[ubuntu/trusty-security] linux 3.13.0-151.201 (Accepted)

Łukasz Zemczak lukasz.zemczak at canonical.com
Mon Jun 11 15:11:23 UTC 2018


linux (3.13.0-151.201) trusty; urgency=medium

  * linux: 3.13.0-151.201 -proposed tracker (LP: #1774190)

  * CVE-2018-3639 (x86)
    - SAUCE: Set generic SSBD feature for Intel cpus
    - KVM: vmx: fix MPX detection
    - KVM: x86: Fix MSR_IA32_BNDCFGS in msrs_to_save
    - x86/cpu: Add CLZERO detection

  * Trusty cannot load microcode for family 17h AMD processors (LP: #1774082)
    - x86/microcode/AMD: Add support for fam17h microcode loading

linux (3.13.0-150.200) trusty; urgency=medium

  * linux: 3.13.0-150.200 -proposed tracker (LP: #1772970)

  * CVE-2018-3639 (x86)
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - SAUCE: x86/cpu: Rename x86_amd_ssbd_enable
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: x86: introduce num_emulated_msrs
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - KVM: VMX: Expose SSBD properly to guests.

  * CVE-2018-7492
    - rds: Fix NULL pointer dereference in __rds_rdma_map

  * CVE-2017-0627
    - media: uvcvideo: Prevent heap overflow when accessing mapped controls

  * CVE-2018-8781
    - drm: udl: Properly check framebuffer mmap offsets

  * CVE-2018-1068
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets

Date: 2018-05-30 14:14:15.152379+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Łukasz Zemczak <lukasz.zemczak at canonical.com>
https://launchpad.net/ubuntu/+source/linux/3.13.0-151.201
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list