This bug was fixed in the package linux-azure-4.15 - 4.15.0-1091.101 --------------- linux-azure-4.15 (4.15.0-1091.101) bionic; urgency=medium * bionic/linux-azure-4.15: 4.15.0-1091.101 -proposed tracker (LP: #1885057) * linux-azure: Update SGX version to version LD_1.33 (LP: #1881338) - SAUCE: ubuntu/sgx: Add module alias for ACPI device INT0E0C [ Ubuntu: 4.15.0-109.110 ] * Packaging resync (LP: #1786013) - [Packaging] update helper scripts - update dkms package versions * Build and ship a signed wireguard.ko (LP: #1861284) - [Packaging] wireguard -- add support for building signed .ko * CVE-2019-16089 - SAUCE: nbd_genl_status: null check for nla_nest_start * CVE-2019-19642 - kernel/relay.c: handle alloc_percpu returning NULL in relay_open * CVE-2019-12380 - efi/x86/Add missing error handling to old_memmap 1:1 mapping code * CVE-2019-19039 // CVE-2019-19377 - btrfs: sink flush_fn to extent_write_cache_pages - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up - btrfs: Don't submit any btree write bio if the fs has errors * CVE-2019-19036 - btrfs: volumes: Use more straightforward way to calculate map length - btrfs: tree-checker: Try to detect missing INODE_ITEM - Btrfs: tree-checker: detect file extent items with overlapping ranges - Btrfs: make tree checker detect checksum items with overlapping ranges - btrfs: harden agaist duplicate fsid on scanned devices - Btrfs: fix missing data checksums after replaying a log tree - btrfs: reloc: fix reloc root leak and NULL pointer dereference - btrfs: Validate child tree block's level and first key - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations * CVE-2019-19318 - btrfs: tree-checker: Replace root parameter with fs_info - btrfs: tree-checker: Check level for leaves and nodes - btrfs: tree-checker: get fs_info from eb in generic_err - btrfs: tree-checker: get fs_info from eb in file_extent_err - btrfs: tree-checker: get fs_info from eb in check_csum_item - btrfs: tree-checker: get fs_info from eb in dir_item_err - btrfs: tree-checker: get fs_info from eb in check_dir_item - btrfs: tree-checker: get fs_info from eb in block_group_err - btrfs: tree-checker: get fs_info from eb in check_block_group_item - btrfs: tree-checker: get fs_info from eb in check_extent_data_item - btrfs: tree-checker: get fs_info from eb in check_leaf_item - btrfs: tree-checker: get fs_info from eb in check_leaf - btrfs: tree-checker: get fs_info from eb in chunk_err - btrfs: tree-checker: get fs_info from eb in dev_item_err - btrfs: tree-checker: get fs_info from eb in check_dev_item - btrfs: tree-checker: get fs_info from eb in check_inode_item - btrfs: tree-checker: Add ROOT_ITEM check - btrfs: tree-checker: Add EXTENT_ITEM and METADATA_ITEM check - btrfs: tree-checker: Add simple keyed refs check - btrfs: tree-checker: Add EXTENT_DATA_REF check - btrfs: tree-checker: Fix wrong check on max devid - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes * CVE-2019-19813 // CVE-2019-19816 - btrfs: Refactor parameter of BTRFS_MAX_DEVS() from root to fs_info - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it - btrfs: tree-checker: Make chunk item checker messages more readable - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO - btrfs: tree-checker: Check chunk item at tree block read time - btrfs: tree-checker: Verify dev item - btrfs: tree-checker: Enhance chunk checker to validate chunk profile - btrfs: tree-checker: Verify inode item - btrfs: inode: Verify inode mode to avoid NULL pointer dereference * CVE-2020-0543 - UBUNTU/SAUCE: x86/speculation/srbds: do not try to turn mitigation off when not supported * Build Nvidia drivers in conjunction with kernel (LP: #1764792) - [Packaging] disable nvidia dkms builds for mainline * Bionic update: upstream stable patchset 2020-06-02 (LP: #1881801) - i2c: dev: Fix the race between the release of i2c_dev and cdev - ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() - evm: Check also if *tfm is an error pointer in init_desc() - ima: Fix return value of ima_write_policy() - fix multiplication overflow in copy_fdtable() - iommu/amd: Fix over-read of ACPI UID from IVRS table - i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file - gcc-common.h: Update for GCC 10 - HID: multitouch: add eGalaxTouch P80H84 support - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV - configfs: fix config_item refcnt leak in configfs_rmdir() - vhost/vsock: fix packet delivery order to monitoring devices - component: Silence bind error on -EPROBE_DEFER - scsi: ibmvscsi: Fix WARN_ON during event pool release - x86/apic: Move TSC deadline timer debug printk - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() - ceph: fix double unlock in handle_cap_export() - USB: core: Fix misleading driver bug report - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA - ARM: futex: Address build warning - padata: Replace delayed timer with immediate workqueue in padata_reorder - padata: initialize pd->cpu with effective cpumask - padata: purge get_cpu and reorder_via_wq from padata_do_serial - arm64: fix the flush_icache_range arguments in machine_kexec - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option - ALSA: pcm: fix incorrect hw_base increase - apparmor: Fix aa_label refcnt leak in policy_update - dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' - powerpc: restore alphabetic order in Kconfig - powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE - powerpc/64s: Disable STRICT_KERNEL_RWX - x86/uaccess, ubsan: Fix UBSAN vs. SMAP - ubsan: build ubsan.c more conservatively - libnvdimm/btt: Remove unnecessary code in btt_freelist_init - libnvdimm/btt: Fix LBA masking during 'free list' population - media: fdp1: Fix R-Car M3-N naming in debug message - cxgb4: free mac_hlist properly - cxgb4/cxgb4vf: Fix mac_hlist initialization and free - Revert "gfs2: Don't demote a glock until its revokes are written" - staging: iio: ad2s1210: Fix SPI reading - staging: greybus: Fix uninitialized scalar variable - iio: sca3000: Remove an erroneous 'get_device()' - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' - mei: release me_cl object reference - rapidio: fix an error in get_user_pages_fast() error handling - rxrpc: Fix a memory leak in rxkad_verify_response() - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks - iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() - iio: adc: stm32-adc: fix device used to request dma - riscv: set max_pfn to the PFN of the last page - ubifs: remove broken lazytime support - HID: alps: Add AUI1657 device ID - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead - aquantia: Fix the media type of AQC100 ethernet controller in the driver - HID: i2c-hid: reset Synaptics SYNA2393 on resume - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock - stmmac: fix pointer check after utilization in stmmac_interrupt - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme - ALSA: hda/realtek - Add more fixup entries for Clevo machines - drm/etnaviv: fix perfmon domain interation - nfit: Add Hyper-V NVDIMM DSM command set to white list - thunderbolt: Drop duplicated get_switch_at_route() - net: bcmgenet: code movement - net: bcmgenet: abort suspend on error - misc: rtsx: Add short delay after exit from ASPM * Bionic update: upstream stable patchset 2020-05-21 (LP: #1880014) - USB: serial: qcserial: Add DW5816e support - dp83640: reverse arguments to list_add_tail - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks - net: macsec: preserve ingress frame ordering - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() - net: usb: qmi_wwan: add support for DW5816e - sch_choke: avoid potential panic in choke_reset() - sch_sfq: validate silly quantum values - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). - net/mlx5: Fix forced completion access non initialized command entry - net/mlx5: Fix command entry leak in Internal Error State - bnxt_en: Improve AER slot reset. - bnxt_en: Fix VF anti-spoof filter setup. - net: stricter validation of untrusted gso packets - ipv6: fix cleanup ordering for ip6_mr failure - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices - HID: usbhid: Fix race between usbhid_close() and usbhid_stop() - USB: uas: add quirk for LaCie 2Big Quadra - USB: serial: garmin_gps: add sanity checking for data length - tracing: Add a vmalloc_sync_mappings() for safe measure - KVM: arm: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() - coredump: fix crash when umh is disabled - batman-adv: fix batadv_nc_random_weight_tq - batman-adv: Fix refcnt leak in batadv_show_throughput_override - batman-adv: Fix refcnt leak in batadv_store_throughput_override - batman-adv: Fix refcnt leak in batadv_v_ogm_process - x86/entry/64: Fix unwind hints in kernel exit path - x86/entry/64: Fix unwind hints in rewind_stack_do_exit() - x86/unwind/orc: Don't skip the first frame for inactive tasks - x86/unwind/orc: Prevent unwinding before ORC initialization - x86/unwind/orc: Fix error path for bad ORC entry type - netfilter: nat: never update the UDP checksum when it's 0 - objtool: Fix stack offset tracking for indirect CFAs - scripts/decodecode: fix trapping instruction formatting - net: stmmac: Use mutex instead of spinlock - shmem: fix possible deadlocks on shmlock_user_lock - net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' - net: moxa: Fix a potential double 'free_irq()' - drop_monitor: work around gcc-10 stringop-overflow warning - virtio-blk: handle block_device_operations callbacks after hot unplug - scsi: sg: add sg_remove_request in sg_write - dmaengine: pch_dma.c: Avoid data race between probe and irq handler - dmaengine: mmp_tdma: Reset channel error on release - cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once - ALSA: hda/hdmi: fix race in monitor detection during probe - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index - x86/entry/64: Fix unwind hints in register clearing code - ipmi: Fix NULL pointer dereference in ssif_probe - pinctrl: baytrail: Enable pin configuration setting for GPIO chip - pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler - i40iw: Fix error handling in i40iw_manage_arp_cache() - netfilter: conntrack: avoid gcc-10 zero-length-bounds warning - IB/mlx4: Test return value of calls to ib_get_cached_pkey - hwmon: (da9052) Synchronize access with mfd - pnp: Use list_for_each_entry() instead of open coding - gcc-10 warnings: fix low-hanging fruit - kbuild: compute false-positive -Wmaybe-uninitialized cases in Kconfig - Stop the ad-hoc games with -Wno-maybe-initialized - gcc-10: disable 'zero-length-bounds' warning for now - gcc-10: disable 'array-bounds' warning for now - gcc-10: disable 'stringop-overflow' warning for now - gcc-10: disable 'restrict' warning for now - gcc-10: avoid shadowing standard library 'free()' in crypto - x86/asm: Add instruction suffixes to bitops - net: phy: micrel: Use strlcpy() for ethtool::get_strings - net: fix a potential recursive NETDEV_FEAT_CHANGE - net: phy: fix aneg restart in phy_ethtool_set_eee - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" - hinic: fix a bug of ndo_stop - net: dsa: loop: Add module soft dependency - net: ipv4: really enforce backoff for redirects - netprio_cgroup: Fix unlimited memory leak of v2 cgroups - net: tcp: fix rx timestamp behavior for tcp_recvmsg - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 - ALSA: rawmidi: Initialize allocated buffers - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses - ARM: dts: dra7: Fix bus_dma_limit for PCIe - ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries - x86: Fix early boot crash on gcc-10, third try - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B - usb: host: xhci-plat: keep runtime active when removing host - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list - x86/unwind/orc: Fix error handling in __unwind_start() - exec: Move would_dump into flush_old_exec - clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks - usb: gadget: net2272: Fix a memory leak in an error handling path in 'net2272_plat_probe()' - usb: gadget: audio: Fix a missing error return value in audio_bind() - usb: gadget: legacy: fix error return code in gncm_bind() - usb: gadget: legacy: fix error return code in cdc_bind() - arm64: dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards - arm64: dts: rockchip: Rename dwc3 device nodes on rk3399 to make dtc happy - ARM: dts: r8a73a4: Add missing CMT1 interrupts - ARM: dts: r8a7740: Add missing extal2 to CPG node - KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce - Makefile: disallow data races on gcc-10 as well - sctp: Fix bundling of SHUTDOWN with COOKIE-ACK - arm64: hugetlb: avoid potential NULL dereference - net: dsa: Do not make user port errors fatal - pppoe: only process PADT targeted at local interfaces - riscv: fix vdso build with lld - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() - cifs: fix leaked reference on requeued write - clk: Unlink clock if failed to prepare or enable * upgrading to 4.15.0-99-generic breaks the sound and the trackpad (LP: #1875916) // Bionic update: upstream stable patchset 2020-05-21 (LP: #1880014) - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" * Pop sound from build-in speaker during cold boot and resume from S3 (LP: #1866357) // Bionic update: upstream stable patchset 2020-05-21 (LP: #1880014) - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse * Bionic update: upstream stable patchset 2020-05-19 (LP: #1879536) - vhost: vsock: kick send_pkt worker once device is started - powerpc/pci/of: Parse unassigned resources - ASoC: topology: Check return value of pcm_new_ver - selftests/ipc: Fix test failure seen after initial test run - ASoC: sgtl5000: Fix VAG power-on handling - ASoC: rsnd: Fix HDMI channel mapping for multi-SSI mode - ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry - wimax/i2400m: Fix potential urb refcnt leak - net: stmmac: fix enabling socfpga's ptp_ref_clock - net: stmmac: Fix sub-second increment - cifs: protect updating server->dstaddr with a spinlock - s390/ftrace: fix potential crashes when switching tracers - scripts/config: allow colons in option strings for sed - lib/mpi: Fix building for powerpc with clang - net: bcmgenet: suppress warnings on failed Rx SKB allocations - net: systemport: suppress warnings on failed Rx SKB allocations - sctp: Fix SHUTDOWN CTSN Ack in the peer restart case - ALSA: hda: Match both PCI ID and SSID for driver blacklist - mac80211: add ieee80211_is_any_nullfunc() - cgroup, netclassid: remove double cond_resched - ASoC: rsnd: Fix parent SSI start/stop in multi-SSI mode - drm/amdgpu: Correctly initialize thermal controller for GPUs with Powerplay table v0 (e.g Hawaii) - ASoC: rsnd: Don't treat master SSI in multi SSI setup as parent - ASoC: rsnd: Fix "status check failed" spam for multi-SSI - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event - hexagon: clean up ioremap - hexagon: define ioremap_uc - drm/atomic: Take the atomic toys away from X * Performing function level reset of AMD onboard USB and audio devices causes system lockup (LP: #1865988) - SAUCE: PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 - SAUCE: PCI: Avoid FLR for AMD Starship USB 3.0 * add 16-bit width registers support for EEPROM at24 device (LP: #1876699) - SAUCE: at24-smbus-16bit-address * qeth: utilize virtual MAC for Layer2 OSD devices (LP: #1880834) - s390/qeth: improve fallback to random MAC address - s390/qeth: utilize virtual MAC for Layer2 OSD devices * Slow send speed with Intel I219-V on Ubuntu 18.04.1 (LP: #1802691) - e1000e: Disable TSO for buffer overrun workaround * CVE-2020-10711 - netlabel: cope with NULL catmap * CVE-2020-13143 - USB: gadget: fix illegal array access in binding with UDC * rtl8723bu wifi issue after being turned off (LP: #1878296) - rtl8xxxu: Improve TX performance of RTL8723BU on rtl8xxxu driver - rtl8xxxu: add bluetooth co-existence support for single antenna - rtl8xxxu: remove set but not used variable 'rate_mask' - rtl8xxxu: Remove set but not used variable 'vif', 'dev', 'len' * Cannot create ipvlans with > 1500 MTU on recent Bionic kernels (LP: #1879658) - ipvlan: use ETH_MAX_MTU as max mtu * Miscellaneous Ubuntu changes - [Config] wireguard -- enable on all architectures [ Ubuntu: 4.15.0-108.109 ] * Packaging resync (LP: #1786013) - update dkms package versions * dkms-build: downloads fail in private PPAs (LP: #1883874) - dkms-build: apt-cache policy elides username:password information -- Marcelo Henrique Cerri