Ubuntu
linux package

Focal update: v5.4.120 upstream stable release

Bug #1930474 reported by Kamal Mostafa on 2021-06-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Focal	Fix Released	Medium	Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

v5.4.120 upstream stable release
from git://git.kernel.org/

tpm: fix error return code in tpm2_get_cc_attrs_tbl()
tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
tpm, tpm_tis: Reserve locality in tpm_tis_resume()
KVM: x86/mmu: Remove the defunct update_pte() paging hook
PM: runtime: Fix unpaired parent child_count for force_resume
fs: dlm: fix debugfs dump
tipc: convert dest node's address to network order
ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
net: stmmac: Set FIFO sizes for ipq806x
ASoC: rsnd: core: Check convert rate in rsnd_hw_params
i2c: bail out early when RDWR parameters are wrong
ALSA: hdsp: don't disable if not enabled
ALSA: hdspm: don't disable if not enabled
ALSA: rme9652: don't disable if not enabled
ALSA: bebob: enable to deliver MIDI messages for multiple ports
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
Bluetooth: initialize skb_queue_head at l2cap_chan_create()
net: bridge: when suppression is enabled exclude RARP packets
Bluetooth: check for zapped sk before connecting
ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
i2c: Add I2C_AQ_NO_REP_START adapter quirk
mac80211: clear the beacon's CRC after channel switch
pinctrl: samsung: use 'int' for register masks in Exynos
mt76: mt76x0: disable GTK offloading
cuse: prevent clone
ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
Revert "iommu/amd: Fix performance counter initialization"
iommu/amd: Remove performance counter pre-initialization test
drm/amd/display: Force vsync flip when reconfiguring MPCC
selftests: Set CC to clang in lib.mk if LLVM is set
kconfig: nconf: stop endless search loops
ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
powerpc/smp: Set numa node before updating mask
ASoC: rt286: Generalize support for ALC3263 codec
ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
samples/bpf: Fix broken tracex1 due to kprobe argument change
powerpc/pseries: Stop calling printk in rtas_stop_self()
drm/amd/display: fixed divide by zero kernel crash during dsc enablement
wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
powerpc/iommu: Annotate nested lock for lockdep
iavf: remove duplicate free resources calls
net: ethernet: mtk_eth_soc: fix RX VLAN offload
bnxt_en: Add PCI IDs for Hyper-V VF devices.
ia64: module: fix symbolizer crash on fdescr
ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
thermal: thermal_of: Fix error return code of thermal_of_populate_bind_params()
f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
PCI: Release OF node in pci_scan_device()'s error path
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
NFS: Deal correctly with attribute generation counter overflow
PCI: endpoint: Fix missing destroy_workqueue()
pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
NFSv4.2 fix handling of sr_eof in SEEK's reply
rtc: fsl-ftm-alarm: add MODULE_TABLE()
ceph: fix inode leak on getattr error in __fh_to_dentry
rtc: ds1307: Fix wday settings for rx8130
net: hns3: fix incorrect configuration for igu_egu_hw_err
net: hns3: initialize the message content in hclge_get_link_mode()
net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet()
net: hns3: fix for vxlan gpe tx checksum bug
net: hns3: use netif_tx_disable to stop the transmit queue
net: hns3: disable phy loopback setting in hclge_mac_start_phy
sctp: do asoc update earlier in sctp_sf_do_dupcook_a
RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
sunrpc: Fix misplaced barrier in call_decode
ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
netfilter: xt_SECMARK: add new revision to fix structure layout
drm/radeon: Fix off-by-one power_state index heap overwrite
drm/radeon: Avoid power table parsing memory leaks
khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page()
ksm: fix potential missing rmap_item for stable_node
net: fix nla_strcmp to handle more then one trailing null character
smc: disallow TCP_ULP in smc_setsockopt()
netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
sched: Fix out-of-bound access in uclamp
sched/fair: Fix unfairness caused by missing load decay
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
netfilter: nftables: avoid overflows in nft_hash_buckets()
i40e: Fix use-after-free in i40e_client_subtask()
i40e: fix the restart auto-negotiation after FEC modified
i40e: Fix PHY type identifiers for 2.5G and 5G adapters
ARC: entry: fix off-by-one error in syscall number validation
ARC: mm: PAE: use 40-bit physical page mask
powerpc/64s: Fix crashes when toggling stf barrier
powerpc/64s: Fix crashes when toggling entry flush barrier
hfsplus: prevent corruption in shrinking truncate
squashfs: fix divide error in calculate_skip()
userfaultfd: release page in error path to avoid BUG_ON
mm/hugetlb: fix F_SEAL_FUTURE_WRITE
drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
drm/i915: Avoid div-by-zero on gen2
iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
usb: fotg210-hcd: Fix an error message
hwmon: (occ) Fix poll rate limiting
ACPI: scan: Fix a memory leak in an error handling path
kyber: fix out of bounds access when preempted
nbd: Fix NULL pointer in flush_workqueue
blk-mq: Swap two calls in blk_mq_exit_queue()
iomap: fix sub-page uptodate handling
usb: dwc3: omap: improve extcon initialization
usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
usb: xhci: Increase timeout for HC halt
usb: dwc2: Fix gadget DMA unmap direction
usb: core: hub: fix race condition about TRSMRCY of resume
usb: dwc3: gadget: Return success always for kick transfer in ep queue
xhci: Do not use GFP_KERNEL in (potentially) atomic context
xhci: Add reset resume quirk for AMD xhci controller.
iio: gyro: mpu3050: Fix reported temperature value
iio: tsl2583: Fix division by a zero lux_val
cdc-wdm: untangle a circular dependency between callback and softint
KVM: x86: Cancel pvclock_gtod_work on module removal
mm: fix struct page layout on 32-bit systems
FDDI: defxx: Make MMIO the configuration default except for EISA
MIPS: Reinstate platform `__div64_32' handler
MIPS: Avoid DIVU in `__div64_32' is result would be zero
MIPS: Avoid handcoded DIVU in `__div64_32' altogether
thermal/core/fair share: Lock the thermal zone while looping over instances
f2fs: fix error handling in f2fs_end_enable_verity()
ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
ARM: 9012/1: move device tree mapping out of linear region
ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual address
ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
usb: typec: tcpm: Fix error while calculating PPS out values
kobject_uevent: remove warning in init_uevent_argv()
netfilter: conntrack: Make global sysctls readonly in non-init netns
clk: exynos7: Mark aclk_fsys1_200 as critical
nvme: do not try to reconfigure APST when the controller is not live
ASoC: rsnd: check all BUSIF status when error
Linux 5.4.120
UBUNTU: upstream stable to v5.4.120

See original description

Tags:

CVE References

2021-33909

Kamal Mostafa (kamalmostafa) on 2021-06-01

Changed in linux (Ubuntu):
status:	New → Confirmed
tags:	added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Focal):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status:	Confirmed → Invalid

Kamal Mostafa (kamalmostafa) on 2021-06-01

description:

updated

Stefan Bader (smb) on 2021-06-10

Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-07-20:

Download full text (27.3 KiB)

This bug was fixed in the package linux - 5.4.0-80.90

---------------
linux (5.4.0-80.90) focal; urgency=medium

* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.4.0-79.88) focal; urgency=medium

* focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)

* lxd exec fails (LP: #1934187)
- SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux (5.4.0-78.87) focal; urgency=medium

* focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
- [Packaging]: Add kernel command line condition to hv-kvp-daemon service

  * QLogic Direct-Connect host can't discover SCSI-FC or NVMe/FC devices
    (LP: #1860724)
    - scsi: qla2xxx: Serialize fc_port alloc in N2N
    - scsi: qla2xxx: Set Nport ID for N2N
    - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
    - scsi: qla2xxx: Fix N2N and NVMe connect retry failure

* [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
- ice: add additional E810 device id

This bug was fixed in the package linux - 5.4.0-80.90

---------------
linux (5.4.0-80.90) focal; urgency=medium

* CVE-2021-33909
    - SAUCE: seq_file: Disallow extremely large seq buffer allocations

linux (5.4.0-79.88) focal; urgency=medium

* focal/linux: 5.4.0-79.88 -proposed tracker (LP: #1934343)

* lxd exec fails (LP: #1934187)
    - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

linux (5.4.0-78.87) focal; urgency=medium

* focal/linux: 5.4.0-78.87 -proposed tracker (LP: #1932478)

* Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - update dkms package versions

* Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
    - [Packaging]: Add kernel command line condition to hv-kvp-daemon service

* [SRU] Add support for E810 NIC to Ice Driver in Focal (LP: #1912511)
    - ice: add additional E810 device id

* Focal update: v5.4.124 upstream stable release (LP: #1931166)
    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
    - ALSA: usb-audio: scarlett2: Improve driver startup messages
    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
    - perf intel-pt: Fix sample instruction bytes
    - perf intel-pt: Fix transaction abort handling
    - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top
      Calls by elapsed Time report
    - perf scripts python: exported-sql-viewer.py: Fix Array TypeError
    - perf scripts python: exported-sql-viewer.py: Fix warning display
    - proc: Check /proc/$pid/attr/ writes against file opener
    - net: hso: fix control-request directions
    - ath10k: Validate first subframe of A-MSDU before processing the list
    - dm snapshot: properly fix a crash when an origin has no snapshots
    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
    - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
    - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
    - selftests/gpio: Move include of lib.mk up
    - selftests/gpio: Fix build when source tree is read only
    - kgdb: fix gcc-11 warnings harder
    - Documentation: seccomp: Fix user notification documentation
    - serial: core: fix suspicious security_locked_down() call
    - misc/uss720: fix memory leak in uss720_probe
    - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
    - mei: request autosuspend after sending rx flow control
    - staging: iio: cdc: ad7746: avoid overwrite of num_channels
    - iio: gyro: fxas21002c: balance runtime power in error path
    - iio: adc: ad7768-1: Fix too small buffer passed to
      iio_push_to_buffers_with_timestamp()
    - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
    - iio: adc: ad7124: Fix potential overflow due to non sequential channel
      numbers
    - iio: adc: ad7793: Add missing error code in ad7793_setup()
    - serial: 8250_pci: Add support for new HPE serial device
    - serial: 8250_pci: handle FL_NOIRQ board flag
    - USB: trancevibrator: fix control-request direction
    - USB: usbfs: Don't WARN about excessively large memory allocations
    - serial: tegra: Fix a mask operation that is always true
    - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
    - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
    - USB: serial: ti_usb_3410_5052: add startech.com device id
    - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
    - USB: serial: ftdi_sio: add IDs for IDS GmbH Products
    - USB: serial: pl2303: add device id for ADLINK ND-6530 GC
    - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
    - usb: dwc3: gadget: Properly track pending and queued SG
    - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
    - net: usb: fix memory leak in smsc75xx_bind
    - spi: spi-geni-qcom: Fix use-after-free on unbind
    - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
    - fs/nfs: Use fatal_signal_pending instead of signal_pending
    - NFS: fix an incorrect limit in filelayout_decode_layout()
    - NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
    - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
    - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
    - drm/meson: fix shutdown crash when component not probed
    - net/mlx5e: Fix multipath lag activation
    - net/mlx5e: Fix nullptr in add_vlan_push_action()
    - net/mlx4: Fix EEPROM dump support
    - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
    - tipc: wait and exit until all work queues are done
    - tipc: skb_linearize the head skb when reassembling msgs
    - spi: spi-fsl-dspi: Fix a resource leak in an error handling path
    - net: dsa: mt7530: fix VLAN traffic leaks
    - net: dsa: fix a crash if ->get_sset_count() fails
    - net: dsa: sja1105: error out on unsupported PHY mode
    - i2c: s3c2410: fix possible NULL pointer deref on read message after write
    - i2c: i801: Don't generate an interrupt on bus reset
    - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
    - perf jevents: Fix getting maximum number of fds
    - platform/x86: hp_accel: Avoid invoking _INI to speed up resume
    - gpio: cadence: Add missing MODULE_DEVICE_TABLE
    - Revert "media: usb: gspca: add a missed check for goto_low_power"
    - Revert "ALSA: sb: fix a missing check of snd_ctl_add"
    - Revert "serial: max310x: pass return value of spi_register_driver"
    - serial: max310x: unregister uart driver in case of failure and abort
    - Revert "net: fujitsu: fix a potential NULL pointer dereference"
    - net: fujitsu: fix potential null-ptr-deref
    - Revert "net/smc: fix a NULL pointer dereference"
    - net: caif: remove BUG_ON(dev == NULL) in caif_xmit
    - Revert "char: hpet: fix a missing check of ioremap"
    - char: hpet: add checks after calling ioremap
    - Revert "ALSA: gus: add a check of the status of snd_ctl_add"
    - Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
    - Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
    - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
    - Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
    - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
    - Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
    - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
    - Revert "dmaengine: qcom_hidma: Check for driver register failure"
    - dmaengine: qcom_hidma: comment platform_driver_register call
    - Revert "libertas: add checks for the return value of sysfs_create_group"
    - libertas: register sysfs groups properly
    - Revert "ASoC: cs43130: fix a NULL pointer dereference"
    - ASoC: cs43130: handle errors in cs43130_probe() properly
    - Revert "media: dvb: Add check on sp8870_readreg"
    - media: dvb: Add check on sp8870_readreg return
    - Revert "media: gspca: mt9m111: Check write_bridge for timeout"
    - media: gspca: mt9m111: Check write_bridge for timeout
    - Revert "media: gspca: Check the return value of write_bridge for timeout"
    - media: gspca: properly check for errors in po1030_probe()
    - Revert "net: liquidio: fix a NULL pointer dereference"
    - net: liquidio: Add missing null pointer checks
    - Revert "brcmfmac: add a check for the status of usb_register"
    - brcmfmac: properly check for bus register errors
    - btrfs: return whole extents in fiemap
    - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
    - openrisc: Define memory barrier mb
    - btrfs: do not BUG_ON in link_to_fixup_dir
    - platform/x86: hp-wireless: add AMD's hardware id to the supported list
    - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
    - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700
      tablet
    - SMB3: incorrect file id in requests compounded with open
    - drm/amd/display: Disconnect non-DP with no EDID
    - drm/amd/amdgpu: fix refcount leak
    - drm/amdgpu: Fix a use-after-free
    - drm/amd/amdgpu: fix a potential deadlock in gpu reset
    - net: netcp: Fix an error message
    - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
    - ASoC: cs42l42: Regmap must use_single_read/write
    - vfio-ccw: Check initialized flag in cp_init()
    - net: really orphan skbs tied to closing sk
    - net: fec: fix the potential memory leak in fec_enet_init()
    - net: mdio: thunder: Fix a double free issue in the .remove function
    - net: mdio: octeon: Fix some double free issues
    - openvswitch: meter: fix race when getting now_ms.
    - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
    - net: sched: fix packet stuck problem for lockless qdisc
    - net: sched: fix tx action rescheduling issue during deactivation
    - net: sched: fix tx action reschedule issue with stopped queue
    - net: hso: check for allocation failure in hso_create_bulk_serial_device()
    - net: bnx2: Fix error return code in bnx2_init_board()
    - bnxt_en: Include new P5 HV definition in VF check.
    - mld: fix panic in mld_newpack()
    - gve: Check TX QPL was actually assigned
    - gve: Update mgmt_msix_idx if num_ntfy changes
    - gve: Add NULL pointer checks when freeing irqs.
    - gve: Upgrade memory barrier in poll routine
    - gve: Correct SKB queue index validation.
    - cxgb4: avoid accessing registers when clearing filters
    - staging: emxx_udc: fix loop in _nbu2ss_nuke()
    - ASoC: cs35l33: fix an error code in probe()
    - bpf: Set mac_len in bpf_skb_change_head
    - ixgbe: fix large MTU request from VF
    - scsi: libsas: Use _safe() loop in sas_resume_port()
    - net: lantiq: fix memory corruption in RX ring
    - ipv6: record frag_max_size in atomic fragments in input path
    - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
      static
    - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
    - sch_dsmark: fix a NULL deref in qdisc_reset()
    - MIPS: alchemy: xxs1500: add gpio-au1000.h header file
    - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
    - drm/i915/display: fix compiler warning about array overrun
    - i915: fix build warning in intel_dp_get_link_status()
    - drivers/net/ethernet: clean up unused assignments
    - net: hns3: check the return of skb_checksum_help()
    - Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
    - net: hso: bail out on interrupt URB allocation failure
    - neighbour: Prevent Race condition in neighbour subsytem
    - usb: core: reduce power-on-good delay time of root hub
    - Linux 5.4.124

* Focal update: v5.4.123 upstream stable release (LP: #1931160)
    - usb: dwc3: gadget: Enable suspend events
    - perf unwind: Fix separate debug info files when using elfutils' libdw's
      unwinder
    - perf unwind: Set userdata for all __report_module() paths
    - NFC: nci: fix memory leak in nci_allocate_device
    - Linux 5.4.123

* Focal update: v5.4.122 upstream stable release (LP: #1931159)
    - firmware: arm_scpi: Prevent the ternary sign expansion bug
    - openrisc: Fix a memory leak
    - RDMA/siw: Properly check send and receive CQ pointers
    - RDMA/siw: Release xarray entry
    - RDMA/rxe: Clear all QP fields if creation failed
    - scsi: ufs: core: Increase the usable queue depth
    - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
    - RDMA/mlx5: Recover from fatal event in dual port mode
    - RDMA/core: Don't access cm_id after its destruction
    - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
    - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
    - RDMA/uverbs: Fix a NULL vs IS_ERR() bug
    - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
    - nvmet: seset ns->file when open fails
    - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
    - btrfs: avoid RCU stalls while running delayed iputs
    - cifs: fix memory leak in smb2_copychunk_range
    - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high
      sampling transfer frequency
    - ALSA: intel8x0: Don't update period unless prepared
    - ALSA: line6: Fix racy initialization of LINE6 MIDI
    - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
    - ALSA: firewire-lib: fix calculation for size of IR context payload
    - ALSA: usb-audio: Validate MS endpoint descriptors
    - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
    - ALSA: hda: fixup headset for ASUS GU502 laptop
    - Revert "ALSA: sb8: add a check for request_region"
    - ALSA: firewire-lib: fix check for the size of isochronous packet payload
    - ALSA: hda/realtek: reset eapd coeff to default value for alc287
    - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
    - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
    - ALSA: hda/realtek: Add fixup for HP OMEN laptop
    - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
    - uio_hv_generic: Fix a memory leak in error handling paths
    - Revert "rapidio: fix a NULL pointer dereference when create_workqueue()
      fails"
    - rapidio: handle create_workqueue() failure
    - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer
      dereference"
    - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
    - drm/amdgpu: update gc golden setting for Navi12
    - drm/amdgpu: update sdma golden setting for Navi12
    - mmc: sdhci-pci-gli: increase 1.8V regulator wait
    - xen-pciback: reconfigure also from backend watch handler
    - dm snapshot: fix crash with transient storage and zero chunk size
    - Revert "video: hgafb: fix potential NULL pointer dereference"
    - Revert "net: stmicro: fix a missing check of clk_prepare"
    - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
    - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
    - Revert "video: imsttfb: fix potential NULL pointer dereferences"
    - Revert "ecryptfs: replace BUG_ON with error handling code"
    - Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
    - Revert "gdrom: fix a memory leak bug"
    - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
    - cdrom: gdrom: initialize global variable at init time
    - Revert "media: rcar_drif: fix a memory disclosure"
    - Revert "rtlwifi: fix a potential NULL pointer dereference"
    - Revert "qlcnic: Avoid potential NULL pointer dereference"
    - Revert "niu: fix missing checks of niu_pci_eeprom_read"
    - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
    - net: stmicro: handle clk_prepare() failure during init
    - scsi: ufs: handle cleanup correctly on devm_reset_control_get error
    - net: rtlwifi: properly check for alloc_workqueue() failure
    - ics932s401: fix broken handling of errors when word reading fails
    - leds: lp5523: check return value of lp5xx_read and jump to cleanup code
    - qlcnic: Add null check after calling netdev_alloc_skb
    - video: hgafb: fix potential NULL pointer dereference
    - vgacon: Record video mode changes with VT_RESIZEX
    - vt: Fix character height handling with VT_RESIZEX
    - tty: vt: always invoke vc->vc_sw->con_resize callback
    - nvme-multipath: fix double initialization of ANA state
    - ext4: fix error handling in ext4_end_enable_verity()
    - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
    - nvmet: use new ana_log_size instead the old one
    - video: hgafb: correctly handle card detect failure during probe
    - Bluetooth: SMP: Fail if remote and local public keys are identical
    - Linux 5.4.122

* Focal update: v5.4.121 upstream stable release (LP: #1931158)
    - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
    - kgdb: fix gcc-11 warning on indentation
    - usb: sl811-hcd: improve misleading indentation
    - cxgb4: Fix the -Wmisleading-indentation warning
    - isdn: capi: fix mismatched prototypes
    - pinctrl: ingenic: Improve unreachable code generation
    - xsk: Simplify detection of empty and full rings
    - virtio_net: Do not pull payload in skb->head
    - PCI: thunder: Fix compile testing
    - dmaengine: dw-edma: Fix crash on loading/unloading driver
    - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
    - ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
    - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated
      devices
    - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a
      stuck state
    - um: Mark all kernel symbols as local
    - um: Disable CONFIG_GCOV with MODULES
    - ARM: 9075/1: kernel: Fix interrupted SMC calls
    - scripts/recordmcount.pl: Fix RISC-V regex for clang
    - riscv: Workaround mcount name prior to clang-13
    - scsi: lpfc: Fix illegal memory access on Abort IOCBs
    - ceph: fix fscache invalidation
    - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not
      found
    - bridge: Fix possible races between assigning rx_handler_data and setting
      IFF_BRIDGE_PORT bit
    - drm/amd/display: Fix two cursor duplication when using overlay
    - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
    - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
    - block: reexpand iov_iter after read/write
    - lib: stackdepot: turn depot_lock spinlock to raw_spinlock
    - net: stmmac: Do not enable RX FIFO overflow interrupts
    - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
    - sit: proper dev_{hold|put} in ndo_[un]init methods
    - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
    - ipv6: remove extra dev_hold() for fallback tunnels
    - KVM: arm64: Initialize VCPU mdcr_el2 before loading it
    - tweewide: Fix most Shebang lines
    - scripts: switch explicitly to Python 3
    - Linux 5.4.121

* Focal update: v5.4.120 upstream stable release (LP: #1930474)
    - tpm: fix error return code in tpm2_get_cc_attrs_tbl()
    - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
    - tpm, tpm_tis: Reserve locality in tpm_tis_resume()
    - KVM: x86/mmu: Remove the defunct update_pte() paging hook
    - PM: runtime: Fix unpaired parent child_count for force_resume
    - fs: dlm: fix debugfs dump
    - tipc: convert dest node's address to network order
    - ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
    - net: stmmac: Set FIFO sizes for ipq806x
    - ASoC: rsnd: core: Check convert rate in rsnd_hw_params
    - i2c: bail out early when RDWR parameters are wrong
    - ALSA: hdsp: don't disable if not enabled
    - ALSA: hdspm: don't disable if not enabled
    - ALSA: rme9652: don't disable if not enabled
    - ALSA: bebob: enable to deliver MIDI messages for multiple ports
    - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
    - Bluetooth: initialize skb_queue_head at l2cap_chan_create()
    - net: bridge: when suppression is enabled exclude RARP packets
    - Bluetooth: check for zapped sk before connecting
    - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
    - i2c: Add I2C_AQ_NO_REP_START adapter quirk
    - mac80211: clear the beacon's CRC after channel switch
    - pinctrl: samsung: use 'int' for register masks in Exynos
    - mt76: mt76x0: disable GTK offloading
    - cuse: prevent clone
    - ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
    - Revert "iommu/amd: Fix performance counter initialization"
    - iommu/amd: Remove performance counter pre-initialization test
    - drm/amd/display: Force vsync flip when reconfiguring MPCC
    - selftests: Set CC to clang in lib.mk if LLVM is set
    - kconfig: nconf: stop endless search loops
    - ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
    - sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
    - flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
    - powerpc/smp: Set numa node before updating mask
    - ASoC: rt286: Generalize support for ALC3263 codec
    - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
    - net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
    - samples/bpf: Fix broken tracex1 due to kprobe argument change
    - powerpc/pseries: Stop calling printk in rtas_stop_self()
    - drm/amd/display: fixed divide by zero kernel crash during dsc enablement
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
    - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
    - qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
    - powerpc/iommu: Annotate nested lock for lockdep
    - iavf: remove duplicate free resources calls
    - net: ethernet: mtk_eth_soc: fix RX VLAN offload
    - bnxt_en: Add PCI IDs for Hyper-V VF devices.
    - ia64: module: fix symbolizer crash on fdescr
    - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
    - thermal: thermal_of: Fix error return code of
      thermal_of_populate_bind_params()
    - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
    - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
    - PCI: Release OF node in pci_scan_device()'s error path
    - ARM: 9064/1: hw_breakpoint: Do not directly check the event's
      overflow_handler hook
    - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
    - NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
    - NFS: Deal correctly with attribute generation counter overflow
    - PCI: endpoint: Fix missing destroy_workqueue()
    - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
    - NFSv4.2 fix handling of sr_eof in SEEK's reply
    - rtc: fsl-ftm-alarm: add MODULE_TABLE()
    - ceph: fix inode leak on getattr error in __fh_to_dentry
    - rtc: ds1307: Fix wday settings for rx8130
    - net: hns3: fix incorrect configuration for igu_egu_hw_err
    - net: hns3: initialize the message content in hclge_get_link_mode()
    - net: hns3: add check for HNS3_NIC_STATE_INITED in
      hns3_reset_notify_up_enet()
    - net: hns3: fix for vxlan gpe tx checksum bug
    - net: hns3: use netif_tx_disable to stop the transmit queue
    - net: hns3: disable phy loopback setting in hclge_mac_start_phy
    - sctp: do asoc update earlier in sctp_sf_do_dupcook_a
    - RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
    - sunrpc: Fix misplaced barrier in call_decode
    - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
    - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
    - netfilter: xt_SECMARK: add new revision to fix structure layout
    - drm/radeon: Fix off-by-one power_state index heap overwrite
    - drm/radeon: Avoid power table parsing memory leaks
    - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
    - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
    - mm/migrate.c: fix potential indeterminate pte entry in
      migrate_vma_insert_page()
    - ksm: fix potential missing rmap_item for stable_node
    - net: fix nla_strcmp to handle more then one trailing null character
    - smc: disallow TCP_ULP in smc_setsockopt()
    - netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
    - can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
    - sched: Fix out-of-bound access in uclamp
    - sched/fair: Fix unfairness caused by missing load decay
    - kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
    - netfilter: nftables: avoid overflows in nft_hash_buckets()
    - i40e: Fix use-after-free in i40e_client_subtask()
    - i40e: fix the restart auto-negotiation after FEC modified
    - i40e: Fix PHY type identifiers for 2.5G and 5G adapters
    - ARC: entry: fix off-by-one error in syscall number validation
    - ARC: mm: PAE: use 40-bit physical page mask
    - powerpc/64s: Fix crashes when toggling stf barrier
    - powerpc/64s: Fix crashes when toggling entry flush barrier
    - hfsplus: prevent corruption in shrinking truncate
    - squashfs: fix divide error in calculate_skip()
    - userfaultfd: release page in error path to avoid BUG_ON
    - mm/hugetlb: fix F_SEAL_FUTURE_WRITE
    - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors
      are connected
    - drm/i915: Avoid div-by-zero on gen2
    - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
    - usb: fotg210-hcd: Fix an error message
    - hwmon: (occ) Fix poll rate limiting
    - ACPI: scan: Fix a memory leak in an error handling path
    - kyber: fix out of bounds access when preempted
    - nbd: Fix NULL pointer in flush_workqueue
    - blk-mq: Swap two calls in blk_mq_exit_queue()
    - iomap: fix sub-page uptodate handling
    - usb: dwc3: omap: improve extcon initialization
    - usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
    - usb: xhci: Increase timeout for HC halt
    - usb: dwc2: Fix gadget DMA unmap direction
    - usb: core: hub: fix race condition about TRSMRCY of resume
    - usb: dwc3: gadget: Return success always for kick transfer in ep queue
    - xhci: Do not use GFP_KERNEL in (potentially) atomic context
    - xhci: Add reset resume quirk for AMD xhci controller.
    - iio: gyro: mpu3050: Fix reported temperature value
    - iio: tsl2583: Fix division by a zero lux_val
    - cdc-wdm: untangle a circular dependency between callback and softint
    - KVM: x86: Cancel pvclock_gtod_work on module removal
    - mm: fix struct page layout on 32-bit systems
    - FDDI: defxx: Make MMIO the configuration default except for EISA
    - MIPS: Reinstate platform `__div64_32' handler
    - MIPS: Avoid DIVU in `__div64_32' is result would be zero
    - MIPS: Avoid handcoded DIVU in `__div64_32' altogether
    - thermal/core/fair share: Lock the thermal zone while looping over instances
    - f2fs: fix error handling in f2fs_end_enable_verity()
    - ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
    - ARM: 9012/1: move device tree mapping out of linear region
    - ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual
      address
    - ARM: 9027/1: head.S: explicitly map DT even if it lives in the first
      physical section
    - usb: typec: tcpm: Fix error while calculating PPS out values
    - kobject_uevent: remove warning in init_uevent_argv()
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - clk: exynos7: Mark aclk_fsys1_200 as critical
    - nvme: do not try to reconfigure APST when the controller is not live
    - ASoC: rsnd: check all BUSIF status when error
    - Linux 5.4.120

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Fri, 09 Jul 2021 12:49:11 -0300

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package