Xenial update to 4.4.106 stable release

Bug #1745047 reported by Khaled El Mously on 2018-01-23
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.106 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.



       The following patches from the 4.4.106 stable release shall be applied:
* can: ti_hecc: Fix napi poll return value for repoll
* can: kvaser_usb: free buf in error paths
* can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
* can: kvaser_usb: ratelimit errors if incomplete messages are received
* can: kvaser_usb: cancel urb on -EPIPE and -EPROTO
* can: ems_usb: cancel urb on -EPIPE and -EPROTO
* can: esd_usb2: cancel urb on -EPIPE and -EPROTO
* can: usb_8dev: cancel urb on -EPIPE and -EPROTO
* virtio: release virtio index when fail to device_register
* hv: kvp: Avoid reading past allocated blocks from KVP file
* isa: Prevent NULL dereference in isa_bus driver callbacks
* scsi: libsas: align sata_device's rps_resp on a cacheline
* efi: Move some sysfs files to be read-only by root
* ASN.1: fix out-of-bounds read when parsing indefinite length item
* ASN.1: check for error from ASN1_OP_END__ACT actions
* X.509: reject invalid BIT STRING for subjectPublicKey
* x86/PCI: Make broadcom_postcore_init() check acpi_disabled
* ALSA: pcm: prevent UAF in snd_pcm_info
* ALSA: seq: Remove spurious WARN_ON() at timer check
* ALSA: usb-audio: Fix out-of-bound error
* ALSA: usb-audio: Add check return value for usb_string()
* iommu/vt-d: Fix scatterlist offset handling
* s390: fix compat system call table
* kdb: Fix handling of kallsyms_symbol_next() return value
* drm: extra printk() wrapper macros
* drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU
* media: dvb: i2c transfers over usb cannot be done from stack
* arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one
* KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
* arm64: fpsimd: Prevent registers leaking from dead tasks
* ARM: BUG if jumping to usermode address in kernel mode
* ARM: avoid faulting on qemu
* scsi: storvsc: Workaround for virtual DVD SCSI version
* thp: reduce indentation level in change_huge_pmd()
* thp: fix MADV_DONTNEED vs. numa balancing race
* mm: drop unused pmdp_huge_get_and_clear_notify()
* Revert "drm/armada: Fix compile fail"
* Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA"
* Revert "s390/kbuild: enable modversions for symbols exported from asm"
* vti6: Don't report path MTU below IPV6_MIN_MTU.
* ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
* x86/hpet: Prevent might sleep splat on resume
* selftest/powerpc: Fix false failures for skipped tests
* module: set __jump_table alignment to 8
* ARM: OMAP2+: Fix device node reference counts
* ARM: OMAP2+: Release device node after it is no longer needed.
* gpio: altera: Use handle_level_irq when configured as a level_high
* HID: chicony: Add support for another ASUS Zen AiO keyboard
* usb: gadget: configs: plug memory leak
* USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
* kvm: nVMX: VMCLEAR should not cause the vCPU to shut down
* libata: drop WARN from protocol error in ata_sff_qc_issue()
* workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
* scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
* irqchip/crossbar: Fix incorrect type of register size
* KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset
* arm: KVM: Survive unknown traps from guests
* arm64: KVM: Survive unknown traps from guests
* spi_ks8995: fix "BUG: key accdaa28 not in .data!"
* bnx2x: prevent crash when accessing PTP with interface down
* bnx2x: fix possible overrun of VFPF multicast addresses array
* bnx2x: do not rollback VF MAC/VLAN filters we did not configure
* ipv6: reorder icmpv6_init() and ip6_mr_init()
* crypto: s5p-sss - Fix completing crypto request in IRQ handler
* i2c: riic: fix restart condition
* zram: set physical queue limits to avoid array out of bounds accesses
* netfilter: don't track fragmented packets
* axonram: Fix gendisk handling
* drm/amd/amdgpu: fix console deadlock if late init failed
* powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested
* EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro
* EDAC, i5000, i5400: Fix definition of NRECMEMB register
* kbuild: pkg: use --transform option to prefix paths in tar
* mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl()
* route: also update fnhe_genid when updating a route cache
* route: update fnhe_expires for redirect when the fnhe exists
* lib/genalloc.c: make the avail variable an atomic_long_t
* dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0
* NFS: Fix a typo in nfs_rename()
* sunrpc: Fix rpc_task_begin trace point
* block: wake up all tasks blocked in get_request()
* sparc64/mm: set fields in deferred pages
* sctp: do not free asoc when it is already dead in sctp_sendmsg
* sctp: use the right sk after waking up from wait_buf sleep
* atm: horizon: Fix irq release error
* jump_label: Invoke jump_label_test() via early_initcall()
* xfrm: Copy policy family in clone_policy
* IB/mlx4: Increase maximal message size under UD QP
* IB/mlx5: Assign send CQ and recv CQ of UMR QP
* afs: Connect up the CB.ProbeUuid
* ipvlan: fix ipv6 outbound device
* audit: ensure that 'audit=1' actually enables audit for PID 1
* ipmi: Stop timers before cleaning up the module
* s390: always save and restore all registers on context switch
* more bio_map_user_iov() leak fixes
* tipc: fix memory leak in tipc_accept_from_sock()
* rds: Fix NULL pointer dereference in __rds_rdma_map
* sit: update frag_off info
* packet: fix crash in fanout_demux_rollover()
* net/packet: fix a race in packet_bind() and packet_notifier()
* Revert "x86/efi: Build our own page table structures"
* Revert "x86/efi: Hoist page table switching code into efi_call_virt()"
* Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers"
* arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
* usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
* Linux 4.4.106

tags: added: kernel-stable-tracking-bug
description: updated
Khaled El Mously (kmously) wrote :

The following patches were NOT applied as they were already applied:

 * scsi: storvsc: Workaround for virtual DVD SCSI version
 * more bio_map_user_iov() leak fixes

Stefan Bader (smb) on 2018-02-20
Changed in linux (Ubuntu):
status: New → Invalid
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Stefan Bader (smb) on 2018-02-20
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (56.9 KiB)

This bug was fixed in the package linux - 4.4.0-119.143

linux (4.4.0-119.143) xenial; urgency=medium

  * linux: 4.4.0-119.143 -proposed tracker (LP: #1760327)

  * Dell XPS 13 9360 bluetooth scan can not detect any device (LP: #1759821)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"

linux (4.4.0-118.142) xenial; urgency=medium

  * linux: 4.4.0-118.142 -proposed tracker (LP: #1759607)

  * Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty) (LP: #1758869)
    - x86/microcode/AMD: Do not load when running on a hypervisor

  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in

linux (4.4.0-117.141) xenial; urgency=medium

  * linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)

  * Xenial update to 4.4.114 stable release (LP: #1754592)
    - x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
    - usbip: prevent vhci_hcd driver from leaking a socket pointer address
    - usbip: Fix implicit fallthrough warning
    - usbip: Fix potential format overflow in userspace tools
    - x86/microcode/intel: Fix BDW late-loading revision check
    - x86/retpoline: Fill RSB on context switch for affected CPUs
    - sched/deadline: Use the revised wakeup rule for suspending constrained dl
    - can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
    - can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
    - PM / sleep: declare __tracedata symbols as char[] rather than char
    - time: Avoid undefined behaviour in ktime_add_safe()
    - timers: Plug locking race vs. timer migration
    - Prevent timer value 0 for MWAITX
    - drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
    - drivers: base: cacheinfo: fix boot error message when acpi is enabled
    - PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
    - PCI: layerscape: Fix MSG TLP drop setting
    - mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
    - fs/select: add vmalloc fallback for select(2)
    - hwpoison, memcg: forcibly uncharge LRU pages
    - cma: fix calculation of aligned offset
    - mm, page_alloc: fix potential false positive in __zone_watermark_ok
    - ipc: msg, make msgrcv work with LONG_MIN
    - x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
    - ACPI / processor: Avoid reserving IO regions too early
    - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
    - ACPICA: Namespace: fix operand cache leak
    - netfilter: x_tables: speed up jump target validation
    - netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
      in 64bit kernel
    - netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
    - netfilter: nf_ct_expect: remove the redundant slash when policy name is
    - netfilter: nfnetlink_queue: reject verdict request from different portid
    - netfilter: restart search if moved to other chain
    - netfilter: nf_conntrack_sip: extend request line validation
    - netfilter: use fwmark_reflect in nf_send_reset
    - ext2: Don't clear SGID when inheriting ACLs
    - reiserfs: fix race in prealloc discard
    - re...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers