Zesty update to v4.10.5 stable release

Bug #1675032 reported by Tim Gardner on 2017-03-22
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Zesty
Undecided
Unassigned

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The v4.10.5 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

       The following patches from the v4.10.5 stable release shall be applied:

net/mlx5e: Register/unregister vport representors on interface attach/detach
net/mlx5e: Do not reduce LRO WQE size when not using build_skb
net/mlx5e: Fix broken CQE compression initialization
net/mlx5e: Update MPWQE stride size when modifying CQE compress state
net/mlx5e: Fix wrong CQE decompression
vxlan: correctly validate VXLAN ID against VXLAN_N_VID
vti6: return GRE_KEY for vti6
vxlan: don't allow overwrite of config src addr
ipv4: add missing initialization for flowi4_uid
ipv4: mask tos for input route
sctp: set sin_port for addr param when checking duplicate address
net sched actions: decrement module reference count after table flush.
l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv
vxlan: lock RCU on TX path
geneve: lock RCU on TX path
mlxsw: spectrum_router: Avoid potential packets loss
net: bridge: allow IPv6 when multicast flood is disabled
net: don't call strlen() on the user buffer in packet_bind_spkt()
net: net_enable_timestamp() can be called from irq contexts
ipv6: orphan skbs in reassembly unit
dccp: Unlock sock before calling sk_free()
amd-xgbe: Stop the PHY before releasing interrupts
amd-xgbe: Be sure to set MDIO modes on device (re)start
amd-xgbe: Don't overwrite SFP PHY mod_absent settings
bonding: use ETH_MAX_MTU as max mtu
strparser: destroy workqueue on module exit
tcp: fix various issues for sockets morphing to listen state
net: fix socket refcounting in skb_complete_wifi_ack()
net: fix socket refcounting in skb_complete_tx_timestamp()
net/sched: act_skbmod: remove unneeded rcu_read_unlock in tcf_skbmod_dump
dccp: fix use-after-free in dccp_feat_activate_values
team: use ETH_MAX_MTU as max mtu
vrf: Fix use-after-free in vrf_xmit
net/tunnel: set inner protocol in network gro hooks
uapi: fix linux/packet_diag.h userspace compilation error
amd-xgbe: Enable IRQs only if napi_complete_done() is true
act_connmark: avoid crashing on malformed nlattrs with null parms
mpls: Send route delete notifications when router module is unloaded
mpls: Do not decrement alive counter for unregister events
ipv6: make ECMP route replacement less greedy
ipv6: avoid write to a possibly cloned skb
net: use net->count to check whether a netns is alive or not
dccp/tcp: fix routing redirect race
tun: fix premature POLLOUT notification on tun devices
dccp: fix memory leak during tear-down of unsuccessful connection request
arm64: KVM: VHE: Clear HCR_TGE when invalidating guest TLBs
drm/i915/lspcon: Enable AUX interrupts for resume time initialization
drm/i915/gen9+: Enable hotplug detection early
drm/i915/lspcon: Fix resume time initialization due to unasserted HPD
x86/unwind: Fix last frame check for aligned function stacks
x86/tsc: Fix ART for TSC_KNOWN_FREQ
x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y
x86/intel_rdt: Put group node in rdtgroup_kn_unlock
x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
futex: Fix potential use-after-free in FUTEX_REQUEUE_PI
futex: Add missing error handling to FUTEX_REQUEUE_PI
locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y
crypto: powerpc - Fix initialisation of crc32c context
crypto: s5p-sss - Fix spinlock recursion on LRW(AES)
Linux 4.10.5

CVE References

Tim Gardner (timg-tpi) on 2017-03-22
tags: added: kernel-stable-tracking-bug
description: updated
Launchpad Janitor (janitor) wrote :
Download full text (9.0 KiB)

This bug was fixed in the package linux - 4.10.0-15.17

---------------
linux (4.10.0-15.17) zesty; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1675868

  * In ZZ-BML (POWER9):ubuntu17.04 installation Fails (LP: #1675771)
    - powerpc/64s: fix handling of non-synchronous machine checks
    - powerpc/64s: allow machine check handler to set severity and initiator
    - powerpc/64s: POWER9 machine check handler

  * [Feature] R3 mwait support for Knights Mill (LP: #1637550)
    - x86/cpufeature: Enable RING3MWAIT for Knights Landing
    - x86/cpufeature: Enable RING3MWAIT for Knights Mill
    - x86/msr: Add MSR_MISC_FEATURE_ENABLES and RING3MWAIT bit
    - x86/elf: Add HWCAP2 to expose ring 3 MONITOR/MWAIT
    - x86/cpufeature: Add RING3MWAIT to CPU features

  * [Feature] GLK:New device IDs (LP: #1645951)
    - mfd: intel-lpss: Add Intel Gemini Lake PCI IDs
    - pwm: lpss: Add Intel Gemini Lake PCI ID
    - i2c: i801: Add support for Intel Gemini Lake
    - spi: pxa2xx: Add support for Intel Gemini Lake
    - [Config] CONFIG_PINCTRL_GEMINILAKE=m
    - pinctrl: intel: Add Intel Gemini Lake pin controller support

  * Zesty update to v4.10.5 stable release (LP: #1675032)
    - net/mlx5e: Register/unregister vport representors on interface attach/detach
    - net/mlx5e: Do not reduce LRO WQE size when not using build_skb
    - net/mlx5e: Fix broken CQE compression initialization
    - net/mlx5e: Update MPWQE stride size when modifying CQE compress state
    - net/mlx5e: Fix wrong CQE decompression
    - vxlan: correctly validate VXLAN ID against VXLAN_N_VID
    - vti6: return GRE_KEY for vti6
    - vxlan: don't allow overwrite of config src addr
    - ipv4: add missing initialization for flowi4_uid
    - ipv4: mask tos for input route
    - sctp: set sin_port for addr param when checking duplicate address
    - net sched actions: decrement module reference count after table flush.
    - l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv
    - vxlan: lock RCU on TX path
    - geneve: lock RCU on TX path
    - mlxsw: spectrum_router: Avoid potential packets loss
    - net: bridge: allow IPv6 when multicast flood is disabled
    - net: don't call strlen() on the user buffer in packet_bind_spkt()
    - net: net_enable_timestamp() can be called from irq contexts
    - ipv6: orphan skbs in reassembly unit
    - dccp: Unlock sock before calling sk_free()
    - amd-xgbe: Stop the PHY before releasing interrupts
    - amd-xgbe: Be sure to set MDIO modes on device (re)start
    - amd-xgbe: Don't overwrite SFP PHY mod_absent settings
    - bonding: use ETH_MAX_MTU as max mtu
    - strparser: destroy workqueue on module exit
    - tcp: fix various issues for sockets morphing to listen state
    - net: fix socket refcounting in skb_complete_wifi_ack()
    - net: fix socket refcounting in skb_complete_tx_timestamp()
    - net/sched: act_skbmod: remove unneeded rcu_read_unlock in tcf_skbmod_dump
    - dccp: fix use-after-free in dccp_feat_activate_values
    - team: use ETH_MAX_MTU as max mtu
    - vrf: Fix use-after-free in vrf_xmit
    - net/tunnel: set inner protocol in network gro hooks
    - uapi: fix linux/packet_diag.h use...

Read more...

Changed in linux (Ubuntu Zesty):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers