Xenial update to 4.4.152 stable release

Bug #1792377 reported by Stefan Bader on 2018-09-13
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.152 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

The following patches from the 4.4.152 stable release shall be applied:
* ARC: Explicitly add -mmedium-calls to CFLAGS
* netfilter: ipv6: nf_defrag: reduce struct net memory waste
* selftests: pstore: return Kselftest Skip code for skipped tests
* selftests: static_keys: return Kselftest Skip code for skipped tests
* selftests: user: return Kselftest Skip code for skipped tests
* selftests: zram: return Kselftest Skip code for skipped tests
* selftests: sync: add config fragment for testing sync framework
* ARM: dts: Cygnus: Fix I2C controller interrupt type
* usb: dwc2: fix isoc split in transfer with no data
* usb: gadget: composite: fix delayed_status race condition when set_interface
* usb: gadget: dwc2: fix memory leak in gadget_init()
* scsi: xen-scsifront: add error handling for xenbus_printf
* arm64: make secondary_start_kernel() notrace
* qed: Add sanity check for SIMD fastpath handler.
* enic: initialize enic->rfs_h.lock in enic_probe
* net: hamradio: use eth_broadcast_addr
* net: propagate dev_get_valid_name return code
* ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
* net: davinci_emac: match the mdio device against its compatible if possible
* locking/lockdep: Do not record IRQ state within lockdep code
* ipv6: mcast: fix unsolicited report interval after receiving querys
* Smack: Mark inode instant in smack_task_to_inode
* cxgb4: when disabling dcb set txq dcb priority to 0
* brcmfmac: stop watchdog before detach and free everything
* ARM: dts: am437x: make edt-ft5x06 a wakeup source
* usb: xhci: increase CRS timeout value
* perf test session topology: Fix test on s390
* perf report powerpc: Fix crash if callchain is empty
* selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
* ARM: dts: da850: Fix interrups property for gpio
* dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
* md/raid10: fix that replacement cannot complete recovery after reassemble
* drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
* drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
* drm/exynos: decon5433: Fix WINCONx reset value
* bnx2x: Fix receiving tx-timeout in error or recovery state.
* m68k: fix "bad page state" oops on ColdFire boot
* HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
* ARM: imx_v6_v7_defconfig: Select ULPI support
* ARM: imx_v4_v5_defconfig: Select ULPI support
* tracing: Use __printf markup to silence compiler
* kasan: fix shadow_size calculation error in kasan_module_alloc
* smsc75xx: Add workaround for gigabit link up hardware errata.
* netfilter: x_tables: set module owner for icmp(6) matches
* ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
* ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
* ieee802154: at86rf230: use __func__ macro for debug messages
* ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
* drm/armada: fix colorkey mode property
* bnxt_en: Fix for system hang if request_irq fails
* perf llvm-utils: Remove bashism from kernel include fetch script
* ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
* ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
* ixgbe: Be more careful when modifying MAC filters
* packet: reset network header if packet shorter than ll reserved space
* qlogic: check kstrtoul() for errors
* tcp: remove DELAYED ACK events in DCTCP
* drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
* net/ethernet/freescale/fman: fix cross-build error
* net: usb: rtl8150: demote allmulti message to dev_dbg()
* net: qca_spi: Avoid packet drop during initial sync
* net: qca_spi: Make sure the QCA7000 reset is triggered
* net: qca_spi: Fix log level if probe fails
* tcp: identify cryptic messages as TCP seq # bugs
* staging: android: ion: check for kref overflow
* KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
* ext4: fix spectre gadget in ext4_mb_regular_allocator()
* parisc: Remove ordered stores from syscall.S
* xfrm_user: prevent leaking 2 bytes of kernel memory
* netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
* packet: refine ring v3 block size test to hold one frame
* bridge: Propagate vlan add failure to user
* parisc: Remove unnecessary barriers from spinlock.h
* PCI: hotplug: Don't leak pci_slot on registration failure
* PCI: Skip MPS logic for Virtual Functions (VFs)
* PCI: pciehp: Fix use-after-free on unplug
* i2c: imx: Fix race condition in dma read
* reiserfs: fix broken xattr handling (heap corruption, bad retval)
* Linux 4.4.152

CVE References

Stefan Bader (smb) wrote :

Surprisingly, for a large update, all patches applied cleanly.

tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
description: updated
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (28.0 KiB)

This bug was fixed in the package linux - 4.4.0-138.164

---------------
linux (4.4.0-138.164) xenial; urgency=medium

  * linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)

  * Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
    - powerpc/fadump: Return error when fadump registration fails

  * Kernel hang on drive pull caused by regression introduced by commit
    287922eb0b18 (LP: #1791790)
    - block: Fix a race between blk_cleanup_queue() and timeout handling

  * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer

  * Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active

  * Bugfix for handling of shadow doorbell buffer (LP: #1788222)
    - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event

  * Xenial update to 4.4.155 stable release (LP: #1792419)
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - net: lan78xx: Fix misplaced tasklet_schedule() call
    - spi: davinci: fix a NULL pointer dereference
    - drm/i915/userptr: reject zero user_size
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
    - 9p/virtio: fix off-by-one error in sg list bounds check
    - net/9p/client.c: version pointer uninitialized
    - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
      kfree()
    - dm cache metadata: save in-core policy_hint_size to on-disk superblock
    - iio: ad9523: Fix displayed phase
    - iio: ad9523: Fix return value for ad952x_store()
    - vmw_balloon: fix inflation of 64-bit GFNs
    - vmw_balloon: do not use 2MB without batching
    - vmw_balloon: VMCI_DOORBELL_SET does not check status
    - vmw_balloon: fix VMCI use when balloon built into kernel
    - tracing: Do not call start/stop() functions when tracing_on does not change
    - tracing/blktrace: Fix to allow setting same value
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - uprobes: Use synchronize_rcu() not synchronize_sched()
    - 9p: fix multiple NULL-pointer-dereferences
    - PM / sleep: wakeup: Fix build error caused by missing SRCU support
    - pnfs/blocklayout: off by one in bl_map_stripe()
    - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - iommu/vt-d: Add definitions for PFSID
    - iommu/vt-d: Fix dev iotlb pfsid use
    - osf_getdomainname(): use copy_to_user()
    - sys: don't hold uts_sem while accessing userspace memory
    - userns: move user access out of the mutex
    - ubifs: Fix memory leak in lprobs self-check
    - Revert "UBIFS: Fix potential integer overflow in allocation"
    - ubifs: Check data node size before truncate
    - ubifs: Fix synced_i_size calculation for xattr inodes
    - pwm: ti...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers