Bug #1791731 “linux-kvm: 4.15.0-1022.22 -proposed tracker” : Bugs : linux-kvm package : Ubuntu

Kleber Sacilotto de Souza (kleber-souza) on 2018-09-10

tags:	added: kernel-release-tracking-bug
tags:	added: kernel-release-tracking-bug-live
tags:	added: bionic
Changed in linux-kvm (Ubuntu Bionic):
status:	New → Confirmed
Changed in linux-kvm (Ubuntu):
status:	New → Invalid
Changed in linux-kvm (Ubuntu Bionic):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	New → In Progress
importance:	Undecided → Medium
tags:	added: kernel-sru-cycle-2018.09.10
tags:	added: kernel-sru-derivative-of-1791719

Kleber Sacilotto de Souza (kleber-souza) on 2018-09-11

tags:	added: kernel-sru-cycle-2018.09.10-1
tags:	removed: kernel-sru-cycle-2018.09.10

Brad Figg (brad-figg) on 2018-09-12

description:	updated
description:	updated

Khaled El Mously (kmously) on 2018-09-12

summary:

- linux-kvm: <version to be filled> -proposed tracker
+ linux-kvm: 4.15.0-1022.22 -proposed tracker

Brad Figg (brad-figg) on 2018-09-13

description:	updated
description:	updated

Brad Figg (brad-figg) on 2018-09-13

description:	updated
description:	updated

Brad Figg (brad-figg) on 2018-09-13

tags:	added: block-proposed-bionic
tags:	added: block-proposed

Brad Figg (brad-figg) on 2018-09-14

description:	updated
description:	updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-01:

#1

Download full text (23.8 KiB)

This bug was fixed in the package linux-kvm - 4.15.0-1023.23

---------------
linux-kvm (4.15.0-1023.23) bionic; urgency=medium

[ Ubuntu: 4.15.0-36.39 ]

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation
  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux-kvm (4.15.0-1022.22) bionic; urgency=medium

* linux-kvm: 4.15.0-1022.22 -proposed tracker (LP: #1791731)

* [Regression] kernel crashdump fails on arm64 (LP: #1786878)
- [Config] CONFIG_ARCH_SUPPORTS_ACPI=y

* please include the kernel module IPIP (LP: #1790605)
- kvm: [config] enable CONFIG_NET_IPIP

[ Ubuntu: 4.15.0-35.38 ]

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)
  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests
  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled
  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled
  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page
  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.
  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB
  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderb...

This bug was fixed in the package linux-kvm - 4.15.0-1023.23

---------------
linux-kvm (4.15.0-1023.23) bionic; urgency=medium

[ Ubuntu: 4.15.0-36.39 ]

* CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation
  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux-kvm (4.15.0-1022.22) bionic; urgency=medium

* linux-kvm: 4.15.0-1022.22 -proposed tracker (LP: #1791731)

* [Regression] kernel crashdump fails on arm64 (LP: #1786878)
    - [Config] CONFIG_ARCH_SUPPORTS_ACPI=y

* please include the kernel module IPIP (LP: #1790605)
    - kvm: [config] enable CONFIG_NET_IPIP

[ Ubuntu: 4.15.0-35.38 ]

* linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)
  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests
  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled
  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled
  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page
  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.
  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB
  * Support Power Management for Thunderbolt Controller  (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM
  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup
  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018-3639 (arm64)
    - arm64: alternatives: Add dynamic patching feature
    - KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
    - KVM: arm64: Avoid storing the vcpu pointer on the stack
    - arm/arm64: smccc: Add SMCCC-specific return codes
    - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
    - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
    - arm64: Add ARCH_WORKAROUND_2 probing
    - arm64: Add 'ssbd' command-line option
    - arm64: ssbd: Add global mitigation state accessor
    - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
    - arm64: ssbd: Restore mitigation status on CPU resume
    - arm64: ssbd: Introduce thread flag to control userspace mitigation
    - arm64: ssbd: Add prctl interface for per-thread mitigation
    - arm64: KVM: Add HYP per-cpu accessors
    - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
    - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
    - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
    - [Config] ARM64_SSBD=y
  * Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
    - Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching
      process"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown
      message"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF
      response"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
      hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
      shift in hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
      assignment probelm"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
      configuration operation while resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
      phy driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
      resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
      register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
      frequently"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
      command queue register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
      global or core reset"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
      reset cause"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
      hclgevf_main module"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
      selftest"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add configure for mac minimal
      frame size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mailbox message truncated
      problem"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for l4 checksum offload bug"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for waterline not setting
      correctly"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mac pause not disable in
      pfc mode"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix tc setup when netdev is first
      up"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused struct member and
      definition"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix mislead parameter name"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify inconsistent bit mask
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use decimal for bit offset
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unreasonable code comments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove extra space and brackets"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: standardize the handle of return
      value"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unused function warning in VF
      driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify hnae_ to hnae3_"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead
      of kzalloc/dma_map_single"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: give default option while
      dependency HNS3 set"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some unused members of
      some structures"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove a redundant
      hclge_cmd_csq_done"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: using modulo for cyclic counters
      in hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove useless code in
      hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused
      hclge_ring_to_dma_dir"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use lower_32_bits and
      upper_32_bits"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove back in struct hclge_hw"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add unlikely for error check"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the Redundant put_vector
      in hns3_client_uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: print the ret value in error
      information"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: extraction an interface for state
      state init|uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused head file in
      hnae3.c"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add l4_type check for both ipv4
      and ipv6"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add vector status check before
      free vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: rename the interface for
      init_client_instance and uninit_client_instance"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove hclge_get_vector_index
      from hclge_bind_ring_with_vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: RX BD information valid only in
      last BD except VLD bit and buffer size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add support for serdes loopback
      selftest"
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: remove unused hclgevf_cfg_func_mta_filter
    - net: hns3: Fix for VF mailbox cannot receiving PF response
    - net: hns3: Fix for VF mailbox receiving unknown message
    - net: hns3: Optimize PF CMDQ interrupt switching process
    - net: hns3: remove hclge_get_vector_index from hclge_bind_ring_with_vector
    - net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - net: hns3: add vector status check before free vector
    - net: hns3: add l4_type check for both ipv4 and ipv6
    - net: hns3: add unlikely for error check
    - net: hns3: remove unused head file in hnae3.c
    - net: hns3: extraction an interface for state init|uninit
    - net: hns3: print the ret value in error information
    - net: hns3: remove the Redundant put_vector in hns3_client_uninit
    - net: hns3: remove back in struct hclge_hw
    - net: hns3: use lower_32_bits and upper_32_bits
    - net: hns3: remove unused hclge_ring_to_dma_dir
    - net: hns3: remove useless code in hclge_cmd_send
    - net: hns3: remove some redundant assignments
    - net: hns3: simplify hclge_cmd_csq_clean
    - net: hns3: remove a redundant hclge_cmd_csq_done
    - net: hns3: remove some unused members of some structures
    - net: hns3: give default option while dependency HNS3 set
    - net: hns3: use dma_zalloc_coherent instead of kzalloc/dma_map_single
    - net: hns3: modify hnae_ to hnae3_
    - net: hns3: Fix tc setup when netdev is first up
    - net: hns3: Fix for mac pause not disable in pfc mode
    - net: hns3: Fix for waterline not setting correctly
    - net: hns3: Fix for l4 checksum offload bug
    - net: hns3: Fix for mailbox message truncated problem
    - net: hns3: Add configure for mac minimal frame size
    - net: hns3: Fix warning bug when doing lp selftest
    - net: hns3: Fix get_vector ops in hclgevf_main module
    - net: hns3: Remove the warning when clear reset cause
    - net: hns3: Prevent sending command during global or core reset
    - net: hns3: Modify the order of initializing command queue register
    - net: hns3: Reset net device with rtnl_lock
    - net: hns3: Prevent to request reset frequently
    - net: hns3: Correct reset event status register
    - net: hns3: Fix return value error in hns3_reset_notify_down_enet
    - net: hns3: remove unnecessary ring configuration operation while resetting
    - net: hns3: Fix for reset_level default assignment probelm
    - net: hns3: Fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - net: hns3: Fix comments for hclge_get_ring_chain_from_mbx
    - net: hns3: Remove some redundant assignments
    - net: hns3: Standardize the handle of return value
    - net: hns3: Remove extra space and brackets
    - net: hns3: Correct unreasonable code comments
    - net: hns3: Use decimal for bit offset macros
    - net: hns3: Modify inconsistent bit mask macros
    - net: hns3: Fix misleading parameter name
    - net: hns3: Remove unused struct member and definition
    - net: hns3: Add SPDX tags to HNS3 PF driver
    - net: hns3: Add support for serdes loopback selftest
    - net: hns3: Fix for phy link issue when using marvell phy driver
    - SAUCE: {topost} net: hns3: separate roce from nic when resetting
  * CVE-2018-6555
    - SAUCE: irda: Only insert new objects into the global database via setsockopt
  * CVE-2018-6554
    - SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
  * Bionic update: upstream stable patchset 2018-08-31 (LP: #1790188)
    - netfilter: nf_tables: fix NULL pointer dereference on
      nft_ct_helper_obj_dump()
    - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
    - af_key: Always verify length of provided sadb_key
    - gpio: No NULL owner
    - KVM: X86: Fix reserved bits check for MOV to CR3
    - KVM: x86: introduce linear_{read,write}_system
    - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
      kvm_write_guest_virt_system
    - staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
    - NFC: pn533: don't send USB data off of the stack
    - usbip: vhci_sysfs: fix potential Spectre v1
    - usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
    - usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
    - Input: xpad - add GPD Win 2 Controller USB IDs
    - phy: qcom-qusb2: Fix crash if nvmem cell not specified
    - usb: gadget: function: printer: avoid wrong list handling in printer_write()
    - usb: gadget: udc: renesas_usb3: disable the controller's irqs for
      reconnecting
    - serial: sh-sci: Stop using printk format %pCr
    - tty/serial: atmel: use port->name as name in request_irq()
    - serial: samsung: fix maxburst parameter for DMA transactions
    - serial: 8250: omap: Fix idling of clocks for unused uarts
    - vmw_balloon: fixing double free when batching mode is off
    - tty: pl011: Avoid spuriously stuck-off interrupts
    - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
    - Input: goodix - add new ACPI id for GPD Win 2 touch screen
    - crypto: caam - strip input zeros from RSA input buffer
    - crypto: caam - fix DMA mapping dir for generated IV
    - crypto: caam - fix IV DMA mapping and updating
    - crypto: caam/qi - fix IV DMA mapping and updating
    - crypto: caam - fix size of RSA prime factor q
    - crypto: vmx - Remove overly verbose printk from AES init routines
    - crypto: vmx - Remove overly verbose printk from AES XTS init
    - crypto: omap-sham - fix memleak
    - usb: typec: wcove: Remove dependency on HW FSM
    - usb: gadget: udc: renesas_usb3: fix double phy_put()
    - usb: gadget: udc: renesas_usb3: should remove debugfs
    - usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add
      udc
    - usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
    - usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
  * Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666)
    - scsi: sd_zbc: Avoid that resetting a zone fails sporadically
    - mmap: introduce sane default mmap limits
    - mmap: relax file size limit for regular files
    - btrfs: define SUPER_FLAG_METADUMP_V2
    - kconfig: Avoid format overflow warning from GCC 8.1
    - be2net: Fix error detection logic for BE3
    - bnx2x: use the right constant
    - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
    - enic: set DMA mask to 47 bit
    - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
    - ip6_tunnel: remove magic mtu value 0xFFF8
    - ipmr: properly check rhltable_init() return value
    - ipv4: remove warning in ip_recv_error
    - ipv6: omit traffic class when calculating flow hash
    - isdn: eicon: fix a missing-check bug
    - kcm: Fix use-after-free caused by clonned sockets
    - netdev-FAQ: clarify DaveM's position for stable backports
    - net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
    - net: metrics: add proper netlink validation
    - net/packet: refine check for priv area size
    - net: phy: broadcom: Fix bcm_write_exp()
    - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
    - packet: fix reserve calculation
    - qed: Fix mask for physical address in ILT entry
    - sctp: not allow transport timeout value less than HZ/5 for hb_timer
    - team: use netdev_features_t instead of u32
    - vhost: synchronize IOTLB message with dev cleanup
    - vrf: check the original netdevice for generating redirect
    - ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
    - net: phy: broadcom: Fix auxiliary control register reads
    - net-sysfs: Fix memory leak in XPS configuration
    - virtio-net: correctly transmit XDP buff after linearizing
    - net/mlx4: Fix irq-unsafe spinlock usage
    - tun: Fix NULL pointer dereference in XDP redirect
    - virtio-net: correctly check num_buf during err path
    - net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
    - virtio-net: fix leaking page for gso packet during mergeable XDP
    - rtnetlink: validate attributes in do_setlink()
    - cls_flower: Fix incorrect idr release when failing to modify rule
    - PCI: hv: Do not wait forever on a device that has disappeared
    - drm: set FMODE_UNSIGNED_OFFSET for drm files
    - l2tp: fix refcount leakage on PPPoL2TP sockets
    - mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
    - net: ethernet: ti: cpdma: correct error handling for chan create
    - net: ethernet: davinci_emac: fix error handling in probe()
    - net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
    - net : sched: cls_api: deal with egdev path only if needed
  * Bionic update: upstream stable patchset 2018-08-24 (LP: #1788897)
    - fix io_destroy()/aio_complete() race
    - mm: fix the NULL mapping case in __isolate_lru_page()
    - objtool: Support GCC 8's cold subfunctions
    - objtool: Support GCC 8 switch tables
    - objtool: Detect RIP-relative switch table references
    - objtool: Detect RIP-relative switch table references, part 2
    - objtool: Fix "noreturn" detection for recursive sibling calls
    - xfs: convert XFS_AGFL_SIZE to a helper function
    - xfs: detect agfl count corruption and reset agfl
    - Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI
    - Input: synaptics - add Lenovo 80 series ids to SMBus
    - Input: elan_i2c_smbus - fix corrupted stack
    - tracing: Fix crash when freeing instances with event triggers
    - tracing: Make the snapshot trigger work with instances
    - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
    - cfg80211: further limit wiphy names to 64 bytes
    - drm/amd/powerplay: Fix enum mismatch
    - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
    - platform/chrome: cros_ec_lpc: remove redundant pointer request
    - kbuild: clang: disable unused variable warnings only when constant
    - tcp: avoid integer overflows in tcp_rcv_space_adjust()
    - iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ
    - iio:buffer: make length types match kfifo types
    - iio:kfifo_buf: check for uint overflow
    - iio: adc: select buffer for at91-sama5d2_adc
    - MIPS: lantiq: gphy: Drop reboot/remove reset asserts
    - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
    - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
    - scsi: scsi_transport_srp: Fix shost to rport translation
    - stm class: Use vmalloc for the master map
    - hwtracing: stm: fix build error on some arches
    - IB/core: Fix error code for invalid GID entry
    - mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty()
    - Revert "rt2800: use TXOP_BACKOFF for probe frames"
    - intel_th: Use correct device when freeing buffers
    - drm/psr: Fix missed entry in PSR setup time table.
    - drm/i915/lvds: Move acpi lid notification registration to registration phase
    - drm/i915: Disable LVDS on Radiant P845
    - drm/vmwgfx: Use kasprintf
    - drm/vmwgfx: Fix host logging / guestinfo reading error paths
    - nvme: fix extended data LBA supported setting
    - iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after
      resume
    - x86/MCE/AMD: Define a function to get SMCA bank type
    - x86/mce/AMD: Pass the bank number to smca_get_bank_type()
    - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
    - x86/mce/AMD: Carve out SMCA get_block_address() code
    - x86/MCE/AMD: Cache SMCA MISC block addresses
  * errors when scanning partition table of corrupted AIX disk (LP: #1787281)
    - partitions/aix: fix usage of uninitialized lv_info and lvname structures
    - partitions/aix: append null character to print data from disk
  * tlbie master timeout checkstop (using NVidia/GPU) (LP: #1789772)
    - powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call
      __ptep_set_access_flags directly
    - powerpc/mm/radix: Move function from radix.h to pgtable-radix.c
    - powerpc/mm: Change function prototype
    - powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang
  * performance drop with ATS enabled (LP: #1788097)
    - powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage
  * [Regression] kernel crashdump fails on arm64 (LP: #1786878)
    - arm64: export memblock_reserve()d regions via /proc/iomem
    - drivers: acpi: add dependency of EFI for arm64
    - efi/arm: preserve early mapping of UEFI memory map longer for BGRT
    - efi/arm: map UEFI memory map even w/o runtime services enabled
    - arm64: acpi: fix alignment fault in accessing ACPI
    - [Config] CONFIG_ARCH_SUPPORTS_ACPI=y
    - arm64: fix ACPI dependencies
    - ACPI: fix menuconfig presentation of ACPI submenu
  * TB 16 issue on Dell Lattitude 7490 with large amount of data (LP: #1785780)
    - r8152: disable RX aggregation on new Dell TB16 dock
  * dell_wmi: Unknown key codes (LP: #1762385)
    - platform/x86: dell-wmi: Ignore new rfkill and fn-lock events
  * Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform
    - SAUCE: i2c:amd move out pointer in union i2c_event_base
    - SAUCE: i2c:amd Depends on ACPI
    - [Config] i2c: CONFIG_I2C_AMD_MP2=y on x86
  * r8169 no internet after suspending (LP: #1779817)
    - r8169: restore previous behavior to accept BIOS WoL settings
    - r8169: don't use MSI-X on RTL8168g
    - r8169: don't use MSI-X on RTL8106e
  * Fix Intel Cannon Lake LPSS I2C input clock (LP: #1789790)
    - mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock
  * Microphone cannot be detected with front panel audio combo jack on HP Z8-G4
    machine (LP: #1789145)
    - ALSA: hda/realtek - Fix HP Headset Mic can't record
  * Tango platform uses __initcall without further checks (LP: #1787945)
    - [Config] disable ARCH_TANGO
  * [18.10 FEAT] Add kernel config option "CONFIG_SCLP_OFB" (LP: #1787898)
    - [Config] CONFIG_SCLP_OFB=y for s390x

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Mon, 24 Sep 2018 17:20:08 +0200

Changed in linux-kvm (Ubuntu Bionic):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-08:

#2

This bug was fixed in the package linux-kvm - 4.18.0-1002.2

---------------
linux-kvm (4.18.0-1002.2) cosmic; urgency=medium

* linux-kvm: 4.18.0-1001.1 -proposed tracker (LP: #1795413)

  * Miscellaneous Ubuntu changes
    - kvm: [Config] CONFIG_HARDENED_USERCOPY=y
    - kvm: [Config] CONFIG_DEBUG_WX=y

-- Seth Forshee <email address hidden> Mon, 01 Oct 2018 09:27:19 -0500

Changed in linux-kvm (Ubuntu):
status:	Invalid → Fix Released

Andy Whitcroft (apw) on 2022-06-06

tags:	removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status:	In Progress → Fix Released

Ubuntu
linux-kvm package

linux-kvm: 4.15.0-1022.22 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Incomplete	Medium	Canonical Kernel Team
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Khaled El Mously
Prepare-package-meta	Fix Released	Medium	Khaled El Mously
Promote-to-proposed	Fix Released	Medium	Steve Langasek
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Confirmed	Medium	Canonical Kernel Team
Security-signoff	In Progress	Medium	Steve Beattie
Upload-to-ppa	New	Medium	Canonical Kernel Team
Verification-testing	Confirmed	Medium	Canonical Kernel Team
linux-kvm (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Medium	Unassigned

Ubuntulinux-kvm package

linux-kvm: 4.15.0-1022.22 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-kvm package