Change log for linux-raspi2 package in Ubuntu
| 1 → 50 of 432 results | First • Previous • Next • Last |
| Published in bionic-security |
| Published in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1134.142) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1134.142 -proposed tracker (LP: #2024230) * Packaging resync (LP: #1786013) - [Packaging] resync update-dkms-versions helper [ Ubuntu: 4.15.0-213.224 ] * bionic/linux: 4.15.0-213.224 -proposed tracker (LP: #2024234) * Kernel warning after upgrade to 4.15.0.211.194 (LP: #2020279) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). -- Manuel Diewald <email address hidden> Wed, 21 Jun 2023 11:35:19 +0200
linux-raspi2 (4.15.0-1133.141) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1133.141 -proposed tracker (LP: #2019704) * Packaging resync (LP: #1786013) - [Packaging] resync getabis - [Packaging] resync git-ubuntu-log [ Ubuntu: 4.15.0-212.223 ] * bionic/linux: 4.15.0-212.223 -proposed tracker (LP: #2019708) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts * CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * CVE-2023-31436 - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg * CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-2023-30456 - KVM: nVMX: add missing consistency checks for CR0 and CR4 -- Manuel Diewald <email address hidden> Fri, 26 May 2023 16:05:28 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1132.140) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1132.140 -proposed tracker (LP: #2016619) [ Ubuntu: 4.15.0-211.222 ] * bionic/linux: 4.15.0-211.222 -proposed tracker (LP: #2016623) * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498) - [Debian] autoreconstruct - fix restoration of execute permissions * kernel: fix __clear_user() inline assembly constraints (LP: #2013088) - s390/uaccess: add missing earlyclobber annotations to __clear_user() * Fix selftests/ftracetests/Meta-selftests (LP: #2006453) - selftests/ftrace: Fix bash specific "==" operator * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) - firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() - netrom: Fix use-after-free caused by accept on already connected socket - squashfs: harden sanity check in squashfs_read_xattr_id_table - sctp: do not check hb_timer.expires when resetting hb_timer - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new - scsi: target: core: Fix warning on RT kernels - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress - net/x25: Fix to not accept on connected socket - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait - fbcon: Check font dimension limits - watchdog: diag288_wdt: do not use stack buffers for hardware data - watchdog: diag288_wdt: fix __diag288() inline assembly - efi: Accept version 2 of memory attributes table - iio: hid: fix the retval in accel_3d_capture_sample - iio: adc: berlin2-adc: Add missing of_node_put() in error path - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others - parisc: Fix return code of pdc_iodc_print() - parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps - mm/swapfile: add cond_resched() in get_swap_pages() - Squashfs: fix handling and sanity checking of xattr_ids count - serial: 8250_dma: Fix DMA Rx completion race - serial: 8250_dma: Fix DMA Rx rearm race - btrfs: limit device extents to the device size - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control() - ALSA: pci: lx6464es: fix a debug loop - pinctrl: aspeed: Fix confusing types in return value - pinctrl: single: fix potential NULL dereference - net: USB: Fix wrong-direction WARNING in plusb.c - usb: core: add quirk for Alcor Link AK9563 smartcard reader - migrate: hugetlb: check for hugetlb shared PMD in node migration - tools/virtio: fix the vringh test for virtio ring changes - net/rose: Fix to not accept on connected socket - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association - aio: fix mremap after fork null-deref - mmc: sdio: fix possible resource leaks in some error paths - ALSA: hda/conexant: add a new hda codec SN6180 - hugetlb: check for undefined shift on 32 bit architectures - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table" - i40e: add double of VLAN header when computing the max MTU - net: bgmac: fix BCM5358 support by setting correct flags - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path - net: stmmac: Restrict warning on disabling DMA store and fwd mode - ipv6: Fix datagram socket connection with DSCP. - ipv6: Fix tcp socket connection with DSCP. - i40e: Add checking for null for nlmsg_find_attr() - kvm: initialize all of the kvm_debugregs structure before sending it to userspace - nilfs2: fix underflow in second superblock position calculations - ata: libata: Fix sata_down_spd_limit() when no link speed is reported - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF - thermal: intel: int340x: Protect trip temperature from concurrent updates - iio:adc:twl6030: Enable measurement of VAC - IB/hfi1: Restore allocated resources on failed copyout - net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY - riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte - arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive - wifi: rtl8xxxu: gen2: Turn on the rate control - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G - random: always mix cycle counter in add_latent_entropy() - powerpc: dts: t208x: Disable 10G on MAC1 and MAC2 - alarmtimer: Prevent starvation by small intervals and SIG_IGN - uaccess: Add speculation barrier to copy_from_user() - wifi: mwifiex: Add missing compatible string for SD8787 - bpf: add missing header file include - vc_screen: don't clobber return value in vcs_read - dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() -- Manuel Diewald <email address hidden> Mon, 01 May 2023 17:04:35 +0200
Available diffs
linux-raspi2 (4.15.0-1131.139) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1131.139 -proposed tracker (LP: #2016734) * CVE-2023-1829 - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available [ Ubuntu: 4.15.0-210.221 ] * bionic/linux: 4.15.0-210.221 -proposed tracker (LP: #2016738) * CVE-2023-1829 - net/sched: Retire tcindex classifier - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available -- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 25 Apr 2023 18:45:26 -0300
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1130.138) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1130.138 -proposed tracker (LP: #2011985) [ Ubuntu: 4.15.0-209.220 ] * bionic/linux: 4.15.0-209.220 -proposed tracker (LP: #2011989) * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * CVE-2023-1281 - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - net/sched: tcindex: update imperfect hash filters respecting rcu * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) - pNFS/filelayout: Fix coalescing test for single DS - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats - RDMA/srp: Move large values to a new enum for gcc13 - f2fs: let's avoid panic if extent_tree is not created - nilfs2: fix general protection fault in nilfs_btree_insert() - xhci-pci: set the dma max_seg_size - usb: xhci: Check endpoint is valid before dereferencing it - prlimit: do_prlimit needs to have a speculation check - USB: serial: option: add Quectel EM05-G (GR) modem - USB: serial: option: add Quectel EM05-G (CS) modem - USB: serial: option: add Quectel EM05-G (RS) modem - USB: serial: option: add Quectel EC200U modem - USB: serial: option: add Quectel EM05CN (SG) modem - USB: serial: option: add Quectel EM05CN modem - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 - usb: core: hub: disable autosuspend for TI TUSB8041 - USB: serial: cp210x: add SCALANCE LPE-9000 device id - usb: host: ehci-fsl: Fix module alias - usb: gadget: g_webcam: Send color matching descriptor per frame - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 - serial: pch_uart: Pass correct sg to dma_unmap_sg() - serial: atmel: fix incorrect baudrate setup - gsmi: fix null-deref in gsmi_get_variable - comedi: adv_pci1760: Fix PWM instruction handling - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' - HID: intel_ish-hid: Add check for ishtp_dma_tx_map - EDAC/highbank: Fix memory leak in highbank_mc_probe() - tomoyo: fix broken dependency on *.conf.default - IB/hfi1: Reject a zero-length user expected buffer - IB/hfi1: Reserve user expected TIDs - affs: initialize fsdata in affs_truncate() - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() - net: nfc: Fix use-after-free in local_cleanup() - net: usb: sr9700: Handle negative len - net: mdio: validate parameter addr in mdiobus_get_phy() - HID: check empty report_list in hid_validate_values() - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request - net: mlx5: eliminate anonymous module_init & module_exit - dmaengine: Fix double increment of client_count in dma_chan_get() - HID: betop: check shape of output reports - w1: fix deadloop in __w1_remove_master_device() - w1: fix WARNING after calling w1_process() - fs: reiserfs: remove useless new_opts in reiserfs_remount - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed - scsi: hpsa: Fix allocation size for scsi_host_alloc() - module: Don't wait for GOING modules - tracing: Make sure trace_printk() can output as soon as it can be used - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment - EDAC/device: Respect any driver-supplied workqueue polling value - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around sk_state - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE - netrom: Fix use-after-free of a listening socket. - sctp: fail if no bound addresses can be used for a given scope - net: ravb: Fix possible hang if RIS2_QFF1 happen - net/tg3: resolve deadlock in tg3_reset_task() during EEH - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode" - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - xen: Fix up build warning with xen_init_time_ops() reference - x86/asm: Fix an assembler warning with current binutils - x86/entry/64: Add instruction suffix to SYSRET - sysctl: add a new register_sysctl_init() interface - panic: unset panic_on_warn inside panic() - exit: Add and use make_task_dead. - objtool: Add a missing comma to avoid string concatenation - hexagon: Fix function name in die() - h8300: Fix build errors from do_exit() to make_task_dead() transition - ia64: make IA64_MCA_RECOVERY bool instead of tristate - exit: Put an upper limit on how often we can oops - exit: Expose "oops_count" to sysfs - exit: Allow oops_limit to be disabled - panic: Consolidate open-coded panic_on_warn checks - panic: Introduce warn_limit - panic: Expose "warn_count" to sysfs - exit: Use READ_ONCE() for all oops/warn limit reads - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags - ipv6: ensure sane device mtu in tunnels - usb: host: xhci-plat: add wakeup entry at sysfs - amd-xgbe: Delay AN timeout during KR training - tcp: avoid the lookup process failing to get sk in ehash table - net: fix UaF in netns ops registration error path - netlink: annotate data races around nlk->portid - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Fix force-passing unreliable subtest [ Ubuntu: 4.15.0-208.219 ] * bionic/linux: 4.15.0-208.219 -proposed tracker (LP: #2012097) * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325) - NFS: Correct timing for assigning access cache timestamp -- Manuel Diewald <email address hidden> Thu, 30 Mar 2023 15:00:24 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1129.137) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1129.137 -proposed tracker (LP: #2008415) [ Ubuntu: 4.15.0-207.218 ] * bionic/linux: 4.15.0-207.218 -proposed tracker (LP: #2008419) * rtcpie in timers from ubuntu_kernel_selftests randomly failing (LP: #1814234) - SAUCE: selftest: rtctest: Force passing unreliable subtest * btrfs/154: rename fails with EOVERFLOW when calculating item size during item key collision (LP: #2004132) - btrfs: correctly calculate item size used when item key collision happens * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) - libtraceevent: Fix build with binutils 2.35 - once: Fix panic when module unload - once: add DO_ONCE_SLOW() for sleepable contexts - mm/khugepaged: fix GUP-fast interaction by sending IPI - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths - block: unhash blkdev part inode when the part is deleted - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() - can: sja1000: fix size of OCR_MODE_MASK define - can: mcba_usb: Fix termination command argument - ASoC: ops: Correct bounds check for second channel on SX controls - perf script python: Remove explicit shebang from tests/attr.c - udf: Discard preallocation before extending file with a hole - udf: Drop unused arguments of udf_delete_aext() - udf: Fix preallocation discarding at indirect extent boundary - udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size - udf: Fix extending file within last block - usb: gadget: uvc: Prevent buffer overflow in setup handler - USB: serial: option: add Quectel EM05-G modem - USB: serial: cp210x: add Kamstrup RF sniffer PIDs - igb: Initialize mailbox message for VF reset - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type - usb: musb: remove extra check in musb_gadget_vbus_draw - ARM: dts: qcom: apq8064: fix coresight compatible - drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static - arm: dts: spear600: Fix clcd interrupt - soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe - arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name - ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port - ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port - ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port - ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port - ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port - ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port - ARM: dts: turris-omnia: Add ethernet aliases - ARM: dts: turris-omnia: Add switch port 6 node - pstore/ram: Fix error return code in ramoops_probe() - ARM: mmp: fix timer_read delay - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP - tpm/tpm_crb: Fix error message in __crb_relinquish_locality() - cpuidle: dt: Return the correct numbers of parsed idle states - alpha: fix syscall entry in !AUDUT_SYSCALL case - PM: hibernate: Fix mistake in kerneldoc comment - fs: don't audit the capability check in simple_xattr_list() - perf: Fix possible memleak in pmu_dev_alloc() - timerqueue: Use rb_entry_safe() in timerqueue_getnext() - ocfs2: fix memory leak in ocfs2_stack_glue_init() - MIPS: vpe-mt: fix possible memory leak while module exiting - MIPS: vpe-cmp: fix possible memory leak while module exiting - PNP: fix name memory leak in pnp_alloc_dev() - irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe() - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value - lib/notifier-error-inject: fix error when writing -errno to debugfs file - rapidio: fix possible name leaks when rio_add_device() fails - rapidio: rio: fix possible name leak in rio_register_mport() - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix - x86/xen: Fix memory leak in xen_init_lock_cpu() - platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() - MIPS: BCM63xx: Add check for NULL for clk in clk_enable - fs: sysv: Fix sysv_nblocks() returns wrong value - rapidio: fix possible UAF when kfifo_alloc() fails - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD - hfs: Fix OOB Write in hfs_asc2mac - rapidio: devices: fix missing put_device in mport_cdev_open - wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() - media: i2c: ad5820: Fix error path - spi: Update reference to struct spi_controller - media: vivid: fix compose size exceed boundary - mtd: Fix device name leak when register device failed in add_mtd_device() - media: camss: Clean up received buffers on failed start of streaming - drm/radeon: Add the missed acpi_put_table() to fix memory leak - ASoC: pxa: fix null-pointer dereference in filter() - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() - ima: Fix misuse of dereference of pointer in template_desc_init_fields() - wifi: ath10k: Fix return value in ath10k_pci_init() - mtd: lpddr2_nvm: Fix possible null-ptr-deref - Input: elants_i2c - properly handle the reset GPIO when power is off - media: solo6x10: fix possible memory leak in solo_sysfs_init() - media: platform: exynos4-is: Fix error handling in fimc_md_init() - HID: hid-sensor-custom: set fixed size for custom attributes - ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT - clk: rockchip: Fix memory leak in rockchip_clk_register_pll() - mtd: maps: pxa2xx-flash: fix memory leak in probe - media: imon: fix a race condition in send_packet() - pinctrl: pinconf-generic: add missing of_node_put() - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() - media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC - NFSv4.2: Fix a memory stomp in decode_attr_security_label - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn - ALSA: asihpi: fix missing pci_disable_device() - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() - ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe - bonding: uninitialized variable in bond_miimon_inspect() - regulator: core: fix module refcount leak in set_supply() - media: saa7164: fix missing pci_disable_device() - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt - SUNRPC: Fix missing release socket in rpc_sockname() - NFSv4.x: Fail client initialisation if state manager thread can't run - mmc: moxart: fix return value check of mmc_add_host() - mmc: mxcmmc: fix return value check of mmc_add_host() - mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() - mmc: toshsd: fix return value check of mmc_add_host() - mmc: vub300: fix return value check of mmc_add_host() - mmc: wmt-sdmmc: fix return value check of mmc_add_host() - mmc: via-sdmmc: fix return value check of mmc_add_host() - mmc: wbsd: fix return value check of mmc_add_host() - mmc: mmci: fix return value check of mmc_add_host() - media: c8sectpfe: Add of_node_put() when breaking out of loop - media: coda: Add check for dcoda_iram_alloc - media: coda: Add check for kmalloc - clk: samsung: Fix memory leak in _samsung_clk_register_pll() - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() - blktrace: Fix output non-blktrace event when blk_classic option enabled - net: vmw_vsock: vmci: Check memcpy_from_msg() - net: defxx: Fix missing err handling in dfx_init() - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave() - net: farsync: Fix kmemleak when rmmods farsync - net/tunnel: wait until all sk_user_data reader finish before releasing the sock - net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave() - net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave() - net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave() - net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave() - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave() - net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave() - net: amd-xgbe: Check only the minimum speed for active/passive cables - net: lan9303: Fix read error execution path - ntb_netdev: Use dev_kfree_skb_any() in interrupt context - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave() - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave() - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave() - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave() - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave() - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave() - stmmac: fix potential division by 0 - apparmor: fix a memleak in multi_transaction_new() - PCI: Check for alloc failure in pci_request_irq() - RDMA/hfi: Decrease PCI device reference count in error path - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed - scsi: hpsa: Fix error handling in hpsa_add_sas_host() - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() - scsi: fcoe: Fix possible name leak when device_register() fails - scsi: ipr: Fix WARNING in ipr_init() - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails - scsi: snic: Fix possible UAF in snic_tgt_create() - RDMA/hfi1: Fix error return code in parse_platform_config() - orangefs: Fix sysfs not cleanup when dev init failed - crypto: img-hash - Fix variable dereferenced before check 'hdev->req' - hwrng: amd - Fix PCI device refcount leak - hwrng: geode - Fix PCI device refcount leak - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces - drivers: dio: fix possible memory leak in dio_init() - class: fix possible memory leak in __class_register() - vfio: platform: Do not pass return buffer to ACPI _RST method - uio: uio_dmem_genirq: Fix missing unlock in irq configuration - uio: uio_dmem_genirq: Fix deadlock between irq config and handling - usb: fotg210-udc: Fix ages old endianness issues - staging: vme_user: Fix possible UAF in tsi148_dma_list_add - serial: amba-pl011: avoid SBSA UART accessing DMACR register - serial: pch: Fix PCI device refcount leak in pch_request_dma() - serial: sunsab: Fix error handling in sunsab_init() - test_firmware: fix memory leak in test_firmware_init() - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os - cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() - cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() - drivers: mcb: fix resource leak in mcb_probe() - mcb: mcb-parse: fix error handing in chameleon_parse_gdd() - chardev: fix error handling in cdev_device_add() - i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe - staging: rtl8192u: Fix use after free in ieee80211_rx() - staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() - vme: Fix error not catched in fake_init() - i2c: ismt: Fix an out-of-bounds bug in ismt_access() - usb: storage: Add check for kcalloc - fbdev: ssd1307fb: Drop optional dependency - fbdev: pm2fb: fix missing pci_disable_device() - fbdev: via: Fix error in via_core_init() - fbdev: vermilion: decrease reference count in error path - fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() - HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() - HSI: omap_ssi_core: fix possible memory leak in ssi_probe() - power: supply: fix residue sysfs file in error handle route of __power_supply_register() - HSI: omap_ssi_core: Fix error handling in ssi_init() - include/uapi/linux/swab: Fix potentially missing __always_inline - rtc: snvs: Allow a time difference on clock register read - iommu/amd: Fix pci device refcount leak in ppr_notifier() - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() - macintosh: fix possible memory leak in macio_add_one_device() - macintosh/macio-adb: check the return value of ioremap() - powerpc/52xx: Fix a resource leak in an error handling path - cxl: Fix refcount leak in cxl_calc_capp_routing - powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() - powerpc/perf: callchain validate kernel stack pointer bounds - powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in of_fsl_spi_probe() - powerpc/hv-gpci: Fix hv_gpci event list - selftests/powerpc: Fix resource leaks - rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() - nfc: pn533: Clear nfc_target before being used - r6040: Fix kmemleak in probe and remove - openvswitch: Fix flow lookup to use unmasked key - skbuff: Account for tail adjustment during pull operations - net_sched: reject TCF_EM_SIMPLE case for complex ematch module - myri10ge: Fix an error handling path in myri10ge_probe() - net: stream: purge sk_error_queue in sk_stream_kill_queues() - binfmt_misc: fix shift-out-of-bounds in check_special_flags - fs: jfs: fix shift-out-of-bounds in dbAllocAG - udf: Avoid double brelse() in udf_rename() - fs: jfs: fix shift-out-of-bounds in dbDiscardAG - ACPICA: Fix error code path in acpi_ds_call_control_method() - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() - acct: fix potential integer overflow in encode_comp_t() - hfs: fix OOB Read in __hfs_brec_find - wifi: ath9k: verify the expected usb_endpoints are present - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out - ASoC: codecs: rt298: Add quirk for KBL-R RVP platform - ipmi: fix memleak when unload ipmi driver - bpf: make sure skb->len != 0 when redirecting to a tunneling device - net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() - hamradio: baycom_epp: Fix return type of baycom_send_packet() - wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() - igb: Do not free q_vector unless new one was allocated - s390/ctcm: Fix return type of ctc{mp,}m_tx() - s390/netiucv: Fix return type of netiucv_tx() - s390/lcs: Fix return type of lcs_start_xmit() - drm/sti: Use drm_mode_copy() - md/raid1: stop mdx_raid1 thread when raid1 array run failed - mrp: introduce active flags to prevent UAF when applicant uninit - ppp: associate skb with a device at tx - media: dvb-frontends: fix leak of memory fw - media: dvbdev: adopts refcnt to avoid UAF - media: dvb-usb: fix memory leak in dvb_usb_adapter_init() - blk-mq: fix possible memleak when register 'hctx' failed - mmc: f-sdh30: Add quirks for broken timeout clock capability - media: si470x: Fix use-after-free in si470x_int_in_callback() - clk: st: Fix memory leak in st_of_quadfs_setup() - drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() - drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() - ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() - ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() - ASoC: wm8994: Fix potential deadlock - ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() - ASoC: rt5670: Remove unbalanced pm_runtime_put() - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES - usb: dwc3: core: defer probe on ulpi_read_id timeout - HID: wacom: Ensure bootloader PID is usable in hidraw mode - reiserfs: Add missing calls to reiserfs_security_free() - iio: adc: ad_sigma_delta: do not use internal iio_dev lock - gcov: add support for checksum field - media: dvbdev: fix refcnt bug - powerpc/rtas: avoid device tree lookups in rtas_os_term() - powerpc/rtas: avoid scheduling in rtas_os_term() - HID: plantronics: Additional PIDs for double volume key presses quirk - hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount - ALSA: line6: correct midi status byte when receiving data from podxt - ALSA: line6: fix stack overflow in line6_midi_transmit - pnode: terminate at peers of source - md: fix a crash in mempool_free - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak - media: stv0288: use explicitly signed char - ktest.pl minconfig: Unset configs instead of just removing them - ARM: ux500: do not directly dereference __iomem - selftests: Use optional USERCFLAGS and USERLDFLAGS - dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort - dm thin: Use last transaction's pmd->root when commit failed - dm thin: Fix UAF in run_timer_softirq() - dm cache: Fix UAF in destroy() - dm cache: set needs_check flag after aborting metadata - x86/microcode/intel: Do not retry microcode reloading on the APs - tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line - ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod - media: dvb-core: Fix double free in dvb_register_device() - cifs: fix confusing debug message - ima: Fix a potential NULL pointer access in ima_restore_measurement_list - PCI: Fix pci_device_is_present() for VFs by checking PF - PCI/sysfs: Fix double free in error path - crypto: n2 - add missing hash statesize - iommu/amd: Fix ivrs_acpihid cmdline parsing code - parisc: led: Fix potential null-ptr-deref in start_task() - device_cgroup: Roll back to original exceptions after copy failure - drm/connector: send hotplug uevent on connector cleanup - drm/vmwgfx: Validate the box size for the snooped cursor - ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop - ext4: fix undefined behavior in bit shift for ext4_check_flag_values - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode - ext4: init quota for 'old.inode' in 'ext4_rename' - ext4: fix error code return to user-space in ext4_get_branch() - ext4: avoid BUG_ON when creating xattrs - ext4: fix inode leak in ext4_xattr_inode_create() on an error path - ext4: initialize quota before expanding inode in setproject ioctl - ext4: avoid unaccounted block allocation when expanding inode - ext4: allocate extended attribute value in vmalloc area - SUNRPC: ensure the matching upcall is in-flight upon downcall - bpf: pull before calling skb_postpull_rcsum() - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure - nfc: Fix potential resource leaks - net: amd-xgbe: add missed tasklet_kill - net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe - net: sched: atm: dont intepret cls results when asked to drop - usb: rndis_host: Secure rndis_query check against int overflow - caif: fix memory leak in cfctrl_linkup_request() - udf: Fix extension of the last extent in the file - nfsd: fix handling of readdir in v4root vs. mount upcall timeout - hfs/hfsplus: use WARN_ON for sanity check - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling - parisc: Align parisc MADV_XXX constants with all other architectures - driver core: Fix bus_type.match() error handling in __driver_attach() - ravb: Fix "failed to switch device to config mode" message during unbind - net: sched: disallow noqueue for qdisc classes - docs: Fix the docs build with Sphinx 6.0 - perf auxtrace: Fix address filter duplicate symbol selection - s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() - platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight during probe - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. - x86/boot: Avoid using Intel mnemonics in AT&T syntax asm - EDAC/device: Fix period calculation in edac_device_reset_delay_period() - regulator: da9211: Use irq handler when ready - hvc/xen: lock console list traversal - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout" - selftests/ftrace: event_triggers: wait longer for test_event_enable - debugfs: fix error when writing negative value to atomic_t debugfs file - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() - relay: fix type mismatch when allocating memory in relay_create_buf() - wifi: rtl8xxxu: Fix reading the vendor of combo chips - media: dvb-core: Fix ignored return value in dvb_register_frontend() - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails - mmc: atmel-mci: fix return value check of mmc_add_host() - mmc: meson-gx: fix return value check of mmc_add_host() - net: amd-xgbe: Fix logic around active and passive cables - apparmor: fix lockdep warning when removing a namespace - scsi: hpsa: Fix possible memory leak in hpsa_init_one() - serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. - serial: altera_uart: fix locking in polling mode - usb: gadget: f_hid: fix refcount leak on error path - perf symbol: correction while adjusting symbol - rxrpc: Fix missing unlock in rxrpc_do_sendmsg() - media: dvbdev: fix build warning due to comments - ata: ahci: Fix PCS quirk application for suspend - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails - binfmt: Fix error return code in load_elf_fdpic_binary() - ext4: fix corruption when online resizing a 1K bigalloc fs - media: s5p-mfc: Fix to handle reference queue during finishing - media: s5p-mfc: Clear workbit to handle error condition - media: s5p-mfc: Fix in register read and write for H264 - dm thin: resume even if in FAIL mode - mbcache: don't reclaim used entries - ext4: remove EA inode entry from mbcache on inode eviction - usb: ulpi: defer ulpi_register on ulpi_read_id timeout - net/mlx5: Fix ptp max frequency adjustment range - drm/virtio: Fix GEM handle creation UAF - arm64: cmpxchg_double*: hazard against entire exchange variable * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0266 was assigned for this issue. - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. - media: dvb-core: Fix UAF due to refcount races at releasing * CVE-2023-23559 - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid * CVE-2023-0045 - x86/bugs: Flush IBP in ib_prctl_set() -- Manuel Diewald <email address hidden> Thu, 09 Mar 2023 12:33:19 +0100
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1128.136) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1128.136 -proposed tracker (LP: #2004410) [ Ubuntu: 4.15.0-206.217 ] * bionic/linux: 4.15.0-206.217 -proposed tracker (LP: #2004655) * CVE-2023-0461 - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461 [ Ubuntu: 4.15.0-205.216 ] * bionic/linux: 4.15.0-205.216 -proposed tracker (LP: #2004414) * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot - nfs4: Fix kmemleak when allocate slot failed - net: dsa: Fix possible memory leaks in dsa_loop_init() - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() - net: fec: fix improper use of NETDEV_TX_BUSY - ata: pata_legacy: fix pdc20230_set_piomode() - net: sched: Fix use after free in red_enqueue() - ipvs: use explicitly signed chars - rose: Fix NULL pointer dereference in rose_send_frame() - mISDN: fix possible memory leak in mISDN_register_device() - isdn: mISDN: netjet: fix wrong check of device registration - btrfs: fix inode list leak during backref walking at resolve_indirect_refs() - btrfs: fix ulist leaks in error paths of qgroup self tests - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() - net: mdio: fix undefined behavior in bit shift for __mdiobus_register - net, neigh: Fix null-ptr-deref in neigh_table_clear() - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE - media: dvb-frontends/drxk: initialize err to 0 - i2c: xiic: Add platform module alias - Bluetooth: L2CAP: Fix attempting to access uninitialized memory - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' - btrfs: fix type of parameter generation in btrfs_get_dentry - tcp/udp: Make early_demux back namespacified. - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices - efi: random: reduce seed size to 32 bytes - parisc: Make 8250_gsc driver dependend on CONFIG_PARISC - parisc: Export iosapic_serial_irq() symbol for serial port driver - ext4: fix warning in 'ext4_da_release_space' - KVM: x86: Mask off reserved bits in CPUID.80000008H - KVM: x86: emulator: em_sysexit should update ctxt->mode - KVM: x86: emulator: introduce emulator_recalc_and_set_mode - KVM: x86: emulator: update the emulation mode after CR0 write - linux/const.h: prefix include guard of uapi/linux/const.h with _UAPI - linux/const.h: move UL() macro to include/linux/const.h - linux/bits.h: make BIT(), GENMASK(), and friends available in assembly - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() - net: tun: fix bugs for oversize packet when napi frags enabled - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() - ipv6: fix WARNING in ip6_route_net_exit_late() - parisc: Avoid printing the hardware path twice - HID: hyperv: fix possible memory leak in mousevsc_probe() - net: gso: fix panic on frag_list with mixed head alloc types - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer - net: fman: Unregister ethernet device on removal - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - net: lapbether: fix issue of dev reference count leakage in lapbeth_device_event() - hamradio: fix issue of dev reference count leakage in bpq_device_event() - drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header - dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() - drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() - ethernet: s2io: disable napi when start nic failed in s2io_card_up() - net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() - net: macvlan: fix memory leaks of macvlan_common_newlink - arm64: efi: Fix handling of misaligned runtime regions and drop warning - ALSA: hda: fix potential memleak in 'add_widget_node' - ALSA: usb-audio: Add quirk entry for M-Audio Micro - nilfs2: fix deadlock in nilfs_count_free_blocks() - drm/i915/dmabuf: fix sg_table handling in map_dma_buf - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi - btrfs: selftests: fix wrong error check in btrfs_free_dummy_root() - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() - cert host tools: Stop complaining about deprecated OpenSSL functions - dmaengine: at_hdmac: Fix at_lli struct definition - dmaengine: at_hdmac: Don't start transactions at tx_submit level - dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors - dmaengine: at_hdmac: Don't allow CPU to reorder channel enable - dmaengine: at_hdmac: Fix impossible condition - dmaengine: at_hdmac: Check return code of dma_async_device_register - x86/cpu: Restore AMD's DE_CFG MSR after resume - selftests/futex: fix build for clang - drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid - ASoC: core: Fix use-after-free in snd_soc_exit() - serial: 8250_omap: remove wait loop from Errata i202 workaround - serial: 8250: omap: Flush PM QOS work on remove - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send - ASoC: soc-utils: Remove __exit for snd_soc_util_exit() - block: sed-opal: kmalloc the cmd/resp buffers - parport_pc: Avoid FIFO port location truncation - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - net: bgmac: Drop free_netdev() from bgmac_enet_remove() - mISDN: fix possible memory leak in mISDN_dsp_element_register() - mISDN: fix misuse of put_device() in mISDN_register_device() - net: caif: fix double disconnect client in chnl_net_open() - xen/pcpu: fix possible memory leak in register_pcpu() - drbd: use after free in drbd_create_device() - net/x25: Fix skb leak in x25_lapb_receive_frame() - cifs: Fix wrong return value checking when GETFLAGS - ftrace: Fix the possible incorrect kernel message - ftrace: Optimize the allocation for mcount entries - ftrace: Fix null pointer dereference in ftrace_add_mod() - ring_buffer: Do not deactivate non-existant pages - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() - USB: serial: option: add Sierra Wireless EM9191 - USB: serial: option: remove old LARA-R6 PID - USB: serial: option: add u-blox LARA-R6 00B modem - USB: serial: option: add u-blox LARA-L6 modem - USB: serial: option: add Fibocom FM160 0x0111 composition - usb: add NO_LPM quirk for Realforce 87U Keyboard - usb: chipidea: fix deadlock in ci_otg_del_timer - iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() - iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() - iio: pressure: ms5611: changed hardcoded SPI speed to value limited - dm ioctl: fix misbehavior if list_versions races with module loading - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - serial: 8250_lpss: Configure DMA also w/o DMA filter - mmc: core: properly select voltage range without power cycle - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() - misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() - nilfs2: fix use-after-free bug of ns_writer on remount - serial: 8250: Flush DMA Rx on RLSI - macvlan: enforce a consistent minimal mtu - tcp: cdg: allow tcp_cdg_release() to be called multiple times - kcm: avoid potential race in kcm_tx_work - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - kcm: close race conditions on sk_receive_queue - 9p: trans_fd/p9_conn_cancel: drop client lock earlier - gfs2: Check sb_bsize_shift after reading superblock - gfs2: Switch from strlcpy to strscpy - 9p/trans_fd: always use O_NONBLOCK read/write - mm: fs: initialize fsdata passed to write_begin/write_end interface - ntfs: fix use-after-free in ntfs_attr_find() - ntfs: fix out-of-bounds read in ntfs_attr_find() - ntfs: check overflow when iterating ATTR_RECORDs - wifi: cfg80211: fix memory leak in query_regdb_file() - net: tun: Fix memory leaks of napi_get_frags - riscv: process: fix kernel info leakage - vmlinux.lds.h: Fix placement of '.data..decrypted' section - net: thunderbolt: Fix error handling in tbnet_init() - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() - Input: i8042 - fix leaking of platform device on module removal - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support - audit: fix undefined behavior in bit shift for AUDIT_BIT - wifi: mac80211: Fix ack frame idr leak when mesh has no route - spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run - MIPS: pic32: treat port as signed integer - af_key: Fix send_acquire race with pfkey_register - ARM: dts: am335x-pcm-953: Define fixed regulators in root node - bus: sunxi-rsb: Support atomic transfers - ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl - nfc/nci: fix race with opening and closing - net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() - ARM: mxs: fix memory leak in mxs_machine_init() - net/mlx4: Check retval of mlx4_bitmap_init - net/qla3xxx: fix potential memleak in ql3xxx_send() - xfrm: Fix ignored return value in xfrm6_init() - NFC: nci: fix memory leak in nci_rx_data_packet() - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). - s390/dasd: fix no record found for raw_track_access - nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION - nfc: st-nci: fix memory leaks in EVT_TRANSACTION - net: thunderx: Fix the ACPI memory leak - s390/crashdump: fix TOD programmable field size - nios2: add FORCE for vmlinuz.gz - arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency - iio: light: apds9960: fix wrong register for gesture gain - iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails - kconfig: display recursive dependency resolution hint just once - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode - serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios() - xen/platform-pci: add missing free_irq() in error path - platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() - platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) - platform/x86: hp-wmi: Ignore Smart Experience App event - [Config] updateconfigs for INET_TABLE_PERTURB_ORDER - tcp: configurable source port perturb table size - net: usb: qmi_wwan: add Telit 0x103a composition - drm/amdgpu: always register an MMU notifier for userptr - iio: health: afe4403: Fix oob read in afe4403_read_raw - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw - iio: light: rpr0521: add missing Kconfig dependencies - hwmon: (i5500_temp) fix missing pci_disable_device() - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - of: property: decrement node refcount in of_fwnode_get_reference_args() - net/mlx5: Fix uninitialized variable bug in outlen_write() - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() - can: cc770: cc770_isa_probe(): add missing free_cc770dev() - qlcnic: fix sleep-in-atomic-context bugs caused by msleep - net: phy: fix null-ptr-deref while probe() failed - net: net_netdev: Fix error handling in ntb_netdev_init_module() - net/9p: Fix a potential socket leak in p9_socket_open - dsa: lan9303: Correct stat name - net: hsr: Fix potential use-after-free - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed - hwmon: (coretemp) Check for null before removing sysfs attrs - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - perf: Add sample_flags to indicate the PMU-filled sample data - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep" - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - arm64: Fix panic() when Spectre-v2 causes Spectre-BHB to re-allocate KVM vectors - arm64: errata: Fix KVM Spectre-v2 mitigation selection for Cortex-A57/A72 - efi: random: Properly limit the size of the random seed - ASoC: ops: Fix bounds check for _sx controls - pinctrl: single: Fix potential division by zero - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - nvme: restrict management ioctls to admin - x86/tsx: Add a feature bit for TSX control MSR support - x86/pm: Add enumeration check before spec MSRs save/restore setup - x86/ioremap: Fix page aligned size calculation in __ioremap_caller() - mmc: sdhci: use FIELD_GET for preset value bit masks - mmc: sdhci: Fix voltage switch delay - proc: avoid integer type confusion in get_proc_long - proc: proc_skip_spaces() shouldn't think it is working on C strings - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails - ipc/sem: Fix dangling sem_array access in semtimedop race - x86/nospec: Fix i386 RSB stuffing - Revert "x86/speculation: Change FILL_RETURN_BUFFER to work with objtool" - ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove - net: pch_gbe: fix pci device refcount leak while module exiting - Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() - Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() - iio: pressure: ms5611: fixed value compensation bug - arm: dts: rockchip: fix node name for hym8563 rtc - ARM: dts: rockchip: fix ir-receiver node names - ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels - ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation - ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event - ASoC: soc-pcm: Add NULL check in BE reparenting - regulator: twl6030: fix get status of twl6032 regulators - net: usb: qmi_wwan: add u-blox 0x1342 composition - xen/netback: do some code cleanup - xen/netback: don't call kfree_skb() with interrupts disabled - rcutorture: Automatically create initrd directory - media: v4l2-dv-timings.c: fix too strict blanking sanity checks - memcg: fix possible use-after-free in memcg_write_event_control() - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field - HID: hid-lg4ff: Add check for empty lbuf - HID: core: fix shift-out-of-bounds in hid_report_raw_event - ieee802154: cc2520: Fix error return code in cc2520_hw_init() - ca8210: Fix crash by zero initializing data - gpio: amd8111: Fix PCI device reference count leak - e1000e: Fix TX dispatch condition - igb: Allocate MSI-X vector when testing - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() - net: encx24j600: Add parentheses to fix precedence - net: encx24j600: Fix invalid logic in reading of MISTAT register - net: mvneta: Prevent out of bounds read in mvneta_config_rss() - NFC: nci: Bounds check struct nfc_target arrays - net: stmmac: fix "snps,axi-config" node property parsing - net: hisilicon: Fix potential use-after-free in hisi_femac_rx() - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() - tipc: Fix potential OOB in tipc_link_proto_rcv() - ethernet: aeroflex: fix potential skb leak in greth_init_rings() - net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq() - ipv6: avoid use-after-free in ip6_fragment() - net: mvneta: Fix an out of bounds check - net: mvneta: Prevent out of bounds read in mvneta_config_rss() - i40e: Fix not setting default xps_cpus after reset - i40e: Fix for VF MAC address 0 - i40e: Disallow ip4 and ip6 l4_4_bytes - nvme initialize core quirks before calling nvme_init_subsystem - can: esd_usb: Allow REC and TEC to return to zero * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * rdpru in ubuntu_kvm_unit_tests failed on B-4.15 node riccioli with FAIL: RDPRU raises #UD (LP: #1968681) - x86/cpufeatures: Add feature bit RDPRU on AMD - kvm: svm: Intercept RDPRU * NFS: client permission error after adding user to permissible group (LP: #2003053) - cred: add cred_fscmp() for comparing creds. - NFS: Clear the file access cache upon login - NFS: Judge the file access cache's timestamp in rcu path - NFS: Fix up a sparse warning * 5.15.0-58.64 breaks xen bridge networking (pvh domU) (LP: #2002889) - xen/netback: fix build warning * CVE-2023-0461 - net/ulp: prevent ULP without clone op from entering the LISTEN status * CVE-2022-3545 - nfp: fix use-after-free in area_cache_get() [ Ubuntu: 4.15.0-204.215 ] * bionic/linux: 4.15.0-204.215 -proposed tracker (LP: #2003522) * Revoke & rotate to new signing key (LP: #2002812) - [Packaging] Revoke and rotate to new signing key -- Manuel Diewald <email address hidden> Fri, 10 Feb 2023 12:16:51 +0100
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1127.135) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1127.135 -proposed tracker (LP: #2001872) [ Ubuntu: 4.15.0-203.214 ] * bionic/linux: 4.15.0-203.214 -proposed tracker (LP: #2001876) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542) - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - x86/cpufeature: Add facility to check for min microcode revisions - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header - x86/devicetable: Move x86 specific macro out of generic code - x86/cpu: Add consistent CPU match macros - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/entry: Remove skip_r11rcx - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/bugs: Report AMD retbleed vulnerability - x86/bugs: Add AMD retbleed= boot parameter - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/entry: Add kernel IBRS implementation - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/bugs: Report Intel retbleed vulnerability - entel_idle: Disable IBRS during long idle - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - x86/speculation: Add LFENCE to RSB fill sequence - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Remove x86_spec_ctrl_mask - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - KVM: VMX: Fix IBRS handling after vmexit - x86/speculation: Fill RSB on vmexit for IBRS - x86/common: Stamp out the stepping madness - x86/cpu/amd: Enumerate BTC_NO - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/speculation: Disable RRSBA behavior - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - x86/speculation: Add RSB VM Exit protections - ocfs2: clear dinode links count in case of error - ocfs2: fix BUG when iput after ocfs2_mknod fails - x86/microcode/AMD: Apply the patch early on every logical thread - ata: ahci-imx: Fix MODULE_ALIAS - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS - KVM: arm64: vgic: Fix exit condition in scan_its_table() - [Config] updateconfigs for ARM64_ERRATUM_1742098 - arm64: errata: Remove AES hwcap for COMPAT tasks - r8152: add PID for the Lenovo OneLink+ Dock - btrfs: fix processing of delayed data refs during backref walking - ACPI: extlog: Handle multiple records - HID: magicmouse: Do not set BTN_MOUSE on double report - net/atm: fix proc_mpc_write incorrect return value - net: hns: fix possible memory leak in hnae_ae_register() - iommu/vt-d: Clean up si_domain in the init_dmars() error path - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls - ACPI: video: Force backlight native for more TongFang devices - ALSA: Use del_timer_sync() before freeing timer - ALSA: au88x0: use explicitly signed char - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM - usb: dwc3: gadget: Don't set IMI for no_interrupt - usb: bdc: change state when port disconnected - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller - xhci: Remove device endpoints from bandwidth list when freeing the device - tools: iio: iio_utils: fix digit calculation - iio: light: tsl2583: Fix module unloading - fbdev: smscufx: Fix several use-after-free bugs - mac802154: Fix LQI recording - drm/msm/hdmi: fix memory corruption with too many bridges - mmc: core: Fix kernel panic when remove non-standard SDIO card - kernfs: fix use-after-free in __kernfs_remove - s390/futex: add missing EX_TABLE entry to __futex_atomic_op() - Xen/gntdev: don't ignore kernel unmapping error - xen/gntdev: Prevent leaking grants - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - net: ieee802154: fix error return code in dgram_bind() - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid - arc: iounmap() arg is volatile - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() - x86/unwind/orc: Fix unreliable stack dump with gcov - amd-xgbe: fix the SFP compliance codes check for DAC cables - amd-xgbe: add the bit rate quirk for Molex cables - kcm: annotate data-races around kcm->rx_psock - kcm: annotate data-races around kcm->rx_wait - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY - tcp: fix indefinite deferral of RTO with SACK reneging - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path - PM: hibernate: Allow hybrid sleep to work with s2idle - media: vivid: s_fbuf: add more sanity checks - media: vivid: dev->bitmap_cap wasn't freed in all cases - media: v4l2-dv-timings: add sanity checks for blanking values - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' - i40e: Fix ethtool rx-flow-hash setting for X722 - i40e: Fix flow-type by setting GL_HASH_INSET registers - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() - PM: domains: Fix handling of unavailable/disabled idle states - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() - ALSA: aoa: Fix I2S device accounting - openvswitch: switch from WARN to pr_warn - net: ehea: fix possible memory leak in ehea_register_port() - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive - media: venus: dec: Handle the case where find_format fails - Makefile.debug: re-enable debug info for .S files - drm/msm/dsi: fix memory corruption with too many bridges - perf auxtrace: Fix address filter symbol name match for modules - net: netsec: fix error handling in netsec_register_mdio() - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - i40e: Fix VF hang when reset is triggered on another VF * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) - of: fdt: fix off-by-one error in unflatten_dt_nodes() - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx - drm/meson: Correct OSD1 global alpha value - parisc: ccio-dma: Add missing iounmap in error path in ccio_probe() - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM - ASoC: nau8824: Fix semaphore unbalance at error paths - regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() - ALSA: hda/sigmatel: Keep power up while beep is enabled - net: usb: qmi_wwan: add Quectel RM520N - MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping() - mksysmap: Fix the mismatch of 'L0' symbols in System.map - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write - ALSA: hda/sigmatel: Fix unused variable warning for beep power change - wifi: mac80211: Fix UAF in ieee80211_scan_rx() - USB: core: Fix RST error in hub.c - USB: serial: option: add Quectel BG95 0x0203 composition - USB: serial: option: add Quectel RM520N - ALSA: hda/tegra: set depop delay for tegra - ALSA: hda: add Intel 5 Series / 3400 PCI DID - mm/slub: fix to return errno if kmalloc() fails - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers - netfilter: nf_conntrack_irc: Tighten matching on DCC message - iavf: Fix cached head and tail value for iavf_get_tx_pending - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header - net: team: Unsync device addresses on ndo_stop - MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko - of: mdio: Add of_node_put() when breaking out of for_each_xx - netfilter: ebtables: fix memory leak when blob is malformed - can: gs_usb: gs_can_open(): fix race dev->can.state condition - perf kcore_copy: Do not check /proc/modules is unchanged - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD - serial: Create uart_xmit_advance() - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region - ext4: make directory inode spreading reflect flexbg size - nvmet: fix a use-after-free - i40e: Fix VF set max MTU size - i40e: Fix set max_tx_rate when it is lower than 1 Mbps - perf jit: Include program header in ELF files - workqueue: don't skip lockdep work dependency in cancel_work_sync() - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width - mm/page_alloc: fix race condition between build_all_zonelists and page allocation - mm: prevent page_frag_alloc() from corrupting the memory - mm/migrate_device.c: flush TLB while holding PTL - soc: sunxi: sram: Actually claim SRAM regions - soc: sunxi: sram: Fix debugfs info for A64 SRAM C - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" - Input: melfas_mip4 - fix return value check in mip4_probe() - usbnet: Fix memory leak in usbnet_disconnect() - selftests: Fix the if conditions of in test_extra_filter() - uas: add no-uas quirk for Hiksemi usb_disk - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS - uas: ignore UAS for Thinkplus chips - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() - nvme: add new line after variable declatation - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices - clk: iproc: Minor tidy up of iproc pll data structures - clk: iproc: Do not rely on node name for correct PLL setup - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1 - ARM: fix function graph tracer and unwinder dependencies - [Config] updateconfigs for UNWINDER_ARM - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer - net/ieee802154: fix uninit value bug in dgram_sendmsg - um: Cleanup syscall_handler_t cast in syscalls_32.h - um: Cleanup compiler warning in arch/x86/um/tls_32.c - usb: mon: make mmapped memory read only - USB: serial: ftdi_sio: fix 300 bps rate for SIO - mmc: core: Replace with already defined values for readability - mmc: core: Terminate infinite loop in SD-UHS voltage switch - rpmsg: qcom: glink: replace strncpy() with strscpy_pad() - nilfs2: fix leak of nilfs_root in case of writer thread creation failure - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure - ceph: don't truncate file in atomic_open - random: clamp credited irq bits to maximum mixed - ALSA: hda: Fix position reporting on Poulsbo - USB: serial: qcserial: add new usb-id for Dell branded EM7455 - random: restore O_NONBLOCK support - random: avoid reading two cache lines on irq randomness - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate - Input: xpad - add supported devices as contributed on github - Input: xpad - fix wireless 360 controller breaking after suspend - random: use expired timer rather than wq for mixing fast pool - ALSA: oss: Fix potential deadlock at unregistration - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() - ALSA: usb-audio: Fix potential memory leaks - ALSA: usb-audio: Fix NULL dererence at error path - iio: dac: ad5593r: Fix i2c read protocol requirements - fs: dlm: fix race between test_bit() and queue_work() - fs: dlm: handle -EBUSY first in lock arg validation - HID: multitouch: Add memory barriers - quota: Check next/prev free block number after reading from quota file - regulator: qcom_rpm: Fix circular deferral regression - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" - parisc: fbdev/stifb: Align graphics memory size to 4MB - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge - fbdev: smscufx: Fix use-after-free in ufx_ops_open() - nilfs2: fix use-after-free bug of struct nilfs_root - ext4: fix null-ptr-deref in ext4_write_info - ext4: make ext4_lazyinit_thread freezable - ext4: place buffer head allocation before handle start - livepatch: fix race between fork and KLP transition - ftrace: Properly unset FTRACE_HASH_FL_MOD - ring-buffer: Allow splice to read previous partially read pages - ring-buffer: Check pending waiters when doing wake ups as well - ring-buffer: Fix race between reset page and reading page - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" - gcov: support GCC 12.1 and newer compilers - selinux: use "grep -E" instead of "egrep" - sh: machvec: Use char[] for section boundaries - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() - wifi: mac80211: allow bw change during channel switch in mesh - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() - spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() - wifi: rtl8xxxu: Fix skb misuse in TX queue selection - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration - net: fs_enet: Fix wrong check in do_pd_setup - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe - netfilter: nft_fib: Fix for rpath check with VRF devices - spi: s3c64xx: Fix large transfers with DMA - vhost/vsock: Use kvmalloc/kvfree for larger packets. - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() - bnx2x: fix potential memory leak in bnx2x_tpa_stop() - drm/mipi-dsi: Detach devices when removing the host - platform/x86: msi-laptop: Fix old-ec check for backlight registering - platform/x86: msi-laptop: Fix resource cleanup - drm/bridge: megachips: Fix a null pointer dereference bug - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API - ALSA: dmaengine: increment buffer pointer atomically - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() - memory: of: Fix refcount leak bug in of_get_ddr_timings() - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() - soc: qcom: smem_state: Add refcounting for the 'state->of_node' - ARM: dts: turris-omnia: Fix mpp26 pin name and comment - ARM: dts: kirkwood: lsxl: fix serial line - ARM: dts: kirkwood: lsxl: remove first ethernet port - ARM: Drop CMDLINE_* dependency on ATAGS - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX - iio: inkern: only release the device node when done with it - iio: ABI: Fix wrong format of differential capacitance channel ABI. - clk: oxnas: Hold reference returned by of_get_parent() - clk: tegra: Fix refcount leak in tegra210_clock_init - clk: tegra: Fix refcount leak in tegra114_clock_init - clk: tegra20: Fix refcount leak in tegra20_clock_init - HSI: omap_ssi: Fix refcount leak in ssi_probe - HSI: omap_ssi_port: Fix dma_map_sg error check - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop - tty: xilinx_uartps: Fix the ignore_status - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init - RDMA/rxe: Fix "kernel NULL pointer dereference" error - RDMA/rxe: Fix the error caused by qp->sk - dyndbg: fix module.dyndbg handling - dyndbg: let query-modname override actual module name - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() - ata: fix ata_id_has_devslp() - ata: fix ata_id_has_ncq_autosense() - ata: fix ata_id_has_dipm() - md/raid5: Ensure stripe_fill happens on non-read IO with journal - xhci: Don't show warning for reinit on known broken suspend - usb: gadget: function: fix dangling pnp_string in f_printer.c - drivers: serial: jsm: fix some leaks in probe - phy: qualcomm: call clk_disable_unprepare in the error handling - firmware: google: Test spinlock on panic path to avoid lockups - serial: 8250: Fix restoring termios speed after suspend - fsi: core: Check error number after calling ida_simple_get - mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() - mfd: lp8788: Fix an error handling path in lp8788_probe() - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() - mfd: sm501: Add check for platform_driver_register() - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() - spmi: pmic-arb: correct duplicate APID to PPID mapping logic - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg - powerpc/math_emu/efp: Include module.h - powerpc/sysdev/fsl_msi: Add missing of_node_put() - powerpc/pci_dn: Add missing of_node_put() - powerpc/powernv: add missing of_node_put() in opal_export_attrs() - powerpc: Fix SPE Power ISA properties for e500v1 platforms - iommu/omap: Fix buffer overflow in debugfs - iommu/iova: Fix module config properly - crypto: cavium - prevent integer overflow loading firmware - f2fs: fix race condition on setting FI_NO_EXTENT flag - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk - MIPS: BCM47XX: Cast memcmp() of function to (void *) - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data - wifi: brcmfmac: fix invalid address access when enabling SCAN log level - openvswitch: Fix double reporting of drops in dropwatch - openvswitch: Fix overreporting of drops in dropwatch - tcp: annotate data-race around tcp_md5sig_pool_populated - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() - xfrm: Update ipcomp_scratches with NULL when freed - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times - can: bcm: check the result of can_send() in bcm_can_tx() - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 - wifi: rt2x00: set SoC wmac clock register - wifi: rt2x00: correctly set BBP register 86 for MT7620 - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - Bluetooth: L2CAP: Fix user-after-free - drm: Use size_t type for len variable in drm_copy_field() - drm: Prevent drm_copy_field() to attempt copying a NULL pointer - drm/vc4: vec: Fix timings for VEC modes - platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading - drm/amdgpu: fix initial connector audio value - ARM: dts: imx7d-sdb: config the max pressure for tsc2046 - ARM: dts: imx6q: add missing properties for sram - ARM: dts: imx6dl: add missing properties for sram - ARM: dts: imx6qp: add missing properties for sram - ARM: dts: imx6sl: add missing properties for sram - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() - scsi: 3w-9xxx: Avoid disabling device if failing to enable it - nbd: Fix hung when signal interrupts nbd_start_device_ioctl() - HID: roccat: Fix use-after-free in roccat_read() - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() - usb: musb: Fix musb_gadget.c rxstate overflow bug - Revert "usb: storage: Add quirk for Samsung Fit flash" - usb: idmouse: fix an uninit-value in idmouse_open - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc - net: ieee802154: return -EINVAL for unknown addr type - net/ieee802154: don't warn zero-sized raw_sendmsg() - ext4: continue to expand file system when the target size doesn't reach - md: Replace snprintf with scnprintf - efi: libstub: drop pointless get_memory_map() call - inet: fully convert sk->sk_rx_dst to RCU rules - thermal: intel_powerclamp: Use first online CPU as control_cpu - mtd: rawnand: atmel: Unmap streaming DMA mappings - drm: bridge: adv7511: fix CEC power down control register offset - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe - clk: berlin: Add of_node_put() for of_get_parent() - mtd: devices: docg3: check the return value of devm_ioremap() in the probe -- Juerg Haefliger <email address hidden> Thu, 19 Jan 2023 10:29:04 +0100
Available diffs
linux-raspi2 (4.15.0-1126.134) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1126.134 -proposed tracker (LP: #2002001) [ Ubuntu: 4.15.0-202.213 ] * bionic/linux: 4.15.0-202.213 -proposed tracker (LP: #2002005) * CVE-2022-3643 - xen/netback: Ensure protocol headers don't fall in the non-linear area * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * CVE-2022-42896 - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm * CVE-2022-43945 - NFSD: Cap rsize_bop result based on send buffer size -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 11 Jan 2023 00:55:23 -0300
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1125.133) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1125.133 -proposed tracker (LP: #1997867) * WARNING: CPU: 3 PID: 34 at /build/linux-raspi2-xwwT5i/linux- raspi2-4.15.0/drivers/spi/spidev.c:738 spidev_probe+0x13c/0x1f8 (LP: #1997763) - spi: spidev: Completely disable the spidev warning [ Ubuntu: 4.15.0-201.212 ] * bionic/linux: 4.15.0-201.212 -proposed tracker (LP: #1997871) * Expose built-in trusted and revoked certificates (LP: #1996892) - [Packaging] Expose built-in trusted and revoked certificates * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) - s390/archrandom: prevent CPACF trng invocations in interrupt context * BUG: scheduling while atomic: ip/1210/0x00000200 on xenial/hwe rumford (LP: #1995870) - tg3: prevent scheduling while atomic splat * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() - selftests/bpf: Fix test_align verifier log patterns - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler - kcm: fix strp_init() order and cleanup - serial: fsl_lpuart: RS485 RTS polariy is inverse - staging: rtl8712: fix use after free bugs - vt: Clear selection before changing the font - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id - binder: fix UAF of ref->proc caused by race condition - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" - Input: rk805-pwrkey - fix module autoloading - hwmon: (gpio-fan) Fix array out of bounds access - thunderbolt: Use the actual buffer in tb_async_error() - xhci: Add grace period after xHC start to prevent premature runtime suspend. - USB: serial: cp210x: add Decagon UCA device id - USB: serial: option: add support for OPPO R11 diag port - USB: serial: option: add Quectel EM060K modem - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode - usb: dwc2: fix wrong order of phy_power_on and phy_init - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) - usb-storage: Add ignore-residue quirk for NXP PN7462AU - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages - s390: fix nospec table alignments - USB: core: Prevent nested device-reset calls - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected - net: mac802154: Fix a condition in the receive path - ALSA: seq: oss: Fix data-race for max_midi_devs access - ALSA: seq: Fix data-race at module auto-loading - efi: capsule-loader: Fix use-after-free in efi_capsule_write - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() - fs: only do a memory barrier for the first set_buffer_uptodate() - Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. - drm/radeon: add a force flush to delay work when radeon - parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() - parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - ALSA: aloop: Fix random zeros in capture data when using jiffies timer - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - kprobes: Prohibit probes in gate area - scsi: mpt3sas: Fix use-after-free warning - driver core: Don't probe devices after bus_type.match() probe deferral - netfilter: br_netfilter: Drop dst references before setting. - sch_sfb: Don't assume the skb is still around after enqueueing to child - tipc: fix shift wrapping bug in map_get() - ipv6: sr: fix out-of-bounds read when setting HMAC data. - tcp: fix early ETIMEDOUT after spurious non-SACK RTO - sch_sfb: Also store skb len before calling child enqueue - usb: dwc3: fix PHY disable sequence - USB: serial: ch341: fix lost character on LCR updates - USB: serial: ch341: fix disabled rx timer on older devices - MIPS: loongson32: ls1c: Fix hang during startup - SUNRPC: use _bh spinlocking on ->transport_lock - net: dp83822: disable false carrier interrupt - tcp: annotate data-race around challenge_timestamp - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops - clk: core: Fix runtime PM sequence in clk_core_unprepare() - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs - i40e: Fix kernel crash during module removal - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() - drm/msm/rd: Fix FIFO-full deadlock - HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo - tg3: Disable tg3 device on system reboot to avoid triggering AER - ieee802154: cc2520: add rc code in cc2520_tx() - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes - tracefs: Only clobber mode/uid/gid on remount if asked - net: dp83822: disable rx error interrupt * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) - audit: fix potential double free on error path from fsnotify_add_inode_mark - parisc: Fix exception handler for fldw and fstw instructions - pinctrl: amd: Don't save/restore interrupt status and wake status bits - xfrm: fix refcount leak in __xfrm_policy_check() - rose: check NULL rose_loopback_neigh->loopback - bonding: 802.3ad: fix no transmission of LACPDUs - net: ipvtap - add __init/__exit annotations to module init/exit funcs - netfilter: ebtables: reject blobs that don't provide all entry points - netfilter: nft_payload: report ERANGE for too long offset and length - netfilter: nft_payload: do not truncate csum_offset and csum_type - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - ratelimit: Fix data-races in ___ratelimit(). - net: Fix a data-race around sysctl_tstamp_allow_data. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around netdev_budget_usecs. - net: Fix a data-race around sysctl_somaxconn. - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter - btrfs: check if root is readonly while setting security xattr - loop: Check for overflow while configuring loop - asm-generic: sections: refactor memory_intersects - mm/hugetlb: fix hugetlb not supporting softdirty tracking - md: call __md_stop_writes in md_stop - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() - arm64: map FDT as RW for early_init_dt_scan() - s390/mm: do not trigger write fault when vma does not allow VM_WRITE - x86/bugs: Add "unknown" reporting for MMIO Stale Data - kbuild: Fix include path in scripts/Makefile.modpost - Bluetooth: L2CAP: Fix build errors in some archs - media: pvrusb2: fix memory leak in pvr_probe - HID: hidraw: fix memory leak in hidraw_release() - fbdev: fb_pm2fb: Avoid potential divide by zero error - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead - neigh: fix possible DoS due to net iface start/stop loop - s390/hypfs: avoid error message under KVM - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y - kprobes: don't call disarm_kprobe() for disabled kprobes - net: neigh: don't call kfree_skb() under spin_lock_irqsave() - net: Fix data-races around netdev_tstamp_prequeue. - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - s390: fix double free of GS and RI CBs on fork() failure - scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq - bpf: Fix the off-by-two error in range markings * CVE-2022-2663 - netfilter: nf_conntrack_irc: Fix forged IP logic * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero -- Juerg Haefliger <email address hidden> Tue, 29 Nov 2022 09:27:20 +0100
Available diffs
linux-raspi2 (4.15.0-1124.132) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1124.132 -proposed tracker (LP: #1997461) [ Ubuntu: 4.15.0-200.211 ] * bionic/linux: 4.15.0-200.211 -proposed tracker (LP: #1997465) * CVE-2022-3239 - media: em28xx: initialize refcount before kref_get * CVE-2022-3524 - tcp/udp: Fix memory leak in ipv6_renew_options(). * CVE-2022-3564 - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu * CVE-2022-3565 - mISDN: fix use-after-free bugs in l1oip timer handlers * CVE-2022-3566 - tcp: Fix data races around icsk->icsk_af_ops. * CVE-2022-3567 - ipv6: annotate some data-races around sk->sk_prot - ipv6: Fix data races around sk->sk_prot. * CVE-2022-3594 - r8152: Rate limit overflow messages * CVE-2022-3621 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() * CVE-2022-42703 - mm/rmap.c: don't reuse anon_vma if we just want a copy - mm: rmap: explicitly reset vma->anon_vma in unlink_anon_vmas() - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse [ Ubuntu: 4.15.0-197.208 ] * bionic/linux: 4.15.0-197.208 -proposed tracker (LP: #1994998) * Memory leak while using NFQUEUE to delegate the decision on TCP packets to userspace processes (LP: #1991774) - SAUCE: netfilter: nf_queue: Fix memory leak in nf_queue_entry_get_refs * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - ntfs: fix use-after-free in ntfs_ucsncmp() - ARM: crypto: comment out gcc warning that breaks clang builds - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - ACPI: video: Force backlight native for some TongFang devices - macintosh/adb: fix oob read in do_adb_query() function - Makefile: link with -z noexecstack --no-warn-rwx-segments - x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments - ALSA: bcd2000: Fix a UAF bug on the error path of probing - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Don't register pad_input for touch switch - KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - usbnet: Fix linkwatch use-after-free on disconnect - parisc: Fix device names in /proc/iomem - drm/nouveau: fix another off-by-one in nvbios_addr - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - fuse: limit nsec - md-raid10: fix KASAN warning - ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() - PCI: Add defines for normal and subtractive PCI bridges - powerpc/fsl-pci: Fix Class Code of PCIe Root Port - powerpc/powernv: Avoid crashing if rng is NULL - MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - USB: HCD: Fix URB giveback issue in tasklet function - netfilter: nf_tables: fix null deref due to zeroed list head - arm64: Do not forget syscall when starting a new thread. - arm64: fix oops in concurrently setting insn_emulation sysctls - ext2: Add more validity checks for inode counts - ARM: dts: imx6ul: add missing properties for sram - ARM: dts: imx6ul: fix qspi node compatible - ARM: OMAP2+: display: Fix refcount leak bug - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - ARM: findbit: fix overflowing offset - ARM: bcm: Fix refcount leak in bcm_kona_smc_init - x86/pmem: Fix platform-device leak in error path - ARM: dts: ast2500-evb: fix board compatible - soc: fsl: guts: machine variable might be unset - cpufreq: zynq: Fix refcount leak in zynq_get_revision - ARM: dts: qcom: pm8841: add required thermal-sensor-cells - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - thermal/tools/tmon: Include pthread and time headers in tmon.h - dm: return early from dm_pr_call() if DM device is suspended - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function - i2c: Fix a potential use after free - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - drm/vc4: dsi: Correct DSI divider calculations - drm/rockchip: vop: Don't crash for invalid duplicate_state() - drm/mediatek: dpi: Remove output format of YUV - drm: bridge: sii8620: fix possible off-by-one - media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment - tcp: make retransmitted SKB fit into the send window - selftests: timers: valid-adjtimex: build fix for newer toolchains - selftests: timers: clocksource-switch: fix passing errors from child - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - wifi: p54: Fix an error handling path in p54spi_probe() - wifi: p54: add missing parentheses in p54_flush() - can: pch_can: do not report txerr and rxerr during bus-off - can: rcar_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - can: hi311x: do not report txerr and rxerr during bus-off - can: sun4i_can: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - i2c: cadence: Support PEC for SMBus block read - i2c: mux-gpmux: Add of_node_put() when breaking out of loop - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: libertas: Fix possible refcount leak in if_usb_probe() - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - mtd: maps: Fix refcount leak in of_flash_probe_versatile - mtd: maps: Fix refcount leak in ap_flash_init - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path - fpga: altera-pr-ip: fix unsigned comparison with less than zero - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - memstick/ms_block: Fix some incorrect memory allocation - memstick/ms_block: Fix a memory leak - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R - scsi: smartpqi: Fix DMA direction for RAID requests - usb: gadget: udc: amd5536 depends on HAS_DMA - RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - mmc: cavium-octeon: Add of_node_put() when breaking out of loop - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop - USB: serial: fix tty-port initialized comments - platform/olpc: Fix uninitialized data in debugfs write - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/rxe: Fix error unwind in rxe_create_qp() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe - ASoC: codecs: da7210: add check for i2c_add_driver - ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe - profiling: fix shift too large makes kernel panic - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - remoteproc: qcom: wcnss: Fix handling of IRQs - vfio/ccw: Do not change FSM state in subchannel event - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - iommu/exynos: Handle failed IOMMU device registration properly - kfifo: fix kfifo_to_user() return type - mfd: t7l66xb: Drop platform disable callback - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - s390/zcore: fix race when reading from hardware system area - video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader - powerpc/xive: Fix refcount leak in xive_get_max_prio - powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address - kprobes: Forbid probing on trampoline and BPF code areas - powerpc/pci: Fix PHB numbering when using opal-phbid - genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO - x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - tools/thermal: Fix possible path truncations - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - scsi: zfcp: Fix missing auto port scan and thus missing target ports - x86/olpc: fix 'logical not is only applied to the left hand side' - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - intel_th: pci: Add Raptor Lake-S CPU support - intel_th: pci: Add Raptor Lake-S PCH support - intel_th: pci: Add Meteor Lake-P support - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - btrfs: reject log replay if there is unsupported RO compat flag - KVM: Add infrastructure and macro to mark VM as bugged - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq - KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() - tcp: fix over estimation in sk_forced_mem_schedule() - scsi: sg: Allow waiting for commands to complete on removed device - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E - ALSA: info: Fix llseek return value when using callback - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - btrfs: fix lost error handling when looking up extended ref on log replay - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix reference count leak in aa_pivotroot() - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - SUNRPC: Reinitialise the backchannel request buffers before reuse - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - tools build: Switch to new openssl API for test-libcrypto - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - nios2: page fault et.al. are *not* restartable syscalls... - nios2: don't leave NULLs in sys_call_table[] - nios2: traced syscall does need to check the syscall number - nios2: fix syscall restart checks - nios2: restarts apply only to the first sigframe we build... - nios2: add force_successful_syscall_return() - netfilter: nf_tables: really skip inactive sets when allocating name - powerpc/pci: Fix get_phb_number() locking - i40e: Fix to stop tx_timeout recovery if GLOBR fails - fec: Fix timer capture timing in `fec_ptp_enable_pps()` - igb: Add lock to avoid data race - kbuild: clear LDFLAGS in the top Makefile - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - PCI: Add ACS quirk for Broadcom BCM5750x NICs - irqchip/tegra: Fix overflow implicit truncation warnings - usb: host: ohci-ppc-of: Fix refcount leak bug - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src - gadgetfs: ep_io - wait until IRQ finishes - cxl: Fix a memory leak in an error handling path - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - tty: serial: Fix refcount leak bug in ucc_uart.c - vfio: Clear the caps->buf to NULL after free - mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - smb3: check xattr value length earlier - powerpc/64: Init jump labels before parse_early_param() - video: fbdev: i740fb: Check the argument of i740_calc_vclk() - MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - media: tw686x: Register the irq at the end of probe - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - HID: alps: Declare U1_UNICORN_LEGACY support - tty: n_gsm: fix missing corner cases in gsmld_poll() - rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge - gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - i2c: cadence: Change large transfer count reset logic to be unconditional - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - be2net: Fix buffer overflow in be_get_module_eeprom - Revert "Revert "char/random: silence a lockdep splat with printk()"" - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - drm/tilcdc: Remove obsolete crtc_mode_valid() hack - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - PCI: hv: Fix multi-MSI to allow more than one MSI vector - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - PCI: hv: Fix interrupt mapping for multi-MSI - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - ima: remove the IMA_TEMPLATE Kconfig option - [Config] updateconfigs for IMA_TEMPLATE - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - scsi: ufs: host: Hold reference returned by of_parse_phandle() - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - perf symbol: Correct address for bss symbols - scsi: core: Fix race between handling STS_RESOURCE and completion - ACPI: video: Shortening quirk list by identifying Clevo by board_name only * unprivileged users may trigger page cache invalidation WARN (LP: #1989144) - iomap: fix WARN_ON_ONCE() from unprivileged users * Users belonging to video group may trigger a deadlock WARN (LP: #1990690) - SAUCE: fbdev: remove redundant lock_fb_info * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (LP: #1990985) - ACPI: processor_idle: Skip dummy wait if kernel is in guest - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems * CVE-2022-3028 - af_key: Do not call xfrm_probe_algs in parallel * CVE-2022-2978 - fs: fix UAF/GPF bug in nilfs_mdt_destroy * CVE-2022-40768 - scsi: stex: Properly zero out the passthrough command structure [ Ubuntu: 4.15.0-196.207 ] * bionic/linux: 4.15.0-196.207 -proposed tracker (LP: #1994992) * [UBUNTU 18.04] Ubuntu 18.04 kernel 4.15.0-194 crashes on IPL (LP: #1994601) - SAUCE: Revert "s390/archrandom: simplify back to earlier design and initialize earlier" -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 24 Nov 2022 17:07:51 -0300
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1121.129) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1121.129 -proposed tracker (LP: #1992093) [ Ubuntu: 4.15.0-195.206 ] * bionic/linux: 4.15.0-195.206 -proposed tracker (LP: #1992097) * Memory leak while using NFQUEUE to delegate the decision on TCP packets to userspace processes (LP: #1991774) - SAUCE: netfilter: nf_queue: Fix memory leak in nf_queue_entry_get_refs * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - ntfs: fix use-after-free in ntfs_ucsncmp() - ARM: crypto: comment out gcc warning that breaks clang builds - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - ACPI: video: Force backlight native for some TongFang devices - macintosh/adb: fix oob read in do_adb_query() function - Makefile: link with -z noexecstack --no-warn-rwx-segments - x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments - ALSA: bcd2000: Fix a UAF bug on the error path of probing - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Don't register pad_input for touch switch - KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - usbnet: Fix linkwatch use-after-free on disconnect - parisc: Fix device names in /proc/iomem - drm/nouveau: fix another off-by-one in nvbios_addr - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - fuse: limit nsec - md-raid10: fix KASAN warning - ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() - PCI: Add defines for normal and subtractive PCI bridges - powerpc/fsl-pci: Fix Class Code of PCIe Root Port - powerpc/powernv: Avoid crashing if rng is NULL - MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - USB: HCD: Fix URB giveback issue in tasklet function - netfilter: nf_tables: fix null deref due to zeroed list head - arm64: Do not forget syscall when starting a new thread. - arm64: fix oops in concurrently setting insn_emulation sysctls - ext2: Add more validity checks for inode counts - ARM: dts: imx6ul: add missing properties for sram - ARM: dts: imx6ul: fix qspi node compatible - ARM: OMAP2+: display: Fix refcount leak bug - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - ARM: findbit: fix overflowing offset - ARM: bcm: Fix refcount leak in bcm_kona_smc_init - x86/pmem: Fix platform-device leak in error path - ARM: dts: ast2500-evb: fix board compatible - soc: fsl: guts: machine variable might be unset - cpufreq: zynq: Fix refcount leak in zynq_get_revision - ARM: dts: qcom: pm8841: add required thermal-sensor-cells - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - thermal/tools/tmon: Include pthread and time headers in tmon.h - dm: return early from dm_pr_call() if DM device is suspended - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function - i2c: Fix a potential use after free - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - drm/vc4: dsi: Correct DSI divider calculations - drm/rockchip: vop: Don't crash for invalid duplicate_state() - drm/mediatek: dpi: Remove output format of YUV - drm: bridge: sii8620: fix possible off-by-one - media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment - tcp: make retransmitted SKB fit into the send window - selftests: timers: valid-adjtimex: build fix for newer toolchains - selftests: timers: clocksource-switch: fix passing errors from child - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - wifi: p54: Fix an error handling path in p54spi_probe() - wifi: p54: add missing parentheses in p54_flush() - can: pch_can: do not report txerr and rxerr during bus-off - can: rcar_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - can: hi311x: do not report txerr and rxerr during bus-off - can: sun4i_can: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - i2c: cadence: Support PEC for SMBus block read - i2c: mux-gpmux: Add of_node_put() when breaking out of loop - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: libertas: Fix possible refcount leak in if_usb_probe() - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - mtd: maps: Fix refcount leak in of_flash_probe_versatile - mtd: maps: Fix refcount leak in ap_flash_init - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path - fpga: altera-pr-ip: fix unsigned comparison with less than zero - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - memstick/ms_block: Fix some incorrect memory allocation - memstick/ms_block: Fix a memory leak - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R - scsi: smartpqi: Fix DMA direction for RAID requests - usb: gadget: udc: amd5536 depends on HAS_DMA - RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - mmc: cavium-octeon: Add of_node_put() when breaking out of loop - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop - USB: serial: fix tty-port initialized comments - platform/olpc: Fix uninitialized data in debugfs write - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/rxe: Fix error unwind in rxe_create_qp() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe - ASoC: codecs: da7210: add check for i2c_add_driver - ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe - profiling: fix shift too large makes kernel panic - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - remoteproc: qcom: wcnss: Fix handling of IRQs - vfio/ccw: Do not change FSM state in subchannel event - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - iommu/exynos: Handle failed IOMMU device registration properly - kfifo: fix kfifo_to_user() return type - mfd: t7l66xb: Drop platform disable callback - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - s390/zcore: fix race when reading from hardware system area - video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader - powerpc/xive: Fix refcount leak in xive_get_max_prio - powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address - kprobes: Forbid probing on trampoline and BPF code areas - powerpc/pci: Fix PHB numbering when using opal-phbid - genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO - x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - tools/thermal: Fix possible path truncations - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - scsi: zfcp: Fix missing auto port scan and thus missing target ports - x86/olpc: fix 'logical not is only applied to the left hand side' - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - intel_th: pci: Add Raptor Lake-S CPU support - intel_th: pci: Add Raptor Lake-S PCH support - intel_th: pci: Add Meteor Lake-P support - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - btrfs: reject log replay if there is unsupported RO compat flag - KVM: Add infrastructure and macro to mark VM as bugged - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq - KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() - tcp: fix over estimation in sk_forced_mem_schedule() - scsi: sg: Allow waiting for commands to complete on removed device - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E - ALSA: info: Fix llseek return value when using callback - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - btrfs: fix lost error handling when looking up extended ref on log replay - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix reference count leak in aa_pivotroot() - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - SUNRPC: Reinitialise the backchannel request buffers before reuse - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - tools build: Switch to new openssl API for test-libcrypto - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - nios2: page fault et.al. are *not* restartable syscalls... - nios2: don't leave NULLs in sys_call_table[] - nios2: traced syscall does need to check the syscall number - nios2: fix syscall restart checks - nios2: restarts apply only to the first sigframe we build... - nios2: add force_successful_syscall_return() - netfilter: nf_tables: really skip inactive sets when allocating name - powerpc/pci: Fix get_phb_number() locking - i40e: Fix to stop tx_timeout recovery if GLOBR fails - fec: Fix timer capture timing in `fec_ptp_enable_pps()` - igb: Add lock to avoid data race - kbuild: clear LDFLAGS in the top Makefile - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - PCI: Add ACS quirk for Broadcom BCM5750x NICs - irqchip/tegra: Fix overflow implicit truncation warnings - usb: host: ohci-ppc-of: Fix refcount leak bug - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src - gadgetfs: ep_io - wait until IRQ finishes - cxl: Fix a memory leak in an error handling path - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - tty: serial: Fix refcount leak bug in ucc_uart.c - vfio: Clear the caps->buf to NULL after free - mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - smb3: check xattr value length earlier - powerpc/64: Init jump labels before parse_early_param() - video: fbdev: i740fb: Check the argument of i740_calc_vclk() - MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - media: tw686x: Register the irq at the end of probe - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - HID: alps: Declare U1_UNICORN_LEGACY support - tty: n_gsm: fix missing corner cases in gsmld_poll() - rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge - gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - i2c: cadence: Change large transfer count reset logic to be unconditional - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - be2net: Fix buffer overflow in be_get_module_eeprom - Revert "Revert "char/random: silence a lockdep splat with printk()"" - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - drm/tilcdc: Remove obsolete crtc_mode_valid() hack - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - PCI: hv: Fix multi-MSI to allow more than one MSI vector - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - PCI: hv: Fix interrupt mapping for multi-MSI - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - ima: remove the IMA_TEMPLATE Kconfig option - [Config] updateconfigs for IMA_TEMPLATE - s390/archrandom: prevent CPACF trng invocations in interrupt context - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - scsi: ufs: host: Hold reference returned by of_parse_phandle() - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - perf symbol: Correct address for bss symbols - scsi: core: Fix race between handling STS_RESOURCE and completion - ACPI: video: Shortening quirk list by identifying Clevo by board_name only * unprivileged users may trigger page cache invalidation WARN (LP: #1989144) - iomap: fix WARN_ON_ONCE() from unprivileged users * Users belonging to video group may trigger a deadlock WARN (LP: #1990690) - SAUCE: fbdev: remove redundant lock_fb_info * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (LP: #1990985) - ACPI: processor_idle: Skip dummy wait if kernel is in guest - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems * CVE-2022-3028 - af_key: Do not call xfrm_probe_algs in parallel * CVE-2022-2978 - fs: fix UAF/GPF bug in nilfs_mdt_destroy * CVE-2022-40768 - scsi: stex: Properly zero out the passthrough command structure -- Juerg Haefliger <email address hidden> Tue, 25 Oct 2022 08:37:52 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1120.128) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1120.128 -proposed tracker (LP: #1989931) * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - [Config] raspi2: updateconfigs for RANDOM_TRUST_CPU, RANDOM_TRUST_BOOTLOADER [ Ubuntu: 4.15.0-194.205 ] * bionic/linux: 4.15.0-194.205 -proposed tracker (LP: #1989935) * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625) - random: schedule mix_interrupt_randomness() less often - ata: libata: add qc->flags in ata_qc_complete_template tracepoint - dm era: commit metadata in postsuspend after worker stops - random: quiet urandom warning ratelimit suppression message - USB: serial: option: add Telit LE910Cx 0x1250 composition - USB: serial: option: add Quectel EM05-G modem - USB: serial: option: add Quectel RM500K module support - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers - x86/xen: Remove undefined behavior in setup_features() - MIPS: Remove repetitive increase irq_err_count - igb: Make DMA faster when CPU is active on the PCIe link - iio: adc: vf610: fix conversion mode sysfs node name - usb: chipidea: udc: check request status before setting device address - iio:accel:bma180: rearrange iio trigger get and register - iio: accel: mma8452: ignore the return value of reset operation - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() - iio: trigger: sysfs: fix use-after-free on remove - iio: adc: axp288: Override TS pin bias current for some models - xtensa: xtfpga: Fix refcount leak bug in setup - xtensa: Fix refcount leak bug in time.c - powerpc: Enable execve syscall exit tracepoint - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address - powerpc/powernv: wire up rng during setup_arch - ARM: dts: imx6qdl: correct PU regulator ramp delay - ARM: exynos: Fix refcount leak in exynos_map_pmu - ARM: Fix refcount leak in axxia_boot_secondary - ARM: cns3xxx: Fix refcount leak in cns3xxx_init - modpost: fix section mismatch check for exported init/exit sections - powerpc/pseries: wire up rng during setup_arch() - drm: remove drm_fb_helper_modinit - xen: unexport __init-annotated xen_xlate_map_ballooned_pages() - fdt: Update CRC check for rng-seed - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] - swiotlb: skip swiotlb_bounce when orig_addr is zero - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms - afs: Fix dynamic root getattr - iio:chemical:ccs811: rearrange iio trigger get and register - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe - nvdimm: Fix badblocks clear off-by-one error - dm raid: fix accesses beyond end of raid member array - dm raid: fix KASAN warning in raid5_add_disks - s390/archrandom: simplify back to earlier design and initialize earlier - SUNRPC: Fix READ_PLUS crasher - net: rose: fix UAF bugs caused by timer handler - net: usb: ax88179_178a: Fix packet receiving - RDMA/qedr: Fix reporting QP timeout attribute - usbnet: fix memory allocation in helpers - net: ipv6: unexport __init-annotated seg6_hmac_net_init() - caif_virtio: fix race between virtio_device_ready() and ndo_open() - netfilter: nft_dynset: restore set element counter when failing to update - net: bonding: fix possible NULL deref in rlb code - net: bonding: fix use-after-free after 802.3ad slave unbind - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value - NFC: nxp-nci: Don't issue a zero length i2c_master_read() - xen/gntdev: Avoid blocking in unmap_grant_pages() - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails - sit: use min - ipv6/sit: fix ipip6_tunnel_get_prl return value - net: Rename and export copy_skb_header - xen/blkfront: fix leaking data in shared pages - xen/netfront: fix leaking data in shared pages - xen/netfront: force data bouncing when backend is untrusted - xen/blkfront: force data bouncing when backend is untrusted - xen/arm: Fix race in RB-tree based P2M accounting - net: usb: qmi_wwan: add Telit 0x1060 composition - net: usb: qmi_wwan: add Telit 0x1070 composition - virtio-net: fix race between ndo_open() and virtio_device_ready() - net: tun: unlink NAPI from device on destruction - net: tun: stop NAPI when detaching queues - esp: limit skb_page_frag_refill use to a single page - mm/slub: add missing TID updates on slab deactivation - can: grcan: grcan_probe(): remove extra of_node_get() - can: gs_usb: gs_usb_open/close(): fix memory leak - usbnet: fix memory leak in error case - net: rose: fix UAF bug caused by rose_t0timer_expiry - iommu/vt-d: Fix PCI bus rescan device hot add - video: of_display_timing.h: include errno.h - powerpc/powernv: delay rng platform device creation until later in boot - xfs: remove incorrect ASSERT in xfs_rename - pinctrl: sunxi: a83t: Fix NAND function name for some pins - i2c: cadence: Unregister the clk notifier in error path - ida: don't use BUG_ON() for debugging - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus - dmaengine: pl330: Fix lockdep warning about non-static key - ALSA: hda - Add fixup for Dell Latitidue E5430 - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer - ARM: 9213/1: Print message about disabled Spectre workarounds only once - ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction - cgroup: Use separate src/dst nodes when preloading css_sets for migration - nilfs2: fix incorrect masking of permission flags for symlinks - net: dsa: bcm_sf2: force pause link settings - ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle - inetpeer: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - cipso: Fix data-races around sysctl. - icmp: Fix data-races around sysctl. - ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix a data-race around sysctl_icmp_ratemask. - ipv4: Fix data-races around sysctl_ip_dynaddr. - sfc: fix use after free when disabling sriov - seg6: fix skb checksum evaluation in SRH encapsulation/insertion - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors - sfc: fix kernel panic when creating VF - virtio_mmio: Add missing PM calls to freeze/restore - virtio_mmio: Restore guest page size on resume - netfilter: br_netfilter: do not skip all hooks with 0 priority - cpufreq: pmac32-cpufreq: Fix refcount leak bug - platform/x86: hp-wmi: Ignore Sanitization Mode event - net: tipc: fix possible refcount leak in tipc_sk_create() - NFC: nxp-nci: don't print header length mismatch on i2c error - net: sfp: fix memory leak in sfp_probe() - ASoC: ops: Fix off by one in range control validation - ASoC: wm5110: Fix DRE control - irqchip: or1k-pic: Undefine mask_ack for level triggered hardware - x86: Clear .brk area at early boot - signal handling: don't use BUG_ON() for debugging - USB: serial: ftdi_sio: add Belimo device ids - usb: dwc3: gadget: Fix event pending check - tty: serial: samsung_tty: set dma burst_size to 1 - serial: 8250: fix return error code in serial8250_request_std_resource() - mm: invalidate hwpoison page cache page in fault path - can: m_can: m_can_tx_handler(): fix use after free of skb - ASoC: sgtl5000: Fix noise on shutdown/remove - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374) - [Config] dkms-versions -- force wireguard-dkms update - Revert "random: Make getrandom() ready earlier" - 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes" - crypto: chacha20 - Fix keystream alignment for chacha20_block() - random: always fill buffer in get_random_bytes_wait - random: optimize add_interrupt_randomness - drivers/char/random.c: remove unused dont_count_entropy - random: Fix whitespace pre random-bytes work - random: Return nbytes filled from hw RNG - [Config] updateconfigs for RANDOM_TRUST_CPU, RANDOM_TRUST_BOOTLOADER - random: add a config option to trust the CPU's hwrng - random: remove preempt disabled region - random: Make crng state queryable - random: make CPU trust a boot parameter - drivers/char/random.c: constify poolinfo_table - drivers/char/random.c: remove unused stuct poolinfo::poolbits - drivers/char/random.c: make primary_crng static - random: only read from /dev/random after its pool has received 128 bits - random: move rand_initialize() earlier - random: document get_random_int() family - latent_entropy: avoid build error when plugin cflags are not set - random: fix soft lockup when trying to read from an uninitialized blocking pool - random: Support freezable kthreads in add_hwgenerator_randomness() - fdt: add support for rng-seed - random: Use wait_event_freezable() in add_hwgenerator_randomness() - char/random: Add a newline at the end of the file - Revert "hwrng: core - Freeze khwrng thread during suspend" - crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() - crypto: blake2s - generic C library implementation and selftest - lib/crypto: blake2s: move hmac construction into wireguard - lib/crypto: sha1: re-roll loops to reduce code size - random: Don't wake crng_init_wait when crng_init == 1 - random: Add a urandom_read_nowait() for random APIs that don't warn - random: add GRND_INSECURE to return best-effort non-cryptographic bytes - random: ignore GRND_RANDOM in getentropy(2) - random: make /dev/random be almost like /dev/urandom - random: fix crash on multiple early calls to add_bootloader_randomness() - random: remove the blocking pool - random: delete code to pull data into pools - random: remove kernel.random.read_wakeup_threshold - random: remove unnecessary unlikely() - random: convert to ENTROPY_BITS for better code readability - random: Add and use pr_fmt() - random: fix typo in add_timer_randomness() - random: remove some dead code of poolinfo - random: split primary/secondary crng init paths - random: avoid warnings for !CONFIG_NUMA builds - x86: Remove arch_has_random, arch_has_random_seed - powerpc: Remove arch_has_random, arch_has_random_seed - s390: Remove arch_has_random, arch_has_random_seed - linux/random.h: Remove arch_has_random, arch_has_random_seed - linux/random.h: Use false with bool - linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check - powerpc: Use bool in archrandom.h - random: add arch_get_random_*long_early() - random: avoid arch_get_random_seed_long() when collecting IRQ randomness - random: remove dead code left over from blocking pool - MAINTAINERS: co-maintain random.c - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h> - crypto: blake2s - adjust include guard naming - random: document add_hwgenerator_randomness() with other input functions - random: remove unused irq_flags argument from add_interrupt_randomness() - random: use BLAKE2s instead of SHA1 in extraction - random: do not sign extend bytes for rotation when mixing - random: do not re-init if crng_reseed completes before primary init - random: mix bootloader randomness into pool - random: harmonize "crng init done" messages - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs - random: initialize ChaCha20 constants with correct endianness - random: early initialization of ChaCha constants - random: avoid superfluous call to RDRAND in CRNG extraction - random: don't reset crng_init_cnt on urandom_read() - random: fix typo in comments - random: cleanup poolinfo abstraction - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) - random: cleanup integer types - random: remove incomplete last_data logic - random: remove unused extract_entropy() reserved argument - random: rather than entropy_store abstraction, use global - random: remove unused OUTPUT_POOL constants - random: de-duplicate INPUT_POOL constants - random: prepend remaining pool constants with POOL_ - random: cleanup fractional entropy shift constants - random: access input_pool_data directly rather than through pointer - random: simplify arithmetic function flow in account() - random: continually use hwgenerator randomness - random: access primary_pool directly rather than through pointer - random: only call crng_finalize_init() for primary_crng - random: use computational hash for entropy extraction - random: simplify entropy debiting - random: use linear min-entropy accumulation crediting - random: always wake up entropy writers after extraction - random: make credit_entropy_bits() always safe - random: remove use_input_pool parameter from crng_reseed() - random: remove batched entropy locking - random: fix locking in crng_fast_load() - random: use RDSEED instead of RDRAND in entropy extraction - random: inline leaves of rand_initialize() - random: ensure early RDSEED goes through mixer on init - random: do not xor RDRAND when writing into /dev/random - random: absorb fast pool into input pool after fast load - random: use hash function for crng_slow_load() - random: remove outdated INT_MAX >> 6 check in urandom_read() - random: zero buffer after reading entropy from userspace - random: tie batched entropy generation to base_crng generation - random: remove ifdef'd out interrupt bench - random: remove unused tracepoints - random: add proper SPDX header - random: deobfuscate irq u32/u64 contributions - random: introduce drain_entropy() helper to declutter crng_reseed() - random: remove useless header comment - random: remove whitespace and reorder includes - random: group initialization wait functions - random: group entropy extraction functions - random: group entropy collection functions - random: group userspace read/write functions - random: group sysctl functions - random: rewrite header introductory comment - random: defer fast pool mixing to worker - random: do not take pool spinlock at boot - random: unify early init crng load accounting - random: check for crng_init == 0 in add_device_randomness() - random: pull add_hwgenerator_randomness() declaration into random.h - random: clear fast pool, crng, and batches in cpuhp bring up - random: round-robin registers as ulong, not u32 - random: only wake up writers after zap if threshold was passed - random: cleanup UUID handling - random: unify cycles_t and jiffies usage and types - random: do crng pre-init loading in worker rather than irq - random: give sysctl_random_min_urandom_seed a more sensible value - random: don't let 644 read-only sysctls be written to - random: replace custom notifier chain with standard one - random: use SipHash as interrupt entropy accumulator - random: make consistent usage of crng_ready() - random: reseed more often immediately after booting - random: check for signal and try earlier when generating entropy - random: skip fast_init if hwrng provides large chunk of entropy - random: treat bootloader trust toggle the same way as cpu trust toggle - random: re-add removed comment about get_random_{u32,u64} reseeding - random: mix build-time latent entropy into pool at init - random: do not split fast init input in add_hwgenerator_randomness() - random: do not allow user to keep crng key around on stack - random: check for signal_pending() outside of need_resched() check - random: check for signals every PAGE_SIZE chunk of /dev/[u]random - random: make random_get_entropy() return an unsigned long - random: document crng_fast_key_erasure() destination possibility - random: fix sysctl documentation nits - init: call time_init() before rand_initialize() - ia64: define get_cycles macro for arch-override - s390: define get_cycles macro for arch-override - parisc: define get_cycles macro for arch-override - alpha: define get_cycles macro for arch-override - powerpc: define get_cycles macro for arch-override - timekeeping: Add raw clock fallback for random_get_entropy() - m68k: use fallback for random_get_entropy() instead of zero - mips: use fallback for random_get_entropy() instead of just c0 random - arm: use fallback for random_get_entropy() instead of zero - nios2: use fallback for random_get_entropy() instead of zero - x86/tsc: Use fallback for random_get_entropy() instead of zero - um: use fallback for random_get_entropy() instead of zero - sparc: use fallback for random_get_entropy() instead of zero - xtensa: use fallback for random_get_entropy() instead of zero - random: insist on random_get_entropy() existing in order to simplify - random: do not use batches when !crng_ready() - random: do not pretend to handle premature next security model - random: order timer entropy functions below interrupt functions - random: do not use input pool from hard IRQs - random: help compiler out with fast_mix() by using simpler arguments - siphash: use one source of truth for siphash permutations - random: use symbolic constants for crng_init states - random: avoid initializing twice in credit race - random: remove ratelimiting for in-kernel unseeded randomness - random: use proper jiffies comparison macro - random: handle latent entropy and command line from random_init() - random: credit architectural init the exact amount - random: use static branch for crng_ready() - random: remove extern from functions in header - random: use proper return types on get_random_{int,long}_wait() - random: move initialization functions out of hot pages - random: move randomize_page() into mm where it belongs - random: convert to using fops->write_iter() - random: wire up fops->splice_{read,write}_iter() - random: check for signals after page of pool writes - Revert "random: use static branch for crng_ready()" - crypto: drbg - add FIPS 140-2 CTRNG for noise source - crypto: drbg - always seeded with SP800-90B compliant noise source - crypto: drbg - prepare for more fine-grained tracking of seeding state - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() - crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() - crypto: drbg - always try to free Jitter RNG instance - crypto: drbg - make reseeding from get_random_bytes() synchronous - random: avoid checking crng_ready() twice in random_init() - random: mark bootloader randomness code as __init - random: account for arch randomness in bits - ASoC: cs42l52: Fix TLV scales for mixer controls - ASoC: cs53l30: Correct number of volume levels on SX controls - ASoC: cs42l52: Correct TLV for Bypass Volume - ASoC: cs42l56: Correct typo in minimum level for SX volume controls - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() - ASoC: wm8962: Fix suspend while playing music - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology - scsi: ipr: Fix missing/incorrect resource cleanup in error case - scsi: pmcraid: Fix missing resource cleanup in error case - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed - nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg - net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag - random: credit cpu and bootloader seeds by default - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE - i40e: Fix call trace in setup_tx_descriptors - tty: goldfish: Fix free_irq() on remove - misc: atmel-ssc: Fix IRQ check in ssc_probe - net: bgmac: Fix an erroneous kfree() in bgmac_remove() - arm64: ftrace: fix branch range checks - certs/blacklist_hashes.c: fix const confusion in certs blacklist - irqchip/gic/realview: Fix refcount leak in realview_gic_of_init - comedi: vmk80xx: fix expression for tx buffer size - USB: serial: option: add support for Cinterion MV31 with new baseline - USB: serial: io_ti: add Agilent E5805A support - usb: dwc2: Fix memory leak in dwc2_hcd_init - usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe - serial: 8250: Store to lsr_save_flags after lsr read - ext4: fix bug_on ext4_mb_use_inode_pa - ext4: make variable "count" signed - ext4: add reserved GDT blocks check - virtio-pci: Remove wrong address verification in vp_del_vqs() - s390/mm: use non-quiescing sske for KVM switch to keyed guest - usb: gadget: u_ether: fix regression in setting fixed MAC address - xprtrdma: fix incorrect header size calculations - tcp: add some entropy in __inet_hash_connect() - tcp: use different parts of the port_offset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port perturb table to 2^16 - tcp: drop the hash_32() part from the index calculation - powerpc/kasan: Silence KASAN warnings in __get_wchan() - ASoC: es8328: Fix event generation for deemphasis control - ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put() - i40e: Fix adding ADQ filter to TC0 - mlxsw: spectrum_cnt: Reorder counter pools - net: openvswitch: fix misuse of the cached connection on tuple changes - RISC-V: fix barrier() use in <vdso/processor.h> - powerpc/mm: Switch obsolete dssall to .long -- Juerg Haefliger <email address hidden> Mon, 26 Sep 2022 09:45:23 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1119.127) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1119.127 -proposed tracker (LP: #1987901) [ Ubuntu: 4.15.0-193.204 ] * bionic/linux: 4.15.0-193.204 -proposed tracker (LP: #1987905) * CVE-2022-36946 - netfilter: nf_queue: do not allow packet truncation below transport header offset * CVE-2021-33655 - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size - fbmem: Check virtual screen sizes in fb_set_var() -- Juerg Haefliger <email address hidden> Fri, 09 Sep 2022 10:55:43 +0200
Available diffs
linux-raspi2 (4.15.0-1118.126) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1118.126 -proposed tracker (LP: #1983976) [ Ubuntu: 4.15.0-192.203 ] * bionic/linux: 4.15.0-192.203 -proposed tracker (LP: #1983980) * CVE-2021-33656 - vt: drop old FONT ioctls * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) - binfmt_flat: do not stop relocating GOT entries prematurely on riscv - USB: serial: option: add Quectel BG95 modem - USB: new quirk for Dell Gen 2 devices - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL - btrfs: add "0x" prefix for unsupported optional features - btrfs: repair super block num_devices automatically - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue - b43legacy: Fix assigning negative value to unsigned variable - b43: Fix assigning negative value to unsigned variable - ipw2x00: Fix potential NULL dereference in libipw_xmit() - ACPICA: Avoid cache flush inside virtual machines - ALSA: jack: Access input_dev under mutex - drm/amd/pm: fix double free in si_parse_power_table() - ath9k: fix QCA9561 PA bias level - media: venus: hfi: avoid null dereference in deinit - media: pci: cx23885: Fix the error handling in cx23885_initdev() - media: cx25821: Fix the warning when removing the module - scsi: megaraid: Fix error check return value of register_chrdev() - drm/amd/pm: fix the compile warning - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL - ASoC: dapm: Don't fold register value changes into notifications - s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC - ipmi:ssif: Check for NULL msg when handling events and messages - rtlwifi: Use pr_warn instead of WARN_ONCE - openrisc: start CPU timer early in boot - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags - ASoC: rt5645: Fix errorenous cleanup order - net: phy: micrel: Allow probing without .driver_data - media: exynos4-is: Fix compile warning - rxrpc: Return an error to sendmsg if call failed - eth: tg3: silence the GCC 12 array-bounds warning - ARM: dts: ox820: align interrupt controller node name with dtschema - fs: jfs: fix possible NULL pointer dereference in dbFree() - ARM: OMAP1: clock: Fix UART rate reporting algorithm - fat: add ratelimit to fat*_ent_bread() - ARM: versatile: Add missing of_node_put in dcscb_init - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM - ARM: hisi: Add missing of_node_put after of_find_compatible_node - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate - powerpc/xics: fix refcount leak in icp_opal_init() - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled - RDMA/hfi1: Prevent panic when SDMA is disabled - drm: fix EDID struct for old ARM OABI format - ath9k: fix ar9003_get_eepmisc - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe - x86/delay: Fix the wrong asm constraint in delay_loop() - drm/mediatek: Fix mtk_cec_mask() - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout - NFC: NULL out the dev->rfkill to prevent UAF - efi: Add missing prototype for efi_capsule_setup_info - HID: hid-led: fix maximum brightness for Dream Cheeky - spi: img-spfi: Fix pm_runtime_get_sync() error checking - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix - inotify: show inotify mask flags in proc fdinfo - fsnotify: fix wrong lockdep annotations - x86/pm: Fix false positive kmemleak report in msr_build_context() - drm/msm/dsi: fix error checks and return values for DSI xmit functions - drm/msm/hdmi: check return value after calling platform_get_resource_byname() - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() - x86: Fix return value of __setup handlers - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value - x86/mm: Cleanup the control_va_addr_alignment() __setup handler - drm/msm: return an error pointer in msm_gem_prime_get_sg_table() - media: uvcvideo: Fix missing check to determine if element is found in list - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt - media: st-delta: Fix PM disable depth imbalance in delta_probe - media: exynos4-is: Change clk_disable to clk_disable_unprepare - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout - m68k: math-emu: Fix dependencies of math emulation support - sctp: read sk->sk_bound_dev_if once in sctp_rcv() - ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() - rxrpc: Fix listen() setting the bar too high for the prealloc rings - rxrpc: Don't try to resend the request if we're receiving the reply - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT - ARM: dts: bcm2835-rpi-b: Fix GPIO line names - mfd: ipaq-micro: Fix error check return value of platform_get_irq() - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() - pinctrl: mvebu: Fix irq_of_parse_and_map() return value - drivers/base/node.c: fix compaction sysfs file leak - powerpc/8xx: export 'cpm_setbrg' for modules - powerpc/idle: Fix return value of __setup() handler - powerpc/4xx/cpm: Fix return value of __setup() handler - tty: fix deadlock caused by calling printk() under tty_port->lock - Input: sparcspkr - fix refcount leak in bbc_beep_probe - powerpc/perf: Fix the threshold compare group constraint for power9 - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup - mailbox: forward the hrtimer if not queued and under a lock - iommu/mediatek: Add list_del in mtk_iommu_remove - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup - iommu/amd: Increase timeout waiting for GA log enablement - perf c2c: Use stdio interface if slang is not supported - perf jevents: Fix event syntax error caused by ExtSel - wifi: mac80211: fix use-after-free in chanctx code - iwlwifi: mvm: fix assert 1F04 upon reconfig - fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages - ext4: fix use-after-free in ext4_rename_dir_prepare - ext4: fix bug_on in ext4_writepages - ext4: verify dir block before splitting it - ext4: avoid cycles in directory h-tree - dlm: fix plock invalid read - dlm: fix missing lkb refcount handling - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock - scsi: dc395x: Fix a missing check on list iterator - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. - drm/nouveau/clk: Fix an incorrect NULL check on list iterator - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX - md: fix an incorrect NULL check in does_sb_need_changing - md: fix an incorrect NULL check in md_reload_sb - RDMA/hfi1: Fix potential integer multiplication overflow errors - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x - irqchip: irq-xtensa-mx: fix initial IRQ affinity - mac80211: upgrade passive scan to active scan on DFS channels after beacon rx - um: chan_user: Fix winch_tramp() return value - um: Fix out-of-bounds read in LDT setup - iommu/msm: Fix an incorrect NULL check on list iterator - nodemask.h: fix compilation error with GCC12 - hugetlb: fix huge_pmd_unshare address update - rtl818x: Prevent using not initialized queues - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control - carl9170: tx: fix an incorrect use of list iterator - gma500: fix an incorrect NULL check on list iterator - arm64: dts: qcom: ipq8074: fix the sleep clock frequency - phy: qcom-qmp: fix struct clk leak on probe errors - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 - dt-bindings: gpio: altera: correct interrupt-cells - phy: qcom-qmp: fix reset-controller leak on probe errors - RDMA/rxe: Generate a completion for unsupported/invalid opcode - MIPS: IP27: Remove incorrect `cpu_has_fpu' override - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards - staging: greybus: codecs: fix type confusion of list iterator variable - tty: goldfish: Use tty_port_destroy() to destroy port - usb: usbip: fix a refcount leak in stub_probe() - usb: usbip: add missing device lock on tweak configuration cmd - USB: storage: karma: fix rio_karma_init return - pwm: lp3943: Fix duty calculation in case period was clamped - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier - soc: rockchip: Fix refcount leak in rockchip_grf_init - rtc: mt6397: check return value after calling platform_get_resource() - serial: meson: acquire port->lock in startup() - serial: digicolor-usart: Don't allow CS5-6 - serial: txx9: Don't allow CS5-6 - serial: sh-sci: Don't allow CS5-6 - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value - net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register - modpost: fix removing numeric suffixes - jffs2: fix memory leak in jffs2_do_fill_super - ubi: ubi_create_volume: Fix use-after-free when volume creation failed - tcp: tcp_rtx_synack() can be called from process context - perf c2c: Fix sorting in percent_rmt_hitm_cmp() - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base - tracing: Fix sleeping function called from invalid context on RT kernel - tracing: Avoid adding tracer option before update_tracer_options - i2c: cadence: Increase timeout per message if necessary - m68knommu: set ZERO_PAGE() to the allocated zeroed page - m68knommu: fix undefined reference to `_init_sp' - video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() - xprtrdma: treat all calls not a bcall when bc_serv is NULL - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() - net: mdio: unexport __init-annotated mdio_bus_init() - net: xfrm: unexport __init-annotated xfrm4_protocol_init() - net: ipv6: unexport __init-annotated seg6_hmac_init() - net: altera: Fix refcount leak in altera_tse_mdio_create - drm: imx: fix compiler warning with gcc-12 - iio: dummy: iio_simple_dummy: check the return value of kstrdup() - lkdtm/usercopy: Expand size of "out of frame" object - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() - tty: Fix a possible resource leak in icom_probe - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() - USB: host: isp116x: check return value after calling platform_get_resource() - drivers: tty: serial: Fix deadlock in sa1100_set_termios() - drivers: usb: host: Fix deadlock in oxu_bus_suspend() - USB: hcd-pci: Fully suspend across freeze/thaw cycle - usb: dwc2: gadget: don't reset gadget's driver->bus - misc: rtsx: set NULL intfdata when probe fails - extcon: Modify extcon device to be created after driver data is set - clocksource/drivers/sp804: Avoid error on multiple instances - staging: rtl8712: fix uninit-value in r871xu_drv_init() - serial: msm_serial: disable interrupts in __msm_console_write() - kernfs: Separate kernfs_pr_cont_buf and rename_lock. - md: protect md_unregister_thread from reentrancy - drm/radeon: fix a possible null pointer dereference - modpost: fix undefined behavior of is_arm_mapping_symbol() - nbd: call genl_unregister_family() first in nbd_cleanup() - nbd: fix race between nbd_alloc_config() and module removal - nbd: fix io hung while disconnecting device - nodemask: Fix return values to be unsigned - vringh: Fix loop descriptors check in the indirect cases - ALSA: hda/conexant - Fix loopback issue with CX20632 - cifs: return errors during session setup during reconnects - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling - ixgbe: fix bcast packets Rx on VF after promisc removal - ixgbe: fix unexpected VLAN Rx in promisc mode on VF - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag - powerpc/32: Fix overread/overwrite of thread_struct via ptrace - md/raid0: Ignore RAID0 layout if the second zone has only one device - mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N - PCI: qcom: Fix unbalanced PHY init on probe errors - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd - drm/edid: fix invalid EDID extension block filtering - drm/bridge: adv7511: clean up CEC adapter when probe fails - nl80211: show SSID for P2P_GO interfaces - of: overlay: do not break notify on NOTIFY_{OK|STOP} - x86/speculation: Add missing prototype for unpriv_ebpf_notify() - media: vsp1: Fix offset calculation for plane cropping - ext4: reject the 'commit' option on ext2 filesystems - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx - crypto: marvell/cesa - ECB does not IV - dax: fix cache flush on PMD-mapped pages - f2fs: fix dereference of stale list iterator after loop body - i2c: at91: use dma safe buffers - dmaengine: stm32-mdma: remove GISR1 register - md: bcache: check the return value of kzalloc() in detached_dev_do_request() - usb: musb: Fix missing of_node_put() in omap2430_probe - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 - serial: stm32-usart: Correct CSIZE, bits, and parity - s390/crypto: fix scatterwalk_unmap() callers in AES-GCM - nfp: only report pause frame configuration for physical device - af_unix: ensure POLLOUT on remote close() for connected dgram socket - af_unix: Fix a data-race in unix_dgram_peer_wake_me(). - ip_gre: test csum_start instead of transport header - Upstream stable to v4.14.284, v4.19.248 -- Juerg Haefliger <email address hidden> Fri, 26 Aug 2022 19:42:39 +0200
Available diffs
linux-raspi2 (4.15.0-1117.125) bionic; urgency=medium
[ Ubuntu: 4.15.0-191.202 ]
* CVE-2022-2586
- SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
* CVE-2022-2588
- SAUCE: net_sched: cls_route: remove from list when handle is 0
* CVE-2022-34918
- netfilter: nf_tables: stricter validation of element data
* BUG: kernel NULL pointer dereference, address: 0000000000000008
(LP: #1981658)
- tcp: make sure treq->af_specific is initialized
Available diffs
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1116.124) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1116.124 -proposed tracker (LP: #1981317) [ Ubuntu: 4.15.0-190.201 ] * bionic/linux: 4.15.0-190.201 -proposed tracker (LP: #1981321) * CVE-2022-1679 - SAUCE: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb * Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879) - MIPS: Use address-of operator on section symbols - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit - can: grcan: grcan_probe(): fix broken system id check for errata workaround needs - can: grcan: only use the NAPI poll budget for RX - Bluetooth: Fix the creation of hdev->name - mmc: rtsx: add 74 Clocks in power on flow - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls - ALSA: pcm: Fix races among concurrent read/write and buffer changes - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls - ALSA: pcm: Fix races among concurrent prealloc proc writes - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock - VFS: Fix memory leak caused by concurrently mounting fs with subtype - batman-adv: Don't skb_split skbuffs with frag_list - net: Fix features skip in for_each_netdev_feature() - ipv4: drop dst in multicast routing path - netlink: do not reset transport header in netlink_recvmsg() - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection - hwmon: (ltq-cputemp) restrict it to SOC_XWAY - s390/ctcm: fix variable dereferenced before check - s390/ctcm: fix potential memory leak - s390/lcs: fix variable dereferenced before check - net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() - hwmon: (f71882fg) Fix negative temperature - ASoC: max98090: Reject invalid values in custom control put() - ASoC: max98090: Generate notifications on changes for custom control - ASoC: ops: Validate input values in snd_soc_put_volsw_range() - tcp: resalt the secret every 10 seconds - usb: cdc-wdm: fix reading stuck on device close - USB: serial: pl2303: add device id for HP LM930 Display - USB: serial: qcserial: add support for Sierra Wireless EM7590 - USB: serial: option: add Fibocom L610 modem - USB: serial: option: add Fibocom MA510 modem - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() - drm/vmwgfx: Initialize drm_mode_fb_cmd2 - ping: fix address binding wrt vrf - tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() - net/sched: act_pedit: really ensure the skb is writable - um: Cleanup syscall_handler_t definition/cast, fix warning - Input: add bounds checking to input_set_capability() - Input: stmfts - fix reference leak in stmfts_input_open - MIPS: lantiq: check the return value of kzalloc() - drbd: remove usage of list iterator variable after loop - ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() - ALSA: wavefront: Proper check of get_user() error - perf: Fix sys_perf_event_open() race against self - drm/dp/mst: fix a possible memory leak in fetch_monitor_name() - mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC - mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD - mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch() - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() - clk: at91: generated: consider range when calculating best rate - net/qla3xxx: Fix a test in ql_reset_work() - NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc - ARM: 9196/1: spectre-bhb: enable for Cortex-A15 - ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 - igb: skip phy status check where unavailable - net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. - gpio: gpio-vf610: do not touch other bits when set the target bit - gpio: mvebu/pwm: Refuse requests with inverted polarity - perf bench numa: Address compiler error on s390 - scsi: qla2xxx: Fix missed DMA unmap for aborted commands - mac80211: fix rx reordering with non explicit / psmp ack policy - ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() - net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe() - net: atlantic: verify hw_head_ lies within TX buffer ring - swiotlb: fix info leak with DMA_FROM_DEVICE - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" - net: macb: Increment rx bd head after allocating skb and buffer - net/sched: act_pedit: sanitize shift argument before usage - afs: Fix afs_getattr() to refetch file status if callback break occurred - x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() - tcp: change source port randomizarion at connect() time - secure_seq: use the 64 bits of the siphash for port offset calculation - ACPI: sysfs: Make sparse happy about address space in use - Revert "UBUNTU: SAUCE: ACPI: sysfs: copy ACPI data using io memory copying" - ACPI: sysfs: Fix BERT error region memory mapping - net: af_key: check encryption module availability consistency - net: ftgmac100: Disable hardware checksum on AST2600 - drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers - assoc_array: Fix BUG_ON during garbage collect - drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern - exec: Force single empty string when argv is empty - netfilter: conntrack: re-fetch conntrack after insertion - zsmalloc: fix races between asynchronous zspage free and page migration - dm integrity: fix error code in dm_integrity_ctr() - dm crypt: make printing of the key constant-time - dm stats: add cond_resched when looping over entries - dm verity: set DM_TARGET_IMMUTABLE feature flag - tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() - docs: submitting-patches: Fix crossref to 'The canonical patch format' - NFSD: Fix possible sleep during nfsd4_release_lockowner() - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) - floppy: disable FDRAWCMD by default - [Config] updateconfigs for BLK_DEV_FD_RAWCMD - hamradio: defer 6pack kfree after unregister_netdev - hamradio: remove needs_free_netdev to avoid UAF - lightnvm: disable the subsystem - [Config] updateconfigs for NVM, NVM_PBLK - usb: mtu3: fix USB 3.0 dual-role-switch from device to host - USB: quirks: add a Realtek card reader - USB: quirks: add STRING quirk for VCOM device - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions - xhci: stop polling roothubs after shutdown - iio: dac: ad5592r: Fix the missing return value. - iio: dac: ad5446: Fix read_raw not returning set value - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() - usb: misc: fix improper handling of refcount in uss720_probe() - usb: gadget: uvc: Fix crash when encoding data for usb request - usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() - serial: 8250: Also set sticky MCR bits in console restoration - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device - hex2bin: make the function hex_to_bin constant-time - hex2bin: fix access beyond string end - USB: Fix xhci event ring dequeue pointer ERDP update issue - ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue - phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe - phy: samsung: exynos5250-sata: fix missing device put in probe error paths - ARM: OMAP2+: Fix refcount leak in omap_gic_of_init - ARM: dts: Fix mmc order for omap3-gta04 - ipvs: correctly print the memory size of ip_vs_conn_tab - mtd: rawnand: Fix return value check of wait_for_completion_timeout - sctp: check asoc strreset_chunk in sctp_generate_reconf_event - pinctrl: pistachio: fix use of irq_of_parse_and_map() - ip_gre: Make o_seqno start from 0 in native mode - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT - bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() - clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() - net: bcmgenet: hide status block before TX timestamping - bnx2x: fix napi API usage sequence - ASoC: wm8731: Disable the regulator when probing fails - x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 - cifs: destage any unwritten data to the server before calling copychunk_write - drivers: net: hippi: Fix deadlock in rr_close() - x86/cpu: Load microcode during restore_processor_state() - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 - tty: n_gsm: fix malformed counter for out of frame data - tty: n_gsm: fix insufficient txframe size - tty: n_gsm: fix missing explicit ldisc flush - tty: n_gsm: fix wrong command retry handling - tty: n_gsm: fix wrong command frame length field encoding - tty: n_gsm: fix incorrect UA handling - MIPS: Fix CP0 counter erratum detection for R4k CPUs - parisc: Merge model and model name into one line in /proc/cpuinfo - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes - Revert "SUNRPC: attempt AF_LOCAL connect on setup" - firewire: fix potential uaf in outbound_phy_packet_callback() - firewire: remove check of list iterator against head past the loop body - firewire: core: extend card->lock in fw_core_handle_bus_reset - ASoC: wm8958: Fix change notifications for DSP controls - can: grcan: grcan_close(): fix deadlock - can: grcan: use ofdev->dev when allocating DMA memory - nfc: replace improper check device_is_registered() in netlink related functions - NFC: netlink: fix sleep in atomic bug when firmware download timeout - hwmon: (adt7470) Fix warning on module removal - ASoC: dmaengine: Restore NULL prepare_slave_config() callback - net: emaclite: Add error handling for of_address_to_resource() - smsc911x: allow using IRQ0 - btrfs: always log symlinks in full mode - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() - kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU - net: ipv6: ensure we call ipv6_mc_down() at most once - dm: fix mempool NULL pointer race when completing IO - dm: interlock pending dm_io and dm_wait_for_bios_completion - PCI: aardvark: Clear all MSIs at setup - PCI: aardvark: Fix reading MSI interrupt number - tcp: md5: incorrect tcp_header_len for incoming connections - net: hns3: add validity check for message data length - genirq: Synchronize interrupt thread startup - net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() - mm: fix unexpected zeroed page mapping with zram swap * unprivileged tests in test_verifier from ubuntu_bpf failed with "Failed to load prog 'Operation not permitted'" on B-4.15 (LP: #1980648) - selftests/bpf: Count tests skipped by unpriv - selftests/bpf: Only run tests if !bpf_disabled * CVE-2022-1734 - nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs * CVE-2022-1652 - floppy: use a statically allocated error counter -- Juerg Haefliger <email address hidden> Wed, 20 Jul 2022 16:28:21 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1115.123) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1115.123 -proposed tracker (LP: #1979521) [ Ubuntu: 4.15.0-189.200 ] * bionic/linux: 4.15.0-189.200 -proposed tracker (LP: #1979525) * linux-image-4.15.0-177-generic freezes on the welcome screen (LP: #1973167) - mfd: intel-lpss: Use MODULE_SOFTDEP() instead of implicit request * Bionic update: upstream stable patchset 2022-06-03 (LP: #1977622) - etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead - mm: page_alloc: fix building error on -Werror=array-compare - tracing: Dump stacktrace trigger to the corresponding instance - gfs2: assign rgrp glock before compute_bitstructs - ALSA: usb-audio: Clear MIDI port active flag after draining - tcp: fix race condition when creating child sockets from syncookies - tcp: Fix potential use-after-free due to double kfree() - dmaengine: imx-sdma: Fix error checking in sdma_event_remap - net/packet: fix packet_sock xmit return value checking - netlink: reset network and mac headers in netlink_dump() - ARM: vexpress/spc: Avoid negative array index when !SMP - platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant - vxlan: fix error return code in vxlan_fdb_append - cifs: Check the IOCB_DIRECT flag, not O_DIRECT - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant - drm/msm/mdp5: check the return of kzalloc() - net: macb: Restart tx only if queue pointer is lagging - stat: fix inconsistency between struct stat and struct compat_stat - ata: pata_marvell: Check the 'bmdma_addr' beforing reading - dma: at_xdmac: fix a missing check on list iterator - powerpc/perf: Fix power9 event alternatives - openvswitch: fix OOB access in reserve_sfa_size() - ASoC: soc-dapm: fix two incorrect uses of list iterator - e1000e: Fix possible overflow in LTR decoding - ARC: entry: fix syscall_trace_exit argument - ext4: fix symlink file size not match to file content - ext4: fix overhead calculation to account for the reserved gdt blocks - ext4: force overhead calculation if the s_overhead_cluster makes no sense - staging: ion: Prevent incorrect reference counting behavour - block/compat_ioctl: fix range check in BLKGETSIZE - ax25: add refcount in ax25_dev to avoid UAF bugs - ax25: fix reference count leaks of ax25_dev - ax25: fix UAF bugs of net_device caused by rebinding operation - ax25: Fix refcount leaks caused by ax25_cb_del() - ax25: fix UAF bug in ax25_send_control() - ax25: fix NPD bug in ax25_disconnect - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers - ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek - net/sched: cls_u32: fix possible leak in u32_init_knode() - drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised - drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) - USB: serial: pl2303: add IBM device IDs - USB: serial: simple: add Nokia phone driver - netdevice: add the case if dev is NULL - virtio_console: break out of buf poll on remove - ethernet: sun: Free the coherent when failing in probing - spi: Fix invalid sgs value - spi: Fix erroneous sgs value with min_t() - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register - fuse: fix pipe buffer lifetime for direct_io - tpm: fix reference counting for struct tpm_chip - block: Add a helper to validate the block size - virtio-blk: Use blk_validate_block_size() to validate block size - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c - coresight: Fix TRCCONFIGR.QE sysfs interface - iio: inkern: apply consumer scale on IIO_VAL_INT cases - iio: inkern: apply consumer scale when no channel scale is available - iio: inkern: make a best effort on offset calculation - clk: uniphier: Fix fixed-rate initialization - Documentation: add link to stable release candidate tree - Documentation: update stable tree link - SUNRPC: avoid race between mod_timer() and del_timer_sync() - NFSD: prevent underflow in nfssvc_decode_writeargs() - pinctrl: samsung: drop pin banks references on error paths - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem - jffs2: fix memory leak in jffs2_do_mount_fs - jffs2: fix memory leak in jffs2_scan_medium - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node - mempolicy: mbind_range() set_policy() after vma_merge() - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands - qed: display VF trust config - qed: validate and restrict untrusted VFs vlan promisc mode - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" - ALSA: cs4236: fix an incorrect NULL check on list iterator - drbd: fix potential silent data corruption - ACPI: properties: Consistently return -ENOENT if there are no more references - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() - video: fbdev: sm712fb: Fix crash in smtcfb_read() - video: fbdev: atari: Atari 2 bpp (STe) palette bugfix - ARM: dts: at91: sama5d2: Fix PMERRLOC resource size - ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 - ARM: dts: exynos: add missing HDMI supplies on SMDK5250 - ARM: dts: exynos: add missing HDMI supplies on SMDK5420 - carl9170: fix missing bit-wise or operator for tx_params - thermal: int340x: Increase bitmap size - lib/raid6/test: fix multiple definition linking error - DEC: Limit PMAX memory probing to R3k systems - media: davinci: vpif: fix unbalanced runtime PM get - brcmfmac: firmware: Allocate space for default boardrev in nvram - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio - PCI: pciehp: Clear cmd_busy bit in polling mode - crypto: authenc - Fix sleep in atomic context in decrypt_tail - crypto: mxs-dcp - Fix scatterlist processing - spi: tegra114: Add missing IRQ check in tegra_spi_probe - selftests/x86: Add validity check and allow field splitting - spi: pxa2xx-pci: Balance reference count for PCI DMA device - hwmon: (pmbus) Add mutex to regulator ops - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING - PM: hibernate: fix __setup handler error handling - PM: suspend: fix return value of __setup handler - hwrng: atmel - disable trng on failure path - crypto: vmx - add missing dependencies - ACPI: APEI: fix return value of __setup handlers - crypto: ccp - ccp_dmaengine_unregister release dma channels - hwmon: (pmbus) Add Vin unit off handling - clocksource: acpi_pm: fix return value of __setup handler - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa - perf/core: Fix address filter parser for multiple filters - perf/x86/intel/pt: Fix address filter config for 32-bit kernel - media: coda: Fix missing put_device() call in coda_get_vdoa_data - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() - ARM: dts: qcom: ipq4019: fix sleep clock - soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe - media: usb: go7007: s2250-board: fix leak in probe() - ASoC: ti: davinci-i2s: Add check for clk_enable() - ALSA: spi: Add check for clk_enable() - arm64: dts: ns2: Fix spi-cpol and spi-cpha property - arm64: dts: broadcom: Fix sata nodename - printk: fix return value of printk.devkmsg __setup handler - ASoC: mxs-saif: Handle errors for clk_enable - ASoC: atmel_ssc_dai: Handle errors for clk_enable - memory: emif: Add check for setup_interrupts - memory: emif: check the pointer temp in get_device_details() - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction - media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED - ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe - ASoC: wm8350: Handle error for wm8350_register_irq - ASoC: fsi: Add check for clk_enable - video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback - ASoC: mxs: Fix error handling in mxs_sgtl5000_probe - ASoC: imx-es8328: Fix error return code in imx_es8328_probe() - ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe - mtd: onenand: Check for error irq - drm/edid: Don't clear formats if using deep color - ath9k_htc: fix uninit value bugs - power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe - ray_cs: Check ioremap return value - power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports - iwlwifi: Fix -EIO error code that is never returned - dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS - scsi: pm8001: Fix command initialization in pm80XX_send_read_log() - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() - scsi: pm8001: Fix abort all task initialization - TOMOYO: fix __setup handlers return values - ext2: correct max file size computing - drm/tegra: Fix reference leak in tegra_dsi_ganged_probe - power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return - KVM: x86: Fix emulation in writing cr8 - KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() - i2c: xiic: Make bus names unique - power: supply: wm8350-power: Handle error for wm8350_register_irq - power: supply: wm8350-power: Add missing free in free_charger_irq - PCI: Reduce warnings on possible RW1C corruption - powerpc/sysdev: fix incorrect use to determine if list is empty - mfd: mc13xxx: Add check for mc13xxx_irq_request - vxcan: enable local echo for sent CAN frames - MIPS: RB532: fix return value of __setup handler - mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init - USB: storage: ums-realtek: fix error code in rts51x_read_mem() - af_netlink: Fix shift out of bounds in group mask calculation - i2c: mux: demux-pinctrl: do not deactivate a master that is not active - tcp: ensure PMTU updates are processed during fastopen - mfd: asic3: Add missing iounmap() on error asic3_mfd_probe - mxser: fix xmit_buf leak in activate when LSR == 0xff - pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() - staging:iio:adc:ad7280a: Fix handing of device address bit reversing. - serial: 8250_mid: Balance reference count for PCI DMA device - serial: 8250: Fix race condition in RTS-after-send handling - iio: adc: Add check for devm_request_threaded_irq - clk: qcom: clk-rcg2: Update the frac table for pixel clock - remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region - clk: loongson1: Terminate clk_div_table with sentinel element - clk: clps711x: Terminate clk_div_table with sentinel element - clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver - NFS: remove unneeded check in decode_devicenotify_args() - pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init - pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe - pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe - tty: hvc: fix return value of __setup handler - kgdboc: fix return value of __setup handler - kgdbts: fix return value of __setup handler - jfs: fix divide error in dbNextAG - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options - xen: fix is_xen_pmu() - net: phy: broadcom: Fix brcm_fet_config_init() - qlcnic: dcb: default to returning -EOPNOTSUPP - net/x25: Fix null-ptr-deref caused by x25_disconnect - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head - lib/test: use after free in register_test_dev_kmod() - selinux: use correct type for context length - loop: use sysfs_emit() in the sysfs xxx show() - Fix incorrect type in assignment of ipv6 port for audit - irqchip/nvic: Release nvic_base upon failure - ACPICA: Avoid walking the ACPI Namespace if it is not there - ACPI/APEI: Limit printable size of BERT table data - PM: core: keep irq flags in device_pm_check_callbacks() - spi: tegra20: Use of_device_get_match_data() - ext4: don't BUG if someone dirty pages without asking ext4 first - ntfs: add sanity check on allocation size - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow - video: fbdev: w100fb: Reset global state - video: fbdev: cirrusfb: check pixclock to avoid divide by zero - video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit - ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 - ARM: dts: bcm2837: Add the missing L1/L2 cache information - video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() - video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() - ASoC: soc-core: skip zero num_dai component in searching dai name - media: cx88-mpeg: clear interrupt status register before streaming video - ARM: tegra: tamonten: Fix I2C3 pad setting - ARM: mmp: Fix failure to remove sram device - video: fbdev: sm712fb: Fix crash in smtcfb_write() - media: hdpvr: initialize dev->worker at hdpvr_register_videodev - mmc: host: Return an error when ->enable_sdio_irq() ops is missing - powerpc/lib/sstep: Fix 'sthcx' instruction - powerpc/lib/sstep: Fix build errors with newer binutils - scsi: qla2xxx: Fix warning for missing error code - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() - KVM: Prevent module exit until all VMs are freed - ubifs: rename_whiteout: Fix double free for whiteout_ui->data - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned - ubifs: rename_whiteout: correct old_dir size computing - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path - can: mcba_usb: properly check endpoint type - gfs2: Make sure FITRIM minlen is rounded up to fs block size - pinctrl: pinconf-generic: Print arguments for bias-pull-* - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data - mm/mmap: return 1 from stack_guard_gap __setup() handler - mm/memcontrol: return 1 from cgroup.memory __setup() handler - ubi: fastmap: Return error code if memory allocation fails in add_aeb() - ASoC: topology: Allow TLV control to be either read or write - ARM: dts: spear1340: Update serial node properties - ARM: dts: spear13xx: Update SPI dma properties - openvswitch: Fixed nd target mask field in the flow dump. - KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated - ubifs: Rectify space amount budget for mkdir/tmpfile operations - rtc: wm8350: Handle error for wm8350_register_irq - ARM: 9187/1: JIVE: fix return value of __setup handler - KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 - ptp: replace snprintf with sysfs_emit - powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 - scsi: mvsas: Replace snprintf() with sysfs_emit() - scsi: bfa: Replace snprintf() with sysfs_emit() - power: supply: axp20x_battery: properly report current when discharging - powerpc: Set crashkernel offset to mid of RMA region - PCI: aardvark: Fix support for MSI interrupts - iommu/arm-smmu-v3: fix event handling soft lockup - dm ioctl: prevent potential spectre v1 gadget - scsi: pm8001: Fix pm8001_mpi_task_abort_resp() - scsi: aha152x: Fix aha152x_setup() __setup handler return value - net/smc: correct settings of RMB window update limit - macvtap: advertise link netns via netlink - bnxt_en: Eliminate unintended link toggle during FW reset - MIPS: fix fortify panic when copying asm exception handlers - scsi: libfc: Fix use after free in fc_exch_abts_resp() - usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm - xtensa: fix DTC warning unit_address_format - Bluetooth: Fix use after free in hci_send_acl - init/main.c: return 1 from handled __setup() functions - w1: w1_therm: fixes w1_seq for ds28ea00 sensors - SUNRPC/call_alloc: async tasks mustn't block waiting for memory - NFS: swap IO handling is slightly different for O_DIRECT IO - NFS: swap-out must always use STABLE writes. - serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() - virtio_console: eliminate anonymous module_init & module_exit - jfs: prevent NULL deref in diFree - parisc: Fix CPU affinity for Lasi, WAX and Dino chips - ipv6: add missing tx timestamping on IPPROTO_RAW - net: add missing SOF_TIMESTAMPING_OPT_ID support - mm: fix race between MADV_FREE reclaim and blkdev direct IO read - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() - scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() - net: stmmac: Fix unset max_speed difference between DT and non-DT platforms - drm/imx: Fix memory leak in imx_pd_connector_get_modes - drbd: Fix five use after free bugs in get_initial_state - Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" - mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) - mm/mempolicy: fix mpol_new leak in shared_policy_replace - x86/pm: Save the MSR validity status at context setup - x86/speculation: Restore speculation related MSRs during S3 resume - btrfs: fix qgroup reserve overflow the qgroup limit - arm64: patch_text: Fixup last cpu should be master - perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator - tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts - dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" - mm: don't skip swap entry even if zap_details specified - arm64: module: remove (NOLOAD) from linker script - mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning - cgroup: Use open-time credentials for process migraton perm checks - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv - cgroup: Use open-time cgroup namespace for process migration perm checks - memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe - veth: Ensure eth header is in skb's linear part - gpiolib: acpi: use correct format characters - mlxsw: i2c: Fix initialization error flow - nfc: nci: add flush_workqueue to prevent uaf - cifs: potential buffer overflow in handling symlinks - drm/amd: Add USBC connector ID - drm/amdkfd: Check for potential null return of kmalloc_array() - Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer - scsi: target: tcmu: Fix possible page UAF - scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs - gpu: ipu-v3: Fix dev_dbg frequency output - scsi: mvsas: Add PCI ID of RocketRaid 2640 - drivers: net: slip: fix NPD bug in sl_tx_timeout() - mm, page_alloc: fix build_zonerefs_node() - mm: kmemleak: take a full lowmem check in kmemleak_*_phys() - gcc-plugins: latent_entropy: use /dev/urandom - ALSA: pcm: Test for "silence" field in struct "pcm_format_data" - ARM: davinci: da850-evm: Avoid NULL pointer dereference - smp: Fix offline cpu check in flush_smp_call_function_queue() - i2c: pasemi: Wait for write xfers to finish - xhci: make xhci_handshake timeout for xhci_reset() adjustable - drm/edid: check basic audio support on CEA extension block - ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() - mmc: davinci_mmc: Handle error for clk_enable - drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev - Bluetooth: hci_serdev: call init_rwsem() before p->open() - drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() - hv_balloon: rate-limit "Unhandled message" warning - scsi: qla2xxx: Fix incorrect reporting of task management failure - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback - sctp: Initialize daddr on peeled off socket - testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set [ Ubuntu: 4.15.0-188.199 ] * bionic/linux: 4.15.0-188.199 -proposed tracker (LP: #1978697) * CVE-2022-28388 - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path [ Ubuntu: 4.15.0-187.198 ] * CVE-2022-21123 // CVE-2022-21125 // CVE-2022-21166 - x86/cpu: Add Elkhart Lake to Intel family - cpu/speculation: Add prototype for cpu_show_srbds() - x86/cpu: Add Jasper Lake to Intel family - x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family - x86/cpu: Add another Alder Lake CPU to the Intel family - Documentation: Add documentation for Processor MMIO Stale Data - x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug - x86/speculation: Add a common function for MD_CLEAR mitigation update - x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data - x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations - x86/speculation/mmio: Enable CPU Fill buffer clearing on idle - x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data - x86/speculation/srbds: Update SRBDS mitigation selection - x86/speculation/mmio: Reuse SRBDS mitigation for SBDS - KVM: x86/speculation: Disable Fill buffer clear within guests - x86/speculation/mmio: Print SMT warning -- Juerg Haefliger <email address hidden> Mon, 27 Jun 2022 16:05:47 +0200
Available diffs
linux-raspi2 (4.15.0-1114.122) bionic; urgency=medium
[ Ubuntu: 4.15.0-184.194 ]
* CVE-2022-1966
- netfilter: nf_tables: disallow non-stateful expression in sets earlier
-- Thadeu Lima de Souza Cascardo <email address hidden> Fri, 03 Jun 2022 16:21:52 -0300
Available diffs
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1112.119) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1112.119 -proposed tracker (LP: #1974422) * Add crda dependency (LP: #1877415) - [Packaging] raspi2: Depend on crda [ Ubuntu: 4.15.0-182.191 ] * CVE-2022-21499 - SAUCE: debug: Lock down kgdb [ Ubuntu: 4.15.0-181.190 ] * bionic/linux: 4.15.0-181.190 -proposed tracker (LP: #1974426) * Bionic update: upstream stable patchset 2022-05-06 (LP: #1972006) - [Config] updateconfigs for ARM64_ERRATUM_1188873 - arm64: arch_timer: Add workaround for ARM erratum 1188873 - arm64: arch_timer: avoid unused function warning - arm64: Add silicon-errata.txt entry for ARM erratum 1188873 - arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT - arm64: Add part number for Neoverse N1 - arm64: Add part number for Arm Cortex-A77 - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition - arm64: Add Cortex-X2 CPU part definition - arm64: entry.S: Add ventry overflow sanity checks - arm64: entry: Make the trampoline cleanup optional - arm64: entry: Free up another register on kpti's tramp_exit path - arm64: entry: Move the trampoline data page before the text page - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary - arm64: entry: Don't assume tramp_vectors is the start of the vectors - arm64: entry: Move trampoline macros out of ifdef'd section - arm64: entry: Make the kpti trampoline's kpti sequence optional - Revert "arm64: mmu: add the entry trampolines start/end section markers into sections.h" - arm64: entry: Allow the trampoline text to occupy multiple pages - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations - [Config] updateconfigs for MITIGATE_SPECTRE_BRANCH_HISTORY - arm64: entry: Add vectors that have the bhb mitigation sequences - arm64: entry: Add macro for reading symbol addresses from the trampoline - arm64: Add percpu vectors for EL1 - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 - KVM: arm64: Add templates for BHB mitigation sequences - arm64: Mitigate spectre style branch history side channels - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated - arm64: add ID_AA64ISAR2_EL1 sys register - arm64: Use the clearbhb instruction in mitigations * issuing invalid ioctl to /dev/vsock may spam dmesg (LP: #1971480) - vsock: remove ratelimit unknown ioctl message * ubuntu_ltp_controllers:cpuset_sched_domains: tests 3,9,11,17,19,25 report incorrect sched domain for cpu#32 (LP: #1951289) - sched/topology: Make sched_init_numa() use a set for the deduplicating sort - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() - ia64: ensure proper NUMA distance and possible map initialization * CVE-2022-1419 - drm/vgem: Reclassify buffer creation debug message - drm/vgem: Close use-after-free race in vgem_gem_create * CVE-2022-28390 - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ethernet: Fix error handling in xemaclite_of_probe - net: ethernet: ti: cpts: Handle error for clk_enable - net: ethernet: lpc_eth: Handle error for clk_enable - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - gpio: ts4900: Do not set DAT and OE together - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - selftests/memfd: clean up mapping in mfd_fail_write - ARM: Spectre-BHB: provide empty stub for non-config - staging: gdm724x: fix use after free in gdm_lte_rx() - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - ARM: fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk - xfrm: Fix xfrm migrate issues when address family changes - arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity - ARM: dts: rockchip: fix a typo on rk3288 crypto-controller - MIPS: smp: fill in sibling and core maps earlier - ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE - can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready - atm: firestream: check the return value of ioremap() in fs_init() - nl80211: Update bss channel on channel switch for P2P_CLIENT - tcp: make tcp_read_sock() more robust - sfc: extend the locking on mcdi->seqno - kselftest/vm: fix tests build with old libc - fs: sysfs_emit: Remove PAGE_SIZE alignment check - efi: fix return value of __setup handlers - net/packet: fix slab-out-of-bounds access in packet_recvmsg() - atm: eni: Add check for dma_map_single - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() - usb: gadget: rndis: prevent integer overflow in rndis_set_response() - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver - Input: aiptek - properly check endpoint type - perf symbols: Fix symbol size calculation condition - net: dsa: Add missing of_node_put() in dsa_port_parse_of - net: ipv6: fix skb_over_panic in __ip6_append_data - staging: fbtft: fb_st7789v: reset display before initialization - thermal: int340x: fix memory leak in int3400_notify() - llc: fix netdevice reference leaks in llc_ui_bind() - ALSA: pcm: Add stream lock during PCM reset ioctl operations - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB - ALSA: cmipci: Restore aux vol on suspend/resume - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec - drivers: net: xgene: Fix regression in CRC stripping - netfilter: nf_tables: initialize registers in nft_do_chain() - ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 - ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU - crypto: qat - disable registration of algorithms - mac80211: fix potential double free on mesh join - llc: only change llc->dev when bind() succeeds -- Juerg Haefliger <email address hidden> Fri, 27 May 2022 11:24:31 +0200
Available diffs
linux-raspi2 (4.15.0-1111.118) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1111.118 -proposed tracker (LP: #1974009) [ Ubuntu: 4.15.0-180.189 ] * bionic/linux: 4.15.0-180.189 -proposed tracker (LP: #1974013) * CVE-2022-29581 - net/sched: cls_u32: fix netns refcount changes in u32_change() * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (LP: #1972740) - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE * ext4: limit length to bitmap_maxbytes (LP: #1972281) - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole -- Juerg Haefliger <email address hidden> Thu, 19 May 2022 15:44:33 +0200
Available diffs
| Deleted in bionic-proposed (Reason: NBS) |
linux-raspi2 (4.15.0-1110.117) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1110.117 -proposed tracker (LP: #1971795) * Add crda dependency (LP: #1877415) - [Packaging] raspi2: Depend on crda [ Ubuntu: 4.15.0-179.188 ] * bionic/linux: 4.15.0-179.188 -proposed tracker (LP: #1972673) * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (LP: #1972740) - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE * ext4: limit length to bitmap_maxbytes (LP: #1972281) - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole [ Ubuntu: 4.15.0-178.187 ] * bionic/linux: 4.15.0-178.187 -proposed tracker (LP: #1971799) * Bionic update: upstream stable patchset 2022-05-06 (LP: #1972006) - [Config] updateconfigs for ARM64_ERRATUM_1188873 - arm64: arch_timer: Add workaround for ARM erratum 1188873 - arm64: arch_timer: avoid unused function warning - arm64: Add silicon-errata.txt entry for ARM erratum 1188873 - arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT - arm64: Add part number for Neoverse N1 - arm64: Add part number for Arm Cortex-A77 - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition - arm64: Add Cortex-X2 CPU part definition - arm64: entry.S: Add ventry overflow sanity checks - arm64: entry: Make the trampoline cleanup optional - arm64: entry: Free up another register on kpti's tramp_exit path - arm64: entry: Move the trampoline data page before the text page - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary - arm64: entry: Don't assume tramp_vectors is the start of the vectors - arm64: entry: Move trampoline macros out of ifdef'd section - arm64: entry: Make the kpti trampoline's kpti sequence optional - Revert "arm64: mmu: add the entry trampolines start/end section markers into sections.h" - arm64: entry: Allow the trampoline text to occupy multiple pages - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations - [Config] updateconfigs for MITIGATE_SPECTRE_BRANCH_HISTORY - arm64: entry: Add vectors that have the bhb mitigation sequences - arm64: entry: Add macro for reading symbol addresses from the trampoline - arm64: Add percpu vectors for EL1 - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 - KVM: arm64: Add templates for BHB mitigation sequences - arm64: Mitigate spectre style branch history side channels - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated - arm64: add ID_AA64ISAR2_EL1 sys register - arm64: Use the clearbhb instruction in mitigations * issuing invalid ioctl to /dev/vsock may spam dmesg (LP: #1971480) - vsock: remove ratelimit unknown ioctl message * ubuntu_ltp_controllers:cpuset_sched_domains: tests 3,9,11,17,19,25 report incorrect sched domain for cpu#32 (LP: #1951289) - sched/topology: Make sched_init_numa() use a set for the deduplicating sort - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() - ia64: ensure proper NUMA distance and possible map initialization * CVE-2022-1419 - drm/vgem: Reclassify buffer creation debug message - drm/vgem: Close use-after-free race in vgem_gem_create * CVE-2022-28390 - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - qed: return status of qed_iov_get_link - ethernet: Fix error handling in xemaclite_of_probe - net: ethernet: ti: cpts: Handle error for clk_enable - net: ethernet: lpc_eth: Handle error for clk_enable - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - NFC: port100: fix use-after-free in port100_send_complete - gpio: ts4900: Do not set DAT and OE together - sctp: fix kernel-infoleak for SCTP sockets - net-sysfs: add check for netdevice being present to speed_show - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - tracing: Ensure trace buffer is at least 4096 bytes large - selftests/memfd: clean up mapping in mfd_fail_write - ARM: Spectre-BHB: provide empty stub for non-config - staging: gdm724x: fix use after free in gdm_lte_rx() - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - ARM: fix Thumb2 regression with Spectre BHB - ext4: add check to prevent attempting to resize an fs with sparse_super2 - btrfs: unlock newly allocated extent buffer after error - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk - xfrm: Fix xfrm migrate issues when address family changes - arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity - ARM: dts: rockchip: fix a typo on rk3288 crypto-controller - MIPS: smp: fill in sibling and core maps earlier - ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE - can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready - atm: firestream: check the return value of ioremap() in fs_init() - nl80211: Update bss channel on channel switch for P2P_CLIENT - tcp: make tcp_read_sock() more robust - sfc: extend the locking on mcdi->seqno - kselftest/vm: fix tests build with old libc - fs: sysfs_emit: Remove PAGE_SIZE alignment check - efi: fix return value of __setup handlers - net/packet: fix slab-out-of-bounds access in packet_recvmsg() - atm: eni: Add check for dma_map_single - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() - usb: gadget: rndis: prevent integer overflow in rndis_set_response() - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver - Input: aiptek - properly check endpoint type - perf symbols: Fix symbol size calculation condition - net: dsa: Add missing of_node_put() in dsa_port_parse_of - net: ipv6: fix skb_over_panic in __ip6_append_data - staging: fbtft: fb_st7789v: reset display before initialization - thermal: int340x: fix memory leak in int3400_notify() - llc: fix netdevice reference leaks in llc_ui_bind() - ALSA: pcm: Add stream lock during PCM reset ioctl operations - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB - ALSA: cmipci: Restore aux vol on suspend/resume - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec - drivers: net: xgene: Fix regression in CRC stripping - netfilter: nf_tables: initialize registers in nft_do_chain() - ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 - ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU - crypto: qat - disable registration of algorithms - mac80211: fix potential double free on mesh join - llc: only change llc->dev when bind() succeeds -- Juerg Haefliger <email address hidden> Mon, 16 May 2022 17:15:05 +0200
Available diffs
linux-raspi2 (4.15.0-1109.116) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1109.116 -proposed tracker (LP: #1969079) [ Ubuntu: 4.15.0-177.186 ] * bionic/linux: 4.15.0-177.186 -proposed tracker (LP: #1969083) * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing - parisc/unaligned: Fix fldd and fstd unaligned handlers on 32-bit kernel - parisc/unaligned: Fix ldw() and stw() unalignment handlers - sr9700: sanity check for packet length - USB: zaurus: support another broken Zaurus - ping: remove pr_err from ping_lookup - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends - gso: do not skip outer ip header in case of ipip and net_failover - openvswitch: Fix setting ipv6 fields causing hw csum failure - drm/edid: Always set RGB444 - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure - configfs: fix a race in configfs_{,un}register_subsystem() - RDMA/ib_srp: Fix a deadlock - iio: adc: men_z188_adc: Fix a resource leak in an error handling path - ata: pata_hpt37x: disable primary channel on HPT371 - Revert "USB: serial: ch341: add new Product ID for CH341A" - usb: gadget: rndis: add spinlock for rndis response list - tracefs: Set the group ownership in apply_options() not parse_options() - USB: serial: option: add support for DW5829e - USB: serial: option: add Telit LE910R1 compositions - usb: dwc3: gadget: Let the interrupt handler disable bottom halves. - xhci: re-initialize the HC during resume if HCE was set - xhci: Prevent futile URB re-submissions due to incorrect return value. - tty: n_gsm: fix encoding of control signal octet bit DV - tty: n_gsm: fix proper link termination after failed open - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" - memblock: use kfree() to release kmalloced memblock regions - fget: clarify and improve __fget_files() implementation - gpio: tegra186: Fix chip_data type confusion - tracing: Have traceon and traceoff trigger honor the instance - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - i2c: bcm2835: Avoid clock stretching timeouts - Input: clear BTN_RIGHT/MIDDLE on buttonpads - cifs: fix double free race when mount fails in cifs_get_root() - dmaengine: shdma: Fix runtime PM imbalance on error - i2c: cadence: allow COMPILE_TEST - i2c: qup: allow COMPILE_TEST - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf - usb: gadget: clear related members when goto fail - ata: pata_hpt37x: fix PCI clock detection - ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - xfrm: enforce validity of offload input flags - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - mac80211: fix forwarded mesh frames AC & queue selection - net: stmmac: fix return value of __setup handler - net: sxgbe: fix return value of __setup handler - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions - soc: fsl: qe: Check of ioremap return value - net: chelsio: cxgb3: check the return value of pci_find_capability() - nl80211: Handle nla_memdup failures in handle_nan_filter - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_ALL_APPLICATIONS - memfd: fix F_SEAL_WRITE after shmem huge page allocated - net: dcb: disable softirqs in dcbnl_flush_dev() - hamradio: fix macro redefine warning - arm/arm64: Provide a wrapper for SMCCC 1.1 calls - arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit() - ARM: report Spectre v2 status through sysfs - ARM: early traps initialisation - ARM: use LOADADDR() to get load address of sections - [Config] updateconfigs for HARDEN_BRANCH_HISTORY - ARM: Spectre-BHB workaround - ARM: include unprivileged BPF status in Spectre V2 reporting - ARM: fix build error when BPF_SYSCALL is disabled - ARM: fix co-processor register typo - ARM: Do not use NOCROSSREFS directive with ld.lld - ARM: fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case - xen/grant-table: add gnttab_try_end_foreign_access() - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status - xen/netfront: don't use gnttab_query_foreign_access() for mapped status - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status - xen/gntalloc: don't use gnttab_query_foreign_access() - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() - xen/gnttab: fix gnttab_end_foreign_access() without page specified - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() * ip6gre driver does not hold device reference (LP: #1968340) - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods * LRMv6: add multi-architecture support (LP: #1968774) - [Packaging] resync dkms-build{,--nvidia-N} * Use kernel-testing repo from launchpad for ADT tests (LP: #1968016) - [Debian] Use kernel-testing repo from launchpad * vmx_ldtr_test in ubuntu_kvm_unit_tests failed (FAIL: Expected 0 for L1 LDTR selector (got 50)) (LP: #1956315) - KVM: nVMX: Set LDTR to its architecturally defined value on nested VM-Exit * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) - moxart: fix potential use-after-free on remove path - x86/mm, mm/hwpoison: Fix the unmap kernel 1:1 pages check condition - integrity: check the return value of audit_log_start() - ima: Remove ima_policy file before directory - ima: Allow template selection with ima_template[_fmt]= after ima_hash= - mmc: sdhci-of-esdhc: Check for error num after setting mask - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs - NFS: Fix initialisation of nfs_client cl_flags field - NFSD: Clamp WRITE offsets - NFSv4 only print the label when its queried - nfs: nfs4clinet: check the return value of kstrdup() - NFSv4.1: Fix uninitialised variable in devicenotify - NFSv4 remove zero number of fs_locations entries error check - NFSv4 expose nfs_parse_server_name function - scsi: target: iscsi: Make sure the np under each tpg is unique - usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend - net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() - Revert "net: axienet: Wait for PhyRstCmplt after core reset" - ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group - ARM: dts: meson: Fix the UART compatible strings - staging: fbtft: Fix error path in fbtft_driver_module_init() - ARM: dts: imx6qdl-udoo: Properly describe the SD card detect - usb: f_fs: Fix use-after-free for epfile - bonding: pair enable_port with slave_arr_updates - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path - net: do not keep the dst cache when uncloning an skb dst and its metadata - net: fix a memleak when uncloning an skb dst and its metadata - tipc: rate limit warning for received illegal binding update - net: amd-xgbe: disable interrupts during pci removal - vt_ioctl: fix array_index_nospec in vt_setactivate - vt_ioctl: add array_index_nospec to VT_ACTIVATE - n_tty: wake up poll(POLLRDNORM) on receiving data - usb: ulpi: Move of_node_put to ulpi_dev_release - usb: ulpi: Call of_node_put correctly - usb: dwc3: gadget: Prevent core from processing stale TRBs - USB: gadget: validate interface OS descriptor requests - usb: gadget: rndis: check size of RNDIS_MSG_SET command - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 - USB: serial: option: add ZTE MF286D modem - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices - USB: serial: cp210x: add NCR Retail IO box id - USB: serial: cp210x: add CPI Bulk Coin Recycler id - seccomp: Invalidate seccomp mode to catch death failures - hwmon: (dell-smm) Speed up setting of fan speed - perf: Fix list corruption in perf_cgroup_switch() - net: bridge: fix stale eth hdr pointer in br_dev_xmit - Makefile.extrawarn: Move -Wunaligned-access to W=1 - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - serial: parisc: GSC: fix build when IOSAPIC is not set - parisc: Fix data TLB miss in sba_unmap_sg - parisc: Fix sglist access in ccio-dma.c - btrfs: send: in case of IO error log it - net: ieee802154: at86rf230: Stop leaking skb's - selftests/zram: Skip max_comp_streams interface on newer kernel - selftests/zram01.sh: Fix compression ratio calculation - selftests/zram: Adapt the situation that /dev/zram0 is being used - ax25: improve the incomplete fix to avoid UAF and NPD bugs - vfs: make freeze_super abort when sync_filesystem returns error - quota: make dquot_quota_sync return errors from ->sync_fs - Revert "module, async: async_synchronize_full() on module init iff async is used" - iwlwifi: fix use-after-free - drm/radeon: Fix backlight control on iMac 12,1 - xfrm: Don't accidentally set RTO_ONLINK in decode_session4() - taskstats: Cleanup the use of task->exit_code - vsock: remove vsock from connected table when connect is interrupted by a signal - iwlwifi: pcie: fix locking when "HW not ready" - iwlwifi: pcie: gen2: fix locking when "HW not ready" - net: ieee802154: ca8210: Fix lifs/sifs periods - ping: fix the dif and sdif check in ping_lookup - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit - bonding: fix data-races around agg_select_timer - libsubcmd: Fix use-after-free for realloc(..., 0) - ALSA: hda: Fix regression on forced probe mask option - ALSA: hda: Fix missing codec probe on Shenker Dock 15 - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() - powerpc/lib/sstep: fix 'ptesync' build error - NFS: LOOKUP_DIRECTORY is also ok with symlinks - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() - net: sched: limit TC_ACT_REPEAT loops - dmaengine: sh: rcar-dmac: Check for error num after setting mask - i2c: brcmstb: fix support for DSL and CM variants - mtd: rawnand: brcmnand: Refactored code to introduce helper functions - mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status - KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW - NFS: Do not report writeback errors in nfs_getattr() - ARM: OMAP2+: hwmod: Add of_node_put() before break - ata: libata-core: Disable TRIM on M88V29 - tracing: Fix tp_printk option related with tp_printk_stop_on_boot - net: usb: qmi_wwan: Add support for Dell DW5829e - net: macb: Align the dma and coherent dma masks - net: dsa: lan9303: fix reset on probe * CVE-2022-27223 - USB: gadget: validate endpoint index for xilinx udc * CVE-2022-26490 - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD - x86/speculation: Update link to AMD speculation whitepaper - x86/speculation: Warn about Spectre v2 LFENCE mitigation - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT * CVE-2022-0001 - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting -- Juerg Haefliger <email address hidden> Tue, 26 Apr 2022 10:09:34 +0200
Available diffs
linux-raspi2 (4.15.0-1108.115) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1108.115 -proposed tracker (LP: #1967420) [ Ubuntu: 4.15.0-176.185 ] * bionic/linux: 4.15.0-176.185 -proposed tracker (LP: #1966771) * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) - can: bcm: fix UAF of bcm op - net: bridge: clear bridge's private skb space on xmit - s390/hypfs: include z/VM guests with access control group set - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format - PM: wakeup: simplify the output logic of pm_show_wakelocks() - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - serial: stm32: fix software flow control transfer - tty: n_gsm: fix SW flow control encoding/handling - tty: Add support for Brainboxes UC cards. - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - usb: common: ulpi: Fix crash in ulpi_match() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - USB: core: Fix hang in usb_kill_urb by adding memory barriers - usb: typec: tcpm: Do not disconnect while receiving VBUS off - net: sfp: ignore disabled SFP node - powerpc/32: Fix boot failure with GCC latent entropy plugin - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() - i40e: Increase delay to 1 s after global EMP reset - i40e: fix unsigned stat widths - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - ipv6_tunnel: Rate limit warning messages - net: fix information leakage in /proc/net/ptype - ping: fix the sk_bound_dev_if match in ping_lookup - ipv4: avoid using shared IP generator for connected sockets - hwmon: (lm90) Reduce maximum conversion rate for G781 - NFSv4: Handle case where the lookup of a directory fails - NFSv4: nfs_atomic_open() can race when looking up a non-regular file - net-procfs: show net devices bound packet types - drm/msm: Fix wrong size calculation - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - ibmvnic: don't spin in tasklet - yam: fix a memory leak in yam_siocdevprivate() - ipv4: raw: lock the socket in raw_bind() - ipv4: tcp: send zero IPID in SYNACK messages - netfilter: nat: remove l4 protocol port rovers - netfilter: nat: limit port clash resolution attempts - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - net: amd-xgbe: ensure to reset the tx_timer_active flag - net: amd-xgbe: Fix skb data length underflow - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - drm/nouveau: fix off by one in BIOS boundary checking - block: bio-integrity: Advance seed correctly for larger interval sizes - RDMA/mlx4: Don't continue event handler after memory allocation failure - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() - spi: bcm-qspi: check for valid cs before applying chip select - spi: mediatek: Avoid NULL pointer crash in interrupt - spi: meson-spicc: add IRQ check in meson_spicc_probe - net: ieee802154: ca8210: Stop leaking skb's - net: ieee802154: Return meaningful error codes from the netlink helpers - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - drm/i915/overlay: Prevent divide by zero bugs in scaling - ASoC: fsl: Add missing error handling in pcm030_fabric_probe - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - selftests: futex: Use variable MAKE instead of make - rtc: cmos: Evaluate century appropriate - EDAC/altera: Fix deferred probing - EDAC/xgene: Fix deferred probing - ext4: fix error handling in ext4_restore_inline_data() - serial: 8250: of: Fix mapped region size when using reg-offset property - i40e: Fix issue when maximum queues is exceeded - i40e: Fix queues reservation for XDP - ipv6: annotate accesses to fn->fn_sernum - ibmvnic: init ->running_cap_crqs early * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // audit: improve audit queue handling when "audit=1" on cmdline (LP: #1965723) - audit: improve audit queue handling when "audit=1" on cmdline * CVE-2021-43975 - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait * Packaging resync (LP: #1786013) - [Packaging] resync dkms-build{,--nvidia-N} from LRMv5 -- Juerg Haefliger <email address hidden> Thu, 07 Apr 2022 16:37:32 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1107.114) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1107.114 -proposed tracker (LP: #1966300) [ Ubuntu: 4.15.0-175.184 ] * bionic/linux: 4.15.0-175.184 -proposed tracker (LP: #1966304) * CVE-2022-27666 - esp: Fix possible buffer overflow in ESP transformation [ Ubuntu: 4.15.0-173.182 ] * bionic/linux: 4.15.0-173.182 -proposed tracker (LP: #1965552) * Pick fixup from upstream stable patchset 2022-03-04 to address cert failure with clock jitter test on NUC7i3DNHE (LP: #1964213) - Bluetooth: refactor malicious adv data check -- Juerg Haefliger <email address hidden> Fri, 25 Mar 2022 13:43:26 +0100
Available diffs
linux-raspi2 (4.15.0-1106.113) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1106.113 -proposed tracker (LP: #1964236) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md [ Ubuntu: 4.15.0-172.181 ] * CVE-2022-0847 - lib/iov_iter: initialize "flags" in new pipe_buffer * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: fix init and cleanup of sco_conn.timeout_work - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - can: softing_cs: softingcs_probe(): fix memleak on registration failure - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - clk: bcm-2835: Pick the closest clock rate - clk: bcm-2835: Remove rounding up the dividers - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - media: dmxdev: fix UAF when dvb_register_device() fails - crypto: qce - fix uaf on qce_ahash_register_one - tty: serial: atmel: Check return code of dmaengine_submit() - tty: serial: atmel: Call dma_async_issue_pending() - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released - netfilter: bridge: add support for pppoe filtering - arm64: dts: qcom: msm8916: fix MMC controller aliases - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - usb: ftdi-elan: fix memory leak on device disconnect - x86/mce/inject: Avoid out-of-bounds write when setting flags - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - ppp: ensure minimum packet size in ppp_write() - fsl/fman: Check for null pointer after calling devm_ioremap - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - can: xilinx_can: xcan_probe(): check for error irq - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - RDMA/hns: Validate the pkey index - powerpc/prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - char/mwave: Adjust io port register size - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - dmaengine: pxa/mmp: stop referencing config->slave_id - iommu/iova: Fix race between FQ timeout and teardown - ASoC: samsung: idma: Check of ioremap return value - misc: lattice-ecp3-config: Fix task hung when firmware load failed - mips: lantiq: add support for clk_set_parent() - mips: bcm63xx: add support for clk_set_parent() - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - mlxsw: pci: Add shutdown method in PCI driver - drm/bridge: megachips: Ensure both bridges are probed before registration - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - HSI: core: Fix return freed object in hsi_new_client - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() - usb: uhci: add aspeed ast2600 uhci support - floppy: Add max size check for user space request - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - arm64: tegra: Adjust length of CCPLEX cluster MMIO region - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - um: registers: Rename function names to avoid conflicts and build problems - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - parisc: Avoid calling faulthandler_disabled() twice - powerpc/6xx: add missing of_node_put - powerpc/powernv: add missing of_node_put - powerpc/cell: add missing of_node_put - powerpc/btext: add missing of_node_put - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race - i2c: i801: Don't silently correct invalid transfer size - powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING - i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - MIPS: OCTEON: add put_device() after of_find_device_by_node() - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - MIPS: Octeon: Fix build errors using clang - scsi: sr: Don't use GFP_DMA - ASoC: mediatek: mt8173: fix device_node leak - power: bq25890: Enable continuous conversion for ADC at charging - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() - drm/radeon: fix error handling in radeon_driver_open_kms - firmware: Update Kconfig help text for Google firmware - Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization - RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - powerpc/cell: Fix clang -Wimplicit-fallthrough warning - powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module - parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - net: axienet: Wait for PhyRstCmplt after core reset - net: axienet: fix number of TX ring slots for available check - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - dmaengine: at_xdmac: Don't start transactions at tx_submit level - dmaengine: at_xdmac: Print debug message after realeasing the lock - dmaengine: at_xdmac: Fix lld view setting - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition - net_sched: restore "mpu xxx" handling - bcmgenet: add WOL IRQ check - scripts/dtc: dtx_diff: remove broken example from help text - lib82596: Fix IRQ check in sni_82596_probe - mips,s390,sh,sparc: gup: Work around the "COW can break either way" issue - gianfar: simplify FCS handling and fix memory leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - wcn36xx: Release DMA channel descriptor allocations - tty: serial: uartlite: allow 64 bit address - xfrm: fix a small bug in xfrm_sa_len() - mmc: meson-mx-sdio: add IRQ check - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - staging: greybus: audio: Check null pointer - Bluetooth: hci_bcm: Check for error irq - ASoC: rt5663: Handle device_property_read_u32_array error codes - rpmsg: Only invoke announce_create for rpdev with endpoints - rpmsg: core: Clean up resources on announce_create failure. - dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK - rtc: pxa: fix null pointer dereference * CVE-2022-0435 - tipc: improve size validations for received domain records * CVE-2022-0492 - cgroup-v1: Require capabilities to set release_agent * CVE-2021-3506 - f2fs: fix to avoid out-of-bounds memory access * Bionic update: upstream stable patchset 2022-02-01 (LP: #1959709) - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - virtio_pci: Support surprise removal of virtio pci device - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - power: reset: ltc2952: Fix use of floating point literals - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts - usb: mtu3: fix interval value for intr and isoc * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) - tee: handle lookup of shm with reference count 0 - platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - net: usb: pegasus: Do not drop long Ethernet frames - NFC: st21nfca: Fix memory leak in device probe and remove - fsl/fman: Fix missing put_device() call in fman_port_probe - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - binder: fix async_free_space accounting for empty parcels - scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler - sctp: use call_rcu to free endpoint - Input: i8042 - add deferred probe support - Input: i8042 - enable deferred probe quirk for ASUS UM325UA - i2c: validate user data in compat ioctl - usb: mtu3: set interval of FS intr and isoc endpoint * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // HID_ASUS should depend on USB_HID in stable v4.15 backports (LP: #1959762) - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option * Packaging resync (LP: #1786013) - [Packaging] resync getabis -- Juerg Haefliger <email address hidden> Mon, 14 Mar 2022 08:52:39 +0100
Available diffs
linux-raspi2 (4.15.0-1105.112) bionic; urgency=medium * Disable unprivileged BPF by default (LP: #1961338) - [Config] raspi2: Enable CONFIG_BPF_UNPRIV_DEFAULT_OFF [ Ubuntu: 4.15.0-171.180 ] * CVE-2022-0001 - cpu/SMT: create and export cpu_smt_possible() - x86/speculation: Merge one test in spectre_v2_user_select_mitigation() - x86,bugs: Unconditionally allow spectre_v2=retpoline,amd - SAUCE: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - SAUCE: x86/speculation: Add eIBRS + Retpoline options - SAUCE: Documentation/hw-vuln: Update spectre doc * Disable unprivileged BPF by default (LP: #1961338) - bpf: Add kconfig knob for disabling unpriv bpf by default - [Config] set CONFIG_BPF_UNPRIV_DEFAULT_OFF=y -- Juerg Haefliger <email address hidden> Thu, 03 Mar 2022 14:18:41 +0100
Available diffs
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1104.111) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1104.111 -proposed tracker (LP: #1961295) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md [ Ubuntu: 4.15.0-170.178 ] * bionic/linux: 4.15.0-170.178 -proposed tracker (LP: #1961299) * Packaging resync (LP: #1786013) - [Packaging] resync getabis * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - Bluetooth: bfusb: fix division by zero in send path - USB: core: Fix bug in resuming hub's handling of wakeup requests - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} - random: fix data race on crng_node_pool - random: fix data race on crng init time - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() - media: uvcvideo: fix division by zero at stream start - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled - Bluetooth: schedule SCO timeouts with delayed_work - Bluetooth: fix init and cleanup of sco_conn.timeout_work - HID: uhid: Fix worker destroying device without any protection - HID: wacom: Ignore the confidence flag when a touch is removed - HID: wacom: Avoid using stale array indicies to read contact count - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() - rtc: cmos: take rtc_lock while reading from CMOS - media: flexcop-usb: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: s2255: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: redrat3: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: stk1160: fix control-message timeouts - can: softing_cs: softingcs_probe(): fix memleak on registration failure - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails - clk: bcm-2835: Pick the closest clock rate - clk: bcm-2835: Remove rounding up the dividers - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - media: em28xx: fix memory leak in em28xx_init_dev - Bluetooth: stop proccessing malicious adv data - media: dmxdev: fix UAF when dvb_register_device() fails - crypto: qce - fix uaf on qce_ahash_register_one - tty: serial: atmel: Check return code of dmaengine_submit() - tty: serial: atmel: Call dma_async_issue_pending() - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released - netfilter: bridge: add support for pppoe filtering - arm64: dts: qcom: msm8916: fix MMC controller aliases - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() - serial: amba-pl011: do not request memory region twice - floppy: Fix hang in watchdog when disk is ejected - media: dib8000: Fix a memleak in dib8000_init() - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() - media: si2157: Fix "warm" tuner state detection - sched/rt: Try to restart rt period timer when rt runtime exceeded - media: dw2102: Fix use after free - media: msi001: fix possible null-ptr-deref in msi001_probe() - usb: ftdi-elan: fix memory leak on device disconnect - x86/mce/inject: Avoid out-of-bounds write when setting flags - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() - ppp: ensure minimum packet size in ppp_write() - fsl/fman: Check for null pointer after calling devm_ioremap - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe - tpm: add request_locality before write TPM_INT_ENABLE - can: softing: softing_startstop(): fix set but not used variable warning - can: xilinx_can: xcan_probe(): check for error irq - pcmcia: fix setting of kthread task states - net: mcs7830: handle usb read errors properly - ext4: avoid trim error on fs with small groups - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls - RDMA/hns: Validate the pkey index - powerpc/prom_init: Fix improper check of prom_getprop() - ALSA: oss: fix compile error when OSS_DEBUG is enabled - char/mwave: Adjust io port register size - scsi: ufs: Fix race conditions related to driver data - RDMA/core: Let ib_find_gid() continue search even after empty entry - dmaengine: pxa/mmp: stop referencing config->slave_id - iommu/iova: Fix race between FQ timeout and teardown - ASoC: samsung: idma: Check of ioremap return value - misc: lattice-ecp3-config: Fix task hung when firmware load failed - mips: lantiq: add support for clk_set_parent() - mips: bcm63xx: add support for clk_set_parent() - RDMA/cxgb4: Set queue pair state when being queried - Bluetooth: Fix debugfs entry leak in hci_register_dev() - fs: dlm: filter user dlm messages for kernel locks - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - usb: gadget: f_fs: Use stream_open() for endpoint files - HID: apple: Do not reset quirks when the Fn key is not found - media: b2c2: Add missing check in flexcop_pci_isr: - mlxsw: pci: Add shutdown method in PCI driver - drm/bridge: megachips: Ensure both bridges are probed before registration - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - HSI: core: Fix return freed object in hsi_new_client - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() - usb: uhci: add aspeed ast2600 uhci support - floppy: Add max size check for user space request - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() - media: m920x: don't use stack on USB reads - iwlwifi: mvm: synchronize with FW after multicast commands - ath10k: Fix tx hanging - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - bpf: Do not WARN in bpf_warn_invalid_xdp_action() - media: igorplugusb: receiver overflow should be reported - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - arm64: tegra: Adjust length of CCPLEX cluster MMIO region - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - iwlwifi: fix leaks/bad data after failed firmware load - iwlwifi: remove module loading failure message - um: registers: Rename function names to avoid conflicts and build problems - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - btrfs: remove BUG_ON() in find_parent_nodes() - btrfs: remove BUG_ON(!eie) in find_parent_nodes - net: mdio: Demote probed message to debug print - mac80211: allow non-standard VHT MCS-10/11 - dm btree: add a defensive bounds check to insert_at() - dm space map common: add bounds check to sm_ll_lookup_bitmap() - net: phy: marvell: configure RGMII delays for 88E1118 - serial: pl010: Drop CR register reset on set_termios - serial: core: Keep mctrl register state and cached copy in sync - parisc: Avoid calling faulthandler_disabled() twice - powerpc/6xx: add missing of_node_put - powerpc/powernv: add missing of_node_put - powerpc/cell: add missing of_node_put - powerpc/btext: add missing of_node_put - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race - i2c: i801: Don't silently correct invalid transfer size - powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING - i2c: mpc: Correct I2C reset procedure - w1: Misuse of get_user()/put_user() reported by sparse - ALSA: seq: Set upper limit of processed events - MIPS: OCTEON: add put_device() after of_find_device_by_node() - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - MIPS: Octeon: Fix build errors using clang - scsi: sr: Don't use GFP_DMA - ASoC: mediatek: mt8173: fix device_node leak - power: bq25890: Enable continuous conversion for ADC at charging - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers - serial: Fix incorrect rs485 polarity on uart open - cputime, cpuacct: Include guest time in user time in cpuacct.stat - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - ext4: make sure quota gets properly shutdown on error - ext4: set csum seed in tmp inode while migrating to extents - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: don't use the orphan list when migrating an inode - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() - drm/radeon: fix error handling in radeon_driver_open_kms - firmware: Update Kconfig help text for Google firmware - Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization - RDMA/hns: Modify the mapping attribute of doorbell to device - RDMA/rxe: Fix a typo in opcode name - powerpc/cell: Fix clang -Wimplicit-fallthrough warning - powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module - parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress - net: axienet: Wait for PhyRstCmplt after core reset - net: axienet: fix number of TX ring slots for available check - netns: add schedule point in ops_exit_list() - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() - dmaengine: at_xdmac: Don't start transactions at tx_submit level - dmaengine: at_xdmac: Print debug message after realeasing the lock - dmaengine: at_xdmac: Fix lld view setting - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition - net_sched: restore "mpu xxx" handling - bcmgenet: add WOL IRQ check - scripts/dtc: dtx_diff: remove broken example from help text - lib82596: Fix IRQ check in sni_82596_probe - mips,s390,sh,sparc: gup: Work around the "COW can break either way" issue - gianfar: simplify FCS handling and fix memory leak - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries - firmware: qemu_fw_cfg: fix kobject leak in probe error path - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows - wcn36xx: Release DMA channel descriptor allocations - tty: serial: uartlite: allow 64 bit address - xfrm: fix a small bug in xfrm_sa_len() - mmc: meson-mx-sdio: add IRQ check - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() - staging: greybus: audio: Check null pointer - Bluetooth: hci_bcm: Check for error irq - ASoC: rt5663: Handle device_property_read_u32_array error codes - rpmsg: Only invoke announce_create for rpdev with endpoints - rpmsg: core: Clean up resources on announce_create failure. - dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK - rtc: pxa: fix null pointer dereference * CVE-2022-0435 - tipc: improve size validations for received domain records * CVE-2022-0492 - cgroup-v1: Require capabilities to set release_agent * CVE-2021-3506 - f2fs: fix to avoid out-of-bounds memory access * Bionic update: upstream stable patchset 2022-02-01 (LP: #1959709) - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() - tracing: Tag trace_percpu_buffer as a percpu pointer - virtio_pci: Support surprise removal of virtio pci device - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - RDMA/core: Don't infoleak GRH fields - mac80211: initialize variable have_higher_than_11mbit - i40e: fix use-after-free in i40e_sync_filters_subtask() - i40e: Fix incorrect netdev's real number of RX/TX queues - ipv6: Check attribute length for RTA_GATEWAY in multipath route - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - power: reset: ltc2952: Fix use of floating point literals - rndis_host: support Hytera digital radios - phonet: refcount leak in pep_sock_accep - ipv6: Continue processing multipath route even if gateway attribute is invalid - ipv6: Do cleanup if attribute validation fails in multipath route - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - net: udp: fix alignment problem in udp4_seq_show() - mISDN: change function names to avoid conflicts - usb: mtu3: fix interval value for intr and isoc * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) - tee: handle lookup of shm with reference count 0 - platform/x86: apple-gmux: use resource_size() with res - selinux: initialize proto variable in selinux_ip_postroute_compat() - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() - net: usb: pegasus: Do not drop long Ethernet frames - NFC: st21nfca: Fix memory leak in device probe and remove - fsl/fman: Fix missing put_device() call in fman_port_probe - nfc: uapi: use kernel size_t to fix user-space builds - uapi: fix linux/nfc.h userspace compilation errors - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - binder: fix async_free_space accounting for empty parcels - scsi: vmw_pvscsi: Set residual data length conditionally - Input: appletouch - initialize work before device registration - Input: spaceball - fix parsing of movement data packets - net: fix use-after-free in tw_timer_handler - sctp: use call_rcu to free endpoint - Input: i8042 - add deferred probe support - Input: i8042 - enable deferred probe quirk for ASUS UM325UA - i2c: validate user data in compat ioctl - usb: mtu3: set interval of FS intr and isoc endpoint * Bionic update: upstream stable patchset 2022-01-27 (LP: #1959335) // HID_ASUS should depend on USB_HID in stable v4.15 backports (LP: #1959762) - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option -- Juerg Haefliger <email address hidden> Fri, 25 Feb 2022 11:05:36 +0100
Available diffs
linux-raspi2 (4.15.0-1103.110) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1103.110 -proposed tracker (LP: #1959304) [ Ubuntu: 4.15.0-169.177 ] * bionic/linux: 4.15.0-169.177 -proposed tracker (LP: #1959877) * ubuntu_kernel_selftests.ftrace:ftracetest fails with bionic:linux 4.15.0-168.176 on s390x (LP: #1959752) - recordmcount.pl: fix typo in s390 mcount regex [ Ubuntu: 4.15.0-168.176 ] * bionic/linux: 4.15.0-168.176 -proposed tracker (LP: #1959308) * CVE-2022-22942 - SAUCE: drm/vmwgfx: Fix stale file descriptors on failed usercopy * Bionic update: upstream stable patchset 2022-01-25 (LP: #1959033) - IB/qib: Use struct_size() helper - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - net: usb: lan78xx: add Allied Telesis AT29M2-AF - can: kvaser_usb: get CAN clock frequency from device - HID: holtek: fix mouse probing - spi: change clk_disable_unprepare to clk_unprepare - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - netfilter: fix regression in looped (broad|multi)cast's MAC handling - qlcnic: potential dereference null pointer of rx_queue->page_ring - net: accept UFOv6 packages in virtio_net_hdr_to_skb - net: skip virtio_net_hdr_set_proto if protocol already set - bonding: fix ad_actor_system option setting to default - fjes: Check for error irq - drivers: net: smc911x: Check for error irq - sfc: falcon: Check null pointer of rx_queue->page_ring - hwmon: (lm90) Fix usage of CONFIG2 register in detect function - ALSA: jack: Check the return value of kstrdup() - ALSA: drivers: opl3: Fix incorrect use of vp->state - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - x86/pkey: Fix undefined behaviour with PKRU_WD_BIT - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines - ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() - usb: gadget: u_ether: fix race in setting MAC address in setup phase - KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - hwmon: (lm90) Do not report 'busy' status bit as alarm - ax25: NPD bug when detaching AX25 device - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD - phonet/pep: refuse to enable an unbound pipe - parisc: Correct completer in lws start * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) - nfc: fix segfault in nfc_genl_dump_devices_done - drm/msm/dsi: set default num_data_lanes - net/mlx4_en: Update reported link modes for 1/10G - parisc/agp: Annotate parisc agp init functions with __init - i2c: rk3x: Handle a spurious start completion interrupt flag - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - tracing: Fix a kmemleak false positive in tracing_map - bpf: fix panic due to oob in bpf_prog_test_run_skb - hwmon: (dell-smm) Fix warning on /proc/i8k creation error - mac80211: send ADDBA requests using the tid/queue of the aggregation session - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 - dm btree remove: fix use after free in rebalance_children() - audit: improve robustness of the audit queue handling - nfsd: fix use-after-free due to delegation race - x86: Make ARCH_USE_MEMREMAP_PROT a generic Kconfig symbol - x86/sme: Explicitly map new EFI memmap table as encrypted - ARM: socfpga: dts: fix qspi node compatible - dmaengine: st_fdma: fix MODULE_ALIAS - soc/tegra: fuse: Fix bitwise vs. logical OR warning - igbvf: fix double free in `igbvf_probe` - ixgbe: set X550 MDIO speed before talking to PHY - net/packet: rx_owner_map depends on pg_vec - sit: do not call ipip6_dev_free() from sit_init_net() - USB: gadget: bRequestType is a bitfield, not a enum - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - PCI/MSI: Mask MSI-X vectors only on success - USB: serial: option: add Telit FN990 compositions - timekeeping: Really make sure wall_to_monotonic isn't positive - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - net: systemport: Add global locking for descriptor lifecycle - firmware: arm_scpi: Fix string overflow in SCPI genpd driver - ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name - fuse: annotate lock in fuse_reverse_inval_entry() - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() - net: lan78xx: Avoid unnecessary self assignment - ARM: 8805/2: remove unneeded naked function usage - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - ARM: 8800/1: use choice for kernel unwinders - [Config] updateconfigs for UNWINDER_ARM - Input: touchscreen - avoid bitwise vs logical OR warning - xen/blkfront: harden blkfront against event channel storms - xen/netfront: harden netfront against event channel storms - xen/console: harden hvc_xen against event channel storms - xen/netback: fix rx queue stall detection - xen/netback: don't queue unlimited number of packages - mac80211: track only QoS data frames for admission control * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection - HID: add USB_HID dependancy to hid-prodikeys - HID: add USB_HID dependancy to hid-chicony - HID: add USB_HID dependancy on some USB HID drivers - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers - can: sja1000: fix use after free in ems_pcmcia_add_card() - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - bpf: Fix the off-by-two error in range markings - nfp: Fix memory leak in nfp_cpp_area_cache_add() - seg6: fix the iif in the IPv6 socket control block - IB/hfi1: Correct guard on eager buffer deallocation - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - ALSA: ctl: Fix copy of updated id with element read/write - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() - tracefs: Have new files inherit the ownership of their parent - can: pch_can: pch_can_rx_normal: fix use after free - can: m_can: Disable and ignore ELO interrupt - libata: add horkage for ASMedia 1092 - wait: add wake_up_pollfree() - binder: use wake_up_pollfree() - signalfd: use wake_up_pollfree() - tracefs: Set all files to the same group ownership as the mount option - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) - qede: validate non LSO skb length - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - net: altera: set a couple error code in probe() - net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() - net, neigh: clear whole pneigh_entry at alloc time - net/qla3xxx: fix an error code in ql_adapter_up() - USB: gadget: detect too-big endpoint 0 requests - USB: gadget: zero allocate endpoint 0 buffers - usb: core: config: fix validation of wMaxPacketValue entries - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: using bit mask instead of individual bits - iio: trigger: Fix reference counting - iio: trigger: stm32-timer: fix MODULE_ALIAS - iio: stk3310: Don't return error code in interrupt handler - iio: mma8452: Fix trigger reference couting - iio: ltr501: Don't return error code in trigger handler - iio: kxsd9: Don't return error code in trigger handler - iio: itg3200: Call iio_trigger_notify_done() on error - iio: dln2-adc: Fix lockdep complaint - iio: dln2: Check return value of devm_iio_trigger_register() - iio: adc: axp20x_adc: fix charging current reporting on AXP22x - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() - irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - irqchip: nvic: Fix offset for Interrupt Priority Offsets - bonding: make tx_rebalance_counter an atomic * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) - USB: serial: option: add Telit LE910S1 0x9200 composition - USB: serial: option: add Fibocom FM101-GL variants - usb: hub: Fix usb enumeration issue due to address0 race - usb: hub: Fix locking issues with address0_mutex - binder: fix test regression due to sender_euid change - ALSA: ctxfi: Fix out-of-range access - media: cec: copy sequence field for the reply - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - fuse: fix page stealing - xen: don't continue xenstore initialization in case of errors - xen: detect uninitialized xenbus in xenbus_init - tracing: Fix pid filtering when triggers are attached - netfilter: ipvs: Fix reuse connection if RS weight is 0 - ARM: dts: BCM5301X: Fix I2C controller interrupt - ARM: dts: BCM5301X: Add interrupt properties to GPIO node - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls - net: ieee802154: handle iftypes as u32 - NFSv42: Don't fail clone() unless the OP_CLONE operation failed - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - scsi: mpt3sas: Fix kernel panic during drive powercycle test - drm/vc4: fix error code in vc4_create_object() - ipv6: fix typos in __ip6_finish_output() - net/smc: Ensure the active closing peer first closes clcsock - PM: hibernate: use correct mode for swsusp_close() - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 - net/smc: Don't call clcsock shutdown twice when smc shutdown - vhost/vsock: fix incorrect used length reported to the guest - tracing: Check pid filtering when creating events - s390/mm: validate VMA in PGSTE manipulation functions - PCI: aardvark: Fix a leaked reference by adding missing of_node_put() - PCI: aardvark: Wait for endpoint to be ready before training link - PCI: aardvark: Train link immediately after enabling training - PCI: aardvark: Improve link training - PCI: aardvark: Issue PERST via GPIO - PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - PCI: aardvark: Indicate error in 'val' when config read fails - PCI: aardvark: Introduce an advk_pcie_valid_device() helper - PCI: aardvark: Don't touch PCIe registers if no card connected - PCI: aardvark: Fix compilation on s390 - PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() - PCI: aardvark: Update comment about disabling link training - PCI: aardvark: Remove PCIe outbound window configuration - PCI: aardvark: Configure PCIe resources from 'ranges' DT property - PCI: aardvark: Fix PCIe Max Payload Size setting - PCI: Add PCI_EXP_LNKCTL2_TLS* macros - PCI: aardvark: Fix link training - PCI: aardvark: Fix checking for link up via LTSSM state - pinctrl: armada-37xx: Correct mpp definitions - pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - pinctrl: armada-37xx: Correct PWM pins definitions - arm64: dts: marvell: armada-37xx: declare PCIe reset pin - arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - proc/vmcore: fix clearing user buffer by properly using clear_user() - NFC: add NCI_UNREG flag to eliminate the race - fuse: release pipe buf after last use - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/blkfront: read response from backend only once - xen/blkfront: don't take local copy of a request from the ring page - xen/blkfront: don't trust the backend response data blindly - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - tty: hvc: replace BUG_ON() with negative return value - shm: extend forced shm destroy to support objects from several IPC nses - ipc: WARN if trying to remove ipc object which is absent - NFSv42: Fix pagecache invalidation after COPY/CLONE - hugetlb: take PMD sharing into account when flushing tlb/caches - net: return correct error code - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - s390/setup: avoid using memblock_enforce_memory_limit - btrfs: check-integrity: fix a warning on write caching disabled disk - thermal: core: Reset previous low and high trip during thermal zone init - scsi: iscsi: Unblock session then wake up error handler - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound - net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock() - perf hist: Fix memory leak of a perf_hpp_fmt - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - kprobes: Limit max data_size of the kretprobe instances - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl - sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl - natsemi: xtensa: fix section mismatch warnings - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - net: mpls: Fix notifications when deleting a device - siphash: use _unaligned version by default - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available - net/rds: correct socket tunable error in rds_tcp_tune() - net/smc: Keep smc_close_final rc during active close - parisc: Fix KBUILD_IMAGE for self-extracting kernel - parisc: Fix "make install" on newer debian releases - vgacon: Propagate console boot parameters before calling `vc_resize' - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - x86/64/mm: Map all kernel memory into trampoline_pgd - tty: serial: msm_serial: Deactivate RX DMA for polling support - serial: pl011: Add ACPI SBSA UART match id - serial: core: fix transmit-buffer reset and memleak - parisc: Mark cr16 CPU clocksource unstable on all SMP machines - xtensa: use CONFIG_USE_OF instead of CONFIG_OF - net: hns3: fix VF RSS failed problem after PF enable multi-TCs - i2c: stm32f7: recover the bus on access timeout - net: annotate data-races on txq->xmit_lock_owner * CVE-2022-0330 - drm/i915: Flush TLBs before releasing backing store * CVE-2021-4083 - fs: add fget_many() and fput_many() - fget: check that the fd still exists after getting a ref to it * CVE-2021-4155 - xfs: map unwritten blocks in XFS_IOC_{ALLOC, FREE}SP just like fallocate -- Juerg Haefliger <email address hidden> Thu, 10 Feb 2022 17:10:45 +0100
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1102.109) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1102.109 -proposed tracker (LP: #1955272) * Boot time from snap in 20/stable increases boot time on 3.5 seconds (LP: #1948807) - [Config] raspi2: Set BLK_DEV_LOOP_MIN_COUNT=8 [ Ubuntu: 4.15.0-167.175 ] * bionic/linux: 4.15.0-167.175 -proposed tracker (LP: #1955276) * hisi_sas driver may oops in prep_ssp_v3_hw() (LP: #1953386) - scsi: hisi_sas: Fix to only call scsi_get_prot_op() for non-NULL scsi_cmnd * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay - binder: use euid from cred instead of using task - Input: elantench - fix misreporting trackpoint coordinates - Input: i8042 - Add quirk for Fujitsu Lifebook T725 - libata: fix read log timeout value - ocfs2: fix data corruption on truncate - mmc: dw_mmc: Dont wait for DRTO on Write RSP error - parisc: Fix ptrace check on syscall return - tpm: Check for integer overflow in tpm2_map_response_body() - media: ite-cir: IR receiver stop working after receive overflow - ALSA: ua101: fix division by zero at probe - ALSA: 6fire: fix control and bulk message timeouts - ALSA: line6: fix control and interrupt message timeouts - ALSA: synth: missing check for possible NULL after the call to kstrdup - ALSA: timer: Fix use-after-free problem - ALSA: timer: Unconditionally unlink slave instances, too - x86/irq: Ensure PI wakeup handler is unregistered before module unload - cavium: Return negative value when pci_alloc_irq_vectors() fails - scsi: qla2xxx: Fix unmap of already freed sgl - cavium: Fix return values of the probe function - sfc: Don't use netif_info before net_device setup - hyperv/vmbus: include linux/bitops.h - mmc: winbond: don't build on M68K - bpf: Prevent increasing bpf_jit_limit above max - xen/netfront: stop tx queues during live migration - spi: spl022: fix Microwire full duplex mode - watchdog: Fix OMAP watchdog early handling - vmxnet3: do not stop tx queues after netif_device_detach() - btrfs: fix lost error handling when replaying directory deletes - hwmon: (pmbus/lm25066) Add offset coefficients - regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled - regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default- dvs-idx property - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell - mwifiex: fix division by zero in fw download path - ath6kl: fix division by zero in send path - ath6kl: fix control-message timeout - ath10k: fix control-message timeout - ath10k: fix division by zero in send path - PCI: Mark Atheros QCA6174 to avoid bus reset - rtl8187: fix control-message timeouts - evm: mark evm_fixmode as __ro_after_init - wcn36xx: Fix HT40 capability for 2Ghz band - mwifiex: Read a PCI register after writing the TX ring write pointer - libata: fix checking of DMA state - wcn36xx: handle connection loss indication - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP - signal: Remove the bogus sigkill_pending in ptrace_stop - signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT - power: supply: max17042_battery: Prevent int underflow in set_soc_threshold - power: supply: max17042_battery: use VFSOC for capacity when no rsns - powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found - serial: core: Fix initializing and restoring termios speed - ALSA: mixer: oss: Fix racy access to slots - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume - xen/balloon: add late_initcall_sync() for initial ballooning done - PCI: aardvark: Do not clear status bits of masked interrupts - PCI: aardvark: Do not unmask unused interrupts - PCI: aardvark: Fix return value of MSI domain .alloc() method - PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG - quota: check block number when reading the block in quota file - quota: correct error number in free_dqentry() - pinctrl: core: fix possible memory leak in pinctrl_enable() - iio: dac: ad5446: Fix ad5622_write() return value - USB: serial: keyspan: fix memleak on probe errors - USB: iowarrior: fix control-message timeouts - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() - Bluetooth: fix use-after-free error in lock_sock_nested() - platform/x86: wmi: do not fail if disabling fails - MIPS: lantiq: dma: add small delay after reset - MIPS: lantiq: dma: reset correct number of channel - locking/lockdep: Avoid RCU-induced noinstr fail - smackfs: Fix use-after-free in netlbl_catmap_walk() - x86: Increase exception stack sizes - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type - mwifiex: Properly initialize private structure on interface type changes - media: mt9p031: Fix corrupted frame after restarting stream - media: netup_unidvb: handle interrupt properly according to the firmware - media: uvcvideo: Set capability in s_param - media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe() - media: s5p-mfc: Add checking to s5p_mfc_probe(). - media: mceusb: return without resubmitting URB in case of -EPROTO error. - ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK - ACPICA: Avoid evaluating methods too early during system resume - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() - tracefs: Have tracefs directories not set OTH permission bits by default - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() - ACPI: battery: Accept charges over the design capacity as full - leaking_addresses: Always print a trailing newline - memstick: r592: Fix a UAF bug when removing the driver - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression - lib/xz: Validate the value before assigning it to an enum variable - tracing/cfi: Fix cmp_entries_* functions signature mismatch - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() - PM: hibernate: Get block device exclusively in swsusp_check() - iwlwifi: mvm: disable RX-diversity in powersave - smackfs: use __GFP_NOFAIL for smk_cipso_doi() - ARM: clang: Do not rely on lr register for stacktrace - gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE - ARM: 9136/1: ARMv7-M uses BE-8, not BE-32 - spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe() - parisc: fix warning in flush_tlb_all - task_stack: Fix end_of_stack() for architectures with upwards-growing stack - parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling - cgroup: Make rebind_subsystems() disable v2 controllers all at once - media: dvb-usb: fix ununit-value in az6027_rc_query - media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()' - media: si470x: Avoid card name truncation - media: cx23885: Fix snd_card_free call on null card pointer - cpuidle: Fix kobject memory leaks in error paths - ath9k: Fix potential interrupt storm on queue reset - crypto: qat - detect PFVF collision after ACK - crypto: qat - disregard spurious PFVF interrupts - hwrng: mtk - Force runtime pm ops for sleep ops - b43legacy: fix a lower bounds test - b43: fix a lower bounds test - memstick: avoid out-of-range warning - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() - hwmon: Fix possible memleak in __hwmon_device_register() - ath10k: fix max antenna gain unit - drm/msm: uninitialized variable in msm_gem_import() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - mmc: mxs-mmc: disable regulator on error and in the remove function - platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning - mwifiex: Send DELBA requests according to spec - phy: micrel: ksz8041nl: do not use power down mode - PM: hibernate: fix sparse warnings - smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi - s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap() - irq: mips: avoid nested irq_enter() - samples/kretprobes: Fix return value if register_kretprobe() failed - libertas_tf: Fix possible memory leak in probe and disconnect - libertas: Fix possible memory leak in probe and disconnect - net: amd-xgbe: Toggle PLL settings during rate change - net: phylink: avoid mvneta warning when setting pause parameters - crypto: pcrypt - Delay write to padata->info - ibmvnic: Process crqs after enabling interrupts - RDMA/rxe: Fix wrong port_cap_flags - ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc() - ARM: dts: at91: tse850: the emac<->phy interface is rmii - scsi: dc395: Fix error case unwinding - MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT - JFS: fix memleak in jfs_mount - ALSA: hda: Reduce udelay() at SKL+ position reporting - arm: dts: omap3-gta04a4: accelerometer irq fix - soc/tegra: Fix an error handling path in tegra_powergate_power_up() - memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe - video: fbdev: chipsfb: use memset_io() instead of memset() - serial: 8250_dw: Drop wrong use of ACPI_PTR() - usb: gadget: hid: fix error code in do_config() - power: supply: rt5033_battery: Change voltage values to µV - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() - RDMA/mlx4: Return missed an error if device doesn't support steering - ASoC: cs42l42: Correct some register default values - ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER - serial: xilinx_uartps: Fix race condition causing stuck TX - mips: cm: Convert to bitfield API to fix out-of-bounds access - power: supply: bq27xxx: Fix kernel crash on IRQ handler register error - apparmor: fix error check - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds - drm/plane-helper: fix uninitialized variable reference - PCI: aardvark: Don't spam about PIO Response Status - NFS: Fix deadlocks in nfs_scan_commit_list() - fs: orangefs: fix error return code of orangefs_revalidate_lookup() - mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() - dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro - auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string - auxdisplay: ht16k33: Connect backlight to fbdev - auxdisplay: ht16k33: Fix frame buffer device blanking - netfilter: nfnetlink_queue: fix OOB when mac header was cleared - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` - m68k: set a default value for MEMORY_RESERVE - watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT - ar7: fix kernel builds for compiler test - scsi: qla2xxx: Turn off target reset during issue_lip - i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()' - xen-pciback: Fix return in pm_ctrl_init() - net: davinci_emac: Fix interrupt pacing disable - ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration() - llc: fix out-of-bound array index in llc_sk_dev_hash() - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails - vsock: prevent unnecessary refcnt inc for nonblocking connect - USB: chipidea: fix interrupt deadlock - ARM: 9155/1: fix early early_iounmap() - ARM: 9156/1: drop cc-option fallbacks for architecture selection - powerpc/lib: Add helper to check if offset is within conditional branch range - powerpc/bpf: Validate branch ranges - powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks - mm, oom: do not trigger out_of_memory from the #PF - s390/cio: check the subchannel validity for dev_busid - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros - ext4: fix lazy initialization next schedule time computation in more granular unit - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT - parisc/entry: fix trace test in syscall exit path - PCI/MSI: Destroy sysfs before freeing entries - arm64: zynqmp: Fix serial compatible string - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - usb: musb: tusb6010: check return value after calling platform_get_resource() - scsi: advansys: Fix kernel pointer leak - ARM: dts: omap: fix gpmc,mux-add-data type - usb: host: ohci-tmio: check return value after calling platform_get_resource() - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc - MIPS: sni: Fix the build - scsi: target: Fix ordered tag handling - scsi: target: Fix alua_tg_pt_gps_count tracking - powerpc/5200: dts: fix memory node unit name - ALSA: gus: fix null pointer dereference on pointer block - powerpc/dcr: Use cmplwi instead of 3-argument cmpli - sh: check return code of request_irq - maple: fix wrong return value of maple_bus_init(). - sh: fix kconfig unmet dependency warning for FRAME_POINTER - sh: define __BIG_ENDIAN for math-emu - mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() - net: bnx2x: fix variable dereferenced before check - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset - MIPS: generic/yamon-dt: fix uninitialized variable error - mips: bcm63xx: add support for clk_get_parent() - mips: lantiq: add support for clk_get_parent() - platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' - net: virtio_net_hdr_to_skb: count transport header in UFO - i40e: Fix NULL ptr dereference on VSI filter sync - NFC: reorganize the functions in nci_request - NFC: reorder the logic in nfc_{un,}register_device - perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server - perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server - tun: fix bonding active backup with arp monitoring - hexagon: export raw I/O routines for modules - mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag - btrfs: fix memory ordering between normal and ordered work functions - parisc/sticon: fix reverse colors - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - drm/udl: fix control-message timeout - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors - perf/core: Avoid put_page() when GUP fails - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN - batman-adv: Consider fragmentation for needed_headroom - batman-adv: Reserve needed_*room for fragments - batman-adv: Don't always reallocate the fragmentation skb head - RDMA/netlink: Add __maybe_unused to static inline in C file - ASoC: DAPM: Cover regression by kctl change notification fix - usb: max-3421: Use driver data instead of maintaining a list of bound devices - soc/tegra: pmc: Fix imbalanced clock disabling in error code path - crypto: s5p-sss - Add error handling in s5p_aes_probe() - ia64: kprobes: Fix to pass correct trampoline address to the handler - rsi: fix key enabled check causing unwanted encryption for vap_id > 0 - rsi: fix rate mask set leading to P2P failure - mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() - wcn36xx: add proper DMA memory barriers in rx path - s390/tape: fix timer initialization in tape_std_assign() - fuse: truncate pagecache on atomic_o_trunc - f2fs: fix up f2fs_lookup tracepoints - iavf: check for null in iavf_fix_features - i40e: Fix correct max_pkt_size on VF RX queue - i40e: Fix changing previously set num_queue_pairs for PFs - i40e: Fix display error code in dmesg * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned - ARM: 9134/1: remove duplicate memcpy() definition - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype - ARM: 8819/1: Remove '-p' from LDFLAGS - usbnet: sanity check for maxpacket - usbnet: fix error return code in usbnet_probe() - ata: sata_mv: Fix the error handling of mv_chip_id() - nfc: port100: fix using -ERRNO as command type mask - ipv4: use siphash instead of Jenkins in fnhe_hashfun() - mmc: vub300: fix control-message timeouts - mmc: dw_mmc: exynos: fix the finding clock sample value - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit - net: lan78xx: fix division by zero in send path - regmap: Fix possible double-free in regcache_rbtree_exit() - net: batman-adv: fix error handling - nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST - net: nxp: lpc_eth.c: avoid hang when bringing interface down - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb - ARM: 9141/1: only warn about XIP address when not compile testing - arm64: Avoid premature usercopy failure - ipv6: use siphash in rt6_exception_hash() - ipv6: make exception cache less predictible - arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node - scsi: core: Put LLD module refcnt after SCSI device is released - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() - sfc: Fix reading non-legacy supported link modes - ARM: 9120/1: Revert "amba: make use of -1 IRQs warn" - mm/zsmalloc: Prepare to variable MAX_PHYSMEM_BITS - arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed - block: introduce multi-page bvec helpers - Revert "x86/kvm: fix vcpu-id indexed array sizes" - usb: gadget: Mark USB_FSL_QE broken on 64-bit - usb: musb: Balance list entry in musb_gadget_queue - usb-storage: Add compatibility quirk flags for iODD 2531/2541 - printk/console: Allow to disable console output by using console="" or console=null - isofs: Fix out of bound access for corrupted isofs image - comedi: dt9812: fix DMA buffers on stack - comedi: ni_usb6501: fix NULL-deref in command paths - comedi: vmk80xx: fix transfer-buffer overflows - comedi: vmk80xx: fix bulk-buffer overflow - comedi: vmk80xx: fix bulk and interrupt message timeouts - staging: r8712u: fix control-message timeout - staging: rtl8192u: fix control-message timeouts - rsi: fix control-message timeout - usb: ehci: handshake CMD_RUN instead of STS_HALT -- Juerg Haefliger <email address hidden> Mon, 17 Jan 2022 09:31:48 +0100
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1101.108) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1101.108 -proposed tracker (LP: #1953663) [ Ubuntu: 4.15.0-166.174 ] * bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667) * Ubuntu version macros overflow with high ABI numbers (LP: #1953522) - SAUCE: Revert "stable: clamp SUBLEVEL in 4.14" * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and variants (LP: #1953287) - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion" * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and variants (LP: #1953287) // CVE-2018-25020 - bpf: fix truncated jump targets on heavy expansions
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1099.106) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1099.106 -proposed tracker (LP: #1952049) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md * Miscellaneous Ubuntu changes - SAUCE: Revert "Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc" [ Ubuntu: 4.15.0-163.171 ] * bionic/linux: 4.15.0-163.171 -proposed tracker (LP: #1949874) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md - debian/dkms-versions -- update from kernel-versions (main/2021.11.08) * Unable to build net/reuseport_bpf and other tests in ubuntu_kernel_selftests on Bionic with make command (LP: #1949889) - selftests: Fix loss of test output in run_kselftests.sh - selftests: Makefile set KSFT_TAP_LEVEL to prevent nested TAP headers - selftests: fix headers_install circular dependency - selftests: fix bpf build/test workflow regression when KBUILD_OUTPUT is set - selftests: vm: Fix test build failure when built by itself * KVM emulation failure when booting into VM crash kernel with multiple CPUs (LP: #1948862) - KVM: x86: Properly reset MMU context at vCPU RESET/INIT * aufs: kernel bug with apparmor and fuseblk (LP: #1948470) - SAUCE: aufs: bugfix, stop omitting path->mnt * ebpf: bpf_redirect fails with ip6 gre interfaces (LP: #1947164) - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit() * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516) - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc * ACL updates on OCFS2 are not revalidated (LP: #1947161) - ocfs2: fix remounting needed after setfacl command * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351) - powerpc/bpf: Fix BPF_MOD when imm == 1 * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active" (LP: #1947709) - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active" - cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active * Some test in ubuntu_bpf test_verifier failed on i386 Bionic kernel (LP: #1788578) - bpf: fix context access in tracing progs on 32 bit archs * test_bpf.sh from ubuntu_kernel_selftests.net from linux ADT test failure with linux/4.15.0-149.153 i386 (Segmentation fault) (LP: #1934414) - selftests/bpf: make test_verifier run most programs - bpf: add couple of test cases for div/mod by zero - bpf: add further test cases around div/mod and others * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) - usb: gadget: r8a66597: fix a loop in set_feature() - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - xen/x86: fix PV trap handling on secondary processors - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - staging: greybus: uart: fix tty use after free - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - mcb: fix error handling in mcb_alloc_bus() - serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - net: macb: fix use after free on rmmod - net: stmmac: allow CSR clock of 300MHz - m68k: Double cast io functions to unsigned long - xen/balloon: use a kernel thread instead a workqueue - compiler.h: Introduce absolute_pointer macro - net: i825xx: Use absolute_pointer for memcpy from fixed memory location - sparc: avoid stringop-overread errors - qnx4: avoid stringop-overread errors - parisc: Use absolute_pointer() to define PAGE0 - arm64: Mark __stack_chk_guard as __ro_after_init - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile - net: 6pack: Fix tx timeout and slot time - spi: Fix tegra20 build with CONFIG_PM=n - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space - PCI: aardvark: Fix checking for PIO Non-posted Request - PCI: aardvark: Fix checking for PIO status - xen/balloon: fix balloon kthread freezing - qnx4: work around gcc false positive warning bug - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses - ipack: ipoctal: fix stack information leak - ipack: ipoctal: fix tty registration race - ipack: ipoctal: fix tty-registration error handling - ipack: ipoctal: fix missing allocation-failure check - ipack: ipoctal: fix module reference leak - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - EDAC/synopsys: Fix wrong value type assignment for edac_mode - ARM: 9077/1: PLT: Move struct plt_entries definition to header - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() - ARM: 9079/1: ftrace: Add MODULE_PLTS support - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 - hso: fix bailout in error case of probe - usb: hso: fix error handling code of hso_create_net_device - usb: hso: remove the bailout parameter - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. - gpio: uniphier: Fix void functions to remove return value - tty: synclink_gt, drop unneeded forward declarations - tty: synclink_gt: rename a conflicting function name - drm/amd/display: Pass PCI deviceid into DC - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault * ACL updates on OCFS2 are not revalidated (LP: #1947161) // Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) - ocfs2: drop acl cache for directories too -- Juerg Haefliger <email address hidden> Wed, 24 Nov 2021 11:24:20 +0100
Available diffs
- diff from 4.15.0-1098.104 to 4.15.0-1099.106 (6.1 MiB)
- diff from 4.15.0-1099.105 to 4.15.0-1099.106 (995 bytes)
| Superseded in bionic-proposed |
linux-raspi2 (4.15.0-1099.105) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1099.105 -proposed tracker (LP: #1949870) [ Ubuntu: 4.15.0-163.171 ] * bionic/linux: 4.15.0-163.171 -proposed tracker (LP: #1949874) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md - debian/dkms-versions -- update from kernel-versions (main/2021.11.08) * Unable to build net/reuseport_bpf and other tests in ubuntu_kernel_selftests on Bionic with make command (LP: #1949889) - selftests: Fix loss of test output in run_kselftests.sh - selftests: Makefile set KSFT_TAP_LEVEL to prevent nested TAP headers - selftests: fix headers_install circular dependency - selftests: fix bpf build/test workflow regression when KBUILD_OUTPUT is set - selftests: vm: Fix test build failure when built by itself * KVM emulation failure when booting into VM crash kernel with multiple CPUs (LP: #1948862) - KVM: x86: Properly reset MMU context at vCPU RESET/INIT * aufs: kernel bug with apparmor and fuseblk (LP: #1948470) - SAUCE: aufs: bugfix, stop omitting path->mnt * ebpf: bpf_redirect fails with ip6 gre interfaces (LP: #1947164) - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit() * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516) - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc * ACL updates on OCFS2 are not revalidated (LP: #1947161) - ocfs2: fix remounting needed after setfacl command * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351) - powerpc/bpf: Fix BPF_MOD when imm == 1 * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active" (LP: #1947709) - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active" - cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active * Some test in ubuntu_bpf test_verifier failed on i386 Bionic kernel (LP: #1788578) - bpf: fix context access in tracing progs on 32 bit archs * test_bpf.sh from ubuntu_kernel_selftests.net from linux ADT test failure with linux/4.15.0-149.153 i386 (Segmentation fault) (LP: #1934414) - selftests/bpf: make test_verifier run most programs - bpf: add couple of test cases for div/mod by zero - bpf: add further test cases around div/mod and others * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) - usb: gadget: r8a66597: fix a loop in set_feature() - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() - cifs: fix incorrect check for null pointer in header_assemble - xen/x86: fix PV trap handling on secondary processors - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter - staging: greybus: uart: fix tty use after free - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk - USB: serial: mos7840: remove duplicated 0xac24 device ID - USB: serial: option: add Telit LN920 compositions - USB: serial: option: remove duplicate USB device ID - USB: serial: option: add device id for Foxconn T99W265 - mcb: fix error handling in mcb_alloc_bus() - serial: mvebu-uart: fix driver's tx_empty callback - net: hso: fix muxed tty registration - bnxt_en: Fix TX timeout when TX ring size is set to the smallest - net/mlx4_en: Don't allow aRFS for encapsulated packets - scsi: iscsi: Adjust iface sysfs attr detection - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() - irqchip/gic-v3-its: Fix potential VPE leak on error - md: fix a lock order reversal in md_alloc - blktrace: Fix uaf in blk_trace access after removing by sysfs - net: macb: fix use after free on rmmod - net: stmmac: allow CSR clock of 300MHz - m68k: Double cast io functions to unsigned long - xen/balloon: use a kernel thread instead a workqueue - compiler.h: Introduce absolute_pointer macro - net: i825xx: Use absolute_pointer for memcpy from fixed memory location - sparc: avoid stringop-overread errors - qnx4: avoid stringop-overread errors - parisc: Use absolute_pointer() to define PAGE0 - arm64: Mark __stack_chk_guard as __ro_after_init - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile - net: 6pack: Fix tx timeout and slot time - spi: Fix tegra20 build with CONFIG_PM=n - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space - PCI: aardvark: Fix checking for PIO Non-posted Request - PCI: aardvark: Fix checking for PIO status - xen/balloon: fix balloon kthread freezing - qnx4: work around gcc false positive warning bug - tty: Fix out-of-bound vmalloc access in imageblit - cpufreq: schedutil: Use kobject release() method to free sugov_tunables - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory - mac80211: fix use-after-free in CCMP/GCMP RX - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - hwmon: (tmp421) fix rounding for negative values - e100: fix length calculation in e100_get_regs_len - e100: fix buffer overrun in e100_get_regs - scsi: csiostor: Add module softdep on cxgb4 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses - ipack: ipoctal: fix stack information leak - ipack: ipoctal: fix tty registration race - ipack: ipoctal: fix tty-registration error handling - ipack: ipoctal: fix missing allocation-failure check - ipack: ipoctal: fix module reference leak - ext4: fix potential infinite loop in ext4_dx_readdir() - net: udp: annotate data race around udp_sk(sk)->corkflag - EDAC/synopsys: Fix wrong value type assignment for edac_mode - ARM: 9077/1: PLT: Move struct plt_entries definition to header - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() - ARM: 9079/1: ftrace: Add MODULE_PLTS support - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE - arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 - hso: fix bailout in error case of probe - usb: hso: fix error handling code of hso_create_net_device - usb: hso: remove the bailout parameter - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() - HID: betop: fix slab-out-of-bounds Write in betop_probe - netfilter: ipset: Fix oversized kvmalloc() calls - HID: usbhid: free raw_report buffers in usbhid_stop - cred: allow get_cred() and put_cred() to be given NULL. - gpio: uniphier: Fix void functions to remove return value - tty: synclink_gt, drop unneeded forward declarations - tty: synclink_gt: rename a conflicting function name - drm/amd/display: Pass PCI deviceid into DC - hwmon: (tmp421) Replace S_<PERMS> with octal values - hwmon: (tmp421) report /PVLD condition as fault * ACL updates on OCFS2 are not revalidated (LP: #1947161) // Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) - ocfs2: drop acl cache for directories too -- Juerg Haefliger <email address hidden> Fri, 12 Nov 2021 09:45:22 +0100
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1098.104) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1098.104 -proposed tracker (LP: #1947289) * Packaging resync (LP: #1786013) - [Packaging] update Ubuntu.md * Miscellaneous upstream changes - Revert "UBUNTU: [Packaging] Add system trusted and revocation keys final check" [ Ubuntu: 4.15.0-162.170 ] * bionic/linux: 4.15.0-162.170 -proposed tracker (LP: #1947293) * Add final-checks to check certificates (LP: #1947174) - [Packaging] Add system trusted and revocation keys final check * CVE-2020-36385 - RDMA/cma: Add missing locking to rdma_accept() - RDMA/ucma: Fix the locking of ctx->file - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy * CVE-2021-28950 - fuse: fix live lock in fuse_iget() * CVE-2020-36322 - fuse: fix bad inode * Bionic update: upstream stable patchset 2021-10-13 (LP: #1947011) - rcu: Fix missed wakeup of exp_wq waiters - apparmor: remove duplicate macro list_entry_is_head() - crypto: talitos - fix max key size for sha384 and sha512 - sctp: validate chunk size in __rcv_asconf_lookup - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() - 9p/trans_virtio: Remove sysfs file on probe failure - prctl: allow to setup brk for et_dyn executables - profiling: fix shift-out-of-bounds bugs - pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was registered - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH - parisc: Move pci_dev_is_behind_card_dino to where it is used - dmaengine: ioat: depends on !UML - dmaengine: xilinx_dma: Set DMA mask for coherent APIs - ceph: lockdep annotations for try_nonblocking_invalidate - nilfs2: fix memory leak in nilfs_sysfs_create_device_group - nilfs2: fix NULL pointer in nilfs_##name##_attr_release - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group - pwm: rockchip: Don't modify HW state in .remove() callback - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV - nilfs2: use refcount_dec_and_lock() to fix potential UAF - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() * Invalid backport to v4.15: missing pgtable_l5_enabled (LP: #1946464) - SAUCE: Revert "x86/mm: Don't free P4D table when it is folded at runtime" * CVE-2021-38199 - NFSv4: Initialise connection to the server in nfs4_alloc_client() * CVE-2019-19449 - f2fs: fix wrong total_sections check and fsmeta check - f2fs: fix to do sanity check on segment/section count * vrf: fix refcnt leak with vxlan slaves (LP: #1945180) - ipv4: Fix device used for dst_alloc with local routes * Check for changes relevant for security certifications (LP: #1945989) - [Packaging] Add a new fips-checks script - [Packaging] Add fips-checks as part of finalchecks * CVE-2021-3759 - memcg: enable accounting of ipc resources * Bionic update: upstream stable patchset 2021-09-27 (LP: #1945224) - ARC: Fix CONFIG_STACKDEPOT - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters - Revert "USB: serial: ch341: fix character loss at high transfer rates" - USB: serial: option: add new VID/PID to support Fibocom FG150 - usb: dwc3: gadget: Fix dwc3_calc_trbs_left() - usb: dwc3: gadget: Stop EP0 transfers during pullup disable - IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() - e1000e: Fix the max snoop/no-snoop latency for 10M - ip_gre: add validation for csum_start - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' - net: marvell: fix MVNETA_TX_IN_PRGRS bit number - usb: gadget: u_audio: fix race condition on endpoint stop - opp: remove WARN when no valid OPPs remain - virtio: Improve vq->broken access to avoid any compiler optimization - vringh: Use wiov->used to check for read/write desc order - drm: Copy drm_wait_vblank to user before returning - drm/nouveau/disp: power down unused DP links during init - net/rds: dma_map_sg is entitled to merge entries - vt_kdsetmode: extend console locking - fbmem: add margin check to fb_check_caps() - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs - Revert "floppy: reintroduce O_NDELAY fix" - net: qrtr: fix another OOB Read in qrtr_endpoint_post - net: hns3: fix get wrong pfc_en when query PFC configuration - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG - qed: Fix the VF msix vectors flow - net: macb: Add a NULL check on desc_ptp - qede: Fix memset corruption - perf/x86/intel/pt: Fix mask of num_address_ranges - perf/x86/amd/ibs: Work around erratum #1197 - cryptoloop: add a deprecation warning - ARM: 8918/2: only build return_address() if needed - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl - clk: fix build warning for orphan_list - media: stkwebcam: fix memory leak in stk_camera_probe - igmp: Add ip_mc_list lock in ip_check_mc_rcu - USB: serial: mos7720: improve OOM-handling in read_mos_reg() - f2fs: fix potential overflow - ath10k: fix recent bandwidth conversion bug - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) - crypto: talitos - reduce max key size for SEC1 - powerpc/module64: Fix comment in R_PPC64_ENTRY handling - powerpc/boot: Delete unneeded .globl _zimage_start - net: ll_temac: Remove left-over debug message - mm/page_alloc: speed up the iteration of max_order - Revert "btrfs: compression: don't try to compress if we don't have enough pages" - usb: host: xhci-rcar: Don't reload firmware after the completion - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions - PCI: Call Max Payload Size-related fixup quirks early - regmap: fix the offset of register error log - crypto: mxs-dcp - Check for DMA mapping errors - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() - udf: Check LVID earlier - isofs: joliet: Fix iocharset=utf8 mount option - nvme-rdma: don't update queue count when failing to set io queues - power: supply: max17042_battery: fix typo in MAx17042_TOFF - s390/cio: add dev_busid sysfs entry for each subchannel - libata: fix ata_host_start() - crypto: qat - do not ignore errors from enable_vf2pf_comms() - crypto: qat - handle both source of interrupt in VF ISR - crypto: qat - fix reuse of completion variable - crypto: qat - fix naming for init/shutdown VF to PF notifications - crypto: qat - do not export adf_iov_putmsg() - udf_get_extendedattr() had no boundary checks. - m68k: emu: Fix invalid free in nfeth_cleanup() - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config - spi: spi-pic32: Fix issue with uninitialized dma_slave_config - clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel - crypto: qat - use proper type for vf_mask - certs: Trigger creation of RSA module signing key if it's not an RSA key - soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr - media: go7007: remove redundant initialization - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos - net: cipso: fix warnings in netlbl_cipsov4_add_std - i2c: highlander: add IRQ check - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently - PCI: PM: Enable PME if it can be signaled from D3cold - soc: qcom: smsm: Fix missed interrupts if state changes while masked - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 - Bluetooth: fix repeated calls to sco_sock_kill - drm/msm/dsi: Fix some reference counted resource leaks - usb: gadget: udc: at91: add IRQ check - usb: phy: fsl-usb: add IRQ check - usb: phy: twl6030: add IRQ checks - Bluetooth: Move shutdown callback before flushing tx and rx queue - usb: host: ohci-tmio: add IRQ check - usb: phy: tahvo: add IRQ check - mac80211: Fix insufficient headroom issue for AMSDU - usb: gadget: mv_u3d: request_irq() after initializing UDC - Bluetooth: add timeout sanity check to hci_inquiry - i2c: iop3xx: fix deferred probing - i2c: s3c2410: fix IRQ check - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config - mmc: moxart: Fix issue with uninitialized dma_slave_config - CIFS: Fix a potencially linear read overflow - i2c: mt65xx: fix IRQ check - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available - tty: serial: fsl_lpuart: fix the wrong mapbase value - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() - bcma: Fix memory leak for internally-handled cores - ipv4: make exception cache less predictible - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed - net: qualcomm: fix QCA7000 checksum handling - netns: protect netns ID lookups with RCU - tty: Fix data race between tiocsti() and flush_to_ldisc() - x86/resctrl: Fix a maybe-uninitialized build warning treated as error - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted - IMA: remove -Wmissing-prototypes warning - backlight: pwm_bl: Improve bootloader/kernel device handover - clk: kirkwood: Fix a clocking boot regression - fbmem: don't allow too huge resolutions - rtc: tps65910: Correct driver module alias - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN - PCI/MSI: Skip masking MSI-X on Xen PV - powerpc/perf/hv-gpci: Fix counter value parsing - xen: fix setting of max_pfn in shared_info - include/linux/list.h: add a macro to test if entry is pointing to the head - 9p/xen: Fix end of loop tests for list_for_each_entry - soc: aspeed: lpc-ctrl: Fix boundary check for mmap - crypto: public_key: fix overflow during implicit conversion - block: bfq: fix bfq_set_next_ioprio_data() - power: supply: max17042: handle fails of reading status register - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() - VMCI: fix NULL pointer dereference when unmapping queue pair - media: uvc: don't do DMA on stack - media: rc-loopback: return number of emitters rather than error - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs - ARM: 9105/1: atags_to_fdt: don't warn about stack size - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure - PCI: xilinx-nwl: Enable the clock through CCF - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts - HID: input: do not report stylus battery state as "full" - RDMA/iwcm: Release resources if iw_cm module initialization fails - docs: Fix infiniband uverbs minor number - pinctrl: samsung: Fix pinctrl bank pin count - vfio: Use config not menuconfig for VFIO_NOIOMMU - openrisc: don't printk() unconditionally - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() - scsi: qedi: Fix error codes in qedi_alloc_global_queues() - MIPS: Malta: fix alignment of the devicetree buffer - media: dib8000: rewrite the init prbs logic - crypto: mxs-dcp - Use sg_mapping_iter to copy data - PCI: Use pci_update_current_state() in pci_enable_device_flags() - iio: dac: ad5624r: Fix incorrect handling of an optional regulator. - ARM: dts: qcom: apq8064: correct clock names - video: fbdev: kyro: fix a DoS bug by restricting user input - netlink: Deal with ESRCH error in nlmsg_notify() - Smack: Fix wrong semantics in smk_access_entry() - usb: host: fotg210: fix the endpoint's transactional opportunities calculation - usb: host: fotg210: fix the actual_length of an iso packet - usb: gadget: u_ether: fix a potential null pointer dereference - usb: gadget: composite: Allow bMaxPower=0 if self-powered - staging: board: Fix uninitialized spinlock when attaching genpd - tty: serial: jsm: hold port lock when reporting modem line changes - bpf/tests: Fix copy-and-paste error in double word test - bpf/tests: Do not PASS tests without actually testing the result - video: fbdev: asiliantfb: Error out if 'pixclock' equals zero - video: fbdev: kyro: Error out if 'pixclock' equals zero - video: fbdev: riva: Error out if 'pixclock' equals zero - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() - flow_dissector: Fix out-of-bounds warnings - s390/jump_label: print real address in a case of a jump label bug - serial: 8250: Define RX trigger levels for OxSemi 950 devices - xtensa: ISS: don't panic in rs_init - hvsi: don't panic on tty_register_driver failure - serial: 8250_pci: make setup_port() parameters explicitly unsigned - staging: ks7010: Fix the initialization of the 'sleep_status' structure - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() - Bluetooth: skip invalid hci_sync_conn_complete_evt - ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output - media: v4l2-dv-timings.c: fix wrong condition in two for-loops - arm64: dts: qcom: sdm660: use reg value for memory node - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() - Bluetooth: avoid circular locks in sco_sock_connect - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() - ARM: tegra: tamonten: Fix UART pad setting - rpc: fix gss_svc_init cleanup on failure - staging: rts5208: Fix get_ms_information() heap buffer size - gfs2: Don't call dlm after protocol is unmounted - mmc: sdhci-of-arasan: Check return value of non-void funtions - mmc: rtsx_pci: Fix long reads when clock is prescaled - selftests/bpf: Enlarge select() timeout for test_maps - cifs: fix wrong release in sess_alloc_buffer() failed path - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" - usb: musb: musb_dsps: request_irq() after initializing musb - usbip: give back URBs for unsent unlink requests during cleanup - usbip:vhci_hcd USB port can get stuck in the disabled state - ASoC: rockchip: i2s: Fix regmap_ops hang - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B - parport: remove non-zero check on count - ath9k: fix OOB read ar9300_eeprom_restore_internal - ath9k: fix sleeping in atomic context - net: fix NULL pointer reference in cipso_v4_doi_free - net: w5100: check return value after calling platform_get_resource() - parisc: fix crash with signals and alloca - scsi: BusLogic: Fix missing pr_cont() use - scsi: qla2xxx: Sync queue idx with queue_pair_map idx - cpufreq: powernv: Fix init_chip_info initialization in numa=off - mm/hugetlb: initialize hugetlb_usage in mm_init - memcg: enable accounting for pids in nested pid namespaces - platform/chrome: cros_ec_proto: Send command again when timeout occurs - xen: reset legacy rtc flag for PV domU - bnx2x: Fix enabling network interfaces without VFs - PM: base: power: don't try to use non-existing RTC for storing data - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries - net-caif: avoid user-triggerable WARN_ON(1) - ptp: dp83640: don't define PAGE0 - net/l2tp: Fix reference count leak in l2tp_udp_recv_core - r6040: Restore MDIO clock frequency after MAC reset - tipc: increase timeout in tipc_sk_enqueue() - events: Reuse value read using READ_ONCE instead of re-reading it - net/af_unix: fix a data-race in unix_dgram_poll - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation - mfd: Don't use irq_create_mapping() to resolve a mapping - PCI: Add ACS quirks for Cavium multi-function devices - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 - ethtool: Fix an error code in cxgb2.c - PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n - mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' - ARC: export clear_user_page() for modules - net: dsa: b53: Fix calculating number of switch ports - netfilter: socket: icmp6: fix use-after-scope - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom - net: renesas: sh_eth: Fix freeing wrong tx descriptor - SUNRPC/nfs: Fix return value for nfs4_callback_compound() - usb: mtu3: use @mult for HS isoc or intr - usb: mtu3: fix the wrong HS mult value - lib/mpi: use kcalloc in mpi_resize - media: venus: venc: Fix potential null pointer dereference on pointer fmt - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call - f2fs: fix to unmap pages from userspace process in punch_hole() - userfaultfd: prevent concurrent API initialization - arm64/sve: Use correct size when reinitialising SVE state - perf machine: Initialize srcline string member in add_location struct - net/mlx5: Fix potential sleeping in atomic context - net: hns3: pad the short tunnel frame before sending to hardware - mfd: axp20x: Update AXP288 volatile ranges - KVM: arm64: Handle PSCI resets before userspace touches vCPU state - ip_gre: validate csum_start only on pull [ Ubuntu: 4.15.0-161.169 ] * bionic/linux: 4.15.0-161.169 -proposed tracker (LP: #1947358) * Bionic/linux-aws Boot failure downgrading from Bionic/linux-aws-5.4 on r5.metal (LP: #1946149) - SAUCE: Revert "PCI/MSI: Enforce MSI[X] entry updates to be visible" - SAUCE: Revert "PCI/MSI: Enforce that MSI-X table entry is masked for update" -- Juerg Haefliger <email address hidden> Mon, 25 Oct 2021 17:41:41 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1097.103) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1097.103 -proposed tracker (LP: #1944929) [ Ubuntu: 4.15.0-160.168 ] * bionic/linux: 4.15.0-160.168 -proposed tracker (LP: #1944933) * Packaging resync (LP: #1786013) - debian/dkms-versions -- update from kernel-versions (main/2021.09.27) * ext4 journal recovery fails w/ data=journal + mmap (LP: #1847340) - jbd2: introduce/export functions jbd2_journal_submit|finish_inode_data_buffers() - jbd2, ext4, ocfs2: introduce/use journal callbacks j_submit|finish_inode_data_buffers() - ext4: data=journal: fixes for ext4_page_mkwrite() - ext4: data=journal: write-protect pages on j_submit_inode_data_buffers() - ext4: fix mmap write protection for data=journal mode * CVE-2021-40490 - ext4: fix race writing to an inline_data file while its xattrs are changing * Bionic update: upstream stable patchset 2021-09-22 (LP: #1944600) - iio: humidity: hdc100x: Add margin to the conversion time - iio: adc: Fix incorrect exit of for-loop - ASoC: intel: atom: Fix reference to PCM buffer address - i2c: dev: zero out array used for i2c reads from userspace - ACPI: NFIT: Fix support for virtual SPA ranges - ASoC: cs42l42: Correct definition of ADC Volume control - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J - ASoC: cs42l42: Fix inversion of ADC Notch Switch control - ASoC: cs42l42: Remove duplicate control for WNF filter frequency - net: dsa: mt7530: add the missing RxUnicast MIB counter - ppp: Fix generating ifname when empty IFLA_IFNAME is specified - psample: Add a fwd declaration for skbuff - net: Fix memory leak in ieee802154_raw_deliver - net: bridge: fix memleak in br_add_if() - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets - xen/events: Fix race in set_evtchn_to_irq - vsock/virtio: avoid potential deadlock when vsock device remove - powerpc/kprobes: Fix kprobe Oops happens in booke - x86/tools: Fix objdump version check again - x86/resctrl: Fix default monitoring groups reporting - PCI/MSI: Enable and mask MSI-X early - PCI/MSI: Do not set invalid bits in MSI mask - PCI/MSI: Correct misleading comments - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() - PCI/MSI: Protect msi_desc::masked for multi-MSI - PCI/MSI: Mask all unused MSI-X entries - PCI/MSI: Enforce that MSI-X table entry is masked for update - PCI/MSI: Enforce MSI[X] entry updates to be visible - vmlinux.lds.h: Handle clang's module.{c,d}tor sections - mac80211: drop data frames without key on encrypted links - x86/fpu: Make init_fpstate correct with optimized XSAVE - ath: Use safer key clearing with key cache entries - ath9k: Clear key cache explicitly on disabling hardware - ath: Export ath_hw_keysetmac() - ath: Modify ath_key_delete() to not need full key entry - ath9k: Postpone key cache entry deletion for TXQ frames reference it - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218 - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO - ARM: dts: nomadik: Fix up interrupt controller node names - net: usb: lan78xx: don't modify phy_device state concurrently - Bluetooth: hidp: use correct wait queue when removing ctrl_wait - dccp: add do-while-0 stubs for dccp_pr_debug macros - vhost: Fix the calculation in vhost_overflow() - bnxt: don't lock the tx queue from napi poll - net: 6pack: fix slab-out-of-bounds in decode_data - ptp_pch: Restore dependency on PCI - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 - net: mdio-mux: Don't ignore memory allocation errors - net: mdio-mux: Handle -EPROBE_DEFER correctly - mmc: dw_mmc: Fix hang on data CRC error - ALSA: hda - fix the 'Capture Switch' value change notifications - ipack: tpci200: fix many double free issues in tpci200_pci_probe - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents - ASoC: intel: atom: Fix breakage for PCM buffer address setup - locks: print a warning when mount fails due to lack of "mand" support - fs: warn about impending deprecation of mandatory locks - netfilter: nft_exthdr: fix endianness of tcp option cast - KVM: X86: MMU: Use the correct inherited permissions to get shadow page - ASoC: cs42l42: Fix LRCLK frame start edge - net: igmp: fix data-race in igmp_ifc_timer_expire() - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP - x86/msi: Force affinity setup before startup - x86/ioapic: Force affinity setup before startup - genirq/msi: Ensure deactivation on teardown [ Ubuntu: 4.15.0-158.166 ] * s390x BPF JIT vulnerabilities (LP: #1943960) - SAUCE: s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant - SAUCE: s390/bpf: Fix optimizing out zero-extensions -- Juerg Haefliger <email address hidden> Wed, 29 Sep 2021 16:31:56 +0200
Available diffs
linux-raspi2 (4.15.0-1096.102) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1096.102 -proposed tracker (LP: #1942584) [ Ubuntu: 4.15.0-157.164 ] * bionic/linux: 4.15.0-157.164 -proposed tracker (LP: #1942588) * Packaging resync (LP: #1786013) - debian/dkms-versions -- update from kernel-versions (main/2021.09.06) * dell300x: rsi wifi and bluetooth crash after suspend and resume (LP: #1940488) - Revert "rsi: Use resume_noirq for SDIO" * LRMv5: switch primary version handling to kernel-versions data set (LP: #1928921) - [Packaging] switch to kernel-versions * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout (LP: #1932966) - kvm: Add emulation for movups/movupd * memory leaking when removing a profile (LP: #1939915) - security/apparmor/label.c: Clean code by removing redundant instructions - apparmor: Fix memory leak of profile proxy * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with dump_page() (LP: #1941829) - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit hot-remove error test * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) - btrfs: mark compressed range uptodate only if all bio succeed - regulator: rt5033: Fix n_voltages settings for BUCK and LDO - r8152: Fix potential PM refcount imbalance - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() - net: Fix zero-copy head len calculation. - Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" - KVM: do not allow mapping valid but non-reference-counted pages - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" - spi: mediatek: Fix fifo transfer - padata: validate cpumask without removed CPU during offline - Revert "ACPICA: Fix memory leak caused by _CID repair function" - ALSA: seq: Fix racy deletion of subscriber - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs - omap5-board-common: remove not physically existing vdds_1v8_main fixed- regulator - scsi: sr: Return correct event when media event code is 3 - media: videobuf2-core: dequeue if start_streaming fails - net: natsemi: Fix missing pci_disable_device() in probe and remove - nfp: update ethtool reporting of pauseframe control - mips: Fix non-POSIX regexp - bnx2x: fix an error code in bnx2x_nic_load() - net: pegasus: fix uninit-value in get_interrupt_interval - net: fec: fix use-after-free in fec_drv_remove - net: vxge: fix use-after-free in vxge_device_unregister - Bluetooth: defer cleanup of resources in hci_unregister_dev() - USB: usbtmc: Fix RCU stall warning - USB: serial: option: add Telit FD980 composition 0x1056 - USB: serial: ch341: fix character loss at high transfer rates - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers - usb: gadget: f_hid: fixed NULL pointer dereference - usb: gadget: f_hid: idle uses the highest byte for duration - usb: otg-fsm: Fix hrtimer list corruption - scripts/tracing: fix the bug that can't parse raw_trace_func - staging: rtl8723bs: Fix a resource leak in sd_int_dpc - media: rtl28xxu: fix zero-length control request - pipe: increase minimum default pipe size to 2 pages - ext4: fix potential htree corruption when growing large_dir directories - serial: 8250: Mask out floating 16/32-bit bus bits - MIPS: Malta: Do not byte-swap accesses to the CBUS UART - pcmcia: i82092: fix a null pointer dereference bug - spi: meson-spicc: fix memory leak in meson_spicc_remove - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest - qmi_wwan: add network device usage statistics for qmimux devices - libata: fix ata_pio_sector for CONFIG_HIGHMEM - reiserfs: add check for root_inode in reiserfs_fill_super - reiserfs: check directory items on read from disk - alpha: Send stop IPI to send to online CPUs - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset - USB:ehci:fix Kunpeng920 ehci hardware problem - ppp: Fix generating ppp unit id when ifname is not specified - ovl: prevent private clone if bind mount is not allowed - net: xilinx_emaclite: Do not print real IOMEM pointer - KVM: x86: accept userspace interrupt only if no event is injected - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315) - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c - KVM: x86: determine if an exception has an error code only when injecting it. - net: split out functions related to registering inflight socket files - [Config] updateconfigs for UNIX_SCM - af_unix: fix garbage collect vs MSG_PEEK - net/802/mrp: fix memleak in mrp_request_join() - net/802/garp: fix memleak in garp_request_join() - net: annotate data race around sk_ll_usec - sctp: move 198 addresses from unusable to private scope - hfs: add missing clean-up in hfs_fill_super - hfs: fix high memory mapping in hfs_bnode_read - hfs: add lock nesting notation to hfs_find_init - ARM: dts: versatile: Fix up interrupt controller node names - virtio_net: Do not pull payload in skb->head - gro: ensure frag0 meets IP header alignment - x86/kvm: fix vcpu-id indexed array sizes - ocfs2: fix zero out valid data - ocfs2: issue zeroout to EOF blocks - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: usb_8dev: fix memory leak - can: ems_usb: fix memory leak - can: esd_usb2: fix memory leak - NIU: fix incorrect error return, missed in previous revert - nfc: nfcsim: fix use after free during module unload - x86/asm: Ensure asm/proto.h can be included stand-alone - cfg80211: Fix possible memory leak in function cfg80211_bss_update - netfilter: conntrack: adjust stop timestamp to real expiry value - netfilter: nft_nat: allow to specify layer 4 protocol NAT only - tipc: fix sleeping in tipc accept routine - mlx4: Fix missing error code in mlx4_load_one() - net: llc: fix skb_over_panic - net/mlx5: Fix flow table chaining - sctp: fix return value check in __sctp_rcv_asconf_lookup - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove - sis900: Fix missing pci_disable_device() in probe and remove - can: hi311x: fix a signedness bug in hi3110_cmd() - i40e: Fix log TC creation failure when max num of queues is exceeded - i40e: Add additional info to PHY type error * Bionic update: upstream stable patchset 2021-08-13 (LP: #1939913) - ARM: dts: gemini: add device_type on pci - ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 - arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi - ARM: dts: rockchip: Fix the timer clocks order - ARM: dts: rockchip: Fix power-controller node names for rk3288 - arm64: dts: rockchip: Fix power-controller node names for rk3328 - reset: ti-syscon: fix to_ti_syscon_reset_data macro - ARM: brcmstb: dts: fix NAND nodes names - ARM: Cygnus: dts: fix NAND nodes names - ARM: NSP: dts: fix NAND nodes names - ARM: dts: BCM63xx: Fix NAND nodes names - ARM: dts: imx6: phyFLEX: Fix UART hardware flow control - ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info - ARM: dts: stm32: fix RCC node name on stm32f429 MCU - arm64: dts: juno: Update SCPI nodes as per the YAML schema - arm64: dts: ls208xa: remove bus-num from dspi node - thermal/core: Correct function name thermal_zone_device_unregister() - kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set - rtc: max77686: Do not enforce (incorrect) interrupt trigger type - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 - scsi: libfc: Fix array index out of bound exception - sched/fair: Fix CFS bandwidth hrtimer expiry type - net: ipv6: fix return value of ip6_skb_dst_mtu - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo - net: bridge: sync fdb to new unicast-filtering ports - net: bcmgenet: Ensure all TX/RX queues DMAs are disabled - net: moxa: fix UAF in moxart_mac_probe - net: qcom/emac: fix UAF in emac_remove - net: ti: fix UAF in tlan_remove_one - net: send SYNACK packet with accepted fwmark - net: validate lwtstate->data before returning from skb_tunnel_info() - dma-buf/sync_file: Don't leak fences on merge failure - tcp: annotate data races around tp->mtu_info - ipv6: tcp: drop silly ICMPv6 packet too big messages - igb: Fix use-after-free error during reset - ixgbe: Fix an error handling path in 'ixgbe_probe()' - igb: Fix an error handling path in 'igb_probe()' - fm10k: Fix an error handling path in 'fm10k_probe()' - e1000e: Fix an error handling path in 'e1000_probe()' - iavf: Fix an error handling path in 'iavf_probe()' - igb: Check if num of q_vectors is smaller than max before array access - perf probe: Fix dso->nsinfo refcounting - perf lzma: Close lzma stream on exit - perf test bpf: Free obj_buf - perf probe-file: Delete namelist in del_events() on the error path - spi: mediatek: fix fifo rx mode - liquidio: Fix unintentional sign extension issue on left shift of u16 - s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] - net: fix uninit-value in caif_seqpkt_sendmsg - net: decnet: Fix sleeping inside in af_decnet - netrom: Decrease sock refcount when sock timers expire - scsi: iscsi: Fix iface sysfs attr detection - scsi: target: Fix protect handling in WRITE SAME(32) - spi: cadence: Correct initialisation of runtime PM again - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" - proc: Avoid mixing integer types in mem_rw() - s390/ftrace: fix ftrace_update_ftrace_func implementation - ALSA: sb: Fix potential ABBA deadlock in CSP driver - xhci: Fix lost USB 2 remote wake - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS - usb: max-3421: Prevent corruption of freed memory - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() - USB: serial: option: add support for u-blox LARA-R6 family - USB: serial: cp210x: fix comments for GE CS1000 - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - ixgbe: Fix packet corruption due to missing DMA sync - selftest: use mmap instead of posix_memalign to allocate memory - drm: Return -ENOTTY for non-drm ioctls - net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear - iio: accel: bma180: Use explicit member assignment - iio: accel: bma180: Fix BMA25x bandwidth register values - btrfs: compression: don't try to compress if we don't have enough pages - spi: spi-fsl-dspi: Fix a resource leak in an error handling path - xhci: add xhci_get_virt_ep() helper - bpftool: Properly close va_list 'ap' by va_end() on error - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove - perf dso: Fix memory leak in dso__new_map() - net/tcp_fastopen: fix data races around tfo_active_disable_stamp - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING - drm/panel: raspberrypi-touchscreen: Prevent double-free - KVM: do not assume PTE is writable after follow_pfn - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() - net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz - workqueue: fix UAF in pwq_unbound_release_workfn() - upstream stable to v4.14.241, v4.19.200 -- Juerg Haefliger <email address hidden> Sat, 11 Sep 2021 10:05:23 +0200
Available diffs
linux-raspi2 (4.15.0-1095.101) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1095.101 -proposed tracker (LP: #1939829) [ Ubuntu: 4.15.0-156.163 ] * bionic/linux: 4.15.0-156.163 -proposed tracker (LP: #1940162) * linux (LP: #1940564) - SAUCE: Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue" * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653 - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) * fails to launch linux L2 guests on AMD (LP: #1940134) - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl" [ Ubuntu: 4.15.0-155.162 ] * bionic/linux: 4.15.0-155.162 -proposed tracker (LP: #1939833) * Packaging resync (LP: #1786013) - debian/dkms-versions -- update from kernel-versions (main/2021.08.16) * CVE-2021-3656 - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested * CVE-2021-3653 - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl * dev_forward_skb: do not scrub skb mark within the same name space (LP: #1935040) - dev_forward_skb: do not scrub skb mark within the same name space * 'ptrace trace' needed to readlink() /proc/*/ns/* files on older kernels (LP: #1890848) - apparmor: fix ptrace read check * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) - ALSA: usb-audio: fix rate on Ozone Z90 USB headset - media: dvb-usb: fix wrong definition - Input: usbtouchscreen - fix control-request directions - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() - usb: gadget: eem: fix echo command packet response issue - USB: cdc-acm: blacklist Heimann USB Appset device - ntfs: fix validity check for file name attribute - iov_iter_fault_in_readable() should do nothing in xarray case - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl - ARM: dts: at91: sama5d4: fix pinctrl muxing - btrfs: send: fix invalid path for unlink operations after parent orphanization - btrfs: clear defrag status of a root if starting transaction fails - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle - ext4: fix kernel infoleak via ext4_extent_header - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit - ext4: remove check for zero nr_to_scan in ext4_es_scan() - ext4: fix avefreec in find_group_orlov - ext4: use ext4_grp_locked_error in mb_find_extent - can: gw: synchronize rcu operations before removing gw job entry - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path - SUNRPC: Fix the batch tasks count wraparound. - SUNRPC: Should wake up the privileged task firstly. - s390/cio: dont call css_wait_for_slow_path() inside a lock - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR - iio: ltr501: ltr501_read_ps(): add missing endianness conversion - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() - serial_cs: Add Option International GSM-Ready 56K/ISDN modem - serial_cs: remove wrong GLOBETROTTER.cis entry - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() - ssb: sdio: Don't overwrite const buffer if block_write fails - rsi: Assign beacon rate settings to the correct rate_info descriptor field - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 - fuse: check connected before queueing on fpq->io - spi: Make of_register_spi_device also set the fwnode - spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' - spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() - spi: omap-100k: Fix the length judgment problem - crypto: nx - add missing MODULE_DEVICE_TABLE - media: cpia2: fix memory leak in cpia2_usb_probe - media: cobalt: fix race condition in setting HPD - media: pvrusb2: fix warning in pvr2_i2c_core_done - crypto: qat - check return code of qat_hal_rd_rel_reg() - crypto: qat - remove unused macro in FW loader - media: em28xx: Fix possible memory leak of em28xx struct - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release - media: bt8xx: Fix a missing check bug in bt878_probe - media: st-hva: Fix potential NULL pointer dereferences - media: dvd_usb: memory leak in cinergyt2_fe_attach - mmc: via-sdmmc: add a check against NULL pointer dereference - crypto: shash - avoid comparing pointers to exported functions under CFI - media: dvb_net: avoid speculation from net slot - media: siano: fix device register error path - btrfs: fix error handling in __btrfs_update_delayed_inode - btrfs: abort transaction if we fail to update the delayed inode - btrfs: disable build on platforms having page size 256K - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel - HID: do not use down_interruptible() when unbinding devices - ACPI: processor idle: Fix up C-state latency if not ordered - hv_utils: Fix passing zero to 'PTR_ERR' warning - lib: vsprintf: Fix handling of number field widths in vsscanf - ACPI: EC: Make more Asus laptops use ECDT _GPE - block_dump: remove block_dump feature in mark_inode_dirty() - fs: dlm: cancel work sync othercon - random32: Fix implicit truncation warning in prandom_seed_state() - fs: dlm: fix memory leak when fenced - ACPICA: Fix memory leak caused by _CID repair function - ACPI: bus: Call kobject_put() in acpi_init() error path - platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() - ACPI: tables: Add custom DSDT file as makefile prerequisite - HID: wacom: Correct base usage for capacitive ExpressKey status bits - ia64: mca_drv: fix incorrect array size calculation - media: s5p_cec: decrement usage count if disabled - crypto: ixp4xx - dma_unmap the correct address - crypto: ux500 - Fix error return code in hash_hw_final() - sata_highbank: fix deferred probing - pata_rb532_cf: fix deferred probing - media: I2C: change 'RST' to "RSET" to fix multiple build errors - pata_octeon_cf: avoid WARN_ON() in ata_host_activate() - crypto: ccp - Fix a resource leak in an error handling path - pata_ep93xx: fix deferred probing - media: exynos4-is: Fix a use after free in isp_video_release - media: tc358743: Fix error return code in tc358743_probe_of() - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() - mmc: usdhi6rol0: fix error return code in usdhi6_probe() - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx - hwmon: (max31722) Remove non-standard ACPI device IDs - hwmon: (max31790) Fix fan speed reporting for fan7..12 - btrfs: clear log tree recovering status if starting transaction fails - spi: spi-sun6i: Fix chipselect/clock bug - crypto: nx - Fix RCU warning in nx842_OF_upd_status - ACPI: sysfs: Fix a buffer overrun problem with description_show() - ocfs2: fix snprintf() checking - net: pch_gbe: Propagate error from devm_gpio_request_one() - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() - ehea: fix error return code in ehea_restart_qps() - RDMA/rxe: Fix failure during driver load - drm: qxl: ensure surf.data is ininitialized - wireless: carl9170: fix LEDS build errors & warnings - brcmsmac: mac80211_if: Fix a resource leak in an error handling path - ath10k: Fix an error code in ath10k_add_interface() - netlabel: Fix memory leak in netlbl_mgmt_add_common - netfilter: nft_exthdr: check for IPv6 packet before further processing - samples/bpf: Fix the error return code of xdp_redirect's main() - net: ethernet: aeroflex: fix UAF in greth_of_remove - net: ethernet: ezchip: fix UAF in nps_enet_remove - net: ethernet: ezchip: fix error handling - pkt_sched: sch_qfq: fix qfq_change_class() error path - vxlan: add missing rcu_read_lock() in neigh_reduce() - net: bcmgenet: Fix attaching to PYH failed on RPi 4B - i40e: Fix error handling in i40e_vsi_open - Revert "ibmvnic: remove duplicate napi_schedule call in open function" - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid - writeback: fix obtain a reference to a freeing memcg css - net: sched: fix warning in tcindex_alloc_perfect_hash - tty: nozomi: Fix a resource leak in an error handling function - mwifiex: re-fix for unaligned accesses - iio: adis_buffer: do not return ints in irq handlers - iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() - Input: hil_kbd - fix error return code in hil_dev_connect() - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() - tty: nozomi: Fix the error handling path of 'nozomi_card_init()' - scsi: FlashPoint: Rename si_flags field - s390: appldata depends on PROC_SYSCTL - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() - iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() - staging: gdm724x: check for overflow in gdm_lte_netif_rx() - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK - of: Fix truncation of memory sizes on 32-bit platforms - scsi: mpt3sas: Fix error return value in _scsih_expander_add() - phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe() - extcon: sm5502: Drop invalid register write in sm5502_reg_data - extcon: max8997: Add missing modalias string - configfs: fix memleak in configfs_release_bin_file - leds: as3645a: Fix error return code in as3645a_parse_node() - leds: ktd2692: Fix an error handling path - mm/huge_memory.c: don't discard hugepage if other processes are mapping it - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random - mmc: vub3000: fix control-request direction - scsi: core: Retry I/O for Notify (Enable Spinup) Required error - drm/mxsfb: Don't select DRM_KMS_FB_HELPER - drm/zte: Don't select DRM_KMS_FB_HELPER - drm/amd/amdgpu/sriov disable all ip hw status by default - net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() - hugetlb: clear huge pte during flush function on mips platform - atm: iphase: fix possible use-after-free in ia_module_exit() - mISDN: fix possible use-after-free in HFC_cleanup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT - reiserfs: add check for invalid 1st journal block - drm/virtio: Fix double free on probe failure - udf: Fix NULL pointer dereference in udf_symlink function - e100: handle eeprom as little endian - clk: renesas: r8a77995: Add ZA2 clock - clk: tegra: Ensure that PLLU configuration is applied properly - ipv6: use prandom_u32() for ID generation - RDMA/cxgb4: Fix missing error code in create_qp() - dm space maps: don't reset space map allocation cursor when committing - virtio_net: Remove BUG() to avoid machine dead - net: bcmgenet: check return value after calling platform_get_resource() - net: micrel: check return value after calling platform_get_resource() - fjes: check return value after calling platform_get_resource() - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC - xfrm: Fix error reporting in xfrm_state_construct. - wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP - wl1251: Fix possible buffer overflow in wl1251_cmd_scan - cw1200: add missing MODULE_DEVICE_TABLE - atm: nicstar: use 'dma_free_coherent' instead of 'kfree' - atm: nicstar: register the interrupt handler in the right place - vsock: notify server to shutdown when client has pending signal - RDMA/rxe: Don't overwrite errno from ib_umem_get() - iwlwifi: mvm: don't change band on bound PHY contexts - sfc: avoid double pci_remove of VFs - sfc: error code if SRIOV cannot be disabled - wireless: wext-spy: Fix out-of-bounds warning - RDMA/cma: Fix rdma_resolve_route() memory leak - Bluetooth: Fix the HCI to MGMT status conversion table - Bluetooth: Shutdown controller after workqueues are flushed or cancelled - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. - sctp: validate from_addr_param return - sctp: add size validation when walking chunks - fscrypt: don't ignore minor_hash when hash is 0 - bdi: Do not use freezable workqueue - fuse: reject internal errno - powerpc/barrier: Avoid collision with clang's __lwsync macro - usb: gadget: f_fs: Fix setting of device and driver data cross-references - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() - pinctrl/amd: Add device HID for new AMD GPIO controller - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode - mmc: core: clear flags before allowing to retune - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported - ata: ahci_sunxi: Disable DIPM - cpu/hotplug: Cure the cpusets trainwreck - ASoC: tegra: Set driver_name=tegra for all machine drivers - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute - ipmi/watchdog: Stop watchdog timer when the current action is 'none' - power: supply: ab8500: Fix an old bug - seq_buf: Fix overflow in seq_buf_putmem_hex() - tracing: Simplify & fix saved_tgids logic - ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe - dm btree remove: assign new_root only when removal succeeds - media: dtv5100: fix control-request directions - media: zr364xx: fix memory leak in zr364xx_start_readpipe - media: gspca/sq905: fix control-request direction - media: gspca/sunplus: fix zero-length control requests - jfs: fix GPF in diFree - smackfs: restrict bytes count in smk_set_cipso() - KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled - KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid - tracing: Do not reference char * as a string in histograms - PCI: aardvark: Don't rely on jiffies while holding spinlock - PCI: aardvark: Fix kernel panic during PIO transfer - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero - misc/libmasm/module: Fix two use after free in ibmasm_init_one - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" - w1: ds2438: fixing bug that would always get page0 - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs - scsi: core: Cap scsi_host cmd_per_lun at can_queue - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - fs/jfs: Fix missing error code in lmLogInit() - scsi: iscsi: Add iscsi_cls_conn refcount helpers - scsi: iscsi: Fix shost->max_id use - scsi: qedi: Fix null ref during abort handling - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE - s390/sclp_vt220: fix console name to match device - ALSA: sb: Fix potential double-free of CSP mixer elements - powerpc/ps3: Add dma_mask to ps3_dma_region - gpio: zynq: Check return value of pm_runtime_get_sync - ALSA: ppc: fix error return code in snd_pmac_probe() - selftests/powerpc: Fix "no_handler" EBB selftest - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() - ALSA: bebob: add support for ToneWeal FW66 - usb: gadget: f_hid: fix endianness issue with descriptors - usb: gadget: hid: fix error return code in hid_bind() - powerpc/boot: Fixup device-tree on little endian - backlight: lm3630a: Fix return code of .update_status() callback - ALSA: hda: Add IRQ check for platform_get_irq() - staging: rtl8723bs: fix macro value for 2.4Ghz only device - intel_th: Wait until port is in reset before programming it - i2c: core: Disable client irq on reboot/shutdown - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. - pwm: spear: Don't modify HW state in .remove callback - power: supply: ab8500: Avoid NULL pointers - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE - ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 - watchdog: Fix possible use-after-free in wdt_startup() - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() - watchdog: Fix possible use-after-free by calling del_timer_sync() - watchdog: iTCO_wdt: Account for rebooting on second timeout - x86/fpu: Return proper error codes from user access functions - orangefs: fix orangefs df output. - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty - NFS: nfs_find_open_context() may only select open files - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE - power: supply: ab8500: add missing MODULE_DEVICE_TABLE - pwm: tegra: Don't modify HW state in .remove callback - ACPI: AMBA: Fix resource name in /proc/iomem - ACPI: video: Add quirk for the Dell Vostro 3350 - virtio-blk: Fix memory leak among suspend/resume procedure - virtio_net: Fix error handling in virtnet_restore() - virtio_console: Assure used length from device is limited - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun - power: supply: rt5033_battery: Fix device tree enumeration - um: fix error return code in slip_open() - um: fix error return code in winch_tramp() - watchdog: aspeed: fix hardware timeout calculation - nfs: fix acl memory leak of posix_acl_create() - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode - x86/fpu: Limit xstate copy size in xstateregs_set() - ALSA: isa: Fix error return code in snd_cmi8330_probe() - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times - hexagon: use common DISCARDS macro - reset: a10sr: add missing of_match_table reference - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 - memory: atmel-ebi: add missing of_node_put for loop iteration - rtc: fix snprintf() checking in is_rtc_hctosys() - ARM: dts: r8a7779, marzen: Fix DU clock names - ARM: dts: BCM5301X: Fixup SPI binding - reset: bail if try_module_get() fails - memory: fsl_ifc: fix leak of IO mapping on probe failure - memory: fsl_ifc: fix leak of private memory on probe failure - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() - mips: always link byteswap helpers into decompressor - mips: disable branch profiling in boot/decompress.o - MIPS: vdso: Invalid GIC access through VDSO - net: bridge: multicast: fix PIM hello router port marking race - ALSA: usb-audio: Fix OOB access at proc output - iio: light: tcs3472: do not free unallocated IRQ - rsi: fix AP mode with WPA failure due to encrypted EAPOL - evm: Execute evm_inode_init_security() only when an HMAC key is loaded - evm: fix writing <securityfs>/evm overflow - wcn36xx: Move hal_buf allocation to devm_kmalloc in probe - ssb: Fix error return code in ssb_bus_scan() - brcmfmac: fix setting of station info chains bitmask - ipv6: exthdrs: do not blindly use init_net - i40e: Fix autoneg disabling for non-10GBaseT links - ipv6: fix out-of-bound access in ip6_parse_tlv() - iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() - ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() - visorbus: fix error return code in visorchipset_init() - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates - powerpc: Offline CPU in stop_this_cpu() - serial: mvebu-uart: correctly calculate minimal possible baudrate - arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART - vfio/pci: Handle concurrent vma faults - clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround - coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby - media: subdev: disallow ioctl for saa6588/davinci - PCI: iproc: Fix multi-MSI base vector number allocation - PCI: iproc: Support multi-MSI only on uniprocessor kernel - virtio_net: move tx vq operation under tx queue lock - ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 - ARM: dts: am437x: align ti,pindir-d0-out-d1-in property with dt-shema * Bionic update: upstream stable patchset 2021-07-20 (LP: #1936960) - include/linux/mmdebug.h: make VM_WARN* non-rvals - mm: add VM_WARN_ON_ONCE_PAGE() macro - mm/rmap: remove unneeded semicolon in page_not_mapped() - mm/rmap: use page_not_mapped in try_to_unmap() - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting - mm/thp: fix vma_address() if virtual address below file offset - mm/thp: fix page_address_in_vma() on file THP tails - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split - mm: page_vma_mapped_walk(): use page for pvmw->page - mm: page_vma_mapped_walk(): settle PageHuge on entry - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block - mm: page_vma_mapped_walk(): crossing page table boundary - mm: page_vma_mapped_walk(): add a level of indentation - mm: page_vma_mapped_walk(): use goto instead of while (1) - mm: page_vma_mapped_walk(): get vma_address_end() earlier - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() - mm, futex: fix shared futex pgoff on shmem huge page - scsi: sr: Return appropriate error code when disk is ejected - drm/nouveau: fix dma_address check for CPU/GPU sync - kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit - kthread_worker: split code for canceling the delayed work timer - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() - xen/events: reset active flag for lateeoi events later - ARM: dts: imx6qdl-sabresd: Remove incorrect power supply assignment - ARM: OMAP: replace setup_irq() by request_irq() - clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support - clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) - Revert "UBUNTU: SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"" - proc: Track /proc/$pid/attr/ opener mm_struct - net/nfc/rawsock.c: fix a permission check bug - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE - isdn: mISDN: netjet: Fix crash in nj_probe: - bonding: init notify_work earlier to avoid uninitialized use - netlink: disable IRQs for netlink_lock_table() - net: mdiobus: get rid of a BUG_ON() - cgroup: disable controllers at parse time - wq: handle VM suspension in stall detection - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock - scsi: vmw_pvscsi: Set correct residual data length - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal - net: macb: ensure the device is available before accessing GEMGXL control registers - net: appletalk: cops: Fix data race in cops_probe1 - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER - bnx2x: Fix missing error code in bnx2x_iov_init_one() - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers - i2c: mpc: Make use of i2c_recover_bus() - i2c: mpc: implement erratum A-004447 workaround - drm: Fix use-after-free read in drm_getunique() - drm: Lock pointer access in drm_master_release() - kvm: avoid speculation-based attacks from out-of-range memslot accesses - staging: rtl8723bs: Fix uninitialized variables - btrfs: return value from btrfs_mark_extent_written() in case of error - cgroup1: don't allow '\n' in renaming - USB: f_ncm: ncm_bitrate (speed) is unsigned - usb: dwc3: ep0: fix NULL pointer exception - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind - USB: serial: ftdi_sio: add NovaTech OrionMX product ID - USB: serial: omninet: add device id for Zyxel Omni 56K Plus - USB: serial: quatech2: fix control-request directions - usb: gadget: eem: fix wrong eem header operation - usb: fix various gadgets null ptr deref on 10gbps cabling. - usb: fix various gadget panics on 10gbps cabling - regulator: core: resolve supply for boot-on/always-on regulators - regulator: max77620: Use device_set_of_node_from_dev() - perf: Fix data race between pin_count increment/decrement - NFS: Fix a potential NULL dereference in nfs_get_client() - perf session: Correct buffer copying when peeking events - kvm: fix previous commit for 32-bit builds - NFS: Fix use-after-free in nfs4_init_client() - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. - scsi: core: Fix error handling of scsi_host_alloc() - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING - scsi: core: Only put parent device if host state differs from SHOST_CREATED - ftrace: Do not blindly read the ip address in ftrace_bug() - tracing: Correct the length check which causes memory corruption - proc: only require mm_struct for writing - scsi: bnx2fc: Return failure if io_req is already in ABTS processing - ARM: dts: imx6qdl-sabresd: Assign corresponding power supply for LDOs - usb: f_ncm: only first packet of aggregate needs to start timer - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms - RDMA/mlx4: Do not map the core_clock page to user space unless enabled - vmlinux.lds.h: Avoid orphan section with !SMP - sched/fair: Make sure to update tg contrib for blocked load - net: ieee802154: fix null deref in parse dev addr - HID: hid-sensor-hub: Return error for hid_set_field() failure - HID: Add BUS_VIRTUAL to hid_connect logging - HID: usbhid: fix info leak in hid_submit_ctrl - ARM: OMAP2+: Fix build warning when mmc_omap is not built - HID: gt683r: add missing MODULE_DEVICE_TABLE - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - scsi: target: core: Fix warning on realtime kernels - ethernet: myri10ge: Fix missing error code in myri10ge_probe() - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() - net: ipconfig: Don't override command-line hostnames or domains - rtnetlink: Fix missing error code in rtnl_bridge_notify() - net/x25: Return the correct errno code - net: Return the correct errno code - fib: Return the correct errno code - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM - dmaengine: stedma40: add missing iounmap() on error in d40_probe() - mm/memory-failure: make sure wait for page writeback in memory_failure - batman-adv: Avoid WARN_ON timing related checks - net: ipv4: fix memory leak in netlbl_cipsov4_add_std - net: rds: fix memory leak in rds_recvmsg - udp: fix race between close() and udp_abort() - rtnetlink: Fix regression in bridge VLAN configuration - netfilter: synproxy: Fix out of bounds when parsing TCP options - alx: Fix an error handling path in 'alx_probe()' - net: stmmac: dwmac1000: Fix extended MAC address registers definition - qlcnic: Fix an error handling path in 'qlcnic_probe()' - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' - net: cdc_ncm: switch to eth%d interface naming - net: usb: fix possible use-after-free in smsc75xx_bind - net: ipv4: fix memory leak in ip_mc_add1_src - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock - be2net: Fix an error handling path in 'be_probe()' - net: hamradio: fix memory leak in mkiss_close - net: cdc_eem: fix tx fixup skb leak - icmp: don't send out ICMP messages with a source address of 0.0.0.0 - net: ethernet: fix potential use-after-free in ec_bhf_remove - radeon: use memcpy_to/fromio for UVD fw upload - hwmon: (scpi-hwmon) shows the negative temperature properly - can: bcm: fix infoleak in struct bcm_msg_head - can: mcba_usb: fix memory leak in mcba_usb - usb: core: hub: Disable autosuspend for Cypress CY7C65632 - tracing: Do not stop recording cmdlines when tracing is off - tracing: Do not stop recording comms if the trace file is being read - tracing: Do no increment trace_clock_global() by one - PCI: Mark TI C667X to avoid bus reset - PCI: Mark some NVIDIA GPUs to avoid bus reset - PCI: Add ACS quirk for Broadcom BCM57414 NIC - PCI: Work around Huawei Intelligent NIC VF FLR erratum - ARCv2: save ABI registers across signal handling - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc - net: bridge: fix vlan tunnel dst null pointer dereference - net: bridge: fix vlan tunnel dst refcnt when egressing - mm/slub.c: include swab.h - net: fec_ptp: add clock rate zero check - can: bcm/raw/isotp: use per module netdevice notifier - inet: use bigger hash table for IP ID generation - usb: dwc3: core: fix kernel panic when do reboot - x86/fpu: Reset state for all signal restore failures - drm/nouveau: wait for moving fence after pinning v2 - drm/radeon: wait for moving fence after pinning - ARM: 9081/1: fix gcc-10 thumb2-kernel regression - Makefile: Move -Wno-unused-but-set-variable out of GCC only block - MIPS: generic: Update node names to avoid unit addresses - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" - mac80211: remove warning in ieee80211_get_sband() - cfg80211: call cfg80211_leave_ocb when switching away from OCB - mac80211: drop multicast fragments - ping: Check return value of function 'ping_queue_rcv_skb' - inet: annotate date races around sk->sk_txhash - net: caif: fix memory leak in ldisc_open - net/packet: annotate accesses to po->bind - net/packet: annotate accesses to po->ifindex - r8152: Avoid memcpy() over-reading of ETH_SS_STATS - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS - r8169: Avoid memcpy() over-reading of ETH_SS_STATS - net: qed: Fix memcpy() overflow of qed_dcbx_params() - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY - pinctrl: stm32: fix the reported number of GPIO lines per bank - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group - i2c: robotfuzz-osif: fix control-request directions - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V - net/mlx5e: Remove dependency in IPsec initialization flows - net: add documentation to socket.c - net: make get_net_ns return error if NET_NS is disabled - net: qrtr: fix OOB Read in qrtr_endpoint_post - ptp: ptp_clock: Publish scaled_ppm_to_ppb - ptp: improve max_adj check against unreasonable values - net: fec_ptp: fix issue caused by refactor the fec_devtype - ASoC: rt5659: Fix the lost powers for the HDA header - cfg80211: make certificate generation more robust - mm/slub: clarify verification reporting - net: ethtool: clear heap allocations for ethtool function - PCI: Add AMD RS690 quirk to enable 64-bit DMA - upstream stable to v4.14.238, v4.19.196 -- Juerg Haefliger <email address hidden> Mon, 23 Aug 2021 13:04:31 +0200
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1094.100) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1094.100 -proposed tracker (LP: #1936562) [ Ubuntu: 4.15.0-154.161 ] * bionic/linux: 4.15.0-154.161 -proposed tracker (LP: #1938411) * Potential reverts of 4.19.y stable changes in 18.04 (LP: #1938537) - SAUCE: Revert "locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal" - SAUCE: Revert "drm/amd/amdgpu: fix refcount leak" * Packaging resync (LP: #1786013) - [Packaging] resync getabis - [Packaging] update helper scripts - update dkms package versions * btrfs: Automatic balance returns -EUCLEAN and leads to forced readonly filesystem (LP: #1934709) // CVE-2019-19036 - btrfs: Validate child tree block's level and first key - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations * btrfs: Automatic balance returns -EUCLEAN and leads to forced readonly filesystem (LP: #1934709) - Revert "btrfs: Detect unbalanced tree with empty leaf before crashing btree operations" - Revert "btrfs: Validate child tree block's level and first key" - btrfs: Only check first key for committed tree blocks - btrfs: Fix wrong first_key parameter in replace_path * Enable fib-onlink-tests.sh and msg_zerocopy.sh in kselftests/net on Bionic (LP: #1934759) - selftests: Add fib-onlink-tests.sh to TEST_PROGS - selftests: net: use TEST_PROGS_EXTENDED - selftests/net: enable msg_zerocopy test - SAUCE: selftests: Make fib-onlink-tests.sh executable * Kernel oops due to uninitialized list on kernfs (kernfs_kill_sb) (LP: #1934175) - kernfs: deal with kernfs_fill_super() failures - unfuck sysfs_mount() * large_dir in ext4 broken (LP: #1933074) - SAUCE: ext4: fix directory index node split corruption * btrfs: Attempting to balance a nearly full filesystem with relocated root nodes fails (LP: #1933172) // CVE-2019-19036 - btrfs: reloc: fix reloc root leak and NULL pointer dereference * btrfs: Attempting to balance a nearly full filesystem with relocated root nodes fails (LP: #1933172) - Revert "btrfs: reloc: fix reloc root leak and NULL pointer dereference" * Pixel format change broken for Elgato Cam Link 4K (LP: #1932367) - (upstream) media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K * Bionic update: upstream stable patchset 2021-06-23 (LP: #1933375) - net: usb: cdc_ncm: don't spew notifications - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared - efi: cper: fix snprintf() use in cper_dimm_err_location() - vfio/pci: Fix error return code in vfio_ecap_init() - vfio/pci: zap_vma_ptes() needs MMU - vfio/platform: fix module_put call in error flow - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service - HID: pidff: fix error return code in hid_pidff_init() - HID: i2c-hid: fix format string mismatch - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches - ieee802154: fix error return code in ieee802154_add_iface() - ieee802154: fix error return code in ieee802154_llsec_getparams() - Bluetooth: fix the erroneous flush_work() order - Bluetooth: use correct lock to prevent UAF of hdev object - net: caif: added cfserl_release function - net: caif: add proper error handling - net: caif: fix memory leak in caif_device_notify - net: caif: fix memory leak in cfusbl_device_notify - ALSA: timer: Fix master timer notification - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed - pid: take a reference when initializing `cad_pid` - ocfs2: fix data corruption by fallocate - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect - btrfs: fix error handling in btrfs_del_csums - btrfs: fixup error handling in fixup_inode_link_counts - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY - selftests/bpf: make 'dubious pointer arithmetic' test useful - bnxt_en: Remove the setting of dev_port. - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode - sched/fair: Optimize select_idle_cpu - xen-pciback: redo VF placement in the virtual topology - ALSA: usb: update old-style static const declaration - nl80211: validate key indexes for cfg80211_registered_device - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing - btrfs: return errors from btrfs_del_csums in cleanup_ref_head - KVM: arm64: Fix debug register indexing -- Juerg Haefliger <email address hidden> Tue, 03 Aug 2021 11:20:37 +0200
Available diffs
linux-raspi2 (4.15.0-1093.99) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1093.99 -proposed tracker (LP: #1938315) [ Ubuntu: 4.15.0-153.160 ] * bionic/linux: 4.15.0-153.160 -proposed tracker (LP: #1938319) * 4.15.0-151 is freezing various CPUs (LP: #1938013) - mac80211: fix memory corruption in EAPOL handling -- Stefan Bader <email address hidden> Thu, 29 Jul 2021 09:25:29 +0200
Available diffs
linux-raspi2 (4.15.0-1092.98) bionic; urgency=medium
[ Ubuntu: 4.15.0-151.157 ]
* CVE-2021-33909
- SAUCE: seq_file: Disallow extremely large seq buffer allocations
Available diffs
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1091.96) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1091.96 -proposed tracker (LP: #1934370) [ Ubuntu: 4.15.0-150.155 ] * bionic/linux: 4.15.0-150.155 -proposed tracker (LP: #1934374) * lxd exec fails (LP: #1934187) - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"
Available diffs
| Deleted in bionic-proposed (Reason: NBS) |
linux-raspi2 (4.15.0-1090.95) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1090.95 -proposed tracker (LP: #1932511) * Packaging resync (LP: #1786013) - [Packaging] resync getabis - [Packaging] update helper scripts [ Ubuntu: 4.15.0-149.153 ] * bionic/linux: 4.15.0-149.153 -proposed tracker (LP: #1933434) * selftests: bpf: test_verifier fixes (LP: #1933385) - bpf: Update selftests to reflect new error states - bpf, selftests: Adjust few selftest result_unpriv outcomes * CVE-2021-33200 - bpf: Fix mask direction swap upon off reg sign change [ Ubuntu: 4.15.0-148.152 ] * bionic/linux: 4.15.0-148.152 -proposed tracker (LP: #1932515) * Packaging resync (LP: #1786013) - update dkms package versions * Upstream v5.9 introduced 'module' patches that removed exported symbols (LP: #1932065) - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE" - SAUCE: Revert "modules: return licensing information from find_symbol" - SAUCE: Revert "modules: rename the licence field in struct symsearch to license" - SAUCE: Revert "modules: unexport __module_address" - SAUCE: Revert "modules: unexport __module_text_address" - SAUCE: Revert "modules: mark each_symbol_section static" - SAUCE: Revert "modules: mark find_symbol static" - SAUCE: Revert "modules: mark ref_module static" * Disable hv-kvp-daemon.service on certain instance types (LP: #1932081) - [Packaging]: Add kernel command line condition to hv-kvp-daemon service * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) - openrisc: Fix a memory leak - RDMA/rxe: Clear all QP fields if creation failed - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly - cifs: fix memory leak in smb2_copychunk_range - ALSA: line6: Fix racy initialization of LINE6 MIDI - ALSA: usb-audio: Validate MS endpoint descriptors - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro - Revert "ALSA: sb8: add a check for request_region" - Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails" - rapidio: handle create_workqueue() failure - xen-pciback: reconfigure also from backend watch handler - dm snapshot: fix crash with transient storage and zero chunk size - Revert "video: hgafb: fix potential NULL pointer dereference" - Revert "net: stmicro: fix a missing check of clk_prepare" - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" - Revert "video: imsttfb: fix potential NULL pointer dereferences" - Revert "ecryptfs: replace BUG_ON with error handling code" - Revert "gdrom: fix a memory leak bug" - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom - cdrom: gdrom: initialize global variable at init time - Revert "media: rcar_drif: fix a memory disclosure" - Revert "rtlwifi: fix a potential NULL pointer dereference" - Revert "qlcnic: Avoid potential NULL pointer dereference" - Revert "niu: fix missing checks of niu_pci_eeprom_read" - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() - net: stmicro: handle clk_prepare() failure during init - net: rtlwifi: properly check for alloc_workqueue() failure - leds: lp5523: check return value of lp5xx_read and jump to cleanup code - qlcnic: Add null check after calling netdev_alloc_skb - video: hgafb: fix potential NULL pointer dereference - vgacon: Record video mode changes with VT_RESIZEX - vt: Fix character height handling with VT_RESIZEX - tty: vt: always invoke vc->vc_sw->con_resize callback - video: hgafb: correctly handle card detect failure during probe - Bluetooth: SMP: Fail if remote and local public keys are identical - firmware: arm_scpi: Prevent the ternary sign expansion bug - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference" - mm, vmstat: drop zone->lock in /proc/pagetypeinfo - usb: dwc3: gadget: Enable suspend events - NFC: nci: fix memory leak in nci_allocate_device - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() - iommu/vt-d: Fix sysfs leak in alloc_iommu() - perf intel-pt: Fix sample instruction bytes - perf intel-pt: Fix transaction abort handling - proc: Check /proc/$pid/attr/ writes against file opener - net: hso: fix control-request directions - mac80211: assure all fragments are encrypted - mac80211: prevent mixed key and fragment cache attacks - mac80211: properly handle A-MSDUs that start with an RFC 1042 header - cfg80211: mitigate A-MSDU aggregation attacks - mac80211: drop A-MSDUs on old ciphers - mac80211: add fragment cache to sta_info - mac80211: check defrag PN against current frame - mac80211: prevent attacks on TKIP/WEP as well - mac80211: do not accept/forward invalid EAPOL frames - ath10k: Validate first subframe of A-MSDU before processing the list - dm snapshot: properly fix a crash when an origin has no snapshots - kgdb: fix gcc-11 warnings harder - misc/uss720: fix memory leak in uss720_probe - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue - mei: request autosuspend after sending rx flow control - staging: iio: cdc: ad7746: avoid overwrite of num_channels - iio: adc: ad7793: Add missing error code in ad7793_setup() - USB: trancevibrator: fix control-request direction - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - USB: serial: ti_usb_3410_5052: add startech.com device id - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 - USB: serial: ftdi_sio: add IDs for IDS GmbH Products - USB: serial: pl2303: add device id for ADLINK ND-6530 GC - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() - net: usb: fix memory leak in smsc75xx_bind - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails - NFS: fix an incorrect limit in filelayout_decode_layout() - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config - drm/meson: fix shutdown crash when component not probed - net/mlx4: Fix EEPROM dump support - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" - tipc: skb_linearize the head skb when reassembling msgs - i2c: s3c2410: fix possible NULL pointer deref on read message after write - i2c: i801: Don't generate an interrupt on bus reset - perf jevents: Fix getting maximum number of fds - platform/x86: hp_accel: Avoid invoking _INI to speed up resume - serial: max310x: unregister uart driver in case of failure and abort - net: fujitsu: fix potential null-ptr-deref - net: caif: remove BUG_ON(dev == NULL) in caif_xmit - char: hpet: add checks after calling ioremap - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io - dmaengine: qcom_hidma: comment platform_driver_register call - libertas: register sysfs groups properly - media: dvb: Add check on sp8870_readreg return - media: gspca: properly check for errors in po1030_probe() - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic - openrisc: Define memory barrier mb - btrfs: do not BUG_ON in link_to_fixup_dir - platform/x86: hp-wireless: add AMD's hardware id to the supported list - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI - SMB3: incorrect file id in requests compounded with open - drm/amdgpu: Fix a use-after-free - net: netcp: Fix an error message - net: mdio: thunder: Fix a double free issue in the .remove function - net: mdio: octeon: Fix some double free issues - net: bnx2: Fix error return code in bnx2_init_board() - mld: fix panic in mld_newpack() - staging: emxx_udc: fix loop in _nbu2ss_nuke() - ASoC: cs35l33: fix an error code in probe() - bpf: Set mac_len in bpf_skb_change_head - ixgbe: fix large MTU request from VF - scsi: libsas: Use _safe() loop in sas_resume_port() - ipv6: record frag_max_size in atomic fragments in input path - sch_dsmark: fix a NULL deref in qdisc_reset() - MIPS: alchemy: xxs1500: add gpio-au1000.h header file - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c - hugetlbfs: hugetlb_fault_mutex_hash() cleanup - drivers/net/ethernet: clean up unused assignments - usb: core: reduce power-on-good delay time of root hub - USB: usbfs: Don't WARN about excessively large memory allocations - bpf: extend is_branch_taken to registers - bpf: Move off_reg into sanitize_ptr_alu - bpf: Ensure off_reg has no mixed signed bounds for all types - bpf: Rework ptr_limit into alu_limit and add common error path - bpf: Improve verifier error messages for users - bpf: Refactor and streamline bounds check into helper - bpf: Move sanitize_val_alu out of op switch - bpf: Tighten speculative pointer arithmetic mask - bpf: Fix leakage of uninitialized bpf stack under speculation - bpf: Wrap aux data inside bpf_sanitize_info container - bpf: No need to simulate speculative domain for immediates - net: dsa: fix a crash if ->get_sset_count() fails - drm/amd/amdgpu: fix refcount leak - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count - openvswitch: meter: fix race when getting now_ms. - net: hns3: check the return of skb_checksum_help() * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE-2020-24587 for such cases. - mac80211: extend protection against mixed key and fragment cache attacks * [82A1, Realtek ALC287, Speaker, Internal] Underruns, dropouts or crackling sound (LP: #1925057) // Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) - ALSA: hda/realtek: reset eapd coeff to default value for alc287 * test_map in ubuntu_bpf failed with "Allowed update sockmap '0:3' not in ESTABLISHED" (LP: #1839912) - SAUCE: Revert "bpf: test_maps, only support ESTABLISHED socks" * Bionic update: upstream stable patchset 2021-06-01 (LP: #1930472) - MIPS: Introduce isa-rev.h to define MIPS_ISA_REV - MIPS: cpu-features.h: Replace __mips_isa_rev with MIPS_ISA_REV - s390/disassembler: increase ebpf disasm buffer size - ACPI: custom_method: fix potential use-after-free issue - ACPI: custom_method: fix a possible memory leak - arm64: dts: mt8173: fix property typo of 'phys' in dsi node - ecryptfs: fix kernel panic with null dev_name - spi: spi-ti-qspi: Free DMA resources - mmc: block: Update ext_csd.cache_ctrl if it was written - mmc: core: Do a power cycle when the CMD11 fails - mmc: core: Set read only for SD cards with permanent write protect bit - cifs: Return correct error code from smb2_get_enc_key - btrfs: fix metadata extent leak after failure to create subvolume - intel_th: pci: Add Rocket Lake CPU support - fbdev: zero-fill colormap in fbcmap.c - staging: wimax/i2400m: fix byte-order issue - crypto: api - check for ERR pointers in crypto_destroy_tfm() - usb: gadget: uvc: add bInterval checking for HS mode - usb: gadget: f_uac1: validate input parameters - usb: dwc3: gadget: Ignore EP queue requests during bus reset - usb: xhci: Fix port minor revision - PCI: PM: Do not read power state in pci_enable_device_flags() - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS) - tee: optee: do not check memref size on return from Secure World - perf/arm_pmu_platform: Fix error handling - spi: dln2: Fix reference leak to master - spi: omap-100k: Fix reference leak to master - intel_th: Consistency and off-by-one fix - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() - btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe - scsi: lpfc: Fix pt2pt connection does not recover after LOGO - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() - media: ite-cir: check for receive overflow - power: supply: bq27xxx: fix power_avg for newer ICs - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs - media: gspca/sq905.c: fix uninitialized variable - power: supply: Use IRQF_ONESHOT - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() - scsi: qla2xxx: Fix use after free in bsg - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() - media: em28xx: fix memory leak - media: vivid: update EDID - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return - power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() - power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() - media: adv7604: fix possible use-after-free in adv76xx_remove() - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove() - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() - media: dvb-usb: fix memory leak in dvb_usb_adapter_init - media: gscpa/stv06xx: fix memory leak - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal - drm/amdgpu: fix NULL pointer dereference - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic - scsi: libfc: Fix a format specifier - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer - ALSA: hda/conexant: Re-order CX5066 quirk table entries - ALSA: sb: Fix two use after free in snd_sb_qsound_build - btrfs: fix race when picking most recent mod log operation for an old root - arm64/vdso: Discard .note.gnu.property sections in vDSO - openvswitch: fix stack OOB read while fragmenting IPv4 packets - ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() - jffs2: Fix kasan slab-out-of-bounds problem - powerpc/eeh: Fix EEH handling for hugepages in ioremap space. - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h - intel_th: pci: Add Alder Lake-M support - md/raid1: properly indicate failure when ending a failed write request - security: commoncap: fix -Wstringop-overread warning - Fix misc new gcc warnings - jffs2: check the validity of dstlen in jffs2_zlib_compress() - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") - posix-timers: Preserve return value in clock_adjtime32() - ftrace: Handle commands when closing set_ftrace_filter file - ext4: fix check to prevent false positive report of incorrect used inodes - ext4: fix error code in ext4_commit_super - media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: gadget: dummy_hcd: fix gpf in gadget_setup - usb: gadget: Fix double free of device descriptor pointers - usb: gadget/function/f_fs string table fix for multiple languages - usb: dwc3: gadget: Fix START_TRANSFER link state check - tracing: Map all PIDs to command lines - dm persistent data: packed struct should have an aligned() attribute too - dm space map common: fix division bug in sm_ll_find_free_block() - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails - modules: mark ref_module static - modules: mark find_symbol static - modules: mark each_symbol_section static - modules: unexport __module_text_address - modules: unexport __module_address - modules: rename the licence field in struct symsearch to license - modules: return licensing information from find_symbol - modules: inherit TAINT_PROPRIETARY_MODULE - Bluetooth: verify AMP hci_chan before amp_destroy - hsr: use netdev_err() instead of WARN_ONCE() - bluetooth: eliminate the potential race condition when removing the HCI controller - net/nfc: fix use-after-free llcp_sock_bind/connect - MIPS: pci-rt2880: fix slot 0 configuration - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR - misc: lis3lv02d: Fix false-positive WARN on various HP models - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct - misc: vmw_vmci: explicitly initialize vmci_datagram payload - tracing: Restructure trace_clock_global() to never block - md-cluster: fix use-after-free issue when removing rdev - md: split mddev_find - md: factor out a mddev_find_locked helper from mddev_find - md: md_open returns -EBUSY when entering racing area - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() - cfg80211: scan: drop entry from hidden_list on overflow - drm/radeon: fix copy of uninitialized variable back to userspace - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported - KVM: s390: split kvm_s390_logical_to_effective - KVM: s390: fix guarded storage control register handling - KVM: s390: split kvm_s390_real_to_abs - usb: gadget: pch_udc: Revert d3cb25a12138 completely - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow - serial: stm32: fix incorrect characters on console - serial: stm32: fix tx_empty condition - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS - x86/microcode: Check for offline CPUs before requesting new microcode - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() - usb: gadget: pch_udc: Check if driver is present before calling ->setup() - usb: gadget: pch_udc: Check for DMA mapping error - crypto: qat - don't release uninitialized resources - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - fotg210-udc: Fix DMA on EP0 for length > max packet size - fotg210-udc: Fix EP0 IN requests bigger than two packets - fotg210-udc: Remove a dubious condition leading to fotg210_done - fotg210-udc: Mask GRP2 interrupts we don't handle - fotg210-udc: Don't DMA more than the buffer can take - fotg210-udc: Complete OUT requests on short packets - mtd: require write permissions for locking and badblock ioctls - bus: qcom: Put child node before return - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally - crypto: qat - fix error path in adf_isr_resource_alloc() - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR() - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init - staging: rtl8192u: Fix potential infinite loop - staging: greybus: uart: fix unprivileged TIOCCSERIAL - spi: Fix use-after-free with devm_spi_alloc_* - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz - soc: qcom: mdt_loader: Detect truncated read of segments - ACPI: CPPC: Replace cppc_attr with kobj_attribute - crypto: qat - Fix a double free in adf_create_ring - usb: gadget: r8a66597: Add missing null check on return from platform_get_resource - USB: cdc-acm: fix unprivileged TIOCCSERIAL - tty: fix return value for unsupported ioctls - firmware: qcom-scm: Fix QCOM_SCM configuration - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table - x86/platform/uv: Fix !KEXEC build failure - ttyprintk: Add TTY hangup callback. - media: vivid: fix assignment of dev->fbuf_out_flags - media: omap4iss: return error code when omap4iss_get() failed - media: m88rs6000t: avoid potential out-of-bounds reads on arrays - x86/kprobes: Fix to check non boostable prefixes correctly - pata_arasan_cf: fix IRQ check - pata_ipx4xx_cf: fix IRQ check - sata_mv: add IRQ checks - ata: libahci_platform: fix IRQ check - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer - clk: uniphier: Fix potential infinite loop - scsi: jazz_esp: Add IRQ check - scsi: sun3x_esp: Add IRQ check - scsi: sni_53c710: Add IRQ check - mfd: stm32-timers: Avoid clearing auto reload register - HSI: core: fix resource leaks in hsi_add_client_from_dt() - x86/events/amd/iommu: Fix sysfs type mismatch - HID: plantronics: Workaround for double volume key presses - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars - net: lapbether: Prevent racing when checking whether the netif is running - powerpc/prom: Mark identical_pvr_fixup as __init - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect - bug: Remove redundant condition check in report_bug - nfc: pn533: prevent potential memory corruption - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls - liquidio: Fix unintented sign extension of a left shift of a u16 - powerpc/perf: Fix PMU constraint check for EBB events - powerpc: iommu: fix build when neither PCI or IBMVIO is set - mac80211: bail out if cipher schemes are invalid - mt7601u: fix always true expression - IB/hfi1: Fix error return code in parse_platform_config() - net: thunderx: Fix unintentional sign extension issue - i2c: cadence: add IRQ check - i2c: emev2: add IRQ check - i2c: jz4780: add IRQ check - i2c: sh7760: add IRQ check - MIPS: pci-legacy: stop using of_pci_range_to_resource - powerpc/pseries: extract host bridge from pci_bus prior to bus removal - rtlwifi: 8821ae: upgrade PHY and RF parameters - i2c: sh7760: fix IRQ error path - mwl8k: Fix a double Free in mwl8k_probe_hw - vsock/vmci: log once the failed queue pair allocation - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails - net: davinci_emac: Fix incorrect masking of tx and rx error channel - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add') - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req - kfifo: fix ternary sign extension bugs - smp: Fix smp_call_function_single_async prototype - Revert "of/fdt: Make sure no-map does not remove already reserved regions" - Revert "fdt: Properly handle "no-map" field in the memory region" - tpm: fix error return code in tpm2_get_cc_attrs_tbl() - fs: dlm: fix debugfs dump - tipc: convert dest node's address to network order - net: stmmac: Set FIFO sizes for ipq806x - ALSA: hdsp: don't disable if not enabled - ALSA: hdspm: don't disable if not enabled - ALSA: rme9652: don't disable if not enabled - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default - Bluetooth: initialize skb_queue_head at l2cap_chan_create() - Bluetooth: check for zapped sk before connecting - ip6_vti: proper dev_{hold|put} in ndo_[un]init methods - mac80211: clear the beacon's CRC after channel switch - pinctrl: samsung: use 'int' for register masks in Exynos - cuse: prevent clone - selftests: Set CC to clang in lib.mk if LLVM is set - kconfig: nconf: stop endless search loops - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() - powerpc/smp: Set numa node before updating mask - ASoC: rt286: Generalize support for ALC3263 codec - samples/bpf: Fix broken tracex1 due to kprobe argument change - powerpc/pseries: Stop calling printk in rtas_stop_self() - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join - powerpc/iommu: Annotate nested lock for lockdep - net: ethernet: mtk_eth_soc: fix RX VLAN offload - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs - PCI: Release OF node in pci_scan_device()'s error path - ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() - NFS: Deal correctly with attribute generation counter overflow - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() - NFSv4.2 fix handling of sr_eof in SEEK's reply - rtc: ds1307: Fix wday settings for rx8130 - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b - drm/radeon: Fix off-by-one power_state index heap overwrite - khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate() - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() - ksm: fix potential missing rmap_item for stable_node - net: fix nla_strcmp to handle more then one trailing null character - kernel: kexec_file: fix error return code of kexec_calculate_store_digests() - netfilter: nftables: avoid overflows in nft_hash_buckets() - ARC: entry: fix off-by-one error in syscall number validation - powerpc/64s: Fix crashes when toggling stf barrier - powerpc/64s: Fix crashes when toggling entry flush barrier - squashfs: fix divide error in calculate_skip() - userfaultfd: release page in error path to avoid BUG_ON - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error - usb: fotg210-hcd: Fix an error message - ACPI: scan: Fix a memory leak in an error handling path - blk-mq: Swap two calls in blk_mq_exit_queue() - usb: dwc3: omap: improve extcon initialization - usb: xhci: Increase timeout for HC halt - usb: dwc2: Fix gadget DMA unmap direction - usb: core: hub: fix race condition about TRSMRCY of resume - iio: gyro: mpu3050: Fix reported temperature value - iio: tsl2583: Fix division by a zero lux_val - KVM: x86: Cancel pvclock_gtod_work on module removal - FDDI: defxx: Make MMIO the configuration default except for EISA - MIPS: Reinstate platform `__div64_32' handler - MIPS: Avoid DIVU in `__div64_32' is result would be zero - MIPS: Avoid handcoded DIVU in `__div64_32' altogether - thermal/core/fair share: Lock the thermal zone while looping over instances - RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint - kobject_uevent: remove warning in init_uevent_argv() - netfilter: conntrack: Make global sysctls readonly in non-init netns - clk: exynos7: Mark aclk_fsys1_200 as critical - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes - kgdb: fix gcc-11 warning on indentation - usb: sl811-hcd: improve misleading indentation - cxgb4: Fix the -Wmisleading-indentation warning - isdn: capi: fix mismatched prototypes - PCI: thunder: Fix compile testing - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() - ACPI / hotplug / PCI: Fix reference count leak in enable_slot() - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state - um: Mark all kernel symbols as local - ceph: fix fscache invalidation - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP - block: reexpand iov_iter after read/write - lib: stackdepot: turn depot_lock spinlock to raw_spinlock - sit: proper dev_{hold|put} in ndo_[un]init methods - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods - xhci: Do not use GFP_KERNEL in (potentially) atomic context - ipv6: remove extra dev_hold() for fallback tunnels - ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld - arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node - mtd: rawnand: atmel: Update ecc_stats.corrected counter - mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers - genirq/matrix: Prevent allocation counter corruption - usb: xhci-mtk: support quirk to disable usb2 lpm - media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB - media: tc358743: fix possible use-after-free in tc358743_remove() - amdgpu: avoid incorrect %hu format string - s390/archrandom: add parameter check for s390_arch_random_generate - ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8 - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx - ubifs: Only check replay with inode type to judge if inode linked - mlxsw: spectrum_mr: Update egress RIF list before route's action - NFS: Don't discard pNFS layout segments that are marked for return - tpm: vtpm_proxy: Avoid reading host log when using a virtual device - dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences - arm64: vdso: remove commas between macro name and arguments - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() - tty: fix memory leak in vc_deallocate - rsi: Use resume_noirq for SDIO - MIPS: pci-mt7620: fix PLL lock check - md: Fix missing unused status line of /proc/mdstat - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family - regmap: set debugfs_name to NULL after it is freed - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC - mtd: rawnand: qcom: Return actual error code instead of -ENODEV - usbip: vudc: fix missing unlock on error in usbip_sockfd_store() - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE - scsi: ibmvfc: Fix invalid state machine BUG_ON() - sched/debug: Fix cgroup_path[] serialization - net: hns3: Limiting the scope of vector_ring_chain variable - ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res - net: Only allow init netns to set default tcp cong to a restricted algo - i2c: bail out early when RDWR parameters are wrong - net: bridge: when suppression is enabled exclude RARP packets - i2c: Add I2C_AQ_NO_REP_START adapter quirk - ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user() - PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc() - PCI: endpoint: Fix missing destroy_workqueue() - net: hns3: disable phy loopback setting in hclge_mac_start_phy - sctp: do asoc update earlier in sctp_sf_do_dupcook_a - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - netfilter: xt_SECMARK: add new revision to fix structure layout - drm/radeon: Avoid power table parsing memory leaks - sched/fair: Fix unfairness caused by missing load decay - xhci: Add reset resume quirk for AMD xhci controller. - cdc-wdm: untangle a circular dependency between callback and softint - nvme: do not try to reconfigure APST when the controller is not live - pinctrl: ingenic: Improve unreachable code generation - ARM: 9075/1: kernel: Fix interrupted SMC calls - scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found - tweewide: Fix most Shebang lines - scripts: switch explicitly to Python 3 -- Juerg Haefliger <email address hidden> Fri, 25 Jun 2021 13:25:55 +0200
Available diffs
linux-raspi2 (4.15.0-1089.94) bionic; urgency=medium
[ Ubuntu: 4.15.0-147.151 ]
* CVE-2021-3444
- bpf: Fix truncation handling for mod32 dst reg wrt zero
* CVE-2021-3600
- SAUCE: bpf: Do not use ax register in interpreter on div/mod
- bpf: fix subprog verifier bypass by div/mod by 0 exception
- SAUCE: bpf: Fix 32-bit register truncation on div/mod instruction
Available diffs
| Deleted in bionic-proposed (Reason: NBS) |
linux-raspi2 (4.15.0-1087.92) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1087.92 -proposed tracker (LP: #1929963) [ Ubuntu: 4.15.0-145.149 ] * bionic/linux: 4.15.0-145.149 -proposed tracker (LP: #1929967) * Packaging resync (LP: #1786013) - update dkms package versions * raid10: Block discard is very slow, causing severe delays for mkfs and fstrim operations (LP: #1896578) - md: add md_submit_discard_bio() for submitting discard bio - md/raid10: extend r10bio devs to raid disks - md/raid10: pull the code that wait for blocked dev into one function - md/raid10: improve raid10 discard request - md/raid10: improve discard request for far layout * CVE-2021-23133 - sctp: delay auto_asconf init until binding the first addr * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) - Input: nspire-keypad - enable interrupts only when opened - dmaengine: dw: Make it dependent to HAS_IOMEM - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 - arc: kernel: Return -EFAULT if copy_to_user() fails - neighbour: Disregard DEAD dst in neigh_update - ARM: keystone: fix integer overflow warning - ASoC: fsl_esai: Fix TDM slot setup for I2S mode - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state - net: ieee802154: stop dump llsec keys for monitors - net: ieee802154: stop dump llsec devs for monitors - net: ieee802154: forbid monitor for add llsec dev - net: ieee802154: stop dump llsec devkeys for monitors - net: ieee802154: forbid monitor for add llsec devkey - net: ieee802154: stop dump llsec seclevels for monitors - net: ieee802154: forbid monitor for add llsec seclevel - pcnet32: Use pci_resource_len to validate PCI resource - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - Input: i8042 - fix Pegatron C15B ID entry - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices - readdir: make sure to verify directory entry for legacy interfaces too - arm64: fix inline asm in load_unaligned_zeropad() - arm64: alternatives: Move length validation in alternative_{insn, endif} - scsi: libsas: Reset num_scatter if libata marks qc as NODATA - netfilter: conntrack: do not print icmpv6 as unknown via /proc - netfilter: nft_limit: avoid possible divide error in nft_limit_init - net: davicom: Fix regulator not turned off on failed probe - net: sit: Unregister catch-all devices - i40e: fix the panic when running bpf in xdpdrv mode - ibmvnic: avoid calling napi_disable() twice - ibmvnic: remove duplicate napi_schedule call in do_reset function - ibmvnic: remove duplicate napi_schedule call in open function - ARM: footbridge: fix PCI interrupt mapping - ARM: 9071/1: uprobes: Don't hook on thumb instructions - pinctrl: lewisburg: Update number of pins in community - HID: wacom: Assign boolean values to a bool variable - ARM: dts: Fix swapped mmc order for omap3 - net: geneve: check skb is large enough for IPv4/IPv6 header - s390/entry: save the caller of psw_idle - xen-netback: Check for hotplug-status existence before watching - cavium/liquidio: Fix duplicate argument - ia64: fix discontig.c section mismatches - ia64: tools: remove duplicate definition of ia64_mf() on ia64 - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access - net: hso: fix NULL-deref on disconnect regression - USB: CDC-ACM: fix poison/unpoison imbalance - lockdep: Add a missing initialization hint to the "INFO: Trying to register non-static key" message - drm/msm: Fix a5xx/a6xx timestamps - Input: s6sy761 - fix coordinate read bit shift - net: ip6_tunnel: Unregister catch-all devices - ACPI: tables: x86: Reserve memory occupied by ACPI tables - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() - net: usb: ax88179_178a: initialize local variables before use - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() - mips: Do not include hi and lo in clobber list for R6 - bpf: Fix masking negation logic upon negative dst register - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX - USB: Add reset-resume quirk for WD19's Realtek Hub - platform/x86: thinkpad_acpi: Correct thermal sensor allocation * r8152 tx status -71 (LP: #1922651) // Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603) - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet * seccomp_bpf:syscall_faked from kselftests fail on s390x (LP: #1928522) - selftests/seccomp: s390 shares the syscall and return value register * Fix kdump failures (LP: #1927518) - video: hyperv_fb: Add ratelimit on error message - Drivers: hv: vmbus: Increase wait time for VMbus unload - Drivers: hv: vmbus: Initialize unload_event statically -- Tim Gardner <email address hidden> Thu, 03 Jun 2021 13:11:01 -0600
Available diffs
linux-raspi2 (4.15.0-1086.91) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1086.91 -proposed tracker (LP: #1927644) * CONFIG_LATENCYTOP should be disabled (LP: #1928394) - [Config] raspi2: CONFIG_LATENCYTOP=n [ Ubuntu: 4.15.0-144.148 ] * bionic/linux: 4.15.0-144.148 -proposed tracker (LP: #1927648) * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq (LP: #1925522) - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460 * xfrm_policy.sh / pmtu.sh / udpgso_bench.sh from net in ubuntu_kernel_selftests will fail if running the whole suite (LP: #1856010) - selftests/net: bump timeout to 5 minutes * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184) - locking/barriers: Introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed() - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) - net: fec: ptp: avoid register access when ipg clock is disabled - powerpc/4xx: Fix build errors from mfdcr() - atm: eni: dont release is never initialized - atm: lanai: dont run lanai_dev_close if not open - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" - ixgbe: Fix memleak in ixgbe_configure_clsu32 - net: tehuti: fix error return code in bdx_probe() - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count - gpiolib: acpi: Add missing IRQF_ONESHOT - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default - NFS: Correct size calculation for create reply length - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() - net: wan: fix error return code of uhdlc_init() - atm: uPD98402: fix incorrect allocation - atm: idt77252: fix null-ptr-dereference - sparc64: Fix opcode filtering in handling of no fault loads - u64_stats,lockdep: Fix u64_stats_init() vs lockdep - drm/radeon: fix AGP dependency - nfs: we don't support removing system.nfs4_acl - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign - squashfs: fix inode lookup sanity checks - squashfs: fix xattr id and id lookup sanity checks - arm64: dts: ls1046a: mark crypto engine dma coherent - arm64: dts: ls1012a: mark crypto engine dma coherent - arm64: dts: ls1043a: mark crypto engine dma coherent - ARM: dts: at91-sama5d27_som1: fix phy address to 7 - dm ioctl: fix out of bounds array access when no devices - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD - libbpf: Fix INSTALL flag order - macvlan: macvlan_count_rx() needs to be aware of preemption - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port - e1000e: add rtnl_lock() to e1000_reset_task - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template - ftgmac100: Restart MAC HW once - can: peak_usb: add forgotten supported devices - can: c_can_pci: c_can_pci_remove(): fix use-after-free - can: c_can: move runtime PM enable/disable to c_can_platform - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning - mac80211: fix rate mask reset - net: cdc-phonet: fix data-interface release on probe failure - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes - drm/msm: fix shutdown hook in case GPU components failed to bind - arm64: kdump: update ppos when reading elfcorehdr - net/mlx5e: Fix error path for ethtool set-priv-flag - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server - ACPI: scan: Rearrange memory allocation in acpi_device_add() - ACPI: scan: Use unique number for instance_no - perf auxtrace: Fix auxtrace queue conflict - scsi: qedi: Fix error return code of qedi_alloc_global_queues() - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - locking/mutex: Fix non debug version of mutex_lock_io_nested() - can: dev: Move device back to init netns on owning netns delete - net: sched: validate stab values - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() - mac80211: fix double free in ibss_leave - ext4: add reclaim checks to xattr code - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" - block: Suppress uevent for hidden device when removed - netsec: restore phy power state after controller reset - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate - dm verity: add root hash pkcs#7 signature verification - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() - selinux: vsock: Set SID for socket returned by accept() - ipv6: weaken the v4mapped source check - ext4: fix bh ref count on error paths - rpc: fix NULL dereference on kmalloc failure - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe - ASoC: es8316: Simplify adc_pga_gain_tlv table - ASoC: cs42l42: Fix mixer volume control - ASoC: cs42l42: Always wait at least 3ms after reset - vhost: Fix vhost_vq_reset() - scsi: st: Fix a use after free in st_open() - scsi: qla2xxx: Fix broken #endif placement - staging: comedi: cb_pcidas: fix request_irq() warn - staging: comedi: cb_pcidas64: fix request_irq() warn - ASoC: rt5659: Update MCLK rate in set_sysclk() - ext4: do not iput inode under running transaction in ext4_rename() - brcmfmac: clear EAP/association status bits on linkdown events - net: ethernet: aquantia: Handle error cleanup of start on open - appletalk: Fix skb allocation size in loopback case - net: wan/lmc: unregister device when no matching device is found - bpf: Remove MTU check in __bpf_skb_max_len - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook - tracing: Fix stack trace event size - mm: fix race by making init_zero_pfn() early_initcall - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() - drm/amdgpu: check alignment on CPU page for bo map - reiserfs: update reiserfs_xattrs_initialized() condition - mm: memcontrol: fix NR_WRITEBACK leak in memcg and system stats - mm: memcg: make sure memory.events is uptodate when waking pollers - mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the same cacheline - mm: fix oom_kill event handling - mm: writeback: use exact memcg dirty counts - pinctrl: rockchip: fix restore error in resume - extcon: Add stubs for extcon_register_notifier_all() functions - extcon: Fix error handling in extcon_dev_register - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem - usb: musb: Fix suspend with devices connected for a64 - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI - cdc-acm: fix BREAK rx code path adding necessary calls - USB: cdc-acm: untangle a circular dependency between callback and softint - USB: cdc-acm: downgrade message to debug - USB: cdc-acm: fix use-after-free after probe failure - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference - staging: rtl8192e: Fix incorrect source in memcpy() - staging: rtl8192e: Change state information from u16 to u8 - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() - ARM: dts: am33xx: add aliases for mmc interfaces - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove - mISDN: fix crash in fritzpci - mac80211: choose first enabled channel for monitor - drm/msm: Ratelimit invalid-fence message - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state - x86/build: Turn off -fcf-protection for realmode targets - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() - ia64: mca: allocate early mca with GFP_ATOMIC - cifs: revalidate mapping when we open files for SMB1 POSIX - cifs: Silently ignore unknown oplock break handle - init/Kconfig: make COMPILE_TEST depend on !S390 - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM - ia64: fix format strings for err_inject - ALSA: aloop: Fix initialization of controls - ASoC: intel: atom: Stop advertising non working S24LE support - nfc: fix refcount leak in llcp_sock_bind() - nfc: fix refcount leak in llcp_sock_connect() - nfc: fix memory leak in llcp_sock_connect() - nfc: Avoid endless loops caused by repeated llcp_sock_connect() - xen/evtchn: Change irq_info lock to raw_spinlock_t - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh - ia64: fix user_stack_pointer() for ptrace() - ocfs2: fix deadlock between setattr and dio_end_io_write - fs: direct-io: fix missing sdio->boundary - parisc: parisc-agp requires SBA IOMMU driver - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field - net: ensure mac header is set in virtio_net_hdr_to_skb() - net: sched: sch_teql: fix null-pointer dereference - usbip: add sysfs_lock to synchronize sysfs code paths - usbip: stub-dev synchronize sysfs code paths - usbip: synchronize event handler with sysfs code paths - i2c: turn recovery error on init to debug - regulator: bd9571mwv: Fix AVS and DVFS voltage range - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips - amd-xgbe: Update DMA coherency values - sch_red: fix off-by-one checks in red_check_params() - gianfar: Handle error code at MAC address change - net:tipc: Fix a double free in tipc_sk_mcast_rcv - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces - net/ncsi: Avoid channel_monitor hrtimer deadlock - ASoC: sunxi: sun4i-codec: fill ASoC card owner - soc/fsl: qbman: fix conflicting alignment attributes - clk: fix invalid usage of list cursor in register - clk: fix invalid usage of list cursor in unregister - workqueue: Move the position of debug_work_activate() in __queue_work() - s390/cpcmd: fix inline assembly register clobbering - net/mlx5: Fix placement of log_max_flow_counter - RDMA/cxgb4: check for ipv6 address properly while destroying listener - clk: socfpga: fix iomem pointer cast on 64-bit - net/ncsi: Add generic netlink family - net/ncsi: Refactor MAC, VLAN filters - net/ncsi: Avoid GFP_KERNEL in response handler - cfg80211: remove WARN_ON() in cfg80211_sme_connect - net: tun: set tun->dev->addr_len during TUNSETLINK processing - drivers: net: fix memory leak in atusb_probe - drivers: net: fix memory leak in peak_usb_create_dev - net: mac802154: Fix general protection fault - net: ieee802154: nl-mac: fix check on panid - net: ieee802154: fix nl802154 del llsec key - net: ieee802154: fix nl802154 del llsec dev - net: ieee802154: fix nl802154 add llsec key - net: ieee802154: fix nl802154 del llsec devkey - net: ieee802154: forbid monitor for set llsec params - net: ieee802154: forbid monitor for del llsec seclevel - net: ieee802154: stop dump llsec params for monitors - Revert "cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath." - KVM: arm64: Hide system instruction access to Trace registers - KVM: arm64: Disable guest access to trace filter controls - drm/imx: imx-ldb: fix out of bounds array access warning - gfs2: report "already frozen/thawed" errors - block: only update parent bi_status when bio fail - net: phy: broadcom: Only advertise EEE for supported modes - netfilter: x_tables: fix compat match/target pad out-of-bound write - perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches - xen/events: fix setting irq affinity - net: hso: fix null-ptr-deref during tty device unregistration - usbip: vudc synchronize sysfs code paths - net: xfrm: Localize sequence counter per network namespace - i40e: Added Asym_Pause to supported link modes - i40e: Fix kernel oops when i40e driver removes VF's - drm/tegra: dc: Don't set PLL clock to 0Hz - riscv,entry: fix misaligned base for excp_vect_table * s390x broken with unknown syscall number on kernels < 5.8 (LP: #1895132) - s390/ptrace: return -ENOSYS when invalid syscall is supplied - s390/ptrace: pass invalid syscall numbers to tracing * Bionic update: upstream stable patchset 2021-04-14 (LP: #1923897) - uapi: nfnetlink_cthelper.h: fix userspace compilation error - ath9k: fix transmitting to stations in dynamic SMPS mode - net: Fix gro aggregation for udp encaps with zero csum - net: Introduce parse_protocol header_ops callback - net: check if protocol extracted by virtio_net_hdr_set_proto is correct - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership - can: flexcan: assert FRZ bit in flexcan_chip_freeze() - can: flexcan: enable RX FIFO after FRZ/HALT valid - netfilter: x_tables: gpf inside xt_find_revision() - cifs: return proper error code in statfs(2) - scripts/recordmcount.{c,pl}: support -ffunction-sections .text.* section names - Revert "mm, slub: consider rest of partial list if acquire_slab() fails" - sh_eth: fix TRSCER mask for SH771x - net/mlx4_en: update moderation when config reset - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 - net: sched: avoid duplicates in classes dump - net: usb: qmi_wwan: allow qmimux add/del with master up - cipso,calipso: resolve a number of problems with the DOI refcounts - net: lapbether: Remove netif_start_queue / netif_stop_queue - net: davicom: Fix regulator not turned off on failed probe - net: davicom: Fix regulator not turned off on driver removal - net: stmmac: stop each tx channel independently - perf traceevent: Ensure read cmdlines are null terminated. - s390/cio: return -EFAULT if copy_to_user() fails again - drm/compat: Clear bounce structures - drm: meson_drv add shutdown function - s390/cio: return -EFAULT if copy_to_user() fails - media: usbtv: Fix deadlock on suspend - net: phy: fix save wrong speed and duplex problem if autoneg is on - udf: fix silent AED tagLocation corruption - mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()' - mmc: mediatek: fix race condition between msdc_request_timeout and irq - powerpc: improve handling of unrecoverable system reset - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset - PCI: xgene-msi: Fix race in installing chained irq handler - PCI: mediatek: Add missing of_node_put() to fix reference leak - s390/smp: __smp_rescan_cpus() - move cpumask away from stack - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling - ALSA: hda/hdmi: Cancel pending works before suspend - ALSA: hda: Drop the BATCH workaround for AMD controllers - ALSA: hda: Avoid spurious unsol event handling during S3/S4 - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar - Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") - s390/dasd: fix hanging DASD driver unbind - s390/dasd: fix hanging IO request during DASD driver unbind - mmc: core: Fix partition switch time for eMMC - Goodix Fingerprint device is not a modem - USB: gadget: u_ether: Fix a configfs return code - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot - usb: gadget: f_uac1: stop playback on function disable - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM - xhci: Improve detection of device initiated wake signal. - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing - USB: serial: io_edgeport: fix memory leak in edge_startup - USB: serial: ch341: add new Product ID - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter - USB: serial: cp210x: add some more GE USB IDs - usbip: fix stub_dev to check for stream socket - usbip: fix vhci_hcd to check for stream socket - usbip: fix vudc to check for stream socket - usbip: fix vhci_hcd attach_store() races leading to gpf - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() - staging: rtl8712: unterminated string leads to read overflow - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan - staging: comedi: addi_apci_1032: Fix endian problem for COS sample - staging: comedi: addi_apci_1500: Fix endian problem for command sample - staging: comedi: adv_pci1710: Fix endian problem for AI command data - staging: comedi: das6402: Fix endian problem for AI command data - staging: comedi: das800: Fix endian problem for AI command data - staging: comedi: dmm32at: Fix endian problem for AI command data - staging: comedi: me4000: Fix endian problem for AI command data - staging: comedi: pcl711: Fix endian problem for AI command data - staging: comedi: pcl818: Fix endian problem for AI command data - sh_eth: fix TRSCER mask for R7S72100 - NFSv4.2: fix return value of _nfs4_get_security_label() - block: rsxx: fix error return code of rsxx_pci_probe() - configfs: fix a use-after-free in __configfs_open_file - stop_machine: mark helpers __always_inline - include/linux/sched/mm.h: use rcu_dereference in in_vfork() - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() - binfmt_misc: fix possible deadlock in bm_register_write - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading - KVM: arm64: Fix exclusive limit for IPA size - xen/events: reset affinity of 2-level event when tearing it down - xen/events: don't unmask an event channel when an eoi is pending - xen/events: avoid handling the same event on two cpus at the same time - tcp: add sanity tests to TCP_QUEUE_SEQ - net: qrtr: fix error return code of qrtr_sendmsg() - net: stmmac: fix watchdog timeout during suspend/resume stress test - i2c: rcar: optimize cacheline to minimize HW race condition - powerpc/pci: Add ppc_md.discover_phbs() - PCI: Fix pci_register_io_range() memory leak - i40e: Fix memory leak in i40e_probe - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk - ALSA: usb-audio: Apply the control quirk to Plantronics headsets - mmc: cqhci: Fix random crash when remove mmc module/card - usbip: fix vudc usbip_sockfd_store races leading to gpf - net: dsa: b53: Support setting learning on port - ext4: check journal inode extents more carefully - perf tools: Use %define api.pure full instead of %pure-parser - tools build feature: Check if get_current_dir_name() is available - tools build feature: Check if eventfd() is available - tools build: Check if gettid() is available before providing helper - tools build feature: Check if pthread_barrier_t is available - btrfs: fix race when cloning extent buffer during rewind of an old root - nvmet: don't check iosqes,iocqes for discovery controllers - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. - svcrdma: disable timeouts on rdma backchannel - sunrpc: fix refcount leak for rpc auth modules - net/qrtr: fix __netdev_alloc_skb call - scsi: lpfc: Fix some error codes in debugfs - nvme-rdma: fix possible hang when failing to set io queues - usb-storage: Add quirk to defeat Kindle's automatic unload - USB: replace hardcode maximum usb string length by definition - usb: gadget: configfs: Fix KASAN use-after-free - iio:adc:stm32-adc: Add HAS_IOMEM dependency - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel - iio: adis16400: Fix an error code in adis16400_initial_setup() - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel - iio: hid-sensor-prox: Fix scale not correct issue - iio: hid-sensor-temperature: Fix issues of timestamp channel - PCI: rpadlpar: Fix potential drc_name corruption in store functions - perf/x86/intel: Fix a crash caused by zero PEBS status - x86/ioapic: Ignore IRQ2 again - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() - x86: Move TS_COMPAT back to asm/thread_info.h - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() - ext4: find old entry again if failed to rename whiteout - ext4: do not try to set xattr into ea_inode if value is empty - ext4: fix potential error in ext4_do_update_inode - genirq: Disable interrupts for force threaded handlers - btrfs: fix slab cache flags for free space tree bitmap - powerpc: Force inlining of cpu_has_feature() to avoid build failure - usbip: Fix incorrect double assignment to udc->ud.tcp_rx - x86/apic/of: Fix CPU devicetree-node lookups -- Tim Gardner <email address hidden> Wed, 19 May 2021 07:10:14 -0600
Available diffs
| Superseded in bionic-security |
| Superseded in bionic-updates |
| Deleted in bionic-proposed (Reason: moved to -updates) |
linux-raspi2 (4.15.0-1085.90) bionic; urgency=medium * bionic/linux-raspi2: 4.15.0-1085.90 -proposed tracker (LP: #1923806) [ Ubuntu: 4.15.0-143.147 ] * bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811) * CVE-2021-29650 - netfilter: x_tables: Use correct memory barriers. * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key (LP: #1918134) - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4 * Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) // CVE-2021-28688 - xen-blkback: don't leak persistent grants from xen_blkbk_map() * CVE-2021-20292 - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. * CVE-2021-29264 - gianfar: fix jumbo packets+napi+rx overrun crash * CVE-2021-29265 - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf * Bcache bypasse writeback on caching device with fragmentation (LP: #1900438) - bcache: consider the fragmentation when update the writeback rate * Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124) - net: usb: qmi_wwan: support ZTE P685M modem - scripts: use pkg-config to locate libcrypto - scripts: set proper OpenSSL include dir also for sign-file - hugetlb: fix update_and_free_page contig page struct assumption - drm/virtio: use kvmalloc for large allocations - virtio/s390: implement virtio-ccw revision 2 correctly - arm64 module: set plt* section addresses to 0x0 - arm64: Avoid redundant type conversions in xchg() and cmpxchg() - arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint - arm64: Use correct ll/sc atomic constraints - JFS: more checks for invalid superblock - media: mceusb: sanity check for prescaler value - xfs: Fix assert failure in xfs_setattr_size() - smackfs: restrict bytes count in smackfs write functions - net: fix up truesize of cloned skb in skb_prepare_for_shift() - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing - net: bridge: use switchdev for port flags set through sysfs too - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ - staging: fwserial: Fix error handling in fwserial_create - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk - vt/consolemap: do font sum unsigned - wlcore: Fix command execute failure 19 for wl12xx - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() - ath10k: fix wmi mgmt tx queue full due to race condition - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data - staging: most: sound: add sanity check for function argument - media: uvcvideo: Allow entities with no pads - f2fs: handle unallocated section and zone on pinned/atgc - parisc: Bump 64-bit IRQ stack size to 64 KB - Xen/gnttab: handle p2m update errors on a per-slot basis - xen-netback: respect gnttab_map_refs()'s return value - zsmalloc: account the number of compacted pages correctly - swap: fix swapfile read/write offset - media: v4l: ioctl: Fix memory leak in video_usercopy - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails - f2fs: fix to set/clear I_LINKABLE under i_lock - btrfs: fix error handling in commit_fs_roots - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board - btrfs: raid56: simplify tracking of Q stripe presence - btrfs: fix raid6 qstripe kmap - usbip: tools: fix build error for multiple definition - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits - rsxx: Return -EFAULT if copy_to_user() fails - dm table: fix iterate_devices based device capability checks - dm table: fix DAX iterate_devices based device capability checks - dm table: fix zoned iterate_devices based device capability checks - iommu/amd: Fix sleeping in atomic in increase_address_space() - mwifiex: pcie: skip cancel_work_sync() on reset failure path - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines - platform/x86: acer-wmi: Cleanup accelerometer device handling - platform/x86: acer-wmi: Add new force_caps module parameter - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register - Revert "zram: close udev startup race condition as default groups" - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter * Bionic update: upstream stable patchset 2021-03-16 (LP: #1919380) - fgraph: Initialize tracing_graph_pause at task creation - tracing: Do not count ftrace events in top level enable output - tracing: Check length before giving out the filter buffer - arm/xen: Don't probe xenbus as part of an early initcall - MIPS: BMIPS: Fix section mismatch warning - arm64: dts: rockchip: Fix PCIe DT properties on rk3399 - platform/x86: hp-wmi: Disable tablet-mode reporting by default - ovl: perform vfs_getxattr() with mounter creds - cap: fix conversions on getxattr - ovl: skip getxattr of security labels - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL - ARM: ensure the signal page contains defined contents - bpf: Check for integer overflow when using roundup_pow_of_two() - netfilter: xt_recent: Fix attempt to update deleted entry - xen/netback: avoid race in xenvif_rx_ring_slots_available() - netfilter: conntrack: skip identical origin tuple in same zone only - usb: dwc3: ulpi: fix checkpatch warning - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one - net/vmw_vsock: improve locking in vsock_connect_timeout() - net: watchdog: hold device global xmit lock during tx disable - vsock/virtio: update credit only if socket is not closed - vsock: fix locking in vsock_shutdown() - i2c: stm32f7: fix configuration of the digital filter - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined - x86/build: Disable CET instrumentation in the kernel for 32-bit too - trace: Use -mcount-record for dynamic ftrace - tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord- mcount - tracing: Avoid calling cc-option -mrecord-mcount for every Makefile - Xen/x86: don't bail early from clear_foreign_p2m_mapping() - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() - Xen/gntdev: correct error checking in gntdev_map_grant_pages() - xen/arm: don't ignore return errors from set_phys_to_machine - xen-blkback: don't "handle" error by BUG() - xen-netback: don't "handle" error by BUG() - xen-scsiback: don't "handle" error by BUG() - xen-blkback: fix error handling in xen_blkbk_map() - scsi: qla2xxx: Fix crash during driver load on big endian machines - kvm: check tlbs_dirty directly - drm/amd/display: Free atomic state after drm_atomic_commit - riscv: virt_addr_valid must check the address belongs to linear mapping - ARM: kexec: fix oops after TLB are invalidated - net: hns3: add a check for queue_id in hclge_reset_vf_queue() - firmware_loader: align .builtin_fw to 8 - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS - ovl: expand warning in ovl_d_real() - net: qrtr: Fix port ID for control messages - HID: make arrays usage and value to be the same - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable - ntfs: check for valid standard information attribute - arm64: tegra: Add power-domain for Tegra210 HDA - NET: usb: qmi_wwan: Adding support for Cinterion MV31 - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. - scripts/recordmcount.pl: support big endian for ARCH sh - vmlinux.lds.h: add DWARF v5 sections - kdb: Make memory allocations more robust - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section - random: fix the RNDRESEEDCRNG ioctl - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function - Bluetooth: Fix initializing response id after clearing struct - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() - usb: gadget: u_audio: Free requests only after callback - Bluetooth: drop HCI device reference before return - Bluetooth: Put HCI device if inquiry procedure interrupts - ARM: dts: Configure missing thermal interrupt for 4430 - usb: dwc2: Do not update data length if it is 0 on inbound transfers - usb: dwc2: Abort transaction after errors with unknown reason - usb: dwc2: Make "trimming xfer length" a debug message - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address - ARM: s3c: fix fiq for clang IAS - bpf_lru_list: Read double-checked variable once without lock - ath9k: fix data bus crash when setting nf_override via debugfs - bnxt_en: reverse order of TX disable and carrier off - xen/netback: fix spurious event detection for common event case - mac80211: fix potential overflow when multiplying to u32 integers - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case - ibmvnic: skip send_request_unmap for timeout reset - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout - net: amd-xgbe: Reset link when the link never comes back - net: mvneta: Remove per-cpu queue mapping for Armada 3700 - fbdev: aty: SPARC64 requires FB_ATY_CT - drm/gma500: Fix error return code in psb_driver_load() - gma500: clean up error handling in init - crypto: sun4i-ss - fix kmap usage - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 - media: i2c: ov5670: Fix PIXEL_RATE minimum value - media: vsp1: Fix an error handling path in the probe function - media: media/pci: Fix memleak in empress_init - media: tm6000: Fix memleak in tm6000_start_stream - ASoC: cs42l56: fix up error handling in probe - crypto: bcm - Rename struct device_private to bcm_device_private - media: lmedm04: Fix misuse of comma - media: qm1d1c0042: fix error return code in qm1d1c0042_init() - media: cx25821: Fix a bug when reallocating some dma memory - media: pxa_camera: declare variable when DEBUG is defined - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values - ata: ahci_brcm: Add back regulators management - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() - btrfs: clarify error returns values in __load_free_space_cache - hwrng: timeriomem - Fix cooldown period calculation - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() - ima: Free IMA measurement buffer on error - ima: Free IMA measurement buffer after kexec syscall - fs/jfs: fix potential integer overflow on shift of a int - jffs2: fix use after free in jffs2_sum_write_data() - capabilities: Don't allow writing ambiguous v3 file capabilities - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL - quota: Fix memory leak when handling corrupted quota file - spi: cadence-quadspi: Abort read if dummy cycles required are too many - HID: core: detect and skip invalid inputs to snto32() - dmaengine: fsldma: Fix a resource leak in the remove function - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function - dmaengine: hsu: disable spurious interrupt - mfd: bd9571mwv: Use devm_mfd_add_devices() - fdt: Properly handle "no-map" field in the memory region - of/fdt: Make sure no-map does not remove already reserved regions - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask - rtc: s5m: select REGMAP_I2C - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined - regulator: axp20x: Fix reference cout leak - certs: Fix blacklist flag type confusion - spi: atmel: Put allocated master before return - isofs: release buffer head before return - auxdisplay: ht16k33: Fix refresh rate handling - IB/umad: Return EIO in case of when device disassociated - powerpc/47x: Disable 256k page size - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores - amba: Fix resource leak for drivers without .remove - tracepoint: Do not fail unregistering a probe due to memory failure - perf tools: Fix DSO filtering when not finding a map for a sampled address - RDMA/rxe: Fix coding error in rxe_recv.c - spi: stm32: properly handle 0 byte transfer - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() - powerpc/pseries/dlpar: handle ibm, configure-connector delay status - powerpc/8xx: Fix software emulation interrupt - spi: pxa2xx: Fix the controller numbering for Wildcat Point - perf intel-pt: Fix missing CYC processing in PSB - perf test: Fix unaligned access in sample parsing test - Input: elo - fix an error code in elo_connect() - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set - misc: eeprom_93xx46: Fix module alias to enable module autoprobe - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() - VMCI: Use set_page_dirty_lock() when unregistering guest memory - PCI: Align checking of syscall user config accessors - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) - ext4: fix potential htree index checksum corruption - i40e: Fix flow for IPv6 next header (extension header) - i40e: Fix overwriting flow control settings during driver loading - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() - ocfs2: fix a use after free on error - mm/memory.c: fix potential pte_unmap_unlock pte error - mm/hugetlb: fix potential double free in hugetlb_register_node() error path - arm64: Add missing ISB after invalidating TLB in __primary_switch - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition - mm/rmap: fix potential pte_unmap on an not mapped pte - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors - blk-settings: align max_sectors on "logical_block_size" boundary - ACPI: property: Fix fwnode string properties matching - ACPI: configfs: add missing check after configfs_register_default_group() - HID: wacom: Ignore attempts to overwrite the touch_max value from HID - Input: raydium_ts_i2c - do not send zero length - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S - Input: joydev - prevent potential read overflow in ioctl - Input: i8042 - add ASUS Zenbook Flip to noselftest list - USB: serial: option: update interface mapping for ZTE P685M - usb: musb: Fix runtime PM race in musb_queue_resume_work - USB: serial: mos7840: fix error code in mos7840_write() - USB: serial: mos7720: fix error code in mos7720_write() - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt - ALSA: hda/realtek: modify EAPD in the ALC886 - tpm_tis: Fix check_locality for correct locality acquisition - KEYS: trusted: Fix migratable=1 failing - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root - btrfs: fix reloc root leak with 0 ref reloc roots on recovery - btrfs: fix extent buffer leak on failure to copy root - crypto: sun4i-ss - checking sg length is not sufficient - crypto: sun4i-ss - handle BigEndian for cipher - seccomp: Add missing return in non-void function - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table - x86/reboot: Force all cpus to exit VMX root if VMX is supported - floppy: reintroduce O_NDELAY fix - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing - watchdog: mei_wdt: request stop on unregister - mtd: spi-nor: hisi-sfc: Put child node np on error path - fs/affs: release old buffer head on error path - hugetlb: fix copy_huge_page_from_user contig page struct assumption - mm: hugetlb: fix a race between freeing and dissolving the page - libnvdimm/dimm: Avoid race between probe and available_slots_show() - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols - mmc: sdhci-esdhc-imx: fix kernel panic when remove module - gpio: pcf857x: Fix missing first interrupt - printk: fix deadlock when kernel panic - f2fs: fix out-of-repair __setattr_copy() - sparc32: fix a user-triggerable oops in clear_user() - gfs2: Don't skip dlm unlock if glock has an lvb - dm era: Recover committed writeset after crash - dm era: Verify the data block size hasn't changed - dm era: Fix bitset memory leaks - dm era: Use correct value size in equality function of writeset tree - dm era: Reinitialize bitset cache before digesting a new writeset - dm era: only resize metadata in preresume - icmp: introduce helper for nat'd source address in network device context - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n - gtp: use icmp_ndo_send helper - sunvnet: use icmp_ndo_send helper - ipv6: icmp6: avoid indirect call for icmpv6_send() - ipv6: silence compilation warning for non-IPV6 builds - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending - dm era: Update in-core bitset after committing the metadata - USB: quirks: sort quirk entries - jump_label/lockdep: Assert we hold the hotplug lock for _cpuslocked() operations - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family - arm64: dts: allwinner: A64: properly connect USB PHY to port 0 - arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card - arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz - memory: ti-aemif: Drop child node when jumping out loop - ibmvnic: add memory barrier to protect long term buffer - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition - drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. - crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) - f2fs: fix to avoid inconsistent quota data - regulator: s5m8767: Drop regulators OF node reference - mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes - RDMA/rxe: Correct skb on loopback path - i40e: Add zero-initialization of AQ command structures - i40e: Fix add TC filter for IPv6 - r8169: fix jumbo packet handling on RTL8168e - USB: serial: ftdi_sio: fix FTX sub-integer prescaler - crypto: arm64/sha - add missing module aliases - misc: rtsx: init of rts522a add OCP power off when no card is present - seq_file: document how per-entry resources are managed. - x86: fix seq_file iteration for pat/memtype.c -- Kleber Sacilotto de Souza <email address hidden> Tue, 20 Apr 2021 10:25:53 +0200
Available diffs
| Published in xenial-security |
| Published in xenial-updates |
| Deleted in xenial-proposed (Reason: moved to -updates) |
linux-raspi2 (4.4.0-1152.163) xenial; urgency=medium * xenial/linux-raspi2: 4.4.0-1152.163 -proposed tracker (LP: #1924638) [ Ubuntu: 4.4.0-210.242 ] * xenial/linux: 4.4.0-210.242 -proposed tracker (LP: #1924644) * setting extended attribute may cause memory leak (LP: #1924611) - SAUCE: vfs_setxattr: free converted value if xattr_permission returns error -- Stefan Bader <email address hidden> Fri, 16 Apr 2021 15:22:12 +0200
Available diffs
linux-raspi2 (4.15.0-1084.89) bionic; urgency=medium
[ Ubuntu: 4.15.0-142.146 ]
* overlayfs calls vfs_setxattr without cap_convert_nscap
- vfs: move cap_convert_nscap() call into vfs_setxattr()
* CVE-2021-29154
- SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
-- Stefan Bader <email address hidden> Tue, 13 Apr 2021 14:34:26 +0200
Available diffs
linux-raspi2 (4.4.0-1151.162) xenial; urgency=medium
[ Ubuntu: 4.4.0-209.241 ]
* overlayfs calls vfs_setxattr without cap_convert_nscap
- vfs: move cap_convert_nscap() call into vfs_setxattr()
* CVE-2021-29154
- SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
-- Stefan Bader <email address hidden> Tue, 13 Apr 2021 10:56:13 +0200
Available diffs
| Superseded in xenial-security |
| Superseded in xenial-updates |
| Deleted in xenial-proposed (Reason: moved to -updates) |
linux-raspi2 (4.4.0-1150.161) xenial; urgency=medium * xenial/linux-raspi2: 4.4.0-1150.161 -proposed tracker (LP: #1922064) [ Ubuntu: 4.4.0-208.240 ] * xenial/linux: 4.4.0-208.240 -proposed tracker (LP: #1922069) * linux ADT test failure with linux/4.4.0-207.239 - ubuntu_qrt_kernel_security.test-kernel-security.py (LP: #1922200) // CVE-2018-5953 // CVE-2018-5995 // CVE-2018-7754 - SAUCE: Revert "printk: hash addresses printed with %p" * lxd 2.0.11-0ubuntu1~16.04.4 ADT test failure with linux 4.4.0-207.239 (LP: #1921969) - SAUCE: Fix fuse regression in 4.4.0-207.239
Available diffs
- diff from 4.4.0-1148.158 to 4.4.0-1150.161 (7.2 MiB)
- diff from 4.4.0-1149.160 to 4.4.0-1150.161 (7.0 MiB)
| 1 → 50 of 432 results | First • Previous • Next • Last |
