This bug was fixed in the package linux - 3.13.0-162.212
---------------
linux (3.13.0-162.212) trusty; urgency=medium
* linux: 3.13.0-162.212 -proposed tracker (LP: #1799399)
* packet socket panic in Trusty 3.13.0-157 and later (LP: #1800254)
- SAUCE: (no-up) net/packet: fix erroneous dev_add_pack usage in fanout
* Cleanup Meltdown/Spectre implementation (LP: #1779848)
- x86/Documentation: Add PTI description
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- x86/cpu/AMD: Make LFENCE a serializing instruction
- x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
- x86/pti: Document fix wrong index
- x86/nospec: Fix header guards names
- x86/bugs: Drop one "mitigation" from dmesg
- x86/spectre: Check CONFIG_RETPOLINE in command line parser
- x86/spectre: Simplify spectre_v2 command line parsing
- x86/spectre: Fix an error message
- SAUCE: x86/cpufeatures: Reorder spectre-related feature bits
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- SAUCE: x86/msr: Fix formatting of msr-index.h
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Mark constant arrays as __initconst
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier)
support
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
- SAUCE: x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
- x86/speculation: Use IBRS if available before calling into firmware
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to
CPP
- SAUCE: x86/bugs: Fix re-use of SPEC_CTRL MSR boot value
- SAUCE: Move SSBD feature detection to common code
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86/speculation: Query individual feature flags when reloading
microcode
- xen: Add xen_arch_suspend()
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
- SAUCE: x86/pti: Evaluate X86_BUG_CPU_MELTDOWN when pti=auto
- SAUCE: x86/speculation: Make use of indirect_branch_prediction_barrier()
- SAUCE: x86/speculation: Cleanup IBPB runtime control handling
- SAUCE: x86/speculation: Cleanup IBRS runtime control handling
* CVE-2016-9588
- kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
* CVE-2017-16649
- net: cdc_ether: fix divide by 0 on bad descriptors
* CVE-2018-9363
- Bluetooth: hidp: buffer overflow in hidp_process_report
* CVE-2017-13168
- scsi: sg: mitigate read/write abuse
* xattr length returned by vfs_getxattr() is not correct in Trusty kernel
(LP: #1798013)
- getxattr: use correct xattr length
* CVE-2018-16658
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
-- Stefan Bader <[email protected]> Mon, 29 Oct 2018 11:31:15
+0100
** Changed in: linux (Ubuntu Trusty)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9588
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13168
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16649
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16658
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-9363
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799399
Title:
linux: 3.13.0-162.212 -proposed tracker
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
Fix Committed
Status in Kernel SRU Workflow promote-to-updates series:
Fix Committed
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
Invalid
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Trusty:
Fix Released
Bug description:
This bug is for tracking the <version to be filled> upload package.
This bug will contain status and testing results related to that
upload.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
backports: bug 1799400 (linux-lts-trusty)
derivatives:
-- swm properties --
boot-testing-requested: true
bugs-spammed: true
phase: Promoted to proposed
proposed-announcement-sent: true
proposed-testing-requested: true
reason:
promote-to-security: Ready to copy
promote-to-updates: Ready to copy
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1799399/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
