[ubuntu/eoan-security] linux-kvm 5.3.0-1023.25 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue Jun 9 23:07:28 UTC 2020
linux-kvm (5.3.0-1023.25) eoan; urgency=medium
[ Ubuntu: 5.3.0-59.53 ]
* CVE-2020-0543
- SAUCE: x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2
- SAUCE: x86/cpu: Add a steppings field to struct x86_cpu_id
- SAUCE: x86/cpu: Add 'table' argument to cpu_matches()
- SAUCE: x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
mitigation
- SAUCE: x86/speculation: Add SRBDS vulnerability and mitigation documentation
- SAUCE: x86/speculation: Add Ivy Bridge to affected list
linux-kvm (5.3.0-1018.20) eoan; urgency=medium
* eoan/linux-kvm: 5.3.0-1018.20 -proposed tracker (LP: #1878816)
* Build and ship a signed wireguard.ko (LP: #1861284)
- [Config] wireguard -- enable on all architectures
[ Ubuntu: 5.3.0-56.50 ]
* eoan/linux: 5.3.0-56.50 -proposed tracker (LP: #1880111)
* Build and ship a signed wireguard.ko (LP: #1861284)
- [Packaging] wireguard -- add support for building signed .ko
- [Config] wireguard -- enable on all architectures
* Packaging resync (LP: #1786013)
- update dkms package versions
* debian/scripts/file-downloader does not handle positive failures correctly
(LP: #1878897)
- [Packaging] file-downloader not handling positive failures correctly
* Killer(R) Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW),
REV=0x354 [8086:a0f0] subsystem id [1a56:1651] wireless adapter not found
due to firmware crash (LP: #1874685)
- iwlwifi: pcie: handle QuZ configs with killer NICs as well
* CVE-2020-12114
- propagate_one(): mnt_set_mountpoint() needs mount_lock
* Eoan update: upstream stable patchset 2020-05-11 (LP: #1878073)
- ext4: fix extent_status fragmentation for plain files
- bpftool: Fix printing incorrect pointer in btf_dump_ptr
- [Config] updateconfigs for ARM64_ERRATUM_1542419
- arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419
- arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419
- arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space
- arm64: Silence clang warning on mismatched value/register sizes
- watchdog: reset last_hw_keepalive time at start
- scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
- scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG
- ceph: return ceph_mdsc_do_request() errors from __get_parent()
- ceph: don't skip updating wanted caps when cap is stale
- pwm: rcar: Fix late Runtime PM enablement
- scsi: iscsi: Report unbind session event when the target has been removed
- ASoC: Intel: atom: Take the drv->lock mutex before calling
sst_send_slot_map()
- nvme: fix deadlock caused by ANA update wrong locking
- kernel/gcov/fs.c: gcov_seq_next() should increase position index
- selftests: kmod: fix handling test numbers above 9
- ipc/util.c: sysvipc_find_ipc() should increase position index
- kconfig: qconf: Fix a few alignment issues
- s390/cio: avoid duplicated 'ADD' uevents
- loop: Better discard support for block devices
- Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs
enabled"
- pwm: renesas-tpu: Fix late Runtime PM enablement
- pwm: bcm2835: Dynamically allocate base
- perf/core: Disable page faults when getting phys address
- ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet
- drm/amd/display: Not doing optimize bandwidth if flip pending.
- virtio-blk: improve virtqueue error to BLK_STS
- scsi: smartpqi: fix call trace in device discovery
- PCI/ASPM: Allow re-enabling Clock PM
- f2fs: fix to avoid memory leakage in f2fs_listxattr
- cxgb4: fix adapter crash due to wrong MC size
- cxgb4: fix large delays in PTP synchronization
- ipv6: fix restrict IPV6_ADDRFORM operation
- macsec: avoid to set wrong mtu
- macvlan: fix null dereference in macvlan_device_event()
- net: bcmgenet: correct per TX/RX ring statistics
- net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
- net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
- net/x25: Fix x25_neigh refcnt leak when receiving frame
- sched: etf: do not assume all sockets are full blown
- tcp: cache line align MAX_TCP_HEADER
- team: fix hang in team_mode_get()
- vrf: Fix IPv6 with qdisc and xfrm
- net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled
- net: dsa: b53: Fix ARL register definitions
- net: dsa: b53: Rework ARL bin logic
- net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL
- xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
- vrf: Check skb for XFRM_TRANSFORMED flag
- mlxsw: Fix some IS_ERR() vs NULL bugs
- KEYS: Avoid false positive ENOMEM error on key read
- ALSA: hda: Remove ASUS ROG Zenith from the blacklist
- ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos
- ALSA: usb-audio: Add connector notifier delegation
- iio: core: remove extra semi-colon from devm_iio_device_register() macro
- iio: st_sensors: rely on odr mask to know if odr can be set
- iio: adc: stm32-adc: fix sleep in atomic context
- iio: xilinx-xadc: Fix ADC-B powerdown
- iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
- iio: xilinx-xadc: Fix sequencer configuration for aux channels in
simultaneous mode
- iio: xilinx-xadc: Make sure not exceed maximum samplerate
- USB: sisusbvga: Change port variable from signed to unsigned
- USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70
RGB RAPIDFIRE
- USB: early: Handle AMD's spec-compliant identifiers, too
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary
- USB: hub: Fix handling of connect changes during sleep
- vmalloc: fix remap_vmalloc_range() bounds checks
- mm/hugetlb: fix a addressing exception caused by huge_pte_offset
- mm/ksm: fix NULL pointer dereference when KSM zero page is enabled
- tools/vm: fix cross-compile build
- ALSA: usx2y: Fix potential NULL dereference
- ALSA: hda/realtek - Fix unexpected init_amp override
- ALSA: hda/realtek - Add new codec supported for ALC245
- ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
- ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
- tpm/tpm_tis: Free IRQ if probing fails
- tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send()
- KVM: s390: Return last valid slot if approx index is out-of-bounds
- KVM: Check validity of resolved slot when searching memslots
- KVM: VMX: Enable machine check support for 32bit targets
- tty: hvc: fix buffer overflow during hvc_alloc().
- tty: rocket, avoid OOB access
- usb-storage: Add unusual_devs entry for JMicron JMS566
- audit: check the length of userspace generated audit records
- ASoC: dapm: fixup dapm kcontrol widget
- iwlwifi: pcie: actually release queue memory in TVQM
- iwlwifi: mvm: beacon statistics shouldn't go backwards
- ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
- powerpc/setup_64: Set cache-line-size based on cache-block-size
- staging: comedi: dt2815: fix writing hi byte of analog output
- staging: comedi: Fix comedi_device refcnt leak in comedi_open
- vt: don't hardcode the mem allocation upper bound
- vt: don't use kmalloc() for the unicode screen buffer
- staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default.
- staging: vt6656: Fix calling conditions of vnt_set_bss_mode
- staging: vt6656: Fix drivers TBTT timing counter.
- staging: vt6656: Fix pairwise key entry save.
- staging: vt6656: Power save stop wake_up_count wrap around.
- cdc-acm: close race betrween suspend() and acm_softint
- cdc-acm: introduce a cool down
- UAS: no use logging any details in case of ENODEV
- UAS: fix deadlock in error handling and PM flushing work
- usb: dwc3: gadget: Fix request completion check
- usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
- xhci: prevent bus suspend if a roothub port detected a over-current
condition
- serial: sh-sci: Make sure status register SCxSR is read in correct sequence
- xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT
- tools/testing/nvdimm: Fix compilation failure without
CONFIG_DEV_DAX_PMEM_COMPAT
- scsi: libfc: If PRLI rejected, move rport to PLOGI state
- nvme-tcp: fix possible crash in write_zeroes processing
- tools/test/nvdimm: Fix out of tree build
- drm/amd/display: Update stream adjust in dc_stream_adjust_vmin_vmax
- dma-direct: fix data truncation in dma_direct_get_required_mask()
- lib/raid6/test: fix build on distros whose /bin/sh is not bash
- s390/cio: generate delayed uevent for vfio-ccw subchannels
- nvme: fix compat address handling in several ioctls
- ALSA: usb-audio: Add Pioneer DJ DJM-250MK2 quirk
- PCI/PM: Add pcie_wait_for_link_delay()
- scsi: smartpqi: fix controller lockup observed during force reboot
- scsi: smartpqi: fix problem with unique ID for physical device
- ipv4: Update fib_select_default to handle nexthop objects
- net/mlx4_en: avoid indirect call in TX completion
- selftests: Fix suppress test in fib_tests.sh
- net: dsa: b53: Fix valid setting for MDB entries
- vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
- geneve: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
- iio: adc: ti-ads8344: properly byte swap value
- USB: hub: Revert commit bd0e6c9614b9 ("usb: hub: try old enumeration scheme
first for high speed devices")
- tty: serial: owl: add "much needed" clk_prepare_enable()
- staging: gasket: Fix incongruency in handling of sysfs entries creation
- coredump: fix null pointer dereference on coredump
- tpm: fix wrong return value in tpm_pcr_extend
- signal: Avoid corrupting si_pid and si_uid in do_notify_parent
- mac80211: populate debugfs only after cfg80211 init
- SUNRPC: Fix backchannel RPC soft lockups
- iwlwifi: mvm: Do not declare support for ACK Enabled Aggregation
- iwlwifi: mvm: fix inactive TID removal return value usage
- cifs: fix uninitialised lease_key in open_shroot()
- usb: typec: tcpm: Ignore CC and vbus changes in PORT_RESET change
- usb: typec: altmode: Fix typec_altmode_get_partner sometimes returning an
invalid pointer
- xhci: Fix handling halted endpoint even if endpoint ring appears empty
- xhci: Don't clear hub TT buffer on ep0 protocol stall
- Revert "serial: uartps: Fix uartps_major handling"
- Revert "serial: uartps: Use the same dynamic major number for all ports"
- Revert "serial: uartps: Fix error path when alloc failed"
- Revert "serial: uartps: Do not allow use aliases >= MAX_UART_INSTANCES"
- Revert "serial: uartps: Change uart ID port allocation"
- Revert "serial: uartps: Move Port ID to device data structure"
- Revert "serial: uartps: Register own uart console and driver structures"
- powerpc/kuap: PPC_KUAP_DEBUG should depend on PPC_KUAP
- powerpc/mm: Fix CONFIG_PPC_KUAP_DEBUG on PPC32
- compat: ARM64: always include asm-generic/compat.h
* Eoan update: upstream stable patchset 2020-05-05 (LP: #1876971)
- arm, bpf: Fix offset overflow for BPF_MEM BPF_DW
- objtool: Fix switch table detection in .text.unlikely
- scsi: sg: add sg_remove_request in sg_common_write
- ext4: use non-movable memory for superblock readahead
- watchdog: sp805: fix restart handler
- arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
- ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN.
- netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
- irqchip/mbigen: Free msi_desc on device teardown
- ALSA: hda: Don't release card at firmware loading error
- of: unittest: kmemleak on changeset destroy
- of: unittest: kmemleak in of_unittest_platform_populate()
- of: unittest: kmemleak in of_unittest_overlay_high_level()
- of: overlay: kmemleak in dup_and_fixup_symbol_prop()
- x86/Hyper-V: Report crash register data or kmsg before running crash kernel
- rbd: avoid a deadlock on header_rwsem when flushing notifies
- rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
- xsk: Add missing check on user supplied headroom size
- x86/Hyper-V: Unload vmbus channel in hv panic callback
- x86/Hyper-V: Free hv_panic_page when fail to register kmsg dump
- x86/Hyper-V: Trigger crash enlightenment only once during system crash.
- x86/Hyper-V: Report crash register data when sysctl_record_panic_msg is not
set
- x86/Hyper-V: Report crash data in die() when panic_on_oops is set
- clk: at91: usb: continue if clk_hw_round_rate() return zero
- power: supply: bq27xxx_battery: Silence deferred-probe error
- clk: tegra: Fix Tegra PMC clock out parents
- soc: imx: gpc: fix power up sequencing
- rtc: 88pm860x: fix possible race condition
- NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
- NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
- s390/cpuinfo: fix wrong output when CPU0 is offline
- powerpc/maple: Fix declaration made after definition
- s390/cpum_sf: Fix wrong page count in error message
- ext4: do not commit super on read-only bdev
- um: ubd: Prevent buffer overrun on command completion
- cifs: Allocate encryption header through kmalloc
- include/linux/swapops.h: correct guards for non_swap_entry()
- percpu_counter: fix a data race at vm_committed_as
- compiler.h: fix error in BUILD_BUG_ON() reporting
- KVM: s390: vsie: Fix possible race when shadowing region 3 tables
- x86: ACPI: fix CPU hotplug deadlock
- drm/amdkfd: kfree the wrong pointer
- NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
- f2fs: fix NULL pointer dereference in f2fs_write_begin()
- drm/vc4: Fix HDMI mode validation
- iommu/vt-d: Fix mm reference leak
- ext2: fix empty body warnings when -Wextra is used
- ext2: fix debug reference to ext2_xattr_cache
- power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute
Sticks.
- libnvdimm: Out of bounds read in __nd_ioctl()
- iommu/amd: Fix the configuration of GCR3 table root pointer
- f2fs: fix to wait all node page writeback
- net: dsa: bcm_sf2: Fix overflow checks
- fbdev: potential information leak in do_fb_ioctl()
- iio: si1133: read 24-bit signed integer for measurement
- tty: evh_bytechan: Fix out of bounds accesses
- locktorture: Print ratio of acquisitions, not failures
- mtd: spinand: Explicitly use MTD_OPS_RAW to write the bad block marker to
OOB
- mtd: lpddr: Fix a double free in probe()
- mtd: phram: fix a double free issue in error path
- KEYS: Don't write out to userspace while holding key semaphore
- bpf: fix buggy r0 retval refinement for tracing helpers
- ALSA: hda: Honor PM disablement in PM freeze and thaw_noirq ops
- kbuild, btf: Fix dependencies for DEBUG_INFO_BTF
- afs: Fix missing XDR advance in xdr_decode_{AFS,YFS}FSFetchStatus()
- afs: Fix decoding of inline abort codes from version 1 status records
- afs: Fix rename operation status delivery
- afs: Fix afs_d_validate() to set the right directory version
- afs: Fix race between post-modification dir edit and readdir/d_revalidate
- block, bfq: turn put_queue into release_process_ref in
__bfq_bic_change_cgroup
- block, bfq: make reparent_leaf_entity actually work only on leaf entities
- block, bfq: invoke flush_idle_tree after reparent_active_queues in
pd_offline
- clk: Don't cache errors from clk_ops::get_phase()
- net/mlx5e: Enforce setting of a single FEC mode
- f2fs: fix the panic in do_checkpoint()
- ARM: dts: rockchip: fix vqmmc-supply property name for rk3188-bqedison2qc
- arm64: dts: allwinner: a64: Fix display clock register range
- arm64: tegra: Add PCIe endpoint controllers nodes for Tegra194
- arm64: tegra: Fix Tegra194 PCIe compatible string
- arm64: dts: clearfog-gt-8k: set gigabit PHY reset deassert delay
- dma-coherent: fix integer overflow in the reserved-memory dma allocation
- NFS: alloc_nfs_open_context() must use the file cred when available
- NFSv4.2: error out when relink swapfile
- ARM: dts: rockchip: fix lvds-encoder ports subnode for rk3188-bqedison2qc
- KVM: PPC: Book3S HV: Fix H_CEDE return code for nested guests
- f2fs: fix to show norecovery mount option
- phy: uniphier-usb3ss: Add Pro5 support
- f2fs: Fix mount failure due to SPO after a successful online resize FS
- f2fs: Add a new CP flag to help fsck fix resize SPO issues
- mm/hugetlb: fix build failure with HUGETLB_PAGE but not HUGEBTLBFS
- drm/nouveau/svm: check for SVM initialized before migrating
- drm/nouveau/svm: fix vma range check for migration
- drm/nouveau: workaround runpm fail by disabling PCI power management on
certain intel bridges
- csky: Fixup cpu speculative execution to IO area
- csky: Fixup get wrong psr value from phyical reg
- ACPICA: Fixes for acpiExec namespace init file
- um: falloc.h needs to be directly included for older libc
- iommu/virtio: Fix freeing of incomplete domains
- iommu/vt-d: Fix page request descriptor size
- csky: Fixup init_fpu compile warning with __init
- drm/nouveau/gr/gp107,gp108: implement workaround for HW hanging during init
- dma-debug: fix displaying of dma allocation type
- ARM: dts: sunxi: Fix DE2 clocks register range
- fbmem: Adjust indentation in fb_prepare_logo and fb_blank
- mtd: rawnand: free the nand_device object
- docs: Fix path to MTD command line partition parser
- bpf: Test_verifier, bpf_get_stack return value add <0
- bpf: Test_progs, add test to catch retval refine error handling
- SAUCE: bpf: Test_progs, fix test_get_stack_rawtp_err.c build
- bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test
* Eoan update: upstream stable patchset 2020-05-01 (LP: #1876321)
- amd-xgbe: Use __napi_schedule() in BH context
- hsr: check protocol version in hsr_newlink()
- net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
- net: ipv6: do not consider routes via gateways for anycast address check
- net: qrtr: send msgs from local of same id as broadcast
- net: revert default NAPI poll timeout to 2 jiffies
- net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
- net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode
- ovl: fix value of i_ino for lower hardlink corner case
- scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
- jbd2: improve comments about freeing data buffers whose page mapping is NULL
- pwm: pca9685: Fix PWM/GPIO inter-operation
- ext4: fix incorrect group count in ext4_fill_super error message
- ext4: fix incorrect inodes per group in error message
- ASoC: Intel: mrfld: fix incorrect check on p->sink
- ASoC: Intel: mrfld: return error codes when an error occurs
- ALSA: usb-audio: Filter error from connector kctl ops, too
- ALSA: usb-audio: Don't override ignore_ctl_error value from the map
- ALSA: usb-audio: Don't create jack controls for PCM terminals
- ALSA: usb-audio: Check mapping at creating connector controls, too
- keys: Fix proc_keys_next to increase position index
- tracing: Fix the race between registering 'snapshot' event trigger and
triggering 'snapshot' operation
- btrfs: check commit root generation in should_ignore_root
- mac80211_hwsim: Use kstrndup() in place of kasprintf()
- usb: dwc3: gadget: Don't clear flags before transfer ended
- drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled
- ext4: do not zeroout extents beyond i_disksize
- scsi: target: remove boilerplate code
- scsi: target: fix hang when multiple threads try to destroy the same iscsi
session
- x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
- x86/resctrl: Preserve CDP enable over CPU hotplug
- x86/resctrl: Fix invalid attempt at removing the default resource group
- mm/vmalloc.c: move 'area->pages' after if statement
- l2tp: Allow management of tunnels and session in user namespace
- net: phy: micrel: use genphy_read_status for KSZ9131
- net: tun: record RX queue in skb before do_xdp_generic()
- net/mlx5: Fix frequent ioread PCI access during recovery
- net/mlx5e: Add missing release firmware call
- net/mlx5e: Fix pfnum in devlink port attribute
- platform/chrome: cros_ec_rpmsg: Fix race with host event
- acpi/nfit: improve bounds checking for 'func'
- perf report: Fix no branch type statistics report issue
- net/bpfilter: remove superfluous testing message
- clk: at91: sam9x60: fix usb clock parents
- clk: at91: usb: use proper usbs_mask
- arm64: dts: librem5-devkit: add a vbus supply to usb0
- ALSA: hda/realtek - Enable the headset mic on Asus FX505DT
- arm64: vdso: don't free unallocated pages
- nl80211: fix NL80211_ATTR_FTM_RESPONDER policy
- mac80211: fix race in ieee80211_register_hw()
- net/mlx5e: Encapsulate updating netdev queues into a function
- net/mlx5e: Rename hw_modify to preactivate
- net/mlx5e: Use preactivate hook to set the indirection table
- drm/amdgpu: fix the hw hang during perform system reboot and reset
- i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT
- irqchip/ti-sci-inta: Fix processing of masked irqs
* Do not treat unresolved test case in ftrace from ubuntu_kernel_selftests as
failure (LP: #1877958)
- ftrace/selftest: make unresolved cases cause failure if --fail-unresolved
set
* alsa/sof: kernel oops on the machine without Intel hdmi audio codec (a
regression in the asoc machine driver) (LP: #1874359)
- SAUCE: ASoC: intel/skl/hda - fix oops on systems without i915 audio codec
* 'Elan touchpad' not detected on 'Lenovo ThinkBook 15 IIL' (LP: #1861610)
- SAUCE: Input: elan_i2c - add more hardware ID for Lenovo laptop
[ Ubuntu: 5.3.0-55.49 ]
* eoan/linux: 5.3.0-55.49 -proposed tracker (LP: #1879931)
* Docker registry doesn't stay up and keeps restarting (LP: #1879690)
- Revert "UBUNTU: SAUCE: overlayfs: fix shitfs special-casing"
- Revert "UBUNTU: SAUCE: overlayfs: use shiftfs hacks only with shiftfs as
underlay"
Date: 2020-06-04 16:02:21.514258+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-kvm/5.3.0-1023.25
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list