Xenial update: 4.4.220 upstream stable release

Bug #1875905 reported by Ian on 2020-04-29
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.4.220 upstream stable release
       from git://git.kernel.org/

The following patches from the 4.4.220 stable release shall be applied:
* bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
* net: vxge: fix wrong __VA_ARGS__ usage
* qlcnic: Fix bad kzalloc null test
* i2c: st: fix missing struct parameter description
* irqchip/versatile-fpga: Handle chained IRQs properly
* selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
* libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
* gfs2: Don't demote a glock until its revokes are written
* x86/boot: Use unsigned comparison for addresses
* locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
* btrfs: remove a BUG_ON() from merge_reloc_roots()
* btrfs: track reloc roots based on their commit root bytenr
* misc: rtsx: set correct pcr_ops for rts522A
* ASoC: fix regwmask
* ASoC: dapm: connect virtual mux with default value
* ASoC: dpcm: allow start or stop during pause for backend
* ASoC: topology: use name_prefix for new kcontrol
* usb: gadget: f_fs: Fix use after free issue as part of queue failure
* usb: gadget: composite: Inform controller driver of self-powered
* ALSA: usb-audio: Add mixer workaround for TRX40 and co
* ALSA: hda: Add driver blacklist
* ALSA: hda: Fix potential access overflow in beep helper
* ALSA: ice1724: Fix invalid access for enumerated ctl items
* ALSA: pcm: oss: Fix regression by buffer overflow fix
* acpi/x86: ignore unspecified bit positions in the ACPI global lock field
* thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
* KEYS: reaching the keys quotas correctly
* irqchip/versatile-fpga: Apply clear-mask earlier
* MIPS: OCTEON: irq: Fix potential NULL pointer dereference
* ath9k: Handle txpower changes even when TPC is disabled
* signal: Extend exec_id to 64bits
* x86/entry/32: Add missing ASM_CLAC to general_protection entry
* KVM: x86: Allocate new rmap and large page tracking when moving memslot
* crypto: mxs-dcp - fix scatterlist linearization for hash
* futex: futex_wake_op, do not fail on invalid op
* xen-netfront: Rework the fix for Rx stall during OOM and network stress
* ALSA: hda: Initialize power_state field properly
* Btrfs: incremental send, fix invalid memory access
* IB/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush
* scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
* arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
* ext4: fix a data race at inode->i_blocks
* ocfs2: no need try to truncate file beyond i_size
* s390/diag: fix display of diagnose call statistics
* Input: i8042 - add Acer Aspire 5738z to nomux list
* kmod: make request_module() return an error when autoloading is disabled
* hfsplus: fix crash and filesystem corruption when deleting files
* libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
* powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
* Btrfs: fix crash during unmount due to race with delayed inode workers
* drm/dp_mst: Fix clearing payload state on topology disable
* ipmi: fix hung processes in __get_guid()
* powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
* misc: echo: Remove unnecessary parentheses and simplify check for zero
* mfd: dln2: Fix sanity checking for endpoints
* net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
* net: ipv6: do not consider routes via gateways for anycast address check
* scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
* jbd2: improve comments about freeing data buffers whose page mapping is NULL
* ext4: fix incorrect group count in ext4_fill_super error message
* ext4: fix incorrect inodes per group in error message
* ASoC: Intel: mrfld: fix incorrect check on p->sink
* ASoC: Intel: mrfld: return error codes when an error occurs
* ALSA: usb-audio: Don't override ignore_ctl_error value from the map
* mac80211_hwsim: Use kstrndup() in place of kasprintf()
* ext4: do not zeroout extents beyond i_disksize
* dm flakey: check for null arg_name in parse_features()
* kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
* x86/mitigations: Clear CPU buffers on the SYSCALL fast path
* tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
* scsi: sg: add sg_remove_request in sg_common_write
* ALSA: hda: Don't release card at firmware loading error
* video: fbdev: sis: Remove unnecessary parentheses and commented code
* drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
* wil6210: increase firmware ready timeout
* wil6210: fix temperature debugfs
* scsi: ufs: ufs-qcom: remove broken hci version quirk
* wil6210: rate limit wil_rx_refill error
* rtc: pm8xxx: Fix issue in RTC write path
* soc: qcom: smem: Use le32_to_cpu for comparison
* of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
* of: unittest: kmemleak in of_unittest_platform_populate()
* clk: at91: usb: continue if clk_hw_round_rate() return zero
* clk: tegra: Fix Tegra PMC clock out parents
* NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
* ext4: do not commit super on read-only bdev
* percpu_counter: fix a data race at vm_committed_as
* compiler.h: fix error in BUILD_BUG_ON() reporting
* NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
* ext2: fix empty body warnings when -Wextra is used
* iommu/amd: Fix the configuration of GCR3 table root pointer
* fbdev: potential information leak in do_fb_ioctl()
* tty: evh_bytechan: Fix out of bounds accesses
* locktorture: Print ratio of acquisitions, not failures
* mtd: lpddr: Fix a double free in probe()
* mtd: phram: fix a double free issue in error path
* x86/CPU: Add native CPUID variants returning a single datum
* x86/microcode/intel: replace sync_core() with native_cpuid_reg(eax)
* x86/vdso: Fix lsl operand order
* Linux 4.4.220

CVE References

Ian (ian-may) on 2020-04-29
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Ian (ian-may) wrote :

Please note that the following patches have been skipped as they were already applied to xenial/linux:
* KEYS: reaching the keys quotas correctly

The following patch needed some context adjustment:
* KVM: x86: Allocate new rmap and large page tracking when moving memslot

All the other patches applied cleanly.

description: updated
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (31.3 KiB)

This bug was fixed in the package linux - 4.4.0-184.214

---------------
linux (4.4.0-184.214) xenial; urgency=medium

  * CVE-2020-0543
    - SAUCE: x86/cpu: Add a steppings field to struct x86_cpu_id
    - SAUCE: x86/cpu: Add 'table' argument to cpu_matches()
    - SAUCE: x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
      mitigation
    - SAUCE: x86/speculation: Add SRBDS vulnerability and mitigation documentation
    - SAUCE: x86/speculation: Add Ivy Bridge to affected list

linux (4.4.0-181.211) xenial; urgency=medium

  * xenial/linux: 4.4.0-181.211 -proposed tracker (LP: #1881170)

  * CVE-2020-12769
    - spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls

  * I2C bus on Dell Edge Gateway stops working after upgrading to
    Ubuntu-4.4.0-180.210 (LP: #1881124)
    - SAUCE: Revert: Revert "ACPI / LPSS: allow to use specific PM domain during
      ->probe()"

linux (4.4.0-180.210) xenial; urgency=medium

  * xenial/linux: 4.4.0-180.210 -proposed tracker (LP: #1878873)

  * Xenial update: 4.4.223 upstream stable release (LP: #1878232)
    - mwifiex: fix PCIe register information for 8997 chipset
    - drm/qxl: qxl_release use after free
    - drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
    - staging: rtl8192u: Fix crash due to pointers being "confusing"
    - usb: gadget: f_acm: Fix configfs attr name
    - usb: gadged: pch_udc: get rid of redundant assignments
    - usb: gadget: pch_udc: reorder spin_[un]lock to avoid deadlock
    - usb: gadget: udc: core: don't starve DMA resources
    - MIPS: Fix macro typo
    - MIPS: ptrace: Drop cp0_tcstatus from regoffset_table[]
    - MIPS: BMIPS: Fix PRID_IMP_BMIPS5000 masking for BMIPS5200
    - MIPS: smp-cps: Stop printing EJTAG exceptions to UART
    - MIPS: scall: Handle seccomp filters which redirect syscalls
    - MIPS: BMIPS: BMIPS5000 has I cache filing from D cache
    - MIPS: BMIPS: Clear MIPS_CACHE_ALIASES earlier
    - MIPS: BMIPS: local_r4k___flush_cache_all needs to blast S-cache
    - MIPS: BMIPS: Pretty print BMIPS5200 processor name
    - MIPS: Fix HTW config on XPA kernel without LPA enabled
    - MIPS: BMIPS: Adjust mips-hpt-frequency for BCM7435
    - MIPS: math-emu: Fix BC1{EQ,NE}Z emulation
    - MIPS: Fix BC1{EQ,NE}Z return offset calculation
    - MIPS: perf: Fix I6400 event numbers
    - MIPS: KVM: Fix translation of MFC0 ErrCtl
    - MIPS: SMP: Update cpu_foreign_map on CPU disable
    - MIPS: c-r4k: Fix protected_writeback_scache_line for EVA
    - MIPS: Octeon: Off by one in octeon_irq_gpio_map()
    - bpf, mips: fix off-by-one in ctx offset allocation
    - MIPS: RM7000: Double locking bug in rm7k_tc_disable()
    - MIPS: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO
    - mips/panic: replace smp_send_stop() with kdump friendly version in panic
      path
    - ARM: dts: armadillo800eva Correct extal1 frequency to 24 MHz
    - ARM: imx: select SRC for i.MX7
    - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wxl/wsxl
    - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wvl/vl
    - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wxl/wsxl
    - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wvl/v...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers