Xenial update: 4.4.221 upstream stable release

Bug #1878098 reported by Ian on 2020-05-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.4.221 upstream stable release
       from git://git.kernel.org/

The following patches from the 4.4.221 stable release shall be applied:
* ext4: fix extent_status fragmentation for plain files
* ALSA: hda - Fix incorrect usage of IS_REACHABLE()
* net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
* net: ipv4: avoid unused variable warning for sysctl
* crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
* vti4: removed duplicate log message.
* scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
* ceph: return ceph_mdsc_do_request() errors from __get_parent()
* ceph: don't skip updating wanted caps when cap is stale
* pwm: rcar: Fix late Runtime PM enablement
* scsi: iscsi: Report unbind session event when the target has been removed
* ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
* kernel/gcov/fs.c: gcov_seq_next() should increase position index
* ipc/util.c: sysvipc_find_ipc() should increase position index
* s390/cio: avoid duplicated 'ADD' uevents
* pwm: renesas-tpu: Fix late Runtime PM enablement
* pwm: bcm2835: Dynamically allocate base
* ipv6: fix restrict IPV6_ADDRFORM operation
* macvlan: fix null dereference in macvlan_device_event()
* net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
* net/x25: Fix x25_neigh refcnt leak when receiving frame
* tcp: cache line align MAX_TCP_HEADER
* team: fix hang in team_mode_get()
* xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
* ALSA: hda: Remove ASUS ROG Zenith from the blacklist
* iio: xilinx-xadc: Fix ADC-B powerdown
* iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
* iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
* fs/namespace.c: fix mountpoint reference counter race
* USB: sisusbvga: Change port variable from signed to unsigned
* USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
* drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit.
* drivers: usb: core: Minimize irq disabling in usb_sg_cancel()
* USB: core: Fix free-while-in-use bug in the USB S-Glibrary
* USB: hub: Fix handling of connect changes during sleep
* ALSA: usx2y: Fix potential NULL dereference
* ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
* ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
* KVM: Check validity of resolved slot when searching memslots
* KVM: VMX: Enable machine check support for 32bit targets
* tty: hvc: fix buffer overflow during hvc_alloc().
* tty: rocket, avoid OOB access
* usb-storage: Add unusual_devs entry for JMicron JMS566
* audit: check the length of userspace generated audit records
* ASoC: dapm: fixup dapm kcontrol widget
* ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
* staging: comedi: dt2815: fix writing hi byte of analog output
* staging: comedi: Fix comedi_device refcnt leak in comedi_open
* staging: vt6656: Fix drivers TBTT timing counter.
* staging: vt6656: Power save stop wake_up_count wrap around.
* UAS: no use logging any details in case of ENODEV
* UAS: fix deadlock in error handling and PM flushing work
* usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
* remoteproc: Fix wrong rvring index computation
* sctp: use right member as the param of list_for_each_entry
* fuse: fix possibly missed wake-up after abort
* mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
* usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
* net/cxgb4: Check the return from t4_query_params properly
* perf/core: fix parent pid/tid in task exit events
* bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
* scsi: target: fix PR IN / READ FULL STATUS for FC
* xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
* ext4: convert BUG_ON's to WARN_ON's in mballoc.c
* ext4: avoid declaring fs inconsistent due to invalid file handles
* ext4: protect journal inode's blocks using block_validity
* ext4: don't perform block validity checks on the journal inode
* ext4: fix block validity checks for journal inodes using indirect blocks
* ext4: unsigned int compared against zero
* propagate_one(): mnt_set_mountpoint() needs mount_lock
* Linux 4.4.221

CVE References

Ian (ian-may) on 2020-05-11
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Ian (ian-may) wrote :

All patches applied cleanly.

description: updated
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Xenial):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (31.3 KiB)

This bug was fixed in the package linux - 4.4.0-184.214

---------------
linux (4.4.0-184.214) xenial; urgency=medium

  * CVE-2020-0543
    - SAUCE: x86/cpu: Add a steppings field to struct x86_cpu_id
    - SAUCE: x86/cpu: Add 'table' argument to cpu_matches()
    - SAUCE: x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
      mitigation
    - SAUCE: x86/speculation: Add SRBDS vulnerability and mitigation documentation
    - SAUCE: x86/speculation: Add Ivy Bridge to affected list

linux (4.4.0-181.211) xenial; urgency=medium

  * xenial/linux: 4.4.0-181.211 -proposed tracker (LP: #1881170)

  * CVE-2020-12769
    - spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls

  * I2C bus on Dell Edge Gateway stops working after upgrading to
    Ubuntu-4.4.0-180.210 (LP: #1881124)
    - SAUCE: Revert: Revert "ACPI / LPSS: allow to use specific PM domain during
      ->probe()"

linux (4.4.0-180.210) xenial; urgency=medium

  * xenial/linux: 4.4.0-180.210 -proposed tracker (LP: #1878873)

  * Xenial update: 4.4.223 upstream stable release (LP: #1878232)
    - mwifiex: fix PCIe register information for 8997 chipset
    - drm/qxl: qxl_release use after free
    - drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
    - staging: rtl8192u: Fix crash due to pointers being "confusing"
    - usb: gadget: f_acm: Fix configfs attr name
    - usb: gadged: pch_udc: get rid of redundant assignments
    - usb: gadget: pch_udc: reorder spin_[un]lock to avoid deadlock
    - usb: gadget: udc: core: don't starve DMA resources
    - MIPS: Fix macro typo
    - MIPS: ptrace: Drop cp0_tcstatus from regoffset_table[]
    - MIPS: BMIPS: Fix PRID_IMP_BMIPS5000 masking for BMIPS5200
    - MIPS: smp-cps: Stop printing EJTAG exceptions to UART
    - MIPS: scall: Handle seccomp filters which redirect syscalls
    - MIPS: BMIPS: BMIPS5000 has I cache filing from D cache
    - MIPS: BMIPS: Clear MIPS_CACHE_ALIASES earlier
    - MIPS: BMIPS: local_r4k___flush_cache_all needs to blast S-cache
    - MIPS: BMIPS: Pretty print BMIPS5200 processor name
    - MIPS: Fix HTW config on XPA kernel without LPA enabled
    - MIPS: BMIPS: Adjust mips-hpt-frequency for BCM7435
    - MIPS: math-emu: Fix BC1{EQ,NE}Z emulation
    - MIPS: Fix BC1{EQ,NE}Z return offset calculation
    - MIPS: perf: Fix I6400 event numbers
    - MIPS: KVM: Fix translation of MFC0 ErrCtl
    - MIPS: SMP: Update cpu_foreign_map on CPU disable
    - MIPS: c-r4k: Fix protected_writeback_scache_line for EVA
    - MIPS: Octeon: Off by one in octeon_irq_gpio_map()
    - bpf, mips: fix off-by-one in ctx offset allocation
    - MIPS: RM7000: Double locking bug in rm7k_tc_disable()
    - MIPS: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO
    - mips/panic: replace smp_send_stop() with kdump friendly version in panic
      path
    - ARM: dts: armadillo800eva Correct extal1 frequency to 24 MHz
    - ARM: imx: select SRC for i.MX7
    - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wxl/wsxl
    - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wvl/vl
    - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wxl/wsxl
    - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wvl/v...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers