This bug was fixed in the package linux - 4.12.0-11.12
---------------
linux (4.12.0-11.12) artful; urgency=low
* linux: 4.12.0-11.12 -proposed tracker (LP: #1709929)
* CVE-2017-1000111
- packet: fix tp_reserve race in packet_set_ring
* CVE-2017-1000112
- udp: consistently apply ufo or fragmentation
* Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
kernels able to boot without initramfs (LP: #1700972)
- Revert "UBUNTU: [Debian] Don't depend on initramfs-tools"
- [Debian] Don't depend on initramfs-tools
* Miscellaneous Ubuntu changes
- SAUCE: (noup) Update spl to 0.6.5.11-ubuntu1, zfs to 0.6.5.11-1ubuntu3
- SAUCE: powerpc: Always initialize input array when calling
epapr_hypercall()
* Miscellaneous upstream changes
- selftests: typo correction for memory-hotplug test
- selftests: check hot-pluggagble memory for memory-hotplug test
- selftests: check percentage range for memory-hotplug test
- selftests: add missing test name in memory-hotplug test
- selftests: fix memory-hotplug test
-- Seth Forshee <seth.fors...@canonical.com> Thu, 10 Aug 2017 13:37:00
-0500
** Changed in: linux (Ubuntu Artful)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000111
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000112
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1707292
Title:
Artful update to 4.12.4 stable release
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Artful:
Fix Released
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The 4.12.4 upstream stable
patch set is now available. It should be included in the Ubuntu
kernel as well.
git://git.kernel.org/
TEST CASE: TBD
The following patches from the 4.12.4 stable release shall be
applied:
disable new gcc-7.1.1 warnings for now
ir-core: fix gcc-7 warning on bool arithmetic
s5p-jpeg: don't return a random width/height
thermal: max77620: fix device-node reference imbalance
thermal: cpu_cooling: Avoid accessing potentially freed structures
ath9k: fix tx99 use after free
ath9k: fix tx99 bus error
iwlwifi: mvm: fix the recovery flow while connecting
NFC: fix broken device allocation
NFC: nfcmrvl_uart: add missing tty-device sanity check
NFC: nfcmrvl: do not use device-managed resources
NFC: nfcmrvl: use nfc-device for firmware download
NFC: nfcmrvl: fix firmware-management initialisation
nfc: Ensure presence of required attributes in the activate_target handler
nfc: Fix the sockaddr length sanitization in llcp_sock_connect
NFC: Add sockaddr length checks before accessing sa_family in bind handlers
perf intel-pt: Move decoder error setting into one condition
perf intel-pt: Improve sample timestamp
perf intel-pt: Fix missing stack clear
perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
perf intel-pt: Fix last_ip usage
perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
perf intel-pt: Use FUP always when scanning for an IP
perf intel-pt: Clear FUP flag on error
Bluetooth: use constant time memory comparison for secret values
wlcore: fix 64K page support
pstore: Don't warn if data is uncompressed and type is not PSTORE_TYPE_DMESG
mwifiex: fixup error cases in mwifiex_add_virtual_intf()
Btrfs: fix invalid extent maps due to hole punching
btrfs: Don't clear SGID when inheriting ACLs
Btrfs: incremental send, fix invalid memory access
igb: Explicitly select page 0 at initialization
spi: atmel: fix corrupted data issue on SAM9 family SoCs
ASoC: zx-i2s: flip I2S master/slave mode
ASoC: compress: Derive substream from stream based on direction
ASoC: atmel: tse850: fix off-by-one in the "ANA" enumeration count
PM / Domains: Fix unsafe iteration over modified list of device links
PM / Domains: Fix unsafe iteration over modified list of domain providers
PM / Domains: Fix unsafe iteration over modified list of domains
scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails.
scsi: virtio_scsi: let host do exception handling
scsi: qla2xxx: Allow ABTS, PURX, RIDA on ATIOQ for ISP83XX/27XX
scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state
scsi: Avoid that scsi_exit_rq() triggers a use-after-free
iscsi-target: Add login_keys_workaround attribute for non RFC initiators
xen/scsiback: Fix a TMR related use-after-free
scsi: virtio_scsi: always read VPD pages for multiqueue too
powerpc/mm/radix: Only add X for pages overlapping kernel text
powerpc/pseries: Fix passing of pp0 in updatepp() and updateboltedpp()
powerpc/mm/radix: Fix execute permissions for interrupt_vectors
powerpc/64: Fix atomic64_inc_not_zero() to return an int
powerpc: Fix emulation of mcrf in emulate_step()
powerpc: Fix emulation of mfocrf in emulate_step()
powerpc/asm: Mark cr0 as clobbered in mftb()
powerpc/mm/radix: Properly clear process table entry
powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9
xen/x86: fix cpu hotplug
PCI: vmd: Move SRCU cleanup after bus, child device removal
PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11
PCI: rockchip: Use normal register bank for config accessors
PCI/PM: Restore the status of PCI devices across hibernation
PCI/MSI: Ignore affinity if pre/post vector count is more than min_vecs
usb: xhci: fix spinlock recursion for USB2 test mode
xhci: fix memleak in xhci_run()
xhci: fix 20000ms port resume timeout
xhci: Fix NULL pointer dereference when cleaning up streams for removed host
mxl111sf: Fix driver to use heap allocate buffers for USB messages
usb: storage: return on error to avoid a null pointer dereference
USB: cdc-acm: add device-id for quirky printer
usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
usb: renesas_usbhs: gadget: disable all eps when the driver stops
HID: multitouch: do not blindly set EV_KEY or EV_ABS bits
md: don't use flush_signals in userspace processes
md: fix deadlock between mddev_suspend() and md_write_start()
x86/xen: allow userspace access during hypercalls
cx88: Fix regression in initial video standard setting
rc-core: fix input repeat handling
tools/testing/nvdimm: fix nfit_test buffer overflow
libnvdimm, btt: fix btt_rw_page not returning errors
libnvdimm: fix the clear-error check in nsio_rw_bytes
libnvdimm: fix badblock range handling of ARS range
ext2: Don't clear SGID when inheriting ACLs
dm raid: stop using BUG() in __rdev_sectors()
Raid5 should update rdev->sectors after reshape
s390/syscalls: Fix out of bounds arguments access
drm/amdgpu/gfx8: drop per-APU CU limits
drm/amdgpu: fix vblank_time when displays are off
drm/amdgpu/cgs: always set reference clock in mode_info
drm/amd/amdgpu: Return error if initiating read out of range on vram
drm/amdgpu: fix the memory corruption on S3
drm/amdgpu: Don't call amd_powerplay_destroy() if we don't have powerplay
drm/radeon/ci: disable mclk switching for high refresh rates (v2)
drm/radeon: Fix eDP for single-display iMac10,1 (v2)
drm/ttm: Fix use-after-free in ttm_bo_clean_mm
drm/etnaviv: Expose our reservation object when exporting a dmabuf.
