Xenial update: 4.4.217 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
4.4.217 upstream stable release
from git://git.
Linux 4.4.217
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
signal: avoid double atomic counter increments for user accounting
net: ks8851-ml: Fix IRQ handling and locking
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Only read OGM tvlv_len after buffer len check
batman-adv: Reduce tt_global hash refcnt only for removed entry
batman-adv: Reduce tt_local hash refcnt only for removed entry
batman-adv: Reduce claim hash refcnt only for removed entry
batman-adv: Prevent duplicated tvlv handler
batman-adv: Prevent duplicated global TT entry
batman-adv: Prevent duplicated nc_node entry
batman-adv: Prevent duplicated gateway_node entry
batman-adv: Avoid storing non-TT-sync flags on singular entries too
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix skbuff rcsum on packet reroute
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_
batman-adv: fix TT sync flag inconsistencies
batman-adv: Fix rx packet/bytes stats on local ARP reply
batman-adv: Fix transmission of final, 16th fragment
batman-adv: Fix double free during fragment merge error
batman-adv: Add missing refcnt for last_candidate
batman-adv: Fix speedy join in gateway client mode
batman-adv: Free last_bonding_
batman-adv: Fix reference leak in batadv_find_router
batman-adv: Fix non-atomic bla_claim:
batman-adv: lock crc access in bridge loop avoidance
batman-adv: Fix orig_node_vlan leak on orig_node_release
batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
batman-adv: Clean up untagged vlan when destroying via rtnl-link
batman-adv: Fix ICMP RR ethernet access after skb_linearize
batman-adv: Fix use-after-
batman-adv: fix skb deref after free
batman-adv: Avoid duplicate neigh_node additions
batman-adv: Fix reference counting of vlan object for tt_local_entry
batman-adv: Drop reference to netdevice on last reference
batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
batman-adv: init neigh node last seen field
batman-adv: Fix integer overflow in batadv_
batman-adv: Fix unexpected free of bcast_own on add_if error
batman-adv: Avoid endless loop in bat-on-bat netdevice check
batman-adv: Only put orig_node_vlan list reference when removed
batman-adv: Only put gw_node list reference when removed
batman-adv: Fix invalid read while copying bat_iv.bcast_own
efi: Add a sanity check to efivar_store_raw()
ipv6: restrict IPV6_ADDRFORM operation
mwifiex: Fix heap overflow in mmwifiex_
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for critical protocol indication
iommu/vt-d: Fix a bug in intel_iommu_
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
drm/amd/display: remove duplicated assignment to grph_obj_type
iommu/vt-d: quirk_ioat_
net: fq: add missing attribute validation for orphan mask
bonding/alb: make sure arp header is pulled before accessing it
slip: make slhc_compress() more robust against malicious packets
net: fec: validate the new settings in fec_enet_
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
bnxt_en: reinitialize IRQs when MTU is modified
net: nfc: fix bounds checking bugs on "pipe"
r8152: check disconnect status after long sleep
NFS: Remove superfluous kmap in nfs_readdir_
CVE References
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Xenial): | |
status: | New → Fix Committed |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
Skipped: process_ tdls_action_ frame() (Stefan applied that as a SAUCE patch, but it's basically identical)
- mwifiex: Fix heap overflow in mmwifiex_