Bug #1691477 “Hardware transaction memory corruption” : Bugs : linux package : Ubuntu

bugproxy (bugproxy) on 2017-05-17

tags:	added: architecture-ppc64le bugnameltc-154775 severity-medium targetmilestone-inin---
Changed in ubuntu:
assignee:	nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage)
affects:	ubuntu → linux (Ubuntu)

Manoj Iyer (manjo) on 2017-05-17

Changed in linux (Ubuntu):
assignee:	Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) → Manoj Iyer (manjo)

Revision history for this message

Breno Leitão (breno-leitao) wrote on 2017-05-17:

#1

Patch sent to kernel-team at https://lists.ubuntu.com/archives/kernel-team/2017-May/084191.html

Manoj Iyer (manjo) on 2017-05-17

Changed in linux (Ubuntu):
assignee:	Manoj Iyer (manjo) → Canonical Kernel Team (canonical-kernel-team)

Joseph Salisbury (jsalisbury) on 2017-05-17

Changed in linux (Ubuntu):
status:	New → Triaged
importance:	Undecided → Medium
tags:	added: kernel-da-key

Manoj Iyer (manjo) on 2017-05-17

Changed in linux (Ubuntu):
status:	Triaged → In Progress
Changed in ubuntu-power-systems:
status:	New → In Progress

Seth Forshee (sforshee) on 2017-05-24

Changed in linux (Ubuntu):
status:	In Progress → Fix Committed

Thadeu Lima de Souza Cascardo (cascardo) on 2017-05-31

Changed in linux (Ubuntu Zesty):
status:	New → Fix Committed

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2017-06-14:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-zesty' to 'verification-done-zesty'. If the problem still exists, change the tag 'verification-needed-zesty' to 'verification-failed-zesty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-zesty

Revision history for this message

Breno Leitão (breno-leitao) wrote on 2017-06-19:

#3

I tested this fix and now it is fixed on the proposed kernel. I used the htm torture tool:

https://github.com/leitao/htm_torture/tree/master/narrow

tags:

added: verification-done-zesty
removed: verification-needed-zesty

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-06-29:

#4

Download full text (19.7 KiB)

This bug was fixed in the package linux - 4.10.0-26.30

---------------
linux (4.10.0-26.30) zesty; urgency=low

* linux: 4.10.0-26.30 -proposed tracker (LP: #1700528)

  * CVE-2017-1000364
    - Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
    - Revert "mm: do not collapse stack gap into THP"
    - Revert "mm: enlarge stack guard gap"
    - mm: larger stack guard gap, between vmas
    - mm: fix new crash in unmapped_area_topdown()
    - Allow stack to grow up to address space limit

linux (4.10.0-25.29) zesty; urgency=low

* linux: 4.10.0-25.29 -proposed tracker (LP: #1699028)

* CVE-2017-1000364
- SAUCE: mm: Only expand stack if guard area is hit

  * CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options
    - ipv6: Check ip6_find_1stfragopt() return value properly.

  * [Zesty] QDF2400 ARM64 server - NMI watchdog: BUG: soft lockup - CPU#8 stuck
    for 22s! (LP: #1680549)
    - iommu/dma: Stop getting dma_32bit_pfn wrong
    - iommu/dma: Implement PCI allocation optimisation
    - iommu/dma: Convert to address-based allocation
    - iommu/dma: Clean up MSI IOVA allocation
    - iommu/dma: Plumb in the per-CPU IOVA caches
    - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range

  * Zesty update to 4.10.17 stable release (LP: #1692898)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: xhci: bInterval quirk for TI TUSB73x0
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: wilc1000: Fix problem with wrong vif index
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: gadget: legacy gadgets are optional
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - perf/x86: Fix Broadwell-EP DRAM RAPL events
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - block: fix blk_integrity_register to use templ...

This bug was fixed in the package linux - 4.10.0-26.30

---------------
linux (4.10.0-26.30) zesty; urgency=low

* linux: 4.10.0-26.30 -proposed tracker (LP: #1700528)

* CVE-2017-1000364
    - Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
    - Revert "mm: do not collapse stack gap into THP"
    - Revert "mm: enlarge stack guard gap"
    - mm: larger stack guard gap, between vmas
    - mm: fix new crash in unmapped_area_topdown()
    - Allow stack to grow up to address space limit

linux (4.10.0-25.29) zesty; urgency=low

* linux: 4.10.0-25.29 -proposed tracker (LP: #1699028)

* CVE-2017-1000364
    - SAUCE: mm: Only expand stack if guard area is hit

* CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options
    - ipv6: Check ip6_find_1stfragopt() return value properly.

* [Zesty] QDF2400 ARM64 server - NMI watchdog: BUG: soft lockup - CPU#8 stuck
    for 22s!  (LP: #1680549)
    - iommu/dma: Stop getting dma_32bit_pfn wrong
    - iommu/dma: Implement PCI allocation optimisation
    - iommu/dma: Convert to address-based allocation
    - iommu/dma: Clean up MSI IOVA allocation
    - iommu/dma: Plumb in the per-CPU IOVA caches
    - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range

* Zesty update to 4.10.17 stable release (LP: #1692898)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: xhci: bInterval quirk for TI TUSB73x0
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: wilc1000: Fix problem with wrong vif index
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: gadget: legacy gadgets are optional
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - perf/x86: Fix Broadwell-EP DRAM RAPL events
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - block: fix blk_integrity_register to use template's interval_exp if not 0
    - crypto: s5p-sss - Close possible race for completed requests
    - crypto: algif_aead - Require setkey before accept(2)
    - crypto: ccp - Use only the relevant interrupt bits
    - crypto: ccp - Disable interrupts early on unload
    - crypto: ccp - Change ISR handler method for a v3 CCP
    - crypto: ccp - Change ISR handler method for a v5 CCP
    - dm crypt: rewrite (wipe) key in crypto layer using random data
    - dm era: save spacemap metadata root after the pre-commit
    - dm rq: check blk_mq_register_dev() return value in
      dm_mq_init_request_queue()
    - dm thin: fix a memory leak when passing discard bio down
    - vfio/type1: Remove locked page accounting workqueue
    - iov_iter: don't revert iov buffer if csum error
    - IB/core: Fix sysfs registration error flow
    - IB/core: For multicast functions, verify that LIDs are multicast LIDs
    - IB/IPoIB: ibX: failed to create mcg debug file
    - IB/mlx4: Fix ib device initialization error flow
    - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
    - IB/hfi1: Prevent kernel QP post send hard lockups
    - perf auxtrace: Fix no_size logic in addr_filter__resolve_kernel_syms()
    - perf annotate s390: Fix perf annotate error -95 (4.10 regression)
    - perf annotate s390: Implement jump types for perf annotate
    - jbd2: fix dbench4 performance regression for 'nobarrier' mounts
    - ext4: evict inline data when writing to memory map
    - orangefs: fix bounds check for listxattr
    - orangefs: clean up oversize xattr validation
    - orangefs: do not set getattr_time on orangefs_lookup
    - orangefs: do not check possibly stale size on truncate
    - fs/xattr.c: zero out memory copied to userspace in getxattr
    - ceph: fix memory leak in __ceph_setxattr()
    - fs/block_dev: always invalidate cleancache in invalidate_bdev()
    - mm: prevent potential recursive reclaim due to clearing PF_MEMALLOC
    - Fix match_prepath()
    - Set unicode flag on cifs echo request to avoid Mac error
    - SMB3: Work around mount failure when using SMB3 dialect to Macs
    - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
    - cifs: fix leak in FSCTL_ENUM_SNAPS response handling
    - cifs: fix CIFS_ENUMERATE_SNAPSHOTS oops
    - CIFS: fix oplock break deadlocks
    - cifs: fix CIFS_IOC_GET_MNT_INFO oops
    - CIFS: add misssing SFM mapping for doublequote
    - ovl: do not set overlay.opaque on non-dir create
    - padata: free correct variable
    - md/raid1: avoid reusing a resync bio after error handling.
    - device-dax: fix cdev leak
    - device-dax: fix sysfs attribute deadlock
    - dax: prevent invalidation of mapped DAX entries
    - mm: fix data corruption due to stale mmap reads
    - f2fs: fix fs corruption due to zero inode page
    - fscrypt: fix context consistency check when key(s) unavailable
    - serial: samsung: Use right device for DMA-mapping calls
    - serial: omap: fix runtime-pm handling on unbind
    - serial: omap: suspend device on probe errors
    - tty: pty: Fix ldisc flush after userspace become aware of the data already
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - Bluetooth: hci_bcm: add missing tty-device sanity check
    - Bluetooth: hci_intel: add missing tty-device sanity check
    - libnvdimm, region: fix flush hint detection crash
    - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify
    - libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering
    - libnvdimm, pfn: fix 'npfns' vs section alignment
    - pstore: Shut down worker when unregistering
    - Linux 4.10.17

* [SRU][Zesty] Support SMMU passthrough using the default domain
    (LP: #1688158)
    - iommu/arm-smmu: Restrict domain attributes to UNMANAGED domains
    - iommu/arm-smmu: Install bypass S2CRs for IOMMU_DOMAIN_IDENTITY domains
    - iommu/arm-smmu-v3: Make arm_smmu_install_ste_for_dev return void
    - iommu: Rename iommu_get_instance()
    - iommu: Rename struct iommu_device
    - iommu: Introduce new 'struct iommu_device'
    - iommu: Add sysfs bindings for struct iommu_device
    - iommu: Make iommu_device_link/unlink take a struct iommu_device
    - iommu: Add iommu_device_set_fwnode() interface
    - iommu/arm-smmu: Make use of the iommu_register interface
    - iommu/arm-smmu-v3: Install bypass STEs for IOMMU_DOMAIN_IDENTITY domains
    - iommu: Allow default domain type to be set on the kernel command line
    - arm64: dma-mapping: Only swizzle DMA ops for IOMMU_DOMAIN_DMA
    - iommu/vt-d: Fix crash on boot when DMAR is disabled

* Enable Matrox driver for Ubuntu 16.04.3 (LP: #1693337)
    - [Config] Enable CONFIG_DRM_MGAG200 as module
    - drm/mgag200: Added support for the new device G200eH3

* Ubuntu16.04.03: POWER9 XIVE: msgsnd/doorbell IPI support (backport)
    (LP: #1691973)
    - powerpc/64s: Add msgp facility unavailable log string
    - powerpc/64s: Add SCV FSCR bit for ISA v3.0
    - powerpc/xmon: Dump memory in CPU endian format
    - powerpc/xive: Native exploitation of the XIVE interrupt controller
    - powerpc: Change the doorbell IPI calling convention
    - powerpc: Introduce msgsnd/doorbell barrier primitives
    - powerpc/64s: Avoid a branch for ppc_msgsnd
    - powerpc/powernv: POWER9 support for msgsnd/doorbell IPI
    - powerpc: Add optional smp_ops->prepare_cpu SMP callback
    - powerpc: Add more PPC bit conversion macros
    - powerpc/powernv: Add XIVE related definitions to opal-api.h
    - powerpc/smp: Remove migrate_irq() custom implementation
    - powerpc/powernv: Fix oops on P9 DD1 in cause_ipi()
    - (config) Update configs with PPC_XIVE options

* CVE-2017-100363
    - char: lp: fix possible integer overflow in lp_setup()

* CVE-2017-9242
    - ipv6: fix out of bound writes in __ip6_append_data()

