Bug #1921902 “Security-Fix Xen XSA 371 for Kernel 5.4.0-71” : Bugs : linux package : Ubuntu

Jan Kellermann (jan-kellermann) on 2021-03-30

summary:	- Securit-Fix Xen XSA 371 for Kernel 5.4.0-71 + Security-Fix Xen XSA 371 for Kernel 5.4.0-71
description:	updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-30: Missing required logs.

#1

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1921902

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Revision history for this message

Jan Kellermann (jan-kellermann) wrote on 2021-03-30:

#2

Due to kind of report are no logs available.

Changed in linux (Ubuntu):
status:	Incomplete → Confirmed

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-03-31:

#3

upstream commit a846738f8c3788d846ed1f587270d2f2e3d32432 ("xen-blkback: don't leak persistent grants from xen_blkbk_map()")

Tim Gardner (timg-tpi) on 2021-04-01

Changed in linux (Ubuntu Xenial):
status:	New → In Progress
Changed in linux (Ubuntu Bionic):
status:	New → In Progress
Changed in linux (Ubuntu Focal):
status:	New → In Progress
Changed in linux (Ubuntu Groovy):
status:	New → In Progress
Changed in linux (Ubuntu Hirsute):
status:	Confirmed → In Progress
tags:	added: bot-stop-nagging
Changed in linux (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in linux (Ubuntu Bionic):
importance:	Undecided → Medium
Changed in linux (Ubuntu Focal):
importance:	Undecided → Medium
Changed in linux (Ubuntu Groovy):
importance:	Undecided → Medium
Changed in linux (Ubuntu Hirsute):
importance:	Undecided → Medium
Changed in linux (Ubuntu Xenial):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Bionic):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Focal):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Groovy):
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux (Ubuntu Hirsute):
assignee:	nobody → Tim Gardner (timg-tpi)

Tim Gardner (timg-tpi) on 2021-04-01

description:	updated
description:	updated

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-04-02:

#4

Patches submitted:

https://lists.ubuntu.com/archives/kernel-team/2021-April/118727.html
https://lists.ubuntu.com/archives/kernel-team/2021-April/118765.html

Kleber Sacilotto de Souza (kleber-souza) on 2021-04-09

Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-05-10:

#5

Download full text (20.1 KiB)

This bug was fixed in the package linux - 4.15.0-143.147

---------------
linux (4.15.0-143.147) bionic; urgency=medium

* bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811)

* CVE-2021-29650
- netfilter: x_tables: Use correct memory barriers.

  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4

  * Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) //
    CVE-2021-28688
    - xen-blkback: don't leak persistent grants from xen_blkbk_map()

* CVE-2021-20292
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure.

* CVE-2021-29264
- gianfar: fix jumbo packets+napi+rx overrun crash

* CVE-2021-29265
- usbip: fix stub_dev usbip_sockfd_store() races leading to gpf

* Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
- bcache: consider the fragmentation when update the writeback rate

  * Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124)
    - net: usb: qmi_wwan: support ZTE P685M modem
    - scripts: use pkg-config to locate libcrypto
    - scripts: set proper OpenSSL include dir also for sign-file
    - hugetlb: fix update_and_free_page contig page struct assumption
    - drm/virtio: use kvmalloc for large allocations
    - virtio/s390: implement virtio-ccw revision 2 correctly
    - arm64 module: set plt* section addresses to 0x0
    - arm64: Avoid redundant type conversions in xchg() and cmpxchg()
    - arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
    - arm64: Use correct ll/sc atomic constraints
    - JFS: more checks for invalid superblock
    - media: mceusb: sanity check for prescaler value
    - xfs: Fix assert failure in xfs_setattr_size()
    - smackfs: restrict bytes count in smackfs write functions
    - net: fix up truesize of cloned skb in skb_prepare_for_shift()
    - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
    - net: bridge: use switchdev for port flags set through sysfs too
    - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/
    - staging: fwserial: Fix error handling in fwserial_create
    - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
    - vt/consolemap: do font sum unsigned
    - wlcore: Fix command execute failure 19 for wl12xx
    - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
    - ath10k: fix wmi mgmt tx queue full due to race condition
    - x86/build: Treat R_386_PLT32 relocation as R_386_PC32
    - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
    - staging: most: sound: add sanity check for function argument
    - media: uvcvideo: Allow entities with no pads
    - f2fs: handle unallocated section and zone on pinned/atgc
    - parisc: Bump 64-bit IRQ stack size to 64 KB
    - Xen/gnttab: handle p2m update errors on a per-slot basis
    - xen-netback: respect gnttab_map_refs()'s return value
    - zsmalloc: account the number of compacted pages correctly
    - swap: fix swapfile read/write offset
    - media: v4l: ioctl: Fix memory leak in video_usercopy
    - PCI: Add a REBAR size quirk for S...

This bug was fixed in the package linux - 4.15.0-143.147

---------------
linux (4.15.0-143.147) bionic; urgency=medium

* bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811)

* CVE-2021-29650
    - netfilter: x_tables: Use correct memory barriers.

* LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4

* Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) //
    CVE-2021-28688
    - xen-blkback: don't leak persistent grants from xen_blkbk_map()

* CVE-2021-20292
    - drm/ttm/nouveau: don't call tt destroy callback on alloc failure.

* CVE-2021-29264
    - gianfar: fix jumbo packets+napi+rx overrun crash

* CVE-2021-29265
    - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf

* Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
    - bcache: consider the fragmentation when update the writeback rate

* Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124)
    - net: usb: qmi_wwan: support ZTE P685M modem
    - scripts: use pkg-config to locate libcrypto
    - scripts: set proper OpenSSL include dir also for sign-file
    - hugetlb: fix update_and_free_page contig page struct assumption
    - drm/virtio: use kvmalloc for large allocations
    - virtio/s390: implement virtio-ccw revision 2 correctly
    - arm64 module: set plt* section addresses to 0x0
    - arm64: Avoid redundant type conversions in xchg() and cmpxchg()
    - arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
    - arm64: Use correct ll/sc atomic constraints
    - JFS: more checks for invalid superblock
    - media: mceusb: sanity check for prescaler value
    - xfs: Fix assert failure in xfs_setattr_size()
    - smackfs: restrict bytes count in smackfs write functions
    - net: fix up truesize of cloned skb in skb_prepare_for_shift()
    - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
    - net: bridge: use switchdev for port flags set through sysfs too
    - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/
    - staging: fwserial: Fix error handling in fwserial_create
    - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
    - vt/consolemap: do font sum unsigned
    - wlcore: Fix command execute failure 19 for wl12xx
    - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
    - ath10k: fix wmi mgmt tx queue full due to race condition
    - x86/build: Treat R_386_PLT32 relocation as R_386_PC32
    - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
    - staging: most: sound: add sanity check for function argument
    - media: uvcvideo: Allow entities with no pads
    - f2fs: handle unallocated section and zone on pinned/atgc
    - parisc: Bump 64-bit IRQ stack size to 64 KB
    - Xen/gnttab: handle p2m update errors on a per-slot basis
    - xen-netback: respect gnttab_map_refs()'s return value
    - zsmalloc: account the number of compacted pages correctly
    - swap: fix swapfile read/write offset
    - media: v4l: ioctl: Fix memory leak in video_usercopy
    - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse
    - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails
    - f2fs: fix to set/clear I_LINKABLE under i_lock
    - btrfs: fix error handling in commit_fs_roots
    - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ
    - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board
    - btrfs: raid56: simplify tracking of Q stripe presence
    - btrfs: fix raid6 qstripe kmap
    - usbip: tools: fix build error for multiple definition
    - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
    - rsxx: Return -EFAULT if copy_to_user() fails
    - dm table: fix iterate_devices based device capability checks
    - dm table: fix DAX iterate_devices based device capability checks
    - dm table: fix zoned iterate_devices based device capability checks
    - iommu/amd: Fix sleeping in atomic in increase_address_space()
    - mwifiex: pcie: skip cancel_work_sync() on reset failure path
    - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines
    - platform/x86: acer-wmi: Cleanup accelerometer device handling
    - platform/x86: acer-wmi: Add new force_caps module parameter
    - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
    - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
    - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch
      10E SW3-016
    - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
    - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
    - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
    - Revert "zram: close udev startup race condition as default groups"
    - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter

* Bionic update: upstream stable patchset 2021-03-16 (LP: #1919380)
    - fgraph: Initialize tracing_graph_pause at task creation
    - tracing: Do not count ftrace events in top level enable output
    - tracing: Check length before giving out the filter buffer
    - arm/xen: Don't probe xenbus as part of an early initcall
    - MIPS: BMIPS: Fix section mismatch warning
    - arm64: dts: rockchip: Fix PCIe DT properties on rk3399
    - platform/x86: hp-wmi: Disable tablet-mode reporting by default
    - ovl: perform vfs_getxattr() with mounter creds
    - cap: fix conversions on getxattr
    - ovl: skip getxattr of security labels
    - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
    - ARM: ensure the signal page contains defined contents
    - bpf: Check for integer overflow when using roundup_pow_of_two()
    - netfilter: xt_recent: Fix attempt to update deleted entry
    - xen/netback: avoid race in xenvif_rx_ring_slots_available()
    - netfilter: conntrack: skip identical origin tuple in same zone only
    - usb: dwc3: ulpi: fix checkpatch warning
    - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
    - net/vmw_vsock: improve locking in vsock_connect_timeout()
    - net: watchdog: hold device global xmit lock during tx disable
    - vsock/virtio: update credit only if socket is not closed
    - vsock: fix locking in vsock_shutdown()
    - i2c: stm32f7: fix configuration of the digital filter
    - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
    - x86/build: Disable CET instrumentation in the kernel for 32-bit too
    - trace: Use -mcount-record for dynamic ftrace
    - tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord-
      mcount
    - tracing: Avoid calling cc-option -mrecord-mcount for every Makefile
    - Xen/x86: don't bail early from clear_foreign_p2m_mapping()
    - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
    - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
    - Xen/gntdev: correct error checking in gntdev_map_grant_pages()
    - xen/arm: don't ignore return errors from set_phys_to_machine
    - xen-blkback: don't "handle" error by BUG()
    - xen-netback: don't "handle" error by BUG()
    - xen-scsiback: don't "handle" error by BUG()
    - xen-blkback: fix error handling in xen_blkbk_map()
    - scsi: qla2xxx: Fix crash during driver load on big endian machines
    - kvm: check tlbs_dirty directly
    - drm/amd/display: Free atomic state after drm_atomic_commit
    - riscv: virt_addr_valid must check the address belongs to linear mapping
    - ARM: kexec: fix oops after TLB are invalidated
    - net: hns3: add a check for queue_id in hclge_reset_vf_queue()
    - firmware_loader: align .builtin_fw to 8
    - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
    - ovl: expand warning in ovl_d_real()
    - net: qrtr: Fix port ID for control messages
    - HID: make arrays usage and value to be the same
    - usb: quirks: add quirk to start video capture on ELMO L-12F document camera
      reliable
    - ntfs: check for valid standard information attribute
    - arm64: tegra: Add power-domain for Tegra210 HDA
    - NET: usb: qmi_wwan: Adding support for Cinterion MV31
    - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.
    - scripts/recordmcount.pl: support big endian for ARCH sh
    - vmlinux.lds.h: add DWARF v5 sections
    - kdb: Make memory allocations more robust
    - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
    - random: fix the RNDRESEEDCRNG ioctl
    - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the
      probe function
    - Bluetooth: Fix initializing response id after clearing struct
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
    - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2
    - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
    - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove()
    - usb: gadget: u_audio: Free requests only after callback
    - Bluetooth: drop HCI device reference before return
    - Bluetooth: Put HCI device if inquiry procedure interrupts
    - ARM: dts: Configure missing thermal interrupt for 4430
    - usb: dwc2: Do not update data length if it is 0 on inbound transfers
    - usb: dwc2: Abort transaction after errors with unknown reason
    - usb: dwc2: Make "trimming xfer length" a debug message
    - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules
    - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
    - ARM: s3c: fix fiq for clang IAS
    - bpf_lru_list: Read double-checked variable once without lock
    - ath9k: fix data bus crash when setting nf_override via debugfs
    - bnxt_en: reverse order of TX disable and carrier off
    - xen/netback: fix spurious event detection for common event case
    - mac80211: fix potential overflow when multiplying to u32 integers
    - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
    - ibmvnic: skip send_request_unmap for timeout reset
    - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
    - net: amd-xgbe: Reset link when the link never comes back
    - net: mvneta: Remove per-cpu queue mapping for Armada 3700
    - fbdev: aty: SPARC64 requires FB_ATY_CT
    - drm/gma500: Fix error return code in psb_driver_load()
    - gma500: clean up error handling in init
    - crypto: sun4i-ss - fix kmap usage
    - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
    - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
    - media: i2c: ov5670: Fix PIXEL_RATE minimum value
    - media: vsp1: Fix an error handling path in the probe function
    - media: media/pci: Fix memleak in empress_init
    - media: tm6000: Fix memleak in tm6000_start_stream
    - ASoC: cs42l56: fix up error handling in probe
    - crypto: bcm - Rename struct device_private to bcm_device_private
    - media: lmedm04: Fix misuse of comma
    - media: qm1d1c0042: fix error return code in qm1d1c0042_init()
    - media: cx25821: Fix a bug when reallocating some dma memory
    - media: pxa_camera: declare variable when DEBUG is defined
    - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
    - ata: ahci_brcm: Add back regulators management
    - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind()
    - btrfs: clarify error returns values in __load_free_space_cache
    - hwrng: timeriomem - Fix cooldown period calculation
    - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
    - ima: Free IMA measurement buffer on error
    - ima: Free IMA measurement buffer after kexec syscall
    - fs/jfs: fix potential integer overflow on shift of a int
    - jffs2: fix use after free in jffs2_sum_write_data()
    - capabilities: Don't allow writing ambiguous v3 file capabilities
    - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
    - quota: Fix memory leak when handling corrupted quota file
    - spi: cadence-quadspi: Abort read if dummy cycles required are too many
    - HID: core: detect and skip invalid inputs to snto32()
    - dmaengine: fsldma: Fix a resource leak in the remove function
    - dmaengine: fsldma: Fix a resource leak in an error handling path of the
      probe function
    - dmaengine: hsu: disable spurious interrupt
    - mfd: bd9571mwv: Use devm_mfd_add_devices()
    - fdt: Properly handle "no-map" field in the memory region
    - of/fdt: Make sure no-map does not remove already reserved regions
    - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
    - rtc: s5m: select REGMAP_I2C
    - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined
    - regulator: axp20x: Fix reference cout leak
    - certs: Fix blacklist flag type confusion
    - spi: atmel: Put allocated master before return
    - isofs: release buffer head before return
    - auxdisplay: ht16k33: Fix refresh rate handling
    - IB/umad: Return EIO in case of when device disassociated
    - powerpc/47x: Disable 256k page size
    - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
    - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
    - amba: Fix resource leak for drivers without .remove
    - tracepoint: Do not fail unregistering a probe due to memory failure
    - perf tools: Fix DSO filtering when not finding a map for a sampled address
    - RDMA/rxe: Fix coding error in rxe_recv.c
    - spi: stm32: properly handle 0 byte transfer
    - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
    - powerpc/pseries/dlpar: handle ibm, configure-connector delay status
    - powerpc/8xx: Fix software emulation interrupt
    - spi: pxa2xx: Fix the controller numbering for Wildcat Point
    - perf intel-pt: Fix missing CYC processing in PSB
    - perf test: Fix unaligned access in sample parsing test
    - Input: elo - fix an error code in elo_connect()
    - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
    - misc: eeprom_93xx46: Fix module alias to enable module autoprobe
    - misc: eeprom_93xx46: Add module alias to avoid breaking support for non
      device tree users
    - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
    - VMCI: Use set_page_dirty_lock() when unregistering guest memory
    - PCI: Align checking of syscall user config accessors
    - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
    - ext4: fix potential htree index checksum corruption
    - i40e: Fix flow for IPv6 next header (extension header)
    - i40e: Fix overwriting flow control settings during driver loading
    - net/mlx4_core: Add missed mlx4_free_cmd_mailbox()
    - ocfs2: fix a use after free on error
    - mm/memory.c: fix potential pte_unmap_unlock pte error
    - mm/hugetlb: fix potential double free in hugetlb_register_node() error path
    - arm64: Add missing ISB after invalidating TLB in __primary_switch
    - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition
    - mm/rmap: fix potential pte_unmap on an not mapped pte
    - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
    - blk-settings: align max_sectors on "logical_block_size" boundary
    - ACPI: property: Fix fwnode string properties matching
    - ACPI: configfs: add missing check after configfs_register_default_group()
    - HID: wacom: Ignore attempts to overwrite the touch_max value from HID
    - Input: raydium_ts_i2c - do not send zero length
    - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox
      Series X|S
    - Input: joydev - prevent potential read overflow in ioctl
    - Input: i8042 - add ASUS Zenbook Flip to noselftest list
    - USB: serial: option: update interface mapping for ZTE P685M
    - usb: musb: Fix runtime PM race in musb_queue_resume_work
    - USB: serial: mos7840: fix error code in mos7840_write()
    - USB: serial: mos7720: fix error code in mos7720_write()
    - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
    - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
    - ALSA: hda/realtek: modify EAPD in the ALC886
    - tpm_tis: Fix check_locality for correct locality acquisition
    - KEYS: trusted: Fix migratable=1 failing
    - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
    - btrfs: fix reloc root leak with 0 ref reloc roots on recovery
    - btrfs: fix extent buffer leak on failure to copy root
    - crypto: sun4i-ss - checking sg length is not sufficient
    - crypto: sun4i-ss - handle BigEndian for cipher
    - seccomp: Add missing return in non-void function
    - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue
    - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
    - x86/reboot: Force all cpus to exit VMX root if VMX is supported
    - floppy: reintroduce O_NDELAY fix
    - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
    - watchdog: mei_wdt: request stop on unregister
    - mtd: spi-nor: hisi-sfc: Put child node np on error path
    - fs/affs: release old buffer head on error path
    - hugetlb: fix copy_huge_page_from_user contig page struct assumption
    - mm: hugetlb: fix a race between freeing and dissolving the page
    - libnvdimm/dimm: Avoid race between probe and available_slots_show()
    - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
    - mmc: sdhci-esdhc-imx: fix kernel panic when remove module
    - gpio: pcf857x: Fix missing first interrupt
    - printk: fix deadlock when kernel panic
    - f2fs: fix out-of-repair __setattr_copy()
    - sparc32: fix a user-triggerable oops in clear_user()
    - gfs2: Don't skip dlm unlock if glock has an lvb
    - dm era: Recover committed writeset after crash
    - dm era: Verify the data block size hasn't changed
    - dm era: Fix bitset memory leaks
    - dm era: Use correct value size in equality function of writeset tree
    - dm era: Reinitialize bitset cache before digesting a new writeset
    - dm era: only resize metadata in preresume
    - icmp: introduce helper for nat'd source address in network device context
    - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n
    - gtp: use icmp_ndo_send helper
    - sunvnet: use icmp_ndo_send helper
    - ipv6: icmp6: avoid indirect call for icmpv6_send()
    - ipv6: silence compilation warning for non-IPV6 builds
    - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
    - dm era: Update in-core bitset after committing the metadata
    - USB: quirks: sort quirk entries
    - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked()
      operations
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
    - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family
    - arm64: dts: allwinner: A64: properly connect USB PHY to port 0
    - arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card
    - arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz
    - memory: ti-aemif: Drop child node when jumping out loop
    - ibmvnic: add memory barrier to protect long term buffer
    - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
    - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition
    - drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction.
    - crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error)
    - f2fs: fix to avoid inconsistent quota data
    - regulator: s5m8767: Drop regulators OF node reference
    - mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to
      128-bytes
    - RDMA/rxe: Correct skb on loopback path
    - i40e: Add zero-initialization of AQ command structures
    - i40e: Fix add TC filter for IPv6
    - r8169: fix jumbo packet handling on RTL8168e
    - USB: serial: ftdi_sio: fix FTX sub-integer prescaler
    - crypto: arm64/sha - add missing module aliases
    - misc: rtsx: init of rts522a add OCP power off when no card is present
    - seq_file: document how per-entry resources are managed.
    - x86: fix seq_file iteration for pat/memtype.c

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Wed, 14 Apr 2021 15:15:21 +0200

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Brian Murray (brian-murray) wrote on 2021-07-28:

#6

The Groovy Gorilla has reached end of life, so this bug will not be fixed for that release

Changed in linux (Ubuntu Groovy):
status:	In Progress → Won't Fix

Revision history for this message

Brian Murray (brian-murray) wrote on 2022-01-26:

#7

The Hirsute Hippo has reached End of Life, so this bug will not be fixed for that release.

Changed in linux (Ubuntu Hirsute):
status:	In Progress → Won't Fix

Ubuntu
linux package

Security-Fix Xen XSA 371 for Kernel 5.4.0-71

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	In Progress	Medium	Tim Gardner
Xenial	In Progress	Medium	Tim Gardner
Bionic	Fix Released	Medium	Tim Gardner
Focal	In Progress	Medium	Tim Gardner
Groovy	Won't Fix	Medium	Tim Gardner
Hirsute	Won't Fix	Medium	Tim Gardner

Ubuntulinux package

Security-Fix Xen XSA 371 for Kernel 5.4.0-71

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package