Ubuntu
linux package

Xenial update: v4.4.238 upstream stable release

Xenial (16.04)
Bug #1899506

Bug #1899506 reported by Kamal Mostafa on 2020-10-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Xenial	Fix Released	Medium	Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

v4.4.238 upstream stable release
from git://git.kernel.org/

af_key: pfkey_dump needs parameter validation
KVM: fix memory leak in kvm_io_bus_unregister_dev()
kprobes: fix kill kprobe which has been marked as gone
ftrace: Setup correct FTRACE_FL_REGS flags for module
RDMA/ucma: ucma_context reference leak in error path
mtd: Fix comparison in map_word_andequal()
hdlc_ppp: add range checks in ppp_cp_parse_cr()
tipc: use skb_unshare() instead in tipc_buf_append()
net: add __must_check to skb_put_padto()
ip: fix tos reflection in ack and reset packets
serial: 8250: Avoid error message on reprobe
scsi: aacraid: fix illegal IO beyond last LBA
m68k: q40: Fix info-leak in rtc_ioctl
gma/gma500: fix a memory disclosure bug due to uninitialized bytes
ASoC: kirkwood: fix IRQ error handling
PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup()
mfd: mfd-core: Protect against NULL call-back function pointer
tracing: Adding NULL checks for trace_array descriptor pointer
bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
xfs: fix attr leaf header freemap.size underflow
kernel/sys.c: avoid copying possible padding bytes in copy_to_user
neigh_stat_seq_next() should increase position index
rt_cpu_seq_next should increase position index
seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
ACPI: EC: Reference count query handlers under lock
tracing: Set kernel_stack's caller size properly
ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
Bluetooth: Fix refcount use-after-free issue
mm: pagewalk: fix termination condition in walk_pte_range()
Bluetooth: prefetch channel before killing sock
skbuff: fix a data race in skb_queue_len()
audit: CONFIG_CHANGE don't log internal bookkeeping as an event
selinux: sel_avc_get_stat_idx should increase position index
scsi: lpfc: Fix RQ buffer leakage when no IOCBs available
drm/omap: fix possible object reference leak
dmaengine: tegra-apb: Prevent race conditions on channel's freeing
media: go7007: Fix URB type for interrupt handling
Bluetooth: guard against controllers sending zero'd events
drm/amdgpu: increase atombios cmd timeout
Bluetooth: L2CAP: handle l2cap config request during open state
media: tda10071: fix unsigned sign extension overflow
tpm: ibmvtpm: Wait for buffer to be set before proceeding
tracing: Use address-of operator on section symbols
serial: 8250_omap: Fix sleeping function called from invalid context during probe
SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor
mm/filemap.c: clear page error before actual read
mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
bdev: Reduce time holding bd_mutex in sync in blkdev_close()
drivers: char: tlclk.c: Avoid data race between init and interrupt handler
dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion
atm: fix a memory leak of vcc->user_back
phy: samsung: s5pv210-usb2: Add delay after reset
Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
tty: serial: samsung: Correct clock selection logic
ALSA: hda: Fix potential race in unsol event handler
fuse: don't check refcount after stealing page
USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
e1000: Do not perform reset in reset_task if we are already down
printk: handle blank console arguments passed in.
vfio/pci: fix memory leaks of eventfd ctx
perf kcore_copy: Fix module map when there are no modules loaded
mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
ceph: fix potential race in ceph_check_caps
mtd: parser: cmdline: Support MTD names containing one or more colons
x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
vfio/pci: Clear error and request eventfd ctx after releasing
vfio/pci: fix racy on error and request eventfd ctx
s390/init: add missing __init annotations
batman-adv: bla: fix type misuse for backbone_gw hash indexing
atm: eni: fix the missed pci_disable_device() for eni_init_one()
batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
ALSA: asihpi: fix iounmap in error handler
MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
tty: vt, consw->con_scrolldelta cleanup
kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
lib/string.c: implement stpcpy
ata: define AC_ERR_OK
ata: make qc_prep return ata_completion_errors
ata: sata_mv, avoid trigerrable BUG_ON
Linux 4.4.238
UBUNTU: upstream stable to v4.4.238

See original description

Tags:

CVE References

Kamal Mostafa (kamalmostafa) on 2020-10-12

Changed in linux (Ubuntu):
status:	New → Confirmed
tags:	added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
status:	New → In Progress
assignee:	nobody → Kamal Mostafa (kamalmostafa)
description:	updated

Stefan Bader (smb) on 2020-10-21

Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed
importance:	Undecided → Medium
Changed in linux (Ubuntu):
status:	Confirmed → Invalid

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-12-01:

Download full text (20.5 KiB)

This bug was fixed in the package linux - 4.4.0-197.229

---------------
linux (4.4.0-197.229) xenial; urgency=medium

* xenial/linux: 4.4.0-197.229 -proposed tracker (LP: #1905489)

* sha1_ce and sha2_ce modules no longer load on arm64 (LP: #1905336)
- SAUCE: Revert "crypto: arm64/sha - avoid non-standard inline asm tricks"

  * Fails to build on powerpc (LP: #1905475)
    - powerpc/uaccess-flush: fix corenet64_smp_defconfig build
    - SAUCE: powerpc/uaccess: only include kup-radix.h on PPC_BOOK3S_64

linux (4.4.0-196.228) xenial; urgency=medium

* xenial/linux: 4.4.0-196.228 -proposed tracker (LP: #1905309)

  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

linux (4.4.0-195.227) xenial; urgency=medium

* xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)

* Update kernel packaging to support forward porting kernels (LP: #1902957)
- [Debian] Update for leader included in BACKPORT_SUFFIX

* Avoid double newline when running insertchanges (LP: #1903293)
- [Packaging] insertchanges: avoid double newline

* EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
- efivarfs: Replace invalid slashes with exclamation marks in dentries.

* CVE-2020-14351
- perf/core: Fix race in the perf_mmap_close() function

* CVE-2020-25645
- geneve: add transport ports in route lookup for geneve

This bug was fixed in the package linux - 4.4.0-197.229

---------------
linux (4.4.0-197.229) xenial; urgency=medium

* xenial/linux: 4.4.0-197.229 -proposed tracker (LP: #1905489)

* sha1_ce and sha2_ce modules no longer load on arm64 (LP: #1905336)
    - SAUCE: Revert "crypto: arm64/sha - avoid non-standard inline asm tricks"

* Fails to build on powerpc (LP: #1905475)
    - powerpc/uaccess-flush: fix corenet64_smp_defconfig build
    - SAUCE: powerpc/uaccess: only include kup-radix.h on PPC_BOOK3S_64

linux (4.4.0-196.228) xenial; urgency=medium

* xenial/linux: 4.4.0-196.228 -proposed tracker (LP: #1905309)

linux (4.4.0-195.227) xenial; urgency=medium

* xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)

* Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

* Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

* EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

* CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

* CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

* Xenial update: v4.4.241 upstream stable release (LP: #1902097)
    - ibmveth: Identify ingress large send packets.
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - net/ipv4: always honour route mtu during forwarding
    - r8169: fix data corruption issue on RTL8402
    - ALSA: bebob: potential info leak in hwdep_read()
    - mm/kasan: print name of mem[set,cpy,move]() caller in report
    - mm/kasan: add API to check memory regions
    - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
    - compiler.h: Add read_word_at_a_time() function.
    - lib/strscpy: Shut up KASAN false-positives in strscpy()
    - x86/mm/ptdump: Fix soft lockup in page table walker
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - cifs: remove bogus debug code
    - ima: Don't ignore errors from crypto_shash_update()
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
    - media: m5mols: Check function pointer in m5mols_sensor_power
    - media: omap3isp: Fix memleak in isp_probe
    - crypto: omap-sham - fix digcnt register handling with export/import
    - media: tc358743: initialize variable
    - media: ti-vpe: Fix a missing check and reference count leak
    - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
    - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
    - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
    - mwifiex: Do not use GFP_KERNEL in atomic context
    - drm/gma500: fix error check
    - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
    - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
    - backlight: sky81452-backlight: Fix refcount imbalance on error
    - VMCI: check return value of get_user_pages_fast() for errors
    - tty: serial: earlycon dependency
    - pty: do tty_flip_buffer_push without port->lock in pty_write
    - drivers/virt/fsl_hypervisor: Fix error handling path
    - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
    - video: fbdev: sis: fix null ptr dereference
    - HID: roccat: add bounds checking in kone_sysfs_write_settings()
    - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
    - misc: mic: scif: Fix error handling path
    - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
    - quota: clear padding in v2r1_mem2diskdqb()
    - net: enic: Cure the enic api locking trainwreck
    - mfd: sm501: Fix leaks in probe()
    - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
    - nl80211: fix non-split wiphy information
    - mwifiex: fix double free
    - net: korina: fix kfree of rx/tx descriptor array
    - IB/mlx4: Adjust delayed work when a dup is observed
    - powerpc/pseries: Fix missing of_node_put() in rng_init()
    - powerpc/icp-hv: Fix missing of_node_put() in success path
    - mtd: lpddr: fix excessive stack usage with clang
    - mtd: mtdoops: Don't write panic data twice
    - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
    - powerpc/tau: Use appropriate temperature sample interval
    - powerpc/tau: Remove duplicated set_thresholds() call
    - powerpc/tau: Disable TAU between measurements
    - perf intel-pt: Fix "context_switch event has no tid" error
    - kdb: Fix pager search for multi-line strings
    - powerpc/perf/hv-gpci: Fix starting index value
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
    - lib/crc32.c: fix trivial typo in preprocessor condition
    - vfio/pci: Clear token on bypass registration failure
    - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
    - Input: ep93xx_keypad - fix handling of platform_get_irq() error
    - Input: omap4-keypad - fix handling of platform_get_irq() error
    - Input: sun4i-ps2 - fix handling of platform_get_irq() error
    - KVM: x86: emulating RDPID failure shall return #UD rather than #GP
    - memory: omap-gpmc: Fix a couple off by ones
    - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
    - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
    - powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
      handler
    - powerpc/powernv/dump: Fix race while processing OPAL dump
    - media: firewire: fix memory leak
    - media: ati_remote: sanity check for both endpoints
    - media: exynos4-is: Fix several reference count leaks due to
      pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak
    - media: bdisp: Fix runtime PM imbalance on error
    - media: media/pci: prevent memory leak in bttv_probe
    - media: uvcvideo: Ensure all probed info is returned to v4l2
    - mmc: sdio: Check for CISTPL_VERS_1 buffer size
    - media: saa7134: avoid a shift overflow
    - ntfs: add check for mft record size in superblock
    - PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
    - scsi: mvumi: Fix error return in mvumi_io_attach()
    - scsi: target: core: Add CONTROL field for trace events
    - usb: gadget: function: printer: fix use-after-free in __lock_acquire
    - udf: Limit sparing table size
    - udf: Avoid accessing uninitialized data on failed inode read
    - ath9k: hif_usb: fix race condition between usb_get_urb() and
      usb_kill_anchored_urbs()
    - misc: rtsx: Fix memory leak in rtsx_pci_probe
    - reiserfs: only call unlock_new_inode() if I_NEW
    - xfs: make sure the rt allocator doesn't run off the end
    - usb: ohci: Default to per-port over-current protection
    - Bluetooth: Only mark socket zapped after unlocking
    - scsi: ibmvfc: Fix error return in ibmvfc_probe()
    - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
    - rtl8xxxu: prevent potential memory leak
    - Fix use after free in get_capset_info callback.
    - tty: ipwireless: fix error handling
    - ipvs: Fix uninit-value in do_ip_vs_set_ctl()
    - reiserfs: Fix memory leak in reiserfs_parse_options()
    - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
    - usb: core: Solve race condition in anchor cleanup functions
    - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
    - net: korina: cast KSEG0 address to pointer in kfree
    - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
    - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
    - Linux 4.4.241

* Xenial update: v4.4.240 upstream stable release (LP: #1902096)
    - Bluetooth: MGMT: Fix not checking if BT_HS is enabled
    - Bluetooth: fix kernel oops in store_pending_adv_report
    - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
    - Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
    - Bluetooth: Disconnect if E0 is used for Level 4
    - media: usbtv: Fix refcounting mixup
    - USB: serial: option: add Cellient MPL200 card
    - USB: serial: option: Add Telit FT980-KS composition
    - staging: comedi: check validity of wMaxPacketSize of usb endpoints found
    - USB: serial: pl2303: add device-id for HP GC device
    - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
    - reiserfs: Initialize inode keys properly
    - reiserfs: Fix oops during mount
    - spi: unbinding slave before calling spi_destroy_queue
    - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
    - Linux 4.4.240

* Xenial update: v4.4.239 upstream stable release (LP: #1902095)
    - gpio: tc35894: fix up tc35894 interrupt configuration
    - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
    - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config
    - net: dec: de2104x: Increase receive ring size for Tulip
    - rndis_host: increase sleep time in the query-response loop
    - drivers/net/wan/lapbether: Make skb->protocol consistent with the header
    - drivers/net/wan/hdlc: Set skb->protocol before transmitting
    - nfs: Fix security label length not being reset
    - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate()
    - i2c: cpm: Fix i2c_ram structure
    - epoll: do not insert into poll queues until all sanity checks are done
    - epoll: replace ->visited/visited_list with generation count
    - epoll: EPOLL_CTL_ADD: close the race in decision to take fast path
    - ep_create_wakeup_source(): dentry name can change under you...
    - netfilter: ctnetlink: add a range check for l3/l4 protonum
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
    - Revert "ravb: Fixed to be able to unload modules"
    - fbcon: Fix global-out-of-bounds read in fbcon_get_font()
    - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
    - usermodehelper: reset umask to default before executing user process
    - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable
    - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse
    - driver core: Fix probe_count imbalance in really_probe()
    - perf top: Fix stdio interface input handling with glibc 2.28+
    - sctp: fix sctp_auth_init_hmacs() error path
    - team: set dev->needed_headroom in team_setup_by_port()
    - net: team: fix memory leak in __team_options_register
    - mtd: nand: Provide nand_cleanup() function to free NAND related resources
    - xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
    - xfrm: clone whole liftime_cur structure in xfrm_do_migrate
    - net: stmmac: removed enabling eee in EEE set callback
    - xfrm: Use correct address family in xfrm_state_find
    - bonding: set dev->needed_headroom in bond_setup_by_slave()
    - rxrpc: Fix rxkad token xdr encoding
    - rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
    - rxrpc: Fix server keyring leak
    - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
    - Linux 4.4.239

* CVE-2020-12352
    - Bluetooth: A2MP: Fix not initializing all members

* CVE-2020-0427
    - pinctrl: devicetree: Avoid taking direct reference to device name string

* Xenial update: v4.4.238 upstream stable release (LP: #1899506)
    - af_key: pfkey_dump needs parameter validation
    - KVM: fix memory leak in kvm_io_bus_unregister_dev()
    - kprobes: fix kill kprobe which has been marked as gone
    - ftrace: Setup correct FTRACE_FL_REGS flags for module
    - RDMA/ucma: ucma_context reference leak in error path
    - mtd: Fix comparison in map_word_andequal()
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()
    - tipc: use skb_unshare() instead in tipc_buf_append()
    - net: add __must_check to skb_put_padto()
    - ip: fix tos reflection in ack and reset packets
    - serial: 8250: Avoid error message on reprobe
    - scsi: aacraid: fix illegal IO beyond last LBA
    - m68k: q40: Fix info-leak in rtc_ioctl
    - gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    - ASoC: kirkwood: fix IRQ error handling
    - PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out
    - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of
      cfi_amdstd_setup()
    - mfd: mfd-core: Protect against NULL call-back function pointer
    - tracing: Adding NULL checks for trace_array descriptor pointer
    - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
    - xfs: fix attr leaf header freemap.size underflow
    - kernel/sys.c: avoid copying possible padding bytes in copy_to_user
    - neigh_stat_seq_next() should increase position index
    - rt_cpu_seq_next should increase position index
    - seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier
    - ACPI: EC: Reference count query handlers under lock
    - tracing: Set kernel_stack's caller size properly
    - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter
    - Bluetooth: Fix refcount use-after-free issue
    - mm: pagewalk: fix termination condition in walk_pte_range()
    - Bluetooth: prefetch channel before killing sock
    - skbuff: fix a data race in skb_queue_len()
    - audit: CONFIG_CHANGE don't log internal bookkeeping as an event
    - selinux: sel_avc_get_stat_idx should increase position index
    - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available
    - drm/omap: fix possible object reference leak
    - dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    - media: go7007: Fix URB type for interrupt handling
    - Bluetooth: guard against controllers sending zero'd events
    - drm/amdgpu: increase atombios cmd timeout
    - Bluetooth: L2CAP: handle l2cap config request during open state
    - media: tda10071: fix unsigned sign extension overflow
    - tpm: ibmvtpm: Wait for buffer to be set before proceeding
    - tracing: Use address-of operator on section symbols
    - serial: 8250_omap: Fix sleeping function called from invalid context during
      probe
    - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()'
    - ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
    - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra
      endpoint descriptor
    - mm/filemap.c: clear page error before actual read
    - mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area
    - KVM: Remove CREATE_IRQCHIP/SET_PIT2 race
    - bdev: Reduce time holding bd_mutex in sync in blkdev_close()
    - drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    - dt-bindings: sound: wm8994: Correct required supplies based on actual
      implementaion
    - atm: fix a memory leak of vcc->user_back
    - phy: samsung: s5pv210-usb2: Add delay after reset
    - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete
    - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe()
    - tty: serial: samsung: Correct clock selection logic
    - ALSA: hda: Fix potential race in unsol event handler
    - fuse: don't check refcount after stealing page
    - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    - e1000: Do not perform reset in reset_task if we are already down
    - printk: handle blank console arguments passed in.
    - vfio/pci: fix memory leaks of eventfd ctx
    - perf kcore_copy: Fix module map when there are no modules loaded
    - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error
    - ceph: fix potential race in ceph_check_caps
    - mtd: parser: cmdline: Support MTD names containing one or more colons
    - x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
    - vfio/pci: Clear error and request eventfd ctx after releasing
    - vfio/pci: fix racy on error and request eventfd ctx
    - s390/init: add missing __init annotations
    - batman-adv: bla: fix type misuse for backbone_gw hash indexing
    - atm: eni: fix the missed pci_disable_device() for eni_init_one()
    - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
    - ALSA: asihpi: fix iounmap in error handler
    - MIPS: Add the missing 'CPU_1074K' into __get_cpu_type()
    - tty: vt, consw->con_scrolldelta cleanup
    - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
    - lib/string.c: implement stpcpy
    - ata: define AC_ERR_OK
    - ata: make qc_prep return ata_completion_errors
    - ata: sata_mv, avoid trigerrable BUG_ON
    - Linux 4.4.238

* *-tools-common packages descriptions have typo "PGKVER" (LP: #1898903)
    - [Packaging] Fix typo in -tools template s/PGKVER/PKGVER/

* Xenial update: v4.4.237 upstream stable release (LP: #1897602)
    - ARM: dts: socfpga: fix register entry for timer3 on Arria10
    - scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA
    - drivers/net/wan/lapbether: Added needed_tailroom
    - firestream: Fix memleak in fs_open
    - drivers/net/wan/lapbether: Set network_header before transmitting
    - xfs: initialize the shortform attr header padding entry
    - drivers/net/wan/hdlc_cisco: Add hard_header_len
    - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    - gcov: Disable gcov build with GCC 10
    - iio: adc: mcp3422: fix locking scope
    - iio: adc: mcp3422: fix locking on error path
    - iio:light:ltr501 Fix timestamp alignment issue.
    - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak.
    - iio:accel:mma8452: Fix timestamp alignment and prevent data leak.
    - USB: core: add helpers to retrieve endpoints
    - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
    - btrfs: fix wrong address when faulting in pages in the search ioctl
    - scsi: target: iscsi: Fix hang in iscsit_access_np() when getting
      tpg->np_login_sem
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping
    - fbcon: remove soft scrollback code
    - fbcon: remove now unusued 'softback_lines' cursor() argument
    - vgacon: remove software scrollback support
    - [Config] updateconfigs for VGACON_SOFT_SCROLLBACK
    - KVM: VMX: Don't freeze guest when event delivery causes an APIC-access exit
    - video: fbdev: fix OOB read in vga_8planes_imageblit()
    - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter
    - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    - usb: Fix out of sync data toggle if a configured device is reconfigured
    - gcov: add support for GCC 10.1
    - NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall
    - scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort
    - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery
    - SUNRPC: stop printk reading past end of string
    - rapidio: Replace 'select' DMAENGINES 'with depends on'
    - i2c: algo: pca: Reapply i2c bus settings after reset
    - MIPS: SNI: Fix MIPS_L1_CACHE_SHIFT
    - perf test: Free formats for perf pmu parse test
    - fbcon: Fix user font detection test at fbcon_resize().
    - MIPS: SNI: Fix spurious interrupts
    - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
      notebook
    - USB: UAS: fix disconnect by unplugging a hub
    - usblp: fix race between disconnect() and read()
    - Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
    - serial: 8250_pci: Add Realtek 816a and 816b
    - ehci-hcd: Move include to keep CRC stable
    - powerpc/dma: Fix dma_map_ops::get_required_mask
    - x86/defconfig: Enable CONFIG_USB_XHCI_HCD=y
    - Linux 4.4.237

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 25 Nov 2020 06:36:47 -0300

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package