Bionic update: upstream stable patchset 2021-06-11
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Kamal Mostafa |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2021-06-11
from git://git.
openrisc: Fix a memory leak
RDMA/rxe: Clear all QP fields if creation failed
scsi: qla2xxx: Fix error return code in qla82xx_
ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
cifs: fix memory leak in smb2_copychunk_
ALSA: line6: Fix racy initialization of LINE6 MIDI
ALSA: usb-audio: Validate MS endpoint descriptors
ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
Revert "ALSA: sb8: add a check for request_region"
ALSA: hda/realtek: reset eapd coeff to default value for alc287
Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
rapidio: handle create_workqueue() failure
xen-pciback: reconfigure also from backend watch handler
dm snapshot: fix crash with transient storage and zero chunk size
Revert "video: hgafb: fix potential NULL pointer dereference"
Revert "net: stmicro: fix a missing check of clk_prepare"
Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
Revert "video: imsttfb: fix potential NULL pointer dereferences"
Revert "ecryptfs: replace BUG_ON with error handling code"
Revert "gdrom: fix a memory leak bug"
cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
cdrom: gdrom: initialize global variable at init time
Revert "media: rcar_drif: fix a memory disclosure"
Revert "rtlwifi: fix a potential NULL pointer dereference"
Revert "qlcnic: Avoid potential NULL pointer dereference"
Revert "niu: fix missing checks of niu_pci_
ethernet: sun: niu: fix missing checks of niu_pci_
net: stmicro: handle clk_prepare() failure during init
net: rtlwifi: properly check for alloc_workqueue() failure
leds: lp5523: check return value of lp5xx_read and jump to cleanup code
qlcnic: Add null check after calling netdev_alloc_skb
video: hgafb: fix potential NULL pointer dereference
vgacon: Record video mode changes with VT_RESIZEX
vt: Fix character height handling with VT_RESIZEX
tty: vt: always invoke vc->vc_
video: hgafb: correctly handle card detect failure during probe
Bluetooth: SMP: Fail if remote and local public keys are identical
firmware: arm_scpi: Prevent the ternary sign expansion bug
platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference"
UBUNTU: upstream stable to v4.14.234, v4.19.192
mm, vmstat: drop zone->lock in /proc/pagetypeinfo
usb: dwc3: gadget: Enable suspend events
NFC: nci: fix memory leak in nci_allocate_device
NFSv4: Fix a NULL pointer dereference in pnfs_mark_
iommu/vt-d: Fix sysfs leak in alloc_iommu()
perf intel-pt: Fix sample instruction bytes
perf intel-pt: Fix transaction abort handling
proc: Check /proc/$pid/attr/ writes against file opener
net: hso: fix control-request directions
mac80211: assure all fragments are encrypted
mac80211: prevent mixed key and fragment cache attacks
mac80211: properly handle A-MSDUs that start with an RFC 1042 header
cfg80211: mitigate A-MSDU aggregation attacks
mac80211: drop A-MSDUs on old ciphers
mac80211: add fragment cache to sta_info
mac80211: check defrag PN against current frame
mac80211: prevent attacks on TKIP/WEP as well
mac80211: do not accept/forward invalid EAPOL frames
mac80211: extend protection against mixed key and fragment cache attacks
ath10k: Validate first subframe of A-MSDU before processing the list
dm snapshot: properly fix a crash when an origin has no snapshots
kgdb: fix gcc-11 warnings harder
misc/uss720: fix memory leak in uss720_probe
thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
mei: request autosuspend after sending rx flow control
staging: iio: cdc: ad7746: avoid overwrite of num_channels
iio: adc: ad7793: Add missing error code in ad7793_setup()
USB: trancevibrator: fix control-request direction
serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
serial: rp2: use 'request_firmware' instead of 'request_
USB: serial: ti_usb_3410_5052: add startech.com device id
USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
USB: serial: ftdi_sio: add IDs for IDS GmbH Products
USB: serial: pl2303: add device id for ADLINK ND-6530 GC
usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
net: usb: fix memory leak in smsc75xx_bind
Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
NFS: fix an incorrect limit in filelayout_
NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
drm/meson: fix shutdown crash when component not probed
net/mlx4: Fix EEPROM dump support
Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
tipc: skb_linearize the head skb when reassembling msgs
i2c: s3c2410: fix possible NULL pointer deref on read message after write
i2c: i801: Don't generate an interrupt on bus reset
perf jevents: Fix getting maximum number of fds
platform/x86: hp_accel: Avoid invoking _INI to speed up resume
serial: max310x: unregister uart driver in case of failure and abort
net: fujitsu: fix potential null-ptr-deref
net: caif: remove BUG_ON(dev == NULL) in caif_xmit
char: hpet: add checks after calling ioremap
isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
dmaengine: qcom_hidma: comment platform_
libertas: register sysfs groups properly
media: dvb: Add check on sp8870_readreg return
media: gspca: properly check for errors in po1030_probe()
scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
openrisc: Define memory barrier mb
btrfs: do not BUG_ON in link_to_fixup_dir
platform/x86: hp-wireless: add AMD's hardware id to the supported list
platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
SMB3: incorrect file id in requests compounded with open
drm/amdgpu: Fix a use-after-free
net: netcp: Fix an error message
net: mdio: thunder: Fix a double free issue in the .remove function
net: mdio: octeon: Fix some double free issues
net: bnx2: Fix error return code in bnx2_init_board()
mld: fix panic in mld_newpack()
staging: emxx_udc: fix loop in _nbu2ss_nuke()
ASoC: cs35l33: fix an error code in probe()
bpf: Set mac_len in bpf_skb_change_head
ixgbe: fix large MTU request from VF
scsi: libsas: Use _safe() loop in sas_resume_port()
ipv6: record frag_max_size in atomic fragments in input path
sch_dsmark: fix a NULL deref in qdisc_reset()
MIPS: alchemy: xxs1500: add gpio-au1000.h header file
MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
hugetlbfs: hugetlb_
drivers/
usb: core: reduce power-on-good delay time of root hub
USB: usbfs: Don't WARN about excessively large memory allocations
selftests/bpf: Test narrow loads with off > 0 in test_verifier
bpf: extend is_branch_taken to registers
bpf: Move off_reg into sanitize_ptr_alu
bpf: Ensure off_reg has no mixed signed bounds for all types
bpf: Rework ptr_limit into alu_limit and add common error path
bpf: Improve verifier error messages for users
bpf: Refactor and streamline bounds check into helper
bpf: Move sanitize_val_alu out of op switch
bpf: Tighten speculative pointer arithmetic mask
bpf: Fix leakage of uninitialized bpf stack under speculation
bpf: Wrap aux data inside bpf_sanitize_info container
bpf: No need to simulate speculative domain for immediates
net: dsa: fix a crash if ->get_sset_count() fails
drm/amd/amdgpu: fix refcount leak
net: dsa: fix error code getting shifted with 4 in dsa_slave_
openvswitch: meter: fix race when getting now_ms.
net: hns3: check the return of skb_checksum_help()
UBUNTU: upstream stable to v4.14.235, v4.19.193
CVE References
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
description: | updated |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux - 4.15.0-151.157
---------------
linux (4.15.0-151.157) bionic; urgency=medium
* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations
linux (4.15.0-150.155) bionic; urgency=medium
* bionic/linux: 4.15.0-150.155 -proposed tracker (LP: #1934374)
* lxd exec fails (LP: #1934187)
- SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"
linux (4.15.0-149.153) bionic; urgency=medium
* bionic/linux: 4.15.0-149.153 -proposed tracker (LP: #1933434)
* selftests: bpf: test_verifier fixes (LP: #1933385)
- bpf: Update selftests to reflect new error states
- bpf, selftests: Adjust few selftest result_unpriv outcomes
* CVE-2021-33200
- bpf: Fix mask direction swap upon off reg sign change
linux (4.15.0-148.152) bionic; urgency=medium
* bionic/linux: 4.15.0-148.152 -proposed tracker (LP: #1932515)
* Packaging resync (LP: #1786013)
- update dkms package versions
* Upstream v5.9 introduced 'module' patches that removed exported symbols RY_MODULE" text_address"
(LP: #1932065)
- SAUCE: Revert "modules: inherit TAINT_PROPRIETA
- SAUCE: Revert "modules: return licensing information from find_symbol"
- SAUCE: Revert "modules: rename the licence field in struct symsearch to
license"
- SAUCE: Revert "modules: unexport __module_address"
- SAUCE: Revert "modules: unexport __module_
- SAUCE: Revert "modules: mark each_symbol_section static"
- SAUCE: Revert "modules: mark find_symbol static"
- SAUCE: Revert "modules: mark ref_module static"
* Disable hv-kvp- daemon. service on certain instance types (LP: #1932081)
- [Packaging]: Add kernel command line condition to hv-kvp-daemon service
* Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) write_flash_ dword() range
- openrisc: Fix a memory leak
- RDMA/rxe: Clear all QP fields if creation failed
- scsi: qla2xxx: Fix error return code in qla82xx_
- ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
- cifs: fix memory leak in smb2_copychunk_
- ALSA: line6: Fix racy initialization of LINE6 MIDI
- ALSA: usb-audio: Validate MS endpoint descriptors
- ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
- Revert "ALSA: sb8: add a check for request_region"
- Revert "rapidio: fix a NULL pointer dereference when create_workqueue()
fails"
- rapidio: handle create_workqueue() failure
- xen-pciback: reconfigure also from backend watch handler
- dm snapshot: fix crash with transient storage and zero chunk size
- Revert "video: hgafb: fix potential NULL pointer dereference"
- Revert "net: stmicro: fix a missing check of clk_prepare"
- Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
- Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
- Revert "video: imsttfb: fix potential NULL pointer dereferences"
- Revert "ecryptfs: replace BUG_ON with error handling code"
- Revert "gdrom: fix a memory leak bug"
- cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
- cdrom: gdrom: ini...