Xenial update to 4.4.71 stable release

Bug #1697001 reported by Stefan Bader on 2017-06-09
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.71 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

The following patches from the 4.4.71 stable release shall be applied:
* sparc: Fix -Wstringop-overflow warning
* s390/qeth: handle sysfs error during initialization
* s390/qeth: unbreak OSM and OSN support
* s390/qeth: avoid null pointer dereference on OSN
* tcp: avoid fragmenting peculiar skbs in SACK
* sctp: fix src address selection if using secondary addresses for ipv6
* tcp: eliminate negative reordering in tcp_clean_rtx_queue
* net: Improve handling of failures on link and route dumps
* ipv6: Check ip6_find_1stfragopt() return value properly.
* bridge: netlink: check vlan_default_pvid range
* qmi_wwan: add another Lenovo EM74xx device ID
* bridge: start hello_timer when enabling KERNEL_STP in br_stp_start
* be2net: Fix offload features for Q-in-Q packets
* virtio-net: enable TSO/checksum offloads for Q-in-Q vlans
* tcp: avoid fastopen API to be used on AF_UNSPEC
* sctp: fix ICMP processing if skb is non-linear
* ipv4: add reference counting to metrics
* netem: fix skb_orphan_partial()
* net: phy: marvell: Limit errata to 88m1101
* vlan: Fix tcp checksum offloads in Q-in-Q vlans
* i2c: i2c-tiny-usb: fix buffer not being DMA capable
* mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read
* HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference
* scsi: mpt3sas: Force request partial completion alignment
* drm/radeon/ci: disable mclk switching for high refresh rates (v2)
* drm/radeon: Unbreak HPD handling for r600+
* pcmcia: remove left-over %Z format
* ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430
* slub/memcg: cure the brainless abuse of sysfs attributes
* drm/gma500/psb: Actually use VBT mode when it is found
* mm/migrate: fix refcount handling when !hugepage_migration_supported()
* mlock: fix mlock count can not decrease in race condition
* xfs: Fix missed holes in SEEK_HOLE implementation
* xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
* xfs: fix over-copying of getbmap parameters from userspace
* xfs: handle array index overrun in xfs_dir2_leaf_readbuf()
* xfs: prevent multi-fsb dir readahead from reading random blocks
* xfs: fix up quotacheck buffer list error handling
* xfs: support ability to wait on new inodes
* xfs: update ag iterator to support wait on new inodes
* xfs: wait on new inodes during quotaoff dquot release
* xfs: fix indlen accounting error on partial delalloc conversion
* xfs: bad assertion for delalloc an extent that start at i_size
* xfs: fix unaligned access in xfs_btree_visit_blocks
* xfs: in _attrlist_by_handle, copy the cursor back to userspace
* xfs: only return -errno or success from attr ->put_listent
* Linux 4.4.71

Stefan Bader (smb) on 2017-06-09
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) wrote :

The following patches were skipped as they already were applied:
* CVE-2017-9242
  - pv6: fix out of bound writes in __ip6_append_data()
* CVE-2017-9074
  - ipv6: Prevent overrun when parsing v6 header options
* CVE-2017-9075
  - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
* CVE-2017-9076 and CVE-2017-9077
  - ipv6/dccp: do not inherit ipv6_mc_list from parent
* CVE-2017-8890
  - dccp/tcp: do not inherit mc_list from parent

description: updated
Stefan Bader (smb) on 2017-06-22
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.4.0-87.110

---------------
linux (4.4.0-87.110) xenial; urgency=low

  * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)

  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

 -- Kleber Sacilotto de Souza <email address hidden> Tue, 18 Jul 2017 13:58:43 +0200

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers