Disco update: 5.0.16 upstream stable release

Bug #1835580 reported by Connor Kuehl on 2019-07-05
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Disco
Medium
Stefan Bader

Bug Description

    SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       5.0.16 upstream stable release
       from git://git.kernel.org/

Connor Kuehl (connork) on 2019-07-05
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Disco):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Connor Kuehl (connork)
Connor Kuehl (connork) on 2019-07-08
Changed in linux (Ubuntu Disco):
status: In Progress → New
assignee: Connor Kuehl (connork) → nobody
Stefan Bader (smb) on 2019-07-15
Changed in linux (Ubuntu Disco):
assignee: nobody → Stefan Bader (smb)
status: New → In Progress
Stefan Bader (smb) wrote :

Already applied for CVE-2018-12126, CVE-2018-12127, CVE-2018-12130:
- "x86/msr-index: Cleanup bit defines"
- "x86/speculation: Consolidate CPU whitelists"
- "x86/speculation/mds: Add basic bug infrastructure for MDS"
- "x86/speculation/mds: Add BUG_MSBDS_ONLY"
- "x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests"
- "x86/speculation/mds: Add mds_clear_cpu_buffers()"
- "x86/speculation/mds: Clear CPU buffers on exit to user"
- "x86/kvm/vmx: Add MDS protection when L1D Flush is not active"
- "x86/speculation/mds: Conditionally clear CPU buffers on idle entry"
- "x86/speculation/mds: Add mitigation control for MDS"
- "x86/speculation/mds: Add sysfs reporting for MDS"
- "x86/speculation/mds: Add mitigation mode VMWERV"
- "Documentation: Move L1TF to separate directory"
- "Documentation: Add MDS vulnerability documentation"
- "x86/speculation/mds: Add mds=full,nosmt cmdline option"
- "x86/speculation: Move arch_smt_update() call to after mitigation decisions"
- "x86/speculation/mds: Add SMT warning message"
- "x86/speculation/mds: Fix comment"
- "x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off"
- "cpu/speculation: Add 'mitigations=' cmdline option"
- "x86/speculation: Support 'mitigations=' cmdline option"
- "powerpc/speculation: Support 'mitigations=' cmdline option"
- "s390/speculation: Support 'mitigations=' cmdline option"
- "x86/speculation/mds: Add 'mitigations=' support for MDS"

Already applied for CVE-2019-11091:
- "x86/mds: Add MDSUM variant to the MDS documentation"

Already applied for CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091:
- "Documentation: Correct the possible MDS sysfs values"
- "x86/speculation/mds: Fix documentation typo"

This upstream stable already was completely applied for security.

Changed in linux (Ubuntu Disco):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 5.0.0-25.26

---------------
linux (5.0.0-25.26) disco; urgency=medium

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

 -- Kleber Sacilotto de Souza <email address hidden> Thu, 01 Aug 2019 12:04:35 +0200

Changed in linux (Ubuntu Disco):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers