Bug #1930050 “groovy/linux-riscv: 5.8.0-27.29 -proposed tracker” : Series certification-testing : Bugs : Kernel SRU Workflow

Kleber Sacilotto de Souza (kleber-souza) on 2021-05-28

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2021.05.31-1
description:	updated
tags:	added: kernel-sru-derivative-of-1930052
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-05-28

Changed in linux-riscv (Ubuntu Groovy):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-05-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-04

description:

updated

Kelsey Steele (kelsey-steele) on 2021-06-07

summary:

- groovy/linux-riscv: <version to be filled> -proposed tracker
+ groovy/linux-riscv: 5.8.0-27.29 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-09

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-06-21

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

#1

Download full text (23.5 KiB)

This bug was fixed in the package linux-riscv - 5.8.0-29.31

---------------
linux-riscv (5.8.0-29.31) groovy; urgency=medium

[ Ubuntu: 5.8.0-59.66 ]

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

[ Ubuntu: 5.8.0-57.64 ]

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux-riscv (5.8.0-27.29) groovy; urgency=medium

* groovy/linux-riscv: 5.8.0-27.29 -proposed tracker (LP: #1930050)

[ Ubuntu: 5.8.0-56.63 ]

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - m...

This bug was fixed in the package linux-riscv - 5.8.0-29.31

---------------
linux-riscv (5.8.0-29.31) groovy; urgency=medium

[ Ubuntu: 5.8.0-59.66 ]

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

[ Ubuntu: 5.8.0-57.64 ]

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux-riscv (5.8.0-27.29) groovy; urgency=medium

* groovy/linux-riscv: 5.8.0-27.29 -proposed tracker (LP: #1930050)

[ Ubuntu: 5.8.0-56.63 ]

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10
  * [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517)
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
  * CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr
  * kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()
  * CVE-2021-31440
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
  * Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235
  * [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything
  * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: use $ksft_skip for skipped return code
  * IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49
    (LP: #1926030)
    - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation"
    - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond
      durations"
  * Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132)
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
    - dmaengine: idxd: fix delta_rec and crc size field for completion record
    - dmaengine: idxd: fix opcap sysfs attribute output
    - dmaengine: idxd: fix wq size store permission state
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - dmaengine: Fix a double free in dma_async_device_register
    - dmaengine: plx_dma: add a missing put_device() on error path
    - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
    - xfrm: BEET mode doesn't support fragments for inner packets
    - ASoC: max98373: Added 30ms turn on/off time delay
    - gpu/xen: Fix a use after free in xen_drm_drv_init
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - iwlwifi: add support for Qu with AX201 device
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: forbid monitor for del llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - virt_wifi: Return micros for BSS TSF values
    - lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
    - Input: s6sy761 - fix coordinate read bit shift
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - dm verity fec: fix misaligned RS roots IO
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - vfio/pci: Add missing range check in vfio_pci_mmap
    - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: flowtable: fix NAT IPv6 offload mangling
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - ice: Fix potential infinite loop when using u8 loop counter
    - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
    - netfilter: bridge: add pre_exit hooks for ebtable unregistration
    - netfilter: arp_tables: add pre_exit hook for table unregister
    - net: macb: fix the restore of cmp registers
    - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net/mlx5e: Fix setting of RS FEC mode
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - net: ip6_tunnel: Unregister catch-all devices
    - mm: ptdump: fix build failure
    - net: Make tcp_allowed_congestion_control readonly in non-init netns
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ia64: remove duplicate entries in generic_defconfig
    - ia64: tools: remove inclusion of ia64-specific version of errno.h header
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
    - ibmvnic: remove duplicate napi_schedule call in open function
    - gro: ensure frag0 meets IP header alignment
    - ARM: OMAP2+: Fix warning for omap_init_time_of()
    - ARM: footbridge: fix PCI interrupt mapping
    - ARM: OMAP2+: Fix uninitialized sr_inst
    - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
    - arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference
    - bpf: Use correct permission flag for mixed signed bounds arithmetic
    - r8169: tweak max read request size for newer chips also in jumbo mtu mode
    - r8169: don't advertise pause in jumbo mode
    - bpf: Ensure off_reg has no mixed signed bounds for all types
    - bpf: Move off_reg into sanitize_ptr_alu
    - ARM: 9071/1: uprobes: Don't hook on thumb instructions
    - bpf: Rework ptr_limit into alu_limit and add common error path
    - bpf: Improve verifier error messages for users
    - bpf: Move sanitize_val_alu out of op switch
    - net: phy: marvell: fix detection of PHY on Topaz switches
    - vhost-vdpa: protect concurrent access to vhost device iotlb
    - gpio: omap: Save and restore sysconfig
    - KEYS: trusted: Fix TPM reservation for seal/unseal
    - pinctrl: lewisburg: Update number of pins in community
    - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
    - bpf: Permits pointers on stack for helper calls
    - bpf: Refactor and streamline bounds check into helper
    - bpf: Tighten speculative pointer arithmetic mask
    - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
    - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
    - perf auxtrace: Fix potential NULL pointer dereference
    - perf map: Fix error return code in maps__clone()
    - HID: google: add don USB id
    - HID: alps: fix error return code in alps_input_configured()
    - HID: wacom: Assign boolean values to a bool variable
    - ARM: dts: Fix swapped mmc order for omap3
    - net: geneve: check skb is large enough for IPv4/IPv6 header
    - dmaengine: tegra20: Fix runtime PM imbalance on error
    - s390/entry: save the caller of psw_idle
    - arm64: kprobes: Restore local irqflag if kprobes is cancelled
    - xen-netback: Check for hotplug-status existence before watching
    - cavium/liquidio: Fix duplicate argument
    - kasan: fix hwasan build for gcc
    - csky: change a Kconfig symbol name to fix e1000 build error
    - ia64: fix discontig.c section mismatches
    - ia64: tools: remove duplicate definition of ia64_mf() on ia64
    - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
    - net: hso: fix NULL-deref on disconnect regression
    - USB: CDC-ACM: fix poison/unpoison imbalance
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - mei: me: add Alder Lake P device id.
    - bpf: Update selftests to reflect new error states
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - avoid __memcat_p link failure
  * r8152 tx status -71 (LP: #1922651) // Groovy update: upstream stable
    patchset 2021-05-20 (LP: #1929132)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
  * Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically
  * Groovy update: upstream stable patchset 2021-05-13 (LP: #1928386)
    - ALSA: aloop: Fix initialization of controls
    - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
    - ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
    - ASoC: intel: atom: Stop advertising non working S24LE support
    - nfc: fix refcount leak in llcp_sock_bind()
    - nfc: fix refcount leak in llcp_sock_connect()
    - nfc: fix memory leak in llcp_sock_connect()
    - nfc: Avoid endless loops caused by repeated llcp_sock_connect()
    - selinux: make nslot handling in avtab more robust
    - xen/evtchn: Change irq_info lock to raw_spinlock_t
    - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
    - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
    - net: dsa: lantiq_gswip: Don't use PHY auto polling
    - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
    - drm/i915: Fix invalid access to ACPI _DSM objects
    - ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
    - IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
    - LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
    - gcov: re-fix clang-11+ support
    - ia64: fix user_stack_pointer() for ptrace()
    - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
    - ocfs2: fix deadlock between setattr and dio_end_io_write
    - fs: direct-io: fix missing sdio->boundary
    - ethtool: fix incorrect datatype in set_eee ops
    - of: property: fw_devlink: do not link ".*,nr-gpios"
    - parisc: parisc-agp requires SBA IOMMU driver
    - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
    - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
    - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
    - ice: Increase control queue timeout
    - ice: prevent ice_open and ice_stop during reset
    - ice: remove DCBNL_DEVRESET bit from PF state
    - ice: Fix for dereference of NULL pointer
    - ice: Cleanup fltr list in case of allocation issues
    - iwlwifi: pcie: properly set LTR workarounds on 22000 devices
    - net: hso: fix null-ptr-deref during tty device unregistration
    - libbpf: Fix bail out from 'ringbuf_process_ring()' on error
    - bpf: Enforce that struct_ops programs be GPL-only
    - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
    - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
    - libbpf: Only create rx and tx XDP rings when necessary
    - bpf, sockmap: Fix sk->prot unhash op reset
    - net: ensure mac header is set in virtio_net_hdr_to_skb()
    - i40e: Fix sparse warning: missing error code 'err'
    - i40e: Fix sparse error: 'vsi->netdev' could be null
    - i40e: Fix sparse errors in i40e_txrx.c
    - net: sched: sch_teql: fix null-pointer dereference
    - net: sched: fix action overwrite reference counting
    - mac80211: fix TXQ AC confusion
    - net: hsr: Reset MAC header for Tx path
    - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
    - net: let skb_orphan_partial wake-up waiters.
    - usbip: add sysfs_lock to synchronize sysfs code paths
    - usbip: stub-dev synchronize sysfs code paths
    - usbip: vudc synchronize sysfs code paths
    - usbip: synchronize event handler with sysfs code paths
    - driver core: Fix locking bug in deferred_probe_timeout_work_func()
    - scsi: target: iscsi: Fix zero tag inside a trace event
    - i2c: turn recovery error on init to debug
    - ice: Refactor DCB related variables out of the ice_port_info struct
    - ice: Recognize 860 as iSCSI port in CEE mode
    - xfrm: interface: fix ipv4 pmtu check to honor ip header df
    - xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
    - regulator: bd9571mwv: Fix AVS and DVFS voltage range
    - ARM: OMAP4: Fix PMIC voltage domains for bionic
    - ARM: OMAP4: PM: update ROM return address for OSWR and OFF
    - net: xfrm: Localize sequence counter per network namespace
    - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
    - ASoC: SOF: Intel: HDA: fix core status verification
    - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
    - xfrm: Fix NULL pointer dereference on policy lookup
    - virtchnl: Fix layout of RSS structures
    - i40e: Added Asym_Pause to supported link modes
    - i40e: Fix kernel oops when i40e driver removes VF's
    - hostfs: fix memory handling in follow_link()
    - amd-xgbe: Update DMA coherency values
    - sch_red: fix off-by-one checks in red_check_params()
    - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
    - xfrm: Provide private skb extensions for segmented and hw offloaded ESP
      packets
    - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
    - mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
    - ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
    - gianfar: Handle error code at MAC address change
