Kernel SRU Workflow

Comment 5 for bug 1921042

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-04-13:

This bug was fixed in the package linux-oem-5.6 - 5.6.0-1053.57

---------------
linux-oem-5.6 (5.6.0-1053.57) focal; urgency=medium

* focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker (LP: #1921042)

* Packaging resync (LP: #1786013)
- update dkms package versions

  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] sync dkms-build et al from LRMv4

  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

  * xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-
    cases (LP: #1909647)
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255
    on F-oem-5.6 (LP: #1919147)
    - selftests: net: ip_defrag: modprobe missing nf_defrag_ipv6 support

  * l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with
    "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on
    F-OEM-5.6 (LP: #1919277)
    - l2tp: remove skb_dst_set() from l2tp_xmit_skb()

  * CVE-2020-0466
    - epoll: Keep a reference on files added to the check list
    - do_epoll_ctl(): clean the failure exits up a bit
    - fix regression in "epoll: Keep a reference on files added to the check list"

* CVE-2021-3178
- nfsd4: readdirplus shouldn't return parent of export

* CVE-2020-25285
- mm/hugetlb: fix a race between hugetlb sysctl handlers

* CVE-020-10781
- Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"

* CVE-2020-14351
- perf/core: Fix race in the perf_mmap_close() function

* CVE-2020-25669
- Input: sunkbd - avoid use-after-free in teardown paths

* CVE-2020-14390
- fbcon: remove soft scrollback code

* CVE-2021-3411
- x86/kprobes: Fix optprobe to detect INT3 padding correctly

* CVE-2020-0423
- binder: fix UAF when releasing todo list

* CVE-2020-27830
- speakup: Reject setting the speakup line discipline outside of speakup

  * CVE-2020-0465
    - HID: core: Correctly handle ReportSize being zero
    - HID: core: Sanitize event code and type when mapping input

* CVE-2020-25645
- geneve: add transport ports in route lookup for geneve

  * CVE-2021-20194
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check

* CVE-2020-36158
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

-- Stefan Bader <email address hidden> Fri, 09 Apr 2021 16:43:44 +0200

This bug was fixed in the package linux-oem-5.6 - 5.6.0-1053.57

---------------
linux-oem-5.6 (5.6.0-1053.57) focal; urgency=medium

* focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker (LP: #1921042)

* Packaging resync (LP: #1786013)
    - update dkms package versions

* LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] sync dkms-build et al from LRMv4

* CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

* xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-
    cases (LP: #1909647)
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh

* ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255
    on F-oem-5.6 (LP: #1919147)
    - selftests: net: ip_defrag: modprobe missing nf_defrag_ipv6 support

* CVE-2021-3178
    - nfsd4: readdirplus shouldn't return parent of export

* CVE-2020-25285
    - mm/hugetlb: fix a race between hugetlb sysctl handlers

* CVE-020-10781
    - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"

* CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

* CVE-2020-25669
    - Input: sunkbd - avoid use-after-free in teardown paths

* CVE-2020-14390
    - fbcon: remove soft scrollback code

* CVE-2021-3411
    - x86/kprobes: Fix optprobe to detect INT3 padding correctly

* CVE-2020-0423
    - binder: fix UAF when releasing todo list

* CVE-2020-27830
    - speakup: Reject setting the speakup line discipline outside of speakup

* CVE-2020-0465
    - HID: core: Correctly handle ReportSize being zero
    - HID: core: Sanitize event code and type when mapping input

* CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

* CVE-2021-20194
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check

* CVE-2020-36158
    - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 09 Apr 2021 16:43:44 +0200