[ubuntu/xenial-security] linux-aws 4.4.0-1119.133 (Accepted)

Andy Whitcroft apw at canonical.com
Tue Jan 5 11:28:14 UTC 2021


linux-aws (4.4.0-1119.133) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1119.133 -proposed tracker (LP: #1906041)

  [ Ubuntu: 4.4.0-198.230 ]

  * xenial/linux: 4.4.0-198.230 -proposed tracker (LP: #1906052)
  * Xenial update: v4.4.244 upstream stable release (LP: #1904914)
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - gfs2: Wake up when sd_glock_disposal becomes zero
    - mm: mempolicy: fix potential pte_unmap_unlock pte error
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - btrfs: reschedule when cloning lots of extents
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - i40e: Wrong truncation from u16 to u8
    - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - iommu/amd: Increase interrupt remapping table limit to 512 entries
    - xfs: fix a missing unlock on error in xfs_fs_map_blocks
    - of/address: Fix of_node memory leak in of_dma_is_coherent
    - cosa: Add missing kfree in error path of cosa_write
    - perf: Fix get_recursion_context()
    - ext4: correctly report "not supported" for {usr,grp}jquota when
      !CONFIG_QUOTA
    - ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
    - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
    - mei: protect mei_cl_mtu from null dereference
    - ocfs2: initialize ip_next_orphan
    - don't dump the threads that had been already exiting when zapped.
    - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
    - pinctrl: amd: use higher precision for 512 RtcClk
    - pinctrl: amd: fix incorrect way to disable debounce filter
    - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
    - IPv6: Set SIT tunnel hard_header_len to zero
    - net/af_iucv: fix null pointer dereference on shutdown
    - net/x25: Fix null-ptr-deref in x25_connect
    - net: Update window_clamp if SOCK_RCVBUF is set
    - random32: make prandom_u32() output unpredictable
    - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
      on STIBP
    - xen/events: avoid removing an event channel while handling it
    - xen/events: add a proper barrier to 2-level uevent unmasking
    - xen/events: fix race in evtchn_fifo_unmask()
    - xen/events: add a new "late EOI" evtchn framework
    - xen/blkback: use lateeoi irq binding
    - xen/netback: use lateeoi irq binding
    - xen/scsiback: use lateeoi irq binding
    - xen/pciback: use lateeoi irq binding
    - xen/events: switch user event channels to lateeoi model
    - xen/events: use a common cpu hotplug hook for event channels
    - xen/events: defer eoi in case of excessive number of events
    - xen/events: block rogue events for some time
    - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
    - reboot: fix overflow parsing reboot cpu number
    - ext4: fix leaking sysfs kobject after failed mount
    - Convert trailing spaces and periods in path components
    - Linux 4.4.244
  * Xenial update: v4.4.243 upstream stable release (LP: #1904904)
    - Linux 4.4.243
  * Xenial update: v4.4.242 upstream stable release (LP: #1903750)
    - SUNRPC: ECONNREFUSED should cause a rebind.
    - scripts/setlocalversion: make git describe output more reliable
    - ravb: Fix bit fields checking in ravb_hwtstamp_get()
    - tipc: fix memory leak caused by tipc_buf_append()
    - mtd: lpddr: Fix bad logic in print_drs_error
    - ata: sata_rcar: Fix DMA boundary mask
    - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
    - f2fs crypto: avoid unneeded memory allocation in ->readdir
    - powerpc/powernv/smp: Fix spurious DBG() warning
    - sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
    - f2fs: fix to check segment boundary during SIT page readahead
    - um: change sigio_spinlock to a mutex
    - xfs: fix realtime bitmap/summary file truncation when growing rt volume
    - video: fbdev: pvr2fb: initialize variables
    - ath10k: fix VHT NSS calculation when STBC is enabled
    - mmc: via-sdmmc: Fix data race bug
    - printk: reduce LOG_BUF_SHIFT range for H8300
    - kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
    - USB: adutux: fix debugging
    - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
    - power: supply: test_power: add missing newlines when printing parameters by
      sysfs
    - md/bitmap: md_bitmap_get_counter returns wrong blocks
    - clk: ti: clockdomain: fix static checker warning
    - net: 9p: initialize sun_server.sun_path to have addr's value only when addr
      is valid
    - drivers: watchdog: rdc321x_wdt: Fix race condition bugs
    - ext4: Detect already used quota file early
    - gfs2: add validation checks for size of superblock
    - memory: emif: Remove bogus debugfs error handling
    - ARM: dts: s5pv210: move PMU node out of clock controller
    - ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node
    - md/raid5: fix oops during stripe resizing
    - leds: bcm6328, bcm6358: use devres LED registering function
    - NFS: fix nfs_path in case of a rename retry
    - ACPI / extlog: Check for RDMSR failure
    - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
    - w1: mxc_w1: Fix timeout resolution problem leading to bus error
    - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove()
    - btrfs: reschedule if necessary when logging directory items
    - vt: keyboard, simplify vt_kdgkbsent
    - vt: keyboard, extend func_buf_lock to readers
    - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
    - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak.
    - powerpc/powernv/elog: Fix race while processing OPAL error log event.
    - ubifs: dent: Fix some potential memory leaks while iterating entries
    - ubi: check kthread_should_stop() after the setting of task state
    - ia64: fix build error with !COREDUMP
    - ceph: promote to unsigned long long before shifting
    - libceph: clear con->out_msg on Policy::stateful_server faults
    - 9P: Cast to loff_t before multiplying
    - ring-buffer: Return 0 on success from ring_buffer_resize()
    - vringh: fix __vringh_iov() when riov and wiov are different
    - tty: make FONTX ioctl use the tty pointer they were actually passed
    - arm64: berlin: Select DW_APB_TIMER_OF
    - cachefiles: Handle readpage error correctly
    - hil/parisc: Disable HIL driver when it gets stuck
    - ARM: samsung: fix PM debug build with DEBUG_LL but !MMU
    - ARM: s3c24xx: fix missing system reset
    - device property: Keep secondary firmware node secondary by type
    - device property: Don't clear secondary pointer for shared primary firmware
      node
    - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
    - Revert "Revert "XEN uses irqdesc::irq_data_common::handler_data to store a
      per interrupt XEN data pointer which contains XEN specific information.""
    - xen/events: don't use chip_data for legacy IRQs
    - tipc: fix use-after-free in tipc_bcast_get_mode
    - gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
    - gianfar: Account for Tx PTP timestamp in the skb headroom
    - Fonts: Replace discarded const qualifier
    - ALSA: usb-audio: Add implicit feedback quirk for Qu-16
    - ftrace: Fix recursion check for NMI test
    - ftrace: Handle tracing when switching between context
    - ARM: dts: sun4i-a10: fix cpu_alert temperature
    - x86/kexec: Use up-to-dated screen_info copy to fill boot params
    - of: Fix reserved-memory overlap detection
    - scsi: core: Don't start concurrent async scan on same host
    - vsock: use ns_capable_noaudit() on socket create
    - vt: Disable KD_FONT_OP_COPY
    - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
    - serial: 8250_mtk: Fix uart_get_baud_rate warning
    - serial: txx9: add missing platform_driver_unregister() on error in
      serial_txx9_init
    - USB: serial: cyberjack: fix write-URB completion race
    - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
    - USB: serial: option: add Telit FN980 composition 0x1055
    - USB: Add NO_LPM quirk for Kingston flash drive
    - ARC: stack unwinding: avoid indefinite looping
    - Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE"
    - Linux 4.4.242
  * [HP 635] Radeon 6310 brightness control does not work (LP: #1894667) //
    Xenial update: v4.4.242 upstream stable release (LP: #1903750)
    - ACPI: video: use ACPI backlight for HP 635 Notebook

  [ Ubuntu: 4.4.0-197.229 ]

  * xenial/linux: 4.4.0-197.229 -proposed tracker (LP: #1905489)
  * sha1_ce and sha2_ce modules no longer load on arm64 (LP: #1905336)
    - SAUCE: Revert "crypto: arm64/sha - avoid non-standard inline asm tricks"
  * Fails to build on powerpc (LP: #1905475)
    - powerpc/uaccess-flush: fix corenet64_smp_defconfig build
    - SAUCE: powerpc/uaccess: only include kup-radix.h on PPC_BOOK3S_64

  [ Ubuntu: 4.4.0-196.228 ]

  * xenial/linux: 4.4.0-196.228 -proposed tracker (LP: #1905309)
  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

Date: 2020-12-01 18:58:15.010155+00:00
Changed-By: Ian <ian.may at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1119.133
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list