This bug was fixed in the package linux - 4.15.0-166.174 --------------- linux (4.15.0-166.174) bionic; urgency=medium * bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667) * Ubuntu version macros overflow with high ABI numbers (LP: #1953522) - SAUCE: Revert "stable: clamp SUBLEVEL in 4.14" * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and variants (LP: #1953287) - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion" * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and variants (LP: #1953287) // CVE-2018-25020 - bpf: fix truncated jump targets on heavy expansions linux (4.15.0-165.173) bionic; urgency=medium * bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780) * Support builtin revoked certificates (LP: #1932029) - certs: Add EFI_CERT_X509_GUID support for dbx entries - certs: Move load_system_certificate_list to a common function - integrity: Move import of MokListRT certs to a separate routine - integrity: Load certs from the EFI MOK config table - certs: Add ability to preload revocation certs - certs: add 'x509_revocation_list' to gitignore - SAUCE: Dump stack when X.509 certificates cannot be loaded - [Packaging] build canonical-revoked-certs.pem from branch/arch certs - [Packaging] Revoke 2012 UEFI signing certificate as built-in - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys * Support importing mokx keys into revocation list from the mok table (LP: #1928679) - efi: Support for MOK variable config table - efi: mokvar-table: fix some issues in new code - efi: mokvar: add missing include of asm/early_ioremap.h - efi/mokvar: Reserve the table only if it is in boot services data - SAUCE: integrity: Load mokx certs from the EFI MOK config table - SAUCE: integrity: add informational messages when revoking certs * CVE-2021-4002 - arm64: tlb: Provide forward declaration of tlb_flush() before including tlb.h - mm: mmu_notifier fix for tlb_end_vma - hugetlbfs: flush TLBs correctly after huge_pmd_unshare linux (4.15.0-164.172) bionic; urgency=medium * bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348) * Packaging resync (LP: #1786013) - [Packaging] resync update-dkms-versions helper - debian/dkms-versions -- update from kernel-versions (main/2021.11.29) * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) - btrfs: always wait on ordered extents at fsync time - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF - xtensa: xtfpga: Try software restart before simulating CPU reset - NFSD: Keep existing listeners on portlist error - netfilter: ipvs: make global sysctl readonly in non-init netns - NIOS2: irqflags: rename a redefined register name - can: rcar_can: fix suspend/resume - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification - can: peak_pci: peak_pci_remove(): fix UAF - ocfs2: fix data corruption after conversion from inline format - ocfs2: mount fails with buffer overflow in strlen - elfcore: correct reference to CONFIG_UML - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset - ASoC: DAPM: Fix missing kctl change notifications - nfc: nci: fix the UAF of rf_conn_info object - isdn: cpai: check ctr->cnr to avoid array index out of bound - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option - btrfs: deal with errors when checking if a dir entry exists during log replay - net: stmmac: add support for dwmac 3.40a - ARM: dts: spear3xx: Fix gmac node - isdn: mISDN: Fix sleeping function called from invalid context - platform/x86: intel_scu_ipc: Update timeout value in comment - ALSA: hda: avoid write to STATESTS if controller is in reset - tracing: Have all levels of checks prevent recursion - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG - dma-debug: fix sg checks in debug_dma_map_sg() - ASoC: wm8960: Fix clock configuration on slave mode - lan78xx: select CRC32 - net: hns3: add limit ets dwrr bandwidth cannot be 0 - net: hns3: disable sriov before unload hclge layer - ALSA: hda/realtek: Add quirk for Clevo PC50HS - mm, slub: fix mismatch between reconstructed freelist depth and cnt - gcc-plugins/structleak: add makefile var for disabling structleak * creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve failed with XFS (LP: #1950239) - xfs: ensure that the inode uid/gid match values match the icdinode ones - xfs: merge the projid fields in struct xfs_icdinode - xfs: remove the icdinode di_uid/di_gid members - xfs: fix up non-directory creation in SGID directories * ubuntu_ltp / finit_module02 fails on v4.15 and other kernels (LP: #1950644) - vfs: check fd has read access in kernel_read_file_from_fd() * reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le (LP: #1867570) - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) - net: mdio: introduce a shutdown method to mdio device drivers - xen-netback: correct success/error reporting for the SKB-with-fraglist case - sparc64: fix pci_iounmap() when CONFIG_PCI is not set - ext2: fix sleeping in atomic bugs on error - scsi: sd: Free scsi_disk device via put_device() - usb: testusb: Fix for showing the connection speed - usb: dwc2: check return value after calling platform_get_resource() - scsi: ses: Retry failed Send/Receive Diagnostic commands - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. - lib/timerqueue: Rely on rbtree semantics for next timer - selftests: be sure to make khdr before other targets - Partially revert "usb: Kconfig: using select for USB_COMMON dependency" - USB: cdc-acm: fix racy tty buffer accesses - USB: cdc-acm: fix break reporting - ovl: fix missing negative dentry check in ovl_rename() - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero - xen/balloon: fix cancelled balloon action - ARM: dts: omap3430-sdp: Fix NAND device node - ARM: dts: qcom: apq8064: use compatible which contains chipid - bpf: add also cbpf long jump test cases with heavy expansion - bpf, mips: Validate conditional branch offsets - xtensa: call irqchip_init only when CONFIG_USE_OF is selected - bpf: Fix integer overflow in prealloc_elems_and_freelist() - phy: mdio: fix memory leak - net_sched: fix NULL deref in fifo_set_limit() - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3 - ptp_pch: Load module automatically if ID matches - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff sequence - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() - netlink: annotate data races around nlk->bound - drm/nouveau/debugfs: fix file release memory leak - rtnetlink: fix if_nlmsg_stats_size() under estimation - i40e: fix endless loop under rtnl - i2c: acpi: fix resource leak in reconfiguration device addition - net: phy: bcm7xxx: Fixed indirect MMD operations - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS - netfilter: ip6_tables: zero-initialize fragment offset - mac80211: Drop frames from invalid MAC address in ad-hoc mode - m68k: Handle arrivals of multiple signals correctly - net: sun: SUNVNET_COMMON should depend on INET - scsi: ses: Fix unsigned comparison with less than zero - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported" - perf/x86: Reset destroy callback on event init failure - sched: Always inline is_percpu_thread() - bpf, arm: Fix register clobbering in div/mod implementation - i40e: Fix freeing of uninitialized misc IRQ vector - mac80211: check return value of rhashtable_init - stable: clamp SUBLEVEL in 4.14 - ALSA: seq: Fix a potential UAF by wrong private_free call order - s390: fix strrchr() implementation - btrfs: deal with errors when replaying dir entry during log replay - btrfs: deal with errors when adding inode reference during log replay - btrfs: check for error when looking up inode during dir entry replay - xhci: Fix command ring pointer corruption while aborting a command - xhci: Enable trust tx length quirk for Fresco FL11 USB controller - cb710: avoid NULL pointer subtraction - efi/cper: use stack buffer for error record decoding - efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock() - usb: musb: dsps: Fix the probe error path - Input: xpad - add support for another USB ID of Nacon GC-100 - USB: serial: qcserial: add EM9191 QDL support - USB: serial: option: add Quectel EC200S-CN module support - USB: serial: option: add Telit LE910Cx composition 0x1204 - USB: serial: option: add prod. id for Quectel EG91 - virtio: write back F_VERSION_1 before validate - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically - iio: adc: aspeed: set driver data when adc probe. - iio: adc128s052: Fix the error handling path of 'adc128_probe()' - iio: light: opt3001: Fixed timeout error when 0 lux - iio: ssp_sensors: add more range checking in ssp_parse_dataframe() - iio: ssp_sensors: fix error code in ssp_print_mcu_debug() - sctp: account stream padding length for reconf chunk - net: arc: select CRC32 - net: korina: select CRC32 - net: encx24j600: check error in devm_regmap_init_encx24j600 - ethernet: s2io: fix setting mac address during resume - nfc: fix error handling of nfc_proto_register() - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - pata_legacy: fix a couple uninitialized variable bugs - drm/msm: Fix null pointer dereference on pointer edp - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling - acpi/arm64: fix next_platform_timer() section mismatch error - qed: Fix missing error code in qed_slowpath_start() - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256 -- Kleber Sacilotto de Souza