* CVE-2017-9075
    - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

* CVE-2017-9076
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-9077
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

* CVE-2017-8890
    - dccp/tcp: do not inherit mc_list from parent

* Module signing exclusion for staging drivers does not work properly
    (LP: #1690908)
    - SAUCE: Fix module signing exclusion in package builds

* extend-diff-ignore should use exact matches (LP: #1693504)
    - [Packaging] exact extend-diff-ignore matches

* Marvell MacchiatoBin crashes in fintek_8250_probe() (LP: #1692548)
    - drivers/tty: 8250: only call fintek_8250_probe when doing port I/O

* arm-smmu arm-smmu.2.auto: Unhandled context fault (LP: #1694506)
    - net: thunderx: Fix IOMMU translation faults

* arm64: mbigen updates (LP: #1692783)
    - Revert "UBUNTU: SAUCE: irqchip: mbigen: Add ACPI support"
    - irqchip/mbigen: Add ACPI support
    - irqchip/mbigen: Fix return value check in mbigen_device_probe()
    - irqchip/mbigen: Fix memory mapping code
    - irqchip/mbigen: Fix potential NULL dereferencing
    - irqchip/mbigen: Fix the clear register offset calculation

* System doesn't boot properly on Gigabyte AM4 motherboards (AMD Ryzen)
    (LP: #1671360)
    - pinctrl: amd: make use of raw_spinlock variants
    - pinctrl/amd: Use regular interrupt instead of chained

* PowerPC: Pstore dump for powerpc is broken (LP: #1691045)
    - pstore: Fix flags to enable dumps on powerpc

* Dell Inspiron on kernel 4.10 : battery detected only after AC power adapter
    event (LP: #1678590)
    - ACPI / blacklist: add _REV quirk for Dell Inspiron 7537

* APST quirk needed for Intel NVMe (LP: #1686592)
    - nvme: Quirk APST on Intel 600P/P3100 devices

* Merlin SGMII fail on Ubuntu Xenial HWE kernel (LP: #1686305)
    - drivers: net: phy: xgene: Fix mdio write

* Zesty update to 4.10.16 stable release (LP: #1691369)
    - 9p: fix a potential acl leak
    - drm/sti: fix GDP size to support up to UHD resolution
    - hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628
    - mtd: nand: Add OX820 NAND hardware dependency
    - tpm: fix RC value check in tpm2_seal_trusted
    - tmp: use pdev for parent device in tpm_chip_alloc
    - crypto: caam - fix error path for ctx_dma mapping failure
    - crypto: caam - don't dma_map key for hash algorithms
    - power: supply: lp8788: prevent out of bounds array access
    - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
    - powerpc/perf: Fix perf_get_data_addr() for power9 DD1
    - powerpc/perf: Handle sdar_mode for marked event in power9
    - powerpc/mm: Fixup wrong LPCR_VRMASD value
    - powerpc/powernv: Fix opal_exit tracepoint opcode
    - powerpc/mm: Fix build break when CMA=n && SPAPR_TCE_IOMMU=y
    - powerpc/ftrace: Fix confusing help text for DISABLE_MPROFILE_KERNEL
    - powerpc: Correctly disable latent entropy GCC plugin on prom_init.o
    - power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
    - power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
    - power: supply: bq24190_charger: Install irq_handler_thread() at end of
      probe()
    - power: supply: bq24190_charger: Call power_supply_changed() for relevant
      component
    - power: supply: bq24190_charger: Don't read fault register outside
      irq_handle_thread()
    - power: supply: bq24190_charger: Handle fault before status on interrupt
    - arm64: dts: r8a7795: Mark EthernetAVB device node disabled
    - arm: dts: qcom: Fix ipq board clock rates
    - arm64: remove wrong CONFIG_PROC_SYSCTL ifdef
    - arm64: Improve detection of user/non-user mappings in set_pte(_at)
    - spi: armada-3700: Remove spi_master_put in a3700_spi_remove()
    - leds: ktd2692: avoid harmless maybe-uninitialized warning
    - ARM: pxa: ezx: fix a910 camera data
    - ARM: dts: NSP: GPIO reboot open-source
    - ARM: dts: imx6sx-udoo-neo: Fix reboot hang
    - ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
    - ARM: OMAP3: Fix smartreflex platform data regression
    - ARM: dts: am57xx-idk: tpic2810 is on I2C bus, not SPI
    - ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - mwifiex: remove redundant dma padding in AMSDU
    - mwifiex: Avoid skipping WEP key deletion for AP
    - mwifiex: don't enable/disable IRQ 0 during suspend/resume
    - mwifiex: set adapter->dev before starting to use mwifiex_dbg()
    - iwlwifi: mvm: properly check for transport data in dump
    - iwlwifi: mvm: don't restart HW if suspend fails with unified image
    - iwlwifi: mvm: overwrite skb info later
    - iwlwifi: pcie: don't increment / decrement a bool
    - iwlwifi: pcie: trans: Remove unused 'shift_param'
    - iwlwifi: pcie: fix the set of DMA memory mask
    - iwlwifi: mvm: fix reorder timer re-arming
    - iwlwifi: mvm: Use aux queue for offchannel frames in dqa
    - iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe
    - iwlwifi: mvm: fix pending frame counter calculation
    - iwlwifi: mvm: fix references to first_agg_queue in DQA mode
    - iwlwifi: mvm: synchronize firmware DMA paging memory
    - iwlwifi: mvm: writing zero bytes to debugfs causes a crash
    - iwlwifi: mvm: fix accessing fw_id_to_mac_id
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
    - x86/mpx: Re-add MPX to selftests Makefile
    - clk: Make x86/ conditional on CONFIG_COMMON_CLK
    - platform/x86: intel_pmc_core: fix out-of-bounds accesses on stack
    - kprobes/x86: Fix kernel panic when certain exception-handling addresses are
      probed
    - x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
    - Revert "KVM: nested VMX: disable perf cpuid reporting"
    - KVM: nVMX: initialize PML fields in vmcs02
    - KVM: nVMX: do not leak PML full vmexit to L1
    - usb: dwc2: host: use msleep() for long delay
    - usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: chipidea: Only read/write OTGSC from one place
    - usb: chipidea: Handle extcon events properly
    - USB: serial: keyspan_pda: fix receive sanity checks
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: quatech2: fix control-message error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: ch341: fix modem-status handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - clk: rockchip: add "," to mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036
    - phy: qcom-usb-hs: Add depends on EXTCON
    - serial: 8250_omap: Fix probe and remove for PM runtime
    - scsi: qedi: Fix possible memory leak in qedi_iscsi_update_conn()
    - scsi: qedi: fix build error without DEBUG_FS
    - scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
    - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
    - scsi: smartpqi: fix time handling
    - MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
    - brcmfmac: Ensure pointer correctly set if skb data location changes
    - brcmfmac: Make skb header writable before use
    - staging/lustre/llite: move root_squash from sysfs to debugfs
    - staging: wlan-ng: add missing byte order conversion
    - staging: emxx_udc: remove incorrect __init annotations
    - staging: lustre: ptlrpc: avoid warning on missing return
    - ALSA: hda - Fix deadlock of controller device lock at unbinding
    - sparc64: fix fault handling in NGbzero.S and GENbzero.S
    - tcp: do not underestimate skb->truesize in tcp_trim_head()
    - net: adjust skb->truesize in ___pskb_trim()
    - net: macb: fix phy interrupt parsing
    - geneve: fix incorrect setting of UDP checksum flag
    - bpf: enhance verifier to understand stack pointer arithmetic
    - bpf, arm64: fix jit branch offset related to ldimm64
    - tcp: fix wraparound issue in tcp_lp
    - net: ipv6: Do not duplicate DAD on link up
    - net: usb: qmi_wwan: add Telit ME910 support
    - tcp: do not inherit fastopen_req from parent
    - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
    - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
    - ipv6: initialize route null entry in addrconf_init()
    - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
    - bnxt_en: allocate enough space for ->ntp_fltr_bmap
    - bpf: don't let ldimm64 leak map addresses on unprivileged
    - net: mdio-mux: bcm-iproc: call mdiobus_free() in error path
    - openvswitch: Set internal device max mtu to ETH_MAX_MTU.
    - f2fs: sanity check segment count
    - xen: Revert commits da72ff5bfcb0 and 72a9b186292d
    - drm/hisilicon/hibmc: Fix wrong pointer passed to PTR_ERR()
    - drm: mxsfb: drm_dev_alloc() returns error pointers
    - drm/ttm: fix use-after-free races in vm fault handling
    - block: get rid of blk_integrity_revalidate()
    - Linux 4.10.16
    - [Config] Remove CONFIG_MTD_NAND_OXNAS=m
    - Ignore missing oxnas_nand

* Keyboard backlight control does not work on some dell laptops.
    (LP: #1693126)
    - platform/x86: dell-laptop: Add Latitude 7480 and others to the DMI whitelist
    - platform/x86: dell-laptop: Add keyboard backlight timeout AC settings

* Hardware transaction memory corruption (LP: #1691477)
    - powerpc/tm: Fix FP and VMX register corruption

* Offlined CPUs of a core fail to come up online on POWER9 DD1 (Ubuntu 17.04)
    (LP: #1685792)
    - powerpc/powernv: Move CPU-Offline idle state invocation from smp.c to idle.c
    - powerpc/powernv/smp: Add busy-wait loop as fall back for CPU-Hotplug
    - powerpc/powernv/idle: Don't override default/deepest directly in kernel
    - powerpc/powernv: Recover correct PACA on wakeup from a stop on P9 DD1

* [Regression] NUMA_BALANCING disabled on arm64 (LP: #1690914)
    - [Config] CONFIG_NUMA_BALANCING{,_DEFAULT_ENABLED}=y on arm64

* ATS fix: Fix opal_npu_destroy_context call (LP: #1692580)
    - powerpc/powernv/npu-dma.c: Fix opal_npu_destroy_context() call

* powerpc/powernv: Introduce address translation services for Nvlink2
    (LP: #1690412)
    - powerpc/powernv: Require MMU_NOTIFIER to fix NPU build
    - drivers/of/base.c: Add of_property_read_u64_index
    - powerpc/powernv: Add sanity checks to pnv_pci_get_{gpu|npu}_dev
    - powerpc/powernv: Introduce address translation services for Nvlink2

* exec'ing a setuid binary from a threaded program sometimes fails to setuid
    (LP: #1672819)
    - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct

-- Juerg Haefliger <juerg.haefliger@canonical.com>  Mon, 26 Jun 2017 18:09:03 +0200

Changed in linux (Ubuntu Zesty):
status:	Fix Committed → Fix Released

Launchpad Janitor (janitor) on 2017-06-30

Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

bugproxy (bugproxy) on 2017-06-30

tags:

added: targetmilestone-inin16043
removed: targetmilestone-inin---

Manoj Iyer (manjo) on 2017-07-19

Changed in linux (Ubuntu Zesty):
importance:	Undecided → Medium
Changed in ubuntu-power-systems:
importance:	Undecided → Medium
status:	In Progress → Fix Released

Ubuntu
linux package

Hardware transaction memory corruption

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
The Ubuntu-power-systems project	Fix Released	Medium	Unassigned
linux (Ubuntu)	Fix Released	Medium	Canonical Kernel Team
Zesty	Fix Released	Medium	Unassigned

Ubuntulinux package

Hardware transaction memory corruption

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package