Xenial update to 4.4.71 stable release

Bug #1697001 reported by Stefan Bader on 2017-06-09
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Stefan Bader

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.71 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.



The following patches from the 4.4.71 stable release shall be applied:
* sparc: Fix -Wstringop-overflow warning
* s390/qeth: handle sysfs error during initialization
* s390/qeth: unbreak OSM and OSN support
* s390/qeth: avoid null pointer dereference on OSN
* tcp: avoid fragmenting peculiar skbs in SACK
* sctp: fix src address selection if using secondary addresses for ipv6
* tcp: eliminate negative reordering in tcp_clean_rtx_queue
* net: Improve handling of failures on link and route dumps
* ipv6: Check ip6_find_1stfragopt() return value properly.
* bridge: netlink: check vlan_default_pvid range
* qmi_wwan: add another Lenovo EM74xx device ID
* bridge: start hello_timer when enabling KERNEL_STP in br_stp_start
* be2net: Fix offload features for Q-in-Q packets
* virtio-net: enable TSO/checksum offloads for Q-in-Q vlans
* tcp: avoid fastopen API to be used on AF_UNSPEC
* sctp: fix ICMP processing if skb is non-linear
* ipv4: add reference counting to metrics
* netem: fix skb_orphan_partial()
* net: phy: marvell: Limit errata to 88m1101
* vlan: Fix tcp checksum offloads in Q-in-Q vlans
* i2c: i2c-tiny-usb: fix buffer not being DMA capable
* mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read
* HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference
* scsi: mpt3sas: Force request partial completion alignment
* drm/radeon/ci: disable mclk switching for high refresh rates (v2)
* drm/radeon: Unbreak HPD handling for r600+
* pcmcia: remove left-over %Z format
* ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430
* slub/memcg: cure the brainless abuse of sysfs attributes
* drm/gma500/psb: Actually use VBT mode when it is found
* mm/migrate: fix refcount handling when !hugepage_migration_supported()
* mlock: fix mlock count can not decrease in race condition
* xfs: Fix missed holes in SEEK_HOLE implementation
* xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
* xfs: fix over-copying of getbmap parameters from userspace
* xfs: handle array index overrun in xfs_dir2_leaf_readbuf()
* xfs: prevent multi-fsb dir readahead from reading random blocks
* xfs: fix up quotacheck buffer list error handling
* xfs: support ability to wait on new inodes
* xfs: update ag iterator to support wait on new inodes
* xfs: wait on new inodes during quotaoff dquot release
* xfs: fix indlen accounting error on partial delalloc conversion
* xfs: bad assertion for delalloc an extent that start at i_size
* xfs: fix unaligned access in xfs_btree_visit_blocks
* xfs: in _attrlist_by_handle, copy the cursor back to userspace
* xfs: only return -errno or success from attr ->put_listent
* Linux 4.4.71

Stefan Bader (smb) on 2017-06-09
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) wrote :

The following patches were skipped as they already were applied:
* CVE-2017-9242
  - pv6: fix out of bound writes in __ip6_append_data()
* CVE-2017-9074
  - ipv6: Prevent overrun when parsing v6 header options
* CVE-2017-9075
  - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
* CVE-2017-9076 and CVE-2017-9077
  - ipv6/dccp: do not inherit ipv6_mc_list from parent
* CVE-2017-8890
  - dccp/tcp: do not inherit mc_list from parent

description: updated
Stefan Bader (smb) on 2017-06-22
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.4.0-87.110

linux (4.4.0-87.110) xenial; urgency=low

  * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)

  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

 -- Kleber Sacilotto de Souza <email address hidden> Tue, 18 Jul 2017 13:58:43 +0200

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers