Xenial update to 4.4.125 stable release

Bug #1764973 reported by Juerg Haefliger on 2018-04-18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description

SRU Justification

   The upstream process for stable tree updates is quite similar
   in scope to the Ubuntu SRU process, e.g., each patch has to
   demonstrably fix a bug, and each patch is vetted by upstream
   by originating either directly from a mainline/stable Linux tree
   or a minimally backported form of that patch. The 4.4.125 upstream
   stable stable patch set is now available. It should be included
   in the Ubuntu kernel as well.



   The following patches from the 4.4.125 stable release shall be

   * Linux 4.4.125
   * bpf, x64: increase number of passes
   * bpf: skip unnecessary capability check
   * kbuild: disable clang's default use of -fmerge-all-constants
   * staging: lustre: ptlrpc: kfree used instead of kvfree
   * perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
   * x86/entry/64: Don't use IST entry for #BP stack
   * x86/boot/64: Verify alignment of the LOAD segment
   * x86/build/64: Force the linker to use 2MB page size
   * kvm/x86: fix icebp instruction handling
   * tty: vt: fix up tabstops properly
   * can: cc770: Fix use after free in cc770_tx_interrupt()
   * can: cc770: Fix queue stall & dropped RTR reply
   * can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
   * staging: ncpfs: memory corruption in ncp_read_kernel()
   * mtd: nand: fsl_ifc: Fix nand waitfunc return value
   * tracing: probeevent: Fix to support minus offset from symbol
   * rtlwifi: rtl8723be: Fix loss of signal
   * brcmfmac: fix P2P_DEVICE ethernet address generation
   * acpi, numa: fix pxm to online numa node associations
   * drm: udl: Properly check framebuffer mmap offsets
   * drm/radeon: Don't turn off DP sink when disconnected
   * drm/vmwgfx: Fix a destoy-while-held mutex problem.
   * x86/mm: implement free pmd/pte page interfaces
   * mm/vmalloc: add interfaces to free unmapped page table
   * libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
   * libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
   * libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
   * libata: Enable queued TRIM for Samsung SSD 860
   * libata: disable LPM for Crucial BX100 SSD 500GB drive
   * libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
   * libata: remove WARN() for DMA or PIO command without data
   * libata: fix length validation of ATAPI-relayed SCSI commands
   * Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
   * clk: bcm2835: Protect sections updating shared registers
   * ahci: Add PCI-id for the Highpoint Rocketraid 644L card
   * PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
   * mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
   * ALSA: hda/realtek - Always immediately update mute LED with pin VREF
   * ALSA: aloop: Fix access to not-yet-ready substream via cable
   * ALSA: aloop: Sync stale timer before release
   * ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
   * iio: st_pressure: st_accel: pass correct platform data to init
   * MIPS: ralink: Remove ralink_halt()

Juerg Haefliger (juergh) on 2018-04-18
Changed in linux (Ubuntu):
status: New → Invalid
Juerg Haefliger (juergh) on 2018-04-18
description: updated
Stefan Bader (smb) on 2018-04-18
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) on 2018-04-18
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (59.3 KiB)

This bug was fixed in the package linux - 4.4.0-127.153

linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/64s: Move cpu_show_meltdown()
    - powerpc/64s: Enhance the information in cpu_show_meltdown()
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/64s: Wire up cpu_show_spectre_v1()
    - powerpc/64s: Wire up cpu_show_spectre_v2()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel

  * CVE-2018-3639 (x86)
    - SAUCE: Clean up IBPB and IBRS control functions and macros
    - SAUCE: Fix up IBPB and IBRS kernel parameters documentation
    - SAUCE: Remove #define X86_FEATURE_PTI
    - x86/cpufeature: Move some of the scattered feature bits to x86_capability
    - x86/cpufeature: Cleanup get_cpu_cap()
    - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
    - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
    - x86/cpufeatures: Add Intel feature bits for Speculation Control
    - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
    - x86/cpufeatures: Add AMD feature bits for Speculation Control
    - x86/msr: Add definitions for new speculation control MSRs
    - SAUCE: x86/msr: Rename MSR spec control feature bits
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
    - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
    - x86/speculation: Add <asm/msr-index.h> dependency
    - x86/cpufeatures: Clean up Spectre v2 related CPUID flags
    - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
    - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
    - SAUCE: x86: Add alternative_msr_write
    - SAUCE: x86/nospec: Simplify alternative_msr_write()
    - SAUCE: x86/bugs: Concentrate bug detection into a separate function
    - SAUCE: x86/bugs: Concentrate bug reporting into a separate function
    - arch: Introduce post-init read-only memory
    - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - SAUCE: x86/bugs, KVM: Support the combination of guest a...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers