Disco update: 4.19.20 upstream stable release

Bug #1815090 reported by Seth Forshee on 2019-02-07
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Seth Forshee
Disco
Medium
Seth Forshee

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.19.20 upstream stable release
       from git://git.kernel.org/

Linux 4.19.20
cifs: Always resolve hostname before reconnecting
md/raid5: fix 'out of memory' during raid cache recovery
of: overlay: do not duplicate properties from overlay for new nodes
of: overlay: use prop add changeset entry for property in new nodes
of: overlay: add missing of_node_get() in __of_attach_node_sysfs
of: overlay: add tests to validate kfrees from overlay removal
of: Convert to using %pOFn instead of device_node.name
mm: migrate: don't rely on __PageMovable() of newpage after unlocking it
mm: hwpoison: use do_send_sig_info() instead of force_sig()
mm, oom: fix use-after-free in oom_kill_process
mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages
oom, oom_reaper: do not enqueue same task twice
mm/hugetlb.c: teach follow_hugetlb_page() to handle FOLL_NOWAIT
kernel/exit.c: release ptraced tasks before zap_pid_ns_processes
btrfs: On error always free subvol_name in btrfs_mount
Btrfs: fix deadlock when allocating tree block during leaf/node split
mmc: sdhci-iproc: handle mmc_of_parse() errors during probe
platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes
platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK
IB/hfi1: Remove overly conservative VM_EXEC flag check
ALSA: hda/realtek - Fixed hp_pin no value
ALSA: usb-audio: Add Opus #3 to quirks for native DSD support
mmc: mediatek: fix incorrect register setting of hs400_cmd_int_delay
mmc: bcm2835: Fix DMA channel leak on probe error
gfs2: Revert "Fix loop in gfs2_rbm_find"
gpio: sprd: Fix incorrect irq type setting for the async EIC
gpio: sprd: Fix the incorrect data register
gpio: pcf857x: Fix interrupts on multiple instances
gpiolib: fix line event timestamps for nested irqs
gpio: altera-a10sr: Set proper output level for direction_output
arm64: hibernate: Clean the __hyp_text to PoC after resume
arm64: hyp-stub: Forbid kprobing of the hyp-stub
arm64: Do not issue IPIs for user executable ptes
arm64: kaslr: ensure randomized quantities are clean also when kaslr is off
ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment
NFS: Fix up return value on fatal errors in nfs_page_async_flush()
selftests/seccomp: Enhance per-arch ptrace syscall skip tests
iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions()
fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()
CIFS: Do not consider -ENODATA as stat failure for reads
CIFS: Fix trace command logging for SMB2 reads and writes
CIFS: Do not count -ENODATA as failure for query directory
virtio_net: Differentiate sk_buff and xdp_frame on freeing
virtio_net: Use xdp_return_frame to free xdp_frames on destroying vqs
virtio_net: Don't process redirected XDP frames when XDP is disabled
virtio_net: Fix out of bounds access of sq
virtio_net: Fix not restoring real_num_rx_queues
virtio_net: Don't call free_old_xmit_skbs for xdp_frames
virtio_net: Don't enable NAPI when interface is down
sctp: set flow sport from saddr only when it's 0
sctp: set chunk transport correctly when it's a new asoc
Revert "net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager"
ip6mr: Fix notifiers call on mroute_clean_tables()
net/mlx5e: Allow MAC invalidation while spoofchk is ON
sctp: improve the events for sctp stream adding
net: ip6_gre: always reports o_key to userspace
ucc_geth: Reset BQL queue when stopping device
tun: move the call to tun_set_real_num_queues
sctp: improve the events for sctp stream reset
ravb: expand rx descriptor data to accommodate hw checksum
net: set default network namespace in init_dummy_netdev()
net/rose: fix NULL ax25_cb kernel panic
netrom: switch to sock timer API
net/mlx4_core: Add masking for a few queries on HCA caps
net: ip_gre: use erspan key field for tunnel lookup
net: ip_gre: always reports o_key to userspace
l2tp: fix reading optional fields of L2TPv3
l2tp: copy 4 more bytes to linear part if necessary
ipvlan, l3mdev: fix broken l3s mode wrt local routes
ipv6: sr: clear IP6CB(skb) on SRH ip4ip6 encapsulation
ipv6: Consider sk_bound_dev_if when binding a socket to an address
drm/msm/gpu: fix building without debugfs
Fix "net: ipv4: do not handle duplicate fragments as overlapping"

The following patches from this stable update had already been applied:

vhost: fix OOB in get_rx_bufs()

CVE References

Seth Forshee (sforshee) on 2019-02-07
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Disco):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → Medium
status: Confirmed → In Progress
description: updated
Changed in linux (Ubuntu Disco):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (12.4 KiB)

This bug was fixed in the package linux - 4.19.0-13.14

---------------
linux (4.19.0-13.14) disco; urgency=medium

  * linux: 4.19.0-13.14 -proposed tracker (LP: #1815103)

  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Packaging] autoreconstruct -- base tag is always primary mainline version

  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive

  * Disco update: 4.19.20 upstream stable release (LP: #1815090)
    - Fix "net: ipv4: do not handle duplicate fragments as overlapping"
    - drm/msm/gpu: fix building without debugfs
    - ipv6: Consider sk_bound_dev_if when binding a socket to an address
    - ipv6: sr: clear IP6CB(skb) on SRH ip4ip6 encapsulation
    - ipvlan, l3mdev: fix broken l3s mode wrt local routes
    - l2tp: copy 4 more bytes to linear part if necessary
    - l2tp: fix reading optional fields of L2TPv3
    - net: ip_gre: always reports o_key to userspace
    - net: ip_gre: use erspan key field for tunnel lookup
    - net/mlx4_core: Add masking for a few queries on HCA caps
    - netrom: switch to sock timer API
    - net/rose: fix NULL ax25_cb kernel panic
    - net: set default network namespace in init_dummy_netdev()
    - ravb: expand rx descriptor data to accommodate hw checksum
    - sctp: improve the events for sctp stream reset
    - tun: move the call to tun_set_real_num_queues
    - ucc_geth: Reset BQL queue when stopping device
    - net: ip6_gre: always reports o_key to userspace
    - sctp: improve the events for sctp stream adding
    - net/mlx5e: Allow MAC invalidation while spoofchk is ON
    - ip6mr: Fix notifiers call on mroute_clean_tables()
    - Revert "net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager"
    - sctp: set chunk transport correctly when it's a new asoc
    - sctp: set flow sport from saddr only when it's 0
    - virtio_net: Don't enable NAPI when interface is down
    - virtio_net: Don't call free_old_xmit_skbs for xdp_frames
    - virtio_net: Fix not restoring real_num_rx_queues
    - virtio_net: Fix out of bounds access of sq
    - virtio_net: Don't process redirected XDP frames when XDP is disabled
    - virtio_net: Use xdp_return_frame to free xdp_frames on destroying vqs
    - virtio_net: Differentiate sk_buff and xdp_frame on freeing
    - CIFS: Do not count -ENODATA as failure for query directory
    - CIFS: Fix trace command logging for SMB2 reads and writes
    - CIFS: Do not consider -ENODATA as stat failure for reads
    - fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()
    - iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions()
    - selftests/seccomp: Enhance per-arch ptrace syscall skip tests
    - NFS: Fix up return value on fatal errors in nfs_page_async_flush()
    - ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment
    - arm64: kaslr: ensure randomized quantities are clean also when kaslr is off
    - arm64: Do not issue IPIs for user executable ptes
    - arm64: hyp-stub: Forbid kprobing of the hyp-stub
    - arm64: hibernate: Clean the __hyp_text to PoC after resume
    - gpio: altera...

Changed in linux (Ubuntu Disco):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers