Changelog
linux (4.13.13-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11
- workqueue: replace pool->manager_arb mutex with a flag
- [x86] ALSA: hda/realtek - Add support for ALC236/ALC3204
- [x86] ALSA: hda - fix headset mic problem for Dell machines with alc236
- ceph: unlock dangling spinlock in try_flush_caps()
- [powerpc*] KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM
(CVE-2017-15306)
- [powerpc*] KVM: PPC: Book3S HV: POWER9 more doorbell fixes
- [powerpc*] KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU
- [s390x] kvm: fix detection of guest machine checks
- nbd: handle interrupted sendmsg with a sndtimeo set
- spi: uapi: spidev: add missing ioctl header
- spi: a3700: Return correct value on timeout detection
- spi: bcm-qspi: Fix use after free in bcm_qspi_probe() in error path
- spi: armada-3700: Fix failing commands with quad-SPI
- ovl: add NULL check in ovl_alloc_inode
- ovl: fix EIO from lookup of non-indexed upper
- ovl: handle ENOENT on index lookup
- ovl: do not cleanup unsupported index entries
- fuse: fix READDIRPLUS skipping an entry
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
- xen: fix booting ballooned down hvm guest
- cifs: Select all required crypto modules
- CIFS: Fix NULL pointer deref on SMB2_tcon() failure
- Input: elan_i2c - add ELAN0611 to the ACPI table
- Input: gtco - fix potential out-of-bound access (CVE-2017-16643)
- Fix encryption labels and lengths for SMB3.1.1
- SMB3: Validate negotiate request must always be signed
- assoc_array: Fix a buggy node-splitting case (CVE-2017-12193)
- [s390x] scsi: zfcp: fix erp_action use-before-initialize in REC action
trace
- scsi: aacraid: Fix controller initialization failure
- scsi: qla2xxx: Initialize Work element before requesting IRQs
- scsi: sg: Re-fix off by one in sg_fill_request_table()
- [x86] cpu/AMD: Apply the Erratum 688 fix when the BIOS doesn't
- [x86] drm/amd/powerplay: fix uninitialized variable
- [x86] drm/i915/perf: fix perf enable/disable ioctls with 32bits
userspace
- [armhf] can: sun4i: fix loopback mode
- can: kvaser_usb: Correct return value in printout
- can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
- cfg80211: fix connect/disconnect edge cases
- ipsec: Fix aborted xfrm policy dump crash
- [armhf] regulator: fan53555: fix I2C device ids (Closes: #879768)
- [powerpc*] xive: Fix the size of the cpumask used in
xive_find_target_in_mask()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12
- ALSA: timer: Add missing mutex lock for compat ioctls
- ALSA: seq: Fix nested rwsem annotation for lockdep splat
- cifs: check MaxPathNameComponentLength != 0 before using it
(Closes: #880504)
- KEYS: return full count in keyring_read() if buffer is too small
- KEYS: trusted: fix writing past end of buffer in trusted_read()
- KEYS: fix out-of-bounds read during ASN.1 parsing
- ASoC: adau17x1: Workaround for noise bug in ADC
- virtio_blk: Fix an SG_IO regression
- [arm64] ensure __dump_instr() checks addr_limit
- [arm64] KVM: its: Fix missing dynamic allocation check in scan_its_table
- [armhf, arm64] KVM: set right LR register value for 32 bit guest when
inject abort
- [armhf,arm64] kvm: Disable branch profiling in HYP code
- [armhf] dts: mvebu: pl310-cache disable double-linefill
- drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting
- drm/amdgpu: allow harvesting check for Polaris VCE
- userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of
i_size
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim
- fs/hugetlbfs/inode.c: fix hwpoison reserve accounting
- mm, swap: fix race between swap count continuation operations
- [x86] drm/i915: Do not rely on wm preservation for ILK watermarks
- [x86] drm/i915/edp: read edp display control registers unconditionally
- [mips*] bpf: Fix a typo in build_one_insn()
- [mips*] smp-cmp: Use right include for task_struct
- [mips*] SMP: Fix deadlock & online race
- Revert "x86: do not use cpufreq_quick_get() for /proc/cpuinfo "cpu MHz""
- [powerpc*] kprobes: Dereference function pointers only if the address
does not belong to kernel text
- futex: Fix more put_pi_state() vs. exit_pi_state_list() races
- perf/cgroup: Fix perf cgroup hierarchy support
- [x86] mcelog: Get rid of RCU remnants
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.13
- netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to
rhashtable"
- netfilter: nft_set_hash: disable fast_ops for 2-len keys (Closes: #880145)
- workqueue: Fix NULL pointer dereference
- crypto: ccm - preserve the IV buffer
- [x86] crypto: sha1-mb - fix panic due to unaligned access
- [x86] crypto: sha256-mb - fix panic due to unaligned access
- KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
- [x86] ACPI / PM: Blacklist Low Power S0 Idle _DSM for Dell XPS13 9360
- ACPICA: Dispatch active GPEs at init time
- ACPICA: Make it possible to enable runtime GPEs earlier
- ACPI / scan: Enable GPEs before scanning the namespace
- [armel,armhf] 8720/1: ensure dump_instr() checks addr_limit
- ALSA: timer: Limit max instances per timer
- ALSA: usb-audio: support new Amanero Combo384 firmware version
- [x86] ALSA: hda - fix headset mic problem for Dell machines with alc274
- ALSA: seq: Fix OSS sysex delivery in OSS emulation
- ALSA: seq: Avoid invalid lockdep class warning
- [mips*] Fix CM region target definitions
- [powerpc*] KVM: Book3S HV: Fix exclusion between HPT resizing and other
HPT updates
- Input: elan_i2c - add ELAN060C to the ACPI table
- rbd: use GFP_NOIO for parent stat and data requests
- [x86] drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
- [armhf] can: sun4i: handle overrun in RX FIFO
- can: peak: Add support for new PCIe/M2 CAN FD interfaces
- [x86] debug: Handle warnings before the notifier chain, to fix KGDB crash
- [x86] smpboot: Make optimization of delay calibration work correctly
- [x86] oprofile/ppro: Do not use __this_cpu*() in preemptible context
[ Salvatore Bonaccorso ]
* mac80211: accept key reinstall without changing anything (CVE-2017-13080)
* sctp: do not peel off an assoc from one netns to another one
(CVE-2017-15115)
[ Ben Hutchings ]
* linux-image: Recommend apparmor, as systemd units with an AppArmor
profile will fail without it (Closes: #880441)
* [powerpc*] kvm: Ignore ABI change in 4.13.6 (fixes FTBFS)
* swap: Avoid ABI change in 4.13.12
* mac80211: use constant time comparison with keys
* mac80211: don't compare TKIP TX MIC key in reinstall prevention
* usb: usbtest: fix NULL pointer dereference (CVE-2017-16532)
* media: cx231xx-cards: fix NULL-deref on missing association descriptor
(CVE-2017-16536)
* media: imon: Fix null-ptr-deref in imon_probe (CVE-2017-16537)
* media: dib0700: fix invalid dvb_detach argument (CVE-2017-16646)
* net: usb: asix: fill null-ptr-deref in asix_suspend (CVE-2017-16647)
* net: cdc_ether: fix divide by 0 on bad descriptors (CVE-2017-16649)
* net: qmi_wwan: fix divide by 0 on bad descriptors (CVE-2017-16650)
* nftables: Enable NFT_RT, NFT_SET_BITMAP, NFT_OBJREF as modules
(Closes: #881931)
* [powerpc*/*64*] drm: Enable DRM_AMDGPU as module (Closes: #881593)
* amdgpu: Enable DRM_AMDGPU_USERPTR on all architectures
* amdgpu: Enable DRM_AMDGPU_SI, CONFIG_DRM_AMDGPU_CIK (Closes: #847570)
* [arm64,x86] net/wireless: Enable RTL8723BS as module (Closes: #881568)
* [arm64] nvmem: Enable NVMEM_SUNXI_SID as module (Closes: #881567)
* [x86] rmi4: Disable RMI4_SMB (Closes: #880471)
* ALSA: timer: Avoid ABI change in 4.13.13
* netfilter: nat: Avoid ABI change in 4.13.13
-- Ben Hutchings <email address hidden> Thu, 16 Nov 2017 21:04:10 +0000