Bionic update: upstream stable patchset 2018-08-29

Bug #1789666 reported by Kamal Mostafa on 2018-08-29
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2018-08-29 (ported from v4.14.49 and v4.16.15)
       from git://

net : sched: cls_api: deal with egdev path only if needed
net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
net: ethernet: davinci_emac: fix error handling in probe()
net: ethernet: ti: cpdma: correct error handling for chan create
mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
l2tp: fix refcount leakage on PPPoL2TP sockets
drm: set FMODE_UNSIGNED_OFFSET for drm files
PCI: hv: Do not wait forever on a device that has disappeared
cls_flower: Fix incorrect idr release when failing to modify rule
rtnetlink: validate attributes in do_setlink()
virtio-net: fix leaking page for gso packet during mergeable XDP
net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
virtio-net: correctly check num_buf during err path
tun: Fix NULL pointer dereference in XDP redirect
net/mlx4: Fix irq-unsafe spinlock usage
virtio-net: correctly transmit XDP buff after linearizing
net-sysfs: Fix memory leak in XPS configuration
net: phy: broadcom: Fix auxiliary control register reads
ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
vrf: check the original netdevice for generating redirect
vhost: synchronize IOTLB message with dev cleanup
team: use netdev_features_t instead of u32
sctp: not allow transport timeout value less than HZ/5 for hb_timer
qed: Fix mask for physical address in ILT entry
packet: fix reserve calculation
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
net: phy: broadcom: Fix bcm_write_exp()
net/packet: refine check for priv area size
net: metrics: add proper netlink validation
net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
netdev-FAQ: clarify DaveM's position for stable backports
kcm: Fix use-after-free caused by clonned sockets
isdn: eicon: fix a missing-check bug
ipv6: omit traffic class when calculating flow hash
ipv4: remove warning in ip_recv_error
ipmr: properly check rhltable_init() return value
ip6_tunnel: remove magic mtu value 0xFFF8
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
enic: set DMA mask to 47 bit
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
bnx2x: use the right constant
be2net: Fix error detection logic for BE3
kconfig: Avoid format overflow warning from GCC 8.1
btrfs: define SUPER_FLAG_METADUMP_V2
mmap: relax file size limit for regular files
mmap: introduce sane default mmap limits
scsi: sd_zbc: Avoid that resetting a zone fails sporadically

tags: added: kernel-stable-tracking-bug
description: updated
Changed in linux (Ubuntu Bionic):
assignee: nobody → Kamal Mostafa (kamalmostafa)
status: New → In Progress
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (23.5 KiB)

This bug was fixed in the package linux - 4.15.0-36.39

linux (4.15.0-36.39) bionic; urgency=medium

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation

  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux (4.15.0-35.38) bionic; urgency=medium

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Brad Figg (brad-figg) on 2019-07-24
tags: added: cscc
Po-Hsu Lin (cypressyew) on 2019-10-03
Changed in linux (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers