - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb
      mem leak
    - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue
      beyond skb_queue_len_max
    - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on
      queue overflow or OOM
    - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate
      error value in case of errors
    - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error
    - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error
    - can: flexcan: increase error counters if skb enqueueing via
      can_rx_offload_queue_sorted() fails
    - can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race
      condition
    - watchdog: meson: Fix the wrong value of left time
    - ASoC: stm32: sai: add restriction on mmap support
    - scripts/gdb: fix debugging modules compiled with hot/cold partitioning
    - net: bcmgenet: use RGMII loopback for MAC reset
    - net: bcmgenet: reapply manual settings to the PHY
    - net: mscc: ocelot: fix __ocelot_rmw_ix prototype
    - ceph: return -EINVAL if given fsc mount option on kernel w/o support
    - net/fq_impl: Switch to kvmalloc() for memory allocation
    - mac80211: fix station inactive_time shortly after boot
    - block: drbd: remove a stray unlock in __drbd_send_protocol()
    - pwm: bcm-iproc: Prevent unloading the driver module while in use
    - clk: at91: fix update bit maps on CFG_MOR write
    - usb: dwc2: use a longer core rest timeout in dwc2_core_reset()
    - staging: rtl8192e: fix potential use after free
    - staging: rtl8723bs: Drop ACPI device ids
    - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids
    - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P
    - mei: bus: prefix device names on bus with the bus name
    - mei: me: add comet point V device id
    - thunderbolt: Power cycle the router if NVM authentication fails
    - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE
    - pwm: Clear chip_data in pwm_put()
    - media: atmel: atmel-isc: fix INIT_WORK misplacement
    - macvlan: schedule bc_work even if error
    - net: psample: fix skb_over_panic
    - openvswitch: fix flow command message size
    - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook
    - slip: Fix use-after-free Read in slip_open
    - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()
    - openvswitch: remove another BUG_ON()
    - selftests: bpf: test_sockmap: handle file creation failures gracefully
    - tipc: fix link name length check
    - sctp: cache netns in sctp_ep_common
    - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues
    - net: macb: add missed tasklet_kill
    - ext4: add more paranoia checking in ext4_expand_extra_isize handling
    - watchdog: sama5d4: fix WDD value to be always set to max
    - net: macb: Fix SUBNS increment and increase resolution
    - net: macb driver, check for SKBTX_HW_TSTAMP
    - mtd: rawnand: atmel: Fix spelling mistake in error message
    - mtd: rawnand: atmel: fix possible object reference leak
    - drm/atmel-hlcdc: revert shift by 8
    - mailbox: stm32_ipcc: add spinlock to fix channels concurrent access
    - tcp: exit if nothing to retransmit on RTO timeout
    - HID: core: check whether Usage Page item is after Usage ID items
    - crypto: stm32/hash - Fix hmac issue more than 256 bytes
    - media: stm32-dcmi: fix DMA corruption when stopping streaming
    - media: stm32-dcmi: fix check of pm_runtime_get_sync return value
    - hwrng: stm32 - fix unbalanced pm_runtime_enable
    - clk: stm32mp1: fix HSI divider flag
    - clk: stm32mp1: fix mcu divider table
    - clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks
    - clk: stm32mp1: parent clocks update
    - mailbox: mailbox-test: fix null pointer if no mmio
    - pinctrl: stm32: fix memory leak issue
    - ASoC: stm32: i2s: fix dma configuration
    - ASoC: stm32: i2s: fix 16 bit format support
    - ASoC: stm32: i2s: fix IRQ clearing
    - ASoC: stm32: sai: add missing put_device()
    - platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer
    - platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size
    - net: fec: fix clock count mis-match
    - net: separate out the msghdr copy from ___sys_{send,recv}msg()
    - XArray: Fix xas_next() with a single entry at 0
    - thunderbolt: Fix lockdep circular locking depedency warning
    - soundwire: intel: fix intel_register_dai PDI offsets and numbers
    - clk: samsung: exynos542x: Move G3D subsystem clocks to its sub-CMU
    - arm64: dts: ls1028a: fix a compatible issue
    - soc: imx: gpc: fix initialiser format
    - bpf: Change size to u64 for bpf_map_{area_alloc, charge_init}()
    - idr: Fix idr_get_next_ul race with idr_remove
    - fbdev: c2p: Fix link failure on non-inlining
    - ASoC: hdac_hda: fix race in device removal
    - x86/tsc: Respect tsc command line paraemeter for clocksource_tsc_early
    - perf scripting engines: Iterate on tep event arrays directly
    - nvme-rdma: fix a segmentation fault during module unload
    - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths
    - watchdog: pm8916_wdt: fix pretimeout registration flow
    - ALSA: hda: hdmi - add Tigerlake support
    - mm/gup_benchmark: fix MAP_HUGETLB case
    - drm/amdgpu: dont schedule jobs while in reset
    - net/mlx5e: Fix eswitch debug print of max fdb flow
    - drm/amdgpu: add warning for GRBM 1-cycle delay issue in gfx9
    - net: stmmac: gmac4: bitrev32 returns u32
    - net: stmmac: xgmac: Fix TSA selection
    - net: stmmac: xgmac: Disable Flow Control when 1 or more queues are in AV
    - mac80211: fix ieee80211_txq_setup_flows() failure path
    - ice: fix potential infinite loop because loop counter being too small
    - iavf: initialize ITRN registers with correct values
    - x86/fpu: Don't cache access to fpu_fpregs_owner_ctx
    - net/tls: take into account that bpf_exec_tx_verdict() may free the record
