Xenial update to 4.4.78 stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Stefan Bader |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The 4.4.78 upstream stable
patch set is now available. It should be included in the Ubuntu
kernel as well.
TEST CASE: TBD
The following patches from the 4.4.78 stable release shall be applied:
* net_sched: fix error recovery at qdisc creation
* net: sched: Fix one possible panic when no destroy callback
* net/phy: micrel: configure intterupts after autoneg workaround
* ipv6: avoid unregistering inet6_dev for loopback
* net: dp83640: Avoid NULL pointer dereference.
* tcp: reset sk_rx_dst in tcp_disconnect()
* net: prevent sign extension in dev_get_stats()
* bpf: prevent leaking pointer via xadd on unpriviledged
* net: handle NAPI_GRO_
* ipv6: dad: don't remove dynamic addresses if link is down
* net: ipv6: Compare lwstate in detecting duplicate nexthops
* vrf: fix bug_on triggered by rx when destroying a vrf
* rds: tcp: use sock_create_lite() to create the accept socket
* brcmfmac: fix possible buffer overflow in brcmf_cfg80211_
* cfg80211: Define nla_policy for NL80211_
* cfg80211: Validate frequencies nested in NL80211_
* cfg80211: Check if PMKID attribute is of expected size
* irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
* parisc: Report SIGSEGV instead of SIGBUS when running out of stack
* parisc: use compat_sys_keyctl()
* parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
* parisc/mm: Ensure IRQs are off in switch_mm()
* tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing
lock_chain/: Depth
* kernel/extable.c: mark core_kernel_text notrace
* mm/list_lru.c: fix list_lru_
* fs/dcache.c: fix spin lockup issue on nlru->lock
* checkpatch: silence perl 5.26.0 unescaped left brace warnings
* binfmt_elf: use ELF_ET_DYN_BASE only for PIE
* arm: move ELF_ET_DYN_BASE to 4MB
* arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
* powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
* s390: reduce ELF_ET_DYN_BASE
* exec: Limit arg stack to at most 75% of _STK_LIM
* vt: fix unchecked __put_user() in tioclinux ioctls
* mnt: In umount propagation reparent in a separate pass
* mnt: In propgate_umount handle visiting mounts in any order
* mnt: Make propagate_umount less slow for overlapping mount propagation
trees
* selftests/
* tpm: Get rid of chip->pdev
* tpm: Provide strong locking for device removal
* Add "shutdown" to "struct class".
* tpm: Issue a TPM2_Shutdown for TPM2 devices.
* mm: fix overflow check in expand_upwards()
* crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
* crypto: atmel - only treat EBUSY as transient if backlog
* crypto: sha1-ssse3 - Disable avx2
* crypto: caam - fix signals handling
* sched/topology: Fix overlapping sched_group_mask
* sched/topology: Optimize build_group_mask()
* PM / wakeirq: Convert to SRCU
* PM / QoS: return -EINVAL for bogus strings
* tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate
results
* KVM: x86: disable MPX if host did not enable MPX XSAVE features
* kvm: vmx: Do not disable intercepts for BNDCFGS
* kvm: x86: Guest BNDCFGS requires guest MPX support
* kvm: vmx: Check value written to IA32_BNDCFGS
* kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
* Linux 4.4.78
CVE References
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Xenial): | |
assignee: | nobody → Stefan Bader (smb) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu): | |
status: | New → Won't Fix |
status: | Won't Fix → Invalid |
"net_sched: fix error recovery at qdisc creation" applied with fuzz2 in net/sched/ sch_mqprio. c hunk#2.
"tpm: Get rid of chip->pdev" required manual backport for drivers/ char/tpm/ tpm_tis. c as we carry deviations for bug #1398274 "[Feature] TPM2.0 kernel support".
"KVM: x86: disable MPX if host did not enable MPX XSAVE features" required fuzz 2 in arch/x86/kvm/vmx.c hunk #1.