Bionic update: upstream stable patchset 2018-08-31

Bug #1790188 reported by Kamal Mostafa on 2018-08-31
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2018-08-31 (ported from v4.14.50 and v4.16.16)
       from git://git.kernel.org/

usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc
usb: gadget: udc: renesas_usb3: should remove debugfs
usb: gadget: udc: renesas_usb3: fix double phy_put()
usb: typec: wcove: Remove dependency on HW FSM
crypto: omap-sham - fix memleak
crypto: vmx - Remove overly verbose printk from AES XTS init
crypto: vmx - Remove overly verbose printk from AES init routines
crypto: caam - fix size of RSA prime factor q
crypto: caam/qi - fix IV DMA mapping and updating
crypto: caam - fix IV DMA mapping and updating
crypto: caam - fix DMA mapping dir for generated IV
crypto: caam - strip input zeros from RSA input buffer
Input: goodix - add new ACPI id for GPD Win 2 touch screen
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
tty: pl011: Avoid spuriously stuck-off interrupts
vmw_balloon: fixing double free when batching mode is off
serial: 8250: omap: Fix idling of clocks for unused uarts
serial: samsung: fix maxburst parameter for DMA transactions
tty/serial: atmel: use port->name as name in request_irq()
serial: sh-sci: Stop using printk format %pCr
usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting
usb: gadget: function: printer: avoid wrong list handling in printer_write()
phy: qcom-qusb2: Fix crash if nvmem cell not specified
Input: xpad - add GPD Win 2 Controller USB IDs
usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
usbip: vhci_sysfs: fix potential Spectre v1
NFC: pn533: don't send USB data off of the stack
staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system
KVM: x86: introduce linear_{read,write}_system
KVM: X86: Fix reserved bits check for MOV to CR3
gpio: No NULL owner
af_key: Always verify length of provided sadb_key
blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump()

tags: added: kernel-stable-tracking-bug
description: updated
Changed in linux (Ubuntu Bionic):
assignee: nobody → Kamal Mostafa (kamalmostafa)
status: New → In Progress
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (23.5 KiB)

This bug was fixed in the package linux - 4.15.0-36.39

---------------
linux (4.15.0-36.39) bionic; urgency=medium

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation

  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux (4.15.0-35.38) bionic; urgency=medium

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Brad Figg (brad-figg) on 2019-07-24
tags: added: cscc
Po-Hsu Lin (cypressyew) on 2020-01-08
Changed in linux (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers