Xenial update: 4.4.187 upstream stable release
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Xenial |
Fix Released
|
Medium
|
Connor Kuehl | ||
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
* MIPS: ath79: fix ar933x uart parity mode
* MIPS: fix build on non-linux hosts
* dmaengine: imx-sdma: fix use-after-free on probe error path
* ath10k: Do not send probe response template for mesh
* ath9k: Check for errors when reading SREV register
* ath6kl: add some bounds checking
* ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
* batman-adv: fix for leaked TVLV handler.
* media: dvb: usb: fix use after free in dvb_usb_device_exit
* crypto: talitos - fix skcipher failure due to wrong output IV
* media: marvell-ccic: fix DMA s/g desc number calculation
* media: vpss: fix a potential NULL pointer dereference
* net: stmmac: dwmac1000: Clear unused address entries
* signal/
* af_key: fix leaks in key_pol_get_resp and dump_sp.
* xfrm: Fix xfrm sel prefix length validation
* media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
* net: phy: Check against net_device being NULL
* tua6100: Avoid build warnings.
* locking/lockdep: Fix merging of hlocks with non-zero references
* media: wl128x: Fix some error handling in fm_v4l2_
* cpupower : frequency-set -r option misses the last cpu in related cpu list
* net: fec: Do not use netdev messages too early
* net: axienet: Fix race condition causing TX hang
* s390/qdio: handle PENDING state for QEBSM devices
* perf test 6: Fix missing kvm module load for s390
* gpio: omap: fix lack of irqstatus_raw0 for OMAP4
* gpio: omap: ensure irq is enabled before wakeup
* regmap: fix bulk writes on paged registers
* bpf: silence warning messages in core
* rcu: Force inlining of rcu_read_lock()
* xfrm: fix sa selector validation
* perf evsel: Make perf_evsel__name() accept a NULL argument
* vhost_net: disable zerocopy by default
* EDAC/sysfs: Fix memory leak when creating a csrow object
* media: i2c: fix warning same module names
* ntp: Limit TAI-UTC offset
* timer_list: Guard procfs specific code
* acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
* media: coda: fix mpeg2 sequence number handling
* media: coda: increment sequence offset for the last returned frame
* mt7601u: do not schedule rx_tasklet when the device has been disconnected
* x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
* mt7601u: fix possible memory leak when the device is disconnected
* ath10k: fix PCIE device wake up failed
* rslib: Fix decoding of shortened codes
* rslib: Fix handling of of caller provided syndrome
* ixgbe: Check DDM existence in transceiver before access
* EDAC: Fix global-
* bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
* Bluetooth: hci_bcsp: Fix memory leak in rx_skb
* Bluetooth: 6lowpan: search for destination address in all peers
* Bluetooth: Check state in l2cap_disconnec
* Bluetooth: validate BLE connection interval updates
* crypto: ghash - fix unaligned memory access in ghash_setkey()
* crypto: arm64/sha1-ce - correct digest for empty data in finup
* crypto: arm64/sha2-ce - correct digest for empty data in finup
* Input: gtco - bounds check collection indent level
* regulator: s2mps11: Fix buck7 and buck8 wrong voltages
* tracing/snapshot: Resize spare buffer if size changed
* NFSv4: Handle the special Linux file open access mode
* lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
* ALSA: seq: Break too long mutex context in the write loop
* media: v4l2: Test type instead of cfg->type in v4l2_ctrl_
* media: coda: Remove unbalanced and unneeded mutex unlock
* KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
* drm/nouveau/i2c: Enable i2c pads & busses during preinit
* padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
* 9p/virtio: Add cleanup path in p9_virtio_init
* PCI: Do not poll for PME if the device is in D3cold
* take floppy compat ioctls to sodding floppy.c
* floppy: fix out-of-bounds read in next_valid_format
* floppy: fix invalid pointer dereference in drive_name
* coda: pass the host file in vma->vm_file on mmap
* gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
* parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
* powerpc/32s: fix suspend/resume when IBATs 4-7 are used
* powerpc/watchpoint: Restore NV GPRs while returning from exception
* eCryptfs: fix a couple type promotion bugs
* intel_th: msu: Fix single mode with disabled IOMMU
* Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
* usb: Handle USB3 remote wakeup for LPM enabled devices correctly
* dm bufio: fix deadlock with loop device
* bnx2x: Prevent load reordering in tx completion processing
* caif-hsi: fix possible deadlock in cfhsi_exit_module()
* ipv4: don't set IPv6 only flags to IPv4 addresses
* net: bcmgenet: use promisc for unsupported filters
* net: neigh: fix multiple neigh timer scheduling
* nfc: fix potential illegal memory access
* sky2: Disable MSI on ASUS P6T
* netrom: fix a memory leak in nr_rx_frame()
* netrom: hold sock when setting skb->destructor
* tcp: Reset bytes_acked and bytes_received when disconnecting
* bonding: validate ip header before check IPPROTO_IGMP
* net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
* net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
* net: bridge: stp: don't cache eth dest pointer before skb pull
* elevator: fix truncation of icq_cache_name
* NFSv4: Fix open create exclusive when the server reboots
* nfsd: increase DRC cache limit
* nfsd: give out fewer session slots as limit approaches
* nfsd: fix performance-
* nfsd: Fix overflow causing non-working mounts on 1 TB machines
* drm/panel: simple: Fix panel_simple_
* usb: core: hub: Disable hub-initiated U1/U2
* tty: max310x: Fix invalid baudrate divisors calculator
* pinctrl: rockchip: fix leaked of_node references
* tty: serial: cpm_uart - fix init when SMC is relocated
* memstick: Fix error cleanup path of memstick_init
* tty/serial: digicolor: Fix digicolor-usart already registered warning
* tty: serial: msm_serial: avoid system lockup condition
* drm/virtio: Add memory barriers for capset cache.
* phy: renesas: rcar-gen2: Fix memory leak at error paths
* usb: gadget: Zero ffs_io_data
* powerpc/pci/of: Fix OF flags parsing for 64bit BARs
* PCI: sysfs: Ignore lockdep for remove attribute
* iio: iio-utils: Fix possible incorrect mask calculation
* recordmcount: Fix spurious mcount entries on powerpc
* mfd: core: Set fwnode for created devices
* mfd: arizona: Fix undefined behavior
* um: Silence lockdep complaint about mmap_sem
* powerpc/4xx/uic: clear pending interrupt after irq type/pol change
* serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
* kallsyms: exclude kasan local symbols on s390
* perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
* f2fs: avoid out-of-range memory access
* mailbox: handle failed named mailbox channel request
* powerpc/eeh: Handle hugepages in ioremap space
* sh: prevent warnings when using iounmap
* mm/kmemleak.c: fix check for softirq context
* 9p: pass the correct prototype to read_cache_page
* mm/mmu_notifier: use hlist_add_
* locking/lockdep: Fix lock used or unused stats error
* locking/lockdep: Hide unused 'class' variable
* usb: wusbcore: fix unbalanced get/put cluster_id
* usb: pci-quirks: Correct AMD PLL quirk detection
* x86/sysfb_efi: Add quirks for some devices with swapped width and height
* x86/speculation
* hpet: Fix division by zero in hpet_time_div()
* ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
* ALSA: hda - Add a conexant codec entry to let mute led work
* access: avoid the RCU grace period for the temporary subjective credentials
* vmstat: Remove BUG_ON from vmstat_update
* mm, vmstat: make quiet_vmstat lighter
* ipv6: check sk sk_type and protocol early in ip_mroute_
* tcp: reset sk_send_head in tcp_write_
* ISDN: hfcsusb: checking idx of ep configuration
* media: cpia2_usb: first wake up, then free in disconnect
* media: radio-raremono: change devm_k*alloc to k*alloc
* Bluetooth: hci_uart: check for missing tty operations
* sched/fair: Don't free p->numa_faults with concurrent readers
* drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
* ceph: hold i_ceph_lock when removing caps for freeing inode
* Linux 4.4.187
4.4.187 upstream stable release
from git://git.
CVE References
| Changed in linux (Ubuntu): | |
| status: | New → Confirmed |
| tags: | added: kernel-stable-tracking-bug |
| Changed in linux (Ubuntu): | |
| status: | Confirmed → Invalid |
| Changed in linux (Ubuntu Xenial): | |
| status: | New → In Progress |
| importance: | Undecided → Medium |
| assignee: | nobody → Connor Kuehl (connork) |
| Connor Kuehl (connork) wrote | #1 |
| description: | updated |
| description: | updated |
| description: | updated |
| Changed in linux (Ubuntu Xenial): | |
| status: | In Progress → Fix Committed |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in linux (Ubuntu Xenial): | |
| status: | Fix Committed → Fix Released |
The following patches have already been applied:
* floppy: fix div-by-zero in setup_format_params
* floppy: fix out-of-bounds read in copy_buffer
* powerpc/tm: Fix oops on sigreturn on systems without TM