Bionic update: upstream stable patchset 2020-06-02

Bug #1881801 reported by Kamal Mostafa
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2020-06-02

                Ported from the following upstream stable releases:
                        v4.14.182, v4.19.125

       from git://

i2c: dev: Fix the race between the release of i2c_dev and cdev
ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
evm: Check also if *tfm is an error pointer in init_desc()
ima: Fix return value of ima_write_policy()
fix multiplication overflow in copy_fdtable()
iommu/amd: Fix over-read of ACPI UID from IVRS table
i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()'
ubi: Fix seq_file usage in detailed_erase_block_info debugfs file
gcc-common.h: Update for GCC 10
HID: multitouch: add eGalaxTouch P80H84 support
scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV
configfs: fix config_item refcnt leak in configfs_rmdir()
vhost/vsock: fix packet delivery order to monitoring devices
component: Silence bind error on -EPROBE_DEFER
scsi: ibmvscsi: Fix WARN_ON during event pool release
x86/apic: Move TSC deadline timer debug printk
gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp()
ceph: fix double unlock in handle_cap_export()
USB: core: Fix misleading driver bug report
platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA
ARM: futex: Address build warning
padata: Replace delayed timer with immediate workqueue in padata_reorder
padata: initialize pd->cpu with effective cpumask
padata: purge get_cpu and reorder_via_wq from padata_do_serial
arm64: fix the flush_icache_range arguments in machine_kexec
ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option
ALSA: pcm: fix incorrect hw_base increase
apparmor: Fix aa_label refcnt leak in policy_update
dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()'
powerpc: restore alphabetic order in Kconfig
powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE
powerpc/64s: Disable STRICT_KERNEL_RWX
x86/uaccess, ubsan: Fix UBSAN vs. SMAP
ubsan: build ubsan.c more conservatively
libnvdimm/btt: Remove unnecessary code in btt_freelist_init
libnvdimm/btt: Fix LBA masking during 'free list' population
media: fdp1: Fix R-Car M3-N naming in debug message
cxgb4: free mac_hlist properly
cxgb4/cxgb4vf: Fix mac_hlist initialization and free
Revert "gfs2: Don't demote a glock until its revokes are written"
staging: iio: ad2s1210: Fix SPI reading
staging: greybus: Fix uninitialized scalar variable
iio: sca3000: Remove an erroneous 'get_device()'
iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()'
mei: release me_cl object reference
rapidio: fix an error in get_user_pages_fast() error handling
rxrpc: Fix a memory leak in rxkad_verify_response()
x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks
iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel()
iio: adc: stm32-adc: fix device used to request dma
riscv: set max_pfn to the PFN of the last page
ubifs: remove broken lazytime support
HID: alps: Add AUI1657 device ID
HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead
aquantia: Fix the media type of AQC100 ethernet controller in the driver
HID: i2c-hid: reset Synaptics SYNA2393 on resume
HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock
stmmac: fix pointer check after utilization in stmmac_interrupt
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme
ALSA: hda/realtek - Add more fixup entries for Clevo machines
drm/etnaviv: fix perfmon domain interation
nfit: Add Hyper-V NVDIMM DSM command set to white list
thunderbolt: Drop duplicated get_switch_at_route()
net: bcmgenet: code movement
net: bcmgenet: abort suspend on error
misc: rtsx: Add short delay after exit from ASPM
UBUNTU: upstream stable to v4.14.182, v4.19.125

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (17.7 KiB)

This bug was fixed in the package linux - 4.15.0-109.110

linux (4.15.0-109.110) bionic; urgency=medium

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - update dkms package versions

  * Build and ship a signed wireguard.ko (LP: #1861284)
    - [Packaging] wireguard -- add support for building signed .ko

  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start

  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open

  * CVE-2019-12380
    - efi/x86/Add missing error handling to old_memmap 1:1 mapping code

  * CVE-2019-19039 // CVE-2019-19377
    - btrfs: sink flush_fn to extent_write_cache_pages
    - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up
    - btrfs: Don't submit any btree write bio if the fs has errors

  * CVE-2019-19036
    - btrfs: volumes: Use more straightforward way to calculate map length
    - btrfs: tree-checker: Try to detect missing INODE_ITEM
    - Btrfs: tree-checker: detect file extent items with overlapping ranges
    - Btrfs: make tree checker detect checksum items with overlapping ranges
    - btrfs: harden agaist duplicate fsid on scanned devices
    - Btrfs: fix missing data checksums after replaying a log tree
    - btrfs: reloc: fix reloc root leak and NULL pointer dereference
    - btrfs: Validate child tree block's level and first key
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree

  * CVE-2019-19318
    - btrfs: tree-checker: Replace root parameter with fs_info
    - btrfs: tree-checker: Check level for leaves and nodes
    - btrfs: tree-checker: get fs_info from eb in generic_err
    - btrfs: tree-checker: get fs_info from eb in file_extent_err
    - btrfs: tree-checker: get fs_info from eb in check_csum_item
    - btrfs: tree-checker: get fs_info from eb in dir_item_err
    - btrfs: tree-checker: get fs_info from eb in check_dir_item
    - btrfs: tree-checker: get fs_info from eb in block_group_err
    - btrfs: tree-checker: get fs_info from eb in check_block_group_item
    - btrfs: tree-checker: get fs_info from eb in check_extent_data_item
    - btrfs: tree-checker: get fs_info from eb in check_leaf_item
    - btrfs: tree-checker: get fs_info from eb in check_leaf
    - btrfs: tree-checker: get fs_info from eb in chunk_err
    - btrfs: tree-checker: get fs_info from eb in dev_item_err
    - btrfs: tree-checker: get fs_info from eb in check_dev_item
    - btrfs: tree-checker: get fs_info from eb in check_inode_item
    - btrfs: tree-checker: Add ROOT_ITEM check
    - btrfs: tree-checker: Add EXTENT_ITEM and METADATA_ITEM check
    - btrfs: tree-checker: Add simple keyed refs check
    - btrfs: tree-checker: Add EXTENT_DATA_REF check
    - btrfs: tree-checker: Fix wrong check on max devid
    - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes

  * CVE-2019-19813 // CVE-2019-19816
    - btrfs: Refactor parameter of BTRFS_MAX_DEVS() from root to fs_info
    - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it
    - btrfs: tree-checker: Make chunk item checker messages more readable
    - btrfs...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers