Xenial update: v4.4.238 upstream stable release

Bug #1899506 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v4.4.238 upstream stable release
       from git://git.kernel.org/

af_key: pfkey_dump needs parameter validation
KVM: fix memory leak in kvm_io_bus_unregister_dev()
kprobes: fix kill kprobe which has been marked as gone
ftrace: Setup correct FTRACE_FL_REGS flags for module
RDMA/ucma: ucma_context reference leak in error path
mtd: Fix comparison in map_word_andequal()
hdlc_ppp: add range checks in ppp_cp_parse_cr()
tipc: use skb_unshare() instead in tipc_buf_append()
net: add __must_check to skb_put_padto()
ip: fix tos reflection in ack and reset packets
serial: 8250: Avoid error message on reprobe
scsi: aacraid: fix illegal IO beyond last LBA
m68k: q40: Fix info-leak in rtc_ioctl
gma/gma500: fix a memory disclosure bug due to uninitialized bytes
ASoC: kirkwood: fix IRQ error handling
PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup()
mfd: mfd-core: Protect against NULL call-back function pointer
tracing: Adding NULL checks for trace_array descriptor pointer
bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
xfs: fix attr leaf header freemap.size underflow
kernel/sys.c: avoid copying possible padding bytes in copy_to_user
neigh_stat_seq_next() should increase position index
rt_cpu_seq_next should increase position index
seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
ACPI: EC: Reference count query handlers under lock
tracing: Set kernel_stack's caller size properly
ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
Bluetooth: Fix refcount use-after-free issue
mm: pagewalk: fix termination condition in walk_pte_range()
Bluetooth: prefetch channel before killing sock
skbuff: fix a data race in skb_queue_len()
audit: CONFIG_CHANGE don't log internal bookkeeping as an event
selinux: sel_avc_get_stat_idx should increase position index
scsi: lpfc: Fix RQ buffer leakage when no IOCBs available
drm/omap: fix possible object reference leak
dmaengine: tegra-apb: Prevent race conditions on channel's freeing
media: go7007: Fix URB type for interrupt handling
Bluetooth: guard against controllers sending zero'd events
drm/amdgpu: increase atombios cmd timeout
Bluetooth: L2CAP: handle l2cap config request during open state
media: tda10071: fix unsigned sign extension overflow
tpm: ibmvtpm: Wait for buffer to be set before proceeding
tracing: Use address-of operator on section symbols
serial: 8250_omap: Fix sleeping function called from invalid context during probe
SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor
mm/filemap.c: clear page error before actual read
mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
bdev: Reduce time holding bd_mutex in sync in blkdev_close()
drivers: char: tlclk.c: Avoid data race between init and interrupt handler
dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion
atm: fix a memory leak of vcc->user_back
phy: samsung: s5pv210-usb2: Add delay after reset
Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
tty: serial: samsung: Correct clock selection logic
ALSA: hda: Fix potential race in unsol event handler
fuse: don't check refcount after stealing page
USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
e1000: Do not perform reset in reset_task if we are already down
printk: handle blank console arguments passed in.
vfio/pci: fix memory leaks of eventfd ctx
perf kcore_copy: Fix module map when there are no modules loaded
mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
ceph: fix potential race in ceph_check_caps
mtd: parser: cmdline: Support MTD names containing one or more colons
x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
vfio/pci: Clear error and request eventfd ctx after releasing
vfio/pci: fix racy on error and request eventfd ctx
s390/init: add missing __init annotations
batman-adv: bla: fix type misuse for backbone_gw hash indexing
atm: eni: fix the missed pci_disable_device() for eni_init_one()
batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
ALSA: asihpi: fix iounmap in error handler
MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
tty: vt, consw->con_scrolldelta cleanup
kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
lib/string.c: implement stpcpy
ata: define AC_ERR_OK
ata: make qc_prep return ata_completion_errors
ata: sata_mv, avoid trigerrable BUG_ON
Linux 4.4.238
UBUNTU: upstream stable to v4.4.238

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Stefan Bader (smb)
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
importance: Undecided → Medium
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (20.5 KiB)

This bug was fixed in the package linux - 4.4.0-197.229

---------------
linux (4.4.0-197.229) xenial; urgency=medium

  * xenial/linux: 4.4.0-197.229 -proposed tracker (LP: #1905489)

  * sha1_ce and sha2_ce modules no longer load on arm64 (LP: #1905336)
    - SAUCE: Revert "crypto: arm64/sha - avoid non-standard inline asm tricks"

  * Fails to build on powerpc (LP: #1905475)
    - powerpc/uaccess-flush: fix corenet64_smp_defconfig build
    - SAUCE: powerpc/uaccess: only include kup-radix.h on PPC_BOOK3S_64

linux (4.4.0-196.228) xenial; urgency=medium

  * xenial/linux: 4.4.0-196.228 -proposed tracker (LP: #1905309)

  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

linux (4.4.0-195.227) xenial; urgency=medium

  * xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)

  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

  * Xenial update: v4.4.241 upstream stable release (LP: #1902097)
    - ibmveth: Identify ingress large send packets.
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - net/ipv4: always honour route mtu during forwarding
    - r8169: fix data corruption issue on RTL8402
    - ALSA: bebob: potential info leak in hwdep_read()
    - mm/kasan: print name of mem[set,cpy,move]() caller in report
    - mm/kasan: add API to check memory regions
    - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
    - compiler.h: Add read_word_at_a_time() function.
    - lib/strscpy: Shut up KASAN false-positives in strscpy()
    - x86/mm/ptdump: Fix soft lockup in page table walker
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - cifs: remove bogus debug code
    - ima: Don't ignore errors from crypto_shash_update()
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
 ...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers