Bionic update: upstream stable patchset 2021-03-16
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Kamal Mostafa |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2021-03-16
from git://git.
fgraph: Initialize tracing_graph_pause at task creation
tracing: Do not count ftrace events in top level enable output
tracing: Check length before giving out the filter buffer
arm/xen: Don't probe xenbus as part of an early initcall
MIPS: BMIPS: Fix section mismatch warning
arm64: dts: rockchip: Fix PCIe DT properties on rk3399
platform/x86: hp-wmi: Disable tablet-mode reporting by default
ovl: perform vfs_getxattr() with mounter creds
cap: fix conversions on getxattr
ovl: skip getxattr of security labels
ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
ARM: ensure the signal page contains defined contents
bpf: Check for integer overflow when using roundup_
netfilter: xt_recent: Fix attempt to update deleted entry
xen/netback: avoid race in xenvif_
netfilter: conntrack: skip identical origin tuple in same zone only
usb: dwc3: ulpi: fix checkpatch warning
usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
net/vmw_vsock: improve locking in vsock_connect_
net: watchdog: hold device global xmit lock during tx disable
vsock/virtio: update credit only if socket is not closed
vsock: fix locking in vsock_shutdown()
i2c: stm32f7: fix configuration of the digital filter
h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
x86/build: Disable CET instrumentation in the kernel for 32-bit too
trace: Use -mcount-record for dynamic ftrace
tracing: Fix SKIP_STACK_
tracing: Avoid calling cc-option -mrecord-mcount for every Makefile
Xen/x86: don't bail early from clear_foreign_
Xen/x86: also check kernel mapping in set_foreign_
Xen/gntdev: correct dev_bus_addr handling in gntdev_
Xen/gntdev: correct error checking in gntdev_
xen/arm: don't ignore return errors from set_phys_to_machine
xen-blkback: don't "handle" error by BUG()
xen-netback: don't "handle" error by BUG()
xen-scsiback: don't "handle" error by BUG()
xen-blkback: fix error handling in xen_blkbk_map()
scsi: qla2xxx: Fix crash during driver load on big endian machines
kvm: check tlbs_dirty directly
drm/amd/display: Free atomic state after drm_atomic_commit
riscv: virt_addr_valid must check the address belongs to linear mapping
ARM: kexec: fix oops after TLB are invalidated
net: hns3: add a check for queue_id in hclge_reset_
firmware_loader: align .builtin_fw to 8
net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
ovl: expand warning in ovl_d_real()
net: qrtr: Fix port ID for control messages
UBUNTU: upstream stable to v4.14.222, v4.19.177
HID: make arrays usage and value to be the same
usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable
ntfs: check for valid standard information attribute
arm64: tegra: Add power-domain for Tegra210 HDA
NET: usb: qmi_wwan: Adding support for Cinterion MV31
cifs: Set CIFS_MOUNT_
scripts/
vmlinux.lds.h: add DWARF v5 sections
kdb: Make memory allocations more robust
MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
random: fix the RNDRESEEDCRNG ioctl
Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function
Bluetooth: Fix initializing response id after clearing struct
ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
arm64: dts: exynos: correct PMIC interrupt trigger level on TM2
arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
cpufreq: brcmstb-
usb: gadget: u_audio: Free requests only after callback
Bluetooth: drop HCI device reference before return
Bluetooth: Put HCI device if inquiry procedure interrupts
ARM: dts: Configure missing thermal interrupt for 4430
usb: dwc2: Do not update data length if it is 0 on inbound transfers
usb: dwc2: Abort transaction after errors with unknown reason
usb: dwc2: Make "trimming xfer length" a debug message
staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules
arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
ARM: s3c: fix fiq for clang IAS
bpf_lru_list: Read double-checked variable once without lock
ath9k: fix data bus crash when setting nf_override via debugfs
bnxt_en: reverse order of TX disable and carrier off
xen/netback: fix spurious event detection for common event case
mac80211: fix potential overflow when multiplying to u32 integers
b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
ibmvnic: skip send_request_unmap for timeout reset
net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
net: amd-xgbe: Reset link when the link never comes back
net: mvneta: Remove per-cpu queue mapping for Armada 3700
fbdev: aty: SPARC64 requires FB_ATY_CT
drm/gma500: Fix error return code in psb_driver_load()
gma500: clean up error handling in init
crypto: sun4i-ss - fix kmap usage
MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
media: i2c: ov5670: Fix PIXEL_RATE minimum value
media: vsp1: Fix an error handling path in the probe function
media: media/pci: Fix memleak in empress_init
media: tm6000: Fix memleak in tm6000_start_stream
ASoC: cs42l56: fix up error handling in probe
crypto: bcm - Rename struct device_private to bcm_device_private
media: lmedm04: Fix misuse of comma
media: qm1d1c0042: fix error return code in qm1d1c0042_init()
media: cx25821: Fix a bug when reallocating some dma memory
media: pxa_camera: declare variable when DEBUG is defined
media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
ata: ahci_brcm: Add back regulators management
Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_
btrfs: clarify error returns values in __load_
hwrng: timeriomem - Fix cooldown period calculation
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
ima: Free IMA measurement buffer on error
ima: Free IMA measurement buffer after kexec syscall
fs/jfs: fix potential integer overflow on shift of a int
jffs2: fix use after free in jffs2_sum_
capabilities: Don't allow writing ambiguous v3 file capabilities
clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
quota: Fix memory leak when handling corrupted quota file
spi: cadence-quadspi: Abort read if dummy cycles required are too many
HID: core: detect and skip invalid inputs to snto32()
dmaengine: fsldma: Fix a resource leak in the remove function
dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function
dmaengine: hsu: disable spurious interrupt
mfd: bd9571mwv: Use devm_mfd_
fdt: Properly handle "no-map" field in the memory region
of/fdt: Make sure no-map does not remove already reserved regions
power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
rtc: s5m: select REGMAP_I2C
clocksource/
regulator: axp20x: Fix reference cout leak
certs: Fix blacklist flag type confusion
spi: atmel: Put allocated master before return
isofs: release buffer head before return
auxdisplay: ht16k33: Fix refresh rate handling
IB/umad: Return EIO in case of when device disassociated
powerpc/47x: Disable 256k page size
mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
amba: Fix resource leak for drivers without .remove
tracepoint: Do not fail unregistering a probe due to memory failure
perf tools: Fix DSO filtering when not finding a map for a sampled address
RDMA/rxe: Fix coding error in rxe_recv.c
spi: stm32: properly handle 0 byte transfer
mfd: wm831x-auxadc: Prevent use after free in wm831x_
powerpc/
powerpc/8xx: Fix software emulation interrupt
spi: pxa2xx: Fix the controller numbering for Wildcat Point
perf intel-pt: Fix missing CYC processing in PSB
perf test: Fix unaligned access in sample parsing test
Input: elo - fix an error code in elo_connect()
sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
misc: eeprom_93xx46: Fix module alias to enable module autoprobe
misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users
pwm: rockchip: rockchip_
VMCI: Use set_page_
PCI: Align checking of syscall user config accessors
drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
ext4: fix potential htree index checksum corruption
i40e: Fix flow for IPv6 next header (extension header)
i40e: Fix overwriting flow control settings during driver loading
net/mlx4_core: Add missed mlx4_free_
ocfs2: fix a use after free on error
mm/memory.c: fix potential pte_unmap_unlock pte error
mm/hugetlb: fix potential double free in hugetlb_
arm64: Add missing ISB after invalidating TLB in __primary_switch
i2c: brcmstb: Fix brcmstd_
mm/rmap: fix potential pte_unmap on an not mapped pte
scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
blk-settings: align max_sectors on "logical_
ACPI: property: Fix fwnode string properties matching
ACPI: configfs: add missing check after configfs_
HID: wacom: Ignore attempts to overwrite the touch_max value from HID
Input: raydium_ts_i2c - do not send zero length
Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
Input: joydev - prevent potential read overflow in ioctl
Input: i8042 - add ASUS Zenbook Flip to noselftest list
USB: serial: option: update interface mapping for ZTE P685M
usb: musb: Fix runtime PM race in musb_queue_
USB: serial: mos7840: fix error code in mos7840_write()
USB: serial: mos7720: fix error code in mos7720_write()
usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
ALSA: hda/realtek: modify EAPD in the ALC886
tpm_tis: Fix check_locality for correct locality acquisition
KEYS: trusted: Fix migratable=1 failing
btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
btrfs: fix reloc root leak with 0 ref reloc roots on recovery
btrfs: fix extent buffer leak on failure to copy root
crypto: sun4i-ss - checking sg length is not sufficient
crypto: sun4i-ss - handle BigEndian for cipher
seccomp: Add missing return in non-void function
drivers/
staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
x86/reboot: Force all cpus to exit VMX root if VMX is supported
floppy: reintroduce O_NDELAY fix
arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
watchdog: mei_wdt: request stop on unregister
mtd: spi-nor: hisi-sfc: Put child node np on error path
fs/affs: release old buffer head on error path
hugetlb: fix copy_huge_
mm: hugetlb: fix a race between freeing and dissolving the page
libnvdimm/dimm: Avoid race between probe and available_
module: Ignore _GLOBAL_
mmc: sdhci-esdhc-imx: fix kernel panic when remove module
gpio: pcf857x: Fix missing first interrupt
printk: fix deadlock when kernel panic
f2fs: fix out-of-repair __setattr_copy()
sparc32: fix a user-triggerable oops in clear_user()
gfs2: Don't skip dlm unlock if glock has an lvb
dm era: Recover committed writeset after crash
dm era: Verify the data block size hasn't changed
dm era: Fix bitset memory leaks
dm era: Use correct value size in equality function of writeset tree
dm era: Reinitialize bitset cache before digesting a new writeset
dm era: only resize metadata in preresume
icmp: introduce helper for nat'd source address in network device context
icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n
gtp: use icmp_ndo_send helper
sunvnet: use icmp_ndo_send helper
ipv6: icmp6: avoid indirect call for icmpv6_send()
ipv6: silence compilation warning for non-IPV6 builds
net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
dm era: Update in-core bitset after committing the metadata
USB: quirks: sort quirk entries
jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations
ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family
arm64: dts: allwinner: A64: properly connect USB PHY to port 0
arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card
arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz
memory: ti-aemif: Drop child node when jumping out loop
ibmvnic: add memory barrier to protect long term buffer
net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition
drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction.
crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error)
f2fs: fix to avoid inconsistent quota data
regulator: s5m8767: Drop regulators OF node reference
mmc: renesas_
RDMA/rxe: Correct skb on loopback path
i40e: Add zero-initialization of AQ command structures
i40e: Fix add TC filter for IPv6
r8169: fix jumbo packet handling on RTL8168e
USB: serial: ftdi_sio: fix FTX sub-integer prescaler
crypto: arm64/sha - add missing module aliases
misc: rtsx: init of rts522a add OCP power off when no card is present
seq_file: document how per-entry resources are managed.
x86: fix seq_file iteration for pat/memtype.c
UBUNTU: upstream stable to v4.14.223, v4.19.178
CVE References
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux - 4.15.0-143.147
---------------
linux (4.15.0-143.147) bionic; urgency=medium
* bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811)
* CVE-2021-29650
- netfilter: x_tables: Use correct memory barriers.
* LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key ,--nvidia- N} sync back from LRMv4
(LP: #1918134)
- [Packaging] dkms-build{
* Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) //
CVE-2021-28688
- xen-blkback: don't leak persistent grants from xen_blkbk_map()
* CVE-2021-20292
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
* CVE-2021-29264
- gianfar: fix jumbo packets+napi+rx overrun crash
* CVE-2021-29265 store() races leading to gpf
- usbip: fix stub_dev usbip_sockfd_
* Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
- bcache: consider the fragmentation when update the writeback rate
* Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124) and_free_ page contig page struct assumption for_shift( ) name/interrupt- names/ thread_ worker( ) loc_assoc_ final_data
- net: usb: qmi_wwan: support ZTE P685M modem
- scripts: use pkg-config to locate libcrypto
- scripts: set proper OpenSSL include dir also for sign-file
- hugetlb: fix update_
- drm/virtio: use kvmalloc for large allocations
- virtio/s390: implement virtio-ccw revision 2 correctly
- arm64 module: set plt* section addresses to 0x0
- arm64: Avoid redundant type conversions in xchg() and cmpxchg()
- arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
- arm64: Use correct ll/sc atomic constraints
- JFS: more checks for invalid superblock
- media: mceusb: sanity check for prescaler value
- xfs: Fix assert failure in xfs_setattr_size()
- smackfs: restrict bytes count in smackfs write functions
- net: fix up truesize of cloned skb in skb_prepare_
- mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
- net: bridge: use switchdev for port flags set through sysfs too
- dt-bindings: net: btusb: DT fix s/interrupt-
- staging: fwserial: Fix error handling in fwserial_create
- x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
- vt/consolemap: do font sum unsigned
- wlcore: Fix command execute failure 19 for wl12xx
- pktgen: fix misuse of BUG_ON() in pktgen_
- ath10k: fix wmi mgmt tx queue full due to race condition
- x86/build: Treat R_386_PLT32 relocation as R_386_PC32
- Bluetooth: Fix null pointer dereference in amp_read_
- staging: most: sound: add sanity check for function argument
- media: uvcvideo: Allow entities with no pads
- f2fs: handle unallocated section and zone on pinned/atgc
- parisc: Bump 64-bit IRQ stack size to 64 KB
- Xen/gnttab: handle p2m update errors on a per-slot basis
- xen-netback: respect gnttab_map_refs()'s return value
- zsmalloc: account the number of compacted pages correctly
- swap: fix swapfile read/write offset
- media: v4l: ioctl: Fix memory leak in video_usercopy
- PCI: Add a REBAR size quirk for S...