linux-kvm 4.18.0-1012.12 source package in Ubuntu

Changelog

linux-kvm (4.18.0-1012.12) cosmic; urgency=medium

  [ Ubuntu: 4.18.0-20.21 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-kvm (4.18.0-1011.11) cosmic; urgency=medium

  * linux-kvm: 4.18.0-1011.11 -proposed tracker (LP: #1826169)

  [ Ubuntu: 4.18.0-19.20 ]

  * linux: 4.18.0-19.20 -proposed tracker (LP: #1826171)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
    - [Debian] Set +x on rebuild testcase.
    - [Debian] Skip rebuild test, for regression-suite deps.
    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
    - [Debian] make rebuild use skippable error codes when skipping.
    - [Debian] Only run regression-suite, if requested to.
  * CVE-2017-5753
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - drm/bufs: Fix Spectre v1 vulnerability
    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
    - ipv4: Fix potential Spectre v1 vulnerability
    - aio: fix spectre gadget in lookup_ioctx
    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
    - ALSA: pcm: Fix potential Spectre v1 vulnerability
    - ip6mr: Fix potential Spectre v1 vulnerability
    - ALSA: rme9652: Fix potential Spectre v1 vulnerability
    - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
    - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
    - drm/ioctl: Fix Spectre v1 vulnerabilities
    - net: core: Fix Spectre v1 vulnerability
    - phonet: af_phonet: Fix Spectre v1 vulnerability
    - nfc: af_nfc: Fix Spectre v1 vulnerability
    - can: af_can: Fix Spectre v1 vulnerability
    - net: Revert recent Spectre-v1 patches.
    - char/mwave: fix potential Spectre v1 vulnerability
    - applicom: Fix potential Spectre v1 vulnerabilities
    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
    - powerpc/ptrace: Mitigate potential Spectre v1
    - cfg80211: prevent speculation on cfg80211_classify8021d() return
    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
    - ALSA: seq: oss: Fix Spectre v1 vulnerability
  * NULL pointer dereference when using z3fold and zswap (LP: #1814874)
    - z3fold: fix possible reclaim races
  * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
  * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
    - ALSA: hda/realtek - add two more pin configuration sets to quirk table
  * CVE-2018-16884
    - sunrpc: use SVC_NET() in svcauth_gss_* functions
    - sunrpc: use-after-free in svc_process_common()
  * AMD Rome :  Minimal support patches (LP: #1816669)
    - x86: irq_remapping: Move irq remapping mode enum
    - iommu/amd: Add support for higher 64-bit IOMMU Control Register
    - iommu/amd: Add support for IOMMU XT mode
  * sky2 ethernet card don't work after returning from suspension (LP: #1798921)
    - sky2: Increase D3 delay again
  * CVE-2019-9500
    - brcmfmac: assure SSID length from firmware is limited
  * CVE-2019-9503
    - brcmfmac: add subtype check for event handling in data path
  * CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container
  * CVE-2019-3887
    - KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
    - KVM: x86: nVMX: fix x2APIC VTPR read intercept
  * CVE-2019-3874
    - sctp: use sk_wmem_queued to check for writable space
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path
  * Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend
  * autofs kernel module missing (LP: #1824333)
    - [Config] Update autofs4 path in inclusion list
  * tasks doing write()/fsync() hit deadlock in write_cache_pages()
    (LP: #1824827)
    - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock
  * Pop noise when headset is plugged in or removed from GHS/Line-out jack
    (LP: #1821290)
    - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
      for ALC225
    - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
    - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
    - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
  * mac80211_hwsim unable to handle kernel NULL pointer dereference
    at0000000000000000  (LP: #1825058)
    - mac80211_hwsim: Timer should be initialized before device registered
  * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
    - ALSA: hda - Add two more machines to the power_save_blacklist
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
    unable to handle kernel paging request at 6db23a14" on Cosmic i386
    (LP: #1813244)
    - openvswitch: fix flow actions reallocation

 -- Stefan Bader <email address hidden>  Wed, 08 May 2019 10:02:22 +0200

Upload details

Uploaded by:
Stefan Bader on 2019-05-08
Uploaded to:
Cosmic
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Cosmic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
linux-kvm_4.18.0.orig.tar.gz 149.8 MiB fd5c4f5ab07d6dccf7ef79317e36c2754438fb3d79d750df1d9868bab0de9573
linux-kvm_4.18.0-1012.12.diff.gz 7.5 MiB 1799a71ed1a09965f4584b52e02dc5229369e2305f33c65df50642d57b6b58d5
linux-kvm_4.18.0-1012.12.dsc 3.9 KiB c0b78dd25e9cb7e28649370257ed11c40c3421a7e8aa12cc91059e903400e334

View changes file

Binary packages built by this source

linux-buildinfo-4.18.0-1012-kvm: Linux kernel buildinfo for version 4.18.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 4.18.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-headers-4.18.0-1012-kvm: Linux kernel headers for version 4.18.0 on 64 bit x86 SMP

 This package provides kernel header files for version 4.18.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-4.18.0-1012/debian.README.gz for details.

linux-image-4.18.0-1012-kvm: Linux kernel image for version 4.18.0 on 64 bit x86 SMP

 This package contains the Linux kernel image for version 4.18.0 on
 64 bit x86 SMP.
 .
 Supports amd64 processors.
 .
 Geared toward virtual systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-kvm meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-4.18.0-1012-kvm-dbgsym: Linux kernel debug image for version 4.18.0 on 64 bit x86 SMP

 This package provides the kernel debug image for version 4.18.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-kvm-headers-4.18.0-1012: Header files related to Linux kernel version 4.18.0

 This package provides kernel header files for version 4.18.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-kvm-headers-4.18.0-1012/debian.README.gz for details

linux-kvm-tools-4.18.0-1012: Linux kernel version specific tools for version 4.18.0-1012

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.18.0-1012 on
 64 bit x86.
 You probably want to install linux-tools-4.18.0-1012-<flavour>.

linux-modules-4.18.0-1012-kvm: Linux kernel extra modules for version 4.18.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports amd64 processors.
 .
 Geared toward virtual systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-kvm meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-tools-4.18.0-1012-kvm: Linux kernel version specific tools for version 4.18.0-1012

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.18.0-1012 on
 64 bit x86.