Eoan update: upstream stable patchset 2020-03-24

Bug #1868865 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Eoan
Undecided
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2020-03-24

                Ported from the following upstream stable releases:
                        v4.19.107, v5.4.23

       from git://git.kernel.org/

iommu/qcom: Fix bogus detach logic
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
ALSA: hda/realtek - Apply quirk for MSI GP63, too
ALSA: hda/realtek - Apply quirk for yet another MSI laptop
ASoC: sun8i-codec: Fix setting DAI data format
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
thunderbolt: Prevent crash if non-active NVMem file is read
USB: misc: iowarrior: add support for 2 OEMed devices
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for the 100 device
floppy: check FDC index for errors before assigning it
vt: fix scrollback flushing on background consoles
vt: selection, handle pending signals in paste_selection
vt: vt_ioctl: fix race in VT_RESIZEX
staging: android: ashmem: Disallow ashmem memory from being remapped
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2
usb: host: xhci: update event ring dequeue pointer on purpose
USB: core: add endpoint-blacklist quirk
USB: quirks: blacklist duplicate ep on Sound Devices USBPre2
usb: uas: fix a plug & unplug racing
USB: Fix novation SourceControl XL after suspend
USB: hub: Don't record a connect-change event during reset-resume
USB: hub: Fix the broken detection of USB3 device in SMSC hub
usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows
usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields
staging: rtl8188eu: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8723bs: Fix potential overuse of kernel memory
powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery
jbd2: fix ocfs2 corrupt when clearing block group bits
x86/mce/amd: Publish the bank pointer only after setup has succeeded
x86/mce/amd: Fix kobject lifetime
x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF
serial: 8250: Check UPF_IRQ_SHARED in advance
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
tty: serial: imx: setup the correct sg entry for tx dma
serdev: ttyport: restore client ops on deregistration
MAINTAINERS: Update drm/i915 bug filing URL
mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps()
nvme-multipath: Fix memory leak with ana_log_buf
genirq/irqdomain: Make sure all irq domain flags are distinct
mm/vmscan.c: don't round up scan size for online memory cgroup
drm/amdgpu/soc15: fix xclk for raven
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
tty: serial: qcom_geni_serial: Fix RX cancel command failure
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets
ext4: fix a data race in EXT4_I(inode)->i_disksize
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix potential race between online resizing and write operations
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix mount failure with quota configured as module
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: apic: avoid calculating pending eoi from an uninitialized val
btrfs: fix bytes_may_use underflow in prealloc error condtition
btrfs: reset fs_root to NULL on error in open_ctree
btrfs: do not check delayed items are empty for single transaction cleanup
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
usb: dwc2: Fix in ISOC request length checking
staging: rtl8723bs: fix copy of overlapping memory
staging: greybus: use after free in gb_audio_manager_remove_all()
ecryptfs: replace BUG_ON with error handling code
iommu/vt-d: Fix compile warning from intel-svm.h
genirq/proc: Reject invalid affinity masks (again)
bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill
ALSA: rawmidi: Avoid bit fields for state flags
ALSA: seq: Avoid concurrent access to queue flags
ALSA: seq: Fix concurrent access to queue current tick/time
netfilter: xt_hashlimit: limit the max size of hashtable
rxrpc: Fix call RCU cleanup using non-bh-safe locks
ata: ahci: Add shutdown to freeze hardware resources of ahci
xen: Enable interrupts when calling _cond_resched()
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
Revert "char/random: silence a lockdep splat with printk()"
tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
btrfs: handle logged extent failure properly
e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm
usb: dwc3: debug: fix string position formatting mixup with ret and len
powerpc/8xx: Fix clearing of bits 20-23 in ITLB miss
powerpc/eeh: Fix deadlock handling dead PHB
powerpc/hugetlb: Fix 512k hugepages on 8xx with 16k page size
powerpc/hugetlb: Fix 8M hugepages on 8xx
x86/ima: use correct identifier for SetupMode variable
mm/sparsemem: pfn_to_page is not valid yet on SPARSEMEM
drm/amdgpu/gfx9: disable gfxoff when reading rlc clock
drm/amdgpu/gfx10: disable gfxoff when reading rlc clock
drm/i915: Update drm/i915 bug filing URL
sched/psi: Fix OOB write when writing 0 bytes to PSI files
KVM: nVMX: clear PIN_BASED_POSTED_INTR from nested pinbased_ctls only when apicv is globally disabled
btrfs: destroy qgroup extent records on transaction abort
Btrfs: fix race between shrinking truncate and fiemap
btrfs: don't set path->leave_spinning for truncate
Btrfs: fix deadlock during fast fsync when logging prealloc extents beyond eof
drm/i915/gvt: more locking for ppgtt mm LRU list
drm/msm/dpu: fix BGR565 vs RGB565 confusion
crypto: rename sm3-256 to sm3 in hash_algo_name
io_uring: fix __io_iopoll_check deadlock in io_sq_thread
io_uring: prevent sq_thread from spinning when it should stop
net/mlx5e: Reset RQ doorbell counter before moving RQ state from RST to RDY
net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa
s390/kaslr: Fix casts in get_random
bpf: Selftests build error in sockmap_basic.c
ASoC: SOF: Intel: hda: Add iDisp4 DAI
UBUNTU: upstream stable to v4.19.107, v5.4.23

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Eoan):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Changed in linux (Ubuntu Eoan):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 5.3.0-51.44

---------------
linux (5.3.0-51.44) eoan; urgency=medium

  * CVE-2020-11884
    - SAUCE: s390/mm: fix page table upgrade vs 2ndary address mode accesses

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 22 Apr 2020 17:35:41 -0300

Changed in linux (Ubuntu Eoan):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers