Xenial update to 4.4.66 stable release

Bug #1688505 reported by Stefan Bader on 2017-05-05
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.66 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

The following patches from the 4.4.66 stable release shall be applied:
* f2fs: do more integrity verification for superblock
* xc2028: unlock on error in xc2028_set_config()
* ARM: OMAP2+: timer: add probe for clocksources
* clk: sunxi: Add apb0 gates for H3
* crypto: testmgr - fix out of bound read in __test_aead()
* drm/amdgpu: fix array out of bounds
* ext4: check if in-inode xattr is corrupted in ext4_expand_extra_isize_ea()
* md:raid1: fix a dead loop when read from a WriteMostly disk
* MIPS: Fix crash registers on non-crashing CPUs
* net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
* net_sched: close another race condition in tcf_mirred_release()
* RDS: Fix the atomicity for congestion map update
* regulator: core: Clear the supply pointer if enabling fails
* usb: gadget: f_midi: Fixed a bug when buflen was smaller than
  wMaxPacketSize
* xen/x86: don't lose event interrupts
* sparc64: kern_addr_valid regression
* sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write()
* net: neigh: guard against NULL solicit() method
* net: phy: handle state correctly in phy_stop_machine
* l2tp: purge socket queues in the .destruct() callback
* l2tp: take reference on sessions being dumped
* l2tp: fix PPP pseudo-wire auto-loading
* net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
* sctp: listen on the sock only when it's state is listening or closed
* tcp: clear saved_syn in tcp_disconnect()
* dp83640: don't recieve time stamps twice
* net: ipv6: RTF_PCPU should not be settable from userspace
* netpoll: Check for skb->queue_mapping
* ip6mr: fix notification device destruction
* macvlan: Fix device ref leak when purging bc_queue
* ipv6: check skb->protocol before lookup for nexthop
* ipv6: check raw payload size correctly in ioctl
* ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned
  type
* ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
* MIPS: KGDB: Use kernel context for sleeping threads
* MIPS: Avoid BUG warning in arch_check_elf
* p9_client_readdir() fix
* Input: i8042 - add Clevo P650RS to the i8042 reset list
* nfsd: check for oversized NFSv2/v3 arguments
* ARCv2: save r30 on kernel entry as gcc uses it for code-gen
* ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram
* Linux 4.4.66

CVE References

Stefan Bader (smb) wrote :

The following patches were skipped because they were already applied:

* bug #1678009 / CVE-2017-7308
  - net/packet: fix overflow in check for tp_frame_nr
  - net/packet: fix overflow in check for tp_reserve

tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) on 2017-05-05
description: updated
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (9.7 KiB)

This bug was fixed in the package linux - 4.4.0-79.100

---------------
linux (4.4.0-79.100) xenial; urgency=low

  * linux: 4.4.0-79.100 -proposed tracker (LP: #1691180)

  * linux-aws/linux-gke incorrectly producing and using linux-*-tools-
    common/linux-*-cloud-tools-common (LP: #1688579)
    - [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
      gke versions
    - [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
      aws versions
    - [Packaging] prevent linux-*-tools-common from being produced from non linux
      packages

  * CVE-2017-0605
    - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()

  * i915-bpo crashes on external hdmi input (LP: #1580272)
    - SAUCE: i915_bpo: Silence the warning about watermark entries not changing

  * Kernel panics on Xenial when using cgroups and strict CFS limits
    (LP: #1687512)
    - sched/fair: Initialize throttle_count for new task-groups lazily
    - sched/fair: Do not announce throttled next buddy in dequeue_task_fair()

  * bonding - mlx5 - speed changed to 0 after changing ring size (LP: #1687877)
    - bonding: allow notifications for bond_set_slave_link_state

  * Xenial update to 4.4.67 stable release (LP: #1689296)
    - timerfd: Protect the might cancel mechanism proper
    - Handle mismatched open calls
    - ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
    - ALSA: ppc/awacs: shut up maybe-uninitialized warning
    - drbd: avoid redefinition of BITS_PER_PAGE
    - mtd: avoid stack overflow in MTD CFI code
    - net: tg3: avoid uninitialized variable warning
    - netlink: Allow direct reclaim for fallback allocation
    - IB/qib: rename BITS_PER_PAGE to RVT_BITS_PER_PAGE
    - IB/ehca: fix maybe-uninitialized warnings
    - ext4: require encryption feature for EXT4_IOC_SET_ENCRYPTION_POLICY
    - ext4 crypto: revalidate dentry after adding or removing the key
    - ext4 crypto: use dget_parent() in ext4_d_revalidate()
    - ext4/fscrypto: avoid RCU lookup in d_revalidate
    - nfsd4: minor NFSv2/v3 write decoding cleanup
    - nfsd: stricter decoding of write-like NFSv2/v3 ops
    - dm ioctl: prevent stack leak in dm ioctl call
    - Linux 4.4.67

  * Precision Rack failed to resume from S4 (LP: #1686061)
    - x86 / hibernate: Use hlt_play_dead() when resuming from hibernation
    - x86/boot: Split out kernel_ident_mapping_init()
    - x86/power/64: Always create temporary identity mapping correctly

  * Xenial update to 4.4.66 stable release (LP: #1688505)
    - f2fs: do more integrity verification for superblock
    - xc2028: unlock on error in xc2028_set_config()
    - ARM: OMAP2+: timer: add probe for clocksources
    - clk: sunxi: Add apb0 gates for H3
    - crypto: testmgr - fix out of bound read in __test_aead()
    - drm/amdgpu: fix array out of bounds
    - ext4: check if in-inode xattr is corrupted in ext4_expand_extra_isize_ea()
    - md:raid1: fix a dead loop when read from a WriteMostly disk
    - MIPS: Fix crash registers on non-crashing CPUs
    - net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
    - net_sched: close another race condition in tcf_mirre...

Read more...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers