Bug #1884159 “Update lockdown patches” : Bugs : linux package : Ubuntu

Seth Forshee (sforshee) on 2020-06-18

Changed in linux (Ubuntu):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Critical
status:	New → In Progress
Changed in linux (Ubuntu Bionic):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Critical
status:	New → In Progress
Changed in linux (Ubuntu Eoan):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Critical
status:	New → In Progress
Changed in linux (Ubuntu Focal):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Critical
status:	New → In Progress

Seth Forshee (sforshee) on 2020-06-19

description:

updated

Khaled El Mously (kmously) on 2020-06-30

Changed in linux (Ubuntu Eoan):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed

Khaled El Mously (kmously) on 2020-06-30

Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2020-07-03:

#1

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-eoan' to 'verification-done-eoan'. If the problem still exists, change the tag 'verification-needed-eoan' to 'verification-failed-eoan'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-eoan

AceLan Kao (acelankao) on 2020-07-06

no longer affects:	linux-oem-osp1 (Ubuntu Xenial)
no longer affects:	linux-oem-osp1 (Ubuntu Eoan)
no longer affects:	linux-oem-osp1 (Ubuntu Focal)
Changed in linux-oem-osp1 (Ubuntu):
status:	New → Invalid
Changed in linux-oem-osp1 (Ubuntu Bionic):
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2020-07-06:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2020-07-06:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2020-07-07:

#4

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-xenial

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-12: Autopkgtest regression report (linux-hwe-5.0/5.0.0-57.61~18.04.1)

#5

All autopkgtests for the newly accepted linux-hwe-5.0 (5.0.0-57.61~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

linux-hwe-5.0/5.0.0-57.61~18.04.1 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-hwe-5.0

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-14: Autopkgtest regression report (linux-gcp-5.4/5.4.0-1021.21~18.04.1)

#6

All autopkgtests for the newly accepted linux-gcp-5.4 (5.4.0-1021.21~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

zfs-linux/0.7.5-1ubuntu16.9 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-gcp-5.4

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-14: Autopkgtest regression report (linux-azure-5.3/5.3.0-1034.35~18.04.1)

#7

All autopkgtests for the newly accepted linux-azure-5.3 (5.3.0-1034.35~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

zfs-linux/0.7.5-1ubuntu16.9 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-azure-5.3

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-15: Autopkgtest regression report (linux-aws-5.3/5.3.0-1032.34~18.04.1)

#8

All autopkgtests for the newly accepted linux-aws-5.3 (5.3.0-1032.34~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

zfs-linux/0.7.5-1ubuntu16.9 (arm64, amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-aws-5.3

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-15: Autopkgtest regression report (linux-aws-5.4/5.4.0-1020.20~18.04.2)

#9

All autopkgtests for the newly accepted linux-aws-5.4 (5.4.0-1020.20~18.04.2) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

zfs-linux/0.7.5-1ubuntu16.9 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-aws-5.4

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Ubuntu SRU Bot (ubuntu-sru-bot) wrote on 2020-07-16: Autopkgtest regression report (linux-gcp-5.3/5.3.0-1032.34~18.04.1)

#10

All autopkgtests for the newly accepted linux-gcp-5.3 (5.3.0-1032.34~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

zfs-linux/0.7.5-1ubuntu16.9 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-gcp-5.3

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message

Seth Forshee (sforshee) wrote on 2020-07-16:

#11

Tested against -proposed kernels for xenial, bionic, eoan, and focal. Tested against a suite of tests I wrote to exercise as many of the interfaces as possible which are restricted by kernel lockdown, and also tested against the applicable "American Unsigned Language" exploits [1]. Everything looks good.

[1] https://git.zx2c4.com/american-unsigned-language/

tags:

added: verification-done-bionic verification-done-eoan verification-done-focal verification-done-xenial
removed: verification-needed-bionic verification-needed-eoan verification-needed-focal verification-needed-xenial

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-20:

#12

This bug was fixed in the package linux - 5.4.0-42.46

---------------
linux (5.4.0-42.46) focal; urgency=medium

* focal/linux: 5.4.0-42.46 -proposed tracker (LP: #1887069)

* linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
- SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.4.0-41.45) focal; urgency=medium

* focal/linux: 5.4.0-41.45 -proposed tracker (LP: #1885855)

* Packaging resync (LP: #1786013)
- update dkms package versions

* CVE-2019-19642
- kernel/relay.c: handle alloc_percpu returning NULL in relay_open

* CVE-2019-16089
- SAUCE: nbd_genl_status: null check for nla_nest_start

* CVE-2020-11935
- aufs: do not call i_readcount_inc()

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - selftests: net: ip_defrag: ignore EPERM

* Update lockdown patches (LP: #1884159)
- SAUCE: acpi: disallow loading configfs acpi tables when locked down

* seccomp_bpf fails on powerpc (LP: #1885757)
- SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

-- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:50:26 -0400

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-20:

#13

This bug was fixed in the package linux - 4.15.0-112.113

---------------
linux (4.15.0-112.113) bionic; urgency=medium

* bionic/linux: 4.15.0-112.113 -proposed tracker (LP: #1887048)

* Packaging resync (LP: #1786013)
- update dkms package versions

  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount

* CVE-2020-10757
- mm: Fix mremap not considering huge pmd devmap

  * Update lockdown patches (LP: #1884159)
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: add read-only mode
    - powerpc/xmon: Restrict when kernel is locked down
    - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down

* seccomp_bpf fails on powerpc (LP: #1885757)
- SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

-- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:13:37 -0400

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-20:

#14

Download full text (19.5 KiB)

This bug was fixed in the package linux - 4.4.0-186.216

---------------
linux (4.4.0-186.216) xenial; urgency=medium

* xenial/linux: 4.4.0-186.216 -proposed tracker (LP: #1885514)

  * Xenial update: v4.4.228 upstream stable release (LP: #1884564)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - scsi: return correct blkprep status code in case scsi_init_io() fails.
    - net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well.
    - pwm: fsl-ftm: Use flat regmap cache
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - ath9k_htc: Silence undersized packet warnings
    - x86_64: Fix jiffies ODR violation
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: bcm2835aux: Fix controller unregister order
    - ALSA: pcm: disallow linking stream to itself
    - x86/speculation: Change misspelled STIPB to STIBP
    - x86/speculation: Add support for STIBP always-on preferred mode
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: dw: fix possible race condition
    - spi: dw: Fix controller unregister order
    - spi: No need to assign dummy value in spi_unregister_controller()
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource...

This bug was fixed in the package linux - 4.4.0-186.216

---------------
linux (4.4.0-186.216) xenial; urgency=medium

* xenial/linux: 4.4.0-186.216 -proposed tracker (LP: #1885514)

* Xenial update: v4.4.228 upstream stable release (LP: #1884564)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - scsi: return correct blkprep status code in case scsi_init_io() fails.
    - net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well.
    - pwm: fsl-ftm: Use flat regmap cache
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - ath9k_htc: Silence undersized packet warnings
    - x86_64: Fix jiffies ODR violation
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: bcm2835aux: Fix controller unregister order
    - ALSA: pcm: disallow linking stream to itself
    - x86/speculation: Change misspelled STIPB to STIBP
    - x86/speculation: Add support for STIBP always-on preferred mode
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: dw: fix possible race condition
    - spi: dw: Fix controller unregister order
    - spi: No need to assign dummy value in spi_unregister_controller()
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource: dw_apb_timer_of: Fix missing clockevent timers
    - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
    - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
    - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
      vmxnet3_get_rss()
    - staging: android: ion: use vmap instead of vm_map_ram
    - e1000: Distribute switch variables for initialization
    - media: dvb: return -EREMOTEIO on i2c transfer failure.
    - MIPS: Make sparse_init() using top-down allocation
    - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
    - lib/mpi: Fix 64-bit MIPS build with Clang
    - net: lpc-enet: fix error return code in lpc_mii_init()
    - net: allwinner: Fix use correct return type for ndo_start_xmit()
    - powerpc/spufs: fix copy_to_user while atomic
    - mips: cm: Fix an invalid error code of INTVN_*_ERR
    - kgdb: Fix spurious true from in_dbg_master()
    - md: don't flush workqueue unconditionally in md_open
    - mwifiex: Fix memory corruption in dump_station
    - mips: Add udelay lpj numbers adjustment
    - x86/mm: Stop printing BRK addresses
    - m68k: mac: Don't call via_flush_cache() on Mac IIfx
    - macvlan: Skip loopback packets in RX handler
    - PCI: Don't disable decoding when mmio_always_on is set
    - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
    - ixgbe: fix signed-integer-overflow warning
    - spi: dw: Return any value retrieved from the dma_transfer callback
    - cpuidle: Fix three reference count leaks
    - ima: Fix ima digest hash table key calculation
    - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
    - Btrfs: fix unreplayable log after snapshot delete + parent dir fsync
    - btrfs: send: emit file capabilities after chown
    - btrfs: fix error handling when submitting direct I/O bio
    - ima: Directly assign the ima_default_policy pointer to ima_rules
    - PCI: Program MPS for RCiEP devices
    - e1000e: Relax condition to trigger reset for ME workaround
    - carl9170: remove P2P_GO support
    - media: go7007: fix a miss of snd_card_free
    - b43legacy: Fix case where channel status is corrupted
    - b43: Fix connection problem with WPA3
    - b43_legacy: Fix connection problem with WPA3
    - igb: Report speed and duplex as unknown when device is runtime suspended
    - power: vexpress: add suppress_bind_attrs to true
    - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
    - sparc32: fix register window handling in genregs32_[gs]et()
    - kernel/cpu_pm: Fix uninitted local in cpu_pm
    - ARM: tegra: Correct PL310 Auxiliary Control Register initialization
    - drivers/macintosh: Fix memleak in windfarm_pm112 driver
    - kbuild: force to build vmlinux if CONFIG_MODVERSION=y
    - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate
      registrations.
    - sunrpc: clean up properly in gss_mech_unregister()
    - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
    - perf probe: Do not show the skipped events
    - perf symbols: Fix debuginfo search for Ubuntu
    - Linux 4.4.228

* Update lockdown patches (LP: #1884159)
    - acpi: Disable ACPI table override if the kernel is locked down
    - SAUCE: (efi-lockdown) x86/mmiotrace: Lock down the testmmiotrace module
    - Revert "Restrict /dev/mem and /dev/kmem when module loading is restricted"
    - Revert "x86: Lock down IO port access when module security is enabled"
    - SAUCE: (efi-lockdown) Restrict /dev/{mem, kmem, port} when the kernel is
      locked down
    - Annotate module params that specify hardware parameters (eg. ioport)
    - Annotate hardware config module parameters in arch/x86/mm/
    - Annotate hardware config module parameters in drivers/char/ipmi/
    - Annotate hardware config module parameters in drivers/char/mwave/
    - Annotate hardware config module parameters in drivers/char/
    - Annotate hardware config module parameters in drivers/clocksource/
    - Annotate hardware config module parameters in drivers/cpufreq/
    - Annotate hardware config module parameters in drivers/gpio/
    - Annotate hardware config module parameters in drivers/i2c/
    - Annotate hardware config module parameters in drivers/input/
    - Annotate hardware config module parameters in drivers/isdn/
    - Annotate hardware config module parameters in drivers/media/
    - Annotate hardware config module parameters in drivers/misc/
    - Annotate hardware config module parameters in drivers/mmc/host/
    - Annotate hardware config module parameters in drivers/net/appletalk/
    - Annotate hardware config module parameters in drivers/net/arcnet/
    - Annotate hardware config module parameters in drivers/net/can/
    - Annotate hardware config module parameters in drivers/net/ethernet/
    - Annotate hardware config module parameters in drivers/net/hamradio/
    - Annotate hardware config module parameters in drivers/net/irda/
    - Annotate hardware config module parameters in drivers/net/wan/
    - Annotate hardware config module parameters in drivers/net/wireless/
    - Annotate hardware config module parameters in drivers/parport/
    - Annotate hardware config module parameters in drivers/pci/hotplug/
    - Annotate hardware config module parameters in drivers/pcmcia/
    - Annotate hardware config module parameters in drivers/scsi/
    - Annotate hardware config module parameters in drivers/staging/media/
    - Annotate hardware config module parameters in drivers/staging/speakup/
    - Annotate hardware config module parameters in drivers/staging/vme/
    - Annotate hardware config module parameters in drivers/tty/
    - Annotate hardware config module parameters in drivers/video/
    - Annotate hardware config module parameters in drivers/watchdog/
    - Annotate hardware config module parameters in fs/pstore/
    - Annotate hardware config module parameters in sound/drivers/
    - Annotate hardware config module parameters in sound/isa/
    - Annotate hardware config module parameters in sound/oss/
    - Annotate hardware config module parameters in sound/pci/
    - SAUCE: (efi-lockdown) Lock down module params that specify hardware
      parameters (eg. ioport)
    - SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked
      down
    - SAUCE: (efi-lockdown) kexec_file: Disable at runtime if the kernel is locked
      down
    - SAUCE: (efi-lockdown) Lock down TIOCSSERIAL
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - debugfs: prevent access to possibly dead file_operations at file open
    - debugfs: prevent access to removed files' private data
    - debugfs: add support for self-protecting attribute file fops
    - debugfs: unproxify integer attribute files
    - debugfs: unproxify files created through debugfs_create_bool()
    - debugfs: unproxify files created through debugfs_create_blob()
    - debugfs: unproxify files created through debugfs_create_u32_array()
    - debugfs: full_proxy_open(): free proxy on ->open() failure
    - debugfs: open_proxy_open(): avoid double fops release
    - SAUCE: (efi-lockdown) debugfs: Disallow use of debugfs files when the kernel
      is locked down

* Xenial update: v4.4.227 upstream stable release (LP: #1883918)
    - scsi: scsi_devinfo: fixup string compare
    - usb: gadget: f_uac2: fix error handling in afunc_bind (again)
    - platform/x86: acer-wmi: setup accelerometer when ACPI device was found
    - esp6: fix memleak on error path in esp6_input
    - IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'
    - ALSA: hda - No loopback on ALC299 codec
    - spi: dw: use "smp_mb()" to avoid sending spi data error
    - s390/ftrace: save traced function caller
    - ARC: Fix ICCM & DCCM runtime size checks
    - x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
    - net: bmac: Fix read of MAC address from ROM
    - net/ethernet/freescale: rework quiesce/activate for ucc_geth
    - net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
    - pppoe: only process PADT targeted at local interfaces
    - mmc: fix compilation of user API
    - slcan: Fix double-free on slcan_open() error path
    - slip: not call free_netdev before rtnl_unlock in slip_open
    - scsi: ufs: Release clock if DMA map fails
    - devinet: fix memleak in inetdev_init()
    - NFC: st21nfca: add missed kfree_skb() in an error path
    - vsock: fix timeout in vsock_accept()
    - l2tp: add sk_family checks to l2tp_validate_socket
    - l2tp: do not use inet_hash()/inet_unhash()
    - USB: serial: qcserial: add DW5816e QDL support
    - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
    - USB: serial: option: add Telit LE910C1-EUX compositions
    - vt: keyboard: avoid signed integer overflow in k_ascii
    - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
    - x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping
    - x86/speculation: Add SRBDS vulnerability and mitigation documentation
    - x86/speculation: Add Ivy Bridge to affected list
    - iio: vcnl4000: Fix i2c swapped word reading.
    - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly
      aligned
    - Linux 4.4.227

* Xenial update: v4.4.226 upstream stable release (LP: #1883917)
    - ax25: fix setsockopt(SO_BINDTODEVICE)
    - net: revert "net: get rid of an signed integer overflow in
      ip_idents_reserve()"
    - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and
      socket is closed
    - net/mlx5: Add command entry handling completion
    - net: sun: fix missing release regions in cas_init_one().
    - net/mlx4_core: fix a memory leak bug.
    - uapi: fix linux/if_pppol2tp.h userspace compilation errors
    - IB/cma: Fix reference count leak when no ipv4 addresses are set
    - cachefiles: Fix race between read_waiter and read_copier involving op->to_do
    - usb: gadget: legacy: fix redundant initialization warnings
    - cifs: Fix null pointer check in cifs_read
    - Input: usbtouchscreen - add support for BonXeon TP
    - Input: evdev - call input_flush_device() on release(), not flush()
    - Input: xpad - add custom init packet for Xbox One S controllers
    - Input: i8042 - add ThinkPad S230u to i8042 reset list
    - IB/qib: Call kobject_put() when kobject_init_and_add() fails
    - ALSA: hwdep: fix a left shifting 1 by 31 UB bug
    - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
    - exec: Always set cap_ambient in cap_bprm_set_creds
    - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
    - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
    - iommu: Fix reference count leak in iommu_group_alloc.
    - parisc: Fix kernel panic in mem_init()
    - x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
    - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
    - xfrm: fix a warning in xfrm_policy_insert_list
    - xfrm: fix a NULL-ptr deref in xfrm_local_error
    - vti4: eliminated some duplicate code.
    - ip_vti: receive ipip packet by calling ip_tunnel_rcv
    - netfilter: nft_reject_bridge: enable reject with bridge vlan
    - netfilter: ipset: Fix subcounter update skip
    - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
    - qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
    - bonding: Fix reference count leak in bond_sysfs_slave_add.
    - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
    - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
    - genirq/generic_pending: Do not lose pending affinity update
    - usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock
    - mac80211: fix memory leak
    - net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
    - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap()
    - asm-prototypes: Clear any CPP defines before declaring the functions
    - sc16is7xx: move label 'err_spi' to correct section
    - drm/msm: Fix possible null dereference on failure of get_pages()
    - printk: help pr_debug and pr_devel to optimize out arguments
    - scsi: zfcp: fix request object use-after-free in send path causing wrong
      traces
    - Linux 4.4.226

* Xenial update: v4.4.225 upstream stable release (LP: #1883916)
    - igb: use igb_adapter->io_addr instead of e1000_hw->hw_addr
    - padata: Remove unused but set variables
    - padata: get_next is never NULL
    - padata: ensure the reorder timer callback runs on the correct CPU
    - padata: ensure padata_do_serial() runs on the correct CPU
    - evm: Check also if *tfm is an error pointer in init_desc()
    - fix multiplication overflow in copy_fdtable()
    - HID: multitouch: add eGalaxTouch P80H84 support
    - ceph: fix double unlock in handle_cap_export()
    - USB: core: Fix misleading driver bug report
    - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA
    - ARM: futex: Address build warning
    - media: Fix media_open() to clear filp->private_data in error leg
    - drivers/media/media-devnode: clear private_data before put_device()
    - media-devnode: add missing mutex lock in error handler
    - media-devnode: fix namespace mess
    - media-device: dynamically allocate struct media_devnode
    - media: fix use-after-free in cdev_put() when app exits after driver unbind
    - media: fix media devnode ioctl/syscall and unregister race
    - i2c: dev: switch from register_chrdev to cdev API
    - i2c: dev: don't start function name with 'return'
    - i2c: dev: use after free in detach
    - i2c-dev: don't get i2c adapter via i2c_dev
    - i2c: dev: Fix the race between the release of i2c_dev and cdev
    - padata: set cpu_index of unused CPUs to -1
    - sched/fair, cpumask: Export for_each_cpu_wrap()
    - padata: Replace delayed timer with immediate workqueue in padata_reorder
    - padata: initialize pd->cpu with effective cpumask
    - padata: purge get_cpu and reorder_via_wq from padata_do_serial
    - ALSA: pcm: fix incorrect hw_base increase
    - platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
    - libnvdimm/btt: Remove unnecessary code in btt_freelist_init
    - l2tp: lock socket before checking flags in connect()
    - l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind()
    - l2tp: hold session while sending creation notifications
    - l2tp: take a reference on sessions used in genetlink handlers
    - l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
    - net: l2tp: export debug flags to UAPI
    - net: l2tp: deprecate PPPOL2TP_MSG_* in favour of L2TP_MSG_*
    - net: l2tp: ppp: change PPPOL2TP_MSG_* => L2TP_MSG_*
    - New kernel function to get IP overhead on a socket.
    - L2TP:Adjust intf MTU, add underlay L3, L2 hdrs.
    - l2tp: remove useless duplicate session detection in l2tp_netlink
    - l2tp: remove l2tp_session_find()
    - l2tp: define parameters of l2tp_session_get*() as "const"
    - l2tp: define parameters of l2tp_tunnel_find*() as "const"
    - l2tp: initialise session's refcount before making it reachable
    - l2tp: hold tunnel while looking up sessions in l2tp_netlink
    - l2tp: hold tunnel while processing genl delete command
    - l2tp: hold tunnel while handling genl tunnel updates
    - l2tp: hold tunnel while handling genl TUNNEL_GET commands
    - l2tp: hold tunnel used while creating sessions with netlink
    - l2tp: prevent creation of sessions on terminated tunnels
    - l2tp: fix l2tp_eth module loading
    - l2tp: don't register sessions in l2tp_session_create()
    - l2tp: initialise l2tp_eth sessions before registering them
    - l2tp: protect sock pointer of struct pppol2tp_session with RCU
    - l2tp: initialise PPP sessions before registering them
    - Revert "gfs2: Don't demote a glock until its revokes are written"
    - staging: iio: ad2s1210: Fix SPI reading
    - mei: release me_cl object reference
    - iio: sca3000: Remove an erroneous 'get_device()'
    - l2tp: device MTU setup, tunnel socket needs a lock
    - cpumask: Make for_each_cpu_wrap() available on UP as well
    - Linux 4.4.225

* smpboot: don't call topology_sane() when Sub-NUMA-Clustering is enabled
    (LP: #1882478)
    - x86, sched: Allow topologies where NUMA nodes share an LLC

* CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount

* CVE-2019-12380
    - efi/x86/Add missing error handling to old_memmap 1:1 mapping code

-- Khalid Elmously <khalid.elmously@canonical.com>  Wed, 01 Jul 2020 00:39:42 -0400

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-27:

#15

Download full text (28.0 KiB)

This bug was fixed in the package linux-oem-osp1 - 5.0.0-1065.70

---------------
linux-oem-osp1 (5.0.0-1065.70) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1065.70 -proposed tracker (LP: #1887090)

[ Ubuntu: 5.0.0-58.62 ]

  * disco/linux: 5.0.0-58.62 -proposed tracker (LP: #1887094)
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux-oem-osp1 (5.0.0-1064.69) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1064.69 -proposed tracker (LP: #1885656)

* Update lockdown patches (LP: #1884159)
- [Config] Update kexec signature config options

[ Ubuntu: 5.0.0-57.61 ]

  * disco/linux: 5.0.0-57.61 -proposed tracker (LP: #1885660)
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Disco update: upstream stable patchset 2020-06-29 (LP: #1885629)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations
    - crypto: talitos - fix ECB and CBC algs ivsize
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
...

This bug was fixed in the package linux-oem-osp1 - 5.0.0-1065.70

---------------
linux-oem-osp1 (5.0.0-1065.70) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1065.70 -proposed tracker (LP: #1887090)

[ Ubuntu: 5.0.0-58.62 ]

* disco/linux: 5.0.0-58.62 -proposed tracker (LP: #1887094)
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux-oem-osp1 (5.0.0-1064.69) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1064.69 -proposed tracker (LP: #1885656)

* Update lockdown patches (LP: #1884159)
    - [Config] Update kexec signature config options

[ Ubuntu: 5.0.0-57.61 ]

* disco/linux: 5.0.0-57.61 -proposed tracker (LP: #1885660)
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Disco update: upstream stable patchset 2020-06-29 (LP: #1885629)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations
    - crypto: talitos - fix ECB and CBC algs ivsize
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
    - spi: bcm2835aux: Fix controller unregister order
    - spi: bcm-qspi: when tx/rx buffer is NULL set to 0
    - PM: runtime: clk: Fix clk_pm_runtime_get() error path
    - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
      fully iterated
    - ALSA: pcm: disallow linking stream to itself
    - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
      poisoned
    - KVM: x86: Fix APIC page invalidation race
    - kvm: x86: Fix L1TF mitigation for shadow MMU
    - KVM: x86/mmu: Consolidate "is MMIO SPTE" code
    - KVM: x86: only do L1TF workaround on affected processors
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: No need to assign dummy value in spi_unregister_controller()
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - spi: pxa2xx: Fix runtime PM ref imbalance on probe error
    - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
    - crypto: virtio: Fix src/dst scatterlist calculation in
      __virtio_crypto_skcipher_do_req()
    - crypto: virtio: Fix dest length calculation in
      __virtio_crypto_skcipher_do_req()
    - selftests/net: in rxtimestamp getopt_long needs terminating null entry
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: fix condition for filtering async PF
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
    - KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - scsi: megaraid_sas: TM command refire leads to controller firmware crash
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - drm/vkms: Hold gem object while still in-use
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - perf: Add cond_resched() to task_function_call()
    - agp/intel: Reinforce the barrier after GTT updates
    - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
    - ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
    - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
    - xen/pvcalls-back: test for errors when calling backend_connect()
    - KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
    - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
    - drm: bridge: adv7511: Extend list of audio sample rates
    - crypto: ccp -- don't "select" CONFIG_DMADEVICES
    - media: si2157: Better check for running tuner in init
    - objtool: Ignore empty alternatives
    - spi: pxa2xx: Apply CS clk quirk to BXT
    - net: atlantic: make hw_get_regs optional
    - net: ena: fix error returning in ena_com_get_hash_function()
    - efi/libstub/x86: Work around LLVM ELF quirk build regression
    - arm64: cacheflush: Fix KGDB trap detection
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - arm64: insn: Fix two bugs in encoding 32-bit logical immediates
    - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
    - MIPS: Loongson: Build ATI Radeon GPU driver as module
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource: dw_apb_timer: Make CPU-affiliation being optional
    - clocksource: dw_apb_timer_of: Fix missing clockevent timers
    - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
    - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
    - batman-adv: Revert "disable ethtool link speed detection when auto
      negotiation off"
    - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
    - spi: dw: Fix Rx-only DMA transfers
    - x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
    - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
      vmxnet3_get_rss()
    - staging: android: ion: use vmap instead of vm_map_ram
    - brcmfmac: fix wrong location to get firmware feature
    - tools api fs: Make xxx__mountpoint() more scalable
    - e1000: Distribute switch variables for initialization
    - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
    - audit: fix a net reference leak in audit_send_reply()
    - media: dvb: return -EREMOTEIO on i2c transfer failure.
    - media: platform: fcp: Set appropriate DMA parameters
    - MIPS: Make sparse_init() using top-down allocation
    - Bluetooth: btbcm: Add 2 missing models to subver tables
    - audit: fix a net reference leak in audit_list_rules_send()
    - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
    - selftests/bpf: Fix memory leak in extract_build_id()
    - net: bcmgenet: set Rx mode before starting netif
    - lib/mpi: Fix 64-bit MIPS build with Clang
    - exit: Move preemption fixup up, move blocking operations down
    - sched/core: Fix illegal RCU from offline CPUs
    - drivers/perf: hisi: Fix typo in events attribute array
    - net: lpc-enet: fix error return code in lpc_mii_init()
    - media: cec: silence shift wrapping warning in __cec_s_log_addrs()
    - net: allwinner: Fix use correct return type for ndo_start_xmit()
    - powerpc/spufs: fix copy_to_user while atomic
    - xfs: clean up the error handling in xfs_swap_extents
    - Crypto/chcr: fix for ccm(aes) failed test
    - MIPS: Truncate link address into 32bit for 32bit kernel
    - mips: cm: Fix an invalid error code of INTVN_*_ERR
    - kgdb: Fix spurious true from in_dbg_master()
    - xfs: reset buffer write failure state on successful completion
    - xfs: fix duplicate verification from xfs_qm_dqflush()
    - platform/x86: intel-vbtn: Use acpi_evaluate_integer()
    - platform/x86: intel-vbtn: Split keymap into buttons and switches parts
    - platform/x86: intel-vbtn: Do not advertise switches to userspace if they are
      not there
    - platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and
      "Portable" chassis-types
    - nvme: refine the Qemu Identify CNS quirk
    - ath10k: Remove msdu from idr when management pkt send fails
    - wcn36xx: Fix error handling path in 'wcn36xx_probe()'
    - net: qed*: Reduce RX and TX default ring count when running inside kdump
      kernel
    - mt76: avoid rx reorder buffer overflow
    - md: don't flush workqueue unconditionally in md_open
    - veth: Adjust hard_start offset on redirect XDP frames
    - net/mlx5e: IPoIB, Drop multicast packets that this interface sent
    - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
    - mwifiex: Fix memory corruption in dump_station
    - x86/boot: Correct relocation destination on old linkers
    - mips: MAAR: Use more precise address mask
    - mips: Add udelay lpj numbers adjustment
    - crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
    - crypto: stm32/crc32 - fix run-time self test issue.
    - crypto: stm32/crc32 - fix multi-instance
    - x86/mm: Stop printing BRK addresses
    - m68k: mac: Don't call via_flush_cache() on Mac IIfx
    - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new
      qgroup
    - macvlan: Skip loopback packets in RX handler
    - PCI: Don't disable decoding when mmio_always_on is set
    - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
    - bcache: fix refcount underflow in bcache_device_free()
    - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
    - staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
    - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
    - ixgbe: fix signed-integer-overflow warning
    - mmc: sdhci-esdhc-imx: fix the mask for tuning start point
    - spi: dw: Return any value retrieved from the dma_transfer callback
    - cpuidle: Fix three reference count leaks
    - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
    - platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
    - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop"
      chasis-type
    - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
    - btrfs: include non-missing as a qualifier for the latest_bdev
    - btrfs: send: emit file capabilities after chown
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
    - mm: initialize deferred pages with interrupts enabled
    - ima: Fix ima digest hash table key calculation
    - ima: Directly assign the ima_default_policy pointer to ima_rules
    - evm: Fix possible memory leak in evm_calc_hmac_or_hash()
    - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
    - ext4: fix error pointer dereference
    - ext4: fix race between ext4_sync_parent() and rename()
    - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
    - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
    - PCI: Avoid FLR for AMD Starship USB 3.0
    - PCI: Add ACS quirk for iProc PAXB
    - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
    - PCI: Move Rohm Vendor ID to generic list
    - misc: pci_endpoint_test: Add the layerscape EP device support
    - misc: pci_endpoint_test: Add support to test PCI EP in AM654x
    - PCI: Add Synopsys endpoint EDDA Device ID
    - PCI: Add NVIDIA GPU multi-function power dependencies
    - PCI: mediatek: Add controller support for MT7629
    - ALSA: lx6464es - add support for LX6464ESe pci express variant
    - PCI: Add Genesys Logic, Inc. Vendor ID
    - PCI: Add Amazon's Annapurna Labs vendor ID
    - PCI: vmd: Add device id for VMD device 8086:9A0B
    - x86/amd_nb: Add Family 19h PCI IDs
    - PCI: Add Loongson vendor ID
    - serial: 8250_pci: Move Pericom IDs to pci_ids.h
    - PCI: Generalize multi-function power dependency device links
    - btrfs: fix error handling when submitting direct I/O bio
    - btrfs: fix wrong file range cleanup after an error filling dealloc range
    - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
    - PCI: Program MPS for RCiEP devices
    - e1000e: Relax condition to trigger reset for ME workaround
    - carl9170: remove P2P_GO support
    - media: go7007: fix a miss of snd_card_free
    - Bluetooth: hci_bcm: fix freeing not-requested IRQ
    - b43legacy: Fix case where channel status is corrupted
    - b43: Fix connection problem with WPA3
    - b43_legacy: Fix connection problem with WPA3
    - media: ov5640: fix use of destroyed mutex
    - igb: Report speed and duplex as unknown when device is runtime suspended
    - power: vexpress: add suppress_bind_attrs to true
    - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
    - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
    - gnss: sirf: fix error return code in sirf_probe()
    - sparc32: fix register window handling in genregs32_[gs]et()
    - sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
    - dm crypt: avoid truncating the logical block size
    - alpha: fix memory barriers so that they conform to the specification
    - kernel/cpu_pm: Fix uninitted local in cpu_pm
    - ARM: tegra: Correct PL310 Auxiliary Control Register initialization
    - ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
    - ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
    - ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
    - drivers/macintosh: Fix memleak in windfarm_pm112 driver
    - powerpc/64s: Don't let DT CPU features set FSCR_DSCR
    - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
    - kbuild: force to build vmlinux if CONFIG_MODVERSION=y
    - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate
      registrations.
    - sunrpc: clean up properly in gss_mech_unregister()
    - mtd: rawnand: brcmnand: fix hamming oob layout
    - mtd: rawnand: pasemi: Fix the probe error path
    - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
    - perf probe: Do not show the skipped events
    - perf probe: Fix to check blacklist address correctly
    - perf probe: Check address correctness by map instead of _etext
    - perf symbols: Fix debuginfo search for Ubuntu
    - elfnote: mark all .note sections SHF_ALLOC
    - csky: Fixup abiv2 syscall_trace break a4 & a5
    - spi: dw: Fix native CS being unset
    - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
    - fanotify: fix ignore mask logic for events on child and on dir
    - KVM: x86: respect singlestep when emulating instruction
    - ASoC: max9867: fix volume controls
    - arm64: acpi: fix UBSAN warning
    - crypto: algapi - Avoid spurious modprobe on LOADED
    - firmware: imx: warn on unexpected RX
    - firmware: imx-scu: Support one TX and one RX
    - firmware: imx: scu: Fix corruption of header
    - dccp: Fix possible memleak in dccp_init and dccp_fini
    - video: vt8500lcdfb: fix fallthrough warning
    - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
    - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
    - block/floppy: fix contended case in floppy_queue_rq()
  * Disco update: upstream stable patchset 2020-06-22 (LP: #1884581)
    - devinet: fix memleak in inetdev_init()
    - l2tp: add sk_family checks to l2tp_validate_socket
    - l2tp: do not use inet_hash()/inet_unhash()
    - net: usb: qmi_wwan: add Telit LE910C1-EUX composition
    - NFC: st21nfca: add missed kfree_skb() in an error path
    - vsock: fix timeout in vsock_accept()
    - net: check untrusted gso_size at kernel entry
    - USB: serial: qcserial: add DW5816e QDL support
    - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
    - USB: serial: option: add Telit LE910C1-EUX compositions
    - iio: vcnl4000: Fix i2c swapped word reading.
    - usb: musb: start session in resume for host port
    - usb: musb: Fix runtime PM imbalance on error
    - vt: keyboard: avoid signed integer overflow in k_ascii
    - tty: hvc_console, fix crashes on parallel open/close
    - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
    - CDC-ACM: heed quirk also in error handling
    - nvmem: qfprom: remove incorrect write support
    - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly
      aligned
    - Revert "net/mlx5: Annotate mutex destroy for root ns"
    - net: be more gentle about silly gso requests coming from user
    - USB: serial: ch341: add basis for quirk detection
  * Disco update: upstream stable patchset 2020-06-16 (LP: #1883773)
    - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race
      window"
    - libnvdimm: Fix endian conversion issues
    - HID: sony: Fix for broken buttons on DS3 USB dongles
    - HID: i2c-hid: add Schneider SCL142ALM to descriptor override
    - p54usb: add AirVasT USB stick device-id
    - mmc: fix compilation of user API
    - scsi: ufs: Release clock if DMA map fails
    - net: dsa: mt7530: set CPU port to fallback mode
    - airo: Fix read overflows sending packets
    - drm/i915: fix port checks for MST support on gen >= 11
    - powerpc/powernv: Avoid re-registration of imc debugfs directory
    - spi: dw: use "smp_mb()" to avoid sending spi data error
    - s390/ftrace: save traced function caller
    - ARC: Fix ICCM & DCCM runtime size checks
    - ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT
    - evm: Fix RCU list related warnings
    - i2c: altera: Fix race between xfer_msg and isr thread
    - x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
    - net: bmac: Fix read of MAC address from ROM
    - drm/edid: Add Oculus Rift S to non-desktop list
    - s390/mm: fix set_huge_pte_at() for empty ptes
    - null_blk: return error for invalid zone size
    - net/ethernet/freescale: rework quiesce/activate for ucc_geth
    - net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
    - net: smsc911x: Fix runtime PM imbalance on error
    - HID: multitouch: add support for the Smart Tech panel
    - HID: multitouch: enable multi-input as a quirk for some devices
    - mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter
    - media: staging: ipu3-imgu: Move alignment attribute to field
    - ASoC: intel - fix the card names
    - selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer
  * Disco update: upstream stable patchset 2020-06-10 (LP: #1883001)
    - ax25: fix setsockopt(SO_BINDTODEVICE)
    - dpaa_eth: fix usage as DSA master, try 3
    - net: dsa: mt7530: fix roaming from DSA user ports
    - __netif_receive_skb_core: pass skb by reference
    - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
    - net: ipip: fix wrong address family in init error path
    - net/mlx5: Add command entry handling completion
    - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
    - net: revert "net: get rid of an signed integer overflow in
      ip_idents_reserve()"
    - net sched: fix reporting the first-time use timestamp
    - r8152: support additional Microsoft Surface Ethernet Adapter variant
    - sctp: Don't add the shutdown timer if its already been added
    - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and
      socket is closed
    - net/mlx5e: Update netdev txq on completions during closure
    - net/mlx5: Annotate mutex destroy for root ns
    - net: sun: fix missing release regions in cas_init_one().
    - net/mlx4_core: fix a memory leak bug.
    - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload
      fails
    - ARM: dts: rockchip: fix phy nodename for rk3228-evb
    - arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts
    - arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node
    - ARM: dts: rockchip: swap clock-names of gpu nodes
    - ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi
    - gpio: tegra: mask GPIO IRQs during IRQ shutdown
    - ALSA: usb-audio: add mapping for ASRock TRX40 Creator
    - net: microchip: encx24j600: add missed kthread_stop
    - gfs2: move privileged user check to gfs2_quota_lock_check
    - cachefiles: Fix race between read_waiter and read_copier involving op->to_do
    - usb: dwc3: pci: Enable extcon driver for Intel Merrifield
    - usb: gadget: legacy: fix redundant initialization warnings
    - net: freescale: select CONFIG_FIXED_PHY where needed
    - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get()
    - riscv: stacktrace: Fix undefined reference to `walk_stackframe'
    - cifs: Fix null pointer check in cifs_read
    - samples: bpf: Fix build error
    - Input: usbtouchscreen - add support for BonXeon TP
    - Input: evdev - call input_flush_device() on release(), not flush()
    - Input: xpad - add custom init packet for Xbox One S controllers
    - Input: dlink-dir685-touchkeys - fix a typo in driver name
    - Input: i8042 - add ThinkPad S230u to i8042 reset list
    - Input: synaptics-rmi4 - really fix attn_data use-after-free
    - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()
    - ARM: 8970/1: decompressor: increase tag size
    - ARM: 8843/1: use unified assembler in headers
    - ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h
    - ARM: uaccess: integrate uaccess_save and uaccess_restore
    - ARM: uaccess: fix DACR mismatch with nested exceptions
    - gpio: exar: Fix bad handling for ida_simple_get error path
    - IB/qib: Call kobject_put() when kobject_init_and_add() fails
    - ARM: dts/imx6q-bx50v3: Set display interface clock parents
    - ARM: dts: bcm2835-rpi-zero-w: Fix led polarity
    - ARM: dts: bcm: HR2: Fix PPI interrupt types
    - mmc: block: Fix use-after-free issue for rpmb
    - RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe()
    - ALSA: hwdep: fix a left shifting 1 by 31 UB bug
    - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround
    - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
    - exec: Always set cap_ambient in cap_bprm_set_creds
    - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio
    - ALSA: hda/realtek - Add new codec supported for ALC287
    - libceph: ignore pool overlay and cache logic on redirects
    - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode
    - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
    - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
    - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
    - iommu: Fix reference count leak in iommu_group_alloc.
    - parisc: Fix kernel panic in mem_init()
    - RDMA/core: Fix double destruction of uobject
    - mac80211: mesh: fix discovery timer re-arming issue / crash
    - x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
    - copy_xstate_to_kernel(): don't leave parts of destination uninitialized
    - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
    - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
    - xfrm interface: fix oops when deleting a x-netns interface
    - xfrm: fix a warning in xfrm_policy_insert_list
    - xfrm: fix a NULL-ptr deref in xfrm_local_error
    - xfrm: fix error in comment
    - vti4: eliminated some duplicate code.
    - ip_vti: receive ipip packet by calling ip_tunnel_rcv
    - netfilter: nft_reject_bridge: enable reject with bridge vlan
    - netfilter: ipset: Fix subcounter update skip
    - netfilter: nfnetlink_cthelper: unbreak userspace helper support
    - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
    - esp6: get the right proto for transport mode in esp6_gso_encap
    - bnxt_en: Fix accumulation of bp->net_stats_prev.
    - xsk: Add overflow check for u64 division, stored into u32
    - qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
    - crypto: chelsio/chtls: properly set tp->lsndtime
    - bonding: Fix reference count leak in bond_sysfs_slave_add.
    - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
    - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap()
    - net: don't return invalid table id error when we fall back to PF_UNSPEC
    - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
    - net: mvpp2: fix RX hashing for non-10G ports
    - tls: Fix recvmsg() to be able to peek across multiple records
    - net/tls: fix race condition causing kernel panic
    - net/mlx5e: Fix inner tirs handling
    - net/tls: fix encryption error checking
    - net/tls: free record only on encryption error
    - gfs2: Grab glock reference sooner in gfs2_add_revoke
    - usb: phy: twl6030-usb: Fix a resource leak in an error handling path in
      'twl6030_usb_probe()'
    - clk: ti: am33xx: fix RTC clock parent
    - csky: Fixup remove duplicate irq_disable
    - csky: Fixup raw_copy_from_user()
    - soc: mediatek: cmdq: return send msg error code
    - Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and
      REQ_NOWAIT"
    - gpio: fix locking open drain IRQ lines
    - xfrm: remove the xfrm_state_put call becofe going to out_reset
    - ieee80211: Fix incorrect mask for default PE duration
    - perf: Make perf able to build with latest libbfd
  * Update lockdown patches (LP: #1884159)
    - SAUCE: (efi-lockdown) kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and
      KEXEC_SIG_FORCE
    - SAUCE: (efi-lockdown) kexec_file: Restrict at runtime if the kernel is
      locked down
    - [Config] Update kexec signature config options
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: add read-only mode
    - powerpc/xmon: Restrict when kernel is locked down
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down
    - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
  * CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap
  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount
  * apparmor reference leak causes refcount_t overflow with af_alg_accept()
    (LP: #1883962)
    - apparmor: check/put label on apparmor_sk_clone_security()
  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start
  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open
  * CVE-2019-12380
    - efi/x86/Add missing error handling to old_memmap 1:1 mapping code

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 14 Jul 2020 16:02:41 +0200

Changed in linux-oem-osp1 (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-27:

#16

Download full text (30.5 KiB)

This bug was fixed in the package linux - 5.3.0-64.58

---------------
linux (5.3.0-64.58) eoan; urgency=medium

* eoan/linux: 5.3.0-64.58 -proposed tracker (LP: #1887088)

* linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
- SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.3.0-63.57) eoan; urgency=medium

* eoan/linux: 5.3.0-63.57 -proposed tracker (LP: #1885495)

* seccomp_bpf fails on powerpc (LP: #1885757)
- SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * The thread level parallelism would be a bottleneck when searching for the
    shared pmd by using hugetlbfs (LP: #1882039)
    - hugetlbfs: take read_lock on i_mmap for PMD sharing

  * Eoan update: upstream stable patchset 2020-06-30 (LP: #1885775)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
    - spi: bcm2835aux: Fix controller unregister order
    - spi: bcm-qspi: when tx/rx buffer is NULL set to 0
    - PM: runtime: clk: Fix clk_pm_runtime_get() error path
    - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
      fully iterated
    - ALSA: pcm: disallow linking stream to itself
    - x86/{mce,mm}: Unmap the entire page if the who...

This bug was fixed in the package linux - 5.3.0-64.58

---------------
linux (5.3.0-64.58) eoan; urgency=medium

* eoan/linux: 5.3.0-64.58 -proposed tracker (LP: #1887088)

* linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.3.0-63.57) eoan; urgency=medium

* eoan/linux: 5.3.0-63.57 -proposed tracker (LP: #1885495)

* seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc

* The thread level parallelism would be a bottleneck when searching for the
    shared pmd by using hugetlbfs (LP: #1882039)
    - hugetlbfs: take read_lock on i_mmap for PMD sharing

* Eoan update: upstream stable patchset 2020-06-30 (LP: #1885775)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
    - spi: bcm2835aux: Fix controller unregister order
    - spi: bcm-qspi: when tx/rx buffer is NULL set to 0
    - PM: runtime: clk: Fix clk_pm_runtime_get() error path
    - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
      fully iterated
    - ALSA: pcm: disallow linking stream to itself
    - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
      poisoned
    - KVM: x86: Fix APIC page invalidation race
    - KVM: x86/mmu: Consolidate "is MMIO SPTE" code
    - KVM: x86: only do L1TF workaround on affected processors
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - spi: pxa2xx: Fix runtime PM ref imbalance on probe error
    - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
    - crypto: virtio: Fix src/dst scatterlist calculation in
      __virtio_crypto_skcipher_do_req()
    - crypto: virtio: Fix dest length calculation in
      __virtio_crypto_skcipher_do_req()
    - selftests/net: in rxtimestamp getopt_long needs terminating null entry
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: fix condition for filtering async PF
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
    - KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - scsi: megaraid_sas: TM command refire leads to controller firmware crash
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - drm/vkms: Hold gem object while still in-use
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - perf: Add cond_resched() to task_function_call()
    - agp/intel: Reinforce the barrier after GTT updates
    - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
    - ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
    - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
    - xen/pvcalls-back: test for errors when calling backend_connect()
    - KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
    - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
    - drm: bridge: adv7511: Extend list of audio sample rates
    - crypto: ccp -- don't "select" CONFIG_DMADEVICES
    - media: si2157: Better check for running tuner in init
    - objtool: Ignore empty alternatives
    - spi: pxa2xx: Apply CS clk quirk to BXT
    - net: atlantic: make hw_get_regs optional
    - net: ena: fix error returning in ena_com_get_hash_function()
    - efi/libstub/x86: Work around LLVM ELF quirk build regression
    - arm64: cacheflush: Fix KGDB trap detection
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - arm64: insn: Fix two bugs in encoding 32-bit logical immediates
    - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
    - MIPS: Loongson: Build ATI Radeon GPU driver as module
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource: dw_apb_timer: Make CPU-affiliation being optional
    - clocksource: dw_apb_timer_of: Fix missing clockevent timers
    - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
    - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
    - batman-adv: Revert "disable ethtool link speed detection when auto
      negotiation off"
    - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
    - spi: dw: Fix Rx-only DMA transfers
    - x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
    - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
      vmxnet3_get_rss()
    - staging: android: ion: use vmap instead of vm_map_ram
    - brcmfmac: fix wrong location to get firmware feature
    - tools api fs: Make xxx__mountpoint() more scalable
    - e1000: Distribute switch variables for initialization
    - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
    - audit: fix a net reference leak in audit_send_reply()
    - media: dvb: return -EREMOTEIO on i2c transfer failure.
    - media: platform: fcp: Set appropriate DMA parameters
    - MIPS: Make sparse_init() using top-down allocation
    - Bluetooth: btbcm: Add 2 missing models to subver tables
    - audit: fix a net reference leak in audit_list_rules_send()
    - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
    - selftests/bpf: Fix memory leak in extract_build_id()
    - net: bcmgenet: set Rx mode before starting netif
    - lib/mpi: Fix 64-bit MIPS build with Clang
    - exit: Move preemption fixup up, move blocking operations down
    - sched/core: Fix illegal RCU from offline CPUs
    - drivers/perf: hisi: Fix typo in events attribute array
    - net: lpc-enet: fix error return code in lpc_mii_init()
    - media: cec: silence shift wrapping warning in __cec_s_log_addrs()
    - net: allwinner: Fix use correct return type for ndo_start_xmit()
    - powerpc/spufs: fix copy_to_user while atomic
    - xfs: clean up the error handling in xfs_swap_extents
    - Crypto/chcr: fix for ccm(aes) failed test
    - MIPS: Truncate link address into 32bit for 32bit kernel
    - mips: cm: Fix an invalid error code of INTVN_*_ERR
    - kgdb: Fix spurious true from in_dbg_master()
    - xfs: reset buffer write failure state on successful completion
    - xfs: fix duplicate verification from xfs_qm_dqflush()
    - platform/x86: intel-vbtn: Use acpi_evaluate_integer()
    - platform/x86: intel-vbtn: Split keymap into buttons and switches parts
    - platform/x86: intel-vbtn: Do not advertise switches to userspace if they are
      not there
    - platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and
      "Portable" chassis-types
    - nvme: refine the Qemu Identify CNS quirk
    - ath10k: Remove msdu from idr when management pkt send fails
    - wcn36xx: Fix error handling path in 'wcn36xx_probe()'
    - net: qed*: Reduce RX and TX default ring count when running inside kdump
      kernel
    - mt76: avoid rx reorder buffer overflow
    - md: don't flush workqueue unconditionally in md_open
    - veth: Adjust hard_start offset on redirect XDP frames
    - net/mlx5e: IPoIB, Drop multicast packets that this interface sent
    - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
    - mwifiex: Fix memory corruption in dump_station
    - x86/boot: Correct relocation destination on old linkers
    - mips: MAAR: Use more precise address mask
    - mips: Add udelay lpj numbers adjustment
    - crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
    - crypto: stm32/crc32 - fix run-time self test issue.
    - crypto: stm32/crc32 - fix multi-instance
    - x86/mm: Stop printing BRK addresses
    - m68k: mac: Don't call via_flush_cache() on Mac IIfx
    - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new
      qgroup
    - macvlan: Skip loopback packets in RX handler
    - PCI: Don't disable decoding when mmio_always_on is set
    - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
    - bcache: fix refcount underflow in bcache_device_free()
    - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
    - staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
    - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
    - ixgbe: fix signed-integer-overflow warning
    - mmc: sdhci-esdhc-imx: fix the mask for tuning start point
    - spi: dw: Return any value retrieved from the dma_transfer callback
    - cpuidle: Fix three reference count leaks
    - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
    - platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
    - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop"
      chasis-type
    - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
    - btrfs: include non-missing as a qualifier for the latest_bdev
    - btrfs: send: emit file capabilities after chown
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
    - mm: initialize deferred pages with interrupts enabled
    - ima: Fix ima digest hash table key calculation
    - ima: Directly assign the ima_default_policy pointer to ima_rules
    - evm: Fix possible memory leak in evm_calc_hmac_or_hash()
    - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
    - ext4: fix error pointer dereference
    - ext4: fix race between ext4_sync_parent() and rename()
    - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
    - PCI: Add ACS quirk for iProc PAXB
    - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
    - PCI: mediatek: Add controller support for MT7629
    - ALSA: lx6464es - add support for LX6464ESe pci express variant
    - PCI: Add Genesys Logic, Inc. Vendor ID
    - PCI: Add Amazon's Annapurna Labs vendor ID
    - PCI: vmd: Add device id for VMD device 8086:9A0B
    - x86/amd_nb: Add Family 19h PCI IDs
    - PCI: Add Loongson vendor ID
    - serial: 8250_pci: Move Pericom IDs to pci_ids.h
    - btrfs: fix error handling when submitting direct I/O bio
    - btrfs: fix wrong file range cleanup after an error filling dealloc range
    - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
    - PCI: Program MPS for RCiEP devices
    - e1000e: Relax condition to trigger reset for ME workaround
    - carl9170: remove P2P_GO support
    - media: go7007: fix a miss of snd_card_free
    - Bluetooth: hci_bcm: fix freeing not-requested IRQ
    - b43legacy: Fix case where channel status is corrupted
    - b43: Fix connection problem with WPA3
    - b43_legacy: Fix connection problem with WPA3
    - media: ov5640: fix use of destroyed mutex
    - igb: Report speed and duplex as unknown when device is runtime suspended
    - power: vexpress: add suppress_bind_attrs to true
    - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
    - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
    - gnss: sirf: fix error return code in sirf_probe()
    - sparc32: fix register window handling in genregs32_[gs]et()
    - sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
    - dm crypt: avoid truncating the logical block size
    - alpha: fix memory barriers so that they conform to the specification
    - kernel/cpu_pm: Fix uninitted local in cpu_pm
    - ARM: tegra: Correct PL310 Auxiliary Control Register initialization
    - ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
    - ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
    - ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
    - drivers/macintosh: Fix memleak in windfarm_pm112 driver
    - powerpc/64s: Don't let DT CPU features set FSCR_DSCR
    - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
    - kbuild: force to build vmlinux if CONFIG_MODVERSION=y
    - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate
      registrations.
    - sunrpc: clean up properly in gss_mech_unregister()
    - mtd: rawnand: brcmnand: fix hamming oob layout
    - mtd: rawnand: pasemi: Fix the probe error path
    - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
    - perf probe: Do not show the skipped events
    - perf probe: Fix to check blacklist address correctly
    - perf probe: Check address correctness by map instead of _etext
    - perf symbols: Fix debuginfo search for Ubuntu
    - mlxsw: core: Use different get_trend() callbacks for different thermal zones
    - elfnote: mark all .note sections SHF_ALLOC
    - csky: Fixup abiv2 syscall_trace break a4 & a5
    - gfs2: Even more gfs2_find_jhead fixes
    - spi: dw: Fix native CS being unset
    - s390/pci: Log new handle in clp_disable_fh()
    - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
    - selftests: fix flower parent qdisc
    - fanotify: fix ignore mask logic for events on child and on dir
    - perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel
      Tremont
    - KVM: x86: respect singlestep when emulating instruction
    - powerpc/ptdump: Properly handle non standard page size
    - ASoC: max9867: fix volume controls
    - io_uring: use kvfree() in io_sqe_buffer_register()
    - smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
    - smb3: add indatalen that can be a non-zero value to calculation of credit
      charge in smb2 ioctl
    - watchdog: imx_sc_wdt: Fix reboot on crash
    - ALSA: fireface: fix configuration error for nominal sampling transfer
      frequency
    - ALSA: pcm: fix snd_pcm_link() lockdep splat
    - arm64: acpi: fix UBSAN warning
    - lib/lzo: fix ambiguous encoding bug in lzo-rle
    - spi: bcm-qspi: Handle clock probe deferral
    - gup: document and work around "COW can break either way" issue
    - crypto: algapi - Avoid spurious modprobe on LOADED
    - crypto: drbg - fix error return code in drbg_alloc_state()
    - firmware: imx: warn on unexpected RX
    - firmware: imx-scu: Support one TX and one RX
    - firmware: imx: scu: Fix corruption of header
    - dccp: Fix possible memleak in dccp_init and dccp_fini
    - net/mlx5: drain health workqueue in case of driver load error
    - net/mlx5: Fix fatal error handling during device load
    - net/mlx5e: Fix repeated XSK usage on one channel
    - remoteproc: Fall back to using parent memory pool if no dedicated available
    - remoteproc: Fix and restore the parenting hierarchy for vdev
    - cpufreq: Fix up cpufreq_boost_set_sw()
    - EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable
    - video: vt8500lcdfb: fix fallthrough warning
    - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
    - KVM: arm64: Stop writing aarch32's CSSELR into ACTLR
    - selftests/ftrace: Return unsupported if no error_log file
    - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
    - mmc: tmio: Further fixup runtime PM management at remove
    - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
    - mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card()
    - block/floppy: fix contended case in floppy_queue_rq()
    - KVM: arm64: Save the host's PtrAuth keys in non-preemptible context

* Eoan update: upstream stable patchset 2020-06-24 (LP: #1885011)
    - devinet: fix memleak in inetdev_init()
    - l2tp: add sk_family checks to l2tp_validate_socket
    - l2tp: do not use inet_hash()/inet_unhash()
    - net: usb: qmi_wwan: add Telit LE910C1-EUX composition
    - NFC: st21nfca: add missed kfree_skb() in an error path
    - vsock: fix timeout in vsock_accept()
    - net: check untrusted gso_size at kernel entry
    - USB: serial: qcserial: add DW5816e QDL support
    - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
    - USB: serial: option: add Telit LE910C1-EUX compositions
    - iio: vcnl4000: Fix i2c swapped word reading.
    - usb: musb: start session in resume for host port
    - usb: musb: Fix runtime PM imbalance on error
    - vt: keyboard: avoid signed integer overflow in k_ascii
    - tty: hvc_console, fix crashes on parallel open/close
    - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
    - CDC-ACM: heed quirk also in error handling
    - nvmem: qfprom: remove incorrect write support
    - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly
      aligned
    - Revert "net/mlx5: Annotate mutex destroy for root ns"
    - net/mlx5: Fix crash upon suspend/resume
    - net: stmmac: enable timestamp snapshot for required PTP packets in dwmac
      v5.10a
    - nfp: flower: fix used time of merge flow statistics
    - net: be more gentle about silly gso requests coming from user
    - USB: serial: ch341: add basis for quirk detection
    - iio:chemical:sps30: Fix timestamp alignment
    - iio:chemical:pms7003: Fix timestamp alignment and prevent data leak.
    - iio: adc: stm32-adc: fix a wrong error message when probing interrupts

* Eoan update: upstream stable patchset 2020-06-19 (LP: #1884296)
    - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race
      window"
    - HID: sony: Fix for broken buttons on DS3 USB dongles
    - HID: i2c-hid: add Schneider SCL142ALM to descriptor override
    - p54usb: add AirVasT USB stick device-id
    - mmc: fix compilation of user API
    - scsi: ufs: Release clock if DMA map fails
    - net: dsa: mt7530: set CPU port to fallback mode
    - airo: Fix read overflows sending packets
    - powerpc/powernv: Avoid re-registration of imc debugfs directory
    - s390/ftrace: save traced function caller
    - ARC: Fix ICCM & DCCM runtime size checks
    - ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT
    - evm: Fix RCU list related warnings
    - i2c: altera: Fix race between xfer_msg and isr thread
    - x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
    - net: bmac: Fix read of MAC address from ROM
    - drm/edid: Add Oculus Rift S to non-desktop list
    - s390/mm: fix set_huge_pte_at() for empty ptes
    - null_blk: return error for invalid zone size
    - net/ethernet/freescale: rework quiesce/activate for ucc_geth
    - net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
    - net: smsc911x: Fix runtime PM imbalance on error
    - HID: multitouch: add support for the Smart Tech panel
    - HID: multitouch: enable multi-input as a quirk for some devices
    - mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter
    - media: Revert "staging: imgu: Address a compiler warning on alignment"
    - media: staging: ipu3-imgu: Move alignment attribute to field
    - ASoC: intel - fix the card names
    - RDMA/qedr: Fix qpids xarray api used
    - RDMA/qedr: Fix synchronization methods and memory leaks in qedr
    - io_uring: initialize ctx->sqo_wait earlier
    - selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer

* Eoan update: upstream stable patchset 2020-06-09 (LP: #1882831)
    - ax25: fix setsockopt(SO_BINDTODEVICE)
    - dpaa_eth: fix usage as DSA master, try 3
    - net: dsa: mt7530: fix roaming from DSA user ports
    - __netif_receive_skb_core: pass skb by reference
    - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
    - net: ipip: fix wrong address family in init error path
    - net/mlx5: Add command entry handling completion
    - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
    - net: revert "net: get rid of an signed integer overflow in
      ip_idents_reserve()"
    - net sched: fix reporting the first-time use timestamp
    - r8152: support additional Microsoft Surface Ethernet Adapter variant
    - sctp: Don't add the shutdown timer if its already been added
    - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and
      socket is closed
    - net/mlx5e: Update netdev txq on completions during closure
    - net/mlx5: Annotate mutex destroy for root ns
    - net: sun: fix missing release regions in cas_init_one().
    - net/mlx4_core: fix a memory leak bug.
    - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload
      fails
    - ARM: dts: rockchip: fix phy nodename for rk3228-evb
    - arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts
    - arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node
    - ARM: dts: rockchip: swap clock-names of gpu nodes
    - ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi
    - gpio: tegra: mask GPIO IRQs during IRQ shutdown
    - ALSA: usb-audio: add mapping for ASRock TRX40 Creator
    - net: microchip: encx24j600: add missed kthread_stop
    - gfs2: move privileged user check to gfs2_quota_lock_check
    - cachefiles: Fix race between read_waiter and read_copier involving op->to_do
    - usb: dwc3: pci: Enable extcon driver for Intel Merrifield
    - usb: gadget: legacy: fix redundant initialization warnings
    - net: freescale: select CONFIG_FIXED_PHY where needed
    - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get()
    - riscv: stacktrace: Fix undefined reference to `walk_stackframe'
    - cifs: Fix null pointer check in cifs_read
    - samples: bpf: Fix build error
    - Input: usbtouchscreen - add support for BonXeon TP
    - Input: evdev - call input_flush_device() on release(), not flush()
    - Input: xpad - add custom init packet for Xbox One S controllers
    - Input: dlink-dir685-touchkeys - fix a typo in driver name
    - Input: i8042 - add ThinkPad S230u to i8042 reset list
    - Input: synaptics-rmi4 - really fix attn_data use-after-free
    - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()
    - ARM: 8970/1: decompressor: increase tag size
    - ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h
    - ARM: uaccess: integrate uaccess_save and uaccess_restore
    - ARM: uaccess: fix DACR mismatch with nested exceptions
    - gpio: exar: Fix bad handling for ida_simple_get error path
    - IB/qib: Call kobject_put() when kobject_init_and_add() fails
    - ARM: dts/imx6q-bx50v3: Set display interface clock parents
    - ARM: dts: bcm2835-rpi-zero-w: Fix led polarity
    - ARM: dts: bcm: HR2: Fix PPI interrupt types
    - mmc: block: Fix use-after-free issue for rpmb
    - RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe()
    - ALSA: hwdep: fix a left shifting 1 by 31 UB bug
    - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround
    - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
    - exec: Always set cap_ambient in cap_bprm_set_creds
    - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio
    - ALSA: hda/realtek - Add new codec supported for ALC287
    - libceph: ignore pool overlay and cache logic on redirects
    - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode
    - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
    - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
    - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
    - iommu: Fix reference count leak in iommu_group_alloc.
    - parisc: Fix kernel panic in mem_init()
    - RDMA/core: Fix double destruction of uobject
    - mac80211: mesh: fix discovery timer re-arming issue / crash
    - x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
    - copy_xstate_to_kernel(): don't leave parts of destination uninitialized
    - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
    - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
    - xfrm interface: fix oops when deleting a x-netns interface
    - xfrm: fix a warning in xfrm_policy_insert_list
    - xfrm: fix a NULL-ptr deref in xfrm_local_error
    - xfrm: fix error in comment
    - ip_vti: receive ipip packet by calling ip_tunnel_rcv
    - netfilter: nft_reject_bridge: enable reject with bridge vlan
    - netfilter: ipset: Fix subcounter update skip
    - netfilter: nfnetlink_cthelper: unbreak userspace helper support
    - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
    - esp6: get the right proto for transport mode in esp6_gso_encap
    - bnxt_en: Fix accumulation of bp->net_stats_prev.
    - xsk: Add overflow check for u64 division, stored into u32
    - qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
    - crypto: chelsio/chtls: properly set tp->lsndtime
    - bonding: Fix reference count leak in bond_sysfs_slave_add.
    - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
    - net: don't return invalid table id error when we fall back to PF_UNSPEC
    - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
    - net: mvpp2: fix RX hashing for non-10G ports
    - net: nlmsg_cancel() if put fails for nhmsg
    - net/tls: fix race condition causing kernel panic
    - nexthop: Fix attribute checking for groups
    - tipc: block BH before using dst_cache
    - net/mlx5e: kTLS, Destroy key object after destroying the TIS
    - net/mlx5e: Fix inner tirs handling
    - net/mlx5: Fix memory leak in mlx5_events_init
    - net/mlx5: Fix error flow in case of function_setup failure
    - net/tls: fix encryption error checking
    - net/tls: free record only on encryption error
    - gfs2: Grab glock reference sooner in gfs2_add_revoke
    - drm/amd/powerplay: perform PG ungate prior to CG ungate
    - usb: phy: twl6030-usb: Fix a resource leak in an error handling path in
      'twl6030_usb_probe()'
    - clk: ti: am33xx: fix RTC clock parent
    - csky: Fixup msa highest 3 bits mask
    - csky: Fixup perf callchain unwind
    - csky: Fixup remove duplicate irq_disable
    - csky: Fixup raw_copy_from_user()
    - arm64: dts: mt8173: fix vcodec-enc clock
    - soc: mediatek: cmdq: return send msg error code
    - gpu/drm: Ingenic: Fix opaque pointer casted to wrong type
    - gpio: pxa: Fix return value of pxa_gpio_probe()
    - gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe()
    - ceph: flush release queue when handling caps for unknown inode
    - drm/amd/display: drop cursor position check in atomic test
    - Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and
      REQ_NOWAIT"
    - gpio: fix locking open drain IRQ lines
    - xfrm: do pskb_pull properly in __xfrm_transport_prep
    - xfrm: remove the xfrm_state_put call becofe going to out_reset
    - netfilter: conntrack: make conntrack userspace helpers work again
    - ieee80211: Fix incorrect mask for default PE duration
    - nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry
    - nexthops: don't modify published nexthop groups
    - nexthop: Expand nexthop_is_multipath in a few places
    - ipv4: nexthop version of fib_info_nh_uses_dev
    - netfilter: conntrack: comparison of unsigned in cthelper confirmation
    - netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
    - perf: Make perf able to build with latest libbfd

* shiftfs: O_TMPFILE reports ESTALE (LP: #1872757)
    - SAUCE: shiftfs: prevent ESTALE for LOOKUP_JUMP lookups

* shiftfs: fix btrfs regression (LP: #1884767)
    - SAUCE: Revert "UBUNTU: SAUCE: shiftfs: fix dentry revalidation"

* Update lockdown patches (LP: #1884159)
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: Restrict when kernel is locked down
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down

* ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - SAUCE: selftests: net: ip_defrag: limit packet to 1000 fragments
    - selftests: net: ip_defrag: ignore EPERM

* CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap

* CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount

* apparmor reference leak causes refcount_t overflow with af_alg_accept()
    (LP: #1883962)
    - apparmor: check/put label on apparmor_sk_clone_security()

* CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start

* CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open

-- Khalid Elmously <khalid.elmously@canonical.com>  Fri, 10 Jul 2020 15:22:34 -0400

Changed in linux (Ubuntu Eoan):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-07-28:

#17

This bug was fixed in the package linux - 5.4.0-42.46

---------------
linux (5.4.0-42.46) focal; urgency=medium

* focal/linux: 5.4.0-42.46 -proposed tracker (LP: #1887069)

* linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
- SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.4.0-41.45) focal; urgency=medium

* focal/linux: 5.4.0-41.45 -proposed tracker (LP: #1885855)

* Packaging resync (LP: #1786013)
- update dkms package versions

* CVE-2019-19642
- kernel/relay.c: handle alloc_percpu returning NULL in relay_open

* CVE-2019-16089
- SAUCE: nbd_genl_status: null check for nla_nest_start

* CVE-2020-11935
- aufs: do not call i_readcount_inc()

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - selftests: net: ip_defrag: ignore EPERM

* Update lockdown patches (LP: #1884159)
- SAUCE: acpi: disallow loading configfs acpi tables when locked down

* seccomp_bpf fails on powerpc (LP: #1885757)
- SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

-- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:50:26 -0400

Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-08-12:

#18

Download full text (28.0 KiB)

This bug was fixed in the package linux-oem-osp1 - 5.0.0-1065.70

---------------
linux-oem-osp1 (5.0.0-1065.70) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1065.70 -proposed tracker (LP: #1887090)

[ Ubuntu: 5.0.0-58.62 ]

  * disco/linux: 5.0.0-58.62 -proposed tracker (LP: #1887094)
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux-oem-osp1 (5.0.0-1064.69) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1064.69 -proposed tracker (LP: #1885656)

* Update lockdown patches (LP: #1884159)
- [Config] Update kexec signature config options

[ Ubuntu: 5.0.0-57.61 ]

  * disco/linux: 5.0.0-57.61 -proposed tracker (LP: #1885660)
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Disco update: upstream stable patchset 2020-06-29 (LP: #1885629)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations
    - crypto: talitos - fix ECB and CBC algs ivsize
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
...

This bug was fixed in the package linux-oem-osp1 - 5.0.0-1065.70

---------------
linux-oem-osp1 (5.0.0-1065.70) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1065.70 -proposed tracker (LP: #1887090)

[ Ubuntu: 5.0.0-58.62 ]

* disco/linux: 5.0.0-58.62 -proposed tracker (LP: #1887094)
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux-oem-osp1 (5.0.0-1064.69) bionic; urgency=medium

* bionic/linux-oem-osp1: 5.0.0-1064.69 -proposed tracker (LP: #1885656)

* Update lockdown patches (LP: #1884159)
    - [Config] Update kexec signature config options

[ Ubuntu: 5.0.0-57.61 ]

* disco/linux: 5.0.0-57.61 -proposed tracker (LP: #1885660)
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Disco update: upstream stable patchset 2020-06-29 (LP: #1885629)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid options
    - tun: correct header offsets in napi frags mode
    - btrfs: Detect unbalanced tree with empty leaf before crashing btree
      operations
    - crypto: talitos - fix ECB and CBC algs ivsize
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
    - spi: bcm2835aux: Fix controller unregister order
    - spi: bcm-qspi: when tx/rx buffer is NULL set to 0
    - PM: runtime: clk: Fix clk_pm_runtime_get() error path
    - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
      fully iterated
    - ALSA: pcm: disallow linking stream to itself
    - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
      poisoned
    - KVM: x86: Fix APIC page invalidation race
    - kvm: x86: Fix L1TF mitigation for shadow MMU
    - KVM: x86/mmu: Consolidate "is MMIO SPTE" code
    - KVM: x86: only do L1TF workaround on affected processors
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: No need to assign dummy value in spi_unregister_controller()
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - spi: pxa2xx: Fix runtime PM ref imbalance on probe error
    - crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
    - crypto: virtio: Fix src/dst scatterlist calculation in
      __virtio_crypto_skcipher_do_req()
    - crypto: virtio: Fix dest length calculation in
      __virtio_crypto_skcipher_do_req()
    - selftests/net: in rxtimestamp getopt_long needs terminating null entry
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: fix condition for filtering async PF
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
    - KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - scsi: megaraid_sas: TM command refire leads to controller firmware crash
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - drm/vkms: Hold gem object while still in-use
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - perf: Add cond_resched() to task_function_call()
    - agp/intel: Reinforce the barrier after GTT updates
    - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
    - ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
    - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
    - xen/pvcalls-back: test for errors when calling backend_connect()
    - KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
    - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
    - drm: bridge: adv7511: Extend list of audio sample rates
    - crypto: ccp -- don't "select" CONFIG_DMADEVICES
    - media: si2157: Better check for running tuner in init
    - objtool: Ignore empty alternatives
    - spi: pxa2xx: Apply CS clk quirk to BXT
    - net: atlantic: make hw_get_regs optional
    - net: ena: fix error returning in ena_com_get_hash_function()
    - efi/libstub/x86: Work around LLVM ELF quirk build regression
    - arm64: cacheflush: Fix KGDB trap detection
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - arm64: insn: Fix two bugs in encoding 32-bit logical immediates
    - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
    - MIPS: Loongson: Build ATI Radeon GPU driver as module
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource: dw_apb_timer: Make CPU-affiliation being optional
    - clocksource: dw_apb_timer_of: Fix missing clockevent timers
    - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
    - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
    - batman-adv: Revert "disable ethtool link speed detection when auto
      negotiation off"
    - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
    - spi: dw: Fix Rx-only DMA transfers
    - x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
    - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
      vmxnet3_get_rss()
    - staging: android: ion: use vmap instead of vm_map_ram
    - brcmfmac: fix wrong location to get firmware feature
    - tools api fs: Make xxx__mountpoint() more scalable
    - e1000: Distribute switch variables for initialization
    - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
    - audit: fix a net reference leak in audit_send_reply()
    - media: dvb: return -EREMOTEIO on i2c transfer failure.
    - media: platform: fcp: Set appropriate DMA parameters
    - MIPS: Make sparse_init() using top-down allocation
    - Bluetooth: btbcm: Add 2 missing models to subver tables
    - audit: fix a net reference leak in audit_list_rules_send()
    - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
    - selftests/bpf: Fix memory leak in extract_build_id()
    - net: bcmgenet: set Rx mode before starting netif
    - lib/mpi: Fix 64-bit MIPS build with Clang
    - exit: Move preemption fixup up, move blocking operations down
    - sched/core: Fix illegal RCU from offline CPUs
    - drivers/perf: hisi: Fix typo in events attribute array
    - net: lpc-enet: fix error return code in lpc_mii_init()
    - media: cec: silence shift wrapping warning in __cec_s_log_addrs()
    - net: allwinner: Fix use correct return type for ndo_start_xmit()
    - powerpc/spufs: fix copy_to_user while atomic
    - xfs: clean up the error handling in xfs_swap_extents
    - Crypto/chcr: fix for ccm(aes) failed test
    - MIPS: Truncate link address into 32bit for 32bit kernel
    - mips: cm: Fix an invalid error code of INTVN_*_ERR
    - kgdb: Fix spurious true from in_dbg_master()
    - xfs: reset buffer write failure state on successful completion
    - xfs: fix duplicate verification from xfs_qm_dqflush()
    - platform/x86: intel-vbtn: Use acpi_evaluate_integer()
    - platform/x86: intel-vbtn: Split keymap into buttons and switches parts
    - platform/x86: intel-vbtn: Do not advertise switches to userspace if they are
      not there
    - platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and
      "Portable" chassis-types
    - nvme: refine the Qemu Identify CNS quirk
    - ath10k: Remove msdu from idr when management pkt send fails
    - wcn36xx: Fix error handling path in 'wcn36xx_probe()'
    - net: qed*: Reduce RX and TX default ring count when running inside kdump
      kernel
    - mt76: avoid rx reorder buffer overflow
    - md: don't flush workqueue unconditionally in md_open
    - veth: Adjust hard_start offset on redirect XDP frames
    - net/mlx5e: IPoIB, Drop multicast packets that this interface sent
    - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
    - mwifiex: Fix memory corruption in dump_station
    - x86/boot: Correct relocation destination on old linkers
    - mips: MAAR: Use more precise address mask
    - mips: Add udelay lpj numbers adjustment
    - crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
    - crypto: stm32/crc32 - fix run-time self test issue.
    - crypto: stm32/crc32 - fix multi-instance
    - x86/mm: Stop printing BRK addresses
    - m68k: mac: Don't call via_flush_cache() on Mac IIfx
    - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new
      qgroup
    - macvlan: Skip loopback packets in RX handler
    - PCI: Don't disable decoding when mmio_always_on is set
    - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
    - bcache: fix refcount underflow in bcache_device_free()
    - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
    - staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
    - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
    - ixgbe: fix signed-integer-overflow warning
    - mmc: sdhci-esdhc-imx: fix the mask for tuning start point
    - spi: dw: Return any value retrieved from the dma_transfer callback
    - cpuidle: Fix three reference count leaks
    - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
    - platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
    - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop"
      chasis-type
    - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
    - btrfs: include non-missing as a qualifier for the latest_bdev
    - btrfs: send: emit file capabilities after chown
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
    - mm: initialize deferred pages with interrupts enabled
    - ima: Fix ima digest hash table key calculation
    - ima: Directly assign the ima_default_policy pointer to ima_rules
    - evm: Fix possible memory leak in evm_calc_hmac_or_hash()
    - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
    - ext4: fix error pointer dereference
    - ext4: fix race between ext4_sync_parent() and rename()
    - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
    - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
    - PCI: Avoid FLR for AMD Starship USB 3.0
    - PCI: Add ACS quirk for iProc PAXB
    - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
    - PCI: Move Rohm Vendor ID to generic list
    - misc: pci_endpoint_test: Add the layerscape EP device support
    - misc: pci_endpoint_test: Add support to test PCI EP in AM654x
    - PCI: Add Synopsys endpoint EDDA Device ID
    - PCI: Add NVIDIA GPU multi-function power dependencies
    - PCI: mediatek: Add controller support for MT7629
    - ALSA: lx6464es - add support for LX6464ESe pci express variant
    - PCI: Add Genesys Logic, Inc. Vendor ID
    - PCI: Add Amazon's Annapurna Labs vendor ID
    - PCI: vmd: Add device id for VMD device 8086:9A0B
    - x86/amd_nb: Add Family 19h PCI IDs
    - PCI: Add Loongson vendor ID
    - serial: 8250_pci: Move Pericom IDs to pci_ids.h
    - PCI: Generalize multi-function power dependency device links
    - btrfs: fix error handling when submitting direct I/O bio
    - btrfs: fix wrong file range cleanup after an error filling dealloc range
    - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
    - PCI: Program MPS for RCiEP devices
    - e1000e: Relax condition to trigger reset for ME workaround
    - carl9170: remove P2P_GO support
    - media: go7007: fix a miss of snd_card_free
    - Bluetooth: hci_bcm: fix freeing not-requested IRQ
    - b43legacy: Fix case where channel status is corrupted
    - b43: Fix connection problem with WPA3
    - b43_legacy: Fix connection problem with WPA3
    - media: ov5640: fix use of destroyed mutex
    - igb: Report speed and duplex as unknown when device is runtime suspended
    - power: vexpress: add suppress_bind_attrs to true
    - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
    - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
    - gnss: sirf: fix error return code in sirf_probe()
    - sparc32: fix register window handling in genregs32_[gs]et()
    - sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
    - dm crypt: avoid truncating the logical block size
    - alpha: fix memory barriers so that they conform to the specification
    - kernel/cpu_pm: Fix uninitted local in cpu_pm
    - ARM: tegra: Correct PL310 Auxiliary Control Register initialization
    - ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
    - ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
    - ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
    - drivers/macintosh: Fix memleak in windfarm_pm112 driver
    - powerpc/64s: Don't let DT CPU features set FSCR_DSCR
    - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
    - kbuild: force to build vmlinux if CONFIG_MODVERSION=y
    - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate
      registrations.
    - sunrpc: clean up properly in gss_mech_unregister()
    - mtd: rawnand: brcmnand: fix hamming oob layout
    - mtd: rawnand: pasemi: Fix the probe error path
    - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
    - perf probe: Do not show the skipped events
    - perf probe: Fix to check blacklist address correctly
    - perf probe: Check address correctness by map instead of _etext
    - perf symbols: Fix debuginfo search for Ubuntu
    - elfnote: mark all .note sections SHF_ALLOC
    - csky: Fixup abiv2 syscall_trace break a4 & a5
    - spi: dw: Fix native CS being unset
    - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
    - fanotify: fix ignore mask logic for events on child and on dir
    - KVM: x86: respect singlestep when emulating instruction
    - ASoC: max9867: fix volume controls
    - arm64: acpi: fix UBSAN warning
    - crypto: algapi - Avoid spurious modprobe on LOADED
    - firmware: imx: warn on unexpected RX
    - firmware: imx-scu: Support one TX and one RX
    - firmware: imx: scu: Fix corruption of header
    - dccp: Fix possible memleak in dccp_init and dccp_fini
    - video: vt8500lcdfb: fix fallthrough warning
    - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
    - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
    - block/floppy: fix contended case in floppy_queue_rq()
  * Disco update: upstream stable patchset 2020-06-22 (LP: #1884581)
    - devinet: fix memleak in inetdev_init()
    - l2tp: add sk_family checks to l2tp_validate_socket
    - l2tp: do not use inet_hash()/inet_unhash()
    - net: usb: qmi_wwan: add Telit LE910C1-EUX composition
    - NFC: st21nfca: add missed kfree_skb() in an error path
    - vsock: fix timeout in vsock_accept()
    - net: check untrusted gso_size at kernel entry
    - USB: serial: qcserial: add DW5816e QDL support
    - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
    - USB: serial: option: add Telit LE910C1-EUX compositions
    - iio: vcnl4000: Fix i2c swapped word reading.
    - usb: musb: start session in resume for host port
    - usb: musb: Fix runtime PM imbalance on error
    - vt: keyboard: avoid signed integer overflow in k_ascii
    - tty: hvc_console, fix crashes on parallel open/close
    - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
    - CDC-ACM: heed quirk also in error handling
    - nvmem: qfprom: remove incorrect write support
    - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly
      aligned
    - Revert "net/mlx5: Annotate mutex destroy for root ns"
    - net: be more gentle about silly gso requests coming from user
    - USB: serial: ch341: add basis for quirk detection
  * Disco update: upstream stable patchset 2020-06-16 (LP: #1883773)
    - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race
      window"
    - libnvdimm: Fix endian conversion issues
    - HID: sony: Fix for broken buttons on DS3 USB dongles
    - HID: i2c-hid: add Schneider SCL142ALM to descriptor override
    - p54usb: add AirVasT USB stick device-id
    - mmc: fix compilation of user API
    - scsi: ufs: Release clock if DMA map fails
    - net: dsa: mt7530: set CPU port to fallback mode
    - airo: Fix read overflows sending packets
    - drm/i915: fix port checks for MST support on gen >= 11
    - powerpc/powernv: Avoid re-registration of imc debugfs directory
    - spi: dw: use "smp_mb()" to avoid sending spi data error
    - s390/ftrace: save traced function caller
    - ARC: Fix ICCM & DCCM runtime size checks
    - ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT
    - evm: Fix RCU list related warnings
    - i2c: altera: Fix race between xfer_msg and isr thread
    - x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
    - net: bmac: Fix read of MAC address from ROM
    - drm/edid: Add Oculus Rift S to non-desktop list
    - s390/mm: fix set_huge_pte_at() for empty ptes
    - null_blk: return error for invalid zone size
    - net/ethernet/freescale: rework quiesce/activate for ucc_geth
    - net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
    - net: smsc911x: Fix runtime PM imbalance on error
    - HID: multitouch: add support for the Smart Tech panel
    - HID: multitouch: enable multi-input as a quirk for some devices
    - mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter
    - media: staging: ipu3-imgu: Move alignment attribute to field
    - ASoC: intel - fix the card names
    - selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer
  * Disco update: upstream stable patchset 2020-06-10 (LP: #1883001)
    - ax25: fix setsockopt(SO_BINDTODEVICE)
    - dpaa_eth: fix usage as DSA master, try 3
    - net: dsa: mt7530: fix roaming from DSA user ports
    - __netif_receive_skb_core: pass skb by reference
    - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
    - net: ipip: fix wrong address family in init error path
    - net/mlx5: Add command entry handling completion
    - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
    - net: revert "net: get rid of an signed integer overflow in
      ip_idents_reserve()"
    - net sched: fix reporting the first-time use timestamp
    - r8152: support additional Microsoft Surface Ethernet Adapter variant
    - sctp: Don't add the shutdown timer if its already been added
    - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and
      socket is closed
    - net/mlx5e: Update netdev txq on completions during closure
    - net/mlx5: Annotate mutex destroy for root ns
    - net: sun: fix missing release regions in cas_init_one().
    - net/mlx4_core: fix a memory leak bug.
    - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload
      fails
    - ARM: dts: rockchip: fix phy nodename for rk3228-evb
    - arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts
    - arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node
    - ARM: dts: rockchip: swap clock-names of gpu nodes
    - ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi
    - gpio: tegra: mask GPIO IRQs during IRQ shutdown
    - ALSA: usb-audio: add mapping for ASRock TRX40 Creator
    - net: microchip: encx24j600: add missed kthread_stop
    - gfs2: move privileged user check to gfs2_quota_lock_check
    - cachefiles: Fix race between read_waiter and read_copier involving op->to_do
    - usb: dwc3: pci: Enable extcon driver for Intel Merrifield
    - usb: gadget: legacy: fix redundant initialization warnings
    - net: freescale: select CONFIG_FIXED_PHY where needed
    - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get()
    - riscv: stacktrace: Fix undefined reference to `walk_stackframe'
    - cifs: Fix null pointer check in cifs_read
    - samples: bpf: Fix build error
    - Input: usbtouchscreen - add support for BonXeon TP
    - Input: evdev - call input_flush_device() on release(), not flush()
    - Input: xpad - add custom init packet for Xbox One S controllers
    - Input: dlink-dir685-touchkeys - fix a typo in driver name
    - Input: i8042 - add ThinkPad S230u to i8042 reset list
    - Input: synaptics-rmi4 - really fix attn_data use-after-free
    - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()
    - ARM: 8970/1: decompressor: increase tag size
    - ARM: 8843/1: use unified assembler in headers
    - ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h
    - ARM: uaccess: integrate uaccess_save and uaccess_restore
    - ARM: uaccess: fix DACR mismatch with nested exceptions
    - gpio: exar: Fix bad handling for ida_simple_get error path
    - IB/qib: Call kobject_put() when kobject_init_and_add() fails
    - ARM: dts/imx6q-bx50v3: Set display interface clock parents
    - ARM: dts: bcm2835-rpi-zero-w: Fix led polarity
    - ARM: dts: bcm: HR2: Fix PPI interrupt types
    - mmc: block: Fix use-after-free issue for rpmb
    - RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe()
    - ALSA: hwdep: fix a left shifting 1 by 31 UB bug
    - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround
    - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
    - exec: Always set cap_ambient in cap_bprm_set_creds
    - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio
    - ALSA: hda/realtek - Add new codec supported for ALC287
    - libceph: ignore pool overlay and cache logic on redirects
    - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode
    - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
    - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
    - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
    - iommu: Fix reference count leak in iommu_group_alloc.
    - parisc: Fix kernel panic in mem_init()
    - RDMA/core: Fix double destruction of uobject
    - mac80211: mesh: fix discovery timer re-arming issue / crash
    - x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
    - copy_xstate_to_kernel(): don't leave parts of destination uninitialized
    - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
    - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
    - xfrm interface: fix oops when deleting a x-netns interface
    - xfrm: fix a warning in xfrm_policy_insert_list
    - xfrm: fix a NULL-ptr deref in xfrm_local_error
    - xfrm: fix error in comment
    - vti4: eliminated some duplicate code.
    - ip_vti: receive ipip packet by calling ip_tunnel_rcv
    - netfilter: nft_reject_bridge: enable reject with bridge vlan
    - netfilter: ipset: Fix subcounter update skip
    - netfilter: nfnetlink_cthelper: unbreak userspace helper support
    - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
    - esp6: get the right proto for transport mode in esp6_gso_encap
    - bnxt_en: Fix accumulation of bp->net_stats_prev.
    - xsk: Add overflow check for u64 division, stored into u32
    - qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
    - crypto: chelsio/chtls: properly set tp->lsndtime
    - bonding: Fix reference count leak in bond_sysfs_slave_add.
    - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
    - mm/vmalloc.c: don't dereference possible NULL pointer in __vunmap()
    - net: don't return invalid table id error when we fall back to PF_UNSPEC
    - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
    - net: mvpp2: fix RX hashing for non-10G ports
    - tls: Fix recvmsg() to be able to peek across multiple records
    - net/tls: fix race condition causing kernel panic
    - net/mlx5e: Fix inner tirs handling
    - net/tls: fix encryption error checking
    - net/tls: free record only on encryption error
    - gfs2: Grab glock reference sooner in gfs2_add_revoke
    - usb: phy: twl6030-usb: Fix a resource leak in an error handling path in
      'twl6030_usb_probe()'
    - clk: ti: am33xx: fix RTC clock parent
    - csky: Fixup remove duplicate irq_disable
    - csky: Fixup raw_copy_from_user()
    - soc: mediatek: cmdq: return send msg error code
    - Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and
      REQ_NOWAIT"
    - gpio: fix locking open drain IRQ lines
    - xfrm: remove the xfrm_state_put call becofe going to out_reset
    - ieee80211: Fix incorrect mask for default PE duration
    - perf: Make perf able to build with latest libbfd
  * Update lockdown patches (LP: #1884159)
    - SAUCE: (efi-lockdown) kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and
      KEXEC_SIG_FORCE
    - SAUCE: (efi-lockdown) kexec_file: Restrict at runtime if the kernel is
      locked down
    - [Config] Update kexec signature config options
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: add read-only mode
    - powerpc/xmon: Restrict when kernel is locked down
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down
    - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
  * CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap
  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount
  * apparmor reference leak causes refcount_t overflow with af_alg_accept()
    (LP: #1883962)
    - apparmor: check/put label on apparmor_sk_clone_security()
  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start
  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open
  * CVE-2019-12380
    - efi/x86/Add missing error handling to old_memmap 1:1 mapping code

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 14 Jul 2020 16:02:41 +0200

Changed in linux-oem-osp1 (Ubuntu):
status:	Invalid → Fix Released

Ubuntu
linux package

Update lockdown patches

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Critical	Seth Forshee
Xenial	Fix Released	Critical	Seth Forshee
Bionic	Fix Released	Critical	Seth Forshee
Eoan	Fix Released	Critical	Seth Forshee
Focal	Fix Released	Critical	Seth Forshee
linux-oem-osp1 (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned

Ubuntulinux package

Update lockdown patches

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package