Bionic update: upstream stable patchset 2018-05-24
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Kamal Mostafa |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2018-05-24 (ported from v4.14.36 and v4.16.4)
from git://git.
HID: i2c-hid: fix inverted return value from i2c_hid_command()
device-dax: allow MAP_SYNC to succeed
libnvdimm, dimm: handle EACCES failures from label reads
drm/i915: Fix hibernation with ACPI S0 target state
s390: add support for IBM z14 Model ZR1
HID: i2c-hid: Fix resume issue on Raydium touchscreen device
pwm: mediatek: Improve precision in rate calculation
pwm: mediatek: Fix up PWM4 and PWM5 malfunction on MT7623
clk: tegra: Mark HCLK, SCLK and EMC as critical
trace_uprobe: Use %lx to display offset
drm/amd/display: HDMI has no sound after Panel power off/on
mmc: core: Prevent bus reference leak in mmc_blk_init()
drivers/
drivers/
IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength
xprtrdma: Fix corner cases when handling device removal
xprtrdma: Fix latency regression on NUMA NFS/RDMA clients
RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access
ext4: force revalidation of directory pointer after seekdir(2)
ext4: fix offset overflow on 32-bit archs in ext4_iomap_begin()
ceph: always update atime/mtime/ctime for new inode
powerpc/64s: Fix pkey support in dt_cpu_ftrs, add CPU_FTR_PKEY bit
acpi, nfit: rework NVDIMM leaf method detection
media: rc: oops in ir_timer_keyup after device unplug
mm: hwpoison: disable memory error handling on 1GB hugepage
Bluetooth: hci_bcm: Add irq_polarity module option
writeback: safer lock nesting
media: staging: lirc_zilog: incorrect reference counting
Revert "media: lirc_zilog: driver only sends LIRCCODE"
mm/filemap.c: fix NULL pointer in page_cache_
autofs: mount point create should honour passed in mode
Don't leak MNT_INTERNAL away from internal mounts
rpc_pipefs: fix double-dput()
orangefs_kill_sb(): deal with allocation failures
hypfs_kill_super(): deal with failed allocations
jffs2_kill_sb(): deal with failed allocations
drm/i915: Correctly handle limited range YCbCr data on VLV/CHV
mmc: sdhci-pci: Only do AMD tuning for HS200
fanotify: fix logic of events on child
udf: Fix leak of UTF-16 surrogates into encoded strings
powerpc/lib: Fix off-by-one in alternate feature patching
powerpc/eeh: Fix enabling bridge MMIO windows
MIPS: memset.S: Fix clobber of v1 in last_fixup
MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
MIPS: memset.S: EVA & fault support for small_memset
MIPS: uaccess: Add micromips clobbers to bzero invocation
HID: wacom: bluetooth: send exit report for recent Bluetooth devices
HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
HID: input: fix battery level reporting on BT mice
random: add new ioctl RNDRESEEDCRNG
random: crng_reseed() should lock the crng instance that it is modifying
random: use a different mixing algorithm for add_device_
random: fix crng_ready() test
ALSA: hda - New VIA controller suppor no-snoop path
ALSA: rawmidi: Fix missing input substream checks in compat ioctls
ALSA: line6: Use correct endpoint type for midi output
drm/radeon: Fix PCIe lane width calculation
drm/radeon: add PX quirk for Asus K73TK
drm/rockchip: Clear all interrupts before requesting the IRQ
drm/amdgpu/si: implement get/set pcie_lanes asic callback
drm/amdgpu: Fix PCIe lane width calculation
drm/amdgpu/sdma: fix mask in emit_pipeline_sync
drm/amdgpu: Fix always_valid bos multiple LRU insertions.
drm/amdgpu: Add an ATPX quirk for hybrid laptop
ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
ALSA: pcm: Avoid potential races between OSS ioctls and read/write
ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
watchdog: f71808e_wdt: Fix WD_EN register read
dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4
thermal: imx: Fix race condition in imx_thermal_probe()
pwm: rcar: Fix a condition to prevent mismatch value setting to duty
clk: bcm2835: De-assert/assert PLL reset signal when appropriate
clk: mediatek: fix PWM clock source by adding a fixed-factor clock
clk: fix false-positive Wmaybe-
clk: mvebu: armada-38x: add support for missing clocks
PCI: Mark Broadcom HT1100 and HT2000 Root Port Extended Tags as broken
mmc: tmio: Fix error handling when issuing CMD23
mmc: jz4740: Fix race condition in IRQ mask update
iommu/vt-d: Fix a potential memory leak
um: Use POSIX ucontext_t instead of struct ucontext
um: Compile with modern headers
ring-buffer: Check if memory is available before allocation
nfit: skip region registration for incomplete control regions
nfit, address-
libnvdimm, namespace: use a safe lookup for dimm device name
libnvdimm, dimm: fix dpa reservation vs uninitialized label area
tpm: self test failure should not cause suspend to fail
cxl: Fix possible deadlock when processing page faults from cxllib
dmaengine: at_xdmac: fix rare residue corruption
IB/srp: Fix completion vector assignment algorithm
IB/srp: Fix srp_abort()
ALSA: pcm: Fix UAF at PCM release via PCM timer access
RDMA/rxe: Fix an out-of-bounds read
RDMA/mlx5: Protect from NULL pointer derefence
RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
dm crypt: limit the number of allocated pages
ext4: add extra checks to ext4_xattr_
ext4: add bounds checking to ext4_xattr_
ext4: move call to ext4_error() into ext4_xattr_
ext4: don't allow r/w mounts if metadata blocks overlap the superblock
ext4: always initialize the crc32c checksum driver
ext4: limit xattr size to INT_MAX
ext4: protect i_disksize update by i_data_sem in direct write path
ext4: don't update checksum of new initialized bitmaps
ext4: pass -ESHUTDOWN code to jbd2 layer
ext4: eliminate sleep from shutdown ioctl
ext4: shutdown should not prevent get_write_access
jbd2: if the journal is aborted then don't allow update of the log tail
block: use 32-bit blk_status_t on Alpha
extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO
random: use a tighter cap in credit_
irqchip/gic: Take lock when updating irq type
ASoC: topology: Fix kcontrol name string handling
ASoC: ssm2602: Replace reg_default_raw with reg_default
soc: mediatek: fix the mistaken pointer accessed when subdomains are added
HID: core: Fix size as type u32
HID: Fix hid_report_len usage
powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
powerpc/kexec_file: Fix error code when trying to load kdump kernel
powerpc/kprobes: Fix call trace due to incorrect preempt count
powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
powerpc/64: Call H_REGISTER_PROC_TBL when running as a HPT guest on POWER9
powerpc/64s: Fix dt_cpu_ftrs to have restore_cpu clear unwanted LPCR bits
CIFS: fix sha512 check in cifs_crypto_
CIFS: add sha512 secmech
CIFS: refactor crypto shash/sdesc allocation&free
i2c: i801: Restore configuration at shutdown
i2c: i801: Save register SMBSLVCMD value only once
HID: i2c-hid: fix size check and type usage
smb3: Fix root directory when server returns inode number of zero
fix smb3-encryption breakage when CONFIG_DEBUG_SG=y
cifs: fix memory leak in SMB2_open()
usb: dwc3: gadget: never call ->complete() from ->ep_queue()
usb: dwc3: pci: Properly cleanup resource
usb: dwc3: prevent setting PRTCAP to OTG from debugfs
USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
USB: gadget: f_midi: fixing a possible double-free in f_midi
ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
regmap: Fix reversed bounds check in regmap_raw_write()
x86/xen: Delay get_cpu_cap until stack canary is established
media: vsp1: Fix BRx conditional path in WPF
media: vivid: check if the cec_adapter is valid
media: atomisp_fops.c: disable atomisp_
spi: Fix unregistration of controller with fixed SPI bus number
spi: Fix scatterlist elements size in spi_map_buf
spi: atmel: init FIFOs before spi enable
ARM: dts: at91: sama5d4: fix pinctrl compatible string
ARM: dts: exynos: Fix IOMMU support for GScaler devices on Exynos5250
ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
arm: dts: mt7623: fix USB initialization fails on bananapi-r2
ARM: EXYNOS: Fix coupled CPU idle freeze on Exynos4210
KVM: arm/arm64: vgic-its: Fix potential overrun in vgic_copy_lpi_list
ARM64: dts: meson: reduce odroid-c2 eMMC maximum rate
usb: gadget: udc: core: update usb_ep_queue() documentation
phy: allwinner: sun4i-usb: poll vbus changes on A23/A33 when driving VBUS
usb: musb: gadget: misplaced out of bounds check
mm, slab: reschedule cache_reap() on the same CPU
ipc/shm: fix use-after-free of shm file via remap_file_pages()
resource: fix integer overflow at reallocation
fs/reiserfs/
task_struct: only use anon struct under randstruct plugin
mm/hmm: hmm_pfns_bad() was accessing wrong struct
mm/ksm.c: fix inconsistent accounting of zero pages
ubi: Reject MLC NAND
ubi: Fix error for write access
ubi: fastmap: Don't flush fastmap work on detach
ubifs: Check ubifs_wbuf_sync() return code
cpufreq: CPPC: Use transition_delay_us depending transition_latency
tty: make n_tty_read() always abort if hangup is in progress
CVE References
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Bionic): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
status: | New → In Progress |
description: | updated |
description: | updated |
summary: |
- Bionic update: upstream stable patchset + Bionic update: upstream stable patchset 2018-05-24 |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux - 4.15.0-24.26
---------------
linux (4.15.0-24.26) bionic; urgency=medium
* linux: 4.15.0-24.26 -proposed tracker (LP: #1776338)
* Bionic update: upstream stable patchset 2018-06-06 (LP: #1775483) netpoll in srh_encap( )- v4 pkts tagged_ multi media_changed( )
- drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
- i40e: Fix attach VF to VM issue
- tpm: cmd_ready command can be issued only after granting locality
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
- tpm: add retry logic
- Revert "ath10k: send (re)assoc peer command when NSS changed"
- bonding: do not set slave_dev npinfo before slave_enable_
bond_enslave
- ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
- ipv6: sr: fix NULL pointer dereference in seg6_do_
- KEYS: DNS: limit the length of option strings
- l2tp: check sockaddr length in pppol2tp_connect()
- net: validate attribute sizes in neigh_dump_table()
- llc: delete timers synchronously in llc_sk_free()
- tcp: don't read out-of-bounds opsize
- net: af_packet: fix race in PACKET_{R|T}X_RING
- tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
- net: fix deadlock while clearing neighbor proxy table
- team: avoid adding twice the same option to the event list
- net/smc: fix shutdown in state SMC_LISTEN
- team: fix netconsole setup over team
- packet: fix bitfield update race
- tipc: add policy for TIPC_NLA_NET_ADDR
- pppoe: check sockaddr length in pppoe_connect()
- vlan: Fix reading memory beyond skb->tail in skb_vlan_
- amd-xgbe: Add pre/post auto-negotiation phy hooks
- sctp: do not check port in sctp_inet6_cmp_addr
- amd-xgbe: Improve KR auto-negotiation and training
- strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
- amd-xgbe: Only use the SFP supported transceiver signals
- strparser: Fix incorrect strp->need_bytes value.
- net: sched: ife: signal not finding metaid
- tcp: clear tp->packets_out when purging write queue
- net: sched: ife: handle malformed tlv length
- net: sched: ife: check on metadata length
- llc: hold llc_sap before release_sock()
- llc: fix NULL pointer deref for SOCK_ZAPPED
- net: ethernet: ti: cpsw: fix tx vlan priority mapping
- virtio_net: split out ctrl buffer
- virtio_net: fix adding vids on big-endian
- KVM: s390: force bp isolation for VSIE
- s390: correct module section names for expoline code revert
- microblaze: Setup dependencies for ASM optimized lib functions
- commoncap: Handle memory allocation failure.
- scsi: mptsas: Disable WRITE SAME
- cdrom: information leak in cdrom_ioctl_
- m68k/mac: Don't remap SWIM MMIO region
- block/swim: Check drive type
- block/swim: Don't log an error message for an invalid ioctl
- block/swim: Remove extra put_disk() call from error path
- block/swim: Rename macros to avoid inconsistent inverted logic
- block/swim: Select appropriate drive on device open
- block/swim: Fix array bounds check
- block/swim: Fix IO error at end of medium
-...