Bionic update to v4.14.14 stable release

Bug #1744330 reported by Seth Forshee on 2018-01-19
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Seth Forshee

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The v4.14.14 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

       The following patches from the v4.14.14 stable release shall be applied:

dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
KVM: Fix stack-out-of-bounds read in write_mmio
can: vxcan: improve handling of missing peer name attribute
can: gs_usb: fix return value of the "set_bittiming" callback
IB/srpt: Disable RDMA access by the initiator
IB/srpt: Fix ACL lookup during login
MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task
MIPS: Factor out NT_PRFPREG regset access helpers
MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
kvm: vmx: Scrub hardware GPRs at VM-exit
platform/x86: wmi: Call acpi_wmi_init() later
iw_cxgb4: only call the cq comp_handler when the cq is armed
iw_cxgb4: atomically flush the qp
iw_cxgb4: only clear the ARMED bit if a notification is needed
iw_cxgb4: reflect the original WR opcode in drain cqes
iw_cxgb4: when flushing, complete all wrs in a chain
x86/acpi: Handle SCI interrupts above legacy space gracefully
ALSA: pcm: Remove incorrect snd_BUG_ON() usages
ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error
ALSA: pcm: Add missing error checks in OSS emulation plugin builder
ALSA: pcm: Abort properly at pending signal in OSS read/write loops
ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
ALSA: aloop: Release cable upon open error path
ALSA: aloop: Fix inconsistent format due to incomplete rule
ALSA: aloop: Fix racy hw constraints adjustment
x86/acpi: Reduce code duplication in mp_override_legacy_irq()
8021q: fix a memory leak for VLAN 0 device
ip6_tunnel: disable dst caching if tunnel is dual-stack
net: core: fix module type in sock_diag_bind
phylink: ensure we report link down when LOS asserted
RDS: Heap OOB write in rds_message_alloc_sgs()
RDS: null pointer dereference in rds_atomic_free_op
net: fec: restore dev_id in the cases of probe error
net: fec: defer probe if regulator is not ready
net: fec: free/restore resource in related probe error pathes
sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled
sctp: fix the handling of ICMP Frag Needed for too small MTUs
sh_eth: fix TSU resource handling
net: stmmac: enable EEE in MII, GMII or RGMII only
sh_eth: fix SH7757 GEther initialization
ipv6: fix possible mem leaks in ipv6_make_skb()
ethtool: do not print warning for applications using legacy API
mlxsw: spectrum_router: Fix NULL pointer deref
net/sched: Fix update of lastuse in act modules implementing stats_update
ipv6: sr: fix TLVs not being copied using setsockopt
mlxsw: spectrum: Relax sanity checks during enslavement
sfp: fix sfp-bus oops when removing socket/upstream
membarrier: Disable preemption when calling smp_call_function_many()
crypto: algapi - fix NULL dereference in crypto_remove_spawns()
mmc: renesas_sdhi: Add MODULE_LICENSE
rbd: reacquire lock should update lock owner client id
rbd: set max_segments to USHRT_MAX
iwlwifi: pcie: fix DMA memory mapping / unmapping
x86/microcode/intel: Extend BDW late-loading with a revision check
KVM: x86: Add memory barrier on vmcs field lookup
KVM: PPC: Book3S PR: Fix WIMG handling under pHyp
KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt
KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests
KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt()
drm/vmwgfx: Don't cache framebuffer maps
drm/vmwgfx: Potential off by one in vmw_view_add()
drm/i915/gvt: Clear the shadow page table entry after post-sync
drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake.
drm/i915: Move init_clock_gating() back to where it was
drm/i915: Fix init_clock_gating for resume
bpf: prevent out-of-bounds speculation
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
bpf: arsh is not supported in 32 bit alu thus reject it
USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
USB: serial: cp210x: add new device ID ELV ALC 8xxx
usb: misc: usb3503: make sure reset is low for at least 100us
USB: fix usbmon BUG trigger
USB: UDC core: fix double-free in usb_add_gadget_udc_release
usbip: remove kernel addresses from usb device and urb debug msgs
usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input
usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer
staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
Bluetooth: Prevent stack info leak from the EFS element.
uas: ignore UAS for Norelsys NS1068(X) chips
mux: core: fix double get_device()
kdump: write correct address of mem_section into vmcoreinfo
apparmor: fix ptrace label match when matching stacked labels
e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
x86/pti: Unbreak EFI old_memmap
x86/Documentation: Add PTI description
x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
sysfs/cpu: Add vulnerability folder
x86/cpu: Implement CPU vulnerabilites sysfs functions
x86/tboot: Unbreak tboot with PTI enabled
x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
x86/cpu/AMD: Make LFENCE a serializing instruction
x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
sysfs/cpu: Fix typos in vulnerability documentation
x86/alternatives: Fix optimize_nops() checking
x86/pti: Make unpoison of pgd for trusted boot work for real
objtool: Detect jumps to retpoline thunks
objtool: Allow alternatives to be ignored
x86/retpoline: Add initial retpoline support
x86/spectre: Add boot time option to select Spectre v2 mitigation
x86/retpoline/crypto: Convert crypto assembler indirect jumps
x86/retpoline/entry: Convert entry assembler indirect jumps
x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
x86/retpoline/hyperv: Convert assembler indirect jumps
x86/retpoline/xen: Convert Xen hypercall indirect jumps
x86/retpoline/checksum32: Convert assembler indirect jumps
x86/retpoline/irq32: Convert assembler indirect jumps
x86/retpoline: Fill return stack buffer on vmexit
selftests/x86: Add test_vsyscall
x86/pti: Fix !PCID and sanitize defines
security/Kconfig: Correct the Documentation reference for PTI
x86,perf: Disable intel_bts when PTI
x86/retpoline: Remove compile time warning
Linux 4.14.14

Seth Forshee (sforshee) on 2018-01-19
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → Medium
status: New → In Progress
description: updated
Seth Forshee (sforshee) on 2018-01-19
Changed in linux (Ubuntu):
status: In Progress → Fix Committed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers