Ubuntu
linux package

Xenial update to 4.4.70 stable release

Bug #1694621 reported by Stefan Bader on 2017-05-31

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Xenial	Fix Released	Medium	Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.70 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

git://git.kernel.org/

TEST CASE: TBD

The following patches from the 4.4.70 stable release shall be applied:
* usb: misc: legousbtower: Fix buffers on stack
* usb: misc: legousbtower: Fix memory leak
* USB: ene_usb6250: fix DMA to the stack
* watchdog: pcwd_usb: fix NULL-deref at probe
* char: lp: fix possible integer overflow in lp_setup()
* USB: core: replace %p with %pK
* ARM: tegra: paz00: Mark panel regulator as enabled on boot
* tpm_crb: check for bad response size
* infiniband: call ipv6 route lookup via the stub interface
* dm btree: fix for dm_btree_find_lowest_key()
* dm raid: select the Kconfig option CONFIG_MD_RAID0
* dm bufio: avoid a possible ABBA deadlock
* dm bufio: check new buffer allocation watermark every 30 seconds
* dm cache metadata: fail operations if fail_io mode has been established
* dm bufio: make the parameter "retain_bytes" unsigned long
* dm thin metadata: call precommit before saving the roots
* dm space map disk: fix some book keeping in the disk space map
* md: update slab_cache before releasing new stripes when stripes resizing
* rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
* mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
* ima: accept previously set IMA_NEW_FILE
* KVM: x86: Fix load damaged SSEx MXCSR register
* KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
* regulator: tps65023: Fix inverted core enable logic.
* s390/kdump: Add final note
* s390/cputime: fix incorrect system time
* ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
* ath9k_htc: fix NULL-deref at probe
* drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
calculations.
* drm/amdgpu: Make display watermark calculations more accurate
* drm/nouveau/therm: remove ineffective workarounds for alarm bugs
* drm/nouveau/tmr: ack interrupt before processing alarms
* drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
alarm
* drm/nouveau/tmr: avoid processing completed alarms when adding a new one
* drm/nouveau/tmr: handle races with hw when updating the next alarm time
* cdc-acm: fix possible invalid access when processing notification
* proc: Fix unbalanced hard link numbers
* of: fix sparse warning in of_pci_range_parser_one
* iio: dac: ad7303: fix channel description
* pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
* pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
* USB: serial: ftdi_sio: fix setting latency for unprivileged users
* USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
* ext4 crypto: don't let data integrity writebacks fail with ENOMEM
* ext4 crypto: fix some error handling
* net: qmi_wwan: Add SIMCom 7230E
* fscrypt: fix context consistency check when key(s) unavailable
* f2fs: check entire encrypted bigname when finding a dentry
* fscrypt: avoid collisions when presenting long encrypted filenames
* usb: host: xhci-plat: propagate return value of platform_get_irq()
* xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
* usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
* net: irda: irda-usb: fix firmware name on big-endian hosts
* usbvision: fix NULL-deref at probe
* mceusb: fix NULL-deref at probe
* ttusb2: limit messages to buffer size
* usb: musb: tusb6010_omap: Do not reset the other direction's packet size
* USB: iowarrior: fix info ioctl on big-endian hosts
* usb: serial: option: add Telit ME910 support
* USB: serial: qcserial: add more Lenovo EM74xx device IDs
* USB: serial: mct_u232: fix big-endian baud-rate handling
* USB: serial: io_ti: fix div-by-zero in set_termios
* USB: hub: fix SS hub-descriptor handling
* USB: hub: fix non-SS hub-descriptor handling
* ipx: call ipxitf_put() in ioctl error path
* iio: proximity: as3935: fix as3935_write
* ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
* gspca: konica: add missing endpoint sanity check
* s5p-mfc: Fix unbalanced call to clock management
* dib0700: fix NULL-deref at probe
* zr364xx: enforce minimum size when reading header
* dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
* cx231xx-audio: fix init error path
* cx231xx-audio: fix NULL-deref at probe
* cx231xx-cards: fix NULL-deref at probe
* powerpc/book3s/mce: Move add_taint() later in virtual mode
* powerpc/pseries: Fix of_node_put() underflow during DLPAR remove
* powerpc/64e: Fix hang when debugging programs with relocated kernel
* ARM: dts: at91: sama5d3_xplained: fix ADC vref
* ARM: dts: at91: sama5d3_xplained: not all ADC channels are available
* arm64: xchg: hazard against entire exchange variable
* arm64: uaccess: ensure extension of access_ok() addr
* arm64: documentation: document tagged pointer stack constraints
* xc2028: Fix use-after-free bug properly
* Revert "UBUNTU: SAUCE: mm: Respect FOLL_FORCE/FOLL_COW for thp"
* mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
* staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
* staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD.
* iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
* metag/uaccess: Fix access_ok()
* metag/uaccess: Check access_ok in strncpy_from_user
* uwb: fix device quirk on big-endian hosts
* genirq: Fix chained interrupt data ordering
* osf_wait4(): fix infoleak
* tracing/kprobes: Enforce kprobes teardown after testing
* PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
* PCI: Freeze PME scan before suspending devices
* drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
* nfsd: encoders mustn't use unitialized values in error cases
* drivers: char: mem: Check for address space wraparound with mmap()
* Linux 4.4.70

See original description

Tags:

CVE References

Stefan Bader (smb) on 2017-05-31

tags:

added: kernel-stable-tracking-bug

Stefan Bader (smb) on 2017-05-31

Changed in linux (Ubuntu Xenial):
assignee:	nobody → Stefan Bader (smb)
importance:	Undecided → Medium
status:	New → In Progress

Stefan Bader (smb) on 2017-05-31

description:

updated

Revision history for this message

Stefan Bader (smb) wrote on 2017-05-31:

The following patches were skipped because we already carry them for bug #1687512 "Kernel panics on Xenial when using cgroups and strict CFS limits":
- sched/fair: Do not announce throttled next buddy in dequeue_task_fair()
- sched/fair: Initialize throttle_count for new task-groups lazily

Also "mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp" was applied as a SAUCE patch and was reverted and re-applied from this stable update.

Thadeu Lima de Souza Cascardo (cascardo) on 2017-06-06

Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-06-28:

Download full text (18.8 KiB)

This bug was fixed in the package linux - 4.4.0-83.106

---------------
linux (4.4.0-83.106) xenial; urgency=low

* linux: 4.4.0-83.106 -proposed tracker (LP: #1700541)

  * CVE-2017-1000364
    - Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
    - Revert "mm: do not collapse stack gap into THP"
    - Revert "mm: enlarge stack guard gap"
    - mm: vma_adjust: remove superfluous confusing update in remove_next == 1 case
    - mm: larger stack guard gap, between vmas
    - mm: fix new crash in unmapped_area_topdown()
    - Allow stack to grow up to address space limit

linux (4.4.0-82.105) xenial; urgency=low

* linux: 4.4.0-82.105 -proposed tracker (LP: #1699064)

* CVE-2017-1000364
- SAUCE: mm: Only expand stack if guard area is hit

  * linux-aws/linux-gke incorrectly producing and using linux-*-tools-
    common/linux-*-cloud-tools-common (LP: #1688579)
    - [Config] make linux-tools-common and linux-cloud-tools-common protection
      consistent

* CVE-2017-9242
- ipv6: fix out of bound writes in __ip6_append_data()

* CVE-2017-9075
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

* CVE-2017-9074
- ipv6: Prevent overrun when parsing v6 header options

* CVE-2017-9076
- ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-9077
- ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-8890
- dccp/tcp: do not inherit mc_list from parent

  * Module signing exclusion for staging drivers does not work properly
    (LP: #1690908)
    - SAUCE: Fix module signing exclusion in package builds

* extend-diff-ignore should use exact matches (LP: #1693504)
- [Packaging] exact extend-diff-ignore matches

* Dell XPS 9360 wifi 5G performance is poor (LP: #1692836)
- SAUCE: ath10k: fix the wifi speed issue for kill 1535

* Upgrade Redpine WLAN/BT driver to ver. 1.2.RC12 (LP: #1694607)
- SAUCE: Redpine: Upgrade to ver. 1.2.RC12

  * [DP MST] No audio output through HDMI/DP/mDP ports in Dell WD15 and TB15
    docking stations (LP: #1694665)
    - drm/i915: Store port enum in intel_encoder
    - drm/i915: Eliminate redundant local variable definition
    - drm/i915: Switch to using port stored in intel_encoder
    - drm/i915: Move audio_connector to intel_encoder
    - drm/i915/dp: DP audio API changes for MST
    - drm/i915: abstract ddi being audio enabled
    - drm/i915/audio: extend get_saved_enc() to support more scenarios
    - drm/i915: enable dp mst audio

This bug was fixed in the package linux - 4.4.0-83.106

---------------
linux (4.4.0-83.106) xenial; urgency=low

* linux: 4.4.0-83.106 -proposed tracker (LP: #1700541)

linux (4.4.0-82.105) xenial; urgency=low

* linux: 4.4.0-82.105 -proposed tracker (LP: #1699064)

* CVE-2017-1000364
    - SAUCE: mm: Only expand stack if guard area is hit

* CVE-2017-9242
    - ipv6: fix out of bound writes in __ip6_append_data()

* CVE-2017-9075
    - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

* CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options

* CVE-2017-9076
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-9077
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-8890
    - dccp/tcp: do not inherit mc_list from parent

* Module signing exclusion for staging drivers does not work properly
    (LP: #1690908)
    - SAUCE: Fix module signing exclusion in package builds

* extend-diff-ignore should use exact matches (LP: #1693504)
    - [Packaging] exact extend-diff-ignore matches

* Dell XPS 9360 wifi 5G performance is poor (LP: #1692836)
    - SAUCE: ath10k: fix the wifi speed issue for kill 1535

*  Upgrade Redpine WLAN/BT driver to ver. 1.2.RC12 (LP: #1694607)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC12

* Xenial update to 4.4.70 stable release (LP: #1694621)
    - usb: misc: legousbtower: Fix buffers on stack
    - usb: misc: legousbtower: Fix memory leak
    - USB: ene_usb6250: fix DMA to the stack
    - watchdog: pcwd_usb: fix NULL-deref at probe
    - char: lp: fix possible integer overflow in lp_setup()
    - USB: core: replace %p with %pK
    - ARM: tegra: paz00: Mark panel regulator as enabled on boot
    - tpm_crb: check for bad response size
    - infiniband: call ipv6 route lookup via the stub interface
    - dm btree: fix for dm_btree_find_lowest_key()
    - dm raid: select the Kconfig option CONFIG_MD_RAID0
    - dm bufio: avoid a possible ABBA deadlock
    - dm bufio: check new buffer allocation watermark every 30 seconds
    - dm cache metadata: fail operations if fail_io mode has been established
    - dm bufio: make the parameter "retain_bytes" unsigned long
    - dm thin metadata: call precommit before saving the roots
    - dm space map disk: fix some book keeping in the disk space map
    - md: update slab_cache before releasing new stripes when stripes resizing
    - rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
    - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
    - ima: accept previously set IMA_NEW_FILE
    - KVM: x86: Fix load damaged SSEx MXCSR register
    - KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
    - regulator: tps65023: Fix inverted core enable logic.
    - s390/kdump: Add final note
    - s390/cputime: fix incorrect system time
    - ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
    - ath9k_htc: fix NULL-deref at probe
    - drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
      calculations.
    - drm/amdgpu: Make display watermark calculations more accurate
    - drm/nouveau/therm: remove ineffective workarounds for alarm bugs
    - drm/nouveau/tmr: ack interrupt before processing alarms
    - drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
      alarm
    - drm/nouveau/tmr: avoid processing completed alarms when adding a new one
    - drm/nouveau/tmr: handle races with hw when updating the next alarm time
    - cdc-acm: fix possible invalid access when processing notification
    - proc: Fix unbalanced hard link numbers
    - of: fix sparse warning in of_pci_range_parser_one
    - iio: dac: ad7303: fix channel description
    - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
    - pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
    - USB: serial: ftdi_sio: fix setting latency for unprivileged users
    - USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
    - ext4 crypto: don't let data integrity writebacks fail with ENOMEM
    - ext4 crypto: fix some error handling
    - net: qmi_wwan: Add SIMCom 7230E
    - fscrypt: fix context consistency check when key(s) unavailable
    - f2fs: check entire encrypted bigname when finding a dentry
    - fscrypt: avoid collisions when presenting long encrypted filenames
    - usb: host: xhci-plat: propagate return value of platform_get_irq()
    - xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
    - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
    - net: irda: irda-usb: fix firmware name on big-endian hosts
    - usbvision: fix NULL-deref at probe
    - mceusb: fix NULL-deref at probe
    - ttusb2: limit messages to buffer size
    - usb: musb: tusb6010_omap: Do not reset the other direction's packet size
    - USB: iowarrior: fix info ioctl on big-endian hosts
    - usb: serial: option: add Telit ME910 support
    - USB: serial: qcserial: add more Lenovo EM74xx device IDs
    - USB: serial: mct_u232: fix big-endian baud-rate handling
    - USB: serial: io_ti: fix div-by-zero in set_termios
    - USB: hub: fix SS hub-descriptor handling
    - USB: hub: fix non-SS hub-descriptor handling
    - ipx: call ipxitf_put() in ioctl error path
    - iio: proximity: as3935: fix as3935_write
    - ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
    - gspca: konica: add missing endpoint sanity check
    - s5p-mfc: Fix unbalanced call to clock management
    - dib0700: fix NULL-deref at probe
    - zr364xx: enforce minimum size when reading header
    - dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
    - cx231xx-audio: fix init error path
    - cx231xx-audio: fix NULL-deref at probe
    - cx231xx-cards: fix NULL-deref at probe
    - powerpc/book3s/mce: Move add_taint() later in virtual mode
    - powerpc/pseries: Fix of_node_put() underflow during DLPAR remove
    - powerpc/64e: Fix hang when debugging programs with relocated kernel
    - ARM: dts: at91: sama5d3_xplained: fix ADC vref
    - ARM: dts: at91: sama5d3_xplained: not all ADC channels are available
    - arm64: xchg: hazard against entire exchange variable
    - arm64: uaccess: ensure extension of access_ok() addr
    - arm64: documentation: document tagged pointer stack constraints
    - xc2028: Fix use-after-free bug properly
    - Revert "UBUNTU: SAUCE: mm: Respect FOLL_FORCE/FOLL_COW for thp"
    - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
    - staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
    - staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD.
    - iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
    - metag/uaccess: Fix access_ok()
    - metag/uaccess: Check access_ok in strncpy_from_user
    - uwb: fix device quirk on big-endian hosts
    - genirq: Fix chained interrupt data ordering
    - osf_wait4(): fix infoleak
    - tracing/kprobes: Enforce kprobes teardown after testing
    - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
    - PCI: Freeze PME scan before suspending devices
    - drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
    - nfsd: encoders mustn't use unitialized values in error cases
    - drivers: char: mem: Check for address space wraparound with mmap()
    - Linux 4.4.70

* Xenial update to 4.4.69 stable release (LP: #1692900)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - target: Convert ACL change queue_depth se_session reference usage
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - block: fix blk_integrity_register to use template's interval_exp if not 0
    - crypto: algif_aead - Require setkey before accept(2)
    - dm era: save spacemap metadata root after the pre-commit
    - vfio/type1: Remove locked page accounting workqueue
    - IB/core: Fix sysfs registration error flow
    - IB/IPoIB: ibX: failed to create mcg debug file
    - IB/mlx4: Fix ib device initialization error flow
    - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
    - ext4: evict inline data when writing to memory map
    - fs/xattr.c: zero out memory copied to userspace in getxattr
    - ceph: fix memory leak in __ceph_setxattr()
    - fs/block_dev: always invalidate cleancache in invalidate_bdev()
    - Set unicode flag on cifs echo request to avoid Mac error
    - SMB3: Work around mount failure when using SMB3 dialect to Macs
    - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
    - cifs: fix CIFS_IOC_GET_MNT_INFO oops
    - CIFS: add misssing SFM mapping for doublequote
    - padata: free correct variable
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - serial: samsung: Use right device for DMA-mapping calls
    - serial: omap: fix runtime-pm handling on unbind
    - serial: omap: suspend device on probe errors
    - tty: pty: Fix ldisc flush after userspace become aware of the data already
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - Bluetooth: hci_bcm: add missing tty-device sanity check
    - Bluetooth: hci_intel: add missing tty-device sanity check
    - mac80211: pass RX aggregation window size to driver
    - mac80211: pass block ack session timeout to to driver
    - mac80211: RX BA support for sta max_rx_aggregation_subframes
    - wlcore: Pass win_size taken from ieee80211_sta to FW
    - wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
    - ipmi: Fix kernel panic at ipmi_ssif_thread()
    - Linux 4.4.69

* Support IPMI system interface on Cavium ThunderX (LP: #1688132)
    - i2c: octeon: Cleanup kerneldoc comments
    - i2c: octeon: Cleanup i2c-octeon driver
    - i2c: octeon: Cleanup resource allocation code
    - i2c: octeon: Support I2C_M_RECV_LEN
    - i2c: octeon: Increase retry default and use fixed timeout value
    - i2c: octeon: Move set-clock and init-lowlevel upward
    - i2c: octeon: Rename [read|write]_sw to reg_[read|write]
    - i2c: octeon: Introduce helper functions for register access
    - i2c: octeon: Remove superfluous check in octeon_i2c_test_iflg
    - i2c: octeon: Improve error status checking
    - i2c: octeon: Use i2c recovery framework
    - i2c: octeon: Add flush writeq helper function
    - i2c: octeon: Enable High-Level Controller
    - i2c: octeon: Add support for cn78xx chips
    - i2c: octeon: Remove zero-length message support
    - i2c: octeon: Improve performance if interrupt is early
    - i2c: octeon: Add workaround for broken irqs on CN3860
    - i2c: octeon: Missing AAK flag in case of I2C_M_RECV_LEN
    - i2c: octeon: Avoid printk after too long SMBUS message
    - i2c: octeon: Rename driver to prepare for split
    - i2c: octeon: Split the driver into two parts
    - [Config] CONFIG_I2C_THUNDERX=m
    - i2c: thunderx: Add i2c driver for ThunderX SOC
    - i2c: thunderx: Add SMBUS alert support
    - i2c: octeon,thunderx: Move register offsets to struct
    - i2c: octeon: Sort include files alphabetically
    - i2c: octeon: Use booleon values for booleon variables
    - i2c: octeon: thunderx: Add MAINTAINERS entry
    - i2c: octeon: Fix set SCL recovery function
    - i2c: octeon: Avoid sending STOP during recovery
    - i2c: octeon: Fix high-level controller status check
    - i2c: octeon: thunderx: TWSI software reset in recovery
    - i2c: octeon: thunderx: Remove double-check after interrupt
    - i2c: octeon: thunderx: Limit register access retries
    - i2c: thunderx: Enable HWMON class probing

* Xenial update to 4.4.68 stable release (LP: #1691418)
    - 9p: fix a potential acl leak
    - ARM: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2 mode
    - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
    - powerpc/powernv: Fix opal_exit tracepoint opcode
    - power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
    - power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
    - power: supply: bq24190_charger: Install irq_handler_thread() at end of
      probe()
    - power: supply: bq24190_charger: Call power_supply_changed() for relevant
      component
    - power: supply: bq24190_charger: Don't read fault register outside
      irq_handle_thread()
    - power: supply: bq24190_charger: Handle fault before status on interrupt
    - leds: ktd2692: avoid harmless maybe-uninitialized warning
    - ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - mwifiex: remove redundant dma padding in AMSDU
    - mwifiex: Avoid skipping WEP key deletion for AP
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
    - clk: Make x86/ conditional on CONFIG_COMMON_CLK
    - kprobes/x86: Fix kernel panic when certain exception-handling addresses are
      probed
    - x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
    - Revert "KVM: nested VMX: disable perf cpuid reporting"
    - KVM: nVMX: initialize PML fields in vmcs02
    - KVM: nVMX: do not leak PML full vmexit to L1
    - usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: chipidea: Only read/write OTGSC from one place
    - usb: chipidea: Handle extcon events properly
    - USB: serial: keyspan_pda: fix receive sanity checks
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: quatech2: fix control-message error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - phy: qcom-usb-hs: Add depends on EXTCON
    - serial: 8250_omap: Fix probe and remove for PM runtime
    - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
    - MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
    - brcmfmac: Ensure pointer correctly set if skb data location changes
    - brcmfmac: Make skb header writable before use
    - staging: wlan-ng: add missing byte order conversion
    - staging: emxx_udc: remove incorrect __init annotations
    - ALSA: hda - Fix deadlock of controller device lock at unbinding
    - tcp: do not underestimate skb->truesize in tcp_trim_head()
    - bpf, arm64: fix jit branch offset related to ldimm64
    - tcp: fix wraparound issue in tcp_lp
    - tcp: do not inherit fastopen_req from parent
    - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
    - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
    - ipv6: initialize route null entry in addrconf_init()
    - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
    - bnxt_en: allocate enough space for ->ntp_fltr_bmap
    - f2fs: sanity check segment count
    - drm/ttm: fix use-after-free races in vm fault handling
    - block: get rid of blk_integrity_revalidate()
    - Linux 4.4.68

* Keyboard backlight control does not work on some dell laptops.
    (LP: #1693126)
    - platform/x86: dell-laptop: Add Latitude 7480 and others to the DMI whitelist
    - platform/x86: dell-laptop: Add keyboard backlight timeout AC settings

* Upgrade Redpine WLAN/BT driver to ver. 1.2.RC9 (LP: #1690498)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC9

* exec'ing a setuid binary from a threaded program sometimes fails to setuid
    (LP: #1672819)
    - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct

* attempts to rename vlans / vlans have addr_assign_type of 0 on kernel 4.4
    (LP: #1682871)
    - vlan: Propagate MAC address to VLANs

* Exar usb-serial doesn't restore baud rate after resume from S3/S4
    (LP: #1690362)
    - SAUCE: xr-usb-serial: re-initialise baudrate after resume from S3/S4

* st_pressure, st_accel IIO drivers fail to detect sensors after reloading
    kernel modules (LP: #1690310)
    - SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor platform data
      properly

* nvidia-docker on ppc64le-ubuntu16.04  issue due to cross-thread naming if
    !PR_DUMPABLE (LP: #1690225)
    - procfs: fix pthread cross-thread naming if !PR_DUMPABLE

* linux xenial derivatives fail to build (LP: #1691814)
    - [Packaging] Set do_tools_common in common vars

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Mon, 26 Jun 2017 12:27:55 -0300

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Po-Hsu Lin (cypressyew) on 2019-10-03

Changed in linux (Ubuntu):
status:	New → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

Xenial update to 4.4.70 stable release

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package