Xenial update to 4.4.115 stable release

Bug #1755509 reported by Juerg Haefliger on 2018-03-13
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description

SRU Justification

   The upstream process for stable tree updates is quite similar
   in scope to the Ubuntu SRU process, e.g., each patch has to
   demonstrably fix a bug, and each patch is vetted by upstream
   by originating either directly from a mainline/stable Linux tree
   or a minimally backported form of that patch. The 4.4.115 upstream
   stable stable patch set is now available. It should be included
   in the Ubuntu kernel as well.



   The following patches from the 4.4.115 stable release shall be

   * loop: fix concurrent lo_open/lo_release
   * bpf: fix branch pruning logic
   * x86: bpf_jit: small optimization in emit_bpf_tail_call()
   * bpf: fix bpf_tail_call() x64 JIT
   * bpf: introduce BPF_JIT_ALWAYS_ON config
   * bpf: arsh is not supported in 32 bit alu thus reject it
   * bpf: avoid false sharing of map refcount with max_entries
   * bpf: fix divides by zero
   * bpf: fix 32-bit divide by zero
   * bpf: reject stores into ctx via st and xadd
   * x86/pti: Make unpoison of pgd for trusted boot work for real
   * kaiser: fix intel_bts perf crashes
   * ALSA: seq: Make ioctls race-free
   * crypto: aesni - handle zero length dst buffer
   * crypto: af_alg - whitelist mask and type
   * power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
   * gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
   * gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
   * mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
   * igb: Free IRQs when device is hotplugged
   * KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure
   * KVM: x86: Don't re-execute instruction when not passing CR2 value
   * KVM: X86: Fix operand/address-size during instruction decoding
   * KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
   * KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered
   * KVM: x86: ioapic: Preserve read-only values in the redirection table
   * ACPI / bus: Leave modalias empty for devices which are not present
   * cpufreq: Add Loongson machine dependencies
   * bcache: check return value of register_shrinker
   * drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode
   * drm/amdkfd: Fix SDMA ring buffer size calculation
   * drm/amdkfd: Fix SDMA oversubsription handling
   * openvswitch: fix the incorrect flow action alloc size
   * mac80211: fix the update of path metric for RANN frame
   * btrfs: fix deadlock when writing out space cache
   * KVM: VMX: Fix rflags cache during vCPU reset
   * xen-netfront: remove warning when unloading module
   * nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
   * nfsd: Ensure we check stateid validity in the seqid operation checks
   * grace: replace BUG_ON by WARN_ONCE in exit_net hook
   * nfsd: check for use of the closed special stateid
   * lockd: fix "list_add double add" caused by legacy signal interface
   * hwmon: (pmbus) Use 64bit math for DIRECT format values
   * net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit
   * quota: Check for register_shrinker() failure.
   * SUNRPC: Allow connect to return EHOSTUNREACH
   * kmemleak: add scheduling point to kmemleak_scan()
   * drm/omap: Fix error handling path in 'omap_dmm_probe()'
   * xfs: ubsan fixes
   * scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path
   * scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg
   * media: usbtv: add a new usbid
   * usb: gadget: don't dereference g until after it has been null checked
   * staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
   * usb: option: Add support for FS040U modem
   * USB: serial: pl2303: new device id for Chilitag
   * USB: cdc-acm: Do not log urb submission errors on disconnect
   * CDC-ACM: apply quirk for card reader
   * USB: serial: io_edgeport: fix possible sleep-in-atomic
   * usbip: prevent bind loops on devices attached to vhci_hcd
   * usbip: list: don't list devices attached to vhci_hcd
   * USB: serial: simple: add Motorola Tetra driver
   * usb: f_fs: Prevent gadget unbind if it is already unbound
   * usb: uas: unconditionally bring back host after reset
   * selinux: general protection fault in sock_has_perm
   * serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS
   * spi: imx: do not access registers while clocks disabled
   * Linux 4.4.115

CVE References

Juerg Haefliger (juergh) on 2018-03-13
Changed in linux (Ubuntu):
status: New → Invalid
Juerg Haefliger (juergh) on 2018-03-13
description: updated
Juerg Haefliger (juergh) on 2018-03-13
description: updated
Juerg Haefliger (juergh) on 2018-03-13
description: updated
Juerg Haefliger (juergh) on 2018-03-13
description: updated
description: updated
Juerg Haefliger (juergh) on 2018-03-14
description: updated
description: updated
Juerg Haefliger (juergh) on 2018-03-14
description: updated
description: updated
description: updated
Juerg Haefliger (juergh) wrote :

Skipped the following patches (previously applied already):
   * bpf: fix branch pruning logic
   * loop: fix concurrent lo_open/lo_release

Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (17.7 KiB)

This bug was fixed in the package linux - 4.4.0-121.145

linux (4.4.0-121.145) xenial; urgency=medium

  * linux: 4.4.0-121.145 -proposed tracker (LP: #1763687)

  * Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
    - [Config] arm64: disable BPF_JIT_ALWAYS_ON

linux (4.4.0-120.144) xenial; urgency=medium

  * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)

  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch

  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - x86/asm: Stop depending on ptrace.h in alternative.h
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - SAUCE: modpost: add discard to non-allocatable whitelist
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] final-checks -- remove check for empty retpoline files

  * Xenial update to 4.4.117 stable release (LP: #1756860)
    - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
    - PM / devfreq: Propagate error from devfreq_add_device()
    - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
    - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
    - arm: spear600: Add missing interrupt-parent of rtc
    - arm: spear13xx: Fix dmas cells
    - arm: spear13xx: Fix spics gpio controller's warning
    - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
    - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
      by always inlining iterator helper methods
    - x86/cpu: Change type of x86_cache_size variable to unsigned int
    - drm/radeon: adjust tested variable
    - rtc-opal: Fix handling of firmware error codes, prevent busy loops
    - ext4: save error to disk in __ext4_grp_locked_error()
    - ext4: correct documentation for grpid mount option
    - mm: hide a #warning fo...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers