Xenial update: 4.4.160 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Stefan Bader |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
4.4.160 upstream stable release
from git://git.
The following patches will be applied:
* crypto: skcipher - Fix -Wstringop-
* tsl2550: fix lux1_input error in low light
* vmci: type promotion bug in qp_host_
* x86/numa_emulation: Fix emulated-
* staging: rts5208: fix missing error check on call to rtsx_write_register
* uwb: hwa-rc: fix memory leak at probe
* power: vexpress: fix corruption in notifier registration
* Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
* USB: serial: kobil_sct: fix modem-status error handling
* 6lowpan: iphc: reset mac_header after decompress to fix panic
* md-cluster: clear another node's suspend_area after the copy is finished
* media: exynos4-is: Prevent NULL pointer dereference in __isp_video_
* powerpc/kdump: Handle crashkernel memory reservation failure
* media: fsl-viu: fix error handling in viu_of_probe()
* x86/tsc: Add missing header to tsc_msr.c
* x86/entry/64: Add two more instruction suffixes
* scsi: target/iscsi: Make iscsit_
* scsi: klist: Make it safe to use klists in atomic context
* scsi: ibmvscsi: Improve strings handling
* usb: wusbcore: security: cast sizeof to int for comparison
* powerpc/
* alarmtimer: Prevent overflow for relative nanosleep
* s390/extmem: fix gcc 8 stringop-overflow warning
* ALSA: snd-aoa: add of_node_put() in error path
* media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
* media: soc_camera: ov772x: correct setting of banding filter
* media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
* staging: android: ashmem: Fix mmap size validation
* drivers/tty: add error handling for pcmcia_loop_config
* media: tm6000: add error handling for dvb_register_
* ALSA: hda: Add AZX_DCAPS_
* ath10k: protect ath10k_
* rndis_wlan: potential buffer overflow in rndis_wlan_
* wlcore: Add missing PM call for wlcore_
* ARM: mvebu: declare asm symbols as character arrays in pmsu.c
* HID: hid-ntrig: add error handling for sysfs_create_group
* scsi: bnx2i: add error handling for ioremap_nocache
* EDAC, i7core: Fix memleaks and use-after-free on probe and remove
* ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
* module: exclude SHN_UNDEF symbols from kallsyms api
* nfsd: fix corrupted reply to badly ordered compound
* ARM: dts: dra7: fix DCAN node addresses
* floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
* serial: cpm_uart: return immediately from console poll
* spi: tegra20-slink: explicitly enable/disable clock
* spi: sh-msiof: Fix invalid SPI use during system suspend
* spi: sh-msiof: Fix handling of write value for SISTR register
* spi: rspi: Fix invalid SPI use during system suspend
* spi: rspi: Fix interrupted DMA transfers
* USB: fix error handling in usb_driver_
* USB: handle NULL config in usb_find_
* slub: make ->cpu_partial unsigned int
* Revert "UBUNTU: SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device"
* media: uvcvideo: Support realtek's UVC 1.5 device
* USB: usbdevfs: sanitize flags more
* USB: usbdevfs: restore warning for nonsensical flags
* Revert "usb: cdc-wdm: Fix a sleep-in-
service_
* USB: remove LPM management from usb_driver_
* Input: elantech - enable middle button of touchpad on ThinkPad P72
* IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
* scsi: target: iscsi: Use bin2hex instead of a re-implementation
* serial: imx: restore handshaking irq for imx1
* arm64: KVM: Tighten guest core register access from userspace
* ext4: never move the system.data xattr out of the inode body
* thermal: of-thermal: disable passive polling when thermal zone is disabled
* net: hns: fix length and page_offset overflow when CONFIG_
* e1000: check on netif_running() before calling e1000_up()
* e1000: ensure to free old tx/rx rings in set_ringparam()
* hwmon: (ina2xx) fix sysfs shunt resistor read access
* hwmon: (adt7475) Make adt7475_read_word() return errors
* i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
* arm64: cpufeature: Track 32bit EL0 support
* arm64: KVM: Sanitize PSTATE.M when being set from userspace
* media: v4l: event: Prevent freeing event subscriptions while accessed
* KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
* mac80211: correct use of IEEE80211_
* mac80211_hwsim: correct use of IEEE80211_
* gpio: adp5588: Fix sleep-in-
* mac80211: mesh: fix HWMP sequence numbering to follow standard
* cfg80211: nl80211_
* RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
* i2c: uniphier: issue STOP only for last message or I2C_M_STOP
* i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
* net: cadence: Fix a sleep-in-
* fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
* cfg80211: fix a type issue in ieee80211_
* mac80211: fix a race between restart and CSA flows
* mac80211: Fix station bandwidth setting after channel switch
* mac80211: shorten the IBSS debug messages
* tools/vm/
* tools/vm/
* mm: madvise(
* usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
* perf probe powerpc: Ignore SyS symbols irrespective of endianness
* RDMA/ucma: check fd type in ucma_migrate_id()
* USB: yurex: Check for truncation in yurex_read()
* drm/nouveau/
* fs/cifs: suppress a string overflow warning
* dm thin metadata: try to avoid ever aborting transactions
* arch/hexagon: fix kernel/dma.c build warning
* hexagon: modify ffs() and fls() to return int
* arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
* r8169: Clear RTL_FLAG_
* s390/qeth: don't dump past end of unknown HW header
* cifs: read overflow in is_valid_
* xen/manage: don't complain about an empty value in control/sysrq node
* xen: avoid crash in disable_hotplug_cpu
* xen: fix GCC warning and remove duplicate EVTCHN_
* smb2: fix missing files in root share directory listing
* ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
* crypto: mxs-dcp - Fix wait logic on chan threads
* proc: restrict kernel stack dumps to root
* ocfs2: fix locking for res->tracking and dlm->tracking_list
* dm thin metadata: fix __udivdi3 undefined on 32-bit
* Linux 4.4.160
CVE References
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Xenial): | |
assignee: | nobody → Stefan Bader (smb) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux (Ubuntu): | |
status: | New → Invalid |
description: | updated |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Modified "floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl" to only make the change for the "too long line" that got added by upstream. Otherwise we already carry the change for CVE-2018-7755.
Modified "arm64: cpufeature: Track 32bit EL0 support" to make up for us already having an additional feature defined.