[ubuntu/bionic-security] linux-gcp-4.15 4.15.0-1084.95 (Accepted)

Andy Whitcroft apw at canonical.com
Mon Sep 21 20:00:32 UTC 2020


linux-gcp-4.15 (4.15.0-1084.95) bionic; urgency=medium

  * bionic/linux-gcp-4.15: 4.15.0-1084.95 -proposed tracker (LP: #1894687)

  [ Ubuntu: 4.15.0-118.119 ]

  * bionic/linux: 4.15.0-118.119 -proposed tracker (LP: #1894697)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * Introduce the new NVIDIA 450-server and the 450 UDA series (LP: #1887674)
    - [packaging] add signed modules for nvidia 450 and 450-server
  * cgroup refcount is bogus when cgroup_sk_alloc is disabled (LP: #1886860)
    - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
  * CVE-2020-12888
    - vfio/type1: Support faulting PFNMAP vmas
    - vfio-pci: Fault mmaps to enable vma tracking
    - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
  *  [Hyper-V] VSS and File Copy daemons intermittently fails to start
    (LP: #1891224)
    - [Packaging] Bind hv_vss_daemon startup to hv_vss device
    - [Packaging] bind hv_fcopy_daemon startup to hv_fcopy device
  * KVM: Fix zero_page reference counter overflow when using KSM on KVM compute
    host (LP: #1837810)
    - KVM: fix overflow of zero page refcount with ksm running
  * Fix false-negative return value for rtnetlink.sh in kselftests/net
    (LP: #1890136)
    - selftests: rtnetlink: correct the final return value for the test
    - selftests: rtnetlink: make kci_test_encap() return sub-test result
  * Bionic update: upstream stable patchset 2020-08-18 (LP: #1892091)
    - USB: serial: qcserial: add EM7305 QDL product ID
    - USB: iowarrior: fix up report size handling for some devices
    - usb: xhci: define IDs for various ASMedia host controllers
    - usb: xhci: Fix ASMedia ASM1142 DMA addressing
    - Revert "ALSA: hda: call runtime_allow() for all hda controllers"
    - ALSA: seq: oss: Serialize ioctls
    - staging: android: ashmem: Fix lockdep warning for write operation
    - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
    - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
    - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
    - omapfb: dss: Fix max fclk divider for omap36xx
    - binder: Prevent context manager from incrementing ref 0
    - vgacon: Fix for missing check in scrollback handling
    - mtd: properly check all write ioctls for permissions
    - leds: wm831x-status: fix use-after-free on unbind
    - leds: da903x: fix use-after-free on unbind
    - leds: lm3533: fix use-after-free on unbind
    - leds: 88pm860x: fix use-after-free on unbind
    - net/9p: validate fds in p9_fd_open
    - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some
      reason
    - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
    - i2c: slave: improve sanity check when registering
    - i2c: slave: add sanity check when unregistering
    - usb: hso: check for return value in hso_serial_common_create()
    - firmware: Fix a reference count leak.
    - cfg80211: check vendor command doit pointer before use
    - igb: reinit_locked() should be called with rtnl_lock
    - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
    - tools lib traceevent: Fix memory leak in process_dynamic_array_len
    - Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
    - xattr: break delegations in {set,remove}xattr
    - ipv4: Silence suspicious RCU usage warning
    - ipv6: fix memory leaks on IPV6_ADDRFORM path
    - net: ethernet: mtk_eth_soc: fix MTU warnings
    - vxlan: Ensure FDB dump is performed under RCU
    - net: lan78xx: replace bogus endpoint lookup
    - hv_netvsc: do not use VF device if link is down
    - net: gre: recompute gre csum for sctp over gre tunnels
    - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
    - Revert "vxlan: fix tos value before xmit"
    - selftests/net: relax cpu affinity requirement in msg_zerocopy test
    - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    - i40e: add num_vectors checker in iwarp handler
    - i40e: Wrong truncation from u16 to u8
    - i40e: Memory leak in i40e_config_iwarp_qvlist
    - Smack: fix use-after-free in smk_write_relabel_self()
  * Bionic update: upstream stable patchset 2020-08-11 (LP: #1891228)
    - AX.25: Fix out-of-bounds read in ax25_connect()
    - AX.25: Prevent out-of-bounds read in ax25_sendmsg()
    - dev: Defer free of skbs in flush_backlog
    - drivers/net/wan/x25_asy: Fix to make it work
    - net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    - net: udp: Fix wrong clean up for IS_UDPLITE macro
    - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    - AX.25: Prevent integer overflows in connect and sendmsg
    - ip6_gre: fix null-ptr-deref in ip6gre_init_net()
    - rtnetlink: Fix memory(net_device) leak when ->newlink fails
    - tcp: allow at most one TLP probe per flight
    - regmap: debugfs: check count when read regmap file
    - qrtr: orphan socket in qrtr_release()
    - sctp: shrink stream outq only when new outcnt < old outcnt
    - sctp: shrink stream outq when fails to do addstream reconf
    - crypto: ccp - Release all allocated memory if sha type is invalid
    - media: rc: prevent memory leak in cx23888_ir_probe
    - iio: imu: adis16400: fix memory leak
    - ath9k_htc: release allocated buffer if timed out
    - ath9k: release allocated buffer if timed out
    - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
    - wireless: Use offsetof instead of custom macro.
    - ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess
      watchpoints
    - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
    - drm: hold gem reference until object is no longer accessed
    - f2fs: check memory boundary by insane namelen
    - f2fs: check if file namelen exceeds max value
    - 9p/trans_fd: abort p9_read_work if req status changed
    - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work
    - x86/build/lto: Fix truncated .bss with -fdata-sections
    - rds: Prevent kernel-infoleak in rds_notify_queue_get()
    - xfs: fix missed wakeup on l_flush_wait
    - net/x25: Fix x25_neigh refcnt leak when x25 disconnect
    - net/x25: Fix null-ptr-deref in x25_disconnect
    - selftests/net: rxtimestamp: fix clang issues for target arch PowerPC
    - sh: Fix validation of system call number
    - net: lan78xx: add missing endpoint sanity check
    - net: lan78xx: fix transfer-buffer memory leak
    - mlx4: disable device on shutdown
    - mlxsw: core: Increase scope of RCU read-side critical section
    - mlxsw: core: Free EMAD transactions using kfree_rcu()
    - ibmvnic: Fix IRQ mapping disposal in error path
    - bpf: Fix map leak in HASH_OF_MAPS map
    - mac80211: mesh: Free ie data when leaving mesh
    - mac80211: mesh: Free pending skb when destroying a mpath
    - arm64/alternatives: move length validation inside the subsection
    - arm64: csum: Fix handling of bad packets
    - usb: hso: Fix debug compile warning on sparc32
    - qed: Disable "MFW indication via attention" SPAM every 5 minutes
    - nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame
    - parisc: add support for cmpxchg on u8 pointers
    - net: ethernet: ravb: exit if re-initialization fails in tx timeout
    - Revert "i2c: cadence: Fix the hold bit setting"
    - x86/unwind/orc: Fix ORC for newly forked tasks
    - cxgb4: add missing release on skb in uld_send()
    - xen-netfront: fix potential deadlock in xennet_remove()
    - KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw
      disabled
    - x86/i8259: Use printk_deferred() to prevent deadlock
    - drm/amdgpu: fix multiple memory leaks in acp_hw_init
    - selftests/net: psock_fanout: fix clang issues for target arch PowerPC
    - net/mlx5: Verify Hardware supports requested ptp function on a given pin
    - random32: update the net random state on interrupt and activity
    - ARM: percpu.h: fix build error
    - random: fix circular include dependency on arm64 after addition of percpu.h
    - random32: remove net_rand_state from the latent entropy gcc plugin
    - random32: move the pseudo-random 32-bit definitions to prandom.h
    - ext4: fix direct I/O read error

Date: 2020-09-09 15:48:14.997896+00:00
Changed-By: Kelsey Margarete Skunberg <kelsey.skunberg at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1084.95
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list