[ubuntu/trusty-security] linux 3.13.0-147.196 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue May 8 19:36:52 UTC 2018
linux (3.13.0-147.196) trusty; urgency=medium
* CVE-2018-8897
- x86/traps: Enable DEBUG_STACK after cpu_init() for TRAP_DB/BP
- x86/entry/64: Don't use IST entry for #BP stack
* CVE-2018-1087
- KVM: VMX: Fix DR6 update on #DB exception
- KVM: VMX: Advance rip to after an ICEBP instruction
- kvm/x86: fix icebp instruction handling
* CVE-2018-1000199
- perf/hwbp: Simplify the perf-hwbp code, fix documentation
linux (3.13.0-145.194) trusty; urgency=medium
* linux: 3.13.0-145.194 -proposed tracker (LP: #1761430)
* intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
- Revert "UBUNTU: SAUCE: x86/mm: Only set IBPB when the new thread cannot
ptrace current thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch
* DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
- [Packaging] include the retpoline extractor in the headers
* retpoline hints: primary infrastructure and initial hints (LP: #1758856)
- [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
- x86/paravirt, objtool: Annotate indirect calls
- x86/asm: Stop depending on ptrace.h in alternative.h
- [Packaging] retpoline -- add safe usage hint support
- [Packaging] retpoline-check -- only report additions
- [Packaging] retpoline -- widen indirect call/jmp detection
- [Packaging] retpoline -- elide %rip relative indirections
- [Packaging] retpoline -- clear hint information from packages
- SAUCE: modpost: add discard to non-allocatable whitelist
- KVM: x86: Make indirect calls in emulator speculation safe
- KVM: VMX: Make indirect call speculation safe
- x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
- SAUCE: early/late -- annotate indirect calls in early/late initialisation
code
- SAUCE: vga_set_mode -- avoid jump tables
- [Config] retpoline -- switch to new format
- [Packaging] retpoline hints -- handle missing files when RETPOLINE not
enabled
- [Packaging] final-checks -- remove check for empty retpoline files
* retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
- [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
* Boot crash with Trusty 3.13 (LP: #1757193)
- Revert "UBUNTU: SAUCE: x86, extable: fix uaccess fixup detection"
- x86/mm: Expand the exception table logic to allow new handling options
* Segmentation fault in ldt_gdt_64 (LP: #1755817) // CVE-2017-5754
- x86/kvm: Rename VMX's segment access rights defines
- x86/signal/64: Fix SS if needed when delivering a 64-bit signal
Date: 2018-05-02 15:47:12.681299+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux/3.13.0-147.196
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list