Bug #1846091 “disco/linux-snapdragon: 5.0.0-1024.25 -proposed tr... : Series certification-testing : Bugs : Kernel SRU Workflow

Khaled El Mously (kmously) on 2019-09-30

tags:	added: disco kernel-release-tracking-bug
Changed in linux-snapdragon (Ubuntu Disco):
status:	New → Confirmed
Changed in linux-snapdragon (Ubuntu):
status:	New → Invalid
Changed in linux-snapdragon (Ubuntu Disco):
importance:	Undecided → Medium
tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2019.09.30-1

Khaled El Mously (kmously) on 2019-09-30

description:	updated
tags:	added: kernel-sru-derivative-of-1846097
Changed in kernel-sru-workflow:
status:	New → In Progress
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-09-30

summary:	- linux-snapdragon: <version to be filled> -proposed tracker + disco/linux-snapdragon: <version to be filled> -proposed tracker
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-01

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-01

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Khaled El Mously (kmously) on 2019-10-02

summary:

- disco/linux-snapdragon: <version to be filled> -proposed tracker
+ disco/linux-snapdragon: 5.0.0-1024.25 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-02

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-04

tags:	added: block-proposed-disco
tags:	added: block-proposed
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-11

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-15

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-16

description:

updated

Andy Whitcroft (apw) on 2019-10-16

tags:

added: kernel-unblock-updates

Andy Whitcroft (apw) on 2019-10-16

tags:

removed: kernel-unblock-updates

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-16

tags:	removed: block-proposed-disco
tags:	removed: block-proposed
description:	updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-10-16:

#1

Download full text (22.8 KiB)

This bug was fixed in the package linux-snapdragon - 5.0.0-1024.25

---------------
linux-snapdragon (5.0.0-1024.25) disco; urgency=medium

* disco/linux-snapdragon: 5.0.0-1024.25 -proposed tracker (LP: #1846091)

* Support Hi1620 zip hw accelerator (LP: #1845355)
- [config] Add new (unused) option (CONFIG_CRYPTO_DEV_HISI_ZIP)

[ Ubuntu: 5.0.0-32.34 ]

  * disco/linux: 5.0.0-32.34 -proposed tracker (LP: #1846097)
  * CVE-2019-14814 // CVE-2019-14815 // CVE-2019-14816
    - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
  * CVE-2019-15505
    - media: technisat-usb2: break out of loop at end of buffer
  * CVE-2019-2181
    - binder: check for overflow when alloc for security context
  * Support Hi1620 zip hw accelerator (LP: #1845355)
    - [Config] Enable HiSilicon QM/ZIP as modules
    - crypto: hisilicon - add queue management driver for HiSilicon QM module
    - crypto: hisilicon - add hardware SGL support
    - crypto: hisilicon - add HiSilicon ZIP accelerator support
    - crypto: hisilicon - add SRIOV support for ZIP
    - Documentation: Add debugfs doc for hisi_zip
    - crypto: hisilicon - add debugfs for ZIP and QM
    - MAINTAINERS: add maintainer for HiSilicon QM and ZIP controller driver
    - crypto: hisilicon - fix kbuild warnings
    - crypto: hisilicon - add dependency for CRYPTO_DEV_HISI_ZIP
    - crypto: hisilicon - init curr_sgl_dma to fix compile warning
    - crypto: hisilicon - add missing single_release
    - crypto: hisilicon - fix error handle in hisi_zip_create_req_q
    - crypto: hisilicon - Fix warning on printing %p with dma_addr_t
    - crypto: hisilicon - Fix return value check in hisi_zip_acompress()
    - crypto: hisilicon - avoid unused function warning
  * xfrm interface: several kernel panic (LP: #1836261)
    - xfrm interface: fix memory leak on creation
    - xfrm interface: avoid corruption on changelink
    - xfrm interface: ifname may be wrong in logs
    - xfrm interface: fix list corruption for x-netns
    - xfrm interface: fix management of phydev
  * shiftfs: drop entries from cache on unlink (LP: #1841977)
    - SAUCE: shiftfs: fix buggy unlink logic
  * shiftfs: mark kmem_cache as reclaimable (LP: #1842059)
    - SAUCE: shiftfs: mark slab objects SLAB_RECLAIM_ACCOUNT
  * Suspend to RAM(S3) does not wake up for latest megaraid and mpt3sas
    adapters(SAS3.5 onwards) (LP: #1838751)
    - PCI: Restore Resizable BAR size bits correctly for 1MB BARs
  * No sound inputs from the external microphone and headset on a Dell machine
    (LP: #1842265)
    - ALSA: hda - Expand pin_match function to match upcoming new tbls
    - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family
  * Add -fcf-protection=none when using retpoline flags (LP: #1843291)
    - SAUCE: kbuild: add -fcf-protection=none when using retpoline flags
  * Disco update: upstream stable patchset 2019-09-25 (LP: #1845390)
    - bridge/mdb: remove wrong use of NLM_F_MULTI
    - cdc_ether: fix rndis support for Mediatek based smartphones
    - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    - isdn/capi: check message length in capi_write()
    - ixgbe: Fix secpath usage for I...

This bug was fixed in the package linux-snapdragon - 5.0.0-1024.25

---------------
linux-snapdragon (5.0.0-1024.25) disco; urgency=medium

* disco/linux-snapdragon: 5.0.0-1024.25 -proposed tracker (LP: #1846091)

* Support Hi1620 zip hw accelerator (LP: #1845355)
    - [config] Add new (unused) option (CONFIG_CRYPTO_DEV_HISI_ZIP)

[ Ubuntu: 5.0.0-32.34 ]

* disco/linux: 5.0.0-32.34 -proposed tracker (LP: #1846097)
  * CVE-2019-14814 // CVE-2019-14815 // CVE-2019-14816
    - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
  * CVE-2019-15505
    - media: technisat-usb2: break out of loop at end of buffer
  * CVE-2019-2181
    - binder: check for overflow when alloc for security context
  * Support Hi1620 zip hw accelerator (LP: #1845355)
    - [Config] Enable HiSilicon QM/ZIP as modules
    - crypto: hisilicon - add queue management driver for HiSilicon QM module
    - crypto: hisilicon - add hardware SGL support
    - crypto: hisilicon - add HiSilicon ZIP accelerator support
    - crypto: hisilicon - add SRIOV support for ZIP
    - Documentation: Add debugfs doc for hisi_zip
    - crypto: hisilicon - add debugfs for ZIP and QM
    - MAINTAINERS: add maintainer for HiSilicon QM and ZIP controller driver
    - crypto: hisilicon - fix kbuild warnings
    - crypto: hisilicon - add dependency for CRYPTO_DEV_HISI_ZIP
    - crypto: hisilicon - init curr_sgl_dma to fix compile warning
    - crypto: hisilicon - add missing single_release
    - crypto: hisilicon - fix error handle in hisi_zip_create_req_q
    - crypto: hisilicon - Fix warning on printing %p with dma_addr_t
    - crypto: hisilicon - Fix return value check in hisi_zip_acompress()
    - crypto: hisilicon - avoid unused function warning
  * xfrm interface: several kernel panic (LP: #1836261)
    - xfrm interface: fix memory leak on creation
    - xfrm interface: avoid corruption on changelink
    - xfrm interface: ifname may be wrong in logs
    - xfrm interface: fix list corruption for x-netns
    - xfrm interface: fix management of phydev
  * shiftfs: drop entries from cache on unlink (LP: #1841977)
    - SAUCE: shiftfs: fix buggy unlink logic
  * shiftfs: mark kmem_cache as reclaimable (LP: #1842059)
    - SAUCE: shiftfs: mark slab objects SLAB_RECLAIM_ACCOUNT
  *  Suspend to RAM(S3) does not wake up for latest megaraid and mpt3sas
    adapters(SAS3.5 onwards) (LP: #1838751)
    - PCI: Restore Resizable BAR size bits correctly for 1MB BARs
  * No sound inputs from the external microphone and headset on a Dell machine
    (LP: #1842265)
    - ALSA: hda - Expand pin_match function to match upcoming new tbls
    - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family
  * Add -fcf-protection=none when using retpoline flags (LP: #1843291)
    - SAUCE: kbuild: add -fcf-protection=none when using retpoline flags
  * Disco update: upstream stable patchset 2019-09-25 (LP: #1845390)
    - bridge/mdb: remove wrong use of NLM_F_MULTI
    - cdc_ether: fix rndis support for Mediatek based smartphones
    - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    - isdn/capi: check message length in capi_write()
    - ixgbe: Fix secpath usage for IPsec TX offload.
    - net: Fix null de-reference of device refcount
    - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
      linear-headed frag_list
    - net: phylink: Fix flow control resolution
    - net: sched: fix reordering issues
    - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    - tipc: add NULL pointer check before calling kfree_rcu
    - tun: fix use-after-free when register netdev failed
    - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist
    - gpio: fix line flag validation in linehandle_create
    - Btrfs: fix assertion failure during fsync and use of stale transaction
    - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us
    - genirq: Prevent NULL pointer dereference in resend_irqs()
    - KVM: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it
      as target for memset()
    - KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
    - KVM: x86: work around leak of uninitialized stack contents
    - KVM: nVMX: handle page fault in vmread
    - x86/purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large
      to fix kexec relocation errors
    - powerpc: Add barrier_nospec to raw_copy_in_user()
    - drm/meson: Add support for XBGR8888 & ABGR8888 formats
    - clk: rockchip: Don't yell about bad mmc phases when getting
    - mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue
    - PCI: Always allow probing with driver_override
    - gpio: fix line flag validation in lineevent_create
    - ubifs: Correctly use tnc_next() in search_dh_cookie()
    - driver core: Fix use-after-free and double free on glue directory
    - crypto: talitos - check AES key size
    - crypto: talitos - fix CTR alg blocksize
    - crypto: talitos - check data blocksize in ablkcipher.
    - crypto: talitos - fix ECB algs ivsize
    - crypto: talitos - Do not modify req->cryptlen on decryption.
    - crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
    - firmware: ti_sci: Always request response from firmware
    - drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
    - drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto
    - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
    - iio: adc: stm32-dfsdm: fix data type
    - modules: fix BUG when load module with rodata=n
    - modules: fix compile error if don't have strict module rwx
    - platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to
      critclk_systems DMI table
    - rsi: fix a double free bug in rsi_91x_deinit()
    - x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence
      GCC9 build warning
    - ixgbevf: Fix secpath usage for IPsec Tx offload
    - net: fixed_phy: Add forward declaration for struct gpio_desc;
    - net: sock_map, fix missing ulp check in sock hash case
    - Revert "mmc: bcm2835: Terminate timeout work synchronously"
    - mmc: tmio: Fixup runtime PM management during probe
    - mmc: tmio: Fixup runtime PM management during remove
    - drm/i915: Restore relaxed padding (OCL_OOB_SUPPRES_ENABLE) for skl+
    - ixgbe: fix double clean of Tx descriptors with xdp
    - mt76: mt76x0e: disable 5GHz band for MT7630E
    - x86/ima: check EFI SetupMode too
    - kvm: nVMX: Remove unnecessary sync_roots from handle_invept
    - KVM: SVM: Fix detection of AMD Errata 1096
  * Disco update: upstream stable patchset 2019-09-19 (LP: #1844722)
    - ALSA: hda - Fix potential endless loop at applying quirks
    - ALSA: hda/realtek - Fix overridden device-specific initialization
    - ALSA: hda/realtek - Add quirk for HP Pavilion 15
    - ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL
    - ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre
    - sched/fair: Don't assign runtime for throttled cfs_rq
    - drm/vmwgfx: Fix double free in vmw_recv_msg()
    - vhost/test: fix build for vhost test
    - vhost/test: fix build for vhost test - again
    - batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
    - batman-adv: Only read OGM tvlv_len after buffer len check
    - timekeeping: Use proper ktime_add when adding nsecs in coarse offset
    - selftests: fib_rule_tests: use pre-defined DEV_ADDR
    - powerpc/64: mark start_here_multiplatform as __ref
    - media: stm32-dcmi: fix irq = 0 case
    - scripts/decode_stacktrace: match basepath using shell prefix operator, not
      regex
    - nvme-fc: use separate work queue to avoid warning
    - modules: always page-align module section allocations
    - kernel/module: Fix mem leak in module_add_modinfo_attrs
    - drm/vblank: Allow dynamic per-crtc max_vblank_count
    - mfd: Kconfig: Fix I2C_DESIGNWARE_PLATFORM dependencies
    - tpm: Fix some name collisions with drivers/char/tpm.h
    - drm/nouveau: Don't WARN_ON VCPI allocation failures
    - drm: add __user attribute to ptr_to_compat()
    - drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set
    - drm/i915: Sanity check mmap length against object size
    - arm64: dts: stratix10: add the sysmgr-syscon property from the gmac's
    - kvm: mmu: Fix overflow on kvm mmu page limit calculation
    - KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels
    - media: i2c: tda1997x: select V4L2_FWNODE
    - ext4: protect journal inode's blocks using block_validity
    - ARM: dts: qcom: ipq4019: Fix MSI IRQ type
    - dt-bindings: mmc: Add supports-cqe property
    - dt-bindings: mmc: Add disable-cqe-dcmd property.
    - dm mpath: fix missing call of path selector type->end_io
    - mmc: sdhci-pci: Add support for Intel CML
    - PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code
    - cifs: smbd: take an array of reqeusts when sending upper layer data
    - drm/amdkfd: Add missing Polaris10 ID
    - kvm: Check irqchip mode before assign irqfd
    - Btrfs: fix race between block group removal and block group allocation
    - cifs: add spinlock for the openFileList to cifsInodeInfo
    - ceph: use ceph_evict_inode to cleanup inode's resource
    - KVM: x86: optimize check for valid PAT value
    - KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value
    - btrfs: correctly validate compression type
    - dm thin metadata: check if in fail_io mode when setting needs_check
    - bcache: only clear BTREE_NODE_dirty bit when it is set
    - bcache: add comments for mutex_lock(&b->write_lock)
    - bcache: fix race in btree_flush_write()
    - drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV
    - virtio/s390: fix race on airq_areas[]
    - ext4: don't perform block validity checks on the journal inode
    - ext4: fix block validity checks for journal inodes using indirect blocks
    - ext4: unsigned int compared against zero
    - PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround
    - gpio: pca953x: correct type of reg_direction
    - gpio: pca953x: use pca953x_read_regs instead of regmap_bulk_read
    - drm/nouveau/sec2/gp102: add missing MODULE_FIRMWAREs
    - powerpc/64e: Drop stale call to smp_processor_id() which hangs SMP startup
    - drm/i915: Disable SAMPLER_STATE prefetching on all Gen11 steppings.
    - mmc: sdhci-sprd: Fix the incorrect soft reset operation when runtime
      resuming
    - usb: chipidea: imx: add imx7ulp support
    - usb: chipidea: imx: fix EPROBE_DEFER support during driver probe
  * Disco update: upstream stable patchset 2019-09-11 (LP: #1843622)
    - dmaengine: ste_dma40: fix unneeded variable warning
    - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns
    - afs: Fix the CB.ProbeUuid service handler to reply correctly
    - afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u()
    - fs: afs: Fix a possible null-pointer dereference in afs_put_read()
    - afs: Only update d_fsdata if different in afs_d_revalidate()
    - nvmet-loop: Flush nvme_delete_wq when removing the port
    - nvme: fix a possible deadlock when passthru commands sent to a multipath
      device
    - nvme-pci: Fix async probe remove race
    - soundwire: cadence_master: fix register definition for SLAVE_STATE
    - soundwire: cadence_master: fix definitions for INTSTAT0/1
    - auxdisplay: panel: need to delete scan_timer when misc_register fails in
      panel_attach
    - dmaengine: stm32-mdma: Fix a possible null-pointer dereference in
      stm32_mdma_irq_handler()
    - omap-dma/omap_vout_vrfb: fix off-by-one fi value
    - iommu/dma: Handle SG length overflow better
    - usb: gadget: composite: Clear "suspended" on reset/disconnect
    - usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt
    - xen/blkback: fix memory leaks
    - arm64: cpufeature: Don't treat granule sizes as strict
    - i2c: rcar: avoid race when unregistering slave client
    - i2c: emev2: avoid race when unregistering slave client
    - drm/ast: Fixed reboot test may cause system hanged
    - usb: host: fotg2: restart hcd after port reset
    - tools: hv: fixed Python pep8/flake8 warnings for lsvmbus
    - tools: hv: fix KVP and VSS daemons exit code
    - watchdog: bcm2835_wdt: Fix module autoload
    - drm/bridge: tfp410: fix memleak in get_modes()
    - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value
    - drm/tilcdc: Register cpufreq notifier after we have initialized crtc
    - net/tls: swap sk_write_space on close
    - net: tls, fix sk_write_space NULL write when tx disabled
    - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set
    - ipv6: Default fib6_type to RTN_UNICAST when not set
    - net/smc: make sure EPOLLOUT is raised
    - tcp: make sure EPOLLOUT wont be missed
    - ipv4/icmp: fix rt dst dev null pointer dereference
    - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n
    - ALSA: usb-audio: Check mixer unit bitmap yet more strictly
    - ALSA: line6: Fix memory leak at line6_init_pcm() error path
    - ALSA: hda - Fixes inverted Conexant GPIO mic mute led
    - ALSA: seq: Fix potential concurrent access to the deleted pool
    - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate()
    - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604
    - kvm: x86: skip populating logical dest map if apic is not sw enabled
    - KVM: x86: Don't update RIP or do single-step on faulting emulation
    - uprobes/x86: Fix detection of 32-bit user mode
    - x86/apic: Do not initialize LDR and DFR for bigsmp
    - ftrace: Fix NULL pointer dereference in t_probe_next()
    - ftrace: Check for successful allocation of hash
    - ftrace: Check for empty hash and comment the race with registering probes
    - usb-storage: Add new JMS567 revision to unusual_devs
    - USB: cdc-wdm: fix race between write and disconnect due to flag abuse
    - usb: hcd: use managed device resources
    - usb: chipidea: udc: don't do hardware access if gadget has stopped
    - usb: host: ohci: fix a race condition between shutdown and irq
    - usb: host: xhci: rcar: Fix typo in compatible string matching
    - USB: storage: ums-realtek: Update module parameter description for
      auto_delink_en
    - mei: me: add Tiger Lake point LP device ID
    - mmc: sdhci-of-at91: add quirk for broken HS200
    - mmc: core: Fix init of SD cards reporting an invalid VDD range
    - stm class: Fix a double free of stm_source_device
    - intel_th: pci: Add support for another Lewisburg PCH
    - intel_th: pci: Add Tiger Lake support
    - typec: tcpm: fix a typo in the comparison of pdo_max_voltage
    - fsi: scom: Don't abort operations for minor errors
    - lib: logic_pio: Fix RCU usage
    - lib: logic_pio: Avoid possible overlap for unregistering regions
    - lib: logic_pio: Add logic_pio_unregister_range()
    - drm/amdgpu: Add APTX quirk for Dell Latitude 5495
    - drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest
    - drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe()
    - bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-
      free
    - bus: hisi_lpc: Add .remove method to avoid driver unbind crash
    - VMCI: Release resource if the work is already queued
    - crypto: ccp - Ignore unconfigured CCP device on suspend/resume
    - Revert "cfg80211: fix processing world regdomain when non modular"
    - mac80211: fix possible sta leak
    - mac80211: Don't memset RXCB prior to PAE intercept
    - mac80211: Correctly set noencrypt for PAE frames
    - KVM: PPC: Book3S HV: Avoid lockdep debugging in TCE realmode handlers
    - KVM: PPC: Book3S: Fix incorrect guest-to-user-translation error handling
    - KVM: arm/arm64: vgic: Fix potential deadlock when ap_list is long
    - KVM: arm/arm64: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI
    - NFS: Clean up list moves of struct nfs_page
    - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend()
    - NFS: Pass error information to the pgio error cleanup routine
    - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0
    - i2c: piix4: Fix port selection for AMD Family 16h Model 30h
    - x86/ptrace: fix up botched merge of spectrev1 fix
    - mt76: mt76x0u: do not reset radio on resume
    - Revert "ASoC: Fail card instantiation if DAI format setup fails"
    - nvmet: Fix use-after-free bug when a port is removed
    - nvmet-file: fix nvmet_file_flush() always returning an error
    - nvme-rdma: fix possible use-after-free in connect error flow
    - nvme: fix controller removal race with scan work
    - IB/mlx5: Fix implicit MR release flow
    - dma-direct: don't truncate dma_required_mask to bus addressing capabilities
    - riscv: fix flush_tlb_range() end address for flush_tlb_page()
    - drm/scheduler: use job count instead of peek
    - locking/rwsem: Add missing ACQUIRE to read_slowpath exit when queue is empty
    - lcoking/rwsem: Add missing ACQUIRE to read_slowpath sleep loop
    - selftests/bpf: install files test_xdp_vlan.sh
    - ALSA: hda/ca0132 - Add new SBZ quirk
    - KVM: x86: hyper-v: don't crash on KVM_GET_SUPPORTED_HV_CPUID when
      kvm_intel.nested is disabled
    - x86/mm/cpa: Prevent large page split when ftrace flips RW on kernel text
    - usbtmc: more sanity checking for packet size
    - mmc: sdhci-cadence: enable v4_mode to fix ADMA 64-bit addressing
    - mmc: sdhci-sprd: fixed incorrect clock divider
    - mmc: sdhci-sprd: add SDHCI_QUIRK2_PRESET_VALUE_BROKEN
    - mms: sdhci-sprd: add SDHCI_QUIRK_BROKEN_CARD_DETECTION
    - mmc: sdhci-sprd: clear the UHS-I modes read from registers
    - mmc: sdhci-sprd: Implement the get_max_timeout_count() interface
    - mmc: sdhci-sprd: add get_ro hook function
    - drm/i915/dp: Fix DSC enable code to use cpu_transcoder instead of
      encoder->type
    - hsr: implement dellink to clean up resources
    - hsr: fix a NULL pointer deref in hsr_dev_xmit()
    - hsr: switch ->dellink() to ->ndo_uninit()
    - Revert "Input: elantech - enable SMBus on new (2018+) systems"
    - mld: fix memory leak in mld_del_delrec()
    - net: fix skb use after free in netpoll
    - net: sched: act_sample: fix psample group handling on overwrite
    - net_sched: fix a NULL pointer deref in ipt action
    - net: stmmac: dwmac-rk: Don't fail if phy regulator is absent
    - tcp: inherit timestamp on mtu probe
    - tcp: remove empty skb from write queue in error cases
    - x86/boot: Preserve boot_params.secure_boot from sanitizing
    - spi: bcm2835aux: unifying code between polling and interrupt driven code
    - spi: bcm2835aux: remove dangerous uncontrolled read of fifo
    - spi: bcm2835aux: fix corruptions for longer spi transfers
    - net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ
      context
    - netfilter: nf_tables: use-after-free in failing rule with bound set
    - tools: bpftool: fix error message (prog -> object)
    - hv_netvsc: Fix a warning of suspicious RCU usage
    - net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx
    - Bluetooth: btqca: Add a short delay before downloading the NVM
    - ibmveth: Convert multicast list size for little-endian system
    - gpio: Fix build error of function redefinition
    - netfilter: nft_flow_offload: skip tcp rst and fin packets
    - drm/mediatek: use correct device to import PRIME buffers
    - drm/mediatek: set DMA max segment size
    - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure
    - scsi: target: tcmu: avoid use-after-free after command timeout
    - cxgb4: fix a memory leak bug
    - liquidio: add cleanup in octeon_setup_iq()
    - net: myri10ge: fix memory leaks
    - lan78xx: Fix memory leaks
    - vfs: fix page locking deadlocks when deduping files
    - cx82310_eth: fix a memory leak bug
    - net: kalmia: fix memory leaks
    - ibmvnic: Unmap DMA address of TX descriptor buffers after use
    - net: cavium: fix driver name
    - wimax/i2400m: fix a memory leak bug
    - ravb: Fix use-after-free ravb_tstamp_skb
    - kprobes: Fix potential deadlock in kprobe_optimizer()
    - HID: cp2112: prevent sleeping function called from invalid context
    - x86/boot/compressed/64: Fix boot on machines with broken E820 table
    - Input: hyperv-keyboard: Use in-place iterator API in the channel callback
    - Tools: hv: kvp: eliminate 'may be used uninitialized' warning
    - nvme-multipath: fix possible I/O hang when paths are updated
    - IB/mlx4: Fix memory leaks
    - infiniband: hfi1: fix a memory leak bug
    - infiniband: hfi1: fix memory leaks
    - selftests: kvm: fix state save/load on processors without XSAVE
    - selftests/kvm: make platform_info_test pass on AMD
    - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()
    - ceph: fix buffer free while holding i_ceph_lock in
      __ceph_build_xattrs_blob()
    - ceph: fix buffer free while holding i_ceph_lock in fill_inode()
    - KVM: arm/arm64: Only skip MMIO insn once
    - afs: Fix leak in afs_lookup_cell_rcu()
    - KVM: arm/arm64: VGIC: Properly initialise private IRQ affinity
    - x86/boot/compressed/64: Fix missing initialization in
      find_trampoline_placement()
    - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer
    - Revert "r8152: napi hangup fix after disconnect"
    - r8152: remove calling netif_napi_del
    - batman-adv: Fix netlink dumping of all mcast_flags buckets
    - libbpf: fix erroneous multi-closing of BTF FD
    - libbpf: set BTF FD for prog only when there is supported .BTF.ext data
    - netfilter: nf_flow_table: fix offload for flows that are subject to xfrm
    - clk: samsung: Change signature of exynos5_subcmus_init() function
    - clk: samsung: exynos5800: Move MAU subsystem clocks to MAU sub-CMU
    - clk: samsung: exynos542x: Move MSCL subsystem clocks to its sub-CMU
    - netfilter: nf_flow_table: conntrack picks up expired flows
    - netfilter: nf_flow_table: teardown flow timeout race
    - ixgbe: fix possible deadlock in ixgbe_service_task()
    - nvme: Fix cntlid validation when not using NVMEoF
    - RDMA/cma: fix null-ptr-deref Read in cma_cleanup
    - RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message
    - gpio: Fix irqchip initialization order
  * New ID in ums-realtek module breaks cardreader (LP: #1838886) // Disco
    update: upstream stable patchset 2019-09-11 (LP: #1843622)
    - USB: storage: ums-realtek: Whitelist auto-delink support
  * ipv4: enable route flushing in network namespaces (LP: #1836912)
    - ipv4: enable route flushing in network namespaces
  * Enhanced Hardware Support - Finalize Naming (LP: #1842774)
    - s390: add support for IBM z15 machines
  * CVE-2019-16714
    - net/rds: Fix info leak in rds6_inc_info_copy()
  * CVE-2019-14821
    - KVM: coalesced_mmio: add bounds checking

-- Khalid Elmously <khalid.elmously@canonical.com>  Tue, 01 Oct 2019 23:32:55 -0400

Changed in linux-snapdragon (Ubuntu Disco):
status:	Confirmed → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2019-10-21

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-10-21: Workflow done!

#2

All tasks have been completed and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status:	In Progress → Fix Released
tags:	removed: kernel-release-tracking-bug-live

Kernel SRU Workflow

disco/linux-snapdragon: 5.0.0-1024.25 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Khaled El Mously
Prepare-package-meta	Fix Released	Medium	Khaled El Mously
Promote-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Invalid	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Steve Beattie
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux-snapdragon (Ubuntu)	Invalid	Undecided	Unassigned
Disco	Fix Released	Medium	Unassigned