Ubuntu
linux package

Xenial update to 4.4.90 stable release

  1. Xenial (16.04)
  2. Bug #1721550
Bug #1721550 reported by Stefan Bader
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Xenial
Fix Released
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.90 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

The following patches from the 4.4.90 stable release shall be applied:
* cifs: release auth_key.response for reconnect.
* mac80211: flush hw_roc_start work before cancelling the ROC
* KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
* tracing: Fix trace_pipe behavior for instance traces
* tracing: Erase irqsoff trace with empty write
* md/raid5: fix a race condition in stripe batch
* md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
* scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
  nlmsg properly
* crypto: talitos - Don't provide setkey for non hmac hashing algs.
* crypto: talitos - fix sha224
* KEYS: fix writing past end of user-supplied buffer in keyring_read()
* KEYS: prevent creating a different user's keyrings
* KEYS: prevent KEYCTL_READ on negative key
* powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
* Fix SMB3.1.1 guest authentication to Samba
* SMB: Validate negotiate (to protect against downgrade) even if signing off
* SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
* vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
* nl80211: check for the required netlink attributes presence
* bsg-lib: don't free job in bsg_prepare_job
* seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
* arm64: Make sure SPsel is always set
* arm64: fault: Route pte translation faults via do_translation_fault
* KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
* kvm: nVMX: Don't allow L2 to access the hardware CR8
* PCI: Fix race condition with driver_override
* btrfs: fix NULL pointer dereference from free_reloc_roots()
* btrfs: propagate error to btrfs_cmp_data_prepare caller
* btrfs: prevent to set invalid default subvolid
* x86/fpu: Don't let userspace set bogus xcomp_bv
* gfs2: Fix debugfs glocks dump
* timer/sysclt: Restrict timer migration sysctl values to 0 and 1
* KVM: VMX: do not change SN bit in vmx_update_pi_irte()
* KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
* cxl: Fix driver use count
* dmaengine: mmp-pdma: add number of requestors
* ARM: pxa: add the number of DMA requestor lines
* ARM: pxa: fix the number of DMA requestor lines
* KVM: VMX: use cmpxchg64
* video: fbdev: aty: do not leak uninitialized padding in clk to userspace
* swiotlb-xen: implement xen_swiotlb_dma_mmap callback
* fix xen_swiotlb_dma_mmap prototype
* Linux 4.4.90

See original description

CVE References

Stefan Bader (smb)
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
Revision history for this message
Stefan Bader (smb) wrote :

Fixed up "KEYS: prevent creating a different user's keyrings" because it failed to apply cleanly as we carry a delta for bug #1569924 "linux: Add UEFI keyring for externally signed modules".

Fixed up "cxl: Fix driver use count" because it failed to apply cleanly as we carry a delta for bug #1588468 "CAPI: CGZIP AFU contexts do not receive interrupts after heavy afu open/close".

description: updated
Thadeu Lima de Souza Cascardo (cascardo)
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (11.5 KiB)

This bug was fixed in the package linux - 4.4.0-98.121

---------------
linux (4.4.0-98.121) xenial; urgency=low

  * linux: 4.4.0-98.121 -proposed tracker (LP: #1722299)

  * Controller lockup detected on ProLiant DL380 Gen9 with P440 Controller
    (LP: #1720359)
    - scsi: hpsa: limit transfer length to 1MB

  * [Dell Docking IE][0bda:8153] Realtek USB Ethernet leads to system hang
    (LP: #1720977)
    - r8152: fix the list rx_done may be used without initialization

  * Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
    - d-i: Add bnxt_en to nic-modules.

  * snapcraft.yaml: add dpkg-dev to the build deps (LP: #1718886)
    - snapcraft.yaml: add dpkg-dev to the build deps

  * Support setting I2C_TIMEOUT via ioctl for i2c-designware (LP: #1718578)
    - i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT

  * 5U84 - ses driver isn't binding right - cannot blink lights on 1 of the 2
    5u84 (LP: #1693369)
    - scsi_transport_sas: add function to get SAS endpoint address
    - ses: fix discovery of SATA devices in SAS enclosures
    - scsi: sas: provide stub implementation for scsi_is_sas_rphy
    - scsi: ses: Fix SAS device detection in enclosure

  * multipath -ll is not showing the disks which are actually multipath
    (LP: #1718397)
    - fs: aio: fix the increment of aio-nr and counting against aio-max-nr

  * Support Dell Wireless DW5819/5818 WWAN devices (LP: #1721455)
    - SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819

  * CVE-2017-10911
    - xen-blkback: don't leak stack data via response ring

  * implement 'complain mode' in seccomp for developer mode with snaps
    (LP: #1567597)
    - seccomp: Provide matching filter for introspection
    - seccomp: Sysctl to display available actions
    - seccomp: Operation for checking if an action is available
    - seccomp: Sysctl to configure actions that are allowed to be logged
    - seccomp: Selftest for detection of filter flag support
    - seccomp: Action to log before allowing

  * implement errno action logging in seccomp for strict mode with snaps
    (LP: #1721676)
    - seccomp: Provide matching filter for introspection
    - seccomp: Sysctl to display available actions
    - seccomp: Operation for checking if an action is available
    - seccomp: Sysctl to configure actions that are allowed to be logged
    - seccomp: Selftest for detection of filter flag support
    - seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW

  * [Xenial] update OpenNSL kernel modules to 6.5.10 (LP: #1721511)
    - SAUCE: update OpenNSL kernel modules to 6.5.10

  * Xenial update to 4.4.90 stable release (LP: #1721550)
    - cifs: release auth_key.response for reconnect.
    - mac80211: flush hw_roc_start work before cancelling the ROC
    - KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
    - tracing: Fix trace_pipe behavior for instance traces
    - tracing: Erase irqsoff trace with empty write
    - md/raid5: fix a race condition in stripe batch
    - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
    - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
      nlms...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.