This bug was fixed in the package linux - 4.4.0-121.145 --------------- linux (4.4.0-121.145) xenial; urgency=medium * linux: 4.4.0-121.145 -proposed tracker (LP: #1763687) * Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644) - [Config] arm64: disable BPF_JIT_ALWAYS_ON linux (4.4.0-120.144) xenial; urgency=medium * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438) * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux- image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel) - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current thread" - x86/speculation: Use Indirect Branch Prediction Barrier in context switch * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876) - [Packaging] include the retpoline extractor in the headers * retpoline hints: primary infrastructure and initial hints (LP: #1758856) - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches - x86/speculation, objtool: Annotate indirect calls/jumps for objtool - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit - x86/paravirt, objtool: Annotate indirect calls - x86/asm: Stop depending on ptrace.h in alternative.h - [Packaging] retpoline -- add safe usage hint support - [Packaging] retpoline-check -- only report additions - [Packaging] retpoline -- widen indirect call/jmp detection - [Packaging] retpoline -- elide %rip relative indirections - [Packaging] retpoline -- clear hint information from packages - SAUCE: modpost: add discard to non-allocatable whitelist - KVM: x86: Make indirect calls in emulator speculation safe - KVM: VMX: Make indirect call speculation safe - x86/boot, objtool: Annotate indirect jump in secondary_startup_64() - SAUCE: early/late -- annotate indirect calls in early/late initialisation code - SAUCE: vga_set_mode -- avoid jump tables - [Config] retpoline -- switch to new format - [Packaging] final-checks -- remove check for empty retpoline files * Xenial update to 4.4.117 stable release (LP: #1756860) - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports - PM / devfreq: Propagate error from devfreq_add_device() - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property - arm: spear600: Add missing interrupt-parent of rtc - arm: spear13xx: Fix dmas cells - arm: spear13xx: Fix spics gpio controller's warning - ALSA: seq: Fix regression by incorrect ioctl_mutex usages - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods - x86/cpu: Change type of x86_cache_size variable to unsigned int - drm/radeon: adjust tested variable - rtc-opal: Fix handling of firmware error codes, prevent busy loops - ext4: save error to disk in __ext4_grp_locked_error() - ext4: correct documentation for grpid mount option - mm: hide a #warning for COMPILE_TEST - video: fbdev: atmel_lcdfb: fix display-timings lookup - console/dummy: leave .con_font_get set to NULL - rtlwifi: rtl8821ae: Fix connection lost problem correctly - Btrfs: fix deadlock in run_delalloc_nocow - Btrfs: fix crash due to not cleaning up tree log block's dirty bits - Btrfs: fix unexpected -EEXIST when creating new inode - ALSA: hda - Fix headset mic detection problem for two Dell machines - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7 - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 - ALSA: seq: Fix racy pool initializations - mvpp2: fix multicast address filter - dm: correctly handle chained bios in dec_pending() - x86: fix build warnign with 32-bit PAE - vfs: don't do RCU lookup of empty pathnames - ARM: pxa/tosa-bt: add MODULE_LICENSE tag - ARM: dts: s5pv210: add interrupt-parent for ohci - media: r820t: fix r820t_write_reg for KASAN - Linux 4.4.117 * zfs system process hung on container stop/delete (LP: #1754584) - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu19 - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584) * apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471) - SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized * Xenial update to 4.4.116 stable release (LP: #1756121) - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le - powerpc/64: Fix flush_(d|i)cache_range() called from modules - powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC - powerpc: Simplify module TOC handling - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit - usbip: fix 3eee23c3ec14 tcp_socket address still in the status file - net: cdc_ncm: initialize drvflags before usage - ASoC: simple-card: Fix misleading error message - ASoC: rsnd: don't call free_irq() on Parent SSI - ASoC: rsnd: avoid duplicate free_irq() - drm: rcar-du: Use the VBK interrupt for vblank events - drm: rcar-du: Fix race condition when disabling planes at CRTC stop - x86/asm: Fix inline asm call constraints for GCC 4.4 - ip6mr: fix stale iterator - net: igmp: add a missing rcu locking section - qlcnic: fix deadlock bug - r8169: fix RTL8168EP take too long to complete driver initialization. - tcp: release sk_frag.page in tcp_disconnect - vhost_net: stop device during reset owner - media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - KEYS: encrypted: fix buffer overread in valid_master_desc() - don't put symlink bodies in pagecache into highmem - crypto: tcrypt - fix S/G table for test_aead_speed() - x86/microcode: Do the family check first - powerpc/pseries: include linux/types.h in asm/hvcall.h - cifs: Fix missing put_xid in cifs_file_strict_mmap - cifs: Fix autonegotiate security settings mismatch - CIFS: zero sensitive data when freeing - dmaengine: dmatest: fix container_of member in dmatest_callback - x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER - kaiser: fix compile error without vsyscall - netfilter: nf_queue: Make the queue_handler pernet - posix-timer: Properly check sigevent->sigev_notify - usb: gadget: uvc: Missing files for configfs interface - sched/rt: Use container_of() to get root domain in rto_push_irq_work_func() - sched/rt: Up the root domain ref count when passing it around via IPIs - media: dvb-usb-v2: lmedm04: Improve logic checking of warm start - media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner - mtd: cfi: convert inline functions to macros - mtd: nand: brcmnand: Disable prefetch by default - mtd: nand: Fix nand_do_read_oob() return value - mtd: nand: sunxi: Fix ECC strength choice - ubi: block: Fix locking for idr_alloc/idr_remove - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds - NFS: Add a cond_resched() to nfs_commit_release_pages() - NFS: commit direct writes even if they fail partially - NFS: reject request for id_legacy key without auxdata - kernfs: fix regression in kernfs_fop_write caused by wrong type - ahci: Annotate PCI ids for mobile Intel chipsets as such - ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI - ahci: Add Intel Cannon Lake PCH-H PCI ID - crypto: hash - introduce crypto_hash_alg_has_setkey() - crypto: cryptd - pass through absence of ->setkey() - crypto: poly1305 - remove ->setkey() method - nsfs: mark dentry with DCACHE_RCUACCESS - media: v4l2-ioctl.c: don't copy back the result for -ENOTTY - vb2: V4L2_BUF_FLAG_DONE is set after DQBUF - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF - media: v4l2-compat-ioctl32.c: fix the indentation - media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 - media: v4l2-compat-ioctl32.c: avoid sizeof(type) - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic - crypto: caam - fix endless loop when DECO acquire fails - arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 - watchdog: imx2_wdt: restore previous timeout after suspend+resume - media: ts2020: avoid integer overflows on 32 bit machines - media: cxusb, dib0700: ignore XC2028_I2C_FLUSH - kernel/async.c: revert "async: simplify lowest_in_progress()" - HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working - Bluetooth: btsdio: Do not bind to non-removable BCM43341 - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten" version - signal/openrisc: Fix do_unaligned_access to send the proper signal - signal/sh: Ensure si_signo is initialized in do_divide_error - alpha: fix crash if pthread_create races with signal delivery - alpha: fix reboot on Avanti platform - xtensa: fix futex_atomic_cmpxchg_inatomic - EDAC, octeon: Fix an uninitialized variable warning - pktcdvd: Fix pkt_setup_dev() error path - btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker - ACPI: sbshc: remove raw pointer from printk() message - ovl: fix failure to fsync lower dir - mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy - ftrace: Remove incorrect setting of glob search field - Linux 4.4.116 * Xenial update to 4.4.116 stable release (LP: #1756121) // CVE-2017-5754 - Revert "UBUNTU: SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI" - Revert "UBUNTU: SAUCE: rfi-flush: Fix some RFI conversions in the KVM code" - Revert "UBUNTU: SAUCE: rfi-flush: Fix the 32-bit KVM build" - Revert "UBUNTU: SAUCE: rfi-flush: Fallback flush add load dependency" - Revert "UBUNTU: SAUCE: rfi-flush: Use rfi-flush in printks" - Revert "UBUNTU: SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options" - Revert "UBUNTU: SAUCE: rfi-flush: Refactor the macros so the nops are defined once" - Revert "UBUNTU: SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN" - Revert "UBUNTU: SAUCE: rfi-flush: Fix the fallback flush to actually activate" - Revert "UBUNTU: SAUCE: rfi-flush: Rework pseries logic to be more cautious" - Revert "UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious" - Revert "UBUNTU: SAUCE: rfi-flush: Add barriers to the fallback L1D flushing" - Revert "UBUNTU: SAUCE: Fix compilation errors for arch/powerpc/lib/feature- fixups.c" - Revert "UBUNTU: SAUCE: Remove setup.h include file otherwise compilation complains about missing header file." - Revert "UBUNTU: SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files" - Revert "UBUNTU: SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush" - Revert "UBUNTU: SAUCE: rfi-flush: Allow HV to advertise multiple flush types" - Revert "UBUNTU: SAUCE: rfi-flush: Support more than one flush type at once" - Revert "UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots" - Revert "UBUNTU: SAUCE: rfi-flush: Push the instruction selection down to the patching routine" - Revert "UBUNTU: SAUCE: rfi-flush: Make l1d_flush_type bit flags" - Revert "UBUNTU: SAUCE: rfi-flush: Implement congruence-first fallback flush" - Revert "UBUNTU: SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS" - Revert "UBUNTU: SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host" - Revert "UBUNTU: SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid" - Revert "UBUNTU: SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm" - Revert "UBUNTU: SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option" - Revert "UBUNTU: SAUCE: powerpc: Secure memory rfi flush" - powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper - powerpc/64: Add macros for annotating the destination of rfid/hrfid - powerpc/64s: Simple RFI macro conversions - powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL - powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL - powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL - powerpc/64s: Add support for RFI flush of L1-D cache - powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti - powerpc/pseries: Query hypervisor for RFI flush settings - powerpc/powernv: Check device-tree for RFI flush settings - powerpc/64s: Wire up cpu_show_meltdown() - powerpc/64s: Allow control of RFI flush via debugfs * Intel i40e PF reset due to incorrect MDD detection (continues...) (LP: #1723127) - i40e/i40evf: Account for frags split over multiple descriptors in check linearize - i40e/i40evf: Allow up to 12K bytes of data per Tx descriptor instead of 8K * Xenial update to 4.4.115 stable release (LP: #1755509) - x86: bpf_jit: small optimization in emit_bpf_tail_call() - bpf: fix bpf_tail_call() x64 JIT - [Config] CONFIG_BPF_JIT_ALWAYS_ON=y - bpf: introduce BPF_JIT_ALWAYS_ON config - bpf: arsh is not supported in 32 bit alu thus reject it - bpf: avoid false sharing of map refcount with max_entries - bpf: fix divides by zero - bpf: fix 32-bit divide by zero - bpf: reject stores into ctx via st and xadd - x86/pti: Make unpoison of pgd for trusted boot work for real - kaiser: fix intel_bts perf crashes - ALSA: seq: Make ioctls race-free - crypto: aesni - handle zero length dst buffer - crypto: af_alg - whitelist mask and type - power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE - mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE - igb: Free IRQs when device is hotplugged - KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure - KVM: x86: Don't re-execute instruction when not passing CR2 value - KVM: X86: Fix operand/address-size during instruction decoding - KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race - KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered - KVM: x86: ioapic: Preserve read-only values in the redirection table - ACPI / bus: Leave modalias empty for devices which are not present - cpufreq: Add Loongson machine dependencies - bcache: check return value of register_shrinker - drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode - drm/amdkfd: Fix SDMA ring buffer size calculation - drm/amdkfd: Fix SDMA oversubsription handling - openvswitch: fix the incorrect flow action alloc size - mac80211: fix the update of path metric for RANN frame - btrfs: fix deadlock when writing out space cache - KVM: VMX: Fix rflags cache during vCPU reset - xen-netfront: remove warning when unloading module - nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) - nfsd: Ensure we check stateid validity in the seqid operation checks - grace: replace BUG_ON by WARN_ONCE in exit_net hook - nfsd: check for use of the closed special stateid - lockd: fix "list_add double add" caused by legacy signal interface - hwmon: (pmbus) Use 64bit math for DIRECT format values - powerpc/ppc64el -- Remove ll_temac module from 64-bit builds - net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit - quota: Check for register_shrinker() failure. - SUNRPC: Allow connect to return EHOSTUNREACH - kmemleak: add scheduling point to kmemleak_scan() - drm/omap: Fix error handling path in 'omap_dmm_probe()' - xfs: ubsan fixes - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path - scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg - media: usbtv: add a new usbid - usb: gadget: don't dereference g until after it has been null checked - staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID - usb: option: Add support for FS040U modem - USB: serial: pl2303: new device id for Chilitag - USB: cdc-acm: Do not log urb submission errors on disconnect - CDC-ACM: apply quirk for card reader - USB: serial: io_edgeport: fix possible sleep-in-atomic - usbip: prevent bind loops on devices attached to vhci_hcd - usbip: list: don't list devices attached to vhci_hcd - USB: serial: simple: add Motorola Tetra driver - usb: f_fs: Prevent gadget unbind if it is already unbound - usb: uas: unconditionally bring back host after reset - selinux: general protection fault in sock_has_perm - serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS - spi: imx: do not access registers while clocks disabled - Linux 4.4.115 * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655) - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386 -- Kleber Sacilotto de Souza