Focal update: v5.4.62 upstream stable release

Bug #1895174 reported by Kamal Mostafa on 2020-09-10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.62 upstream stable release
       from git://

binfmt_flat: revert "binfmt_flat: don't offset the data start"
gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
net: Fix potential wrong skb->protocol in skb_vlan_untag()
net: nexthop: don't allow empty NHA_GROUP
net: qrtr: fix usage of idr in port assignment to socket
net: sctp: Fix negotiation of the number of data streams.
net/smc: Prevent kernel-infoleak in __smc_diag_dump()
tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
net: ena: Make missed_tx stat incremental
net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow
ipvlan: fix device features
ALSA: pci: delete repeated words in comments
ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged
ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt
ASoC: img-parallel-out: Fix a reference count leak
ASoC: tegra: Fix reference count leaks.
mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs
arm64: dts: qcom: msm8916: Pull down PDM GPIOs during sleep
powerpc/xive: Ignore kmemleak false positives
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq()
blktrace: ensure our debugfs dir exists
scsi: target: tcmu: Fix crash on ARM during cmd completion
mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs
iommu/iova: Don't BUG on invalid PFNs
drm/amdkfd: Fix reference count leaks.
drm/radeon: fix multiple reference count leak
drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms
drm/amd/display: fix ref count leak in amdgpu_drm_ioctl
drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
scsi: lpfc: Fix shost refcount mismatch when deleting vport
xfs: Don't allow logging of XFS_ISTALE inodes
scsi: target: Fix xcopy sess release leak
selftests/powerpc: Purge extra count_pmc() calls of ebb selftests
f2fs: fix error path in do_recover_data()
omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
PCI: Fix pci_create_slot() reference count leak
ARM: dts: ls1021a: output PPS signal on FIPER2
rtlwifi: rtl8192cu: Prevent leaking urb
mips/vdso: Fix resource leaks in genvdso.c
cec-api: prevent leaking memory through hole in structure
HID: quirks: add NOGET quirk for Logitech GROUP
f2fs: fix use-after-free issue
drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
drm/nouveau: Fix reference count leak in nouveau_connector_detect
locking/lockdep: Fix overflow in presentation of average lock-time
btrfs: file: reserve qgroup space after the hole punch range is locked
btrfs: make btrfs_qgroup_check_reserved_leak take btrfs_inode
scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
ceph: fix potential mdsc use-after-free crash
ceph: do not access the kiocb after aio requests
scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
EDAC/ie31200: Fallback if host bridge device is already initialized
hugetlbfs: prevent filesystem stacking of hugetlbfs
media: davinci: vpif_capture: fix potential double free
KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
powerpc/spufs: add CONFIG_COREDUMP dependency
USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
brcmfmac: Set timeout value when configuring power save
efi: provide empty efi_enter_virtual_mode implementation
arm64: Fix __cpu_logical_map undefined issue
Revert "ath10k: fix DMA related firmware crashes on multiple devices"
sched/uclamp: Protect uclamp fast path code with static key
sched/uclamp: Fix a deadlock when enabling uclamp static key
usb: cdns3: gadget: always zeroed TRB buffer when enable endpoint
PM / devfreq: rk3399_dmc: Add missing of_node_put()
PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails
PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent
drm/xen: fix passing zero to 'PTR_ERR' warning
drm/xen-front: Fix misused IS_ERR_OR_NULL checks
s390/numa: set node distance to LOCAL_DISTANCE
btrfs: factor out inode items copy loop from btrfs_log_inode()
btrfs: only commit the delayed inode when doing a full fsync
btrfs: only commit delayed items at fsync if we are logging a directory
mm/shuffle: don't move pages between zones and don't read garbage memmaps
mm: fix kthread_use_mm() vs TLB invalidate
mm/cma.c: switch to bitmap_zalloc() for cma bitmap allocation
cma: don't quit at first error when activating reserved areas
gpu/drm: ingenic: Use the plane's src_[x,y] to configure DMA length
drm/ingenic: Fix incorrect assumption about plane->index
drm/amd/display: Trigger modesets on MST DSC connectors
drm/amd/display: Add additional config guards for DCN
drm/amd/display: Fix dmesg warning from setting abm level
mm/vunmap: add cond_resched() in vunmap_pmd_range
EDAC: sb_edac: get rid of unused vars
EDAC: skx_common: get rid of unused type var
EDAC/{i7core,sb,pnd2,skx}: Fix error event severity
PCI: qcom: Add missing ipq806x clocks in PCIe driver
PCI: qcom: Change duplicate PCI reset to phy reset
PCI: qcom: Add missing reset for ipq806x
cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode
ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1)
media: gpio-ir-tx: improve precision of transmitted signal due to scheduling
block: respect queue limit of max discard segment
block: virtio_blk: fix handling single range discard request
drm/msm/adreno: fix updating ring fence
block: Fix page_is_mergeable() for compound pages
bfq: fix blkio cgroup leakage v4
hwmon: (nct7904) Correct divide by 0
blk-mq: insert request not through ->queue_rq into sw/scheduler queue
blkcg: fix memleak for iolatency
nvme-fc: Fix wrong return value in __nvme_fc_init_request()
nvme: multipath: round-robin: fix single non-optimized path case
null_blk: fix passing of REQ_FUA flag in null_handle_rq
i2c: core: Don't fail PRP0001 enumeration when no ID table exist
i2c: rcar: in slave mode, clear NACK earlier
usb: gadget: f_tcm: Fix some resource leaks in some error paths
spi: stm32: clear only asserted irq flags on interrupt
jbd2: make sure jh have b_transaction set in refile/unfile_buffer
ext4: don't BUG on inconsistent journal feature
ext4: handle read only external journal device
jbd2: abort journal if free a async write error metadata buffer
ext4: handle option set by mount flags correctly
ext4: handle error of ext4_setup_system_zone() on remount
ext4: correctly restore system zone info when remount fails
fs: prevent BUG_ON in submit_bh_wbc()
spi: stm32h7: fix race condition at end of transfer
spi: stm32: fix fifo threshold level in case of short transfer
spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate
spi: stm32: always perform registers configuration prior to transfer
drm/amd/powerplay: correct Vega20 cached smu feature state
drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading
drm/amd/display: Switch to immediate mode for updating infopackets
netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency
can: j1939: transport: j1939_xtp_rx_dat_one(): compare own packets to detect corruptions
ALSA: hda/realtek: Add model alc298-samsung-headphone
s390/cio: add cond_resched() in the slow_eval_known_fn() loop
ASoC: wm8994: Avoid attempts to read unreadable registers
selftests: disable rp_filter for
scsi: fcoe: Fix I/O path allocation
scsi: ufs: Fix possible infinite loop in ufshcd_hold
scsi: ufs: Improve interrupt handling for shared interrupts
scsi: ufs: Clean up completed request without interrupt notification
scsi: qla2xxx: Fix login timeout
scsi: qla2xxx: Check if FW supports MQ before enabling
scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
macvlan: validate setting of multiple remote source MAC addresses
net: gianfar: Add of_node_put() before goto statement
powerpc/perf: Fix soft lockups due to missed interrupt accounting
arm64: Move handling of erratum 1418040 into C code
arm64: Allow booting of late CPUs affected by erratum 1418040
block: fix get_max_io_size()
block: loop: set discard granularity and alignment for block device backed loop
HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands
blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART
btrfs: reset compression level for lzo on remount
btrfs: check the right error variable in btrfs_del_dir_entries_in_log
btrfs: fix space cache memory leak after transaction abort
btrfs: detect nocow for swap after snapshot delete
fbcon: prevent user font height or width change from causing potential out-of-bounds access
USB: lvtest: return proper error code in probe
vt: defer kfree() of vc_screenbuf in vc_do_resize()
vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
serial: samsung: Removes the IRQ not found warning
serial: pl011: Fix oops on -EPROBE_DEFER
serial: pl011: Don't leak amba_ports entry on driver register error
serial: stm32: avoid kernel warning on absence of optional IRQ
serial: 8250_exar: Fix number of ports for Commtech PCIe cards
serial: 8250: change lock order in serial8250_do_startup()
writeback: Protect inode->i_io_list with inode->i_lock
writeback: Avoid skipping inode writeback
writeback: Fix sync livelock due to b_dirty_time processing
XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information.
usb: host: xhci: fix ep context print mismatch in debugfs
xhci: Do warm-reset when both CAS and XDEV_RESUME are set
xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed
ARM64: vdso32: Install vdso32 from vdso_install
arm64: vdso32: make vdso32 install conditional
PM: sleep: core: Fix the handling of pending runtime resume requests
powerpc/perf: Fix crashes with generic_compat_pmu & BHRB
device property: Fix the secondary firmware node handling in set_primary_fwnode()
crypto: af_alg - Work around empty control messages without MSG_MORE
genirq/matrix: Deal with the sillyness of for_each_cpu() on UP
irqchip/stm32-exti: Avoid losing interrupts due to clearing pending bits by mistake
x86/hotplug: Silence APIC only after all interrupts are migrated
drm/amdgpu: Fix buffer overflow in INFO ioctl
drm/amdgpu/gfx10: refine mgcg setting
drm/amd/powerplay: Fix hardmins not being sent to SMU for RV
drm/amd/pm: correct Vega10 swctf limit setting
drm/amd/pm: correct Vega12 swctf limit setting
drm/amd/pm: correct Vega20 swctf limit setting
drm/amd/pm: correct the thermal alert temperature limit settings
USB: yurex: Fix bad gfp argument
usb: uas: Add quirk for PNY Pro Elite
USB: quirks: Add no-lpm quirk for another Raydium touchscreen
USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge
usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe()
USB: gadget: u_f: add overflow checks to VLA macros
USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb()
USB: gadget: u_f: Unbreak offset calculation in VLAs
USB: cdc-acm: rework notification_buffer resizing
usb: storage: Add unusual_uas entry for Sony PSZ drives
drm/i915: Fix cmd parser desc matching with masks
usb: dwc3: gadget: Don't setup more than requested
usb: dwc3: gadget: Fix handling ZLP
usb: dwc3: gadget: Handle ZLP for sg requests
fbmem: pull fbcon_update_vcs() out of fb_set_var()
kheaders: remove unneeded 'cat' command piped to 'head' / 'tail'
kheaders: optimize md5sum calculation for in-tree builds
kheaders: optimize header copy for in-tree builds
kheaders: remove the last bashism to allow sh to run it
kheaders: explain why include/config/autoconf.h is excluded from md5sum
kbuild: add variables for compression tools
kbuild: fix broken builds because of GZIP,BZIP2,LZOP variables
HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
ALSA: usb-audio: Update documentation comment for MS2109 quirk
io_uring: Fix NULL pointer dereference in io_sq_wq_submit_work()
Linux 5.4.62
UBUNTU: upstream stable to v5.4.62

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Focal):
status: New → In Progress
description: updated
Changed in linux (Ubuntu Focal):
assignee: nobody → Kamal Mostafa (kamalmostafa)
Kamal Mostafa (kamalmostafa) wrote :

Also includes "ARM64: vdso32: Install vdso32 from vdso_install", deferred from the previous patch set; this patch set supplies its fixer "arm64: vdso32: make vdso32 install conditional".

Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (31.2 KiB)

This bug was fixed in the package linux - 5.4.0-51.56

linux (5.4.0-51.56) focal; urgency=medium

  * Packaging resync (LP: #1786013)
    - update dkms package versions

linux (5.4.0-50.55) focal; urgency=medium

  * CVE-2020-16119
    - SAUCE: dccp: avoid double free of ccid on child socket

  * CVE-2020-16120
    - Revert "UBUNTU: SAUCE: overlayfs: ensure mounter privileges when reading
    - ovl: pass correct flags for opening real directory
    - ovl: switch to mounter creds in readdir
    - ovl: verify permissions in ovl_path_open()
    - ovl: call secutiry hook in ovl_real_ioctl()
    - ovl: check permission to open real file

linux (5.4.0-49.53) focal; urgency=medium

  * focal/linux: 5.4.0-49.53 -proposed tracker (LP: #1896007)

  * Comet Lake PCH-H RAID not support on Ubuntu20.04 (LP: #1892288)
    - ahci: Add Intel Comet Lake PCH-H PCI ID

  * Novalink (mkvterm command failure) (LP: #1892546)
    - tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup()

  * Oops and hang when starting LVM snapshots on 5.4.0-47 (LP: #1894780)
    - SAUCE: Revert "mm: memcg/slab: fix memory leak at non-root kmem_cache

  * Intel x710 LOMs do not work on Focal (LP: #1893956)
    - i40e: Fix LED blinking flow for X710T*L devices
    - i40e: enable X710 support

  * Add/Backport EPYC-v3 and EPYC-Rome CPU model (LP: #1887490)
    - kvm: svm: Update svm_xsaves_supported

  * Fix non-working NVMe after S3 (LP: #1895718)
    - SAUCE: PCI: Enable ACS quirk on CML root port

  * Focal update: v5.4.65 upstream stable release (LP: #1895881)
    - ipv4: Silence suspicious RCU usage warning
    - ipv6: Fix sysctl max for fib_multipath_hash_policy
    - netlabel: fix problems with mapping removal
    - net: usb: dm9601: Add USB ID of Keenetic Plus DSL
    - sctp: not disable bh in the whole sctp_get_port_local()
    - taprio: Fix using wrong queues in gate mask
    - tipc: fix shutdown() of connectionless socket
    - net: disable netpoll on fresh napis
    - Linux 5.4.65

  * Focal update: v5.4.64 upstream stable release (LP: #1895880)
    - HID: quirks: Always poll three more Lenovo PixArt mice
    - drm/msm/dpu: Fix scale params in plane validation
    - tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup
    - drm/msm: add shutdown support for display platform_driver
    - hwmon: (applesmc) check status earlier.
    - nvmet: Disable keep-alive timer when kato is cleared to 0h
    - drm/msm: enable vblank during atomic commits
    - habanalabs: validate FW file size
    - habanalabs: check correct vmalloc return code
    - drm/msm/a6xx: fix gmu start on newer firmware
    - ceph: don't allow setlease on cephfs
    - drm/omap: fix incorrect lock state
    - cpuidle: Fixup IRQ state
    - nbd: restore default timeout when setting it to zero
    - s390: don't trace preemption in percpu macros
    - drm/amd/display: Reject overlay plane configurations in multi-display
    - drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in
    - drm/amd/display: Retry AUX write when fail occurs
    - drm/amd/display: Fix memleak in amdg...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers