This bug was fixed in the package linux-raspi2 - 4.4.0-1150.161 --------------- linux-raspi2 (4.4.0-1150.161) xenial; urgency=medium * xenial/linux-raspi2: 4.4.0-1150.161 -proposed tracker (LP: #1922064) [ Ubuntu: 4.4.0-208.240 ] * xenial/linux: 4.4.0-208.240 -proposed tracker (LP: #1922069) * linux ADT test failure with linux/4.4.0-207.239 - ubuntu_qrt_kernel_security.test-kernel-security.py (LP: #1922200) // CVE-2018-5953 // CVE-2018-5995 // CVE-2018-7754 - SAUCE: Revert "printk: hash addresses printed with %p" * lxd 2.0.11-0ubuntu1~16.04.4 ADT test failure with linux 4.4.0-207.239 (LP: #1921969) - SAUCE: Fix fuse regression in 4.4.0-207.239 linux-raspi2 (4.4.0-1149.160) xenial; urgency=medium * xenial/linux-raspi2: 4.4.0-1149.160 -proposed tracker (LP: #1919553) * Xenial update: v4.4.257 upstream stable release (LP: #1916660) - [Config] raspi2: updateconfigs for ELFCORE * CVE-2017-5967 - [Config] raspi2: Dropped CONFIG_TIMER_STATS [ Ubuntu: 4.4.0-207.239 ] * xenial/linux: 4.4.0-207.239 -proposed tracker (LP: #1919558) * Xenial update: v4.4.262 upstream stable release (LP: #1920221) - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - can: flexcan: assert FRZ bit in flexcan_chip_freeze() - can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - cifs: return proper error code in statfs(2) - floppy: fix lock_fdc() signal handling - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - futex: Change locking rules - futex: Cure exit race - futex: fix dead code in attach_to_pi_owner() - net/mlx4_en: update moderation when config reset - net: lapbether: Remove netif_start_queue / netif_stop_queue - net: davicom: Fix regulator not turned off on failed probe - net: davicom: Fix regulator not turned off on driver removal - media: usbtv: Fix deadlock on suspend - mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()' - mmc: mediatek: fix race condition between msdc_request_timeout and irq - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset - PCI: xgene-msi: Fix race in installing chained irq handler - s390/smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - s390/dasd: fix hanging DASD driver unbind - mmc: core: Fix partition switch time for eMMC - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Goodix Fingerprint device is not a modem - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM - xhci: Improve detection of device initiated wake signal. - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - staging: comedi: addi_apci_1032: Fix endian problem for COS sample - staging: comedi: addi_apci_1500: Fix endian problem for command sample - staging: comedi: adv_pci1710: Fix endian problem for AI command data - staging: comedi: das6402: Fix endian problem for AI command data - staging: comedi: das800: Fix endian problem for AI command data - staging: comedi: dmm32at: Fix endian problem for AI command data - staging: comedi: me4000: Fix endian problem for AI command data - staging: comedi: pcl711: Fix endian problem for AI command data - staging: comedi: pcl818: Fix endian problem for AI command data - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - alpha: add $(src)/ rather than $(obj)/ to make source file path - alpha: merge build rules of division routines - alpha: make short build log available for division routines - alpha: Package string routines together - alpha: move exports to actual definitions - alpha: get rid of tail-zeroing in __copy_user() - alpha: switch __copy_user() and __do_clean_user() to normal calling conventions - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() - media: hdpvr: Fix an error handling path in hdpvr_probe() - KVM: arm64: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time - Linux 4.4.262 * Xenial update: v4.4.261 upstream stable release (LP: #1920218) - futex: fix irq self-deadlock and satisfy assertion - futex: fix spin_lock() / spin_unlock_irq() imbalance - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - dm table: fix iterate_devices based device capability checks - platform/x86: acer-wmi: Add new force_caps module parameter - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - Linux 4.4.261 * CVE-2019-19061 - iio: imu: adis16400: fix memory leak * CVE-2018-5953 // CVE-2018-5995 // CVE-2018-7754 - printk: hash addresses printed with %p * CVE-2017-5967 - time: Remove CONFIG_TIMER_STATS - [Config] Dropped CONFIG_TIMER_STATS * CVE-2019-16232 - libertas: fix a potential NULL pointer dereference * CVE-2015-1350 - xfs: Propagate dentry down to inode_change_ok() - fuse: Propagate dentry down to inode_change_ok() - fs: Give dentry to inode_change_ok() instead of inode - fs: Avoid premature clearing of capabilities * CVE-2018-13095 - xfs: More robust inode extent count validation * i40e PF reset due to incorrect MDD event (LP: #1772675) - i40e: change behavior on PF in response to MDD event * Xenial update: v4.4.260 upstream stable release (LP: #1918184) - futex: Ensure the correct return value from futex_lock_pi() - net: usb: qmi_wwan: support ZTE P685M modem - iwlwifi: pcie: fix to correct null check - mmc: sdhci-esdhc-imx: fix kernel panic when remove module - scripts: use pkg-config to locate libcrypto - scripts: set proper OpenSSL include dir also for sign-file - hugetlb: fix update_and_free_page contig page struct assumption - JFS: more checks for invalid superblock - xfs: Fix assert failure in xfs_setattr_size() - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - staging: fwserial: Fix error handling in fwserial_create - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - wlcore: Fix command execute failure 19 for wl12xx - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - staging: most: sound: add sanity check for function argument - media: uvcvideo: Allow entities with no pads - Xen/gnttab: handle p2m update errors on a per-slot basis - xen-netback: respect gnttab_map_refs()'s return value - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - Linux 4.4.260 * Xenial update: v4.4.259 upstream stable release (LP: #1918182) - HID: make arrays usage and value to be the same - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - xen-netback: delete NAPI instance when queue fails to initialize - ntfs: check for valid standard information attribute - igb: Remove incorrect "unexpected SYS WRAP" log message - scripts/recordmcount.pl: support big endian for ARCH sh - kdb: Make memory allocations more robust - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - Bluetooth: Fix initializing response id after clearing struct - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - usb: dwc2: Abort transaction after errors with unknown reason - usb: dwc2: Make "trimming xfer length" a debug message - ARM: s3c: fix fiq for clang IAS - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - fbdev: aty: SPARC64 requires FB_ATY_CT - drm/gma500: Fix error return code in psb_driver_load() - gma500: clean up error handling in init - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 - media: media/pci: Fix memleak in empress_init - media: tm6000: Fix memleak in tm6000_start_stream - ASoC: cs42l56: fix up error handling in probe - media: lmedm04: Fix misuse of comma - media: cx25821: Fix a bug when reallocating some dma memory - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - btrfs: clarify error returns values in __load_free_space_cache - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - HID: core: detect and skip invalid inputs to snto32() - dmaengine: fsldma: Fix a resource leak in the remove function - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined - regulator: axp20x: Fix reference cout leak - isofs: release buffer head before return - IB/umad: Return EIO in case of when device disassociated - powerpc/47x: Disable 256k page size - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() - powerpc/pseries/dlpar: handle ibm, configure-connector delay status - perf intel-pt: Fix missing CYC processing in PSB - perf test: Fix unaligned access in sample parsing test - Input: elo - fix an error code in elo_connect() - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set - misc: eeprom_93xx46: Fix module alias to enable module autoprobe - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users - VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors - block: Move SECTOR_SIZE and SECTOR_SHIFT definitions into - blk-settings: align max_sectors on "logical_block_size" boundary - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - Input: i8042 - add ASUS Zenbook Flip to noselftest list - USB: serial: option: update interface mapping for ZTE P685M - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - KEYS: trusted: Fix migratable=1 failing - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - x86/reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - mm: hugetlb: fix a race between freeing and dissolving the page - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() - libnvdimm/dimm: Avoid race between probe and available_slots_show() - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - gpio: pcf857x: Fix missing first interrupt - f2fs: fix out-of-repair __setattr_copy() - sparc32: fix a user-triggerable oops in clear_user() - gfs2: Don't skip dlm unlock if glock has an lvb - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - futex: Fix OWNER_DEAD fixup - dm era: Update in-core bitset after committing the metadata - Linux 4.4.259 * CVE-2019-16231 - fjes: Handle workqueue allocation failure * Xenial update: v4.4.258 upstream stable release (LP: #1916661) - tracing: Do not count ftrace events in top level enable output - fgraph: Initialize tracing_graph_pause at task creation - af_key: relax availability checks for skb size calculation - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap - iwlwifi: mvm: guard against device removal in reprobe - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header - SUNRPC: Handle 0 length opaque XDR object data properly - lib/string: Add strscpy_pad() function - include/trace/events/writeback.h: fix -Wstringop-truncation warnings - memcg: fix a crash in wb_workfn when a device disappears - squashfs: add more sanity checks in id lookup - squashfs: add more sanity checks in inode lookup - squashfs: add more sanity checks in xattr id lookup - memblock: do not start bottom-up allocations with kernel_end - netfilter: xt_recent: Fix attempt to update deleted entry - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined - usb: dwc3: ulpi: fix checkpatch warning - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net: watchdog: hold device global xmit lock during tx disable - vsock: fix locking in vsock_shutdown() - x86/build: Disable CET instrumentation in the kernel for 32-bit too - trace: Use -mcount-record for dynamic ftrace - tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord- mcount - tracing: Avoid calling cc-option -mrecord-mcount for every Makefile - Xen/x86: don't bail early from clear_foreign_p2m_mapping() - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() - Xen/gntdev: correct error checking in gntdev_map_grant_pages() - xen/arm: don't ignore return errors from set_phys_to_machine - xen-blkback: don't "handle" error by BUG() - xen-netback: don't "handle" error by BUG() - xen-scsiback: don't "handle" error by BUG() - xen-blkback: fix error handling in xen_blkbk_map() - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly - Linux 4.4.258 * Xenial update: v4.4.257 upstream stable release (LP: #1916660) - net_sched: reject silly cell_log in qdisc_get_rtab() - futex,rt_mutex: Provide futex specific rt_mutex API - futex: Remove rt_mutex_deadlock_account_*() - futex: Rework inconsistent rt_mutex/futex_q state - futex: Avoid violating the 10th rule of futex - futex: Replace pointless printk in fixup_owner() - futex: Provide and use pi_state_update_owner() - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() - futex: Use pi_state_update_owner() in put_pi_state() - futex: Simplify fixup_pi_state_owner() - futex: Handle faults correctly for PI futexes - usb: udc: core: Use lock when write to soft_connect - scsi: libfc: Avoid invoking response handler twice if ep is already completed - scsi: ibmvfc: Set default timeout to avoid crash during migration - stable: clamp SUBLEVEL in 4.4 and 4.9 - USB: serial: cp210x: add pid/vid for WSDA-200-USB - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 - USB: serial: option: Adding support for Cinterion MV31 - net: lapb: Copy the skb before sending a packet - [Config] updateconfigs for ELFCORE - ELF/MIPS build fix - elfcore: fix building with clang - USB: gadget: legacy: fix an error code in eth_bind() - USB: usblp: don't call usb_set_interface if there's a single alt - usb: dwc2: Fix endpoint direction check in ep_from_windex - mac80211: fix station rate table updates on assoc - kretprobe: Avoid re-registration of the same kretprobe earlier - cifs: report error instead of invalid when revalidating a dentry fails - mmc: core: Limit retries when analyse of SDIO tuples fails - ARM: footbridge: fix dc21285 PCI configuration accessors - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page - mm: hugetlb: fix a race between isolating and freeing page - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active - x86/build: Disable CET instrumentation in the kernel - x86/apic: Add extra serialization for non-serializing MSRs - Input: xpad - sync supported devices with fork on GitHub - ACPI: thermal: Do not call acpi_thermal_check() directly - ALSA: hda/realtek - Fix typo of pincfg for Dell quirk - Linux 4.4.257 * Xenial update: v4.4.256 upstream stable release (LP: #1916657) - Linux 4.4.256 * Xenial update: v4.4.255 upstream stable release (LP: #1916656) - ACPI: sysfs: Prefer "compatible" modalias - wext: fix NULL-ptr-dereference with cfg80211's lack of commit() - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] - mt7601u: fix kernel crash unplugging the device - mt7601u: fix rx buffer refcounting - y2038: futex: Move compat implementation into futex.c - futex: Move futex exit handling into futex code - futex: Replace PF_EXITPIDONE with a state - exit/exec: Seperate mm_release() - futex: Split futex_mm_release() for exit/exec - futex: Set task::futex_state to DEAD right after handling futex exit - futex: Mark the begin of futex exit explicitly - futex: Sanitize exit state handling - futex: Provide state handling for exec() as well - futex: Add mutex around futex exit - futex: Provide distinct return value when owner is exiting - futex: Prevent exit livelock - ARM: imx: build suspend-imx6.S with arm instruction set - netfilter: nft_dynset: add timeout extension to template - xfrm: Fix oops in xfrm_replay_advance_bmp - RDMA/cxgb4: Fix the reported max_recv_sge value - mac80211: pause TX while changing interface type - can: dev: prevent potential information leak in can_fill_info() - iommu/vt-d: Gracefully handle DMAR units with no supported address widths - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built - NFC: fix resource leak when target index is invalid - NFC: fix possible resource leak - Linux 4.4.255 -- Kelsey Skunberg