Bug #1836668 “Xenial update: 4.4.185 upstream stable release” : Bugs : linux package : Ubuntu

Khaled El Mously (kmously) on 2019-07-16

Changed in linux (Ubuntu):
status:	New → Confirmed
tags:	added: kernel-stable-tracking-bug

Revision history for this message

Khaled El Mously (kmously) wrote on 2019-07-17:

#1

Download full text (4.0 KiB)

Applied patches:

* fs/binfmt_flat.c: make load_flat_shared_library() work
* scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
* tracing: Silence GCC 9 array bounds warning
* gcc-9: silence 'address-of-packed-member' warning
* usb: chipidea: udc: workaround for endpoint conflict issue
* Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
* apparmor: enforce nullbyte at end of tag string
* parport: Fix mem leak in parport_register_dev_model
* parisc: Fix compiler warnings in float emulation code
* IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
* MIPS: uprobes: remove set but not used variable 'epc'
* net: hns: Fix loopback test failed at copper ports
* sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
* scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
* scsi: ufs: Check that space was properly alloced in copy_query_response
* s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
* hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
* Btrfs: fix race between readahead and device replace/removal
* btrfs: start readahead also in seed devices
* can: flexcan: fix timeout when set small bitrate
* can: purge socket error queue on sock destruct
* ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
* Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
* Bluetooth: Fix regression with minimum encryption key size alignment
* SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write
* cfg80211: fix memory leak of wiphy device name
* mac80211: drop robust management frames from unknown TA
* perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul
* perf help: Remove needless use of strncpy()
* 9p/rdma: do not disconnect on down_interruptible EAGAIN
* 9p: acl: fix uninitialized iattr access
* 9p/rdma: remove useless check in cm_event_handler
* 9p: p9dirent_read: check network-provided name length
* net/9p: include trans_common.h to fix missing prototype warning.
* ovl: modify ovl_permission() to do checks on two inodes
* x86/speculation: Allow guests to use SSBD even if host does not
* cpu/speculation: Warn on unsupported mitigations= parameter
* sctp: change to hold sk after auth shkey is created successfully
* tipc: change to use register_pernet_device
* tipc: check msg->req data len in tipc_nl_compat_bearer_disable
* team: Always enable vlan tx offload
* ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
* bonding: Always enable vlan tx offload
* net: check before dereferencing netdev_ops during busy poll
* Bluetooth: Fix faulty expression for minimum encryption key size check
* um: Compile with modern headers
* ASoC : cs4265 : readable register too low
* spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
* ASoC: max98090: remove 24-bit format support if RJ is 0
* usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
* usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
* scsi: hpsa: correct ioaccel2 chaining
* ARC: Assume multiplier is always present
* ARC: fix build warning in elf.h
* MIPS: math-emu: do not use bools f...

Applied patches:

* fs/binfmt_flat.c: make load_flat_shared_library() work
* scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
* tracing: Silence GCC 9 array bounds warning
* gcc-9: silence 'address-of-packed-member' warning
* usb: chipidea: udc: workaround for endpoint conflict issue
* Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
* apparmor: enforce nullbyte at end of tag string
* parport: Fix mem leak in parport_register_dev_model
* parisc: Fix compiler warnings in float emulation code
* IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
* MIPS: uprobes: remove set but not used variable 'epc'
* net: hns: Fix loopback test failed at copper ports
* sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
* scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
* scsi: ufs: Check that space was properly alloced in copy_query_response
* s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
* hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
* Btrfs: fix race between readahead and device replace/removal
* btrfs: start readahead also in seed devices
* can: flexcan: fix timeout when set small bitrate
* can: purge socket error queue on sock destruct
* ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
* Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
* Bluetooth: Fix regression with minimum encryption key size alignment
* SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write
* cfg80211: fix memory leak of wiphy device name
* mac80211: drop robust management frames from unknown TA
* perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul
* perf help: Remove needless use of strncpy()
* 9p/rdma: do not disconnect on down_interruptible EAGAIN
* 9p: acl: fix uninitialized iattr access
* 9p/rdma: remove useless check in cm_event_handler
* 9p: p9dirent_read: check network-provided name length
* net/9p: include trans_common.h to fix missing prototype warning.
* ovl: modify ovl_permission() to do checks on two inodes
* x86/speculation: Allow guests to use SSBD even if host does not
* cpu/speculation: Warn on unsupported mitigations= parameter
* sctp: change to hold sk after auth shkey is created successfully
* tipc: change to use register_pernet_device
* tipc: check msg->req data len in tipc_nl_compat_bearer_disable
* team: Always enable vlan tx offload
* ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
* bonding: Always enable vlan tx offload
* net: check before dereferencing netdev_ops during busy poll
* Bluetooth: Fix faulty expression for minimum encryption key size check
* um: Compile with modern headers
* ASoC : cs4265 : readable register too low
* spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
* ASoC: max98090: remove 24-bit format support if RJ is 0
* usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
* usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
* scsi: hpsa: correct ioaccel2 chaining
* ARC: Assume multiplier is always present
* ARC: fix build warning in elf.h
* MIPS: math-emu: do not use bools for arithmetic
* mfd: omap-usb-tll: Fix register offsets
* swiotlb: Make linux/swiotlb.h standalone includible
* bug.h: work around GCC PR82365 in BUG()
* MIPS: Workaround GCC __builtin_unreachable reordering bug
* ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
* crypto: user - prevent operating on larval algorithms
* ALSA: seq: fix incorrect order of dest_client/dest_ports arguments
* ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages
* ALSA: usb-audio: fix sign unintended sign extension on left shifts
* lib/mpi: Fix karactx leak in mpi_powm
* btrfs: Ensure replaced device doesn't have pending chunk allocation
* tty: rocket: fix incorrect forward declaration of 'rp_init()'
* ARC: handle gcc generated __builtin_trap for older compiler
* arm64, vdso: Define vdso_{start,end} as array
* KVM: x86: degrade WARN to pr_warn_ratelimited
* dmaengine: imx-sdma: remove BD_INTR for channel0
* Linux 4.4.185

Revision history for this message

Khaled El Mously (kmously) wrote on 2019-07-17:

#2

2 patches were skipped because they were already applied:

0002-mm-page_idle.c-fix-oops-because-end_pfn-is-larger-th.patch
0036-KVM-X86-Fix-scan-ioapic-use-before-initialization.patch

Kleber Sacilotto de Souza (kleber-souza) on 2019-07-17

Changed in linux (Ubuntu Xenial):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-08-13:

#3

Download full text (12.0 KiB)

This bug was fixed in the package linux - 4.4.0-159.187

---------------
linux (4.4.0-159.187) xenial; urgency=medium

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

linux (4.4.0-158.186) xenial; urgency=medium

* xenial/linux: 4.4.0-158.186 -proposed tracker (LP: #1837609)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts

  * ixgbe{vf} - Physical Function gets IRQ when VF checks link state
    (LP: #1836760)
    - ixgbevf: Use cached link state instead of re-reading the value for ethtool

  * CVE-2018-5383
    - crypto: kpp - Key-agreement Protocol Primitives API (KPP)
    - crypto: dh - Add DH software implementation
    - crypto: ecdh - Add ECDH software support
    - crypto: ecdh - make ecdh_shared_secret unique
    - crypto: doc - add KPP documentation
    - crypto: kpp, (ec)dh - fix typos
    - crypto: ecc - remove unused function arguments
    - crypto: ecc - remove unnecessary casts
    - crypto: ecc - rename ecdh_make_pub_key()
    - crypto: ecdh - add privkey generation support
    - crypto: ecc - Fix NULL pointer deref. on no default_rng
    - [Config] CRYPTO_ECDH=m
    - Bluetooth: convert smp and selftest to crypto kpp API
    - crypto: ecdh - add public key verification test

  * Xenial update: 4.4.185 upstream stable release (LP: #1836668)
    - fs/binfmt_flat.c: make load_flat_shared_library() work
    - scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
    - tracing: Silence GCC 9 array bounds warning
    - gcc-9: silence 'address-of-packed-member' warning
    - usb: chipidea: udc: workaround for endpoint conflict issue
    - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
    - apparmor: enforce nullbyte at end of tag string
    - parport: Fix mem leak in parport_register_dev_model
    - parisc: Fix compiler warnings in float emulation code
    - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
    - MIPS: uprobes: remove set but not used variable 'epc'
    - net: hns: Fix loopback test failed at copper ports
    - sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
    - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
    - scsi: ufs: Check that space was properly alloced in copy_query_response
    - s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
    - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
    - Btrfs: fix race between readahead and device replace/removal
    - btrfs: start readahead also in seed devices
    - can: flexcan: fix timeout when set small bitrate
    - can: purge socket error queue on sock destruct
    - ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
    - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
    - Bluet...

This bug was fixed in the package linux - 4.4.0-159.187

---------------
linux (4.4.0-159.187) xenial; urgency=medium

* CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

linux (4.4.0-158.186) xenial; urgency=medium

* xenial/linux: 4.4.0-158.186 -proposed tracker (LP: #1837609)

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts

* ixgbe{vf} - Physical Function gets IRQ when VF checks link state
    (LP: #1836760)
    - ixgbevf: Use cached link state instead of re-reading the value for ethtool

* CVE-2018-5383
    - crypto: kpp - Key-agreement Protocol Primitives API (KPP)
    - crypto: dh - Add DH software implementation
    - crypto: ecdh - Add ECDH software support
    - crypto: ecdh - make ecdh_shared_secret unique
    - crypto: doc - add KPP documentation
    - crypto: kpp, (ec)dh - fix typos
    - crypto: ecc - remove unused function arguments
    - crypto: ecc - remove unnecessary casts
    - crypto: ecc - rename ecdh_make_pub_key()
    - crypto: ecdh - add privkey generation support
    - crypto: ecc - Fix NULL pointer deref. on no default_rng
    - [Config] CRYPTO_ECDH=m
    - Bluetooth: convert smp and selftest to crypto kpp API
    - crypto: ecdh - add public key verification test

* Xenial update: 4.4.185 upstream stable release (LP: #1836668)
    - fs/binfmt_flat.c: make load_flat_shared_library() work
    - scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
    - tracing: Silence GCC 9 array bounds warning
    - gcc-9: silence 'address-of-packed-member' warning
    - usb: chipidea: udc: workaround for endpoint conflict issue
    - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
    - apparmor: enforce nullbyte at end of tag string
    - parport: Fix mem leak in parport_register_dev_model
    - parisc: Fix compiler warnings in float emulation code
    - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
    - MIPS: uprobes: remove set but not used variable 'epc'
    - net: hns: Fix loopback test failed at copper ports
    - sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
    - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
    - scsi: ufs: Check that space was properly alloced in copy_query_response
    - s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
    - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
    - Btrfs: fix race between readahead and device replace/removal
    - btrfs: start readahead also in seed devices
    - can: flexcan: fix timeout when set small bitrate
    - can: purge socket error queue on sock destruct
    - ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX
    - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
    - Bluetooth: Fix regression with minimum encryption key size alignment
    - SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write
    - cfg80211: fix memory leak of wiphy device name
    - mac80211: drop robust management frames from unknown TA
    - perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit
      set nul
    - perf help: Remove needless use of strncpy()
    - 9p/rdma: do not disconnect on down_interruptible EAGAIN
    - 9p: acl: fix uninitialized iattr access
    - 9p/rdma: remove useless check in cm_event_handler
    - 9p: p9dirent_read: check network-provided name length
    - net/9p: include trans_common.h to fix missing prototype warning.
    - ovl: modify ovl_permission() to do checks on two inodes
    - x86/speculation: Allow guests to use SSBD even if host does not
    - cpu/speculation: Warn on unsupported mitigations= parameter
    - sctp: change to hold sk after auth shkey is created successfully
    - tipc: change to use register_pernet_device
    - tipc: check msg->req data len in tipc_nl_compat_bearer_disable
    - team: Always enable vlan tx offload
    - ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
    - bonding: Always enable vlan tx offload
    - net: check before dereferencing netdev_ops during busy poll
    - Bluetooth: Fix faulty expression for minimum encryption key size check
    - um: Compile with modern headers
    - ASoC : cs4265 : readable register too low
    - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
    - ASoC: max98090: remove 24-bit format support if RJ is 0
    - usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
    - usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
    - scsi: hpsa: correct ioaccel2 chaining
    - ARC: Assume multiplier is always present
    - ARC: fix build warning in elf.h
    - MIPS: math-emu: do not use bools for arithmetic
    - mfd: omap-usb-tll: Fix register offsets
    - swiotlb: Make linux/swiotlb.h standalone includible
    - bug.h: work around GCC PR82365 in BUG()
    - MIPS: Workaround GCC __builtin_unreachable reordering bug
    - ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
    - crypto: user - prevent operating on larval algorithms
    - ALSA: seq: fix incorrect order of dest_client/dest_ports arguments
    - ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages
    - ALSA: usb-audio: fix sign unintended sign extension on left shifts
    - lib/mpi: Fix karactx leak in mpi_powm
    - btrfs: Ensure replaced device doesn't have pending chunk allocation
    - tty: rocket: fix incorrect forward declaration of 'rp_init()'
    - ARC: handle gcc generated __builtin_trap for older compiler
    - arm64, vdso: Define vdso_{start,end} as array
    - KVM: x86: degrade WARN to pr_warn_ratelimited
    - dmaengine: imx-sdma: remove BD_INTR for channel0
    - Linux 4.4.185

* Xenial update: 4.4.184 upstream stable release (LP: #1836667)
    - Linux 4.4.184

* Xenial update: 4.4.183 upstream stable release (LP: #1836666)
    - fs/fat/file.c: issue flush after the writeback of FAT
    - sysctl: return -EINVAL if val violates minmax
    - ipc: prevent lockup on alloc_msg and free_msg
    - hugetlbfs: on restore reserve error path retain subpool reservation
    - mm/cma.c: fix crash on CMA allocation if bitmap allocation fails
    - mm/cma_debug.c: fix the break condition in cma_maxchunk_get()
    - kernel/sys.c: prctl: fix false positive in validate_prctl_map()
    - mfd: intel-lpss: Set the device in reset state when init
    - mfd: twl6040: Fix device init errors for ACCCTL register
    - perf/x86/intel: Allow PEBS multi-entry in watermark mode
    - drm/bridge: adv7511: Fix low refresh rate selection
    - ntp: Allow TAI-UTC offset to be set to zero
    - f2fs: fix to avoid panic in do_recover_data()
    - f2fs: fix to do sanity check on valid block count of segment
    - iommu/vt-d: Set intel_iommu_gfx_mapped correctly
    - ALSA: hda - Register irq handler after the chip initialization
    - nvmem: core: fix read buffer in place
    - fuse: retrieve: cap requested size to negotiated max_write
    - nfsd: allow fh_want_write to be called twice
    - x86/PCI: Fix PCI IRQ routing table memory leak
    - platform/chrome: cros_ec_proto: check for NULL transfer function
    - soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher
    - clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
    - ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
    - ARM: dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
    - ARM: dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
    - PCI: rpadlpar: Fix leaked device_node references in add/remove paths
    - PCI: rcar: Fix a potential NULL pointer dereference
    - video: hgafb: fix potential NULL pointer dereference
    - video: imsttfb: fix potential NULL pointer dereferences
    - PCI: xilinx: Check for __get_free_pages() failure
    - gpio: gpio-omap: add check for off wake capable gpios
    - dmaengine: idma64: Use actual device for DMA transfers
    - pwm: tiehrpwm: Update shadow register for disabling PWMs
    - ARM: dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8 regulators on
      Arndale Octa
    - pwm: Fix deadlock warning when removing PWM device
    - ARM: exynos: Fix undefined instruction during Exynos5422 resume
    - futex: Fix futex lock the wrong page
    - ALSA: seq: Cover unsubscribe_port() in list_mutex
    - libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk
    - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
    - fs/ocfs2: fix race in ocfs2_dentry_attach_lock()
    - signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO
    - ptrace: restore smp_rmb() in __ptrace_may_access()
    - i2c: acorn: fix i2c warning
    - bcache: fix stack corruption by PRECEDING_KEY()
    - cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css()
    - ASoC: cs42xx8: Add regcache mask dirty
    - Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var
    - scsi: lpfc: add check for loss of ndlp when sending RRQ
    - scsi: bnx2fc: fix incorrect cast to u64 on shift operation
    - usbnet: ipheth: fix racing condition
    - KVM: x86/pmu: do not mask the value that is written to fixed PMUs
    - KVM: s390: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
    - drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an
      invalid read
    - drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define()
    - USB: Fix chipmunk-like voice when using Logitech C270 for recording audio.
    - USB: usb-storage: Add new ID to ums-realtek
    - USB: serial: pl2303: add Allied Telesis VT-Kit3
    - USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode
    - USB: serial: option: add Telit 0x1260 and 0x1261 compositions
    - ax25: fix inconsistent lock state in ax25_destroy_timer
    - be2net: Fix number of Rx queues used for flow hashing
    - ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero
    - lapb: fixed leak of control-blocks.
    - neigh: fix use-after-free read in pneigh_get_next
    - sunhv: Fix device naming inconsistency between sunhv_console and sunhv_reg
    - mISDN: make sure device name is NUL terminated
    - x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor
    - perf/ring_buffer: Fix exposing a temporarily decreased data_head
    - perf/ring_buffer: Add ordering to rb->nest increment
    - gpio: fix gpio-adp5588 build errors
    - net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE()
    - i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr
    - configfs: Fix use-after-free when accessing sd->s_dentry
    - ia64: fix build errors by exporting paddr_to_nid()
    - KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list
    - net: sh_eth: fix mdio access in sh_eth_close() for R-Car Gen2 and RZ/A1 SoCs
    - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route()
    - scsi: libsas: delete sas port if expander discover failed
    - Revert "crypto: crypto4xx - properly set IV after de- and encrypt"
    - coredump: fix race condition between mmget_not_zero()/get_task_mm() and core
      dumping
    - Abort file_remove_privs() for non-reg. files
    - Linux 4.4.183

* CVE-2019-12614
    - powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()

* bnx2x driver causes 100% CPU load (LP: #1832082)
    - bnx2x: Prevent ptp_task to be rescheduled indefinitely

* Xenial update: 4.4.182 upstream stable release (LP: #1836665)
    - Linux 4.4.182

* Xenial kernel 4.4.0-155.182 fails to build perf with libnuma (LP: #1836585)
    - Revert "UBUNTU: SAUCE: perf/bench: Drop definition of BIT in numa.c"

* CVE-2019-10126
    - mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()

* CVE-2019-3846
    - mwifiex: Fix possible buffer overflows at parsing bss descriptor

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Thu, 01 Aug 2019 17:22:24 +0200

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Po-Hsu Lin (cypressyew) on 2019-10-03

Changed in linux (Ubuntu):
status:	Confirmed → Invalid

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Xenial	Fix Released	Undecided	Unassigned

Ubuntu
linux package

Xenial update: 4.4.185 upstream stable release

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntulinux package

Xenial update: 4.4.185 upstream stable release

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package