Bug #1678009 “Fix CVE-2017-7308” : Bugs : linux package : Ubuntu

Stefan Bader (smb) on 2017-03-31

Changed in linux (Ubuntu Yakkety):
status:	New → In Progress
Changed in linux (Ubuntu Xenial):
status:	New → In Progress
Changed in linux (Ubuntu Vivid):
status:	New → In Progress
Changed in linux (Ubuntu Trusty):
status:	New → In Progress
Changed in linux (Ubuntu Precise):
status:	New → In Progress

Tim Gardner (timg-tpi) on 2017-04-03

Changed in linux (Ubuntu Zesty):
status:	In Progress → Fix Committed

Stefan Bader (smb) on 2017-04-03

Changed in linux (Ubuntu Precise):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Trusty):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Vivid):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Yakkety):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Precise):
importance:	Undecided → High
Changed in linux (Ubuntu Trusty):
importance:	Undecided → High
Changed in linux (Ubuntu Vivid):
importance:	Undecided → High
Changed in linux (Ubuntu Xenial):
importance:	Undecided → High
Changed in linux (Ubuntu Yakkety):
importance:	Undecided → High

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-04-04:

#1

This bug was fixed in the package linux - 4.8.0-46.49

---------------
linux (4.8.0-46.49) yakkety; urgency=low

* linux: 4.8.0-46.49 -proposed tracker (LP: #1678046)

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

-- Stefan Bader <email address hidden> Fri, 31 Mar 2017 09:13:32 +0200

Changed in linux (Ubuntu Yakkety):
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-04-04:

#3

This bug was fixed in the package linux - 4.4.0-72.93

---------------
linux (4.4.0-72.93) xenial; urgency=low

* linux: 4.4.0-72.93 -proposed tracker (LP: #1678078)

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

-- Stefan Bader <email address hidden> Fri, 31 Mar 2017 09:20:03 +0200

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-04-04:

#5

This bug was fixed in the package linux - 3.13.0-116.163

---------------
linux (3.13.0-116.163) trusty; urgency=low

* linux: 3.13.0-116.163 -proposed tracker (LP: #1678065)

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

-- Stefan Bader <email address hidden> Fri, 31 Mar 2017 09:33:48 +0200

Changed in linux (Ubuntu Trusty):
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-04-04:

#7

This bug was fixed in the package linux - 3.2.0-126.169

---------------
linux (3.2.0-126.169) precise; urgency=low

* linux: 3.2.0-126.169 -proposed tracker (LP: #1678070)

  * Fix CVE-2017-7308 (LP: #1678009)
    - packet: handle too big packets for PACKET_V3
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

-- Stefan Bader <email address hidden> Fri, 31 Mar 2017 09:39:32 +0200

Changed in linux (Ubuntu Precise):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-04-08:

#8

Download full text (21.0 KiB)

This bug was fixed in the package linux - 4.10.0-19.21

---------------
linux (4.10.0-19.21) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1680535

  * ADT regressions caused by "audit: fix auditd/kernel connection state
    tracking" (LP: #1680532)
    - SAUCE: Revert "audit: fix auditd/kernel connection state tracking"

  * Miscellaneous Ubuntu changes
    - [Config] updateconfigs to update CONFIG_GENERIC_CSUM for ppc64el
      This cleans up behind a Kconfig change that went undetected.

linux (4.10.0-18.20) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1680168

* smartpqi driver needed in initram disk and installer (LP: #1680156)
- UBUNU: [Config] Add smartpqi to d-i

linux (4.10.0-17.19) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1679718

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

* apparmor: oops on boot if parameters set on grub command line (LP: #1678048)
- SAUCE: apparmor: fix parameters so that the permission test is bypassed at boot

* apparmor: does not provide a way to detect policy updataes (LP: #1678032)
- SAUCE: apparmor: add policy revision file interface

* apparmor does not make support of query data visible (LP: #1678023)
- SAUCE: apparmor: add label data availability to the feature set

  * apparmor query interface does not make supported query info available
    (LP: #1678030)
    - SAUCE: apparmor: add information about the query inteface to the feature set

  * change_profile incorrect when using namespaces with a compound stack
    (LP: #1677959)
    - SAUCE: apparmor: fix label parse for stacked labels

  * Zesty update to v4.10.8 stable release (LP: #1678930)
    - xfrm: policy: init locks early
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder
    - KVM: nVMX: Fix nested VPID vmx exec control
    - KVM: x86: cleanup the page tracking SRCU instance
    - virtio_balloon: init 1st buffer in stats vq
    - pinctrl: qcom: Don't clear status bit on irq_unmask
    - c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
    - h8300/ptrace: Fix incorrect register transfer count
    - mips/ptrace: Preserve previous registers for short regset write
    - sparc/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS
    - metag/ptrace: Reject partial NT_METAG_RPIPE writes
    - qla2xxx: Allow vref count to timeout on vport delete.
    - sched/rt: Add a missing rescheduling point
    - usb: musb: fix possible spinlock deadlock
    - Linux 4.10.8

  * [Hyper-V] pci-hyperv: Use device serial number as PCI domain (LP: #1667527)
    - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs
    - PCI: hv: Use device serial number as PCI domain

* Miscellaneous Ubuntu changes
- [Config] flash-kernel should be a...

This bug was fixed in the package linux - 4.10.0-19.21

---------------
linux (4.10.0-19.21) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1680535

* ADT regressions caused by "audit: fix auditd/kernel connection state
    tracking" (LP: #1680532)
    - SAUCE: Revert "audit: fix auditd/kernel connection state tracking"

* Miscellaneous Ubuntu changes
    - [Config] updateconfigs to update CONFIG_GENERIC_CSUM for ppc64el
      This cleans up behind a Kconfig change that went undetected.

linux (4.10.0-18.20) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1680168

* smartpqi driver needed in initram disk and installer (LP: #1680156)
    - UBUNU: [Config] Add smartpqi to d-i

linux (4.10.0-17.19) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1679718

* Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

* apparmor: oops on boot if parameters set on grub command line (LP: #1678048)
    - SAUCE: apparmor: fix parameters so that the permission test is bypassed at boot

* apparmor: does not provide a way to detect policy updataes (LP: #1678032)
    - SAUCE: apparmor: add policy revision file interface

* apparmor does not make support of query data visible (LP: #1678023)
    - SAUCE: apparmor: add label data availability to the feature set

* apparmor query interface does not make supported query info available
    (LP: #1678030)
    - SAUCE: apparmor: add information about the query inteface to the feature set

* change_profile incorrect when using namespaces with a compound stack
    (LP: #1677959)
    - SAUCE: apparmor: fix label parse for stacked labels

* Zesty update to v4.10.8 stable release (LP: #1678930)
    - xfrm: policy: init locks early
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder
    - KVM: nVMX: Fix nested VPID vmx exec control
    - KVM: x86: cleanup the page tracking SRCU instance
    - virtio_balloon: init 1st buffer in stats vq
    - pinctrl: qcom: Don't clear status bit on irq_unmask
    - c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
    - h8300/ptrace: Fix incorrect register transfer count
    - mips/ptrace: Preserve previous registers for short regset write
    - sparc/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS
    - metag/ptrace: Reject partial NT_METAG_RPIPE writes
    - qla2xxx: Allow vref count to timeout on vport delete.
    - sched/rt: Add a missing rescheduling point
    - usb: musb: fix possible spinlock deadlock
    - Linux 4.10.8

* [Hyper-V] pci-hyperv: Use device serial number as PCI domain (LP: #1667527)
    - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs
    - PCI: hv: Use device serial number as PCI domain

* Miscellaneous Ubuntu changes
    - [Config] flash-kernel should be a Breaks
    - [Config] drop the info directory
    - [Config] drop NOTES as obsolete
    - [Config] drop changelog.historical as obsolete

linux (4.10.0-16.18) zesty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1677697

* [Feature] ISH (Intel Sensor Hub) support (LP: #1645521)
    - iio: accel: hid-sensor-accel-3d: Add timestamp

