Bug #1825487 “The Realtek card reader does not enter PCIe 1.1/1....” : Cosmic (18.10) : Bugs : linux package : Ubuntu

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-04-19: Missing required logs.

#1

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1825487

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Kai-Heng Feng (kaihengfeng) on 2019-04-19

Changed in linux-oem (Ubuntu Cosmic):
status:	New → Invalid
Changed in linux-oem (Ubuntu Disco):
status:	New → Invalid

AceLan Kao (acelankao) on 2019-04-19

tags:

added: originate-from-1821890 somerville

Kleber Sacilotto de Souza (kleber-souza) on 2019-04-23

Changed in linux (Ubuntu Bionic):
status:	New → Fix Committed
Changed in linux (Ubuntu Cosmic):
status:	New → Fix Committed
Changed in linux (Ubuntu Disco):
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-04-25:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-cosmic' to 'verification-done-cosmic'. If the problem still exists, change the tag 'verification-needed-cosmic' to 'verification-failed-cosmic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-cosmic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-04-26:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-disco' to 'verification-done-disco'. If the problem still exists, change the tag 'verification-needed-disco' to 'verification-failed-disco'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-disco

Kai-Heng Feng (kaihengfeng) on 2019-04-29

tags:

added: verification-done-cosmic verification-done-disco
removed: verification-needed-cosmic verification-needed-disco

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-04-29:

#4

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Kai-Heng Feng (kaihengfeng) on 2019-05-02

tags:

added: verification-done-bionic
removed: verification-needed-bionic

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-14:

#5

Download full text (12.6 KiB)

This bug was fixed in the package linux - 4.15.0-50.54

---------------
linux (4.15.0-50.54) bionic; urgency=medium

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

* CVE-2017-5715 // CVE-2017-5753
- s390/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
- powerpc/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log

linux (4.15.0-49.53) bionic; urgency=medium

* linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)

  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - powerpc/64: Disable the speculation barrier from the command line
    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
    - powerpc/64: Make meltdown reporting Book3S 64 specific
    - powerpc/lib/code-patching: refactor patch_instruction()
    - powerpc/lib/feature-fixups: use raw_patch_instruction()
    - powerpc/asm: Add a patch_site mac...

This bug was fixed in the package linux - 4.15.0-50.54

---------------
linux (4.15.0-50.54) bionic; urgency=medium

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

* CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux (4.15.0-49.53) bionic; urgency=medium

* linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)

* Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - powerpc/64: Disable the speculation barrier from the command line
    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
    - powerpc/64: Make meltdown reporting Book3S 64 specific
    - powerpc/lib/code-patching: refactor patch_instruction()
    - powerpc/lib/feature-fixups: use raw_patch_instruction()
    - powerpc/asm: Add a patch_site macro & helpers for patching instructions
    - powerpc/64s: Add new security feature flags for count cache flush
    - powerpc/64s: Add support for software count cache flush
    - powerpc/pseries: Query hypervisor for count cache flush settings
    - powerpc/powernv: Query firmware for count cache flush settings
    - powerpc/fsl: Add nospectre_v2 command line argument
    - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
    - [Config] Add CONFIG_PPC_BARRIER_NOSPEC

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

* autopkgtests run too often, too much and don't skip enough (LP: #1823056)
    - [Debian] Set +x on rebuild testcase.
    - [Debian] Skip rebuild test, for regression-suite deps.
    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
    - [Debian] make rebuild use skippable error codes when skipping.
    - [Debian] Only run regression-suite, if requested to.

* bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
    - [Packaging] remove arm64 snapdragon from getabis
    - [Config] config changes for snapdragon split
    - packaging: arm64: disable building the snapdragon flavour
    - [Packaging] arm64: Drop snapdragon from kernel-versions

* CVE-2017-5753
    - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
    - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
    - sysvipc/sem: mitigate semnum index against spectre v1
    - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
    - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
    - net: socket: fix potential spectre v1 gadget in socketcall
    - net: socket: Fix potential spectre v1 gadget in sock_is_registered
    - drm/amdgpu/pm: Fix potential Spectre v1
    - netlink: Fix spectre v1 gadget in netlink_create()
    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
    - drm/i915/kvmgt: Fix potential Spectre v1
    - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
    - fs/quota: Fix spectre gadget in do_quotactl
    - hwmon: (nct6775) Fix potential Spectre v1
    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
    - switchtec: Fix Spectre v1 vulnerability
    - misc: hmc6352: fix potential Spectre v1
    - tty: vt_ioctl: fix potential Spectre v1
    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
    - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
    - IB/ucm: Fix Spectre v1 vulnerability
    - RDMA/ucma: Fix Spectre v1 vulnerability
    - drm/bufs: Fix Spectre v1 vulnerability
    - usb: gadget: storage: Fix Spectre v1 vulnerability
    - ptp: fix Spectre v1 vulnerability
    - HID: hiddev: fix potential Spectre v1
    - vhost: Fix Spectre V1 vulnerability
    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
    - ipv4: Fix potential Spectre v1 vulnerability
    - aio: fix spectre gadget in lookup_ioctx
    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
    - ALSA: pcm: Fix potential Spectre v1 vulnerability
    - ip6mr: Fix potential Spectre v1 vulnerability
    - ALSA: rme9652: Fix potential Spectre v1 vulnerability
    - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
    - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
    - drm/ioctl: Fix Spectre v1 vulnerabilities
    - char/mwave: fix potential Spectre v1 vulnerability
    - applicom: Fix potential Spectre v1 vulnerabilities
    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
    - powerpc/ptrace: Mitigate potential Spectre v1
    - cfg80211: prevent speculation on cfg80211_classify8021d() return
    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
    - ALSA: seq: oss: Fix Spectre v1 vulnerability

* Bionic: Sync to Xenial (Spectre) (LP: #1822760)
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - KVM: SVM: Add MSR-based feature support for serializing LFENCE
    - KVM: VMX: fixes for vmentry_l1d_flush module parameter
    - KVM: X86: Allow userspace to define the microcode version
    - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
    - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
      vmentry

* [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
    - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list

* Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: Fix use-after-free in fuse_dev_do_read()
    - fuse: Fix use-after-free in fuse_dev_do_write()
    - fuse: set FR_SENT while locked
    - fuse: fix blocked_waitq wakeup
    - fuse: fix leaked notify reply
    - fuse: fix possibly missed wake-up after abort
    - fuse: fix use-after-free in fuse_direct_IO()
    - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
    - fuse: handle zero sized retrieve correctly
    - fuse: call pipe_buf_release() under pipe lock
    - fuse: decrement NR_WRITEBACK_TEMP on the right page

* Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870)
    - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
    - powerpc/fsl: Fix spectre_v2 mitigations reporting
    - powerpc: Avoid code patching freed init sections

* Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870) // Backport support for software count cache flush Spectre v2
    mitigation. (CVE) (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/security: Fix spectre_v2 reporting

* CVE-2019-3874
    - sctp: use sk_wmem_queued to check for writable space
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path

* NULL pointer dereference when using z3fold and zswap (LP: #1814874)
    - z3fold: fix possible reclaim races

* Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
    on B PowerPC (LP: #1812809)
    - selftests/ftrace: Add ppc support for kprobe args tests

* The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: make various functions static
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch

* headset-mic doesn't work on two Dell laptops. (LP: #1825272)
    - ALSA: hda/realtek - add two more pin configuration sets to quirk table

* CVE-2018-16884
    - sunrpc: use SVC_NET() in svcauth_gss_* functions
    - sunrpc: use-after-free in svc_process_common()

* sky2 ethernet card don't work after returning from suspension (LP: #1798921)
    - sky2: Increase D3 delay again

* CVE-2019-9500
    - brcmfmac: assure SSID length from firmware is limited

* CVE-2019-9503
    - brcmfmac: add subtype check for event handling in data path

* CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container

* Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend

* bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
    (LP: #1823972)
    - fuse: fix initial parallel dirops

* amdgpu resume failure: failed to allocate wb slot (LP: #1825074)
    - drm/amdgpu: fix&cleanups for wb_clear

* Pop noise when headset is plugged in or removed from GHS/Line-out jack
    (LP: #1821290)
    - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
      for ALC225
    - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
    - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
    - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB

* mac80211_hwsim unable to handle kernel NULL pointer dereference
    at0000000000000000  (LP: #1825058)
    - mac80211_hwsim: Timer should be initialized before device registered

* [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
    - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
    - ALSA: hda - Add two more machines to the power_save_blacklist

* ubuntu_nbd_smoke_test failed on P9 with Bionic kernel (LP: #1822247)
    - nbd: fix how we set bd_invalidated

* TSC clocksource not available in nested guests (LP: #1822821)
    - kvmclock: fix TSC calibration for nested guests

* 4.15 kernel ip_vs --ops causes performance and hang problem (LP: #1819786)
    - ipvs: fix refcount usage for conns in ops mode

* systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
    unable to handle kernel paging request at 6db23a14" on Cosmic i386
    (LP: #1813244)
    - openvswitch: fix flow actions reallocation

-- Stefan Bader <stefan.bader@canonical.com>  Mon, 06 May 2019 18:59:24 +0200

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-14:

#6

Download full text (13.0 KiB)

This bug was fixed in the package linux-oem - 4.15.0-1038.43

---------------
linux-oem (4.15.0-1038.43) bionic; urgency=medium

[ Ubuntu: 4.15.0-50.54 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oem (4.15.0-1037.42) bionic; urgency=medium

* linux-oem: 4.15.0-1037.42 -proposed tracker (LP: #1826336)

  * unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none

  * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume

[ Ubuntu: 4.15.0-49.53 ]

  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - p...

This bug was fixed in the package linux-oem - 4.15.0-1038.43

---------------
linux-oem (4.15.0-1038.43) bionic; urgency=medium

[ Ubuntu: 4.15.0-50.54 ]

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oem (4.15.0-1037.42) bionic; urgency=medium

* linux-oem: 4.15.0-1037.42 -proposed tracker (LP: #1826336)

* unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none

* Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume

[ Ubuntu: 4.15.0-49.53 ]

* linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - powerpc/64: Disable the speculation barrier from the command line
    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
    - powerpc/64: Make meltdown reporting Book3S 64 specific
    - powerpc/lib/code-patching: refactor patch_instruction()
    - powerpc/lib/feature-fixups: use raw_patch_instruction()
    - powerpc/asm: Add a patch_site macro & helpers for patching instructions
    - powerpc/64s: Add new security feature flags for count cache flush
    - powerpc/64s: Add support for software count cache flush
    - powerpc/pseries: Query hypervisor for count cache flush settings
    - powerpc/powernv: Query firmware for count cache flush settings
    - powerpc/fsl: Add nospectre_v2 command line argument
    - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
    - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
    - [Debian] Set +x on rebuild testcase.
    - [Debian] Skip rebuild test, for regression-suite deps.
    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
    - [Debian] make rebuild use skippable error codes when skipping.
    - [Debian] Only run regression-suite, if requested to.
  * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
    - [Packaging] remove arm64 snapdragon from getabis
    - [Config] config changes for snapdragon split
    - packaging: arm64: disable building the snapdragon flavour
    - [Packaging] arm64: Drop snapdragon from kernel-versions
  * CVE-2017-5753
    - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
    - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
    - sysvipc/sem: mitigate semnum index against spectre v1
    - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
    - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
    - net: socket: fix potential spectre v1 gadget in socketcall
    - net: socket: Fix potential spectre v1 gadget in sock_is_registered
    - drm/amdgpu/pm: Fix potential Spectre v1
    - netlink: Fix spectre v1 gadget in netlink_create()
    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
    - drm/i915/kvmgt: Fix potential Spectre v1
    - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
    - fs/quota: Fix spectre gadget in do_quotactl
    - hwmon: (nct6775) Fix potential Spectre v1
    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
    - switchtec: Fix Spectre v1 vulnerability
    - misc: hmc6352: fix potential Spectre v1
    - tty: vt_ioctl: fix potential Spectre v1
    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
    - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
    - IB/ucm: Fix Spectre v1 vulnerability
    - RDMA/ucma: Fix Spectre v1 vulnerability
    - drm/bufs: Fix Spectre v1 vulnerability
    - usb: gadget: storage: Fix Spectre v1 vulnerability
    - ptp: fix Spectre v1 vulnerability
    - HID: hiddev: fix potential Spectre v1
    - vhost: Fix Spectre V1 vulnerability
    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
    - ipv4: Fix potential Spectre v1 vulnerability
    - aio: fix spectre gadget in lookup_ioctx
    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
    - ALSA: pcm: Fix potential Spectre v1 vulnerability
    - ip6mr: Fix potential Spectre v1 vulnerability
    - ALSA: rme9652: Fix potential Spectre v1 vulnerability
    - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
    - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
    - drm/ioctl: Fix Spectre v1 vulnerabilities
    - char/mwave: fix potential Spectre v1 vulnerability
    - applicom: Fix potential Spectre v1 vulnerabilities
    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
    - powerpc/ptrace: Mitigate potential Spectre v1
    - cfg80211: prevent speculation on cfg80211_classify8021d() return
    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
    - ALSA: seq: oss: Fix Spectre v1 vulnerability
  * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - KVM: SVM: Add MSR-based feature support for serializing LFENCE
    - KVM: VMX: fixes for vmentry_l1d_flush module parameter
    - KVM: X86: Allow userspace to define the microcode version
    - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
    - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
      vmentry
  * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
    - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list
  * Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: Fix use-after-free in fuse_dev_do_read()
    - fuse: Fix use-after-free in fuse_dev_do_write()
    - fuse: set FR_SENT while locked
    - fuse: fix blocked_waitq wakeup
    - fuse: fix leaked notify reply
    - fuse: fix possibly missed wake-up after abort
    - fuse: fix use-after-free in fuse_direct_IO()
    - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
    - fuse: handle zero sized retrieve correctly
    - fuse: call pipe_buf_release() under pipe lock
    - fuse: decrement NR_WRITEBACK_TEMP on the right page
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870)
    - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
    - powerpc/fsl: Fix spectre_v2 mitigations reporting
    - powerpc: Avoid code patching freed init sections
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870) // Backport support for software count cache flush Spectre v2
    mitigation. (CVE) (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/security: Fix spectre_v2 reporting
  * CVE-2019-3874
    - sctp: use sk_wmem_queued to check for writable space
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path
  * NULL pointer dereference when using z3fold and zswap (LP: #1814874)
    - z3fold: fix possible reclaim races
  * Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
    on B PowerPC (LP: #1812809)
    - selftests/ftrace: Add ppc support for kprobe args tests
  * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: make various functions static
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
  * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
    - ALSA: hda/realtek - add two more pin configuration sets to quirk table
  * CVE-2018-16884
    - sunrpc: use SVC_NET() in svcauth_gss_* functions
    - sunrpc: use-after-free in svc_process_common()
  * sky2 ethernet card don't work after returning from suspension (LP: #1798921)
    - sky2: Increase D3 delay again
  * CVE-2019-9500
    - brcmfmac: assure SSID length from firmware is limited
  * CVE-2019-9503
    - brcmfmac: add subtype check for event handling in data path
  * CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container
  * Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend
  * bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
    (LP: #1823972)
    - fuse: fix initial parallel dirops
  * amdgpu resume failure: failed to allocate wb slot (LP: #1825074)
    - drm/amdgpu: fix&cleanups for wb_clear
  * Pop noise when headset is plugged in or removed from GHS/Line-out jack
    (LP: #1821290)
    - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
      for ALC225
    - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
    - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
    - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
  * mac80211_hwsim unable to handle kernel NULL pointer dereference
    at0000000000000000  (LP: #1825058)
    - mac80211_hwsim: Timer should be initialized before device registered
  * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
    - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
    - ALSA: hda - Add two more machines to the power_save_blacklist
  * ubuntu_nbd_smoke_test failed on P9 with Bionic kernel (LP: #1822247)
    - nbd: fix how we set bd_invalidated
  * TSC clocksource not available in nested guests (LP: #1822821)
    - kvmclock: fix TSC calibration for nested guests
  * 4.15 kernel ip_vs --ops causes performance and hang problem (LP: #1819786)
    - ipvs: fix refcount usage for conns in ops mode
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
    unable to handle kernel paging request at 6db23a14" on Cosmic i386
    (LP: #1813244)
    - openvswitch: fix flow actions reallocation

-- Stefan Bader <stefan.bader@canonical.com>  Wed, 08 May 2019 12:16:04 +0200

Changed in linux-oem (Ubuntu Bionic):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-14:

#7

Download full text (7.0 KiB)

This bug was fixed in the package linux - 4.18.0-20.21

---------------
linux (4.18.0-20.21) cosmic; urgency=medium

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

* CVE-2017-5715 // CVE-2017-5753
- s390/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
- powerpc/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log

linux (4.18.0-19.20) cosmic; urgency=medium

* linux: 4.18.0-19.20 -proposed tracker (LP: #1826171)

* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log

  * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
    - [Debian] Set +x on rebuild testcase.
    - [Debian] Skip rebuild test, for regression-suite deps.
    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
    - [Debian] make rebuild use skippable error codes when skipping.
    - [Debian] Only run regression-suite, if requested to.

  * CVE-2017-5753
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - drm/bufs: Fix Spectre v1 vulnerability
    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
    - ipv4: Fix potential Spectre v1 vulnerability
    - aio: fix spectre gadget in lookup_ioctx
    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
    - ALSA: pcm: Fix potential Spectre v1 vulnerability
    - ip6mr: Fix potential Spectre v1 vulnerability
    - ALSA: rme9652: Fix potential Spectre v1...

This bug was fixed in the package linux - 5.0.0-15.16

---------------
linux (5.0.0-15.16) disco; urgency=medium

* CVE-2019-11683
    - udp: fix GRO reception in case of length mismatch
    - udp: fix GRO packet of death

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

* CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux (5.0.0-14.15) disco; urgency=medium

* linux: 5.0.0-14.15 -proposed tracker (LP: #1826150)

* [SRU] Please sync vbox modules from virtualbox 6.0.6 on next kernel update
    (LP: #1825210)
    - vbox-update: updates for renamed makefiles
    - ubuntu: vbox -- update to 6.0.6-dfsg-1

* Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend

* [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda - Add two more machines to the power_save_blacklist

* CVE-2019-9500
    - brcmfmac: assure SSID length from firmware is limited

* CVE-2019-9503
    - brcmfmac: add subtype check for event handling in data path

* CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container

* autofs kernel module missing (LP: #1824333)
    - [Config] Update autofs4 path in inclusion list

* The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch

* headset-mic doesn't work on two Dell laptops. (LP: #1825272)
    - ALSA: hda/realtek - add two more pin configuration sets to quirk table

* CVE-2019-3887
    - KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
    - KVM: x86: nVMX: fix x2APIC VTPR read intercept

* CVE-2019-3874
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path

* CVE-2019-1999
    - binder: fix race between munmap() and direct reclaim

* apparmor does not start in Disco LXD containers (LP: #1824812)
    - SAUCE: shiftfs: use separate llseek method for directories

-- Stefan Bader <stefan.bader@canonical.com>  Mon, 06 May 2019 17:33:15 +0200

Changed in linux (Ubuntu Disco):
status:	Fix Committed → Fix Released

Revision history for this message

Steve Langasek (vorlon) wrote on 2019-05-14: Update Released

#9

The verification of the Stable Release Update for linux-aws has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-17:

#10

Download full text (13.0 KiB)

This bug was fixed in the package linux-oem - 4.15.0-1038.43

---------------
linux-oem (4.15.0-1038.43) bionic; urgency=medium

[ Ubuntu: 4.15.0-50.54 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oem (4.15.0-1037.42) bionic; urgency=medium

* linux-oem: 4.15.0-1037.42 -proposed tracker (LP: #1826336)

  * unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none

  * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume

[ Ubuntu: 4.15.0-49.53 ]

  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - p...

This bug was fixed in the package linux-oem - 4.15.0-1038.43

---------------
linux-oem (4.15.0-1038.43) bionic; urgency=medium

[ Ubuntu: 4.15.0-50.54 ]

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oem (4.15.0-1037.42) bionic; urgency=medium

* linux-oem: 4.15.0-1037.42 -proposed tracker (LP: #1826336)

* unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none

* Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume

[ Ubuntu: 4.15.0-49.53 ]

* linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - powerpc/64: Disable the speculation barrier from the command line
    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
    - powerpc/64: Make meltdown reporting Book3S 64 specific
    - powerpc/lib/code-patching: refactor patch_instruction()
    - powerpc/lib/feature-fixups: use raw_patch_instruction()
    - powerpc/asm: Add a patch_site macro & helpers for patching instructions
    - powerpc/64s: Add new security feature flags for count cache flush
    - powerpc/64s: Add support for software count cache flush
    - powerpc/pseries: Query hypervisor for count cache flush settings
    - powerpc/powernv: Query firmware for count cache flush settings
    - powerpc/fsl: Add nospectre_v2 command line argument
    - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
    - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
    - [Debian] Set +x on rebuild testcase.
    - [Debian] Skip rebuild test, for regression-suite deps.
    - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
    - [Debian] make rebuild use skippable error codes when skipping.
    - [Debian] Only run regression-suite, if requested to.
  * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
    - [Packaging] remove arm64 snapdragon from getabis
    - [Config] config changes for snapdragon split
    - packaging: arm64: disable building the snapdragon flavour
    - [Packaging] arm64: Drop snapdragon from kernel-versions
  * CVE-2017-5753
    - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
    - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
    - sysvipc/sem: mitigate semnum index against spectre v1
    - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
    - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
    - net: socket: fix potential spectre v1 gadget in socketcall
    - net: socket: Fix potential spectre v1 gadget in sock_is_registered
    - drm/amdgpu/pm: Fix potential Spectre v1
    - netlink: Fix spectre v1 gadget in netlink_create()
    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
    - drm/i915/kvmgt: Fix potential Spectre v1
    - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
    - fs/quota: Fix spectre gadget in do_quotactl
    - hwmon: (nct6775) Fix potential Spectre v1
    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
    - switchtec: Fix Spectre v1 vulnerability
    - misc: hmc6352: fix potential Spectre v1
    - tty: vt_ioctl: fix potential Spectre v1
    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
    - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
    - IB/ucm: Fix Spectre v1 vulnerability
    - RDMA/ucma: Fix Spectre v1 vulnerability
    - drm/bufs: Fix Spectre v1 vulnerability
    - usb: gadget: storage: Fix Spectre v1 vulnerability
    - ptp: fix Spectre v1 vulnerability
    - HID: hiddev: fix potential Spectre v1
    - vhost: Fix Spectre V1 vulnerability
    - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
    - ipv4: Fix potential Spectre v1 vulnerability
    - aio: fix spectre gadget in lookup_ioctx
    - ALSA: emux: Fix potential Spectre v1 vulnerabilities
    - ALSA: pcm: Fix potential Spectre v1 vulnerability
    - ip6mr: Fix potential Spectre v1 vulnerability
    - ALSA: rme9652: Fix potential Spectre v1 vulnerability
    - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
    - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
    - drm/ioctl: Fix Spectre v1 vulnerabilities
    - char/mwave: fix potential Spectre v1 vulnerability
    - applicom: Fix potential Spectre v1 vulnerabilities
    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
    - powerpc/ptrace: Mitigate potential Spectre v1
    - cfg80211: prevent speculation on cfg80211_classify8021d() return
    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
    - ALSA: seq: oss: Fix Spectre v1 vulnerability
  * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - KVM: SVM: Add MSR-based feature support for serializing LFENCE
    - KVM: VMX: fixes for vmentry_l1d_flush module parameter
    - KVM: X86: Allow userspace to define the microcode version
    - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
    - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
      vmentry
  * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
    - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi table term list
  * Bionic update: upstream stable patchset for fuse 2019-04-12 (LP: #1824553)
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: Fix use-after-free in fuse_dev_do_read()
    - fuse: Fix use-after-free in fuse_dev_do_write()
    - fuse: set FR_SENT while locked
    - fuse: fix blocked_waitq wakeup
    - fuse: fix leaked notify reply
    - fuse: fix possibly missed wake-up after abort
    - fuse: fix use-after-free in fuse_direct_IO()
    - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS
    - fuse: handle zero sized retrieve correctly
    - fuse: call pipe_buf_release() under pipe lock
    - fuse: decrement NR_WRITEBACK_TEMP on the right page
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870)
    - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
    - powerpc/fsl: Fix spectre_v2 mitigations reporting
    - powerpc: Avoid code patching freed init sections
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870) // Backport support for software
    count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
    (LP: #1822870) // Backport support for software count cache flush Spectre v2
    mitigation. (CVE) (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/security: Fix spectre_v2 reporting
  * CVE-2019-3874
    - sctp: use sk_wmem_queued to check for writable space
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path
  * NULL pointer dereference when using z3fold and zswap (LP: #1814874)
    - z3fold: fix possible reclaim races
  * Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
    on B PowerPC (LP: #1812809)
    - selftests/ftrace: Add ppc support for kprobe args tests
  * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: make various functions static
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
  * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
    - ALSA: hda/realtek - add two more pin configuration sets to quirk table
  * CVE-2018-16884
    - sunrpc: use SVC_NET() in svcauth_gss_* functions
    - sunrpc: use-after-free in svc_process_common()
  * sky2 ethernet card don't work after returning from suspension (LP: #1798921)
    - sky2: Increase D3 delay again
  * CVE-2019-9500
    - brcmfmac: assure SSID length from firmware is limited
  * CVE-2019-9503
    - brcmfmac: add subtype check for event handling in data path
  * CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container
  * Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend
  * bionic, xenial/hwe: misses "fuse: fix initial parallel dirops" patch
    (LP: #1823972)
    - fuse: fix initial parallel dirops
  * amdgpu resume failure: failed to allocate wb slot (LP: #1825074)
    - drm/amdgpu: fix&cleanups for wb_clear
  * Pop noise when headset is plugged in or removed from GHS/Line-out jack
    (LP: #1821290)
    - ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
      for ALC225
    - ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
    - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
    - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
  * mac80211_hwsim unable to handle kernel NULL pointer dereference
    at0000000000000000  (LP: #1825058)
    - mac80211_hwsim: Timer should be initialized before device registered
  * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda: Add Intel NUC7i3BNB to the power_save blacklist
    - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
    - ALSA: hda - Add two more machines to the power_save_blacklist
  * ubuntu_nbd_smoke_test failed on P9 with Bionic kernel (LP: #1822247)
    - nbd: fix how we set bd_invalidated
  * TSC clocksource not available in nested guests (LP: #1822821)
    - kvmclock: fix TSC calibration for nested guests
  * 4.15 kernel ip_vs --ops causes performance and hang problem (LP: #1819786)
    - ipvs: fix refcount usage for conns in ops mode
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
    unable to handle kernel paging request at 6db23a14" on Cosmic i386
    (LP: #1813244)
    - openvswitch: fix flow actions reallocation

-- Stefan Bader <stefan.bader@canonical.com>  Wed, 08 May 2019 12:16:04 +0200

Changed in linux-oem (Ubuntu Cosmic):
status:	Invalid → Fix Released
Changed in linux-oem (Ubuntu Disco):
status:	Invalid → Fix Released

Launchpad Janitor (janitor) on 2019-05-20

Changed in linux-oem (Ubuntu):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-21:

#13

Download full text (3.7 KiB)

This bug was fixed in the package linux - 5.0.0-15.16

---------------
linux (5.0.0-15.16) disco; urgency=medium

  * CVE-2019-11683
    - udp: fix GRO reception in case of length mismatch
    - udp: fix GRO packet of death

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

* CVE-2017-5715 // CVE-2017-5753
- s390/speculation: Support 'mitigations=' cmdline option

* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
- powerpc/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log

linux (5.0.0-14.15) disco; urgency=medium

* linux: 5.0.0-14.15 -proposed tracker (LP: #1826150)

  * [SRU] Please sync vbox modules from virtualbox 6.0.6 on next kernel update
    (LP: #1825210)
    - vbox-update: updates for renamed makefiles
    - ubuntu: vbox -- update to 6.0.6-dfsg-1

  * Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend

  * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
    upgrade (LP: #1821663)
    - ALSA: hda - Add two more machines to the power_save_blacklist

* CVE-2019-9500
- brcmfmac: assure SSID length from firmware is limited

* CVE-2019-9503
- brcmfmac: add subtype check for event handling in data path

* CVE-2019-3882
- vfio/type1: Limit DMA mappings per container

* autofs kernel module missing (LP: #1824333)
- [Config] Update autofs4 path in inclusion list

  * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
    - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
    - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch

* headset-mic doesn't work on two Dell laptops. (LP: #1825272)
- ALSA: hda/realtek - add...

	Status	Importance	Assigned to
HWE Next	Fix Released	Undecided	Unassigned
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Cosmic	Fix Released	Undecided	Unassigned
Disco	Fix Released	Undecided	Unassigned
linux-oem (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Cosmic	Fix Released	Undecided	Unassigned
Disco	Fix Released	Undecided	Unassigned

Ubuntu
linux package

The Realtek card reader does not enter PCIe 1.1/1.2

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Changed in linux (Ubuntu):
status:	Incomplete → Fix Released

Ubuntulinux package

The Realtek card reader does not enter PCIe 1.1/1.2

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package