Bug #1913086 “xenial/linux: 4.4.0-202.234 -proposed tracker” : Bugs : Kernel SRU Workflow

Ian May (ian-may) on 2021-01-25

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2021.01.25-1
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-25

Changed in linux (Ubuntu Xenial):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → In Progress
description:	updated

Kelsey Steele (kelsey-steele) on 2021-01-27

summary:

- xenial/linux: <version to be filled> -proposed tracker
+ xenial/linux: 4.4.0-202.234 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-27

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-29

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-01-30

description:

updated

Andy Whitcroft (apw) on 2021-02-02

Changed in linux (Ubuntu Xenial):
status:	New → Confirmed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-02-23:

#1

Download full text (11.8 KiB)

This bug was fixed in the package linux - 4.4.0-203.235

---------------
linux (4.4.0-203.235) xenial; urgency=medium

* xenial/linux: 4.4.0-203.235 -proposed tracker (LP: #1914140)

* Ubuntu 16.04 kernel 4.4.0-202 basic commands hanging (LP: #1913853)
- SAUCE: Revert "mm: check that mm is still valid in madvise()"

linux (4.4.0-202.234) xenial; urgency=medium

* xenial/linux: 4.4.0-202.234 -proposed tracker (LP: #1913086)

* DMI entry syntax fix for Pegatron / ByteSpeed C15B (LP: #1910639)
- Input: i8042 - unbreak Pegatron C15B

* CVE-2020-29372
- mm: check that mm is still valid in madvise()

* errinjct open fails on IBM POWER LPAR (LP: #1908710)
- powerpc/rtas: Fix typo of ibm, open-errinjct in RTAS filter

  * 4.4 kernel panics in kvm wake_up() handler (LP: #1908428)
    - kvm: vmx: rename vmx_pre/post_block to pi_pre/post_block
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts

  * restore reverted commit "crypto: arm64/sha - avoid non-standard inline asm
    tricks" (LP: #1907489)
    - crypto: arm64/sha - avoid non-standard inline asm tricks

* CVE-2020-29374
- gup: document and work around "COW can break either way" issue

  * Xenial update: v4.4.249 upstream stable release (LP: #1910139)
    - spi: bcm2835aux: Fix use-after-free on unbind
    - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe
    - ARC: stack unwinding: don't assume non-current task is sleeping
    - platform/x86: acer-wmi: add automatic keyboard background light toggle key
      as KEY_LIGHTS_TOGGLE
    - Input: cm109 - do not stomp on control URB
    - Input: i8042 - add Acer laptops to the i8042 reset list
    - [Config] updateconfigs for SPI_DYNAMIC
    - spi: Prevent adding devices below an unregistering controller
    - net/mlx4_en: Avoid scheduling restart task if it is already running
    - tcp: fix cwnd-limited bug for TSO deferral where we send nothing
    - net: stmmac: delete the eee_ctrl_timer after napi disabled
    - net: bridge: vlan: fix error return code in __vlan_add()
    - USB: dummy-hcd: Fix uninitialized array use in init()
    - USB: add RESET_RESUME quirk for Snapscan 1212
    - ALSA: usb-audio: Fix potential out-of-bounds shift
    - ALSA: usb-audio: Fix control 'access overflow' errors from chmap
    - xhci: Give USB2 ports time to enter U3 in bus suspend
    - USB: sisusbvga: Make console support depend on BROKEN
    - [Config] updateconfigs for USB_SISUSBVGA_CON
    - ALSA: pcm: oss: Fix potential out-of-bounds shift
    - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
    - USB: serial: cp210x: enable usb generic throttle/unthrottle
    - scsi: bnx2i: Requires MMU
    - can: softing: softing_netdev_open(): fix error handling
    - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
    - dm table: Remove BUG_ON(in_interrupt())
    - soc/tegra: fuse: Fix index bug in get_process_id
    - USB: serial: option: add interface-number sanity check to flag handling
    - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
    - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
...

This bug was fixed in the package linux - 4.4.0-203.235

---------------
linux (4.4.0-203.235) xenial; urgency=medium

* xenial/linux: 4.4.0-203.235 -proposed tracker (LP: #1914140)

* Ubuntu 16.04 kernel 4.4.0-202 basic commands hanging (LP: #1913853)
    - SAUCE: Revert "mm: check that mm is still valid in madvise()"

linux (4.4.0-202.234) xenial; urgency=medium

* xenial/linux: 4.4.0-202.234 -proposed tracker (LP: #1913086)

* DMI entry syntax fix for Pegatron / ByteSpeed C15B (LP: #1910639)
    - Input: i8042 - unbreak Pegatron C15B

* CVE-2020-29372
    - mm: check that mm is still valid in madvise()

* errinjct open fails on IBM POWER LPAR (LP: #1908710)
    - powerpc/rtas: Fix typo of ibm, open-errinjct in RTAS filter

* 4.4 kernel panics in kvm wake_up() handler (LP: #1908428)
    - kvm: vmx: rename vmx_pre/post_block to pi_pre/post_block
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts

* restore reverted commit "crypto: arm64/sha - avoid non-standard inline asm
    tricks" (LP: #1907489)
    - crypto: arm64/sha - avoid non-standard inline asm tricks

* CVE-2020-29374
    - gup: document and work around "COW can break either way" issue

* Xenial update: v4.4.249 upstream stable release (LP: #1910139)
    - spi: bcm2835aux: Fix use-after-free on unbind
    - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe
    - ARC: stack unwinding: don't assume non-current task is sleeping
    - platform/x86: acer-wmi: add automatic keyboard background light toggle key
      as KEY_LIGHTS_TOGGLE
    - Input: cm109 - do not stomp on control URB
    - Input: i8042 - add Acer laptops to the i8042 reset list
    - [Config] updateconfigs for SPI_DYNAMIC
    - spi: Prevent adding devices below an unregistering controller
    - net/mlx4_en: Avoid scheduling restart task if it is already running
    - tcp: fix cwnd-limited bug for TSO deferral where we send nothing
    - net: stmmac: delete the eee_ctrl_timer after napi disabled
    - net: bridge: vlan: fix error return code in __vlan_add()
    - USB: dummy-hcd: Fix uninitialized array use in init()
    - USB: add RESET_RESUME quirk for Snapscan 1212
    - ALSA: usb-audio: Fix potential out-of-bounds shift
    - ALSA: usb-audio: Fix control 'access overflow' errors from chmap
    - xhci: Give USB2 ports time to enter U3 in bus suspend
    - USB: sisusbvga: Make console support depend on BROKEN
    - [Config] updateconfigs for USB_SISUSBVGA_CON
    - ALSA: pcm: oss: Fix potential out-of-bounds shift
    - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
    - USB: serial: cp210x: enable usb generic throttle/unthrottle
    - scsi: bnx2i: Requires MMU
    - can: softing: softing_netdev_open(): fix error handling
    - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
    - dm table: Remove BUG_ON(in_interrupt())
    - soc/tegra: fuse: Fix index bug in get_process_id
    - USB: serial: option: add interface-number sanity check to flag handling
    - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
    - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
    - media: msi2500: assign SPI bus number dynamically
    - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
    - drm/gma500: fix double free of gma_connector
    - ARM: p2v: fix handling of LPAE translation in BE mode
    - crypto: talitos - Fix return type of current_desc_hdr()
    - spi: img-spfi: fix reference leak in img_spfi_resume
    - ASoC: pcm: DRAIN support reactivation
    - Bluetooth: Fix null pointer dereference in hci_event_packet()
    - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
    - spi: tegra20-slink: fix reference leak in slink ops of tegra20
    - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
    - spi: tegra114: fix reference leak in tegra spi ops
    - RDMa/mthca: Work around -Wenum-conversion warning
    - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
    - media: solo6x10: fix missing snd_card_free in error handling case
    - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
    - Input: ads7846 - fix integer overflow on Rt calculation
    - Input: ads7846 - fix unaligned access on 7845
    - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
    - soc: ti: knav_qmss: fix reference leak in knav_queue_probe
    - soc: ti: Fix reference imbalance in knav_dma_probe
    - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
    - memstick: fix a double-free bug in memstick_check
    - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
    - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
    - orinoco: Move context allocation after processing the skb
    - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
    - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
    - NFSv4.2: condition READDIR's mask for security label based on LSM state
    - lockd: don't use interval-based rebinding over TCP
    - NFS: switch nfsiod to be an UNBOUND workqueue.
    - media: saa7146: fix array overflow in vidioc_s_audio()
    - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
    - memstick: r592: Fix error return in r592_probe()
    - ASoC: jz4740-i2s: add missed checks for clk_get()
    - dm ioctl: fix error return code in target_message
    - clocksource/drivers/arm_arch_timer: Correct fault programming of
      CNTKCTL_EL1.EVNTI
    - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
    - cpufreq: loongson1: Add missing MODULE_ALIAS
    - cpufreq: scpi: Add missing MODULE_ALIAS
    - scsi: pm80xx: Fix error return in pm8001_pci_probe()
    - seq_buf: Avoid type mismatch for seq_buf_init
    - scsi: fnic: Fix error return code in fnic_probe()
    - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops
    - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe
    - usb: oxu210hp-hcd: Fix memory leak in oxu_create
    - speakup: fix uninitialized flush_lock
    - nfs_common: need lock during iterate through the list
    - x86/kprobes: Restore BTF if the single-stepping is cancelled
    - extcon: max77693: Fix modalias string
    - ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control()
    - um: chan_xterm: Fix fd leak
    - nfc: s3fwrn5: Release the nfc firmware
    - powerpc/ps3: use dma_mapping_error()
    - checkpatch: fix unescaped left brace
    - net: bcmgenet: Fix a resource leak in an error handling path in the probe
      functin
    - net: allwinner: Fix some resources leak in the error handling path of the
      probe and in the remove function
    - net: korina: fix return value
    - clk: ti: Fix memleak in ti_fapll_synth_setup
    - perf record: Fix memory leak when using '--user-regs=?' to list registers
    - qlcnic: Fix error code in probe
    - clk: s2mps11: Fix a resource leak in error handling paths in the probe
      function
    - cfg80211: initialize rekey_data
    - Input: cros_ec_keyb - send 'scancodes' in addition to key events
    - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
    - media: gspca: Fix memory leak in probe
    - media: sunxi-cir: ensure IR is handled when it is continuous
    - media: netup_unidvb: Don't leak SPI master in probe error path
    - Input: cyapa_gen6 - fix out-of-bounds stack access
    - Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources
      walks"
    - ACPI: PNP: compare the string length in the matching_id()
    - ALSA: pcm: oss: Fix a few more UBSAN fixes
    - s390/dasd: fix list corruption of pavgroup group list
    - s390/dasd: fix list corruption of lcu list
    - staging: comedi: mf6x4: Fix AI end-of-conversion detection
    - powerpc/perf: Exclude kernel samples while counting events in user space.
    - USB: serial: mos7720: fix parallel-port state restore
    - USB: serial: keyspan_pda: fix dropped unthrottle interrupts
    - USB: serial: keyspan_pda: fix write deadlock
    - USB: serial: keyspan_pda: fix stalled writes
    - USB: serial: keyspan_pda: fix write-wakeup use-after-free
    - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
    - USB: serial: keyspan_pda: fix write unthrottling
    - btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf
    - btrfs: scrub: Don't use inode page cache in scrub_handle_errored_block()
    - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes
    - btrfs: fix return value mixup in btrfs_get_extent
    - ext4: fix a memory leak of ext4_free_data
    - ceph: fix race in concurrent __ceph_remove_cap invocations
    - jffs2: Fix GC exit abnormally
    - jfs: Fix array index bounds check in dbAdjTree
    - spi: rb4xx: Don't leak SPI master in probe error path
    - mtd: parser: cmdline: Fix parsing of part-names with colons
    - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in
      rockchip_saradc_resume
    - iio:pressure:mpl3115: Force alignment of buffer
    - xen/xenbus: Allow watches discard events before queueing
    - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path()
    - xen/xenbus/xen_bus_type: Support will_handle watch callback
    - xen/xenbus: Count pending messages for each watch
    - xenbus/xenbus_backend: Disallow pending watch messages
    - PCI: Fix pci_slot_release() NULL pointer dereference
    - Linux 4.4.249

* MSFT Touchpad not working on Lenovo Legion-5 15ARH05 (LP: #1887190) //
    Xenial update: v4.4.249 upstream stable release (LP: #1910139)
    - pinctrl: amd: remove debounce filter setting in IRQ type setting

* Xenial update: v4.4.248 upstream stable release (LP: #1910137)
    - net/af_iucv: set correct sk_protocol for child sockets
    - rose: Fix Null pointer dereference in rose_send_frame()
    - usbnet: ipheth: fix connectivity with iOS 14
    - bonding: wait for sysfs kobject destruction before freeing struct slave
    - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal
    - net/x25: prevent a couple of overflows
    - cxgb3: fix error return code in t3_sge_alloc_qset()
    - net: pasemi: fix error return code in pasemi_mac_open()
    - dt-bindings: net: correct interrupt flags in examples
    - Input: xpad - support Ardwiino Controllers
    - powerpc: Stop exporting __clear_user which is now inlined.
    - btrfs: sysfs: init devices outside of the chunk_mutex
    - vlan: consolidate VLAN parsing code and limit max parsing depth
    - usb: gadget: f_fs: Use local copy of descriptors for userspace copy
    - USB: serial: kl5kusb105: fix memleak on open
    - USB: serial: ch341: add new Product ID for CH341A
    - USB: serial: ch341: sort device-id entries
    - USB: serial: option: add Fibocom NL668 variants
    - USB: serial: option: add support for Thales Cinterion EXS82
    - tty: Fix ->pgrp locking in tiocspgrp()
    - ALSA: hda/realtek - Add new codec supported for ALC897
    - ALSA: hda/generic: Add option to enforce preferred_dacs pairs
    - tty: Fix ->session locking
    - cifs: fix potential use-after-free in cifs_echo_request()
    - i2c: imx: Fix reset of I2SR_IAL flag
    - i2c: imx: Check for I2SR_IAL after every byte
    - arm64: assembler: make adr_l work in modules under KASLR
    - iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs
    - spi: Introduce device-managed SPI controller allocation
    - spi: bcm2835: Fix use-after-free on unbind
    - spi: bcm2835: Release the DMA channel if probe fails after dma_init
    - tracing: Fix userstacktrace option for instances
    - btrfs: cleanup cow block on error
    - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault()
    - gfs2: check for empty rgrp tree in gfs2_ri_update
    - Input: i8042 - fix error return code in i8042_setup_aux()
    - x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes
    - Linux 4.4.248

-- Kelsey Skunberg <kelsey.skunberg@canonical.com>  Mon, 01 Feb 2021 17:38:49 -0700

Changed in linux (Ubuntu Xenial):
status:	Confirmed → Fix Released

Andy Whitcroft (apw) on 2022-06-06

tags:	removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status:	In Progress → Fix Released

Kernel SRU Workflow

xenial/linux: 4.4.0-202.234 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Incomplete	Medium	Canonical Kernel Team
Certification-testing	In Progress	Medium	Canonical Hardware Certification
Kernel-signoff	Confirmed	Medium	Unassigned
Prepare-package	Fix Released	Medium	Kelsey Steele
Prepare-package-meta	Fix Released	Medium	Kelsey Steele
Prepare-package-signed	Fix Released	Medium	Kelsey Steele
Promote-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	In Progress	Medium	Canonical Kernel Team
Security-signoff	In Progress	Medium	Steve Beattie
Verification-testing	In Progress	Medium	Canonical Kernel Team
linux (Ubuntu)
Xenial	Fix Released	Medium	Unassigned