ACK: [SRU focal/linux-oem-5.6] [PULL] CVE updates

Stefan Bader stefan.bader at canonical.com
Thu Feb 18 08:00:18 UTC 2021 

On 04.02.21 21:16, Thadeu Lima de Souza Cascardo wrote:
> Hello.
> 
> This pull request has clean cherry picks of fixes for Medium CVEs that are
> already applied (either released or pending) in focal/linux.
> 
> The branch has been built-tested.
> 
> Thanks.
> Cascardo.
> 
> -----
> 
> The following changes since commit e61298e83b9a4321f1e1aaba0c814764a2692a7f:
> 
>   UBUNTU: [Packaging] update-version-dkms -- maintain flags fields (2021-02-01 18:49:35 -0300)
> 
> are available in the Git repository at:
> 
>   git://kernel.ubuntu.com/ubuntu-stable/ubuntu-stable-focal.git cve-5.6-next
> 
> for you to fetch changes up to af14b042dd815fa9806b699aad5ce75e57f50940:
> 
>   jfs: Fix array index bounds check in dbAdjTree (2021-02-04 16:14:40 -0300)
> 
> ----------------------------------------------------------------
> Alain Michaud (1):
>       Bluetooth: fix kernel oops in store_pending_adv_report
> 
> Andrea Arcangeli (1):
>       mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
> 
> Dan Carpenter (1):
>       hdlc_ppp: add range checks in ppp_cp_parse_cr()
> 
> Dave Kleikamp (1):
>       jfs: Fix array index bounds check in dbAdjTree
> 
> Eddy Wu (1):
>       fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
> 
> Eric Sandeen (1):
>       ext4: fix potential negative array index in do_split()
> 
> Ilya Dryomov (1):
>       rbd: require global CAP_SYS_ADMIN for mapping and unmapping
> 
> Jann Horn (3):
>       tty: Fix ->pgrp locking in tiocspgrp()
>       tty: Fix ->session locking
>       romfs: fix uninitialized memory leak in romfs_dev_read()
> 
> Jason Yan (1):
>       block: Fix use-after-free in blkdev_get()
> 
> Jeffrey Mitchell (1):
>       nfs: Fix getxattr kernel panic and memory overflow
> 
> Kirill A. Shutemov (1):
>       mm/mmap.c: close race between munmap() and expand_upwards()/downwards()
> 
> Luiz Augusto von Dentz (2):
>       Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
>       Bluetooth: Disconnect if E0 is used for Level 4
> 
> Ming Lei (1):
>       block: allow for_each_bvec to support zero len bvec
> 
> Peilin Ye (2):
>       fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
>       Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts
> 
> Vitaly Kuznetsov (1):
>       KVM: ioapic: break infinite recursion on lazy EOI
> 
> Willy Tarreau (1):
>       lib/syscall: fix syscall registers retrieval on 32-bit platforms
> 
> Yang Yingliang (1):
>       serial: 8250: fix null-ptr-deref in serial8250_start_tx()
> 
> kiyin(尹亮) (1):
>       perf/core: Fix a memory leak in perf_event_parse_addr_filter()
> 
>  arch/x86/kvm/ioapic.c                   |  5 +--
>  drivers/block/rbd.c                     | 12 ++++++
>  drivers/net/wan/hdlc_ppp.c              | 16 ++++---
>  drivers/tty/serial/8250/8250_core.c     |  2 +-
>  drivers/tty/tty_io.c                    |  7 +++-
>  drivers/tty/tty_jobctrl.c               | 44 ++++++++++++++------
>  drivers/video/console/newport_con.c     |  7 +---
>  drivers/video/fbdev/core/fbcon.h        |  7 ----
>  drivers/video/fbdev/core/fbcon_rotate.c |  1 +
>  drivers/video/fbdev/core/tileblit.c     |  1 +
>  fs/block_dev.c                          | 12 +++---
>  fs/ext4/namei.c                         | 16 +++++--
>  fs/jfs/jfs_dmap.h                       |  2 +-
>  fs/nfs/nfs4proc.c                       |  2 -
>  fs/nfs/nfs4xdr.c                        |  6 ++-
>  fs/romfs/storage.c                      |  4 +-
>  include/linux/bvec.h                    |  9 +++-
>  include/linux/font.h                    | 13 ++++++
>  include/linux/tty.h                     |  4 ++
>  include/net/bluetooth/hci_core.h        | 30 ++++++++++---
>  kernel/events/core.c                    | 12 +++---
>  kernel/fork.c                           | 10 ++---
>  lib/fonts/font_10x18.c                  |  9 ++--
>  lib/fonts/font_6x10.c                   |  9 ++--
>  lib/fonts/font_6x11.c                   |  9 ++--
>  lib/fonts/font_7x14.c                   |  9 ++--
>  lib/fonts/font_8x16.c                   |  9 ++--
>  lib/fonts/font_8x8.c                    |  9 ++--
>  lib/fonts/font_acorn_8x8.c              |  9 ++--
>  lib/fonts/font_mini_4x6.c               |  8 ++--
>  lib/fonts/font_pearl_8x8.c              |  9 ++--
>  lib/fonts/font_sun12x22.c               |  9 ++--
>  lib/fonts/font_sun8x16.c                |  7 ++--
>  lib/fonts/font_ter16x32.c               |  9 ++--
>  lib/syscall.c                           | 11 ++++-
>  mm/huge_memory.c                        | 31 ++++++++++++--
>  mm/mmap.c                               | 16 ++++++-
>  net/bluetooth/hci_conn.c                | 17 ++++++++
>  net/bluetooth/hci_event.c               | 74 +++++++++++++--------------------
>  39 files changed, 300 insertions(+), 176 deletions(-)
> 
Acked-by: Stefan Bader <stefan.bader at canonical.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20210218/b8fa2964/attachment.sig>

More information about the kernel-team mailing list