Xenial update: 4.4.187 upstream stable release

Bug #1840081 reported by Connor Kuehl on 2019-08-13
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Connor Kuehl

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:
* MIPS: ath79: fix ar933x uart parity mode
* MIPS: fix build on non-linux hosts
* dmaengine: imx-sdma: fix use-after-free on probe error path
* ath10k: Do not send probe response template for mesh
* ath9k: Check for errors when reading SREV register
* ath6kl: add some bounds checking
* ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
* batman-adv: fix for leaked TVLV handler.
* media: dvb: usb: fix use after free in dvb_usb_device_exit
* crypto: talitos - fix skcipher failure due to wrong output IV
* media: marvell-ccic: fix DMA s/g desc number calculation
* media: vpss: fix a potential NULL pointer dereference
* net: stmmac: dwmac1000: Clear unused address entries
* signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
* af_key: fix leaks in key_pol_get_resp and dump_sp.
* xfrm: Fix xfrm sel prefix length validation
* media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
* net: phy: Check against net_device being NULL
* tua6100: Avoid build warnings.
* locking/lockdep: Fix merging of hlocks with non-zero references
* media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
* cpupower : frequency-set -r option misses the last cpu in related cpu list
* net: fec: Do not use netdev messages too early
* net: axienet: Fix race condition causing TX hang
* s390/qdio: handle PENDING state for QEBSM devices
* perf test 6: Fix missing kvm module load for s390
* gpio: omap: fix lack of irqstatus_raw0 for OMAP4
* gpio: omap: ensure irq is enabled before wakeup
* regmap: fix bulk writes on paged registers
* bpf: silence warning messages in core
* rcu: Force inlining of rcu_read_lock()
* xfrm: fix sa selector validation
* perf evsel: Make perf_evsel__name() accept a NULL argument
* vhost_net: disable zerocopy by default
* EDAC/sysfs: Fix memory leak when creating a csrow object
* media: i2c: fix warning same module names
* ntp: Limit TAI-UTC offset
* timer_list: Guard procfs specific code
* acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
* media: coda: fix mpeg2 sequence number handling
* media: coda: increment sequence offset for the last returned frame
* mt7601u: do not schedule rx_tasklet when the device has been disconnected
* x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
* mt7601u: fix possible memory leak when the device is disconnected
* ath10k: fix PCIE device wake up failed
* rslib: Fix decoding of shortened codes
* rslib: Fix handling of of caller provided syndrome
* ixgbe: Check DDM existence in transceiver before access
* EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
* bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
* Bluetooth: hci_bcsp: Fix memory leak in rx_skb
* Bluetooth: 6lowpan: search for destination address in all peers
* Bluetooth: Check state in l2cap_disconnect_rsp
* Bluetooth: validate BLE connection interval updates
* crypto: ghash - fix unaligned memory access in ghash_setkey()
* crypto: arm64/sha1-ce - correct digest for empty data in finup
* crypto: arm64/sha2-ce - correct digest for empty data in finup
* Input: gtco - bounds check collection indent level
* regulator: s2mps11: Fix buck7 and buck8 wrong voltages
* tracing/snapshot: Resize spare buffer if size changed
* NFSv4: Handle the special Linux file open access mode
* lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
* ALSA: seq: Break too long mutex context in the write loop
* media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
* media: coda: Remove unbalanced and unneeded mutex unlock
* KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
* drm/nouveau/i2c: Enable i2c pads & busses during preinit
* padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
* 9p/virtio: Add cleanup path in p9_virtio_init
* PCI: Do not poll for PME if the device is in D3cold
* take floppy compat ioctls to sodding floppy.c
* floppy: fix out-of-bounds read in next_valid_format
* floppy: fix invalid pointer dereference in drive_name
* coda: pass the host file in vma->vm_file on mmap
* gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
* parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
* powerpc/32s: fix suspend/resume when IBATs 4-7 are used
* powerpc/watchpoint: Restore NV GPRs while returning from exception
* eCryptfs: fix a couple type promotion bugs
* intel_th: msu: Fix single mode with disabled IOMMU
* Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
* usb: Handle USB3 remote wakeup for LPM enabled devices correctly
* dm bufio: fix deadlock with loop device
* bnx2x: Prevent load reordering in tx completion processing
* caif-hsi: fix possible deadlock in cfhsi_exit_module()
* ipv4: don't set IPv6 only flags to IPv4 addresses
* net: bcmgenet: use promisc for unsupported filters
* net: neigh: fix multiple neigh timer scheduling
* nfc: fix potential illegal memory access
* sky2: Disable MSI on ASUS P6T
* netrom: fix a memory leak in nr_rx_frame()
* netrom: hold sock when setting skb->destructor
* tcp: Reset bytes_acked and bytes_received when disconnecting
* bonding: validate ip header before check IPPROTO_IGMP
* net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
* net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
* net: bridge: stp: don't cache eth dest pointer before skb pull
* elevator: fix truncation of icq_cache_name
* NFSv4: Fix open create exclusive when the server reboots
* nfsd: increase DRC cache limit
* nfsd: give out fewer session slots as limit approaches
* nfsd: fix performance-limiting session calculation
* nfsd: Fix overflow causing non-working mounts on 1 TB machines
* drm/panel: simple: Fix panel_simple_dsi_probe
* usb: core: hub: Disable hub-initiated U1/U2
* tty: max310x: Fix invalid baudrate divisors calculator
* pinctrl: rockchip: fix leaked of_node references
* tty: serial: cpm_uart - fix init when SMC is relocated
* memstick: Fix error cleanup path of memstick_init
* tty/serial: digicolor: Fix digicolor-usart already registered warning
* tty: serial: msm_serial: avoid system lockup condition
* drm/virtio: Add memory barriers for capset cache.
* phy: renesas: rcar-gen2: Fix memory leak at error paths
* usb: gadget: Zero ffs_io_data
* powerpc/pci/of: Fix OF flags parsing for 64bit BARs
* PCI: sysfs: Ignore lockdep for remove attribute
* iio: iio-utils: Fix possible incorrect mask calculation
* recordmcount: Fix spurious mcount entries on powerpc
* mfd: core: Set fwnode for created devices
* mfd: arizona: Fix undefined behavior
* um: Silence lockdep complaint about mmap_sem
* powerpc/4xx/uic: clear pending interrupt after irq type/pol change
* serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
* kallsyms: exclude kasan local symbols on s390
* perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
* f2fs: avoid out-of-range memory access
* mailbox: handle failed named mailbox channel request
* powerpc/eeh: Handle hugepages in ioremap space
* sh: prevent warnings when using iounmap
* mm/kmemleak.c: fix check for softirq context
* 9p: pass the correct prototype to read_cache_page
* mm/mmu_notifier: use hlist_add_head_rcu()
* locking/lockdep: Fix lock used or unused stats error
* locking/lockdep: Hide unused 'class' variable
* usb: wusbcore: fix unbalanced get/put cluster_id
* usb: pci-quirks: Correct AMD PLL quirk detection
* x86/sysfb_efi: Add quirks for some devices with swapped width and height
* x86/speculation/mds: Apply more accurate check on hypervisor platform
* hpet: Fix division by zero in hpet_time_div()
* ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
* ALSA: hda - Add a conexant codec entry to let mute led work
* access: avoid the RCU grace period for the temporary subjective credentials
* vmstat: Remove BUG_ON from vmstat_update
* mm, vmstat: make quiet_vmstat lighter
* ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
* tcp: reset sk_send_head in tcp_write_queue_purge
* ISDN: hfcsusb: checking idx of ep configuration
* media: cpia2_usb: first wake up, then free in disconnect
* media: radio-raremono: change devm_k*alloc to k*alloc
* Bluetooth: hci_uart: check for missing tty operations
* sched/fair: Don't free p->numa_faults with concurrent readers
* drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
* ceph: hold i_ceph_lock when removing caps for freeing inode
* Linux 4.4.187

       4.4.187 upstream stable release
       from git://git.kernel.org/

Connor Kuehl (connork) on 2019-08-13
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Connor Kuehl (connork)
Connor Kuehl (connork) wrote :

The following patches have already been applied:

* floppy: fix div-by-zero in setup_format_params
* floppy: fix out-of-bounds read in copy_buffer
* powerpc/tm: Fix oops on sigreturn on systems without TM

Connor Kuehl (connork) on 2019-08-14
description: updated
description: updated
description: updated
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (12.8 KiB)

This bug was fixed in the package linux - 4.4.0-165.193

---------------
linux (4.4.0-165.193) xenial; urgency=medium

  * xenial/linux: 4.4.0-165.193 -proposed tracker (LP: #1844416)

  * Xenial update: 4.4.187 upstream stable release (LP: #1840081)
    - MIPS: ath79: fix ar933x uart parity mode
    - MIPS: fix build on non-linux hosts
    - dmaengine: imx-sdma: fix use-after-free on probe error path
    - ath10k: Do not send probe response template for mesh
    - ath9k: Check for errors when reading SREV register
    - ath6kl: add some bounds checking
    - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
    - batman-adv: fix for leaked TVLV handler.
    - media: dvb: usb: fix use after free in dvb_usb_device_exit
    - crypto: talitos - fix skcipher failure due to wrong output IV
    - media: marvell-ccic: fix DMA s/g desc number calculation
    - media: vpss: fix a potential NULL pointer dereference
    - net: stmmac: dwmac1000: Clear unused address entries
    - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
    - af_key: fix leaks in key_pol_get_resp and dump_sp.
    - xfrm: Fix xfrm sel prefix length validation
    - media: staging: media: davinci_vpfe: - Fix for memory leak if decoder
      initialization fails.
    - net: phy: Check against net_device being NULL
    - tua6100: Avoid build warnings.
    - locking/lockdep: Fix merging of hlocks with non-zero references
    - media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
    - cpupower : frequency-set -r option misses the last cpu in related cpu list
    - net: fec: Do not use netdev messages too early
    - net: axienet: Fix race condition causing TX hang
    - s390/qdio: handle PENDING state for QEBSM devices
    - perf test 6: Fix missing kvm module load for s390
    - gpio: omap: fix lack of irqstatus_raw0 for OMAP4
    - gpio: omap: ensure irq is enabled before wakeup
    - regmap: fix bulk writes on paged registers
    - bpf: silence warning messages in core
    - rcu: Force inlining of rcu_read_lock()
    - xfrm: fix sa selector validation
    - perf evsel: Make perf_evsel__name() accept a NULL argument
    - vhost_net: disable zerocopy by default
    - EDAC/sysfs: Fix memory leak when creating a csrow object
    - media: i2c: fix warning same module names
    - ntp: Limit TAI-UTC offset
    - timer_list: Guard procfs specific code
    - acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
    - media: coda: fix mpeg2 sequence number handling
    - media: coda: increment sequence offset for the last returned frame
    - mt7601u: do not schedule rx_tasklet when the device has been disconnected
    - x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
    - mt7601u: fix possible memory leak when the device is disconnected
    - ath10k: fix PCIE device wake up failed
    - rslib: Fix decoding of shortened codes
    - rslib: Fix handling of of caller provided syndrome
    - ixgbe: Check DDM existence in transceiver before access
    - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
    - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
    - Bluetooth: hci_bcsp: Fix memory ...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers