xenial/linux-aws: 4.4.0-1097.108 -proposed tracker
Bug #1849041 reported by
Khaled El Mously
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Kernel SRU Workflow |
Invalid
|
Medium
|
Unassigned | ||
Automated-testing |
Invalid
|
Medium
|
Canonical Kernel Team | ||
Certification-testing |
Invalid
|
Medium
|
Canonical Hardware Certification | ||
Prepare-package |
Invalid
|
Medium
|
Sultan Alsawaf | ||
Prepare-package-meta |
Invalid
|
Medium
|
Sultan Alsawaf | ||
Promote-to-proposed |
Invalid
|
Medium
|
Andy Whitcroft | ||
Promote-to-security |
Invalid
|
Medium
|
Ubuntu Stable Release Updates Team | ||
Promote-to-updates |
Invalid
|
Medium
|
Ubuntu Stable Release Updates Team | ||
Regression-testing |
Invalid
|
Medium
|
Canonical Kernel Team | ||
Security-signoff |
Invalid
|
Medium
|
Steve Beattie | ||
Verification-testing |
Invalid
|
Medium
|
Canonical Kernel Team | ||
linux-aws (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Invalid
|
Medium
|
Unassigned |
Bug Description
This bug will contain status and test results related to a kernel source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https:/
-- swm properties --
boot-testing-
packages:
main: linux-aws
meta: linux-meta-aws
phase: Holding before Promote to Updates
phase-changed: Monday, 11. November 2019 10:47 UTC
proposed-
proposed-
trackers:
xenial/
variant: debs
tags: | added: kernel-release-tracking-bug xenial |
Changed in linux-aws (Ubuntu Xenial): | |
status: | New → Confirmed |
Changed in linux-aws (Ubuntu): | |
status: | New → Invalid |
Changed in linux-aws (Ubuntu Xenial): | |
importance: | Undecided → Medium |
tags: | added: kernel-release-tracking-bug-live |
description: | updated |
tags: | added: kernel-sru-cycle-2019.10.21-1 |
description: | updated |
tags: | added: kernel-sru-derivative-of-1849051 |
Changed in kernel-sru-workflow: | |
status: | New → In Progress |
importance: | Undecided → Medium |
summary: |
- linux-aws: <version to be filled> -proposed tracker + xenial/linux-aws: <version to be filled> -proposed tracker |
description: | updated |
description: | updated |
summary: |
- xenial/linux-aws: <version to be filled> -proposed tracker + xenial/linux-aws: 4.4.0-1097.108 -proposed tracker |
description: | updated |
description: | updated |
tags: | added: block-proposed-xenial |
tags: | added: block-proposed |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: | added: regresion-testing-passed |
tags: |
added: regression-testing-passed removed: regresion-testing-passed |
description: | updated |
description: | updated |
description: | updated |
tags: | removed: block-proposed-xenial |
tags: | removed: block-proposed |
description: | updated |
description: | updated |
description: | updated |
tags: | removed: kernel-sru-derivative-of-1849051 |
description: | updated |
tags: | removed: kernel-release-tracking-bug-live |
Changed in kernel-sru-workflow: | |
status: | In Progress → Invalid |
Changed in linux-aws (Ubuntu Xenial): | |
status: | Fix Released → Invalid |
To post a comment you must log in.
This bug was fixed in the package linux-aws - 4.4.0-1098.109
---------------
linux-aws (4.4.0-1098.109) xenial; urgency=medium
* CVE-2019-11135
- [Config] Disable TSX by default when possible
[ Ubuntu: 4.4.0-168.197 ]
* CVE-2018-12207 check_mmio_ pf() and is_mmio_ page_fault( ) mmio_page_ fault() call to kvm_mmu_ page_fault( ) _page to mmu_gfn_ lpage_is_ disallowed gfn_{allow, disallow} _lpage mmu_alloc_ page() shadow_ page() page_get_ gfn BUG_ON to WARN_ON ARCH_CAPABILITI ES on AMD hosts arch_cap_ msr() /taa: Add mitigation for TSX Async Abort /taa: Add sysfs reporting for TSX Async Abort /taa: Add documentation for TSX Async Abort /taa: Call tsx_init()
- KVM: x86: MMU: Encapsulate the type of rmap-chain head in a new struct
- KVM: x86: MMU: Consolidate quickly_
- KVM: x86: MMU: Move handle_
- KVM: MMU: rename has_wrprotected
- KVM: MMU: introduce kvm_mmu_
- KVM: x86: MMU: Make mmu_set_spte() return emulate value
- KVM: x86: MMU: Move initialization of parent_ptes out from
kvm_
- KVM: x86: MMU: always set accessed bit in shadow PTEs
- KVM: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to
link_
- KVM: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page()
- KVM: x86: simplify ept_misconfig
- KVM: x86: extend usage of RET_MMIO_PF_* constants
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: Emulate MSR_IA32_
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation
- x86/speculation
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: i915_bpo: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: i915_bpo: drm/i915/gen8+: Add RC6 CTX corruption WA
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: i915_bpo: drm/i915/gtt: Add read only pages to gen8_pte_encode
- SAUCE: i915_bpo: d...