This bug was fixed in the package linux - 4.4.0-138.164 --------------- linux (4.4.0-138.164) xenial; urgency=medium
* linux: 4.4.0-138.164 -proposed tracker (LP: #1795582) * Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662) - powerpc/fadump: Return error when fadump registration fails * Kernel hang on drive pull caused by regression introduced by commit 287922eb0b18 (LP: #1791790) - block: Fix a race between blk_cleanup_queue() and timeout handling * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086) - s390/qeth: use vzalloc for QUERY OAT buffer * Page leaking in cachefiles_read_backing_file while vmscan is active (LP: #1793430) - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active * Bugfix for handling of shadow doorbell buffer (LP: #1788222) - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event * Xenial update to 4.4.155 stable release (LP: #1792419) - net: 6lowpan: fix reserved space for single frames - net: mac802154: tx: expand tailroom if necessary - 9p/net: Fix zero-copy path in the 9p virtio transport - net: lan78xx: Fix misplaced tasklet_schedule() call - spi: davinci: fix a NULL pointer dereference - drm/i915/userptr: reject zero user_size - powerpc/fadump: handle crash memory ranges array index overflow - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed - 9p/virtio: fix off-by-one error in sg list bounds check - net/9p/client.c: version pointer uninitialized - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() - dm cache metadata: save in-core policy_hint_size to on-disk superblock - iio: ad9523: Fix displayed phase - iio: ad9523: Fix return value for ad952x_store() - vmw_balloon: fix inflation of 64-bit GFNs - vmw_balloon: do not use 2MB without batching - vmw_balloon: VMCI_DOORBELL_SET does not check status - vmw_balloon: fix VMCI use when balloon built into kernel - tracing: Do not call start/stop() functions when tracing_on does not change - tracing/blktrace: Fix to allow setting same value - kthread, tracing: Don't expose half-written comm when creating kthreads - uprobes: Use synchronize_rcu() not synchronize_sched() - 9p: fix multiple NULL-pointer-dereferences - PM / sleep: wakeup: Fix build error caused by missing SRCU support - pnfs/blocklayout: off by one in bl_map_stripe() - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset - mm/tlb: Remove tlb_remove_table() non-concurrent condition - iommu/vt-d: Add definitions for PFSID - iommu/vt-d: Fix dev iotlb pfsid use - osf_getdomainname(): use copy_to_user() - sys: don't hold uts_sem while accessing userspace memory - userns: move user access out of the mutex - ubifs: Fix memory leak in lprobs self-check - Revert "UBIFS: Fix potential integer overflow in allocation" - ubifs: Check data node size before truncate - ubifs: Fix synced_i_size calculation for xattr inodes - pwm: tiehrpwm: Fix disabling of output of PWMs - fb: fix lost console when the user unplugs a USB adapter - udlfb: set optimal write delay - getxattr: use correct xattr length - bcache: release dc->writeback_lock properly in bch_writeback_thread() - perf auxtrace: Fix queue resize - fs/quota: Fix spectre gadget in do_quotactl - x86/io: add interface to reserve io memtype for a resource range. (v1.1) - drm/drivers: add support for using the arch wc mapping API. - Linux 4.4.155 * Xenial update to 4.4.154 stable release (LP: #1792392) - sched/sysctl: Check user input value of sysctl_sched_time_avg - Cipso: cipso_v4_optptr enter infinite loop - vti6: fix PMTU caching and reporting on xmit - xfrm: fix missing dst_release() after policy blocking lbcast and multicast - xfrm: free skb if nlsk pointer is NULL - mac80211: add stations tied to AP_VLANs during hw reconfig - nl80211: Add a missing break in parse_station_flags - drm/bridge: adv7511: Reset registers on hotplug - scsi: libiscsi: fix possible NULL pointer dereference in case of TMF - drm/imx: imx-ldb: disable LDB on driver bind - drm/imx: imx-ldb: check if channel is enabled before printing warning - usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() - usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() - usb/phy: fix PPC64 build errors in phy-fsl-usb.c - tools: usb: ffs-test: Fix build on big endian systems - usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' - tools/power turbostat: fix -S on UP systems - net: caif: Add a missing rcu_read_unlock() in caif_flow_cb - qed: Fix possible race for the link state value. - atl1c: reserve min skb headroom - net: prevent ISA drivers from building on PPC32 - can: mpc5xxx_can: check of_iomap return before use - i2c: davinci: Avoid zero value of CLKH - media: staging: omap4iss: Include asm/cacheflush.h after generic includes - bnx2x: Fix invalid memory access in rss hash config path. - net: axienet: Fix double deregister of mdio - selftests/ftrace: Add snapshot and tracing_on test case - zswap: re-check zswap_is_full() after do zswap_shrink() - tools/power turbostat: Read extended processor family from CPUID - Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" - enic: handle mtu change for vf properly - arc: fix build errors in arc/include/asm/delay.h - arc: fix type warnings in arc/mm/cache.c - drivers: net: lmc: fix case value for target abort error - scsi: fcoe: drop frames in ELS LOGO error path - scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED - mm/memory.c: check return value of ioremap_prot - cifs: add missing debug entries for kconfig options - cifs: check kmalloc before use - smb3: Do not send SMB3 SET_INFO if nothing changed - smb3: don't request leases in symlink creation and query - btrfs: don't leak ret from do_chunk_alloc - s390/kvm: fix deadlock when killed by oom - ext4: check for NUL characters in extended attribute's name - ext4: sysfs: print ext4_super_block fields as little-endian - ext4: reset error code in ext4_find_entry in fallback - arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() - KVM: arm/arm64: Skip updating PTE entry if no change - KVM: arm/arm64: Skip updating PMD entry if no change - x86/speculation/l1tf: Suggest what to do on systems with too much RAM - x86/process: Re-export start_thread() - fuse: Don't access pipe->buffers without pipe_lock() - fuse: fix double request_end() - fuse: fix unlocked access to processing queue - fuse: umount should wait for all requests - fuse: Fix oops at process_init_reply() - fuse: Add missed unlock_page() to fuse_readpages_fill() - udl-kms: change down_interruptible to down - udl-kms: handle allocation failure - udl-kms: fix crash due to uninitialized memory - ASoC: dpcm: don't merge format from invalid codec dai - ASoC: sirf: Fix potential NULL pointer dereference - pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() - x86/irqflags: Mark native_restore_fl extern inline - s390: fix br_r1_trampoline for machines without exrl - s390/qdio: reset old sbal_state flags - kprobes: Make list and blacklist root user read only - MIPS: Correct the 64-bit DSP accumulator register size - MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 - scsi: sysfs: Introduce sysfs_{un,}break_active_protection() - scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock - iscsi target: fix session creation failure handling - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status - Linux 4.4.154 * Xenial update to 4.4.153 stable release (LP: #1792383) - x86/mm: Fix use-after-free of ldt_struct - ovl: Ensure upper filesystem supports d_type - ovl: Do d_type check only if work dir creation was successful - ovl: warn instead of error if d_type is not supported - Linux 4.4.153 * Xenial update to 4.4.152 stable release (LP: #1792377) - ARC: Explicitly add -mmedium-calls to CFLAGS - netfilter: ipv6: nf_defrag: reduce struct net memory waste - selftests: pstore: return Kselftest Skip code for skipped tests - selftests: static_keys: return Kselftest Skip code for skipped tests - selftests: user: return Kselftest Skip code for skipped tests - selftests: zram: return Kselftest Skip code for skipped tests - selftests: sync: add config fragment for testing sync framework - ARM: dts: Cygnus: Fix I2C controller interrupt type - usb: dwc2: fix isoc split in transfer with no data - usb: gadget: composite: fix delayed_status race condition when set_interface - usb: gadget: dwc2: fix memory leak in gadget_init() - scsi: xen-scsifront: add error handling for xenbus_printf - arm64: make secondary_start_kernel() notrace - qed: Add sanity check for SIMD fastpath handler. - enic: initialize enic->rfs_h.lock in enic_probe - net: hamradio: use eth_broadcast_addr - net: propagate dev_get_valid_name return code - ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP - net: davinci_emac: match the mdio device against its compatible if possible - locking/lockdep: Do not record IRQ state within lockdep code - ipv6: mcast: fix unsolicited report interval after receiving querys - Smack: Mark inode instant in smack_task_to_inode - cxgb4: when disabling dcb set txq dcb priority to 0 - brcmfmac: stop watchdog before detach and free everything - ARM: dts: am437x: make edt-ft5x06 a wakeup source - usb: xhci: increase CRS timeout value - perf test session topology: Fix test on s390 - perf report powerpc: Fix crash if callchain is empty - selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs - ARM: dts: da850: Fix interrups property for gpio - dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() - md/raid10: fix that replacement cannot complete recovery after reassemble - drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes - drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes - drm/exynos: decon5433: Fix WINCONx reset value - bnx2x: Fix receiving tx-timeout in error or recovery state. - m68k: fix "bad page state" oops on ColdFire boot - HID: wacom: Correct touch maximum XY of 2nd-gen Intuos - ARM: imx_v6_v7_defconfig: Select ULPI support - ARM: imx_v4_v5_defconfig: Select ULPI support - tracing: Use __printf markup to silence compiler - kasan: fix shadow_size calculation error in kasan_module_alloc - smsc75xx: Add workaround for gigabit link up hardware errata. - netfilter: x_tables: set module owner for icmp(6) matches - ARM: pxa: irq: fix handling of ICMR registers in suspend/resume - ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem - ieee802154: at86rf230: use __func__ macro for debug messages - ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem - drm/armada: fix colorkey mode property - bnxt_en: Fix for system hang if request_irq fails - perf llvm-utils: Remove bashism from kernel include fetch script - ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot - ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller - ixgbe: Be more careful when modifying MAC filters - packet: reset network header if packet shorter than ll reserved space - qlogic: check kstrtoul() for errors - tcp: remove DELAYED ACK events in DCTCP - drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() - net/ethernet/freescale/fman: fix cross-build error - net: usb: rtl8150: demote allmulti message to dev_dbg() - net: qca_spi: Avoid packet drop during initial sync - net: qca_spi: Make sure the QCA7000 reset is triggered - net: qca_spi: Fix log level if probe fails - tcp: identify cryptic messages as TCP seq # bugs - staging: android: ion: check for kref overflow - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer - ext4: fix spectre gadget in ext4_mb_regular_allocator() - parisc: Remove ordered stores from syscall.S - xfrm_user: prevent leaking 2 bytes of kernel memory - netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state - packet: refine ring v3 block size test to hold one frame - bridge: Propagate vlan add failure to user - parisc: Remove unnecessary barriers from spinlock.h - PCI: hotplug: Don't leak pci_slot on registration failure - PCI: Skip MPS logic for Virtual Functions (VFs) - PCI: pciehp: Fix use-after-free on unplug - i2c: imx: Fix race condition in dma read - reiserfs: fix broken xattr handling (heap corruption, bad retval) - Linux 4.4.152 * Xenial update to 4.4.151 stable release (LP: #1792340) - dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache - llc: use refcount_inc_not_zero() for llc_sap_find() - net_sched: Fix missing res info when create new tc_index filter - vsock: split dwork to avoid reinitializations - net_sched: fix NULL pointer dereference when delete tcindex filter - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs - ALSA: hda - Turn CX8200 into D3 as well upon reboot - ALSA: vx222: Fix invalid endian conversions - ALSA: virmidi: Fix too long output trigger loop - ALSA: cs5535audio: Fix invalid endian conversion - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry - ALSA: memalloc: Don't exceed over the requested size - ALSA: vxpocket: Fix invalid endian conversions - USB: serial: sierra: fix potential deadlock at close - USB: option: add support for DW5821e - ACPI: save NVS memory for Lenovo G50-45 - ACPI / PM: save NVS memory for ASUS 1025C laptop - serial: 8250_dw: always set baud rate in dw8250_set_termios - Bluetooth: avoid killing an already killed socket - isdn: Disable IIOCDBGVAR - Linux 4.4.151 * Xenial update to 4.4.150 stable release (LP: #1792336) - x86/speculation/l1tf: Exempt zeroed PTEs from inversion - Linux 4.4.150 * Xenial update to 4.4.149 stable release (LP: #1792310) - x86/mm: Disable ioremap free page handling on x86-PAE - tcp: Fix missing range_truesize enlargement in the backport - kasan: don't emit builtin calls when sanitization is off - i2c: ismt: fix wrong device address when unmap the data buffer - kbuild: verify that $DEPMOD is installed - crypto: vmac - require a block cipher with 128-bit block size - crypto: vmac - separate tfm and request context - crypto: blkcipher - fix crash flushing dcache in error path - crypto: ablkcipher - fix crash flushing dcache in error path - ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization - ioremap: Update pgtable free interfaces with addr - x86/mm: Add TLB purge to free pmd/pte page interfaces - Linux 4.4.149 * Xenial update to 4.4.149 stable release (LP: #1792310) // CVE-2018-9363 - Bluetooth: hidp: buffer overflow in hidp_process_report * Xenial update to 4.4.148 stable release (LP: #1792174) - ext4: fix check to prevent initializing reserved inodes - tpm: fix race condition in tpm_common_write() - ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV - fork: unconditionally clear stack on fork - parisc: Enable CONFIG_MLONGCALLS by default - parisc: Define mb() and add memory barriers to assembler unlock sequences - xen/netfront: don't cache skb_shinfo() - ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled - root dentries need RCU-delayed freeing - fix mntput/mntput race - fix __legitimize_mnt()/mntput() race - IB/core: Make testing MR flags for writability a static inline function - IB/mlx4: Mark user MR as writable if actual virtual memory is writable - IB/ocrdma: fix out of bounds access to local buffer - ARM: dts: imx6sx: fix irq for pcie bridge - kprobes/x86: Fix %p uses in error messages - x86/irqflags: Provide a declaration for native_save_fl - SAUCE: Sync pgtable_64.h with upstream stable - mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 - SAUCE: Sync pgtable-3level.h with upstream stable - SAUCE: Sync pgtable.h with upstream stable - mm: Add vm_insert_pfn_prot() - mm: fix cache mode tracking in vm_insert_mixed() - x86/mm/kmmio: Make the tracer robust against L1TF - x86/init: fix build with CONFIG_SWAP=n - Linux 4.4.148 * Xenial update to 4.4.147 stable release (LP: #1792109) - scsi: qla2xxx: Fix ISP recovery on unload - scsi: qla2xxx: Return error when TMF returns - genirq: Make force irq threading setup more robust - nohz: Fix local_timer_softirq_pending() - netlink: Do not subscribe to non-existent groups - netlink: Don't shift with UB on nlk->ngroups - netlink: Don't shift on 64 for ngroups - ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle - ring_buffer: tracing: Inherit the tracing setting to next ring buffer - i2c: imx: Fix reinit_completion() use - Linux 4.4.147 * Xenial update to 4.4.146 stable release (LP: #1791953) - MIPS: Fix off-by-one in pci_resource_to_user() - Input: elan_i2c - add ACPI ID for lenovo ideapad 330 - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST - tracing: Fix double free of event_trigger_data - tracing: Fix possible double free in event_enable_trigger_func() - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure - tracing: Quiet gcc warning about maybe unused link variable - xen/netfront: raise max number of slots in xennet_get_responses() - ALSA: emu10k1: add error handling for snd_ctl_add - ALSA: fm801: add error handling for snd_ctl_add - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo - mm: vmalloc: avoid racy handling of debugobjects in vunmap - mm/slub.c: add __printf verification to slab_err() - rtc: ensure rtc_set_alarm fails when alarms are not supported - netfilter: ipset: List timing out entries with "timeout 1" instead of zero - infiniband: fix a possible use-after-free bug - hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() - powerpc/64s: Fix compiler store ordering to SLB shadow area - RDMA/mad: Convert BUG_ONs to error flows - disable loading f2fs module on PAGE_SIZE > 4KB - f2fs: fix to don't trigger writeback during recovery - usbip: usbip_detach: Fix memory, udev context and udev leak - perf/x86/intel/uncore: Correct fixed counter index check in generic code - perf/x86/intel/uncore: Correct fixed counter index check for NHM - iwlwifi: pcie: fix race in Rx buffer allocator - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 - ASoC: dpcm: fix BE dai not hw_free and shutdown - mfd: cros_ec: Fail early if we cannot identify the EC - mwifiex: handle race during mwifiex_usb_disconnect - wlcore: sdio: check for valid platform device data before suspend - media: videobuf2-core: don't call memop 'finish' when queueing - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree - PCI: Prevent sysfs disable of device while driver is attached - ath: Add regulatory mapping for FCC3_ETSIC - ath: Add regulatory mapping for ETSI8_WORLD - ath: Add regulatory mapping for APL13_WORLD - ath: Add regulatory mapping for APL2_FCCA - ath: Add regulatory mapping for Uganda - ath: Add regulatory mapping for Tanzania - ath: Add regulatory mapping for Serbia - ath: Add regulatory mapping for Bermuda - ath: Add regulatory mapping for Bahamas - powerpc/32: Add a missing include header - powerpc/chrp/time: Make some functions static, add missing header include - powerpc/powermac: Add missing prototype for note_bootable_part() - powerpc/powermac: Mark variable x as unused - powerpc/8xx: fix invalid register expression in head_8xx.S - pinctrl: at91-pio4: add missing of_node_put - PCI: pciehp: Request control of native hotplug only if supported - mwifiex: correct histogram data with appropriate index - scsi: ufs: fix exception event handling - ALSA: emu10k1: Rate-limit error messages about page errors - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops - md: fix NULL dereference of mddev->pers in remove_and_add_spares() - media: smiapp: fix timeout checking in smiapp_read_nvm - ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback - HID: hid-plantronics: Re-resend Update to map button for PTT products - drm/radeon: fix mode_valid's return type - powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet - HID: i2c-hid: check if device is there before really probing - tty: Fix data race in tty_insert_flip_string_fixed_flag - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA - media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() - libata: Fix command retry decision - media: saa7164: Fix driver name in debug output - mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages - brcmfmac: Add support for bcm43364 wireless chipset - s390/cpum_sf: Add data entry sizes to sampling trailer entry - perf: fix invalid bit in diagnostic entry - scsi: 3w-9xxx: fix a missing-check bug - scsi: 3w-xxxx: fix a missing-check bug - scsi: megaraid: silence a static checker bug - thermal: exynos: fix setting rising_threshold for Exynos5433 - bpf: fix references to free_bpf_prog_info() in comments - media: siano: get rid of __le32/__le16 cast warnings - drm/atomic: Handling the case when setting old crtc for plane - ALSA: hda/ca0132: fix build failure when a local macro is defined - memory: tegra: Do not handle spurious interrupts - memory: tegra: Apply interrupts mask per SoC - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type - ipconfig: Correctly initialise ic_nameservers - rsi: Fix 'invalid vdd' warning in mmc - audit: allow not equal op for audit by executable - microblaze: Fix simpleImage format generation - usb: hub: Don't wait for connect state at resume for powered-off ports - crypto: authencesn - don't leak pointers to authenc keys - crypto: authenc - don't leak pointers to authenc keys - media: omap3isp: fix unbalanced dma_iommu_mapping - scsi: scsi_dh: replace too broad "TP9" string with the exact models - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs - media: si470x: fix __be16 annotations - drm: Add DP PSR2 sink enable bit - random: mix rdrand with entropy sent in from userspace - squashfs: be more careful about metadata corruption - ext4: fix inline data updates with checksums enabled - ext4: check for allocation block validity with block group locked - dmaengine: pxa_dma: remove duplicate const qualifier - ASoC: pxa: Fix module autoload for platform drivers - ipv4: remove BUG_ON() from fib_compute_spec_dst - net: fix amd-xgbe flow-control issue - net: lan78xx: fix rx handling before first packet is send - xen-netfront: wait xenbus state change when load module manually - NET: stmmac: align DMA stuff to largest cache line length - tcp: do not force quickack when receiving out-of-order packets - tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode - tcp: do not aggressively quick ack after ECN events - tcp: refactor tcp_ecn_check_ce to remove sk type cast - tcp: add one more quick ack after after ECN events - inet: frag: enforce memory limits earlier - net: dsa: Do not suspend/resume closed slave_dev - netlink: Fix spectre v1 gadget in netlink_create() - squashfs: more metadata hardening - squashfs: more metadata hardenings - can: ems_usb: Fix memory leak on ems_usb_disconnect() - net: socket: fix potential spectre v1 gadget in socketcall - virtio_balloon: fix another race between migration and ballooning - kvm: x86: vmx: fix vpid leak - crypto: padlock-aes - Fix Nano workaround data corruption - scsi: sg: fix minor memory leak in error path - Linux 4.4.146 * Xenial update to 4.4.145 stable release (LP: #1791942) - MIPS: ath79: fix register address in ath79_ddr_wb_flush() - ip: hash fragments consistently - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper - rtnetlink: add rtnl_link_state check in rtnl_configure_link - tcp: fix dctcp