Kernel SRU Workflow

  1. Series prepare-package-signed
  2. Bug #1974407
  3. Comment #3

Comment 3 for bug 1974407

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-dell300x - 4.15.0-1047.52

---------------
linux-dell300x (4.15.0-1047.52) bionic; urgency=medium

  [ Ubuntu: 4.15.0-184.194 ]

  * CVE-2022-1966
    - netfilter: nf_tables: disallow non-stateful expression in sets earlier

linux-dell300x (4.15.0-1045.50) bionic; urgency=medium

  * bionic/linux-dell300x: 4.15.0-1045.50 -proposed tracker (LP: #1974407)

  [ Ubuntu: 4.15.0-182.191 ]

  * CVE-2022-21499
    - SAUCE: debug: Lock down kgdb

  [ Ubuntu: 4.15.0-181.190 ]

  * bionic/linux: 4.15.0-181.190 -proposed tracker (LP: #1974426)
  * Bionic update: upstream stable patchset 2022-05-06 (LP: #1972006)
    - [Config] updateconfigs for ARM64_ERRATUM_1188873
    - arm64: arch_timer: Add workaround for ARM erratum 1188873
    - arm64: arch_timer: avoid unused function warning
    - arm64: Add silicon-errata.txt entry for ARM erratum 1188873
    - arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT
    - arm64: Add part number for Neoverse N1
    - arm64: Add part number for Arm Cortex-A77
    - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
    - arm64: Add Cortex-X2 CPU part definition
    - arm64: entry.S: Add ventry overflow sanity checks
    - arm64: entry: Make the trampoline cleanup optional
    - arm64: entry: Free up another register on kpti's tramp_exit path
    - arm64: entry: Move the trampoline data page before the text page
    - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
    - arm64: entry: Don't assume tramp_vectors is the start of the vectors
    - arm64: entry: Move trampoline macros out of ifdef'd section
    - arm64: entry: Make the kpti trampoline's kpti sequence optional
    - Revert "arm64: mmu: add the entry trampolines start/end section markers into
      sections.h"
    - arm64: entry: Allow the trampoline text to occupy multiple pages
    - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
    - [Config] updateconfigs for MITIGATE_SPECTRE_BRANCH_HISTORY
    - arm64: entry: Add vectors that have the bhb mitigation sequences
    - arm64: entry: Add macro for reading symbol addresses from the trampoline
    - arm64: Add percpu vectors for EL1
    - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
    - KVM: arm64: Add templates for BHB mitigation sequences
    - arm64: Mitigate spectre style branch history side channels
    - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
    - arm64: add ID_AA64ISAR2_EL1 sys register
    - arm64: Use the clearbhb instruction in mitigations
  * issuing invalid ioctl to /dev/vsock may spam dmesg (LP: #1971480)
    - vsock: remove ratelimit unknown ioctl message
  * ubuntu_ltp_controllers:cpuset_sched_domains: tests 3,9,11,17,19,25 report
    incorrect sched domain for cpu#32 (LP: #1951289)
    - sched/topology: Make sched_init_numa() use a set for the deduplicating sort
    - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
    - ia64: ensure proper NUMA distance and possible map initialization
  * CVE-2022-1419
    - drm/vgem: Reclassify buffer creation debug message
    - drm/vgem: Close use-after-free race in vgem_gem_create
  * CVE-2022-28390
    - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
  * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479)
    - net: qlogic: check the return value of dma_alloc_coherent() in
      qed_vf_hw_prepare()
    - qed: return status of qed_iov_get_link
    - ethernet: Fix error handling in xemaclite_of_probe
    - net: ethernet: ti: cpts: Handle error for clk_enable
    - net: ethernet: lpc_eth: Handle error for clk_enable
    - ax25: Fix NULL pointer dereference in ax25_kill_by_device
    - net/mlx5: Fix size field in bufferx_reg struct
    - NFC: port100: fix use-after-free in port100_send_complete
    - gpio: ts4900: Do not set DAT and OE together
    - sctp: fix kernel-infoleak for SCTP sockets
    - net-sysfs: add check for netdevice being present to speed_show
    - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose"
    - Revert "xen-netback: Check for hotplug-status existence before watching"
    - tracing: Ensure trace buffer is at least 4096 bytes large
    - selftests/memfd: clean up mapping in mfd_fail_write
    - ARM: Spectre-BHB: provide empty stub for non-config
    - staging: gdm724x: fix use after free in gdm_lte_rx()
    - virtio: unexport virtio_finalize_features
    - virtio: acknowledge all features before access
    - ARM: fix Thumb2 regression with Spectre BHB
    - ext4: add check to prevent attempting to resize an fs with sparse_super2
    - btrfs: unlock newly allocated extent buffer after error
    - net: phy: DP83822: clear MISR2 register to disable interrupts
    - sctp: fix the processing for INIT chunk
    - sctp: fix the processing for INIT_ACK chunk
    - xfrm: Fix xfrm migrate issues when address family changes
    - arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity
    - ARM: dts: rockchip: fix a typo on rk3288 crypto-controller
    - MIPS: smp: fill in sibling and core maps earlier
    - ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE
    - can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when
      fully ready
    - atm: firestream: check the return value of ioremap() in fs_init()
    - nl80211: Update bss channel on channel switch for P2P_CLIENT
    - tcp: make tcp_read_sock() more robust
    - sfc: extend the locking on mcdi->seqno
    - kselftest/vm: fix tests build with old libc
    - fs: sysfs_emit: Remove PAGE_SIZE alignment check
    - efi: fix return value of __setup handlers
    - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
    - atm: eni: Add check for dma_map_single
    - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
    - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
    - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
    - Input: aiptek - properly check endpoint type
    - perf symbols: Fix symbol size calculation condition
    - net: dsa: Add missing of_node_put() in dsa_port_parse_of
    - net: ipv6: fix skb_over_panic in __ip6_append_data
    - staging: fbtft: fb_st7789v: reset display before initialization
    - thermal: int340x: fix memory leak in int3400_notify()
    - llc: fix netdevice reference leaks in llc_ui_bind()
    - ALSA: pcm: Add stream lock during PCM reset ioctl operations
    - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
    - ALSA: cmipci: Restore aux vol on suspend/resume
    - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
    - drivers: net: xgene: Fix regression in CRC stripping
    - netfilter: nf_tables: initialize registers in nft_do_chain()
    - ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
    - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
    - ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
    - crypto: qat - disable registration of algorithms
    - mac80211: fix potential double free on mesh join
    - llc: only change llc->dev when bind() succeeds

linux-dell300x (4.15.0-1044.49) bionic; urgency=medium

  * bionic/linux-dell300x: 4.15.0-1044.49 -proposed tracker (LP: #1973994)

  [ Ubuntu: 4.15.0-180.189 ]

  * bionic/linux: 4.15.0-180.189 -proposed tracker (LP: #1974013)
  * CVE-2022-29581
    - net/sched: cls_u32: fix netns refcount changes in u32_change()
  * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP
    option (LP: #1972740)
    - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
  * ext4: limit length to bitmap_maxbytes (LP: #1972281)
    - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole

 -- Marcelo Henrique Cerri <email address hidden> Fri, 03 Jun 2022 12:12:40 -0300