Ubuntu
linux package

Bionic update: upstream stable patchset 2022-05-06

Bug #1972006 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Bionic
Fix Released
Medium
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2022-05-06

                Ported from the following upstream stable releases:
                        v4.14.275

       from git://git.kernel.org/

UBUNTU: [Config] updateconfigs for ARM64_ERRATUM_1188873
arm64: arch_timer: Add workaround for ARM erratum 1188873
arm64: arch_timer: avoid unused function warning
arm64: Add silicon-errata.txt entry for ARM erratum 1188873
arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT
arm64: Add part number for Neoverse N1
arm64: Add part number for Arm Cortex-A77
arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
arm64: Add Cortex-X2 CPU part definition
arm64: entry.S: Add ventry overflow sanity checks
arm64: entry: Make the trampoline cleanup optional
arm64: entry: Free up another register on kpti's tramp_exit path
arm64: entry: Move the trampoline data page before the text page
arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
arm64: entry: Don't assume tramp_vectors is the start of the vectors
arm64: entry: Move trampoline macros out of ifdef'd section
arm64: entry: Make the kpti trampoline's kpti sequence optional
Revert "arm64: mmu: add the entry trampolines start/end section markers into sections.h"
arm64: entry: Allow the trampoline text to occupy multiple pages
arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
UBUNTU: [Config] updateconfigs for MITIGATE_SPECTRE_BRANCH_HISTORY
arm64: entry: Add vectors that have the bhb mitigation sequences
arm64: entry: Add macro for reading symbol addresses from the trampoline
arm64: Add percpu vectors for EL1
arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
KVM: arm64: Add templates for BHB mitigation sequences
arm64: Mitigate spectre style branch history side channels
KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
arm64: add ID_AA64ISAR2_EL1 sys register
arm64: Use the clearbhb instruction in mitigations
UBUNTU: upstream stable to v4.14.275

See original description

CVE References

Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
description: updated
Changed in linux (Ubuntu Bionic):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Kamal Mostafa (kamalmostafa)
description: updated
Luke Nowakowski-Krijger (lukenow)
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.15.0-184.194

---------------
linux (4.15.0-184.194) bionic; urgency=medium

  * CVE-2022-1966
    - netfilter: nf_tables: disallow non-stateful expression in sets earlier

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 02 Jun 2022 15:36:51 -0300

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.