Focal update: v5.4.62 upstream stable release

Bug #1895174 reported by Kamal Mostafa on 2020-09-10
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Focal
Undecided
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.62 upstream stable release
       from git://git.kernel.org/

binfmt_flat: revert "binfmt_flat: don't offset the data start"
gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
net: Fix potential wrong skb->protocol in skb_vlan_untag()
net: nexthop: don't allow empty NHA_GROUP
net: qrtr: fix usage of idr in port assignment to socket
net: sctp: Fix negotiation of the number of data streams.
net/smc: Prevent kernel-infoleak in __smc_diag_dump()
tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
net: ena: Make missed_tx stat incremental
net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow
ipvlan: fix device features
ALSA: pci: delete repeated words in comments
ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged
ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt
ASoC: img-parallel-out: Fix a reference count leak
ASoC: tegra: Fix reference count leaks.
mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs
arm64: dts: qcom: msm8916: Pull down PDM GPIOs during sleep
powerpc/xive: Ignore kmemleak false positives
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq()
blktrace: ensure our debugfs dir exists
scsi: target: tcmu: Fix crash on ARM during cmd completion
mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs
iommu/iova: Don't BUG on invalid PFNs
drm/amdkfd: Fix reference count leaks.
drm/radeon: fix multiple reference count leak
drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms
drm/amd/display: fix ref count leak in amdgpu_drm_ioctl
drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
scsi: lpfc: Fix shost refcount mismatch when deleting vport
xfs: Don't allow logging of XFS_ISTALE inodes
scsi: target: Fix xcopy sess release leak
selftests/powerpc: Purge extra count_pmc() calls of ebb selftests
f2fs: fix error path in do_recover_data()
omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
PCI: Fix pci_create_slot() reference count leak
ARM: dts: ls1021a: output PPS signal on FIPER2
rtlwifi: rtl8192cu: Prevent leaking urb
mips/vdso: Fix resource leaks in genvdso.c
cec-api: prevent leaking memory through hole in structure
HID: quirks: add NOGET quirk for Logitech GROUP
f2fs: fix use-after-free issue
drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
drm/nouveau: Fix reference count leak in nouveau_connector_detect
locking/lockdep: Fix overflow in presentation of average lock-time
btrfs: file: reserve qgroup space after the hole punch range is locked
btrfs: make btrfs_qgroup_check_reserved_leak take btrfs_inode
scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
ceph: fix potential mdsc use-after-free crash
ceph: do not access the kiocb after aio requests
scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
EDAC/ie31200: Fallback if host bridge device is already initialized
hugetlbfs: prevent filesystem stacking of hugetlbfs
media: davinci: vpif_capture: fix potential double free
KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
powerpc/spufs: add CONFIG_COREDUMP dependency
USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
brcmfmac: Set timeout value when configuring power save
efi: provide empty efi_enter_virtual_mode implementation
arm64: Fix __cpu_logical_map undefined issue
Revert "ath10k: fix DMA related firmware crashes on multiple devices"
sched/uclamp: Protect uclamp fast path code with static key
sched/uclamp: Fix a deadlock when enabling uclamp static key
usb: cdns3: gadget: always zeroed TRB buffer when enable endpoint
PM / devfreq: rk3399_dmc: Add missing of_node_put()
PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails
PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent
drm/xen: fix passing zero to 'PTR_ERR' warning
drm/xen-front: Fix misused IS_ERR_OR_NULL checks
s390/numa: set node distance to LOCAL_DISTANCE
btrfs: factor out inode items copy loop from btrfs_log_inode()
btrfs: only commit the delayed inode when doing a full fsync
btrfs: only commit delayed items at fsync if we are logging a directory
mm/shuffle: don't move pages between zones and don't read garbage memmaps
mm: fix kthread_use_mm() vs TLB invalidate
mm/cma.c: switch to bitmap_zalloc() for cma bitmap allocation
cma: don't quit at first error when activating reserved areas
gpu/drm: ingenic: Use the plane's src_[x,y] to configure DMA length
drm/ingenic: Fix incorrect assumption about plane->index
drm/amd/display: Trigger modesets on MST DSC connectors
drm/amd/display: Add additional config guards for DCN
drm/amd/display: Fix dmesg warning from setting abm level
mm/vunmap: add cond_resched() in vunmap_pmd_range
EDAC: sb_edac: get rid of unused vars
EDAC: skx_common: get rid of unused type var
EDAC/{i7core,sb,pnd2,skx}: Fix error event severity
PCI: qcom: Add missing ipq806x clocks in PCIe driver
PCI: qcom: Change duplicate PCI reset to phy reset
PCI: qcom: Add missing reset for ipq806x
cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode
ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1)
media: gpio-ir-tx: improve precision of transmitted signal due to scheduling
block: respect queue limit of max discard segment
block: virtio_blk: fix handling single range discard request
drm/msm/adreno: fix updating ring fence
block: Fix page_is_mergeable() for compound pages
bfq: fix blkio cgroup leakage v4
hwmon: (nct7904) Correct divide by 0
blk-mq: insert request not through ->queue_rq into sw/scheduler queue
blkcg: fix memleak for iolatency
nvme-fc: Fix wrong return value in __nvme_fc_init_request()
nvme: multipath: round-robin: fix single non-optimized path case
null_blk: fix passing of REQ_FUA flag in null_handle_rq
i2c: core: Don't fail PRP0001 enumeration when no ID table exist
i2c: rcar: in slave mode, clear NACK earlier
usb: gadget: f_tcm: Fix some resource leaks in some error paths
spi: stm32: clear only asserted irq flags on interrupt
jbd2: make sure jh have b_transaction set in refile/unfile_buffer
ext4: don't BUG on inconsistent journal feature
ext4: handle read only external journal device
jbd2: abort journal if free a async write error metadata buffer
ext4: handle option set by mount flags correctly
ext4: handle error of ext4_setup_system_zone() on remount
ext4: correctly restore system zone info when remount fails
fs: prevent BUG_ON in submit_bh_wbc()
spi: stm32h7: fix race condition at end of transfer
spi: stm32: fix fifo threshold level in case of short transfer
spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate
spi: stm32: always perform registers configuration prior to transfer
drm/amd/powerplay: correct Vega20 cached smu feature state
drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading
drm/amd/display: Switch to immediate mode for updating infopackets
netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency
can: j1939: transport: j1939_xtp_rx_dat_one(): compare own packets to detect corruptions
ALSA: hda/realtek: Add model alc298-samsung-headphone
s390/cio: add cond_resched() in the slow_eval_known_fn() loop
ASoC: wm8994: Avoid attempts to read unreadable registers
selftests: disable rp_filter for icmp_redirect.sh
scsi: fcoe: Fix I/O path allocation
scsi: ufs: Fix possible infinite loop in ufshcd_hold
scsi: ufs: Improve interrupt handling for shared interrupts
scsi: ufs: Clean up completed request without interrupt notification
scsi: qla2xxx: Fix login timeout
scsi: qla2xxx: Check if FW supports MQ before enabling
scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
macvlan: validate setting of multiple remote source MAC addresses
net: gianfar: Add of_node_put() before goto statement
powerpc/perf: Fix soft lockups due to missed interrupt accounting
arm64: Move handling of erratum 1418040 into C code
arm64: Allow booting of late CPUs affected by erratum 1418040
block: fix get_max_io_size()
block: loop: set discard granularity and alignment for block device backed loop
HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands
blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART
btrfs: reset compression level for lzo on remount
btrfs: check the right error variable in btrfs_del_dir_entries_in_log
btrfs: fix space cache memory leak after transaction abort
btrfs: detect nocow for swap after snapshot delete
fbcon: prevent user font height or width change from causing potential out-of-bounds access
USB: lvtest: return proper error code in probe
vt: defer kfree() of vc_screenbuf in vc_do_resize()
vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
serial: samsung: Removes the IRQ not found warning
serial: pl011: Fix oops on -EPROBE_DEFER
serial: pl011: Don't leak amba_ports entry on driver register error
serial: stm32: avoid kernel warning on absence of optional IRQ
serial: 8250_exar: Fix number of ports for Commtech PCIe cards
serial: 8250: change lock order in serial8250_do_startup()
writeback: Protect inode->i_io_list with inode->i_lock
writeback: Avoid skipping inode writeback
writeback: Fix sync livelock due to b_dirty_time processing
XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information.
usb: host: xhci: fix ep context print mismatch in debugfs
xhci: Do warm-reset when both CAS and XDEV_RESUME are set
xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed
ARM64: vdso32: Install vdso32 from vdso_install
arm64: vdso32: make vdso32 install conditional
PM: sleep: core: Fix the handling of pending runtime resume requests
powerpc/perf: Fix crashes with generic_compat_pmu & BHRB
device property: Fix the secondary firmware node handling in set_primary_fwnode()
crypto: af_alg - Work around empty control messages without MSG_MORE
genirq/matrix: Deal with the sillyness of for_each_cpu() on UP
irqchip/stm32-exti: Avoid losing interrupts due to clearing pending bits by mistake
x86/hotplug: Silence APIC only after all interrupts are migrated
drm/amdgpu: Fix buffer overflow in INFO ioctl
drm/amdgpu/gfx10: refine mgcg setting
drm/amd/powerplay: Fix hardmins not being sent to SMU for RV
drm/amd/pm: correct Vega10 swctf limit setting
drm/amd/pm: correct Vega12 swctf limit setting
drm/amd/pm: correct Vega20 swctf limit setting
drm/amd/pm: correct the thermal alert temperature limit settings
USB: yurex: Fix bad gfp argument
usb: uas: Add quirk for PNY Pro Elite
USB: quirks: Add no-lpm quirk for another Raydium touchscreen
USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge
usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe()
USB: gadget: u_f: add overflow checks to VLA macros
USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb()
USB: gadget: u_f: Unbreak offset calculation in VLAs
USB: cdc-acm: rework notification_buffer resizing
usb: storage: Add unusual_uas entry for Sony PSZ drives
drm/i915: Fix cmd parser desc matching with masks
usb: dwc3: gadget: Don't setup more than requested
usb: dwc3: gadget: Fix handling ZLP
usb: dwc3: gadget: Handle ZLP for sg requests
fbmem: pull fbcon_update_vcs() out of fb_set_var()
kheaders: remove unneeded 'cat' command piped to 'head' / 'tail'
kheaders: optimize md5sum calculation for in-tree builds
kheaders: optimize header copy for in-tree builds
kheaders: remove the last bashism to allow sh to run it
kheaders: explain why include/config/autoconf.h is excluded from md5sum
kbuild: add variables for compression tools
kbuild: fix broken builds because of GZIP,BZIP2,LZOP variables
HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
ALSA: usb-audio: Update documentation comment for MS2109 quirk
io_uring: Fix NULL pointer dereference in io_sq_wq_submit_work()
Linux 5.4.62
UBUNTU: upstream stable to v5.4.62

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Focal):
status: New → In Progress
description: updated
Changed in linux (Ubuntu Focal):
assignee: nobody → Kamal Mostafa (kamalmostafa)
Kamal Mostafa (kamalmostafa) wrote :

Also includes "ARM64: vdso32: Install vdso32 from vdso_install", deferred from the previous patch set; this patch set supplies its fixer "arm64: vdso32: make vdso32 install conditional".

Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (31.2 KiB)

This bug was fixed in the package linux - 5.4.0-51.56

---------------
linux (5.4.0-51.56) focal; urgency=medium

  * Packaging resync (LP: #1786013)
    - update dkms package versions

linux (5.4.0-50.55) focal; urgency=medium

  * CVE-2020-16119
    - SAUCE: dccp: avoid double free of ccid on child socket

  * CVE-2020-16120
    - Revert "UBUNTU: SAUCE: overlayfs: ensure mounter privileges when reading
      directories"
    - ovl: pass correct flags for opening real directory
    - ovl: switch to mounter creds in readdir
    - ovl: verify permissions in ovl_path_open()
    - ovl: call secutiry hook in ovl_real_ioctl()
    - ovl: check permission to open real file

linux (5.4.0-49.53) focal; urgency=medium

  * focal/linux: 5.4.0-49.53 -proposed tracker (LP: #1896007)

  * Comet Lake PCH-H RAID not support on Ubuntu20.04 (LP: #1892288)
    - ahci: Add Intel Comet Lake PCH-H PCI ID

  * Novalink (mkvterm command failure) (LP: #1892546)
    - tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup()

  * Oops and hang when starting LVM snapshots on 5.4.0-47 (LP: #1894780)
    - SAUCE: Revert "mm: memcg/slab: fix memory leak at non-root kmem_cache
      destroy"

  * Intel x710 LOMs do not work on Focal (LP: #1893956)
    - i40e: Fix LED blinking flow for X710T*L devices
    - i40e: enable X710 support

  * Add/Backport EPYC-v3 and EPYC-Rome CPU model (LP: #1887490)
    - kvm: svm: Update svm_xsaves_supported

  * Fix non-working NVMe after S3 (LP: #1895718)
    - SAUCE: PCI: Enable ACS quirk on CML root port

  * Focal update: v5.4.65 upstream stable release (LP: #1895881)
    - ipv4: Silence suspicious RCU usage warning
    - ipv6: Fix sysctl max for fib_multipath_hash_policy
    - netlabel: fix problems with mapping removal
    - net: usb: dm9601: Add USB ID of Keenetic Plus DSL
    - sctp: not disable bh in the whole sctp_get_port_local()
    - taprio: Fix using wrong queues in gate mask
    - tipc: fix shutdown() of connectionless socket
    - net: disable netpoll on fresh napis
    - Linux 5.4.65

  * Focal update: v5.4.64 upstream stable release (LP: #1895880)
    - HID: quirks: Always poll three more Lenovo PixArt mice
    - drm/msm/dpu: Fix scale params in plane validation
    - tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup
    - drm/msm: add shutdown support for display platform_driver
    - hwmon: (applesmc) check status earlier.
    - nvmet: Disable keep-alive timer when kato is cleared to 0h
    - drm/msm: enable vblank during atomic commits
    - habanalabs: validate FW file size
    - habanalabs: check correct vmalloc return code
    - drm/msm/a6xx: fix gmu start on newer firmware
    - ceph: don't allow setlease on cephfs
    - drm/omap: fix incorrect lock state
    - cpuidle: Fixup IRQ state
    - nbd: restore default timeout when setting it to zero
    - s390: don't trace preemption in percpu macros
    - drm/amd/display: Reject overlay plane configurations in multi-display
      scenarios
    - drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in
      amdgpu_dm_update_backlight_caps
    - drm/amd/display: Retry AUX write when fail occurs
    - drm/amd/display: Fix memleak in amdg...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers