Bionic update: upstream stable patchset 2019-01-15

Bug #1811877 reported by Kamal Mostafa on 2019-01-15
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2019-01-15 (ported from v4.14.57 and v4.17.9)
       from git://

compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
x86/paravirt: Make native_save_fl() extern inline
Btrfs: fix duplicate extents after fsync of file with prealloc extents
cpufreq / CPPC: Set platform specific transition_delay_us
PCI: exynos: Fix a potential init_clk_resources NULL pointer dereference
alx: take rtnl before calling __alx_open from resume
atm: Preserve value of skb->truesize when accounting to vcc
atm: zatm: Fix potential Spectre v1
ipv6: sr: fix passing wrong flags to crypto_alloc_shash()
ipvlan: fix IFLA_MTU ignored on NEWLINK
ixgbe: split XDP_TX tail and XDP_REDIRECT map flushing
net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
net: dccp: switch rx_tstamp_last_feedback to monotonic clock
net: fix use-after-free in GRO with ESP
net: macb: Fix ptp time adjustment for large negative delta
net/mlx5e: Avoid dealing with vport representors if not being e-switch manager
net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager
net/mlx5: Fix command interface race in polling mode
net/mlx5: Fix incorrect raw command length parsing
net/mlx5: Fix required capability for manipulating MPFS
net/mlx5: Fix wrong size allocation for QoS ETC TC regitster
net: mvneta: fix the Rx desc DMA address in the Rx path
net/packet: fix use-after-free
net_sched: blackhole: tell upper qdisc about dropped packets
net: sungem: fix rx checksum support
net/tcp: Fix socket lookups with SO_BINDTODEVICE
qede: Adverstise software timestamp caps when PHC is not available.
qed: Fix setting of incorrect eswitch mode.
qed: Fix use of incorrect size in memcpy call.
qed: Limit msix vectors in kdump kernel to the minimum required count.
r8152: napi hangup fix after disconnect
stmmac: fix DMA channel hang in half-duplex mode
strparser: Remove early eaten to fix full tcp receive buffer stall
tcp: fix Fast Open key endianness
tcp: prevent bogus FRTO undos with non-SACK flows
vhost_net: validate sock before trying to put its fd
VSOCK: fix loopback on big-endian systems
net: cxgb3_main: fix potential Spectre v1
rtlwifi: Fix kernel Oops "Fw download fail!!"
rtlwifi: rtl8821ae: fix firmware is not ready to run
net: lan78xx: Fix race in tx pending skb size calculation
crypto: af_alg - Initialize sg_num_bytes in error code path
mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally
PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg()
netfilter: ebtables: reject non-bridge targets
reiserfs: fix buffer overflow with long warning messages
KEYS: DNS: fix parsing multiple options
tls: Stricter error checking in zerocopy sendmsg path
autofs: fix slab out of bounds read in getname_kernel()
nsh: set mac len based on inner packet
bdi: Fix another oops in wb_workfn()
rds: avoid unenecessary cong_update in loop transport
net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
string: drop __must_check from strscpy() and restore strscpy() usages in cgroup
nfsd: COPY and CLONE operations require the saved filehandle to be set
net/sched: act_ife: fix recursive lock and idr leak
net/sched: act_ife: preserve the action control in case of error
hinic: reset irq affinity before freeing irq
nfp: flower: fix mpls ether type detection
net: macb: initialize bp->queues[0].bp for at91rm9200
enic: do not overwrite error code
virtio_net: fix memory leak in XDP_REDIRECT
netfilter: ipv6: nf_defrag: drop skb dst before queueing
ipvs: initialize tbl->entries after allocation
ipvs: initialize tbl->entries in ip_vs_lblc_init_svc()
bpf: enforce correct alignment for instructions
bpf, arm32: fix to use bpf_jit_binary_lock_ro api

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
description: updated
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Stefan Bader (smb) on 2019-02-01
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (11.4 KiB)

This bug was fixed in the package linux - 4.15.0-46.49

linux (4.15.0-46.49) bionic; urgency=medium

  * linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)

  * mprotect fails on ext4 with dax (LP: #1799237)
    - x86/speculation/l1tf: Exempt zeroed PTEs from inversion

  * kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296! (LP: #1812086)
    - iscsi target: fix session creation failure handling
    - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
    - scsi: iscsi: target: Fix conn_ops double free

  * user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
    (LP: #1812198)
    - selftests: user: return Kselftest Skip code for skipped tests
    - selftests: kselftest: change KSFT_SKIP=4 instead of KSFT_PASS
    - selftests: kselftest: Remove outdated comment

  * RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
    - SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
    - SAUCE: Add r8822be to signature inclusion list

  * kernel oops in bcache module (LP: #1793901)
    - SAUCE: bcache: never writeback a discard operation

  * CVE-2018-18397
    - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
    - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
    - userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
    - userfaultfd: shmem: add i_size checks
    - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set

  * Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
    - HID: i2c-hid: Ignore input report if there's no data present on Elan

  * Vsock connect fails with ENODEV for large CID (LP: #1813934)
    - vhost/vsock: fix vhost vsock cid hashing inconsistent

  * SRU: Fix thinkpad 11e 3rd boot hang (LP: #1804604)
    - ACPI / LPSS: Force LPSS quirks on boot

  * Bionic update: upstream stable patchset 2019-01-17 (LP: #1812229)
    - scsi: sd_zbc: Fix variable type and bogus comment
    - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
    - x86/apm: Don't access __preempt_count with zeroed fs
    - x86/events/intel/ds: Fix bts_interrupt_threshold alignment
    - x86/MCE: Remove min interval polling limitation
    - fat: fix memory allocation failure handling of match_strdup()
    - ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
    - ARCv2: [plat-hsdk]: Save accl reg pair by default
    - ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
    - ARC: mm: allow mprotect to make stack mappings executable
    - mm: memcg: fix use after free in mem_cgroup_iter()
    - mm/huge_memory.c: fix data loss when splitting a file pmd
    - cpufreq: intel_pstate: Register when ACPI PCCH is present
    - vfio/pci: Fix potential Spectre v1
    - stop_machine: Disable preemption when waking two stopper threads
    - drm/i915: Fix hotplug irq ack on i965/g4x
    - drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
    - drm/nouveau: Avoid looping through fake MST connectors
    - gen_stats: Fix netl...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers