This bug was fixed in the package linux-raspi2 - 5.0.0-1023.24 --------------- linux-raspi2 (5.0.0-1023.24) disco; urgency=medium
* disco/linux-raspi2: 5.0.0-1023.24 -proposed tracker (LP: #1852233) * Disco update: upstream stable patchset 2019-10-31 (LP: #1850870) - raspi2: [Config] CONFIG_GENERIC_CPU_VULNERABILITIES=y * Disco update: upstream stable patchset 2019-11-01 (LP: #1850974) - raspi2: [Config] Remove the rio500 driver * Incorrect raspi2 snapcraft.yaml file (LP: #1851469) - [Packaging] raspi2: Fix snapcraft.yaml [ Ubuntu: 5.0.0-37.40 ] * disco/linux: 5.0.0-37.40 -proposed tracker (LP: #1852253) * System hangs at early boot (LP: #1851216) - x86/timer: Skip PIT initialization on modern chipsets * drm/i915: Add support for another CMP-H PCH (LP: #1848491) - drm/i915/cml: Add second PCH ID for CMP * Some EFI systems fail to boot in efi_init() when booted via maas (LP: #1851810) - efi: efi_get_memory_map -- increase map headroom * seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test (LP: #1849281) - SAUCE: seccomp: avoid overflow in implicit constant conversion - SAUCE: seccomp: rework define for SECCOMP_USER_NOTIF_FLAG_CONTINUE - SAUCE: seccomp: fix SECCOMP_USER_NOTIF_FLAG_CONTINUE test * dkms artifacts may expire from the pool (LP: #1850958) - [Packaging] dkms -- try launchpad librarian for pool downloads - [Packaging] dkms -- dkms-build quieten wget verbiage * update ENA driver to version 2.1.0 (LP: #1850175) - net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry - net: ena: fix: Free napi resources when ena_up() fails - net: ena: fix incorrect test of supported hash function - net: ena: fix return value of ena_com_config_llq_info() - net: ena: improve latency by disabling adaptive interrupt moderation by default - net: ena: fix ena_com_fill_hash_function() implementation - net: ena: add handling of llq max tx burst size - net: ena: ethtool: add extra properties retrieval via get_priv_flags - net: ena: replace free_tx/rx_ids union with single free_ids field in ena_ring - net: ena: arrange ena_probe() function variables in reverse christmas tree - net: ena: add newline at the end of pr_err prints - net: ena: documentation: update ena.txt - net: ena: allow automatic fallback to polling mode - net: ena: add support for changing max_header_size in LLQ mode - net: ena: optimise calculations for CQ doorbell - net: ena: add good checksum counter - net: ena: use dev_info_once instead of static variable - net: ena: add MAX_QUEUES_EXT get feature admin command - net: ena: enable negotiating larger Rx ring size - net: ena: make ethtool show correct current and max queue sizes - net: ena: allow queue allocation backoff when low on memory - net: ena: add ethtool function for changing io queue sizes - net: ena: remove inline keyword from functions in *.c - net: ena: update driver version from 2.0.3 to 2.1.0 - net: ena: Fix bug where ring allocation backoff stopped too late - Revert "net: ena: ethtool: add extra properties retrieval via get_priv_flags" - net: ena: don't wake up tx queue when down - net: ena: clean up indentation issue * Add Intel Comet Lake ethernet support (LP: #1848555) - SAUCE: e1000e: Add support for Comet Lake * Intel Wireless AC 3168 on Eoan complaints FW error in SYNC CMD GEO_TX_POWER_LIMIT (LP: #1846016) - iwlwifi: exclude GEO SAR support for 3168 * tsc marked unstable after entered PC10 on Intel CoffeeLake (LP: #1840239) - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake platforms - SAUCE: x86/intel: Disable HPET on Intel Ice Lake platforms * cloudimg: no iavf/i40evf module so no network available with SR-IOV enabled cloud (LP: #1848481) - [Packaging] include iavf/i40evf in generic * High power consumption using 5.0.0-25-generic (LP: #1840835) - PCI: Add a helper to check Power Resource Requirements _PR3 existence - ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver - PCI: Fix missing inline for pci_pr3_present() * CML CPUIDs (LP: #1843794) - x86/cpu: Add Comet Lake to the Intel CPU models header * shiftfs: prevent exceeding project quotas (LP: #1849483) - SAUCE: shiftfs: drop CAP_SYS_RESOURCE from effective capabilities * shiftfs: fix fallocate() (LP: #1849482) - SAUCE: shiftfs: setup correct s_maxbytes limit * Bluetooth: hidp: Fix assumptions on the return value of hidp_send_message (LP: #1850443) - Bluetooth: hidp: Fix assumptions on the return value of hidp_send_message * [SRU][B/OEM-B/OEM-OSP1/D/E] UBUNTU: SAUCE: add rtl623 codec support and fix mic issues (LP: #1850599) - SAUCE: ALSA: hda/realtek - Add support for ALC623 - SAUCE: ALSA: hda/realtek - Fix 2 front mics of codec 0x623 * NFSv4.1: Interrupted connections cause high bandwidth RPC ping-pong between client and server (LP: #1828978) - NFSv4.1: Avoid false retries when RPC calls are interrupted * SUNRPC: Use after free when GSSD credentials are invalid causes oops (LP: #1842037) - SUNRPC: Clean up - SUNRPC: Fix a use after free when a server rejects the RPCSEC_GSS credential * Suppress "hid_field_extract() called with n (192) > 32!" message floods (LP: #1850600) - HID: core: reformat and reduce hid_printk macros - HID: core: Add printk_once variants to hid_warn() etc - HID: core: fix dmesg flooding if report field larger than 32bit * ubuntu-aufs-modified mmap_region() breaks refcounting in overlayfs/shiftfs error path (LP: #1850994) // CVE-2019-15794 - SAUCE: shiftfs: Restore vm_file value when lower fs mmap fails - SAUCE: ovl: Restore vm_file value when lower fs mmap fails * s_iflags overlap prevents unprivileged overlayfs mounts (LP: #1851677) - SAUCE: fs: Move SB_I_NOSUID to the top of s_iflags * root can lift kernel lockdown (LP: #1851380) - SAUCE: (efi-lockdown) Really don't allow lifting lockdown from userspace * Disco update: upstream stable patchset 2019-11-01 (LP: #1850974) - panic: ensure preemption is disabled during panic() - f2fs: use EINVAL for superblock with invalid magic - [Config] updateconfigs for USB_RIO500 - USB: rio500: Remove Rio 500 kernel driver - USB: yurex: Don't retry on unexpected errors - USB: yurex: fix NULL-derefs on disconnect - USB: usb-skeleton: fix runtime PM after driver unbind - USB: usb-skeleton: fix NULL-deref on disconnect - xhci: Fix false warning message about wrong bounce buffer write length - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long - xhci: Check all endpoints for LPM timeout - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts - usb: xhci: wait for CNR controller not ready bit in xhci resume - xhci: Prevent deadlock when xhci adapter breaks during init - USB: adutux: fix use-after-free on disconnect - USB: adutux: fix NULL-derefs on disconnect - USB: adutux: fix use-after-free on release - USB: iowarrior: fix use-after-free on disconnect - USB: iowarrior: fix use-after-free on release - USB: iowarrior: fix use-after-free after driver unbind - USB: usblp: fix runtime PM after driver unbind - USB: chaoskey: fix use-after-free on release - USB: ldusb: fix NULL-derefs on driver unbind - serial: uartlite: fix exit path null pointer - USB: serial: keyspan: fix NULL-derefs on open() and write() - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 - USB: serial: option: add Telit FN980 compositions - USB: serial: option: add support for Cinterion CLS8 devices - USB: serial: fix runtime PM after driver unbind - USB: usblcd: fix I/O after disconnect - USB: microtek: fix info-leak at probe - USB: dummy-hcd: fix power budget for SuperSpeed mode - usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}() - usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior - USB: legousbtower: fix slab info leak at probe - USB: legousbtower: fix deadlock on disconnect - USB: legousbtower: fix potential NULL-deref on disconnect - USB: legousbtower: fix open after failed reset request - USB: legousbtower: fix use-after-free on release - mei: me: add comet point (lake) LP device ids - mei: avoid FW version request on Ibex Peak and earlier - gpio: eic: sprd: Fix the incorrect EIC offset when toggling - Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc - staging: vt6655: Fix memory leak in vt6655_probe - iio: adc: hx711: fix bug in sampling of data - iio: adc: ad799x: fix probe error handling - iio: adc: axp288: Override TS pin bias current for some models - iio: light: opt3001: fix mutex unlock race - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified - perf llvm: Don't access out-of-scope array - perf inject jit: Fix JIT_CODE_MOVE filename - CIFS: Gracefully handle QueryInfo errors during open - CIFS: Force revalidate inode when dentry is stale - CIFS: Force reval dentry if LOOKUP_REVAL flag is set - kernel/sysctl.c: do not override max_threads provided by userspace - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() - firmware: google: increment VPD key_len properly - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source - iio: adc: stm32-adc: move registers definitions - iio: adc: stm32-adc: fix a race when using several adcs with dma and irq - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic - btrfs: fix incorrect updating of log root tree - btrfs: fix uninitialized ret in ref-verify - NFS: Fix O_DIRECT accounting of number of bytes read/written - MIPS: Disable Loongson MMI instructions for kernel build - MIPS: elf_hwcap: Export userspace ASEs - ACPI/PPTT: Add support for ACPI 6.3 thread flag - arm64: topology: Use PPTT to determine if PE is a thread - Fix the locking in dcache_readdir() and friends - media: stkwebcam: fix runtime PM after driver unbind - arm64/sve: Fix wrong free for task->thread.sve_state - tracing/hwlat: Report total time spent in all NMIs during the sample - tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency - ftrace: Get a reference counter for the trace_array on filter files - tracing: Get trace_array reference for available_tracers files - hwmon: Fix HWMON_P_MIN_ALARM mask - x86/asm: Fix MWAITX C-state hint value - perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization - serial: uartps: Fix uartps_major handling - usb: typec: tcpm: usb: typec: tcpm: Fix a signedness bug in tcpm_fw_get_caps() - staging: bcm2835-audio: Fix draining behavior regression - staging: rtl8188eu: fix HighestRate check in odm_ARFBRefresh_8188E() - iio: accel: adxl372: Fix/remove limitation for FIFO samples - iio: accel: adxl372: Fix push to buffers lost samples - iio: accel: adxl372: Perform a reset at start up - selinux: fix context string corruption in convert_context() - mm/z3fold.c: claim page in the beginning of free - mm/page_alloc.c: fix a crash in free_pages_prepare() - gpio: fix getting nonexclusive gpiods from DT - btrfs: fix balance convert to single on 32-bit host CPUs - Btrfs: fix memory leak due to concurrent append writes with fiemap - RDMA/vmw_pvrdma: Free SRQ only once - drm/i915: Whitelist COMMON_SLICE_CHICKEN2 - mtd: rawnand: au1550nd: Fix au_read_buf16() prototype * Suspend stopped working from 4.4.0-157 onwards (LP: #1844021) // Disco update: upstream stable patchset 2019-11-01 (LP: #1850974) - xhci: Increase STS_SAVE timeout in xhci_suspend() * Disco update: upstream stable patchset 2019-10-31 (LP: #1850870) - s390/process: avoid potential reading of freed stack - KVM: s390: Test for bad access register and size at the start of S390_MEM_OP - s390/topology: avoid firing events before kobjs are created - s390/cio: exclude subchannels with no parent from pseudo check - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores - KVM: PPC: Book3S HV: Don't lose pending doorbell request on migration on P9 - KVM: X86: Fix userspace set invalid CR4 - nbd: fix max number of supported devs - PM / devfreq: tegra: Fix kHz to Hz conversion - ASoC: Define a set of DAPM pre/post-up events - ASoC: sgtl5000: Improve VAG power and mute control - powerpc/mce: Fix MCE handling for huge pages - powerpc/mce: Schedule work from irq_work - powerpc/powernv: Restrict OPAL symbol map to only be readable by root - powerpc/powernv/ioda: Fix race in TCE level allocation - powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file - crypto: qat - Silence smp_processor_id() warning - crypto: skcipher - Unmap pages after an external error - crypto: cavium/zip - Add missing single_release() - crypto: caam - fix concurrency issue in givencrypt descriptor - crypto: ccree - account for TEE not ready to report - crypto: ccree - use the full crypt length value - MIPS: Treat Loongson Extensions as ASEs - power: supply: sbs-battery: use correct flags field - power: supply: sbs-battery: only return health when battery present - tracing: Make sure variable reference alias has correct var_ref_idx - usercopy: Avoid HIGHMEM pfn warning - timer: Read jiffies once when forwarding base clk - PCI: vmd: Fix shadow offsets to reflect spec changes - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout - perf stat: Fix a segmentation fault when using repeat forever - drm/omap: fix max fclk divider for omap36xx - drm/msm/dsi: Fix return value check for clk_get_parent - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors - drm/i915/gvt: update vgpu workload head pointer correctly - mmc: sdhci: improve ADMA error reporting - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" - xen/xenbus: fix self-deadlock after killing user process - ieee802154: atusb: fix use-after-free at disconnect - s390/cio: avoid calling strlen on null pointer - cfg80211: initialize on-stack chandefs - ima: always return negative code for error - ima: fix freeing ongoing ahash_request - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() - 9p: Transport error uninitialized - 9p: avoid attaching writeback_fid on mmap with type PRIVATE - xen/pci: reserve MCFG areas earlier - ceph: fix directories inode i_blkbits initialization - ceph: reconnect connection if session hang in opening state - watchdog: aspeed: Add support for AST2600 - netfilter: nf_tables: allow lookups in dynamic sets - drm/amdgpu: Fix KFD-related kernel oops on Hawaii - drm/amdgpu: Check for valid number of registers to read - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors - pwm: stm32-lp: Add check in case requested period cannot be achieved - x86/purgatory: Disable the stackleak GCC plugin for the purgatory - ntb: point to right memory window index - thermal: Fix use-after-free when unregistering thermal zone device - thermal_hwmon: Sanitize thermal_zone type - libnvdimm/region: Initialize bad block for volatile namespaces - fuse: fix memleak in cuse_channel_open - libnvdimm/nfit_test: Fix acpi_handle redefinition - sched/membarrier: Call sync_core only before usermode for same mm - sched/membarrier: Fix private expedited registration check - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() - perf build: Add detection of java-11-openjdk-devel package - kernel/elfcore.c: include proper prototypes - perf unwind: Fix libunwind build failure on i386 systems - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP - KVM: nVMX: Fix consistency check on injected exception error code - nbd: fix crash when the blksize is zero - powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure - tick: broadcast-hrtimer: Fix a race in bc_set_next - perf tools: Fix segfault in cpu_cache_level__read() - perf stat: Reset previous counts on repeat with interval - riscv: Avoid interrupts being erroneously enabled in handle_exception() - arm64: Add sysfs vulnerability show for spectre-v1 - arm64: add sysfs vulnerability show for meltdown - arm64: enable generic CPU vulnerabilites support - arm64: Always enable ssb vulnerability detection - arm64: Provide a command line to disable spectre_v2 mitigation - arm64: Advertise mitigation of Spectre-v2, or lack thereof - arm64: Always enable spectre-v2 vulnerability detection - arm64: add sysfs vulnerability show for spectre-v2 - arm64: add sysfs vulnerability show for speculative store bypass - arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2 - arm64/speculation: Support 'mitigations=' cmdline option - vfs: Fix EOVERFLOW testing in put_compat_statfs64 - coresight: etm4x: Use explicit barriers on enable/disable - staging: erofs: fix an error handling in erofs_readdir() - staging: erofs: some compressed cluster should be submitted for corrupted images - staging: erofs: add two missing erofs_workgroup_put for corrupted images - staging: erofs: detect potential multiref due to corrupted images - cfg80211: add and use strongly typed element iteration macros - cfg80211: Use const more consistently in for_each_element macros - nl80211: validate beacon head - KVM: s390: fix __insn32_query() inline assembly - crypto: caam/qi - fix error handling in ERN handler - PCI: vmd: Fix config addressing when using bus offsets - drm/atomic: Reject FLIP_ASYNC unconditionally - drm/atomic: Take the atomic toys away from X - drm/i915: to make vgpu ppgtt notificaiton as atomic operation - mac80211: keep BHs disabled while calling drv_tx_wake_queue() - mmc: tegra: Implement ->set_dma_mask() - mmc: sdhci: Let drivers define their DMA mask - libnvdimm/altmap: Track namespace boundaries in altmap - DTS: ARM: gta04: introduce legacy spi-cs-high to make display work again - xprtrdma: Toggle XPRT_CONGESTED in xprtrdma's slot methods - fuse: fix request limit - ceph: fetch cap_gen under spinlock in ceph_add_cap - perf probe: Fix to clear tev->nargs in clear_probe_trace_event() - selftests/seccomp: fix build on older kernels - iommu/amd: Fix downgrading default page-sizes in alloc_pte() - bpf: Fix bpf_event_output re-entry issue - i2c: qcom-geni: Disable DMA processing on the Lenovo Yoga C630 - mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions - nfp: abm: fix memory leak in nfp_abm_u32_knode_replace - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes - libnvdimm: prevent nvdimm from requesting key when security is disabled [ Ubuntu: 5.0.0-36.39 ] * Ubuntu-5.0.0-33.35 introduces KVM regression with old Intel CPUs and Linux guests (LP: #1851709) - Revert "KVM: x86: Manually calculate reserved bits when loading PDPTRS" * Incomplete i915 fix for 64-bit x86 kernels (LP: #1852141) // CVE-2019-0155 - SAUCE: drm/i915/cmdparser: Fix jump whitelist clearing -- Connor Kuehl <connor.ku...@canonical.com> Thu, 14 Nov 2019 09:34:44 -0800 ** Changed in: linux-raspi2 (Ubuntu Disco) Status: Confirmed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-0155 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-15794 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-raspi2 in Ubuntu. https://bugs.launchpad.net/bugs/1852233 Title: disco/linux-raspi2: 5.0.0-1023.24 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Fix Released Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: In Progress Status in Kernel SRU Workflow regression-testing series: Invalid Status in Kernel SRU Workflow security-signoff series: Fix Released Status in Kernel SRU Workflow verification-testing series: Fix Released Status in linux-raspi2 package in Ubuntu: Invalid Status in linux-raspi2 source package in Disco: Fix Released Bug description: This bug will contain status and test results related to a kernel source (or snap) as stated in the title. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1852253 packages: main: linux-raspi2 meta: linux-meta-raspi2 phase: Promote to Updates phase-changed: Monday, 02. December 2019 12:46 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: promote-to-security: Holding -- not ready for security (replication dwell) promote-to-updates: Ongoing -- packages not yet published variant: debs To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1852233/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp