Publishing details
Superseded
on 2018-06-11
by linux - 4.15.0-23.25
Published
on 2018-05-22
Copied from
ubuntu bionic in
Canonical Kernel Security PPA
by Andy Whitcroft
Changelog
linux (4.15.0-22.24) bionic; urgency=medium
* CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
* CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
* LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263 ) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values
linux (4.15.0-21.22) bionic; urgency=medium
* linux: 4.15.0-21.22 -proposed tracker (LP: #1767397 )
* initramfs-tools exception during pm.DoInstall with do-release-upgrade from
16.04 to 18.04 (LP: #1766727 )
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
* linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133 )
- Packaging: Depends on linux-base that provides the necessary tools
* linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629 )
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)
-- Stefan Bader <email address hidden> Tue, 15 May 2018 07:41:28 +0200
Builds
Built packages
block-modules-4.15.0-22-generic-di
Block storage devices
block-modules-4.15.0-22-generic-lpae-di
Block storage devices
block-modules-4.15.0-22-snapdragon-di
Block storage devices
crypto-modules-4.15.0-22-generic-di
crypto modules
crypto-modules-4.15.0-22-generic-lpae-di
crypto modules
crypto-modules-4.15.0-22-snapdragon-di
crypto modules
dasd-extra-modules-4.15.0-22-generic-di
DASD storage support -- extras
dasd-modules-4.15.0-22-generic-di
DASD storage support
fat-modules-4.15.0-22-generic-di
FAT filesystem support
fat-modules-4.15.0-22-generic-lpae-di
FAT filesystem support
fat-modules-4.15.0-22-snapdragon-di
FAT filesystem support
fb-modules-4.15.0-22-generic-di
Framebuffer modules
firewire-core-modules-4.15.0-22-generic-di
Firewire (IEEE-1394) Support
floppy-modules-4.15.0-22-generic-di
Floppy driver support
fs-core-modules-4.15.0-22-generic-di
Base filesystem modules
fs-core-modules-4.15.0-22-generic-lpae-di
Base filesystem modules
fs-core-modules-4.15.0-22-snapdragon-di
Base filesystem modules
fs-secondary-modules-4.15.0-22-generic-di
Extra filesystem modules
fs-secondary-modules-4.15.0-22-generic-lpae-di
Extra filesystem modules
fs-secondary-modules-4.15.0-22-snapdragon-di
Extra filesystem modules
input-modules-4.15.0-22-generic-di
Support for various input methods
input-modules-4.15.0-22-generic-lpae-di
Support for various input methods
input-modules-4.15.0-22-snapdragon-di
Support for various input methods
ipmi-modules-4.15.0-22-generic-di
ipmi modules
ipmi-modules-4.15.0-22-generic-lpae-di
ipmi modules
ipmi-modules-4.15.0-22-snapdragon-di
ipmi modules
irda-modules-4.15.0-22-generic-di
Support for Infrared protocols
irda-modules-4.15.0-22-generic-lpae-di
Support for Infrared protocols
irda-modules-4.15.0-22-snapdragon-di
Support for Infrared protocols
kernel-image-4.15.0-22-generic-di
kernel image and system map
kernel-image-4.15.0-22-generic-lpae-di
kernel image and system map
kernel-image-4.15.0-22-snapdragon-di
kernel image and system map
linux-cloud-tools-4.15.0-22
Linux kernel version specific cloud tools for version 4.15.0-22
linux-cloud-tools-4.15.0-22-dbgsym
debug symbols for linux-cloud-tools-4.15.0-22
linux-cloud-tools-4.15.0-22-generic
Linux kernel version specific cloud tools for version 4.15.0-22
linux-cloud-tools-4.15.0-22-lowlatency
Linux kernel version specific cloud tools for version 4.15.0-22
linux-cloud-tools-common
Linux kernel version specific cloud tools for version 4.15.0
linux-doc
Linux kernel specific documentation for version 4.15.0
linux-headers-4.15.0-22
Header files related to Linux kernel version 4.15.0
linux-headers-4.15.0-22-generic
Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
linux-headers-4.15.0-22-generic-lpae
Linux kernel headers for version 4.15.0 on ARM (hard float) SMP
linux-headers-4.15.0-22-lowlatency
Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
linux-headers-4.15.0-22-snapdragon
Linux kernel headers for version 4.15.0 on ARMv8 SMP
linux-image-4.15.0-22-generic
Linux kernel image for version 4.15.0 on ARMv8 SMP
linux-image-4.15.0-22-generic-dbgsym
Linux kernel debug image for version 4.15.0 on ARMv8 SMP
linux-image-4.15.0-22-generic-lpae
Linux kernel image for version 4.15.0 on ARM (hard float) SMP
linux-image-4.15.0-22-generic-lpae-dbgsym
Linux kernel debug image for version 4.15.0 on ARM (hard float) SMP
linux-image-4.15.0-22-lowlatency
Linux kernel image for version 4.15.0 on 32 bit x86 SMP
linux-image-4.15.0-22-lowlatency-dbgsym
Linux kernel debug image for version 4.15.0 on 32 bit x86 SMP
linux-image-4.15.0-22-snapdragon
Linux kernel image for version 4.15.0 on ARMv8 SMP
linux-image-4.15.0-22-snapdragon-dbgsym
Linux kernel debug image for version 4.15.0 on ARMv8 SMP
linux-image-unsigned-4.15.0-22-generic
Linux kernel image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-22-generic-dbgsym
Linux kernel debug image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-22-lowlatency
Linux kernel image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-22-lowlatency-dbgsym
Linux kernel debug image for version 4.15.0 on 64 bit x86 SMP
linux-modules-4.15.0-22-generic
Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
linux-modules-4.15.0-22-generic-lpae
Linux kernel extra modules for version 4.15.0 on ARM (hard float) SMP
linux-modules-4.15.0-22-lowlatency
Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
linux-modules-4.15.0-22-snapdragon
Linux kernel extra modules for version 4.15.0 on ARMv8 SMP
linux-modules-extra-4.15.0-22-generic
Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
linux-source-4.15.0
Linux kernel source for version 4.15.0 with Ubuntu patches
linux-tools-4.15.0-22
Linux kernel version specific tools for version 4.15.0-22
linux-tools-4.15.0-22-dbgsym
debug symbols for linux-tools-4.15.0-22
linux-tools-4.15.0-22-generic
Linux kernel version specific tools for version 4.15.0-22
linux-tools-4.15.0-22-generic-lpae
Linux kernel version specific tools for version 4.15.0-22
linux-tools-4.15.0-22-lowlatency
Linux kernel version specific tools for version 4.15.0-22
linux-tools-4.15.0-22-snapdragon
Linux kernel version specific tools for version 4.15.0-22
linux-tools-common
Linux kernel version specific tools for version 4.15.0
linux-tools-host
Linux kernel VM host tools
md-modules-4.15.0-22-generic-di
Multi-device support (raid, device-mapper, lvm)
md-modules-4.15.0-22-generic-lpae-di
Multi-device support (raid, device-mapper, lvm)
md-modules-4.15.0-22-snapdragon-di
Multi-device support (raid, device-mapper, lvm)
message-modules-4.15.0-22-generic-di
Fusion and i2o storage modules
message-modules-4.15.0-22-snapdragon-di
Fusion and i2o storage modules
mouse-modules-4.15.0-22-generic-di
Mouse support
mouse-modules-4.15.0-22-generic-lpae-di
Mouse support
mouse-modules-4.15.0-22-snapdragon-di
Mouse support
multipath-modules-4.15.0-22-generic-di
DM-Multipath support
multipath-modules-4.15.0-22-generic-lpae-di
DM-Multipath support
multipath-modules-4.15.0-22-snapdragon-di
DM-Multipath support
nfs-modules-4.15.0-22-generic-di
NFS filesystem drivers
nfs-modules-4.15.0-22-generic-lpae-di
NFS filesystem drivers
nfs-modules-4.15.0-22-snapdragon-di
NFS filesystem drivers
nic-modules-4.15.0-22-generic-di
Network interface support
nic-modules-4.15.0-22-generic-lpae-di
Network interface support
nic-modules-4.15.0-22-snapdragon-di
Network interface support
nic-pcmcia-modules-4.15.0-22-generic-di
PCMCIA network interface support
nic-shared-modules-4.15.0-22-generic-di
nic shared modules
nic-shared-modules-4.15.0-22-generic-lpae-di
nic shared modules
nic-shared-modules-4.15.0-22-snapdragon-di
nic shared modules
nic-usb-modules-4.15.0-22-generic-di
USB network interface support
nic-usb-modules-4.15.0-22-generic-lpae-di
USB network interface support
nic-usb-modules-4.15.0-22-snapdragon-di
USB network interface support
parport-modules-4.15.0-22-generic-di
Parallel port support
parport-modules-4.15.0-22-generic-lpae-di
Parallel port support
parport-modules-4.15.0-22-snapdragon-di
Parallel port support
pata-modules-4.15.0-22-generic-di
PATA support modules
pcmcia-modules-4.15.0-22-generic-di
PCMCIA Modules
pcmcia-storage-modules-4.15.0-22-generic-di
PCMCIA storage support
plip-modules-4.15.0-22-generic-di
PLIP (parallel port) networking support
plip-modules-4.15.0-22-generic-lpae-di
PLIP (parallel port) networking support
plip-modules-4.15.0-22-snapdragon-di
PLIP (parallel port) networking support
ppp-modules-4.15.0-22-generic-di
PPP (serial port) networking support
ppp-modules-4.15.0-22-generic-lpae-di
PPP (serial port) networking support
ppp-modules-4.15.0-22-snapdragon-di
PPP (serial port) networking support
sata-modules-4.15.0-22-generic-di
SATA storage support
sata-modules-4.15.0-22-generic-lpae-di
SATA storage support
sata-modules-4.15.0-22-snapdragon-di
SATA storage support
scsi-modules-4.15.0-22-generic-di
SCSI storage support
scsi-modules-4.15.0-22-generic-lpae-di
SCSI storage support
scsi-modules-4.15.0-22-snapdragon-di
SCSI storage support
serial-modules-4.15.0-22-generic-di
Serial port support
storage-core-modules-4.15.0-22-generic-di
Core storage support
storage-core-modules-4.15.0-22-generic-lpae-di
Core storage support
storage-core-modules-4.15.0-22-snapdragon-di
Core storage support
usb-modules-4.15.0-22-generic-di
Core USB support
usb-modules-4.15.0-22-generic-lpae-di
Core USB support
usb-modules-4.15.0-22-snapdragon-di
Core USB support
virtio-modules-4.15.0-22-generic-di
VirtIO Modules
virtio-modules-4.15.0-22-snapdragon-di
VirtIO Modules
vlan-modules-4.15.0-22-generic-di
vlan modules
vlan-modules-4.15.0-22-generic-lpae-di
vlan modules
vlan-modules-4.15.0-22-snapdragon-di
vlan modules
Package files