ipmi: use rcu lock around call to intf->handlers->sender()
ipmi:ssif: Add missing unlock in error branch
xfs: Don't clear SGID when inheriting ACLs
CIFS: Reconnect expired SMB sessions
f2fs: load inode's flag from disk
f2fs: wake up all waiters in f2fs_submit_discard_endio
f2fs: sanity check checkpoint segno and blkoff
f2fs: try to freeze in gc and discard threads
f2fs: Do not issue small discards in LFS mode
f2fs: sanity check size of nat and sit cache
f2fs: use spin_{,un}lock_irq{save,restore}
f2fs: Don't clear SGID when inheriting ACLs
serial: st-asc: Potential error pointer dereference
serial: sh-sci: Uninitialized variables in sysfs files
ovl: mark parent impure on ovl_link()
ovl: fix random return value on mount
drm/amd/powerplay: fix memory leak in cz_hwmgr backend
drm/i915: Disable MSI for all pre-gen5
vfio: Fix group release deadlock
vfio: New external user group/file match
vfio: Remove unnecessary uses of vfio_container.group_lock
nvme-rdma: remove race conditions from IB signalling
ftrace: Fix uninitialized variable in match_records()
drm/i915/gvt: Fix inconsistent locks holding sequence
drm/atomic: Add missing drm_atomic_state_clear to atomic_remove_fb
MIPS: Fix mips_atomic_set() retry condition
MIPS: Fix mips_atomic_set() with EVA
MIPS: Negate error syscall return in trace
mtd: nand: tango: Fix incorrect use of SEQIN command
ubifs: Correctly evict xattr inodes
ubifs: Don't leak kernel memory to the MTD
ubifs: Don't encrypt special files on creation
ubifs: Set double hash cookie also for RENAME_EXCHANGE
ACPI / EC: Drop EC noirq hooks to fix a regression
Revert "ACPI / EC: Enable event freeze mode..." to fix a regression
x86/acpi: Prevent out of bound access caused by broken ACPI tables
x86/ioapic: Pass the correct data to unmask_ioapic_irq()
MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
MIPS: Save static registers before sysmips
MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
MIPS: Fix unaligned PC interpretation in `compute_return_epc'
MIPS: math-emu: Prevent wrong ISA mode instruction emulation
MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'
MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
Input: i8042 - fix crash at boot time
IB/iser: Fix connection teardown race condition
IB/core: Namespace is mandatory input for address resolution
sunrpc: use constant time memory comparison for mac
net/sunrpc/xprt_sock: fix regression in connection error reporting.
NFS: Fix initialization of nfs_page_array->npages
PNFS fix EACCESS on commit to DS handling
NFS: only invalidate dentrys that are clearly invalid.
udf: Fix races with i_size changes during readpage
udf: Fix deadlock between writeback and udf_setsize()
target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its
target
perf/core: Fix scheduling regression of pinned groups
Revert "perf/core: Drop kernel samples even though :u is specified"
staging: rtl8188eu: add TL-WN722N v2 support
staging: comedi: ni_mio_common: fix AO timer off-by-one regression
staging: sm750fb: avoid conflicting vesafb
staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code
ceph: fix race in concurrent readdir
RDMA/uverbs: Fix the check for port number
RDMA/core: Initialize port_num in qp_attr
drm/mst: Fix error handling during MST sideband message reception
drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
drm/mst: Avoid processing partially received up/down message transactions
drm/i915: Make DP-MST connector info work
mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array
hfsplus: Don't clear SGID when inheriting ACLs
vtime, sched/cputime: Remove vtime_account_user()
sched/cputime: Always set tsk->vtime_snap_whence after accounting vtime
sched/cputime: Rename vtime fields
sched/cputime: Move the vtime task fields to their own struct
sched/cputime: Accumulate vtime on top of nsec clocksource
sched/fair: Fix load_balance() affinity redo path
percpu_counter: Rename __percpu_counter_add to percpu_counter_add_batch
writeback: rework wb_[dec|inc]_stat family of functions
kernel/fork.c: virtually mapped stacks: do not disable interrupts
acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
vmbus: re-enable channel tasklet
cpufreq: intel_pstate: Correct the busy calculation for KNL
spmi: Include OF based modalias in device uevent
reiserfs: Don't clear SGID when inheriting ACLs
device-dax: fix sysfs duplicate warnings
drm/imx: parallel-display: Accept drm_of_find_panel_or_bridge failure
PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if
present
tracing: Fix kmemleak in instance_rmdir
drm/i915/fbdev: Check for existence of ifbdev->vma before operations
drm/i915: Hold RPM wakelock while initializing OA buffer
drm/i915: reintroduce VLV/CHV PFI programming power domain workaround
smp/hotplug: Move unparking of percpu threads to the control CPU
smp/hotplug: Replace BUG_ON and react useful
alarmtimer: don't rate limit one-shot timers
sched/cputime: Don't use smp_processor_id() in preemptible context
Linux 4.12.4
The following patches from 4.12.4 had already been applied:
ath9k: fix an invalid pointer dereference in ath9k_rng_stop()
xhci: Bad Ethernet performance plugged in ASM1042A host
iommu/arm-smmu: Plumb in new ACPI identifiers
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1707292/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
