Xenial update: 4.4.175 upstream stable release

Bug #1818813 reported by Juerg Haefliger on 2019-03-06
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned

Bug Description

    SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.4.175 upstream stable release
       from git://git.kernel.org/

Linux 4.4.175
uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
pinctrl: msm: fix gpio-hog related boot issues
usb: dwc2: Remove unnecessary kfree
kaweth: use skb_cow_head() to deal with cloned skbs
ch9200: use skb_cow_head() to deal with cloned skbs
smsc95xx: Use skb_cow_head to deal with cloned skbs
dm thin: fix bug where bio that overwrites thin block ignores FUA
x86/a.out: Clear the dump structure initially
signal: Restore the stop PTRACE_EVENT_EXIT
x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
tracing/uprobes: Fix output for multiple string arguments
alpha: Fix Eiger NR_IRQS to 128
alpha: fix page fault handling for r16-r18 targets
Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
Input: bma150 - register input device after setting private data
ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
ALSA: hda - Add quirk for HP EliteBook 840 G5
perf/core: Fix impossible ring-buffer sizes warning
Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK
Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G"
Documentation/network: reword kernel version reference
cifs: Limit memory used by lock request calls to a page
gpio: pl061: handle failed allocations
ARM: dts: kirkwood: Fix polarity of GPIO fan lines
ARM: dts: da850-evm: Correct the sound card name
uapi/if_ether.h: prevent redefinition of struct ethhdr
Revert "exec: load_script: don't blindly truncate shebang string"
batman-adv: Force mac header to start of data on xmit
batman-adv: Avoid WARN on net_device without parent in netns
xfrm: refine validation of template and selector families
libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive()
Revert "cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)"
NFC: nxp-nci: Include unaligned.h instead of access_ok.h
HID: debug: fix the ring buffer implementation
drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user
drm/vmwgfx: Fix setting of dma masks
drm/modes: Prevent division by zero htotal
mac80211: ensure that mgmt tx skbs have tailroom for encryption
ARM: iop32x/n2100: fix PCI IRQ mapping
MIPS: VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds
MIPS: OCTEON: don't set octeon_dma_bar_type if PCI is disabled
mips: cm: reprime error cause
debugfs: fix debugfs_rename parameter checking
misc: vexpress: Off by one in vexpress_syscfg_exec()
signal: Better detection of synchronous signals
signal: Always notice exiting tasks
mtd: rawnand: gpmi: fix MX28 bus master lockup problem
perf tests evsel-tp-sched: Fix bitwise operator
perf/core: Don't WARN() for impossible ring-buffer sizes
x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out()
perf/x86/intel/uncore: Add Node ID mask
KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
usb: gadget: udc: net2272: Fix bitwise and boolean operations
usb: phy: am335x: fix race condition in _probe
dmaengine: imx-dma: fix wrong callback invoke
fuse: handle zero sized retrieve correctly
fuse: decrement NR_WRITEBACK_TEMP on the right page
fuse: call pipe_buf_release() under pipe lock
ALSA: hda - Serialize codec registrations
ALSA: compress: Fix stop handling on compressed capture streams
net: dsa: slave: Don't propagate flag changes on down slave interfaces
net: systemport: Fix WoL with password after deep sleep
skge: potential memory corruption in skge_get_regs()
net: dp83640: expire old TX-skb
enic: fix checksum validation for IPv6
dccp: fool proof ccid_hc_[rt]x_parse_options()
string: drop __must_check from strscpy() and restore strscpy() usages in cgroup
tipc: use destination length for copy string
test_hexdump: use memcpy instead of strncpy
thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set
exec: load_script: don't blindly truncate shebang string
fs/epoll: drop ovflist branch prediction
kernel/hung_task.c: break RCU locks based on jiffies
HID: lenovo: Add checks to fix of_led_classdev_register
block/swim3: Fix -EBUSY error when re-opening device after unmount
gdrom: fix a memory leak bug
isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw()
ocfs2: don't clear bh uptodate for block read
scripts/decode_stacktrace: only strip base path when a prefix of the path
niu: fix missing checks of niu_pci_eeprom_read
um: Avoid marking pages with "changed protection"
cifs: check ntwrk_buf_start for NULL before dereferencing it
crypto: ux500 - Use proper enum in hash_set_dma_transfer
crypto: ux500 - Use proper enum in cryp_set_dma_transfer
seq_buf: Make seq_buf_puts() null-terminate the buffer
hwmon: (lm80) fix a missing check of bus read in lm80 probe
hwmon: (lm80) fix a missing check of the status of SMBus read
NFS: nfs_compare_mount_options always compare auth flavors.
KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
fbdev: fbcon: Fix unregister crash when more than one framebuffer
igb: Fix an issue that PME is not enabled during runtime suspend
fbdev: fbmem: behave better with small rotated displays and many CPUs
video: clps711x-fb: release disp device node in probe()
drbd: Avoid Clang warning about pointless switch statment
drbd: skip spurious timeout (ping-timeo) when failing promote
drbd: disconnect, if the wrong UUIDs are attached on a connected peer
drbd: narrow rcu_read_lock in drbd_sync_handshake
cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
Bluetooth: Fix unnecessary error message for HCI request completion
xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
mac80211: fix radiotap vendor presence bitmap handling
powerpc/uaccess: fix warning/error with access_ok()
arm64: KVM: Skip MMIO insn after emulation
tty: serial: samsung: Properly set flags in autoCTS mode
memstick: Prevent memstick host from getting runtime suspended during card detection
ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
ARM: pxa: avoid section mismatch warning
udf: Fix BUG on corrupted inode
i2c-axxia: check for error conditions first
cpuidle: big.LITTLE: fix refcount leak
clk: imx6sl: ensure MMDC CH0 handshake is bypassed
sata_rcar: fix deferred probing
iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
mips: bpf: fix encoding bug for mm_srlv32_op
ARM: dts: Fix OMAP4430 SDP Ethernet startup
timekeeping: Use proper seqcount initializer
usb: hub: delay hub autosuspend if USB3 port is still link training
smack: fix access permissions for keyring
media: DaVinci-VPBE: fix error handling in vpbe_initialize()
x86/fpu: Add might_fault() to user_insn()
ARM: dts: mmp2: fix TWSI2
arm64: ftrace: don't adjust the LR value
nfsd4: fix crash on writing v4_end_grace before nfsd startup
sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
f2fs: fix wrong return value of f2fs_acl_create
f2fs: move dir data flush to write checkpoint process
soc/tegra: Don't leak device tree node reference
perf tools: Add Hygon Dhyana support
modpost: validate symbol names also in find_elf_symbol
ARM: OMAP2+: hwmod: Fix some section annotations
staging: iio: ad7780: update voltage on read
staging:iio:ad2s90: Make probe handle spi_setup failure
ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
serial: fsl_lpuart: clear parity enable bit when disable parity
powerpc/pseries: add of_node_put() in dlpar_detach_node()
x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
dlm: Don't swamp the CPU with callbacks queued during recovery
ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
scsi: lpfc: Correct LCB RJT handling
ASoC: Intel: mrfld: fix uninitialized variable access
staging: iio: adc: ad7280a: handle error from __ad7280_read32()
drm/bufs: Fix Spectre v1 vulnerability

Juerg Haefliger (juergh) wrote :

List of already applied patches:
  * KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
  * KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
  * igb: Fix an issue that PME is not enabled during runtime suspend

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (26.1 KiB)

This bug was fixed in the package linux - 4.4.0-145.171

---------------
linux (4.4.0-145.171) xenial; urgency=medium

  * linux: 4.4.0-145.171 -proposed tracker (LP: #1821724)

  * linux-generic should depend on linux-base >=4.1 (LP: #1820419)
    - [Packaging] Fix linux-base dependency

linux (4.4.0-144.170) xenial; urgency=medium

  * linux: 4.4.0-144.170 -proposed tracker (LP: #1819660)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype

  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()

  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt

  * Xenial update: 4.4.176 upstream stable release (LP: #1818815)
    - net: fix IPv6 prefix route residue
    - vsock: cope with memory allocation failure at socket creation time
    - hwmon: (lm80) Fix missing unlock on error in set_fan_div()
    - net: Fix for_each_netdev_feature on Big endian
    - net: Add header for usage of fls64()
    - tcp: tcp_v4_err() should be more careful
    - net: Do not allocate page fragments that are not skb aligned
    - tcp: clear icsk_backoff in tcp_write_queue_purge()
    - vxlan: test dev->flags & IFF_UP before calling netif_rx()
    - net: stmmac: Fix a race in EEE enable callback
    - net: ipv4: use a dedicated counter for icmp_v4 redirect packets
    - x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32
    - mfd: as3722: Handle interrupts on suspend
    - mfd: as3722: Mark PM functions as __maybe_unused
    - net/x25: do not hold the cpu too long in x25_new_lci()
    - mISDN: fix a race in dev_expire_timer()
    - ax25: fix possible use-after-free
    - Linux 4.4.176

  * sky2 ethernet card don't work after returning from suspension
    (LP: #1798921) // Xenial update: 4.4.176 upstream stable release
    (LP: #1818815)
    - sky2: Increase D3 delay again

  * Xenial update: 4.4.175 upstream stable release (LP: #1818813)
    - drm/bufs: Fix Spectre v1 vulnerability
    - staging: iio: adc: ad7280a: handle error from __ad7280_read32()
    - ASoC: Intel: mrfld: fix uninitialized variable access
    - scsi: lpfc: Correct LCB RJT handling
    - ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
    - dlm: Don't swamp the CPU with callbacks queued during recovery
    - x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
    - powerpc/pseries: add of_node_put() in dlpar_detach_node()
    - serial: fsl_lpuart: clear parity enable bit when disable parity
    - ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
    - staging:iio:ad2s90: Make probe handle spi_setup failure
    - staging: iio: ad7780: update voltage on read
    - ARM: OMAP2+: hwmod: Fix some section annotations
    - modpost: validate symbol names also in find_elf_symbol
    - perf tools: Add Hygon Dhyana support
    - soc/tegra: Don't leak device tree node reference
    - f2fs: move dir data flush to write checkpoint process
    - f2fs: fix wrong return value of f2fs_acl_create
    - sunvdc: Do not spin in an infin...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers