Bionic update: upstream stable patchset 2018-08-24

Bug #1788897 reported by Kamal Mostafa on 2018-08-24
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2018-08-24 (ported from v4.14.48 and v4.16.14)
       from git://

x86/MCE/AMD: Cache SMCA MISC block addresses
x86/mce/AMD: Carve out SMCA get_block_address() code
x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
x86/mce/AMD: Pass the bank number to smca_get_bank_type()
x86/MCE/AMD: Define a function to get SMCA bank type
iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after resume
nvme: fix extended data LBA supported setting
drm/vmwgfx: Fix host logging / guestinfo reading error paths
drm/vmwgfx: Use kasprintf
drm/i915: Disable LVDS on Radiant P845
drm/i915/lvds: Move acpi lid notification registration to registration phase
drm/psr: Fix missed entry in PSR setup time table.
intel_th: Use correct device when freeing buffers
Revert "rt2800: use TXOP_BACKOFF for probe frames"
mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty()
IB/core: Fix error code for invalid GID entry
hwtracing: stm: fix build error on some arches
stm class: Use vmalloc for the master map
scsi: scsi_transport_srp: Fix shost to rport translation
MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
MIPS: lantiq: gphy: Drop reboot/remove reset asserts
iio: adc: select buffer for at91-sama5d2_adc
iio:kfifo_buf: check for uint overflow
iio:buffer: make length types match kfifo types
iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ
tcp: avoid integer overflows in tcp_rcv_space_adjust()
kbuild: clang: disable unused variable warnings only when constant
platform/chrome: cros_ec_lpc: remove redundant pointer request
rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
drm/amd/powerplay: Fix enum mismatch
cfg80211: further limit wiphy names to 64 bytes
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
tracing: Make the snapshot trigger work with instances
tracing: Fix crash when freeing instances with event triggers
Input: elan_i2c_smbus - fix corrupted stack
Input: synaptics - add Lenovo 80 series ids to SMBus
Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI
xfs: detect agfl count corruption and reset agfl
xfs: convert XFS_AGFL_SIZE to a helper function
objtool: Fix "noreturn" detection for recursive sibling calls
objtool: Detect RIP-relative switch table references, part 2
objtool: Detect RIP-relative switch table references
objtool: Support GCC 8 switch tables
objtool: Support GCC 8's cold subfunctions
mm: fix the NULL mapping case in __isolate_lru_page()
fix io_destroy()/aio_complete() race

tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (23.5 KiB)

This bug was fixed in the package linux - 4.15.0-36.39

linux (4.15.0-36.39) bionic; urgency=medium

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation

  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux (4.15.0-35.38) bionic; urgency=medium

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Brad Figg (brad-figg) on 2019-07-24
tags: added: cscc
Po-Hsu Lin (cypressyew) on 2020-01-08
Changed in linux (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers