This bug was fixed in the package linux-aws-5.4 - 5.4.0-1075.80~18.04.1 --------------- linux-aws-5.4 (5.4.0-1075.80~18.04.1) bionic; urgency=medium * bionic/linux-aws-5.4: 5.4.0-1075.80~18.04.1 -proposed tracker (LP: #1973945) [ Ubuntu: 5.4.0-1075.80 ] * focal/linux-aws: 5.4.0-1075.80 -proposed tracker (LP: #1973946) * focal/linux: 5.4.0-113.127 -proposed tracker (LP: #1973980) * CVE-2022-29581 - net/sched: cls_u32: fix netns refcount changes in u32_change() * CVE-2022-1116 - io_uring: fix fs->users overflow * ext4: limit length to bitmap_maxbytes (LP: #1972281) - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (LP: #1972740) - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE [ Ubuntu: 5.4.0-1073.78 ] * focal/linux-aws: 5.4.0-1073.78 -proposed tracker (LP: #1969020) * Packaging resync (LP: #1786013) - debian/dkms-versions -- update from kernel-versions (main/2022.03.21) * focal/linux: 5.4.0-110.124 -proposed tracker (LP: #1969053) * net/mlx5e: Fix page DMA map/unmap attributes (LP: #1967292) - net/mlx5e: Fix page DMA map/unmap attributes * xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename() (LP: #1966803) - xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename() * LRMv6: add multi-architecture support (LP: #1968774) - [Packaging] resync dkms-build{,--nvidia-N} * xfrm interface cannot be changed anymore (LP: #1968591) - xfrm: fix the if_id check in changelink * Use kernel-testing repo from launchpad for ADT tests (LP: #1968016) - [Debian] Use kernel-testing repo from launchpad * vmx_ldtr_test in ubuntu_kvm_unit_tests failed (FAIL: Expected 0 for L1 LDTR selector (got 50)) (LP: #1956315) - KVM: nVMX: Set LDTR to its architecturally defined value on nested VM-Exit * [SRU][Regression] Revert "PM: ACPI: reboot: Use S5 for reboot" which causes Bus Fatal Error when rebooting system with BCM5720 NIC (LP: #1917471) - Revert "PM: ACPI: reboot: Use S5 for reboot" * Focal update: v5.4.181 upstream stable release (LP: #1967582) - Makefile.extrawarn: Move -Wunaligned-access to W=1 - HID:Add support for UGTABLET WP5540 - Revert "svm: Add warning message for AVIC IPI invalid target" - serial: parisc: GSC: fix build when IOSAPIC is not set - parisc: Drop __init from map_pages declaration - parisc: Fix data TLB miss in sba_unmap_sg - parisc: Fix sglist access in ccio-dma.c - btrfs: send: in case of IO error log it - platform/x86: ISST: Fix possible circular locking dependency detected - selftests: rtc: Increase test timeout so that all tests run - net: ieee802154: at86rf230: Stop leaking skb's - selftests/zram: Skip max_comp_streams interface on newer kernel - selftests/zram01.sh: Fix compression ratio calculation - selftests/zram: Adapt the situation that /dev/zram0 is being used - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - nvme: fix a possible use-after-free in controller reset during load - nvme-tcp: fix possible use-after-free in transport error_recovery work - nvme-rdma: fix possible use-after-free in transport error_recovery work - drm/amdgpu: fix logic inversion in check - Revert "module, async: async_synchronize_full() on module init iff async is used" - ftrace: add ftrace_init_nop() - module/ftrace: handle patchable-function-entry - arm64: module: rework special section handling - arm64: module/ftrace: intialize PLT at load time - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - ext4: check for out-of-order index extents in ext4_valid_extent_entries() - ext4: check for inconsistent extents between index and leaf block - ext4: prevent partial update of the extent blocks - taskstats: Cleanup the use of task->exit_code - dmaengine: at_xdmac: Start transfer for cyclic channels in issue_pending - vsock: remove vsock from connected table when connect is interrupted by a signal - mmc: block: fix read single on recovery logic - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - netfilter: nft_synproxy: unregister hooks on init error path - net: dsa: lan9303: fix reset on probe - net: ieee802154: ca8210: Fix lifs/sifs periods - ping: fix the dif and sdif check in ping_lookup - bonding: force carrier update when releasing slave - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - powerpc/lib/sstep: fix 'ptesync' build error - mtd: rawnand: gpmi: don't leak PM reference in error path - block/wbt: fix negative inflight counter when remove scsi device - NFS: LOOKUP_DIRECTORY is also ok with symlinks - NFS: Do not report writeback errors in nfs_getattr() - mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() - mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - dmaengine: sh: rcar-dmac: Check for error num after setting mask - copy_process(): Move fd_install() out of sighand->siglock critical section - i2c: brcmstb: fix support for DSL and CM variants - Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - ARM: OMAP2+: hwmod: Add of_node_put() before break - ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of - irqchip/sifive-plic: Add missing thead,c900-plic match string - netfilter: conntrack: don't refresh sctp entries in closed state - arm64: dts: meson-gx: add ATF BL32 reserved-memory region - arm64: dts: meson-g12: add ATF BL32 reserved-memory region - arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 - kconfig: let 'shell' return enough output for deep path names - ata: libata-core: Disable TRIM on M88V29 - drm/rockchip: dw_hdmi: Do not leave clock enabled in error case - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - net: macb: Align the dma and coherent dma masks - kconfig: fix failing to generate auto.conf - Linux 5.4.181 * Focal update: v5.4.180 upstream stable release (LP: #1966118) - integrity: check the return value of audit_log_start() - ima: Remove ima_policy file before directory - ima: Allow template selection with ima_template[_fmt]= after ima_hash= - ima: Do not print policy rule with inactive LSM labels - mmc: sdhci-of-esdhc: Check for error num after setting mask - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSD: Fix offset type in I/O trace points - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer - net: sched: Clarify error message when qdisc kind is unknown - scsi: target: iscsi: Make sure the np under each tpg is unique - scsi: qedf: Fix refcount issue when LOGO is received during TMF - scsi: myrs: Fix crash in error case - PM: hibernate: Remove register_nosave_region_late() - usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER - riscv: fix build with binutils 2.38 - ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group - ARM: socfpga: fix missing RESET_CONTROLLER - nvme-tcp: fix bogus request completion when failing to send AER - ACPI/IORT: Check node revision for PMCG resources - PM: s2idle: ACPI: Fix wakeup interrupts handling - net: bridge: fix stale eth hdr pointer in br_dev_xmit - perf probe: Fix ppc64 'perf probe add events failed' case - ARM: dts: meson: Fix the UART compatible strings - staging: fbtft: Fix error path in fbtft_driver_module_init() - ARM: dts: imx6qdl-udoo: Properly describe the SD card detect - usb: f_fs: Fix use-after-free for epfile - misc: fastrpc: avoid double fput() on failed usercopy - ixgbevf: Require large buffers for build_skb on 82599VF - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - nfp: flower: fix ida_idx not being released - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - veth: fix races around rq->rx_notify_masked - net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE - tipc: rate limit warning for received illegal binding update - net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - usb: ulpi: Move of_node_put to ulpi_dev_release - usb: ulpi: Call of_node_put correctly - usb: dwc3: gadget: Prevent core from processing stale TRBs - usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition - USB: gadget: validate interface OS descriptor requests - usb: gadget: rndis: check size of RNDIS_MSG_SET command - usb: gadget: f_uac2: Define specific wTerminalType - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - hwmon: (dell-smm) Speed up setting of fan speed - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled - perf: Fix list corruption in perf_cgroup_switch() - Linux 5.4.180 * Focal update: v5.4.179 upstream stable release (LP: #1965591) - moxart: fix potential use-after-free on remove path - Linux 5.4.179 * CVE-2020-27820 - drm/nouveau: Add a dedicated mutex for the clients list - drm/nouveau: clean up all clients on device removal * CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * CVE-2022-27223 - USB: gadget: validate endpoint index for xilinx udc * CVE-2022-26490 - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD - x86/speculation: Update link to AMD speculation whitepaper - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting * focal/linux: 5.4.0-109.123 -proposed tracker (LP: #1968290) * USB devices not detected during boot on USB 3.0 hubs (LP: #1968210) - SAUCE: Revert "Revert "xhci: Set HCD flag to defer primary roothub registration"" - SAUCE: Revert "Revert "usb: core: hcd: Add support for deferring roothub registration"" -- Joseph Salisbury