delayed ACK schedule - tcp: helpers to send special DCTCP ack - tcp: do not cancel delay-AcK on DCTCP special ACK - tcp: do not delay ACK in DCTCP upon CE status change - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull - usb: cdc_acm: Add quirk for Castles VEGA3000 - usb: core: handle hub C_PORT_OVER_CURRENT condition - usb: gadget: f_fs: Only return delayed status when len is 0 - driver core: Partially revert "driver core: correct device's shutdown order" - can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK - can: xilinx_can: fix recovery from error states not being propagated - can: xilinx_can: fix device dropping off bus on RX overrun - can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting - can: xilinx_can: fix incorrect clear of non-processed interrupts - can: xilinx_can: fix RX overflow interrupt not being enabled - turn off -Wattribute-alias - ARM: fix put_user() for gcc-8 - Linux 4.4.145 * kernel panic - null pointer dereference on ipset operations (LP: #1793753) - netfilter: ipset: fix race condition in ipset save, swap and delete - netfilter: ipset: Fix race between dump and swap * Improvements to the kernel source package preparation (LP: #1793461) - [Packaging] startnewrelease: add support for backport kernels * update ENA driver to latest mainline version (LP: #1792044) - net: ena: Remove redundant unlikely() - net: ena: reduce the severity of some printouts - net: ena: fix rare kernel crash when bar memory remap fails - net: ena: fix wrong max Tx/Rx queues on ethtool - net: ena: improve ENA driver boot time. - net: ena: remove legacy suspend suspend/resume support - net: ena: add power management ops to the ENA driver - net: ena: add statistics for missed tx packets - net: ena: add new admin define for future support of IPv6 RSS - net: ena: increase ena driver version to 1.3.0 - net: ena: fix race condition between device reset and link up setup - net: ena: add detection and recovery mechanism for handling missed/misrouted MSI-X - net: ena: increase ena driver version to 1.5.0 - net: ena: fix error handling in ena_down() sequence - net: ena: Eliminate duplicate barriers on weakly-ordered archs - SAUCE: ena: devm_kzalloc() -> devm_kcalloc() - net: ena: Fix use of uninitialized DMA address bits field - net: ena: fix surprise unplug NULL dereference kernel crash - net: ena: fix driver when PAGE_SIZE == 64kB - net: ena: fix device destruction to gracefully free resources - net: ena: fix potential double ena_destroy_device() - net: ena: fix missing lock during device destruction - net: ena: fix missing calls to READ_ONCE - net: ena: fix incorrect usage of memory barriers -- Kleber Sacilotto de Souza <kleber.so...@canonical.com> Tue, 02 Oct 2018 14:39:36 +0000 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-9363 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792174 Title: Xenial update to 4.4.148 stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Released Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.148 upstream stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.148 stable release shall be applied: * ext4: fix check to prevent initializing reserved inodes * tpm: fix race condition in tpm_common_write() * ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV * fork: unconditionally clear stack on fork * parisc: Enable CONFIG_MLONGCALLS by default * parisc: Define mb() and add memory barriers to assembler unlock sequences * xen/netfront: don't cache skb_shinfo() * ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices * scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled * root dentries need RCU-delayed freeing * fix mntput/mntput race * fix __legitimize_mnt()/mntput() race * IB/core: Make testing MR flags for writability a static inline function * IB/mlx4: Mark user MR as writable if actual virtual memory is writable * IB/ocrdma: fix out of bounds access to local buffer * ARM: dts: imx6sx: fix irq for pcie bridge * kprobes/x86: Fix %p uses in error messages * x86/irqflags: Provide a declaration for native_save_fl * UBUNTU: SAUCE: Sync pgtable_64.h with upstream stable * mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 * UBUNTU: SAUCE: Sync pgtable-3level.h with upstream stable * UBUNTU: SAUCE: Sync pgtable.h with upstream stable * mm: Add vm_insert_pfn_prot() * mm: fix cache mode tracking in vm_insert_mixed() * x86/mm/kmmio: Make the tracer robust against L1TF * x86/init: fix build with CONFIG_SWAP=n * Linux 4.4.148 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1792174/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp