This bug was fixed in the package linux-azure - 5.0.0-1025.27~18.04.1 --------------- linux-azure (5.0.0-1025.27~18.04.1) bionic; urgency=medium [ Ubuntu: 5.0.0-1025.27 ] * CVE-2019-11135 - [Config] azure: Disable TSX by default when possible * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout setting (LP: #1849682) - SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout confusion." * refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793 - SAUCE: shiftfs: Correct id translation for lower fs operations - SAUCE: shiftfs: prevent type confusion - SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling * CVE-2018-12207 - kvm: Convert kvm_lock to a mutex - kvm: x86: Do not release the page inside mmu_set_spte() - KVM: x86: make FNAME(fetch) and __direct_map more similar - KVM: x86: remove now unneeded hugepage gfn adjustment - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON - KVM: x86: add tracepoints around __direct_map and FNAME(fetch) - kvm: x86, powerpc: do not allow clearing largepages debugfs entry - SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure - SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation - SAUCE: kvm: Add helper function for creating VM worker threads - SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages - SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers - SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT * CVE-2019-11135 - KVM: x86: use Intel speculation bugs and features as derived in generic x86 code - x86/msr: Add the IA32_TSX_CTRL MSR - x86/cpu: Add a helper function x86_read_arch_cap_msr() - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default - x86/speculation/taa: Add mitigation for TSX Async Abort - x86/speculation/taa: Add sysfs reporting for TSX Async Abort - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto - SAUCE: x86/speculation/taa: Call tsx_init() - [Config] Disable TSX by default when possible * CVE-2019-0154 - SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs - SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA * CVE-2019-0155 - SAUCE: drm/i915: Rename gen7 cmdparser tables - SAUCE: drm/i915: Disable Secure Batches for gen6+ - SAUCE: drm/i915: Remove Master tables from cmdparser - SAUCE: drm/i915: Add support for mandatory cmdparsing - SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers - SAUCE: drm/i915: Allow parsing of unsized batches - SAUCE: drm/i915: Add gen9 BCS cmdparsing - SAUCE: drm/i915/cmdparser: Use explicit goto for error paths - SAUCE: drm/i915/cmdparser: Add support for backward jumps - SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching * disco/linux: -proposed tracker (LP: #1850574) * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout setting (LP: #1849682) - Revert "md/raid0: avoid RAID0 data corruption due to layout confusion." -- Juerg Haefliger