Eoan update: upstream stable patchset 2020-03-16

Bug #1867677 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Eoan
Undecided
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2020-03-16

                Ported from the following upstream stable releases:
                        v4.19.104, v5.4.20,
                        v4.19.105, v5.4.21

       from git://git.kernel.org/

ASoC: pcm: update FE/BE trigger order based on the command
hv_sock: Remove the accept port restriction
IB/mlx4: Fix memory leak in add_gid error flow
RDMA/netlink: Do not always generate an ACK for some netlink operations
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/uverbs: Verify MR access flags
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/switchtec: Fix vep_vector_number ioread width
PCI: Don't disable bridge BARs when assigning bus resources
nfs: NFS_SWAP should depend on SWAP
NFS: Revalidate the file size on a fatal write error
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFSv4: try lease recovery on NFS4ERR_EXPIRED
rtc: hym8563: Return -EINVAL if the time is known to be invalid
rtc: cmos: Stop using shared IRQ
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARM: dts: at91: Reenable UART TX pull-ups
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
tools/power/acpi: fix compilation error
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: 8949/1: mm: mark free_memmap as __init
arm64: cpufeature: Fix the type of no FP/SIMD capability
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
KVM: arm/arm64: Fix young bit from mmu notifier
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
mtd: sharpslpart: Fix unsigned comparison to zero
crypto: artpec6 - return correct error code for failed setkey()
crypto: atmel-sha - fix error handling when setting hmac key
media: i2c: adv748x: Fix unsafe macros
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
padata: fix null pointer deref of pd->pinst
IB/srp: Never use immediate data if it is disabled by a user
IB/mlx4: Fix leak in id_map_find_del
RDMA/i40iw: fix a potential NULL pointer dereference
RDMA/cma: Fix unbalanced cm_id reference count during address resolve
RDMA/umem: Fix ib_umem_find_best_pgsz()
PCI/switchtec: Use dma_set_mask_and_coherent()
PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30
PCI/AER: Initialize aer_fifo
iwlwifi: mvm: avoid use after free for pmsr request
bpftool: Don't crash on missing xlated program instructions
bpf, sockmap: Don't sleep while holding RCU lock on tear-down
bpf, sockhash: Synchronize_rcu before free'ing map
selftests/bpf: Test freeing sockmap/sockhash with a socket in it
bpf: Improve bucket_log calculation logic
bpf, sockmap: Check update requirements after locking
NFS: Fix fix of show_nfs_errors
NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
x86/boot: Handle malformed SRAT tables during early ACPI parsing
arm64: dts: qcom: msm8998: Fix tcsr syscon size
arm64: dts: uDPU: fix broken ethernet
arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound
arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node
ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP
ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP
soc: qcom: rpmhpd: Set 'active_only' for active only power domains
powerpc/ptdump: Fix W+X verification call in mark_rodata_ro()
powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX
powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths
ARM: at91: pm: use SAM9X60 PMC's compatible
ARM: at91: pm: use of_device_id array to find the proper shdwc node
sched/uclamp: Fix a bug in propagating uclamp value in new cgroups
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
KVM: arm64: pmu: Fix chained SW_INCR counters
KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer
arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
crypto: testmgr - don't try to decrypt uninitialized buffers
crypto: caam/qi2 - fix typo in algorithm's driver name
drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe
bcache: avoid unnecessary btree nodes flushing in btree_flush_write()
selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"
selinux: fix regression introduced by move_mount(2) syscall
pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control
regmap: fix writes to non incrementing registers
mfd: max77650: Select REGMAP_IRQ in Kconfig
clk: meson: g12a: fix missing uart2 in regmap table
dmaengine: axi-dmac: add a check for devm_regmap_init_mmio
selinux: fall back to ref-walk if audit is required
UBUNTU: upstream stable to v4.19.104, v5.4.20
Input: synaptics - switch T470s to RMI4 by default
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
ALSA: usb-audio: Fix UAC2/3 effect unit parsing
ALSA: hda/realtek - Fix silent output on MSI-GL73
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
ALSA: usb-audio: sound: usb: usb true/false for bool return type
ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000
ext4: don't assume that mmp_nodename/bdevname have NUL
ext4: fix support for inode sizes > 1024 bytes
ext4: fix checksum errors with indexed dirs
ext4: add cond_resched() to ext4_protect_reserved_inode
ext4: improve explanation of a mount failure caused by a misconfigured kernel
Btrfs: fix race between using extent maps and merging them
btrfs: ref-verify: fix memory leaks
btrfs: print message when tree-log replay starts
btrfs: log message when rw remount is attempted with unclean tree-log
ARM: npcm: Bring back GPIOLIB support
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info
IB/hfi1: Acquire lock to release TID entries when user file is closed
IB/hfi1: Close window for pq and request coliding
IB/rdmavt: Reset all QPs when the device is shut down
RDMA/core: Fix invalid memory access in spec_filter_size
RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create
RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
s390/time: Fix clk type in get_tod_clock
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
NFSv4.1 make cachethis=no for writes
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging
ALSA: hda/realtek - Add more codec supported Headset Button
ACPI: EC: Fix flushing of pending work
ACPICA: Introduce acpi_any_gpe_status_set()
gpio: xilinx: Fix bug where the wrong GPIO register is written to
xprtrdma: Fix DMA scatter-gather list mapping imbalance
cifs: make sure we do not overflow the max EA buffer size
EDAC/sysfs: Remove csrow objects on errors
KVM: nVMX: Use correct root level for nested EPT shadow page tables
s390/uv: Fix handling of length extensions
drm/vgem: Close use-after-free race in vgem_gem_create
drivers: ipmi: fix off-by-one bounds check that leads to a out-of-bounds write
IB/mlx5: Return failure when rts2rts_qp_counters_set_id is not supported
IB/umad: Fix kernel crash while unloading ib_umad
RDMA/iw_cxgb4: initiate CLOSE when entering TERM
spmi: pmic-arb: Set lockdep class for hierarchical irq domains
mac80211: fix quiet mode activation in action frames
cifs: fix mount option display for sec=krb5i
arm64: dts: fast models: Fix FVP PCI interrupt-map property
KVM: x86: Mask off reserved bit from #DB exception payload
perf stat: Don't report a null stalled cycles per insn metric
Revert "drm/sun4i: drv: Allow framebuffer modifiers in mode config"
ext4: choose hardlimit when softlimit is larger than hardlimit in ext4_statfs_project()
gpio: add gpiod_toggle_active_low()
mmc: core: Rework wp-gpio handling
UBUNTU: upstream stable to v4.19.105, v5.4.21

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Eoan):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Changed in linux (Ubuntu Eoan):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 5.3.0-51.44

---------------
linux (5.3.0-51.44) eoan; urgency=medium

  * CVE-2020-11884
    - SAUCE: s390/mm: fix page table upgrade vs 2ndary address mode accesses

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 22 Apr 2020 17:35:41 -0300

Changed in linux (Ubuntu Eoan):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers