Groovy update: upstream stable patchset 2021-03-12

Bug #1918987 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Groovy
Fix Released
Medium
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2021-03-12

                Ported from the following upstream stable releases:
                        v5.4.96, v5.10.14,
                        v5.4.97, v5.10.15

       from git://git.kernel.org/

net: fec: put child node on error path
net: octeontx2: Make sure the buffer is 128 byte aligned
stmmac: intel: Configure EHL PSE0 GbE and PSE1 GbE to 32 bits DMA addressing
net: dsa: bcm_sf2: put device node before return
net: switchdev: don't set port_obj_info->handled true when -EOPNOTSUPP
ibmvnic: Ensure that CRQ entry read are correctly ordered
iommu/io-pgtable-arm: Support coherency for Mali LPAE
drm/panfrost: Support cache-coherent integrations
arm64: dts: meson: Describe G12b GPU as coherent
arm64: Fix kernel address detection of __is_lm_address()
arm64: Do not pass tagged addresses to __is_lm_address()
ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD
iommu/vt-d: Do not use flush-queue when caching-mode is on
phy: cpcap-usb: Fix warning for missing regulator_disable
tools/power/x86/intel-speed-select: Set scaling_max_freq to base_frequency
tools/power/x86/intel-speed-select: Set higher of cpuinfo_max_freq or base_frequency
platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet
platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352
locking/lockdep: Avoid noinstr warning for DEBUG_LOCKDEP
x86: __always_inline __{rd,wr}msr()
scsi: scsi_transport_srp: Don't block target in failfast state
scsi: libfc: Avoid invoking response handler twice if ep is already completed
scsi: fnic: Fix memleak in vnic_dev_init_devcmd2
ALSA: hda - add Intel DG1 PCI and HDMI ids
ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid
ALSA: hda: Add AlderLake-P PCI ID and HDMI codec vid
objtool: Don't add empty symbols to the rbtree
mac80211: fix incorrect strlen of .write in debugfs
mac80211: fix fast-rx encryption check
scsi: ibmvfc: Set default timeout to avoid crash during migration
i2c: tegra: Create i2c_writesl_vi() to use with VI I2C for filling TX FIFO
udf: fix the problem that the disc content is not displayed
nvme: check the PRINFO bit before deciding the host buffer length
nvme-rdma: avoid request double completion for concurrent nvme_rdma_timeout
nvme-tcp: avoid request double completion for concurrent nvme_tcp_timeout
nvme-pci: allow use of cmb on v1.4 controllers
nvmet: set right status on error in id-ns handler
platform/x86: thinkpad_acpi: Add P53/73 firmware to fan_quirk_table for dual fan control
selftests/powerpc: Only test lwm/stmw on big endian
drm/amd/display: Update dram_clock_change_latency for DCN2.1
drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping
drm/amd/display: Use hardware sequencer functions for PG control
objtool: Don't fail the kernel build on fatal errors
x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family
x86/cpu: Add another Alder Lake CPU to the Intel family
kthread: Extract KTHREAD_IS_PER_CPU
workqueue: Restrict affinity change to rescuer
Revert "Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT""
ACPI: thermal: Do not call acpi_thermal_check() directly
UBUNTU: upstream stable to v5.4.96, v5.10.14
USB: serial: cp210x: add pid/vid for WSDA-200-USB
USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
USB: serial: option: Adding support for Cinterion MV31
usb: host: xhci-plat: add priv quirk for skip PHY initialization
usb: host: xhci: mvebu: make USB 3.0 PHY optional for Armada 3720
USB: gadget: legacy: fix an error code in eth_bind()
usb: gadget: aspeed: add missing of_node_put
USB: usblp: don't call usb_set_interface if there's a single alt
usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
usb: dwc2: Fix endpoint direction check in ep_from_windex
usb: dwc3: fix clock issue during resume in OTG mode
usb: xhci-mtk: fix unreleased bandwidth data
usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints
usb: xhci-mtk: break loop when find the endpoint to drop
ARM: OMAP1: OSK: fix ohci-omap breakage
arm64: dts: qcom: c630: keep both touchpad devices enabled
arm64: dts: amlogic: meson-g12: Set FL-adj property value
arm64: dts: rockchip: fix vopl iommu irq on px30
arm64: dts: rockchip: Use only supported PCIe link speed on Pinebook Pro
ARM: dts: stm32: Connect card-detect signal on DHCOM
ARM: dts: stm32: Disable WP on DHCOM uSD slot
um: virtio: free vu_dev only with the contained struct device
arm64: dts: meson: switch TFLASH_VDD_EN pin to open drain on Odroid-C4
r8169: work around RTL8125 UDP hw bug
rxrpc: Fix deadlock around release of dst cached on udp tunnel
arm64: dts: ls1046a: fix dcfg address range
SUNRPC: Fix NFS READs that start at non-page-aligned offsets
igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr
igc: check return value of ret_val in igc_config_fc_after_link_up
i40e: Revert "i40e: don't report link up for a VF who hasn't enabled queues"
ibmvnic: device remove has higher precedence over reset
net/mlx5: Fix leak upon failure of rule creation
net/mlx5e: Update max_opened_tc also when channels are closed
net/mlx5e: Release skb in case of failure in tc update skb
net: lapb: Copy the skb before sending a packet
net: mvpp2: TCAM entry enable should be written after SRAM data
r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set
net: ipa: pass correct dma_handle to dma_free_coherent()
ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode
nvmet-tcp: fix out-of-bounds access when receiving multiple h2cdata PDUs
memblock: do not start bottom-up allocations with kernel_end
ovl: fix dentry leak in ovl_get_redirect
mac80211: fix station rate table updates on assoc
gpiolib: free device name on error path to fix kmemleak
fgraph: Initialize tracing_graph_pause at task creation
tracing/kprobe: Fix to support kretprobe events on unloaded modules
kretprobe: Avoid re-registration of the same kretprobe earlier
tracing: Use pause-on-trace with the latency tracers
libnvdimm/namespace: Fix visibility of namespace resource attribute
libnvdimm/dimm: Avoid race between probe and available_slots_show()
genirq: Prevent [devm_]irq_alloc_desc from returning irq 0
genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
scripts: use pkg-config to locate libcrypto
xhci: fix bounce buffer usage for non-sg list case
RISC-V: Define MAXPHYSMEM_1GB only for RV32
cifs: report error instead of invalid when revalidating a dentry fails
iommu: Check dev->iommu in dev_iommu_priv_get() before dereferencing it
smb3: Fix out-of-bounds bug in SMB2_negotiate()
smb3: fix crediting for compounding when only one request in flight
mmc: sdhci-pltfm: Fix linking err for sdhci-brcmstb
mmc: core: Limit retries when analyse of SDIO tuples fails
Fix unsynchronized access to sev members through svm_register_enc_region
drm/i915/display: Prevent double YUV range correction on HDR planes
drm/i915: Extract intel_ddi_power_up_lanes()
drm/i915: Power up combo PHY lanes for for HDMI as well
drm/amd/display: Revert "Fix EDID parsing after resume from suspend"
nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
KVM: SVM: Treat SVM as unsupported when running as an SEV guest
KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
KVM: x86: fix CPUID entries returned by KVM_GET_CPUID2 ioctl
KVM: x86: Update emulator context mode if SYSENTER xfers to 64-bit mode
DTS: ARM: gta04: remove legacy spi-cs-high to make display work again
ARM: dts; gta04: SPI panel chip select is active low
ARM: footbridge: fix dc21285 PCI configuration accessors
mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
mm: hugetlb: fix a race between freeing and dissolving the page
mm: hugetlb: fix a race between isolating and freeing page
mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
mm, compaction: move high_pfn to the for loop scope
mm: thp: fix MADV_REMOVE deadlock on shmem THP
mm/filemap: add missing mem_cgroup_uncharge() to __add_to_page_cache_locked()
x86/build: Disable CET instrumentation in the kernel
x86/debug: Fix DR6 handling
x86/debug: Prevent data breakpoints on __per_cpu_offset
x86/debug: Prevent data breakpoints on cpu_dr7
x86/apic: Add extra serialization for non-serializing MSRs
Input: goodix - add support for Goodix GT9286 chip
Input: xpad - sync supported devices with fork on GitHub
Input: ili210x - implement pressure reporting for ILI251x
md: Set prev_flush_start and flush_bio in an atomic way
neighbour: Prevent a dead entry from updating gc_list
net: ip_tunnel: fix mtu calculation
udp: ipv4: manipulate network header of NATed UDP GRO fraglist
net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
net: sched: replaced invalid qdisc tree flush helper in qdisc_replace
iwlwifi: mvm: don't send RFH_QUEUE_CONFIG_CMD with no queues
UBUNTU: upstream stable to v5.4.97, v5.10.15

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Groovy):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
description: updated
Changed in linux (Ubuntu Groovy):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 5.8.0-53.60

---------------
linux (5.8.0-53.60) groovy; urgency=medium

  * CVE-2021-3491
    - io_uring: fix provide_buffers sign extension
    - io_uring: fix overflows checks in provide buffers
    - SAUCE: proc: Avoid mixing integer types in mem_rw()
    - SAUCE: io_uring: truncate lengths larger than MAX_RW_COUNT on provide
      buffers

  * CVE-2021-3490
    - bpf: Fix a verifier failure with xor
    - SAUCE: bpf: verifier: fix ALU32 bounds tracking with bitwise ops

  * CVE-2021-3489
    - SAUCE: bpf: ringbuf: deny reserve of buffers larger than ringbuf
    - SAUCE: bpf: prevent writable memory-mapping of read-only ringbuf pages

 -- Stefan Bader <email address hidden> Thu, 06 May 2021 07:43:20 +0200

Changed in linux (Ubuntu Groovy):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.