    - net/tls: free the record on encryption error
    - net: skmsg: fix TLS 1.3 crash with full sk_msg
    - selftests/tls: add a test for fragmented messages
    - net/tls: remove the dead inplace_crypto code
    - net/tls: use sg_next() to walk sg entries
    - selftests: bpf: correct perror strings
  * CVE-2019-19050
    - crypto: user - fix memory leak in crypto_reportstat
  * headphone has noise as not mute on dell machines with alc236/256
    (LP: #1854401)
    - SAUCE: ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
  * Disco update: upstream stable patchset 2019-12-03 (LP: #1855011)
    - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel
    - net/mlx4_en: fix mlx4 ethtool -N insertion
    - net/mlx4_en: Fix wrong limitation for number of TX rings
    - net: rtnetlink: prevent underflows in do_setvfinfo()
    - net/sched: act_pedit: fix WARN() in the traffic path
    - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key
    - sfc: Only cancel the PPS workqueue if it exists
    - net/mlx5e: Fix set vf link state error flow
    - net/mlxfw: Verify FSM error code translation doesn't exceed array size
    - net/mlx5: Fix auto group size calculation
    - vhost/vsock: split packets to send using multiple buffers
    - gpio: max77620: Fixup debounce delays
    - tools: gpio: Correctly add make dependencies for gpio_utils
    - nbd:fix memory leak in nbd_get_socket()
    - virtio_console: allocate inbufs in add_port() only if it is needed
    - Revert "fs: ocfs2: fix possible null-pointer dereferences in
      ocfs2_xa_prepare_entry()"
    - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node()
    - drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs
    - drm/i915/pmu: "Frequency" is reported as accumulated cycles
    - drm/i915/userptr: Try to acquire the page lock around set_page_dirty()
    - mwifiex: Fix NL80211_TX_POWER_LIMITED
    - Bluetooth: Fix invalid-free in bcsp_close()
    - ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe
    - ath9k_hw: fix uninitialized variable data
    - md/raid10: prevent access of uninitialized resync_pages offset
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span()
    - net: phy: dp83867: fix speed 10 in sgmii mode
    - net: phy: dp83867: increase SGMII autoneg timer duration
    - ARM: 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary
    - x86/insn: Fix awk regexp warnings
    - x86/speculation: Fix incorrect MDS/TAA mitigation status
    - x86/speculation: Fix redundant MDS mitigation message
    - nbd: prevent memory leak
    - futex: Prevent robust futex exit race
    - ALSA: usb-audio: Fix NULL dereference at parsing BADD
    - nfc: port100: handle command failure cleanly
    - media: vivid: Set vid_cap_streaming and vid_out_streaming to true
    - media: vivid: Fix wrong locking that causes race conditions on streaming
      stop
    - media: usbvision: Fix races among open, close, and disconnect
    - cpufreq: Add NULL checks to show() and store() methods of cpufreq
    - media: uvcvideo: Fix error path in control parsing failure
    - media: b2c2-flexcop-usb: add sanity checking
    - media: cxusb: detect cxusb_ctrl_msg error in query
    - media: imon: invalid dereference in imon_touch_event
    - virtio_ring: fix return code on DMA mapping fails
    - USBIP: add config dependency for SGL_ALLOC
    - usbip: tools: fix fd leakage in the function of read_attr_usbip_status
    - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit()
    - usb-serial: cp201x: support Mark-10 digital force gauge
    - USB: chaoskey: fix error case of a timeout
    - appledisplay: fix error handling in the scheduled work
    - USB: serial: mos7840: add USB ID to support Moxa UPort 2210
    - USB: serial: mos7720: fix remote wakeup
    - USB: serial: mos7840: fix remote wakeup
    - USB: serial: option: add support for DW5821e with eSIM support
    - USB: serial: option: add support for Foxconn T77W968 LTE modules
    - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error
    - net/tls: remove unused function tls_sw_sendpage_locked
    - net/tls: enable sk_msg redirect to tls socket egress
    - net/mlx5e: Fix error flow cleanup in mlx5e_tc_tun_create_header_ipv4/6
    - net/mlx5: Update the list of the PCI supported devices
    - net/mlx5: Update the list of the PCI supported devices
    - virtio_balloon: fix shrinker count
    - drm/amdgpu: disable gfxoff when using register read interface
    - Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues"
    - x86/xen/32: Make xen_iret_crit_fixup() independent of frame layout
    - x86/xen/32: Simplify ring check in xen_iret_crit_fixup()
    - x86/doublefault/32: Fix stack canaries in the double fault handler
    - x86/pti/32: Size initial_page_table correctly
    - x86/cpu_entry_area: Add guard page for entry stack on 32bit
    - selftests/x86/mov_ss_trap: Fix the SYSENTER test
    - selftests/x86/sigreturn/32: Invalidate DS and ES when abusing the kernel
    - x86/pti/32: Calculate the various PTI cpu_entry_area sizes correctly, make
      the CPU_ENTRY_AREA_PAGES assert precise
    - x86/entry/32: Fix FIXUP_ESPFIX_STACK with user CR3
    - media: usbvision: Fix invalid accesses after device disconnect
    - media: mceusb: fix out of bounds read in MCE receiver buffer
  * Miscellaneous Ubuntu changes
    - update dkms package versions

-- Khalid Elmously <khalid.elmously@canonical.com>  Tue, 14 Jan 2020 00:39:45 -0500

Changed in linux-azure (Ubuntu):
status:	New → Fix Released

Steve Langasek (vorlon) on 2020-07-02

Changed in linux-azure (Ubuntu Disco):
status:	Fix Committed → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

0001-af_packet-Fix-skb-protocol-value-in-tpacket_fill_skb.patch Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-azure package

[linux-azure] SAUCE patch to "Fix skb protocol value in tpacket_fill_skb()"

Bug Description

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
linux-azure package