This bug was fixed in the package linux-snapdragon - 4.4.0-1067.72 --------------- linux-snapdragon (4.4.0-1067.72) xenial; urgency=low * linux-snapdragon: 4.4.0-1067.72 -proposed tracker (LP: #1705566) * sock_recvmsg has dropped size argument (LP: #1701697) - Packaging: Breaks yet another iscsitarget-dkms version linux-snapdragon (4.4.0-1066.71) xenial; urgency=low * linux-snapdragon: 4.4.0-1066.71 -proposed tracker (LP: #1704989) [ Ubuntu: 4.4.0-87.110 ] * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982) * CVE-2017-1000364 - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev * CIFS causes oops (LP: #1704857) - CIFS: Fix null pointer deref during read resp processing - CIFS: Fix some return values in case of error in 'crypt_message' linux-snapdragon (4.4.0-1065.70) xenial; urgency=low * linux-snapdragon: 4.4.0-1065.70 -proposed tracker (LP: #1703999) * sock_recvmsg has dropped size argument (LP: #1701697) - Packaging: Breaks unfixed iscsitarget versions [ Ubuntu: 4.4.0-86.109 ] * linux: 4.4.0-86.109 -proposed tracker (LP: #1703995) * sock_recvmsg has dropped size argument (LP: #1701697) - Packaging: Breaks unfixed iscsitarget versions [ Ubuntu: 4.4.0-85.108 ] * linux: 4.4.0-85.108 -proposed tracker (LP: #1702103) * [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635) - SAUCE: hv: make clocksource available for PTP device supporting - Drivers: hv: util: Use hv_get_current_tick() to get current tick - hv_util: switch to using timespec64 - hv_utils: implement Hyper-V PTP source - Drivers: hv: util: Fix a typo - Drivers: hv: util: don't forget to init host_ts.lock - hv_utils: drop .getcrosststamp() support from PTP driver - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts linux-snapdragon (4.4.0-1064.69) xenial; urgency=low * linux-snapdragon: 4.4.0-1064.69 -proposed tracker (LP: #1701027) [ Ubuntu: 4.4.0-84.107 ] * linux: 4.4.0-84.107 -proposed tracker (LP: #1701024) * Can't disable USB port from BIOS (LP: #1695216) - SAUCE: xhci: AMD Promontory USB disable port support * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651) - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device * CIFS: Enable encryption for SMB3 (LP: #1670508) - Revert "Handle mismatched open calls" - Revert "Call echo service immediately after socket reconnect" - cifs: Make echo interval tunable - Prepare for encryption support (first part). Add decryption and encryption key generation. Thanks to Metze for helping with this. - [net] drop 'size' argument of sock_recvmsg() - cifs: merge the hash calculation helpers - cifs: no need to wank with copying and advancing iovec on recvmsg side either - cifs: don't bother with kmap on read_pages side - cifs_readv_receive: use cifs_read_from_socket() - Fix memory leaks in cifs_do_mount() - SMB3: Add mount parameter to allow user to override max credits - SMB2: Separate Kerberos authentication from SMB2_sess_setup - SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup - SMB3: parsing for new snapshot timestamp mount parm - cifs: Simplify SMB2 and SMB311 dependencies - cifs: Only select the required crypto modules - cifs: Add soft dependencies - CIFS: Separate SMB2 header structure - CIFS: Make SendReceive2() takes resp iov - CIFS: Make send_cancel take rqst as argument - CIFS: Send RFC1001 length in a separate iov - CIFS: Separate SMB2 sync header processing - CIFS: Separate RFC1001 length processing for SMB2 read - CIFS: Add capability to transform requests before sending - CIFS: Enable encryption during session setup phase - CIFS: Encrypt SMB3 requests before sending - CIFS: Add transform header handling callbacks - CIFS: Add mid handle callback - CIFS: Add copy into pages callback for a read operation - CIFS: Decrypt and process small encrypted packets - CIFS: Add capability to decrypt big read responses - CIFS: Allow to switch on encryption with seal mount option - CIFS: Fix possible use after free in demultiplex thread - Call echo service immediately after socket reconnect - Handle mismatched open calls * CVE-2017-9150 - bpf: don't let ldimm64 leak map addresses on unprivileged * CVE-2015-8944 - Make file credentials available to the seqfile interfaces - /proc/iomem: only expose physical resource addresses to privileged users * Xenial update to 4.4.73 stable release (LP: #1698817) - s390/vmem: fix identity mapping - partitions/msdos: FreeBSD UFS2 file systems are not recognized - ARM: dts: imx6dl: Fix the VDD_ARM_CAP voltage for 396MHz operation - staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out memory. - net: xilinx_emaclite: fix freezes due to unordered I/O - net: xilinx_emaclite: fix receive buffer overflow - ipv6: Handle IPv4-mapped src to in6addr_any dst. - ipv6: Inhibit IPv4-mapped src address on the wire. - NET: Fix /proc/net/arp for AX.25 - NET: mkiss: Fix panic - net: hns: Fix the device being used for dma mapping during TX - sierra_net: Skip validating irrelevant fields for IDLE LSIs - sierra_net: Add support for IPv6 and Dual-Stack Link Sense Indications - i2c: piix4: Fix request_region size - ipv6: Fix IPv6 packet loss in scenarios involving roaming + snooping switches - PM / runtime: Avoid false-positive warnings from might_sleep_if() - jump label: pass kbuild_cflags when checking for asm goto support - kasan: respect /proc/sys/kernel/traceoff_on_warning - log2: make order_base_2() behave correctly on const input value zero - ethtool: do not vzalloc(0) on registers dump - fscache: Fix dead object requeue - fscache: Clear outstanding writes when disabling a cookie - FS-Cache: Initialise stores_lock in netfs cookie - ipv6: fix flow labels when the traffic class is non-0 - drm/nouveau: prevent userspace from deleting client object - drm/nouveau/fence/g84-: protect against concurrent access to semaphore buffers - gianfar: synchronize DMA API usage by free_skb_rx_queue w/ gfar_new_page - pinctrl: berlin-bg4ct: fix the value for "sd1a" of pin SCRD0_CRD_PRES - net: adaptec: starfire: add checks for dma mapping errors - parisc, parport_gsc: Fixes for printk continuation lines - drm/nouveau: Don't enabling polling twice on runtime resume - drm/ast: Fixed system hanged if disable P2A - ravb: unmap descriptors when freeing rings - nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED" - r8152: re-schedule napi for tx - r8152: fix rtl8152_post_reset function - r8152: avoid start_xmit to schedule napi when napi is disabled - sctp: sctp_addr_id2transport should verify the addr before looking up assoc - romfs: use different way to generate fsid for BLOCK or MTD - proc: add a schedule point in proc_pid_readdir() - tipc: ignore requests when the connection state is not CONNECTED - xtensa: don't use linux IRQ #0 - s390/kvm: do not rely on the ILC on kvm host protection fauls - sparc64: make string buffers large enough - Linux 4.4.73 * Xenial update to 4.4.72 stable release (LP: #1698799) - bnx2x: Fix Multi-Cos - ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() - cxgb4: avoid enabling napi twice to the same queue - tcp: disallow cwnd undo when switching congestion control - vxlan: fix use-after-free on deletion - ipv6: Fix leak in ipv6_gso_segment(). - net: ping: do not abuse udp_poll() - net: ethoc: enable NAPI before poll may be scheduled - net: bridge: start hello timer only if device is up - sparc64: mm: fix copy_tsb to correctly copy huge page TSBs - sparc: Machine description indices can vary - sparc64: reset mm cpumask after wrap - sparc64: combine activate_mm and switch_mm - sparc64: redefine first version - sparc64: add per-cpu mm of secondary contexts - sparc64: new context wrap - sparc64: delete old wrap code - arch/sparc: support NR_CPUS = 4096 - serial: ifx6x60: fix use-after-free on module unload - ptrace: Properly initialize ptracer_cred on fork - KEYS: fix dereferencing NULL payload with nonzero length - KEYS: fix freeing uninitialized memory in key_update() - crypto: gcm - wait for crypto op not signal safe - drm/amdgpu/ci: disable mclk switching for high refresh rates (v2) - nfsd4: fix null dereference on replay - nfsd: Fix up the "supattr_exclcreat" attributes - kvm: async_pf: fix rcu_irq_enter() with irqs enabled - KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation - arm: KVM: Allow unaligned accesses at HYP - KVM: async_pf: avoid async pf injection when in guest mode - dmaengine: usb-dmac: Fix DMAOR AE bit definition - dmaengine: ep93xx: Always start from BASE0 - xen/privcmd: Support correctly 64KB page granularity when mapping memory - xen-netfront: do not cast grant table reference to signed short - xen-netfront: cast grant table reference first to type int - ext4: fix SEEK_HOLE - ext4: keep existing extra fields when inode expands - ext4: fix fdatasync(2) after extent manipulation operations - usb: gadget: f_mass_storage: Serialize wake and sleep execution - usb: chipidea: udc: fix NULL pointer dereference if udc_start failed - usb: chipidea: debug: check before accessing ci_role - staging/lustre/lov: remove set_fs() call from lov_getstripe() - iio: light: ltr501 Fix interchanged als/ps register field - iio: proximity: as3935: fix AS3935_INT mask - drivers: char: random: add get_random_long() - random: properly align get_random_int_hash - stackprotector: Increase the per-task stack canary's random range from 32 bits to 64 bits on 64-bit platforms - cpufreq: cpufreq_register_driver() should return -ENODEV if init fails - target: Re-add check to reject control WRITEs with overflow data - drm/msm: Expose our reservation object when exporting a dmabuf. - Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled - cpuset: consider dying css as offline - fs: add i_blocksize() - ufs: restore proper tail allocation - fix ufs_isblockset() - ufs: restore maintaining ->i_blocks - ufs: set correct ->s_maxsize - ufs_extend_tail(): fix the braino in calling conventions of ufs_new_fragments() - ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path - cxl: Fix error path on bad ioctl - btrfs: use correct types for page indices in btrfs_page_exists_in_range - btrfs: fix memory leak in update_space_info failure path - KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages - scsi: qla2xxx: don't disable a not previously enabled PCI device - powerpc/eeh: Avoid use after free in eeh_handle_special_event() - powerpc/numa: Fix percpu allocations to be NUMA aware - powerpc/hotplug-mem: Fix missing endian conversion of aa_index - perf/core: Drop kernel samples even though :u is specified - drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() - drm/vmwgfx: Make sure backup_handle is always valid - drm/nouveau/tmr: fully separate alarm execution/pending lists - ALSA: timer: Fix race between read and ioctl - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT - ASoC: Fix use-after-free at card unregistration - drivers: char: mem: Fix wraparound check to allow mappings up to the end - tty: Drop krefs for interrupted tty lock - serial: sh-sci: Fix panic when serial console and DMA are enabled - mm: consider memblock reservations for deferred memory initialization sizing - NFS: Ensure we revalidate attributes before using execute_ok() - NFSv4: Don't perform cached access checks before we've OPENed the file - Make __xfs_xattr_put_listen preperly report errors. - arm64: hw_breakpoint: fix watchpoint matching for tagged pointers - arm64: entry: improve data abort handling of tagged pointers - RDMA/qib,hfi1: Fix MR reference count leak on write with immediate - usercopy: Adjust tests to deal with SMAP/PAN - arm64: armv8_deprecated: ensure extension of addr - arm64: ensure extension of smp_store_release value - Linux 4.4.72 * Xenial update to 4.4.71 stable release (LP: #1697001) - sparc: Fix -Wstringop-overflow warning - s390/qeth: handle sysfs error during initialization - s390/qeth: unbreak OSM and OSN support - s390/qeth: avoid null pointer dereference on OSN - tcp: avoid fragmenting peculiar skbs in SACK - sctp: fix src address selection if using secondary addresses for ipv6 - tcp: eliminate negative reordering in tcp_clean_rtx_queue - net: Improve handling of failures on link and route dumps - bridge: netlink: check vlan_default_pvid range - qmi_wwan: add another Lenovo EM74xx device ID - bridge: start hello_timer when enabling KERNEL_STP in br_stp_start - be2net: Fix offload features for Q-in-Q packets - virtio-net: enable TSO/checksum offloads for Q-in-Q vlans - tcp: avoid fastopen API to be used on AF_UNSPEC - sctp: fix ICMP processing if skb is non-linear - ipv4: add reference counting to metrics - netem: fix skb_orphan_partial() - net: phy: marvell: Limit errata to 88m1101 - vlan: Fix tcp checksum offloads in Q-in-Q vlans - i2c: i2c-tiny-usb: fix buffer not being DMA capable - mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read - HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference - scsi: mpt3sas: Force request partial completion alignment - drm/radeon/ci: disable mclk switching for high refresh rates (v2) - drm/radeon: Unbreak HPD handling for r600+ - pcmcia: remove left-over %Z format - ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430 - slub/memcg: cure the brainless abuse of sysfs attributes - drm/gma500/psb: Actually use VBT mode when it is found - mm/migrate: fix refcount handling when !hugepage_migration_supported() - mlock: fix mlock count can not decrease in race condition - xfs: Fix missed holes in SEEK_HOLE implementation - xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() - xfs: fix over-copying of getbmap parameters from userspace - xfs: handle array index overrun in xfs_dir2_leaf_readbuf() - xfs: prevent multi-fsb dir readahead from reading random blocks - xfs: fix up quotacheck buffer list error handling - xfs: support ability to wait on new inodes - xfs: update ag iterator to support wait on new inodes - xfs: wait on new inodes during quotaoff dquot release - xfs: fix indlen accounting error on partial delalloc conversion - xfs: bad assertion for delalloc an extent that start at i_size - xfs: fix unaligned access in xfs_btree_visit_blocks - xfs: in _attrlist_by_handle, copy the cursor back to userspace - xfs: only return -errno or success from attr ->put_listent - Linux 4.4.71 * CVE-2017-7346 - drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() * Power button does not work on Latitude 7480 (LP: #1697116) - intel-hid: Remove duplicated acpi_remove_notify_handler - platform/x86: intel-hid: Support 5 button array * CVE-2017-9074 - ipv6: Check ip6_find_1stfragopt() return value properly. * CVE-2014-9900 - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() -- Thadeu Lima de Souza Cascardo