* Zesty update to v4.10.7 stable release (LP: #1677589)
    - net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
    - net: bcmgenet: Do not suspend PHY if Wake-on-LAN is enabled
    - net: properly release sk_frag.page
    - amd-xgbe: Fix jumbo MTU processing on newer hardware
    - openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
    - net: unix: properly re-increment inflight counter of GC discarded candidates
    - qmi_wwan: add Dell DW5811e
    - net: vrf: Reset rt6i_idev in local dst after put
    - net/mlx5: Add missing entries for set/query rate limit commands
    - net/mlx5e: Use the proper UAPI values when offloading TC vlan actions
    - net/mlx5: Increase number of max QPs in default profile
    - net/mlx5e: Count GSO packets correctly
    - net/mlx5e: Count LRO packets correctly
    - ipv6: make sure to initialize sockc.tsflags before first use
    - net: bcmgenet: remove bcmgenet_internal_phy_setup()
    - ipv4: provide stronger user input validation in nl_fib_input()
    - socket, bpf: fix sk_filter use after free in sk_clone_lock
    - genetlink: fix counting regression on ctrl_dumpfamily()
    - tcp: initialize icsk_ack.lrcvtime at session start time
    - amd-xgbe: Fix the ECC-related bit position definitions
    - net: solve a NAPI race
    - HID: sony: Fix input device leak when connecting a DS4 twice using USB/BT
    - Input: ALPS - fix V8+ protocol handling (73 03 28)
    - Input: ALPS - fix trackstick button handling on V8 devices
    - Input: elan_i2c - add ASUS EeeBook X205TA special touchpad fw
    - Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000
    - Input: iforce - validate number of endpoints before using them
    - Input: ims-pcu - validate number of endpoints before using them
    - Input: hanwang - validate number of endpoints before using them
    - Input: yealink - validate number of endpoints before using them
    - Input: cm109 - validate number of endpoints before using them
    - Input: kbtab - validate number of endpoints before using them
    - Input: sur40 - validate number of endpoints before using them
    - ALSA: seq: Fix racy cell insertions during snd_seq_pool_done()
    - ALSA: ctxfi: Fix the incorrect check of dma_set_mask() call
    - ALSA: hda - Adding a group of pin definition to fix headset problem
    - USB: serial: option: add Quectel UC15, UC20, EC21, and EC25 modems
    - USB: serial: qcserial: add Dell DW5811e
    - ACM gadget: fix endianness in notifications
    - usb: gadget: f_uvc: Fix SuperSpeed companion descriptor's wBytesPerInterval
    - dvb-usb-firmware: don't do DMA on stack
    - usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk
    - USB: uss720: fix NULL-deref at probe
    - USB: lvtest: fix NULL-deref at probe
    - USB: idmouse: fix NULL-deref at probe
    - USB: wusbcore: fix NULL-deref at probe
    - usb: musb: cppi41: don't check early-TX-interrupt for Isoch transfer
    - usb: hub: Fix crash after failure to read BOS descriptor
    - USB: usbtmc: add missing endpoint sanity check
    - USB: usbtmc: fix probe error path
    - uwb: i1480-dfu: fix NULL-deref at probe
    - uwb: hwa-rc: fix NULL-deref at probe
    - mmc: ushc: fix NULL-deref at probe
    - nl80211: fix dumpit error path RTNL deadlocks
    - mmc: core: Fix access to HS400-ES devices
    - iio: adc: ti_am335x_adc: fix fifo overrun recovery
    - iio: sw-device: Fix config group initialization
    - iio: hid-sensor-trigger: Change get poll value function order to avoid
      sensor properties losing after resume from S3
    - iio: magnetometer: ak8974: remove incorrect __exit markups
    - mei: fix deadlock on mei reset
    - mei: don't wait for os version message reply
    - parport: fix attempt to write duplicate procfiles
    - ppdev: fix registering same device name
    - ext4: mark inode dirty after converting inline directory
    - powerpc/64s: Fix idle wakeup potential to clobber registers
    - audit: fix auditd/kernel connection state tracking
    - mmc: sdhci-of-at91: Support external regulators
    - mmc: sdhci-of-arasan: fix incorrect timeout clock
    - mmc: sdhci: Do not disable interrupts while waiting for clock
    - mmc: sdhci-pci: Do not disable interrupts in sdhci_intel_set_power
    - hwrng: amd - Revert managed API changes
    - hwrng: geode - Revert managed API changes
    - clk: sunxi-ng: sun6i: Fix enable bit offset for hdmi-ddc module clock
    - clk: sunxi-ng: mp: Adjust parent rate for pre-dividers
    - mwifiex: pcie: don't leak DMA buffers when removing
    - ath10k: fix incorrect wlan_mac_base in qca6174_regs
    - crypto: ccp - Assign DMA commands to the channel's CCP
    - fscrypt: remove broken support for detecting keyring key revocation
    - vfio: Rework group release notifier warning
    - xen/acpi: upload PM state from init-domain to Xen
    - iommu/vt-d: Fix NULL pointer dereference in device_to_iommu
    - iommu/exynos: Block SYSMMU while invalidating FLPD cache
    - iommu/exynos: Workaround FLPD cache flush issues for SYSMMU v5
    - Revert "ARM: at91/dt: sama5d2: Use new compatible for ohci node"
    - ARM: at91: pm: cpu_idle: switch DDR to power-down mode
    - arm64: kaslr: Fix up the kernel image alignment
    - cpufreq: Restore policy min/max limits on CPU online
    - cgroup, net_cls: iterate the fds of only the tasks which are being migrated
    - blk-mq: don't complete un-started request in timeout handler
    - cpsw/netcp: cpts depends on posix_timers
    - drm/amdgpu: reinstate oland workaround for sclk
    - drm/amd/amdgpu: add POLARIS12 PCI ID
    - auxdisplay: img-ascii-lcd: add missing sentinel entry in
      img_ascii_lcd_matches
    - jbd2: don't leak memory if setting up journal fails
    - intel_th: Don't leak module refcount on failure to activate
    - Drivers: hv: vmbus: Don't leak channel ids
    - Drivers: hv: vmbus: Don't leak memory when a channel is rescinded
    - mmc: block: Fix is_waiting_last_req set incorrectly
    - libceph: don't set weight to IN when OSD is destroyed
    - device-dax: fix pmd/pte fault fallback handling
    - scsi: sd: Check for unaligned partial completion
    - cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
    - xen: do not re-use pirq number cached in pci device msi msg data
    - drm: reference count event->completion
    - fbcon: Fix vc attr at deinit
    - crypto: algif_hash - avoid zero-sized array
    - Linux 4.10.7

* PS/2 mouse does not work on Dell embedded computer (LP: #1591053)
    - Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000

* [Zesty] mlx5_core Kernel oops with bonding mode 1 and 6 (LP: #1676786)
    - SAUCE: (no-up) net/mlx5: Avoid dereferencing uninitialized pointer

* [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635)
    - Revert "hv: don't reset hv_context.tsc_page on crash"
    - Revert "Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()"
    - Revert "hv: allocate synic pages for all present CPUs"
    - Revert "hv: init percpu_list in hv_synic_alloc()"
    - Revert "Drivers: hv: vmbus: Prevent sending data on a rescinded channel"
    - Revert "Drivers: hv: vmbus: Fix a rescind handling bug"
    - Revert "Drivers: hv: util: kvp: Fix a rescind processing issue"
    - Revert "Drivers: hv: util: Fcopy: Fix a rescind processing issue"
    - Revert "Drivers: hv: util: Backup: Fix a rescind processing issue"
    - Revert "drivers: hv: Turn off write permission on the hypercall page"
    - Revert "UBUNTU: SAUCE: (no-up) hv: Supply vendor ID and package ABI"
    - Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
    - hv: allocate synic pages for all present CPUs
    - hv: init percpu_list in hv_synic_alloc()
    - hv: don't reset hv_context.tsc_page on crash
    - Drivers: hv: vmbus: Prevent sending data on a rescinded channel
    - hv: switch to cpuhp state machine for synic init/cleanup
    - hv: make CPU offlining prevention fine-grained
    - Drivers: hv: vmbus: Fix a rescind handling bug
    - Drivers: hv: util: kvp: Fix a rescind processing issue
    - Drivers: hv: util: Fcopy: Fix a rescind processing issue
    - Drivers: hv: util: Backup: Fix a rescind processing issue
    - Drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents
    - Drivers: hv: vmbus: Move the definition of generate_guest_id()
    - Drivers: hv vmbus: Move Hypercall page setup out of common code
    - Drivers: hv: vmbus: Move Hypercall invocation code out of common code
    - Drivers: hv: vmbus: Consolidate all Hyper-V specific clocksource code
    - Drivers: hv: vmbus: Move the extracting of Hypervisor version information
    - Drivers: hv: vmbus: Move the crash notification function
    - Drivers: hv: vmbus: Move the check for hypercall page setup
    - Drivers: hv: vmbus: Move the code to signal end of message
    - Drivers: hv: vmbus: Restructure the clockevents code
    - Drivers: hv: util: Use hv_get_current_tick() to get current tick
    - Drivers: hv: vmbus: Get rid of an unsused variable
    - Drivers: hv: vmbus: Define APIs to manipulate the message page
    - Drivers: hv: vmbus: Define APIs to manipulate the event page
    - Drivers: hv: vmbus: Define APIs to manipulate the synthetic interrupt controller
    - Drivers: hv: vmbus: Define an API to retrieve virtual processor index
    - Drivers: hv: vmbus: Define an APIs to manage interrupt state
    - Drivers: hv: vmbus: Cleanup hyperv_vmbus.h
    - hv_util: switch to using timespec64
    - Drivers: hv: restore hypervcall page cleanup before kexec
    - Drivers: hv: restore TSC page cleanup before kexec
    - Drivers: hv: balloon: add a fall through comment to hv_memory_notifier()
    - Drivers: hv: vmbus: Use all supported IC versions to negotiate
    - Drivers: hv: Log the negotiated IC versions.
    - Drivers: hv: Fix the bug in generating the guest ID
    - hv: export current Hyper-V clocksource
    - hv_utils: implement Hyper-V PTP source
    - SAUCE: (no-up) hv: Supply vendor ID and package ABI
    - drivers: hv: Turn off write permission on the hypercall page

* Populating Hyper-V MSR for Ubuntu 13.10 (LP: #1193172)
    - SAUCE: (no-up) hv: Supply vendor ID and package ABI

* Ubuntu 16.10: Network checksum fixes needed for IPoIB for Mellanox CX4/CX5
    card (LP: #1670247)
    - powerpc/64: Fix checksum folding in csum_tcpudp_nofold and ip_fast_csum_nofold
    - powerpc/64: Use optimized checksum routines on little-endian

* Kernel linux-image-4.4.0-67-generic prevent the boot on Microsoft Hyper-v
    2012r2 Gen2 VM (LP: #1674635)
    - scsi: storvsc: Workaround for virtual DVD SCSI version

* POWER9 Radix mode KVM (LP: #1675806)
    - Revert "powerpc: Update to new option-vector-5 format for CAS"
    - Revert "powerpc/powernv: Initialise nest mmu"
    - Revert "KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend"
    - KVM: PPC: Book3S: Change interrupt call to reduce scratch space use on HV
    - KVM: PPC: Book3S: Move 64-bit KVM interrupt handler out from alt section
    - KVM: PPC: Book3S: 64-bit CONFIG_RELOCATABLE support for interrupts
    - powerpc/64: More definitions for POWER9
    - powerpc/64: Export pgtable_cache and pgtable_cache_add for KVM
    - powerpc/64: Make type of partition table flush depend on partition type
    - powerpc/64: Allow for relocation-on interrupts from guest to host
    - KVM: PPC: Book3S HV: Add userspace interfaces for POWER9 MMU
    - KVM: PPC: Book3S HV: Set process table for HPT guests on POWER9
    - KVM: PPC: Book3S HV: Use ASDR for HPT guests on POWER9
    - KVM: PPC: Book3S HV: Add basic infrastructure for radix guests
    - KVM: PPC: Book3S HV: Modify guest entry/exit paths to handle radix guests
    - KVM: PPC: Book3S HV: Page table construction and page faults for radix guests
    - KVM: PPC: Book3S HV: MMU notifier callbacks for radix guests
    - KVM: PPC: Book3S HV: Implement dirty page logging for radix guests
    - KVM: PPC: Book3S HV: Make HPT-specific hypercalls return error in radix mode
    - KVM: PPC: Book3S HV: Invalidate TLB on radix guest vcpu movement
    - KVM: PPC: Book3S HV: Allow guest exit path to have MMU on
    - KVM: PPC: Book3S HV: Invalidate ERAT on guest entry/exit for POWER9 DD1
    - KVM: PPC: Book3S HV: Enable radix guest support
    - powerpc/64: CONFIG_RELOCATABLE support for hmi interrupts
    - KVM: PPC: Book3S HV: Fix software walk of guest process page tables
    - KVM: PPC: Book3S HV: Don't use ASDR for real-mode HPT faults on POWER9
    - KVM: PPC: Book3S HV: Don't try to signal cpu -1
    - KVM: PPC: Book 3S: Fix error return in kvm_vm_ioctl_create_spapr_tce()
    - powerpc/64: Invalidate process table caching after setting process table
    - powerpc: Update to new option-vector-5 format for CAS
    - KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend
    - powerpc/powernv: Initialise nest mmu
    - powerpc/powernv: Remove separate entry for OPAL real mode calls

* [Hyper-V][Mellanox] net/mlx4_core: Avoid delays during VF driver device shutdown (LP: #1672785)
    - net/mlx4_core: Avoid delays during VF driver device shutdown

* [zesty] mlx4_core OOM with 32 bit arch (LP: #1676858)
    - mlx4: reduce OOM risk on arches with large pages

* [Feature] GLK Northpeak Enabling (LP: #1645963)
    - intel_th: pci: Add Denverton SOC support
    - intel_th: pci: Add Gemini Lake support

* [zesty] mlx5e OVS fixes (LP: #1676388)
    - net/mlx5: Fix create autogroup prev initializer
    - net/mlx5e: Avoid supporting udp tunnel port ndo for VF reps
    - net/mlx5e: Avoid wrong identification of rules on deletion
    - devlink: fix the name of eswitch commands
    - devlink: rename devlink_eswitch_fill to devlink_nl_eswitch_fill
    - devlink: use nla_put_failure goto label instead of out
    - devlink: allow to fillup eswitch attrs even if mode_get op does not exist
    - net/mlx5e: Change the TC offload rule add/del code path to be per NIC or E-Switch
    - net/mlx5: E-Switch, Don't allow changing inline mode when flows are configured

* [ARM64] Support systems where the physical memory footprint exceeds the size
    of the linear mapping. (LP: #1675046)
    - SAUCE: efi: arm-stub: Correct FDT and initrd allocation rules for arm64
    - SAUCE: efi: arm-stub: Round up FDT allocation to mapping size

* AACRAID Driver: Add 3 patch fixes to Kernel release (LP: #1675872)
    - scsi: aacraid: remove redundant zero check on ret
    - scsi: aacraid: Fix typo in blink status
    - scsi: aacraid: Fix potential null access

* stress_smoke_test passing and exiting rc=9 (linux 4.9.0-12.13 ADT test
    failure with linux 4.9.0-12.13) (LP: #1658633)
    - ext4: lock the xattr block before checksuming it

* ARM arch_timer erratum (LP: #1675509)
    - arm64: ptrace: add XZR-safe regs accessors
    - SAUCE: arm64: Allow checking of a CPU-local erratum
    - SAUCE: arm64: Add CNTVCT_EL0 trap handler
    - SAUCE: arm64: Define Cortex-A73 MIDR
    - SAUCE: arm64: cpu_errata: Allow an erratum to be match for all revisions of a core
    - SAUCE: arm64: cpu_errata: Add capability to advertise Cortex-A73 erratum 858921
    - SAUCE: arm64: arch_timer: Add infrastructure for multiple erratum detection methods
    - SAUCE: arm64: arch_timer: Add erratum handler for globally defined capability
    - SAUCE: arm64: arch_timer: Add erratum handler for CPU-specific capability
    - SAUCE: arm64: arch_timer: Move arch_timer_reg_read/write around
    - SAUCE: arm64: arch_timer: Get rid of erratum_workaround_set_sne
    - SAUCE: arm64: arch_timer: Rework the set_next_event workarounds
    - SAUCE: arm64: arch_timer: Make workaround methods optional
    - SAUCE: arm64: arch_timer: Allows a CPU-specific erratum to only affect a subset of CPUs
    - SAUCE: arm64: arch_timer: Move clocksource_counter and co around
    - SAUCE: arm64: arch_timer: Enable CNTVCT_EL0 trap if workaround is enabled
    - SAUCE: arm64: arch_timer: Workaround for Cortex-A73 erratum 858921
    - SAUCE: arm64: arch_timer: Allow erratum matching with ACPI OEM information
    - SAUCE: arm64: arch_timer: Add HISILICON_ERRATUM_161010101 ACPI matching data
    - SAUCE: arm64: arch_timer: Add check for unknown erratum

* Zesty update to v4.10.6 stable release (LP: #1676429)
    - give up on gcc ilog2() constant optimizations
    - qla2xxx: Fix memory leak for abts processing
    - qla2xxx: Fix request queue corruption.
    - parisc: Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range
    - parisc: support R_PARISC_SECREL32 relocation in modules
    - parisc: Fix system shutdown halt
    - perf/core: Fix use-after-free in perf_release()
    - perf/core: Fix event inheritance on fork()
    - md/r5cache: fix set_syndrome_sources() for data in cache
    - xprtrdma: Squelch kbuild sparse complaint
    - NFS prevent double free in async nfs4_exchange_id
    - cpufreq: Fix and clean up show_cpuinfo_cur_freq()
    - powerpc/boot: Fix zImage TOC alignment
    - hwrng: omap - write registers after enabling the clock
    - hwrng: omap - use devm_clk_get() instead of of_clk_get()
    - hwrng: omap - Do not access INTMASK_REG on EIP76
    - md/raid1/10: fix potential deadlock
    - target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export
    - scsi: lpfc: Add shutdown method for kexec
    - scsi: libiscsi: add lock around task lists to fix list corruption regression
    - scsi: mpt3sas: Avoid sleeping in interrupt context
    - target: Fix VERIFY_16 handling in sbc_parse_cdb
    - isdn/gigaset: fix NULL-deref at probe
    - gfs2: Avoid alignment hole in struct lm_lockname
    - percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages
    - cgroup/pids: remove spurious suspicious RCU usage warning
    - drm/amdgpu/si: add dpm quirk for Oland
    - Linux 4.10.6

* Miscellaneous Ubuntu changes
    - [Config] CONFIG_ARM64_ERRATUM_858921=y
    - [Debian] add rprovides for spl-modules and zfs-modules

-- Tim Gardner <tim.gardner@canonical.com>  Thu, 06 Apr 2017 17:28:49 +0100

Changed in linux (Ubuntu Zesty):
status:	Fix Committed → Fix Released

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2017-04-13:

#9

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'. If the problem still exists, change the tag 'verification-needed-vivid' to 'verification-failed-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-vivid

Revision history for this message

Stefan Bader (smb) wrote on 2017-04-13:

#10

I think comment #9 was caused by either an error in some script or incorrect reference.

tags:

removed: verification-needed-vivid

Alberto Salvia Novella (es20490446e) on 2017-05-12

Changed in linux (Ubuntu Vivid):
status:	Fix Committed → Fix Released

Ubuntu
linux package

Fix CVE-2017-7308

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	High	Stefan Bader
Precise	Fix Released	High	Unassigned
Trusty	Fix Released	High	Unassigned
Vivid	Fix Released	High	Unassigned
Xenial	Fix Released	High	Unassigned
Yakkety	Fix Released	High	Unassigned
Zesty	Fix Released	High	Stefan Bader

Ubuntulinux package

Fix CVE-2017-7308

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package