    - cxgb4: avoid collecting SGE_QBASE regs during traffic
    - net:tipc: Fix a double free in tipc_sk_mcast_rcv
    - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
    - net/ncsi: Avoid channel_monitor hrtimer deadlock
    - net: qrtr: Fix memory leak on qrtr_tx_wait failure
    - nfp: flower: ignore duplicate merge hints from FW
    - net: phy: broadcom: Only advertise EEE for supported modes
    - I2C: JZ4780: Fix bug for Ingenic X1000.
    - ASoC: sunxi: sun4i-codec: fill ASoC card owner
    - net/mlx5e: Fix ethtool indication of connector type
    - net/mlx5: Don't request more than supported EQs
    - net/rds: Fix a use after free in rds_message_map_pages
    - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
    - soc/fsl: qbman: fix conflicting alignment attributes
    - i40e: Fix display statistics for veb_tc
    - RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
      files
    - drm/msm: Set drvdata to NULL when msm_drm_init() fails
    - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
    - mptcp: forbit mcast-related sockopt on MPTCP sockets
    - scsi: ufs: core: Fix task management request completion timeout
    - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
    - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
    - net: macb: restore cmp registers on resume path
    - clk: fix invalid usage of list cursor in register
    - clk: fix invalid usage of list cursor in unregister
    - workqueue: Move the position of debug_work_activate() in __queue_work()
    - s390/cpcmd: fix inline assembly register clobbering
    - perf inject: Fix repipe usage
    - net: openvswitch: conntrack: simplify the return expression of
      ovs_ct_limit_get_default_limit()
    - openvswitch: fix send of uninitialized stack memory in ct limit reply
    - i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
    - tipc: increment the tmp aead refcnt before attaching it
    - net: hns3: clear VF down state bit before request link status
    - net/mlx5: Fix placement of log_max_flow_counter
    - net/mlx5: Fix PPLM register mapping
    - net/mlx5: Fix PBMC register mapping
    - RDMA/cxgb4: check for ipv6 address properly while destroying listener
    - perf report: Fix wrong LBR block sorting
    - i40e: Fix parameters in aq_get_phy_register()
    - RDMA/addr: Be strict with gid size
    - RAS/CEC: Correct ce_add_elem()'s returned values
    - clk: socfpga: fix iomem pointer cast on 64-bit
    - lockdep: Address clang -Wformat warning printing for %hd
    - dt-bindings: net: ethernet-controller: fix typo in NVMEM
    - cfg80211: remove WARN_ON() in cfg80211_sme_connect
    - net: tun: set tun->dev->addr_len during TUNSETLINK processing
    - drivers: net: fix memory leak in atusb_probe
    - drivers: net: fix memory leak in peak_usb_create_dev
    - net: mac802154: Fix general protection fault
    - net: ieee802154: nl-mac: fix check on panid
    - net: ieee802154: fix nl802154 del llsec key
    - net: ieee802154: fix nl802154 del llsec dev
    - net: ieee802154: fix nl802154 add llsec key
    - net: ieee802154: fix nl802154 del llsec devkey
    - net: ieee802154: forbid monitor for set llsec params
    - net: ieee802154: forbid monitor for del llsec seclevel
    - net: ieee802154: stop dump llsec params for monitors
    - interconnect: core: fix error return code of icc_link_destroy()
    - gfs2: Flag a withdraw if init_threads() fails
    - KVM: arm64: Hide system instruction access to Trace registers
    - KVM: arm64: Disable guest access to trace filter controls
    - drm/imx: imx-ldb: fix out of bounds array access warning
    - gfs2: report "already frozen/thawed" errors
    - ftrace: Check if pages were allocated before calling free_pages()
    - tools/kvm_stat: Add restart delay
    - drm/tegra: dc: Don't set PLL clock to 0Hz
    - gpu: host1x: Use different lock classes for each client
    - block: only update parent bi_status when bio fail
    - radix tree test suite: Register the main thread with the RCU library
    - idr test suite: Take RCU read lock in idr_find_test_1
    - idr test suite: Create anchor before launching throbber
    - io_uring: don't mark S_ISBLK async work as unbounded
    - riscv,entry: fix misaligned base for excp_vect_table
    - block: don't ignore REQ_NOWAIT for direct IO
    - perf map: Tighten snprintf() string precision to pass gcc check on some
      32-bit arches
    - net: sfp: relax bitrate-derived mode check
    - net: sfp: cope with SFPs that set both LOS normal and LOS inverted
    - xen/events: fix setting irq affinity
    - perf tools: Use %zd for size_t printf formats on 32-bit

[ Ubuntu: 5.8.0-55.62 ]

* groovy/linux: 5.8.0-55.62 -proposed tracker (LP: #1930379)
  * [Potential Regression] Unable to create KVM with uvtool on Groovy ARM64
    (LP: #1929925)
    - SAUCE: KVM: arm64: Assign kvm_ipa_limit

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 21:56:07 -0300

Changed in linux-riscv (Ubuntu Groovy):
status:	New → Fix Released

Andy Whitcroft (apw) on 2022-06-06

tags:	removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status:	In Progress → Fix Released

Kernel SRU Workflow

groovy/linux-riscv: 5.8.0-27.29 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Invalid	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
Prepare-package	Fix Released	Medium	Kelsey Steele
Prepare-package-meta	Fix Released	Medium	Kelsey Steele
Promote-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux-riscv (Ubuntu)
Groovy	Fix Released	Medium	Unassigned