Bionic update: upstream stable patchset 2020-03-30

Bug #1869732 reported by Kamal Mostafa
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2020-03-30

                Ported from the following upstream stable releases:
                        v4.14.174, v4.19.110,

       from git://

phy: Revert toggling reset changes.
net: phy: Avoid multiple suspends
cgroup, netclassid: periodically release file_lock on classid updating
gre: fix uninit-value in __iptunnel_pull_header
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
netlink: Use netlink header as base to calculate bad attribute offset
net: macsec: update SCI upon MAC address change.
net: nfc: fix bounds checking bugs on "pipe"
net/packet: tpacket_rcv: do not increment ring index on drop
sfc: detach from cb_page in efx_copy_channel()
bnxt_en: reinitialize IRQs when MTU is modified
cgroup: memcg: net: do not associate sock with unrelated cgroup
net: memcg: late association of sock to memcg
net: memcg: fix lockdep splat in inet_csk_accept()
fib: add missing attribute validation for tun_id
nl802154: add missing attribute validation
nl802154: add missing attribute validation for dev_type
can: add missing attribute validation for termination
macsec: add missing attribute validation for port
net: fq: add missing attribute validation for orphan mask
team: add missing attribute validation for port ifindex
team: add missing attribute validation for array index
nfc: add missing attribute validation for SE API
nfc: add missing attribute validation for vendor subcommand
net: phy: fix MDIO bus PM PHY resuming
bonding/alb: make sure arp header is pulled before accessing it
slip: make slhc_compress() more robust against malicious packets
net: fec: validate the new settings in fec_enet_set_coalesce()
macvlan: add cond_resched() during multicast processing
inet_diag: return classid for all socket types
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: egress mcast packets are not exceptional
ipvlan: don't deref eth hdr before checking it's set
cgroup: cgroup_procs_next should increase position index
cgroup: Iterate tasks that did not finish do_exit()
virtio-blk: fix hw_queue stopped on arbitrary error
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
workqueue: don't use wq_select_unbound_cpu() for bound works
drm/amd/display: remove duplicated assignment to grph_obj_type
ktest: Add timeout for ssh sync testing
cifs_atomic_open(): fix double-put on late allocation failure
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
KVM: x86: clear stale x86_emulate_ctxt->intercept value
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
efi: Fix a race and a buffer overflow while reading efivars via sysfs
x86/mce: Fix logic and comments around MSR_PPIN_CTL
iommu/dma: Fix MSI reservation allocation
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
pinctrl: meson-gxl: fix GPIOX sdio pins
pinctrl: core: Remove extra kref_get which blocks hogs being freed
nl80211: add missing attribute validation for critical protocol indication
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for channel switch
netfilter: cthelper: add missing attribute validation for cthelper
netfilter: nft_payload: add missing attribute validation for payload csum flags
iommu/vt-d: Fix the wrong printing in RHSA parsing
iommu/vt-d: Ignore devices with out-of-spec domain number
i2c: acpi: put device when verifying client fails
ipv6: restrict IPV6_ADDRFORM operation
net/smc: check for valid ib_client_data
efi: Add a sanity check to efivar_store_raw()
batman-adv: Fix internal interface indices types
batman-adv: update data pointers after skb_cow()
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Avoid free/alloc race when handling OGM2 buffer
batman-adv: Don't schedule OGM for disabled interface
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
ACPI: watchdog: Allow disabling WDAT at boot
HID: apple: Add support for recent firmware on Magic Keyboards
HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
cfg80211: check reg_rule for NULL in handle_channel_custom()
scsi: libfc: free response frame from GPN_ID
net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch
net: ks8851-ml: Fix IRQ handling and locking
mac80211: rx: avoid RCU list traversal under mutex
signal: avoid double atomic counter increments for user accounting
slip: not call free_netdev before rtnl_unlock in slip_open
hinic: fix a bug of setting hw_ioctxt
net: rmnet: fix NULL pointer dereference in rmnet_newlink()
jbd2: fix data races at struct journal_head
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
ARM: 8958/1: rename missed uaccess .fixup section
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ipv4: ensure rcu_read_lock() in cipso_v4_error()
nfc: add missing attribute validation for deactivate target
netfilter: nf_conntrack: ct_cpu_seq_next should increase position index
netfilter: synproxy: synproxy_cpu_seq_next should increase position index
netfilter: xt_recent: recent_seq_next should increase position index
macintosh: windfarm: fix MODINFO regression
i2c: gpio: suppress error on probe defer
net/smc: cancel event worker during device removal
hinic: fix a irq affinity bug
net: rmnet: fix suspicious RCU usage
net: rmnet: remove rcu_read_lock in rmnet_force_unassociate_device()
net: rmnet: fix packet forwarding in rmnet bridge mode
sfc: fix timestamp reconstruction at 16-bit rollover points
driver core: Fix adding device links to probing suppliers
net: qrtr: fix len of skb_put_padto in qrtr_node_enqueue
UBUNTU: upstream stable to v4.14.174, v4.19.112

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.15.0-99.100

linux (4.15.0-99.100) bionic; urgency=medium

  * CVE-2020-11884
    - SAUCE: s390/mm: fix page table upgrade vs 2ndary address mode accesses

 -- Marcelo Henrique Cerri <email address hidden> Wed, 22 Apr 2020 15:31:14 -0300

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers