Bug #1935833 “linux-azure CIFS DFS oops” : Bugs : linux-azure package : Ubuntu

Tim Gardner (timg-tpi) on 2021-07-12

Changed in linux-azure (Ubuntu):
status:	New → Fix Released
Changed in linux-azure (Ubuntu Focal):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu):
status:	New → Fix Released
Changed in linux (Ubuntu Focal):
status:	New → In Progress
importance:	Undecided → Medium

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-07-12:

#1

https://lists.ubuntu.com/archives/kernel-team/2021-July/122338.html

Tim Gardner (timg-tpi) on 2021-07-12

Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed
Changed in linux-azure (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-07-13:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-07-19:

#3

Microsoft reports "Engineer confirms, test kernel certainly helps with the oops.". Marking verification done on the basis of MS testing.

tags:

added: verification-done-focal
removed: verification-needed-focal

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-07-20:

#4

Download full text (28.0 KiB)

This bug was fixed in the package linux-azure - 5.4.0-1055.57

---------------
linux-azure (5.4.0-1055.57) focal; urgency=medium

[ Ubuntu: 5.4.0-80.90 ]

* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux-azure (5.4.0-1054.56) focal; urgency=medium

* focal/linux-azure: 5.4.0-1054.56 -proposed tracker (LP: #1935858)

  * linux-azure CIFS DFS oops (LP: #1935833)
    - cifs: get rid of unused parameter in reconn_setup_dfs_targets()
    - cifs: handle empty list of targets in cifs_reconnect()

linux-azure (5.4.0-1053.55) focal; urgency=medium

* focal/linux-azure: 5.4.0-1053.55 -proposed tracker (LP: #1934321)

[ Ubuntu: 5.4.0-79.88 ]

  * focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)
  * lxd exec fails (LP: #1934187)
    - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux-azure (5.4.0-1052.54) focal; urgency=medium

* focal/linux-azure: 5.4.0-1052.54 -proposed tracker (LP: #1932456)

  * Patch To Fix Bug in the Linux Block Layer Responsible For Merging BIOs
    (LP: #1931497)
    - block: return the correct bvec when checking for gaps

[ Ubuntu: 5.4.0-78.87 ]

  * focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions
  * Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
    - [Packaging]: Add kernel command line condition to hv-kvp-daemon service
  * QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices
    (LP: #1860724)
    - scsi: qla2xxx: Serialize fc_port alloc in N2N
    - scsi: qla2xxx: Set Nport ID for N2N
    - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
    - scsi: qla2xxx: Fix N2N and NVMe connect retry failure
  * [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
    - ice: add additional E810 device id
  * Focal update: v5.4.124 upstream stable release (LP: #1931166)
    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    - ALSA: usb-audio: scarlett2: Improve driver startup messages
    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
    - perf intel-pt: Fix sample instruction bytes
    - perf intel-pt: Fix transaction abort handling
    - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top
      Calls by elapsed Time report
    - perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    - perf scripts python: exported-sql-viewer.py: Fix warning display
    - proc: Check /proc/$pid/attr/ writes against file opener
    - net: hso: fix control-request directions
    - ath10k: Validate first subframe of A-MSDU before processing the list
    - dm snapshot: properly fix a crash when an origin has no snapshots
    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/...

This bug was fixed in the package linux-azure - 5.4.0-1055.57

---------------
linux-azure (5.4.0-1055.57) focal; urgency=medium

[ Ubuntu: 5.4.0-80.90 ]

* CVE-2021-33909
    - SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux-azure (5.4.0-1054.56) focal; urgency=medium

* focal/linux-azure: 5.4.0-1054.56 -proposed tracker (LP: #1935858)

* linux-azure CIFS DFS oops (LP: #1935833)
    - cifs: get rid of unused parameter in reconn_setup_dfs_targets()
    - cifs: handle empty list of targets in cifs_reconnect()

linux-azure (5.4.0-1053.55) focal; urgency=medium

* focal/linux-azure: 5.4.0-1053.55 -proposed tracker (LP: #1934321)

[ Ubuntu: 5.4.0-79.88 ]

* focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)
  * lxd exec fails (LP: #1934187)
    - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux-azure (5.4.0-1052.54) focal; urgency=medium

* focal/linux-azure: 5.4.0-1052.54 -proposed tracker (LP: #1932456)

* Patch To Fix Bug in the Linux Block Layer Responsible For  Merging BIOs
    (LP: #1931497)
    - block: return the correct bvec when checking for gaps

[ Ubuntu: 5.4.0-78.87 ]

* focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions
  * Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
    - [Packaging]: Add kernel command line condition to hv-kvp-daemon service
  * QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices
    (LP: #1860724)
    - scsi: qla2xxx: Serialize fc_port alloc in N2N
    - scsi: qla2xxx: Set Nport ID for N2N
    - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
    - scsi: qla2xxx: Fix N2N and NVMe connect retry failure
  * [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
    - ice: add additional E810 device id
  * Focal update: v5.4.124 upstream stable release (LP: #1931166)
    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    - ALSA: usb-audio: scarlett2: Improve driver startup messages
    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
    - perf intel-pt: Fix sample instruction bytes
    - perf intel-pt: Fix transaction abort handling
    - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top
      Calls by elapsed Time report
    - perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    - perf scripts python: exported-sql-viewer.py: Fix warning display
    - proc: Check /proc/$pid/attr/ writes against file opener
    - net: hso: fix control-request directions
    - ath10k: Validate first subframe of A-MSDU before processing the list
    - dm snapshot: properly fix a crash when an origin has no snapshots
    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
    - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
    - selftests/gpio: Move include of lib.mk up
    - selftests/gpio: Fix build when source tree is read only
    - kgdb: fix gcc-11 warnings harder
    - Documentation: seccomp: Fix user notification documentation
    - serial: core: fix suspicious security_locked_down() call
    - misc/uss720: fix memory leak in uss720_probe
    - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
    - mei: request autosuspend after sending rx flow control
    - staging: iio: cdc: ad7746: avoid overwrite of num_channels
    - iio: gyro: fxas21002c: balance runtime power in error path
    - iio: adc: ad7768-1: Fix too small buffer passed to
      iio_push_to_buffers_with_timestamp()
    - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
    - iio: adc: ad7124: Fix potential overflow due to non sequential channel
      numbers
    - iio: adc: ad7793: Add missing error code in ad7793_setup()
    - serial: 8250_pci: Add support for new HPE serial device
    - serial: 8250_pci: handle FL_NOIRQ board flag
    - USB: trancevibrator: fix control-request direction
    - USB: usbfs: Don't WARN about excessively large memory allocations
    - serial: tegra: Fix a mask operation that is always true
    - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
    - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
    - USB: serial: ti_usb_3410_5052: add startech.com device id
    - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
    - USB: serial: ftdi_sio: add IDs for IDS GmbH Products
    - USB: serial: pl2303: add device id for ADLINK ND-6530 GC
    - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
    - usb: dwc3: gadget: Properly track pending and queued SG
    - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
    - net: usb: fix memory leak in smsc75xx_bind
    - spi: spi-geni-qcom: Fix use-after-free on unbind
    - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
    - fs/nfs: Use fatal_signal_pending instead of signal_pending
    - NFS: fix an incorrect limit in filelayout_decode_layout()
    - NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
    - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
    - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
    - drm/meson: fix shutdown crash when component not probed
    - net/mlx5e: Fix multipath lag activation
    - net/mlx5e: Fix nullptr in add_vlan_push_action()
    - net/mlx4: Fix EEPROM dump support
    - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
    - tipc: wait and exit until all work queues are done
    - tipc: skb_linearize the head skb when reassembling msgs
    - spi: spi-fsl-dspi: Fix a resource leak in an error handling path
    - net: dsa: mt7530: fix VLAN traffic leaks
    - net: dsa: fix a crash if ->get_sset_count() fails
    - net: dsa: sja1105: error out on unsupported PHY mode
    - i2c: s3c2410: fix possible NULL pointer deref on read message after write
    - i2c: i801: Don't generate an interrupt on bus reset
    - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
    - perf jevents: Fix getting maximum number of fds
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume
    - gpio: cadence: Add missing MODULE_DEVICE_TABLE
    - Revert "media: usb: gspca: add a missed check for goto_low_power"
    - Revert "ALSA: sb: fix a missing check of snd_ctl_add"
    - Revert "serial: max310x: pass return value of spi_register_driver"
    - serial: max310x: unregister uart driver in case of failure and abort
    - Revert "net: fujitsu: fix a potential NULL pointer dereference"
    - net: fujitsu: fix potential null-ptr-deref
    - Revert "net/smc: fix a NULL pointer dereference"
    - net: caif: remove BUG_ON(dev == NULL) in caif_xmit
    - Revert "char: hpet: fix a missing check of ioremap"
    - char: hpet: add checks after calling ioremap
    - Revert "ALSA: gus: add a check of the status of snd_ctl_add"
    - Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
    - Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
    - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
    - Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
    - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
    - Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
    - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
    - Revert "dmaengine: qcom_hidma: Check for driver register failure"
    - dmaengine: qcom_hidma: comment platform_driver_register call
    - Revert "libertas: add checks for the return value of sysfs_create_group"
    - libertas: register sysfs groups properly
    - Revert "ASoC: cs43130: fix a NULL pointer dereference"
    - ASoC: cs43130: handle errors in cs43130_probe() properly
    - Revert "media: dvb: Add check on sp8870_readreg"
    - media: dvb: Add check on sp8870_readreg return
    - Revert "media: gspca: mt9m111: Check write_bridge for timeout"
    - media: gspca: mt9m111: Check write_bridge for timeout
    - Revert "media: gspca: Check the return value of write_bridge for timeout"
    - media: gspca: properly check for errors in po1030_probe()
    - Revert "net: liquidio: fix a NULL pointer dereference"
    - net: liquidio: Add missing null pointer checks
    - Revert "brcmfmac: add a check for the status of usb_register"
    - brcmfmac: properly check for bus register errors
    - btrfs: return whole extents in fiemap
    - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
    - openrisc: Define memory barrier mb
    - btrfs: do not BUG_ON in link_to_fixup_dir
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list
    - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
    - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700
      tablet
    - SMB3: incorrect file id in requests compounded with open
    - drm/amd/display: Disconnect non-DP with no EDID
    - drm/amd/amdgpu: fix refcount leak
    - drm/amdgpu: Fix a use-after-free
    - drm/amd/amdgpu: fix a potential deadlock in gpu reset
    - net: netcp: Fix an error message
    - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
    - ASoC: cs42l42: Regmap must use_single_read/write
    - vfio-ccw: Check initialized flag in cp_init()
    - net: really orphan skbs tied to closing sk
    - net: fec: fix the potential memory leak in fec_enet_init()
    - net: mdio: thunder: Fix a double free issue in the .remove function
    - net: mdio: octeon: Fix some double free issues
    - openvswitch: meter: fix race when getting now_ms.
    - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
    - net: sched: fix packet stuck problem for lockless qdisc
    - net: sched: fix tx action rescheduling issue during deactivation
    - net: sched: fix tx action reschedule issue with stopped queue
    - net: hso: check for allocation failure in hso_create_bulk_serial_device()
    - net: bnx2: Fix error return code in bnx2_init_board()
    - bnxt_en: Include new P5 HV definition in VF check.
    - mld: fix panic in mld_newpack()
    - gve: Check TX QPL was actually assigned
    - gve: Update mgmt_msix_idx if num_ntfy changes
    - gve: Add NULL pointer checks when freeing irqs.
    - gve: Upgrade memory barrier in poll routine
    - gve: Correct SKB queue index validation.
    - cxgb4: avoid accessing registers when clearing filters
    - staging: emxx_udc: fix loop in _nbu2ss_nuke()
    - ASoC: cs35l33: fix an error code in probe()
    - bpf: Set mac_len in bpf_skb_change_head
    - ixgbe: fix large MTU request from VF
    - scsi: libsas: Use _safe() loop in sas_resume_port()
    - net: lantiq: fix memory corruption in RX ring
    - ipv6: record frag_max_size in atomic fragments in input path
    - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
      static
    - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
    - sch_dsmark: fix a NULL deref in qdisc_reset()
    - MIPS: alchemy: xxs1500: add gpio-au1000.h header file
    - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
    - drm/i915/display: fix compiler warning about array overrun
    - i915: fix build warning in intel_dp_get_link_status()
    - drivers/net/ethernet: clean up unused assignments
    - net: hns3: check the return of skb_checksum_help()
    - Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
    - net: hso: bail out on interrupt URB allocation failure
    - neighbour: Prevent Race condition in neighbour subsytem
    - usb: core: reduce power-on-good delay time of root hub
    - Linux 5.4.124
  * Focal update: v5.4.123 upstream stable release (LP: #1931160)
    - usb: dwc3: gadget: Enable suspend events
    - perf unwind: Fix separate debug info files when using elfutils' libdw's
      unwinder
    - perf unwind: Set userdata for all __report_module() paths
    - NFC: nci: fix memory leak in nci_allocate_device
    - Linux 5.4.123
  * Focal update: v5.4.122 upstream stable release (LP: #1931159)
    - firmware: arm_scpi: Prevent the ternary sign expansion bug
    - openrisc: Fix a memory leak
    - RDMA/siw: Properly check send and receive CQ pointers
    - RDMA/siw: Release xarray entry
    - RDMA/rxe: Clear all QP fields if creation failed
    - scsi: ufs: core: Increase the usable queue depth
    - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
    - RDMA/mlx5: Recover from fatal event in dual port mode
    - RDMA/core: Don't access cm_id after its destruction
    - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
    - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
    - RDMA/uverbs: Fix a NULL vs IS_ERR() bug
    - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
    - nvmet: seset ns->file when open fails
    - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
    - btrfs: avoid RCU stalls while running delayed iputs
    - cifs: fix memory leak in smb2_copychunk_range
    - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high
      sampling transfer frequency
    - ALSA: intel8x0: Don't update period unless prepared
    - ALSA: line6: Fix racy initialization of LINE6 MIDI
    - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
    - ALSA: firewire-lib: fix calculation for size of IR context payload
    - ALSA: usb-audio: Validate MS endpoint descriptors
    - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
    - ALSA: hda: fixup headset for ASUS GU502 laptop
    - Revert "ALSA: sb8: add a check for request_region"
    - ALSA: firewire-lib: fix check for the size of isochronous packet payload
    - ALSA: hda/realtek: reset eapd coeff to default value for alc287
    - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
    - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
    - ALSA: hda/realtek: Add fixup for HP OMEN laptop
    - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
    - uio_hv_generic: Fix a memory leak in error handling paths
    - Revert "rapidio: fix a NULL pointer dereference when create_workqueue()
      fails"
    - rapidio: handle create_workqueue() failure
    - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer
      dereference"
    - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
    - drm/amdgpu: update gc golden setting for Navi12
    - drm/amdgpu: update sdma golden setting for Navi12
    - mmc: sdhci-pci-gli: increase 1.8V regulator wait
    - xen-pciback: reconfigure also from backend watch handler
    - dm snapshot: fix crash with transient storage and zero chunk size
    - Revert "video: hgafb: fix potential NULL pointer dereference"
    - Revert "net: stmicro: fix a missing check of clk_prepare"
    - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
    - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
    - Revert "video: imsttfb: fix potential NULL pointer dereferences"
    - Revert "ecryptfs: replace BUG_ON with error handling code"
    - Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
    - Revert "gdrom: fix a memory leak bug"
    - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
    - cdrom: gdrom: initialize global variable at init time
    - Revert "media: rcar_drif: fix a memory disclosure"
    - Revert "rtlwifi: fix a potential NULL pointer dereference"
    - Revert "qlcnic: Avoid potential NULL pointer dereference"
    - Revert "niu: fix missing checks of niu_pci_eeprom_read"
    - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
    - net: stmicro: handle clk_prepare() failure during init
    - scsi: ufs: handle cleanup correctly on devm_reset_control_get error
    - net: rtlwifi: properly check for alloc_workqueue() failure
    - ics932s401: fix broken handling of errors when word reading fails
    - leds: lp5523: check return value of lp5xx_read and jump to cleanup code
    - qlcnic: Add null check after calling netdev_alloc_skb
    - video: hgafb: fix potential NULL pointer dereference
    - vgacon: Record video mode changes with VT_RESIZEX
    - vt: Fix character height handling with VT_RESIZEX
    - tty: vt: always invoke vc->vc_sw->con_resize callback
    - nvme-multipath: fix double initialization of ANA state
    - ext4: fix error handling in ext4_end_enable_verity()
    - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
    - nvmet: use new ana_log_size instead the old one
    - video: hgafb: correctly handle card detect failure during probe
    - Bluetooth: SMP: Fail if remote and local public keys are identical
    - Linux 5.4.122
  * Focal update: v5.4.121 upstream stable release (LP: #1931158)
    - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
    - kgdb: fix gcc-11 warning on indentation
    - usb: sl811-hcd: improve misleading indentation
    - cxgb4: Fix the -Wmisleading-indentation warning
    - isdn: capi: fix mismatched prototypes
    - pinctrl: ingenic: Improve unreachable code generation
    - xsk: Simplify detection of empty and full rings
    - virtio_net: Do not pull payload in skb->head
    - PCI: thunder: Fix compile testing
    - dmaengine: dw-edma: Fix crash on loading/unloading driver
    - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
    - ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
    - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated
      devices
    - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a
      stuck state
    - um: Mark all kernel symbols as local
    - um: Disable CONFIG_GCOV with MODULES
    - ARM: 9075/1: kernel: Fix interrupted SMC calls
    - scripts/recordmcount.pl: Fix RISC-V regex for clang
    - riscv: Workaround mcount name prior to clang-13
    - scsi: lpfc: Fix illegal memory access on Abort IOCBs
    - ceph: fix fscache invalidation
    - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not
      found
    - bridge: Fix possible races between assigning rx_handler_data and setting
      IFF_BRIDGE_PORT bit
    - drm/amd/display: Fix two cursor duplication when using overlay
    - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
    - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
    - block: reexpand iov_iter after read/write
    - lib: stackdepot: turn depot_lock spinlock to raw_spinlock
    - net: stmmac: Do not enable RX FIFO overflow interrupts
    - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    - sit: proper dev_{hold|put} in ndo_[un]init methods
    - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    - ipv6: remove extra dev_hold() for fallback tunnels
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - tweewide: Fix most Shebang lines
    - scripts: switch explicitly to Python 3
    - Linux 5.4.121
  * Focal update: v5.4.120 upstream stable release (LP: #1930474)
    - tpm: fix error return code in tpm2_get_cc_attrs_tbl()
    - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    - tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    - KVM: x86/mmu: Remove the defunct update_pte() paging hook
    - PM: runtime: Fix unpaired parent child_count for force_resume
    - fs: dlm: fix debugfs dump
    - tipc: convert dest node's address to network order
    - ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    - net: stmmac: Set FIFO sizes for ipq806x
    - ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    - i2c: bail out early when RDWR parameters are wrong
    - ALSA: hdsp: don't disable if not enabled
    - ALSA: hdspm: don't disable if not enabled
    - ALSA: rme9652: don't disable if not enabled
    - ALSA: bebob: enable to deliver MIDI messages for multiple ports
    - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    - Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    - net: bridge: when suppression is enabled exclude RARP packets
    - Bluetooth: check for zapped sk before connecting
    - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    - i2c: Add I2C_AQ_NO_REP_START adapter quirk
    - mac80211: clear the beacon's CRC after channel switch
    - pinctrl: samsung: use 'int' for register masks in Exynos
    - mt76: mt76x0: disable GTK offloading
    - cuse: prevent clone
    - ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    - Revert "iommu/amd: Fix performance counter initialization"
    - iommu/amd: Remove performance counter pre-initialization test
    - drm/amd/display: Force vsync flip when reconfiguring MPCC
    - selftests: Set CC to clang in lib.mk if LLVM is set
    - kconfig: nconf: stop endless search loops
    - ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    - sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    - flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    - powerpc/smp: Set numa node before updating mask
    - ASoC: rt286: Generalize support for ALC3263 codec
    - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    - net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    - samples/bpf: Fix broken tracex1 due to kprobe argument change
    - powerpc/pseries: Stop calling printk in rtas_stop_self()
    - drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    - qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    - powerpc/iommu: Annotate nested lock for lockdep
    - iavf: remove duplicate free resources calls
    - net: ethernet: mtk_eth_soc: fix RX VLAN offload
    - bnxt_en: Add PCI IDs for Hyper-V VF devices.
    - ia64: module: fix symbolizer crash on fdescr
    - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    - thermal: thermal_of: Fix error return code of
      thermal_of_populate_bind_params()
    - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    - PCI: Release OF node in pci_scan_device()'s error path
    - ARM: 9064/1: hw_breakpoint: Do not directly check the event's
      overflow_handler hook
    - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    - NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    - NFS: Deal correctly with attribute generation counter overflow
    - PCI: endpoint: Fix missing destroy_workqueue()
    - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    - NFSv4.2 fix handling of sr_eof in SEEK's reply
    - rtc: fsl-ftm-alarm: add MODULE_TABLE()
    - ceph: fix inode leak on getattr error in __fh_to_dentry
    - rtc: ds1307: Fix wday settings for rx8130
    - net: hns3: fix incorrect configuration for igu_egu_hw_err
    - net: hns3: initialize the message content in hclge_get_link_mode()
    - net: hns3: add check for HNS3_NIC_STATE_INITED in
      hns3_reset_notify_up_enet()
    - net: hns3: fix for vxlan gpe tx checksum bug
    - net: hns3: use netif_tx_disable to stop the transmit queue
    - net: hns3: disable phy loopback setting in hclge_mac_start_phy
    - sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    - RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    - sunrpc: Fix misplaced barrier in call_decode
    - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    - netfilter: xt_SECMARK: add new revision to fix structure layout
    - drm/radeon: Fix off-by-one power_state index heap overwrite
    - drm/radeon: Avoid power table parsing memory leaks
    - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    - mm/migrate.c: fix potential indeterminate pte entry in
      migrate_vma_insert_page()
    - ksm: fix potential missing rmap_item for stable_node
    - net: fix nla_strcmp to handle more then one trailing null character
    - smc: disallow TCP_ULP in smc_setsockopt()
    - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    - can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    - sched: Fix out-of-bound access in uclamp
    - sched/fair: Fix unfairness caused by missing load decay
    - kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    - netfilter: nftables: avoid overflows in nft_hash_buckets()
    - i40e: Fix use-after-free in i40e_client_subtask()
    - i40e: fix the restart auto-negotiation after FEC modified
    - i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    - ARC: entry: fix off-by-one error in syscall number validation
    - ARC: mm: PAE: use 40-bit physical page mask
    - powerpc/64s: Fix crashes when toggling stf barrier
    - powerpc/64s: Fix crashes when toggling entry flush barrier
    - hfsplus: prevent corruption in shrinking truncate
    - squashfs: fix divide error in calculate_skip()
    - userfaultfd: release page in error path to avoid BUG_ON
    - mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected
    - drm/i915: Avoid div-by-zero on gen2
    - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    - usb: fotg210-hcd: Fix an error message
    - hwmon: (occ) Fix poll rate limiting
    - ACPI: scan: Fix a memory leak in an error handling path
    - kyber: fix out of bounds access when preempted
    - nbd: Fix NULL pointer in flush_workqueue
    - blk-mq: Swap two calls in blk_mq_exit_queue()
    - iomap: fix sub-page uptodate handling
    - usb: dwc3: omap: improve extcon initialization
    - usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    - usb: xhci: Increase timeout for HC halt
    - usb: dwc2: Fix gadget DMA unmap direction
    - usb: core: hub: fix race condition about TRSMRCY of resume
    - usb: dwc3: gadget: Return success always for kick transfer in ep queue
    - xhci: Do not use GFP_KERNEL in (potentially) atomic context
    - xhci: Add reset resume quirk for AMD xhci controller.
    - iio: gyro: mpu3050: Fix reported temperature value
    - iio: tsl2583: Fix division by a zero lux_val
    - cdc-wdm: untangle a circular dependency between callback and softint
    - KVM: x86: Cancel pvclock_gtod_work on module removal
    - mm: fix struct page layout on 32-bit systems
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - MIPS: Reinstate platform `__div64_32' handler
    - MIPS: Avoid DIVU in `__div64_32' is result would be zero
    - MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
    - ARM: 9012/1: move device tree mapping out of linear region
    - ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual
      address
    - ARM: 9027/1: head.S: explicitly map DT even if it lives in the first
      physical section
    - usb: typec: tcpm: Fix error while calculating PPS out values
    - kobject_uevent: remove warning in init_uevent_argv()
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - clk: exynos7: Mark aclk_fsys1_200 as critical
    - nvme: do not try to reconfigure APST when the controller is not live
    - ASoC: rsnd: check all BUSIF status when error
    - Linux 5.4.120
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Thu, 15 Jul 2021 11:24:59 +0200

Changed in linux-azure (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-08-12:

#5

Download full text (18.2 KiB)

This bug was fixed in the package linux - 5.4.0-81.91

---------------
linux (5.4.0-81.91) focal; urgency=medium

* Packaging resync (LP: #1786013)
- update dkms package versions

* large_dir in ext4 broken (LP: #1933074)
- SAUCE: ext4: fix directory index node split corruption

  * Some test in kselftest/net on focal source tree were not tested at all
    (LP: #1934282)
    - selftests/net: add missing tests to Makefile

* curtin: install flash-kernel in arm64 UEFI unexpected (LP: #1918427)
- [Packaging] Allow grub-efi-arm* to satisfy recommends on ARM

* Add l2tp.sh in net from ubuntu_kernel_selftests back (LP: #1934293)
- Revert "UBUNTU: SAUCE: selftests/net -- disable l2tp.sh test"

  * icmp_redirect.sh in net from ubuntu_kernel_selftests failed on F-OEM-5.6 /
    F-OEM-5.10 / F-OEM-5.13 / F / G / H (LP: #1880645)
    - selftests: icmp_redirect: support expected failures

  * Focal update: v5.4.128 upstream stable release (LP: #1934179)
    - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM
    - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM
    - dmaengine: stedma40: add missing iounmap() on error in d40_probe()
    - afs: Fix an IS_ERR() vs NULL check
    - mm/memory-failure: make sure wait for page writeback in memory_failure
    - kvm: LAPIC: Restore guard to prevent illegal APIC register access
    - batman-adv: Avoid WARN_ON timing related checks
    - net: ipv4: fix memory leak in netlbl_cipsov4_add_std
    - vrf: fix maximum MTU
    - net: rds: fix memory leak in rds_recvmsg
    - net: lantiq: disable interrupt before sheduling NAPI
    - udp: fix race between close() and udp_abort()
    - rtnetlink: Fix regression in bridge VLAN configuration
    - net/sched: act_ct: handle DNAT tuple collision
    - net/mlx5e: Remove dependency in IPsec initialization flows
    - net/mlx5e: Fix page reclaim for dead peer hairpin
    - net/mlx5: Consider RoCE cap before init RDMA resources
    - net/mlx5e: allow TSO on VXLAN over VLAN topologies
    - net/mlx5e: Block offload of outer header csum for UDP tunnels
    - netfilter: synproxy: Fix out of bounds when parsing TCP options
    - sch_cake: Fix out of bounds when parsing TCP options and header
    - alx: Fix an error handling path in 'alx_probe()'
    - net: stmmac: dwmac1000: Fix extended MAC address registers definition
    - net: make get_net_ns return error if NET_NS is disabled
    - qlcnic: Fix an error handling path in 'qlcnic_probe()'
    - netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
    - net: qrtr: fix OOB Read in qrtr_endpoint_post
    - ptp: improve max_adj check against unreasonable values
    - net: cdc_ncm: switch to eth%d interface naming
    - lantiq: net: fix duplicated skb in rx descriptor ring
    - net: usb: fix possible use-after-free in smsc75xx_bind
    - net: fec_ptp: fix issue caused by refactor the fec_devtype
    - net: ipv4: fix memory leak in ip_mc_add1_src
    - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock
    - be2net: Fix an error handling path in 'be_probe()'
    - net: hamradio: fix memory leak in mkiss_close
    - net: cdc_eem: fix tx fixup skb leak
    - cxgb4: fix wrong shift.
    - bnx...

This bug was fixed in the package linux - 5.4.0-81.91

---------------
linux (5.4.0-81.91) focal; urgency=medium

* Packaging resync (LP: #1786013)
    - update dkms package versions

* large_dir in ext4 broken (LP: #1933074)
    - SAUCE: ext4: fix directory index node split corruption

* Some test in kselftest/net on focal source tree were not tested at all
    (LP: #1934282)
    - selftests/net: add missing tests to Makefile

* curtin: install flash-kernel in arm64 UEFI unexpected (LP: #1918427)
    - [Packaging] Allow grub-efi-arm* to satisfy recommends on ARM

* Add l2tp.sh in net from ubuntu_kernel_selftests back (LP: #1934293)
    - Revert "UBUNTU: SAUCE: selftests/net -- disable l2tp.sh test"

* icmp_redirect.sh in net from ubuntu_kernel_selftests failed on F-OEM-5.6 /
    F-OEM-5.10 / F-OEM-5.13 / F / G / H (LP: #1880645)
    - selftests: icmp_redirect: support expected failures

* Focal update: v5.4.128 upstream stable release (LP: #1934179)
    - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM
    - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM
    - dmaengine: stedma40: add missing iounmap() on error in d40_probe()
    - afs: Fix an IS_ERR() vs NULL check
    - mm/memory-failure: make sure wait for page writeback in memory_failure
    - kvm: LAPIC: Restore guard to prevent illegal APIC register access
    - batman-adv: Avoid WARN_ON timing related checks
    - net: ipv4: fix memory leak in netlbl_cipsov4_add_std
    - vrf: fix maximum MTU
    - net: rds: fix memory leak in rds_recvmsg
    - net: lantiq: disable interrupt before sheduling NAPI
    - udp: fix race between close() and udp_abort()
    - rtnetlink: Fix regression in bridge VLAN configuration
    - net/sched: act_ct: handle DNAT tuple collision
    - net/mlx5e: Remove dependency in IPsec initialization flows
    - net/mlx5e: Fix page reclaim for dead peer hairpin
    - net/mlx5: Consider RoCE cap before init RDMA resources
    - net/mlx5e: allow TSO on VXLAN over VLAN topologies
    - net/mlx5e: Block offload of outer header csum for UDP tunnels
    - netfilter: synproxy: Fix out of bounds when parsing TCP options
    - sch_cake: Fix out of bounds when parsing TCP options and header
    - alx: Fix an error handling path in 'alx_probe()'
    - net: stmmac: dwmac1000: Fix extended MAC address registers definition
    - net: make get_net_ns return error if NET_NS is disabled
    - qlcnic: Fix an error handling path in 'qlcnic_probe()'
    - netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
    - net: qrtr: fix OOB Read in qrtr_endpoint_post
    - ptp: improve max_adj check against unreasonable values
    - net: cdc_ncm: switch to eth%d interface naming
    - lantiq: net: fix duplicated skb in rx descriptor ring
    - net: usb: fix possible use-after-free in smsc75xx_bind
    - net: fec_ptp: fix issue caused by refactor the fec_devtype
    - net: ipv4: fix memory leak in ip_mc_add1_src
    - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock
    - be2net: Fix an error handling path in 'be_probe()'
    - net: hamradio: fix memory leak in mkiss_close
    - net: cdc_eem: fix tx fixup skb leak
    - cxgb4: fix wrong shift.
    - bnxt_en: Rediscover PHY capabilities after firmware reset
    - bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
    - icmp: don't send out ICMP messages with a source address of 0.0.0.0
    - net: ethernet: fix potential use-after-free in ec_bhf_remove
    - regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
    - ASoC: rt5659: Fix the lost powers for the HDA header
    - spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd()
    - pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled
    - radeon: use memcpy_to/fromio for UVD fw upload
    - hwmon: (scpi-hwmon) shows the negative temperature properly
    - can: bcm: fix infoleak in struct bcm_msg_head
    - can: bcm/raw/isotp: use per module netdevice notifier
    - can: j1939: fix Use-after-Free, hold skb ref while in use
    - can: mcba_usb: fix memory leak in mcba_usb
    - usb: core: hub: Disable autosuspend for Cypress CY7C65632
    - tracing: Do not stop recording cmdlines when tracing is off
    - tracing: Do not stop recording comms if the trace file is being read
    - tracing: Do no increment trace_clock_global() by one
    - PCI: Mark TI C667X to avoid bus reset
    - PCI: Mark some NVIDIA GPUs to avoid bus reset
    - PCI: aardvark: Don't rely on jiffies while holding spinlock
    - PCI: aardvark: Fix kernel panic during PIO transfer
    - PCI: Add ACS quirk for Broadcom BCM57414 NIC
    - PCI: Work around Huawei Intelligent NIC VF FLR erratum
    - KVM: x86: Immediately reset the MMU context when the SMM flag is cleared
    - ARCv2: save ABI registers across signal handling
    - x86/process: Check PF_KTHREAD and not current->mm for kernel threads
    - x86/pkru: Write hardware init value to PKRU when xstate is init
    - x86/fpu: Reset state for all signal restore failures
    - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
    - cfg80211: make certificate generation more robust
    - cfg80211: avoid double free of PMSR request
    - net: ll_temac: Make sure to free skb when it is completely used
    - net: ll_temac: Fix TX BD buffer overwrite
    - net: bridge: fix vlan tunnel dst null pointer dereference
    - net: bridge: fix vlan tunnel dst refcnt when egressing
    - mm/slub: clarify verification reporting
    - mm/slub: fix redzoning for small allocations
    - mm/slub.c: include swab.h
    - net: stmmac: disable clocks in stmmac_remove_config_dt()
    - net: fec_ptp: add clock rate zero check
    - tools headers UAPI: Sync linux/in.h copy with the kernel sources
    - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
    - ARM: OMAP: replace setup_irq() by request_irq()
    - clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support
    - clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue
    - clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940
    - usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
    - usb: dwc3: core: fix kernel panic when do reboot
    - Linux 5.4.128

* linux-azure CIFS DFS oops (LP: #1935833)
    - cifs: get rid of unused parameter in reconn_setup_dfs_targets()
    - cifs: handle empty list of targets in cifs_reconnect()

* pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: improve the test result processing

* cifs: On cifs_reconnect, resolve the hostname again (LP: #1929831)
    - cifs: rename reconn_inval_dfs_target()
    - cifs: Simplify reconnect code when dfs upcall is enabled
    - cifs: Avoid error pointer dereference
    - cifs: On cifs_reconnect, resolve the hostname again.

* Pixel format change broken for Elgato Cam Link 4K (LP: #1932367)
    - (upstream) media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K

* Focal update: v5.4.127 upstream stable release (LP: #1933851)
    - net: ieee802154: fix null deref in parse dev addr
    - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
    - HID: hid-input: add mapping for emoji picker key
    - HID: hid-sensor-hub: Return error for hid_set_field() failure
    - HID: quirks: Add quirk for Lenovo optical mouse
    - HID: multitouch: set Stylus suffix for Stylus-application devices, too
    - HID: Add BUS_VIRTUAL to hid_connect logging
    - HID: usbhid: fix info leak in hid_submit_ctrl
    - drm/tegra: sor: Do not leak runtime PM reference
    - ARM: OMAP2+: Fix build warning when mmc_omap is not built
    - gfs2: Prevent direct-I/O write fallback errors from getting lost
    - HID: gt683r: add missing MODULE_DEVICE_TABLE
    - riscv: Use -mno-relax when using lld linker
    - gfs2: Fix use-after-free in gfs2_glock_shrink_scan
    - scsi: target: core: Fix warning on realtime kernels
    - ethernet: myri10ge: Fix missing error code in myri10ge_probe()
    - scsi: qedf: Do not put host in qedf_vport_create() unconditionally
    - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
    - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues()
    - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue()
      fails
    - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue()
    - net: ipconfig: Don't override command-line hostnames or domains
    - drm/amd/display: Allow bandwidth validation for 0 streams.
    - rtnetlink: Fix missing error code in rtnl_bridge_notify()
    - net/x25: Return the correct errno code
    - net: Return the correct errno code
    - fib: Return the correct errno code
    - Linux 5.4.127

* Focal update: v5.4.126 upstream stable release (LP: #1933369)
    - proc: Check /proc/$pid/attr/ writes against file opener
    - proc: Track /proc/$pid/attr/ opener mm_struct
    - ASoC: max98088: fix ni clock divider calculation
    - spi: Fix spi device unregister flow
    - net/nfc/rawsock.c: fix a permission check bug
    - usb: cdns3: Fix runtime PM imbalance on error
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
    - vfio-ccw: Serialize FSM IDLE state with I/O completion
    - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE
    - spi: sprd: Add missing MODULE_DEVICE_TABLE
    - isdn: mISDN: netjet: Fix crash in nj_probe:
    - bonding: init notify_work earlier to avoid uninitialized use
    - netlink: disable IRQs for netlink_lock_table()
    - net: mdiobus: get rid of a BUG_ON()
    - cgroup: disable controllers at parse time
    - wq: handle VM suspension in stall detection
    - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock
    - RDS tcp loopback connection can hang
    - scsi: bnx2fc: Return failure if io_req is already in ABTS processing
    - scsi: vmw_pvscsi: Set correct residual data length
    - scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
    - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
    - net: macb: ensure the device is available before accessing GEMGXL control
      registers
    - net: appletalk: cops: Fix data race in cops_probe1
    - net: dsa: microchip: enable phy errata workaround on 9567
    - nvme-fabrics: decode host pathing error for connect
    - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER
    - dm verity: fix require_signatures module_param permissions
    - bnx2x: Fix missing error code in bnx2x_iov_init_one()
    - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
    - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers
    - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers
    - spi: Don't have controller clean up spi device before driver unbind
    - spi: Cleanup on failure of initial setup
    - i2c: mpc: Make use of i2c_recover_bus()
    - i2c: mpc: implement erratum A-004447 workaround
    - x86/boot: Add .text.* to setup.ld
    - spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
    - drm: Fix use-after-free read in drm_getunique()
    - drm: Lock pointer access in drm_master_release()
    - kvm: avoid speculation-based attacks from out-of-range memslot accesses
    - staging: rtl8723bs: Fix uninitialized variables
    - btrfs: return value from btrfs_mark_extent_written() in case of error
    - btrfs: promote debugging asserts to full-fledged checks in validate_super
    - cgroup1: don't allow '\n' in renaming
    - USB: f_ncm: ncm_bitrate (speed) is unsigned
    - usb: f_ncm: only first packet of aggregate needs to start timer
    - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms
    - usb: dwc3: ep0: fix NULL pointer exception
    - usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
    - usb: typec: wcove: Use LE to CPU conversion when accessing msg->header
    - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path
    - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
    - USB: serial: ftdi_sio: add NovaTech OrionMX product ID
    - USB: serial: omninet: add device id for Zyxel Omni 56K Plus
    - USB: serial: quatech2: fix control-request directions
    - USB: serial: cp210x: fix alternate function for CP2102N QFN20
    - usb: gadget: eem: fix wrong eem header operation
    - usb: fix various gadgets null ptr deref on 10gbps cabling.
    - usb: fix various gadget panics on 10gbps cabling
    - regulator: core: resolve supply for boot-on/always-on regulators
    - regulator: max77620: Use device_set_of_node_from_dev()
    - usb: typec: mux: Fix copy-paste mistake in typec_mux_match
    - RDMA/ipoib: Fix warning caused by destroying non-initial netns
    - RDMA/mlx4: Do not map the core_clock page to user space unless enabled
    - vmlinux.lds.h: Avoid orphan section with !SMP
    - perf: Fix data race between pin_count increment/decrement
    - sched/fair: Make sure to update tg contrib for blocked load
    - KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
    - IB/mlx5: Fix initializing CQ fragments buffer
    - NFS: Fix a potential NULL dereference in nfs_get_client()
    - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode()
    - perf session: Correct buffer copying when peeking events
    - kvm: fix previous commit for 32-bit builds
    - NFS: Fix use-after-free in nfs4_init_client()
    - NFSv4: Fix second deadlock in nfs4_evict_inode()
    - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error.
    - scsi: core: Fix error handling of scsi_host_alloc()
    - scsi: core: Fix failure handling of scsi_add_host_with_dma()
    - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING
    - scsi: core: Only put parent device if host state differs from SHOST_CREATED
    - ftrace: Do not blindly read the ip address in ftrace_bug()
    - tracing: Correct the length check which causes memory corruption
    - proc: only require mm_struct for writing
    - Linux 5.4.126

* Focal update: v5.4.125 upstream stable release (LP: #1932957)
    - btrfs: tree-checker: do not error out if extent ref hash doesn't match
    - net: usb: cdc_ncm: don't spew notifications
    - ALSA: usb: update old-style static const declaration
    - nl80211: validate key indexes for cfg80211_registered_device
    - hwmon: (dell-smm-hwmon) Fix index values
    - netfilter: conntrack: unregister ipv4 sockopts on error unwind
    - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
    - efi: cper: fix snprintf() use in cper_dimm_err_location()
    - vfio/pci: Fix error return code in vfio_ecap_init()
    - vfio/pci: zap_vma_ptes() needs MMU
    - samples: vfio-mdev: fix error handing in mdpy_fb_probe()
    - vfio/platform: fix module_put call in error flow
    - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
    - HID: pidff: fix error return code in hid_pidff_init()
    - HID: i2c-hid: fix format string mismatch
    - net/sched: act_ct: Fix ct template allocation for zone 0
    - ACPICA: Clean up context mutex during object deletion
    - netfilter: nft_ct: skip expectations for confirmed conntrack
    - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
    - ieee802154: fix error return code in ieee802154_add_iface()
    - ieee802154: fix error return code in ieee802154_llsec_getparams()
    - ixgbevf: add correct exception tracing for XDP
    - ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
    - ice: write register with correct offset
    - ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared
    - ice: Allow all LLDP packets from PF to Tx
    - i2c: qcom-geni: Add shutdown callback for i2c
    - i40e: optimize for XDP_REDIRECT in xsk path
    - i40e: add correct exception tracing for XDP
    - arm64: dts: ls1028a: fix memory node
    - arm64: dts: zii-ultra: fix 12V_MAIN voltage
    - ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property
    - ARM: dts: imx7d-pico: Fix the 'tuning-step' property
    - ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells
    - bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act
    - tipc: add extack messages for bearer/media failure
    - tipc: fix unique bearer names sanity check
    - Bluetooth: fix the erroneous flush_work() order
    - Bluetooth: use correct lock to prevent UAF of hdev object
    - net: caif: added cfserl_release function
    - net: caif: add proper error handling
    - net: caif: fix memory leak in caif_device_notify
    - net: caif: fix memory leak in cfusbl_device_notify
    - HID: i2c-hid: Skip ELAN power-on command after reset
    - HID: magicmouse: fix NULL-deref on disconnect
    - HID: multitouch: require Finger field to mark Win8 reports as MT
    - ALSA: timer: Fix master timer notification
    - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx
    - ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch
    - ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators
    - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
    - usb: dwc2: Fix build in periphal-only mode
    - pid: take a reference when initializing `cad_pid`
    - ocfs2: fix data corruption by fallocate
    - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
    - drm/amdgpu: Don't query CE and UE errors
    - drm/amdgpu: make sure we unpin the UVD BO
    - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
    - btrfs: mark ordered extent and inode with error if we fail to finish
    - btrfs: fix error handling in btrfs_del_csums
    - btrfs: return errors from btrfs_del_csums in cleanup_ref_head
    - btrfs: fixup error handling in fixup_inode_link_counts
    - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
    - bnxt_en: Remove the setting of dev_port.
    - mm: add thp_order
    - XArray: add xa_get_order
    - XArray: add xas_split
    - mm/filemap: fix storing to a THP shadow entry
    - btrfs: fix unmountable seed device after fstrim
    - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode
    - KVM: arm64: Fix debug register indexing
    - lib/lz4: explicitly support in-place decompression
    - xen-pciback: redo VF placement in the virtual topology
    - i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops
    - neighbour: allow NUD_NOARP entries to be forced GCed
    - Linux 5.4.125

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Thu, 15 Jul 2021 20:01:02 +0200

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Ubuntu
linux-azure package

linux-azure CIFS DFS oops

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Focal	Fix Released	Medium	Unassigned
linux-azure (Ubuntu)	Fix Released	Undecided	Unassigned
Focal	Fix Released	Medium	Tim Gardner

Ubuntulinux-azure package

linux-azure CIFS DFS oops

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-azure package