This bug was fixed in the package linux - 5.3.0-64.58

---------------
linux (5.3.0-64.58) eoan; urgency=medium

  * eoan/linux: 5.3.0-64.58 -proposed tracker (LP: #1887088)

  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.3.0-63.57) eoan; urgency=medium

  * eoan/linux: 5.3.0-63.57 -proposed tracker (LP: #1885495)

  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * The thread level parallelism would be a bottleneck when searching for the
    shared pmd by using hugetlbfs (LP: #1882039)
    - hugetlbfs: take read_lock on i_mmap for PMD sharing

  * Eoan update: upstream stable patchset 2020-06-30 (LP: #1885775)
    - ipv6: fix IPV6_ADDRFORM operation logic
    - net_failover: fixed rollback in net_failover_open()
    - bridge: Avoid infinite loop when suppressing NS messages with invalid
      options
    - vxlan: Avoid infinite loop when suppressing NS messages with invalid 
options
    - tun: correct header offsets in napi frags mode
    - Input: mms114 - fix handling of mms345l
    - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
    - sched/fair: Don't NUMA balance for kthreads
    - Input: synaptics - add a second working PNP_ID for Lenovo T470s
    - drivers/net/ibmvnic: Update VNIC protocol version reporting
    - powerpc/xive: Clear the page tables for the ESB IO mapping
    - ath9k_htc: Silence undersized packet warnings
    - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
    - x86/cpu/amd: Make erratum #1054 a legacy erratum
    - perf probe: Accept the instance number of kretprobe event
    - mm: add kvfree_sensitive() for freeing sensitive data objects
    - aio: fix async fsync creds
    - x86_64: Fix jiffies ODR violation
    - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
    - x86/speculation: Prevent rogue cross-process SSBD shutdown
    - x86/reboot/quirks: Add MacBook6,1 reboot quirk
    - efi/efivars: Add missing kobject_put() in sysfs entry creation error path
    - ALSA: es1688: Add the missed snd_card_free()
    - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
    - ALSA: usb-audio: Fix inconsistent card PM state after resume
    - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
      Dock
    - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
    - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
    - ACPI: GED: add support for _Exx / _Lxx handler methods
    - ACPI: PM: Avoid using power resources if there are none for D0
    - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
    - spi: dw: Fix controller unregister order
    - spi: bcm2835aux: Fix controller unregister order
    - spi: bcm-qspi: when tx/rx buffer is NULL set to 0
    - PM: runtime: clk: Fix clk_pm_runtime_get() error path
    - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
      fully iterated
    - ALSA: pcm: disallow linking stream to itself
    - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
      poisoned
    - KVM: x86: Fix APIC page invalidation race
    - KVM: x86/mmu: Consolidate "is MMIO SPTE" code
    - KVM: x86: only do L1TF workaround on affected processors
    - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
      IBRS.
    - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
    - spi: Fix controller unregister order
    - spi: pxa2xx: Fix controller unregister order
    - spi: bcm2835: Fix controller unregister order
    - spi: pxa2xx: Fix runtime PM ref imbalance on probe error
    - crypto: virtio: Fix use-after-free in 
virtio_crypto_skcipher_finalize_req()
    - crypto: virtio: Fix src/dst scatterlist calculation in
      __virtio_crypto_skcipher_do_req()
    - crypto: virtio: Fix dest length calculation in
      __virtio_crypto_skcipher_do_req()
    - selftests/net: in rxtimestamp getopt_long needs terminating null entry
    - ovl: initialize error in ovl_copy_xattr
    - proc: Use new_inode not new_inode_pseudo
    - video: fbdev: w100fb: Fix a potential double free.
    - KVM: nSVM: fix condition for filtering async PF
    - KVM: nSVM: leave ASID aside in copy_vmcb_control_area
    - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
    - KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
    - KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
    - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
    - scsi: megaraid_sas: TM command refire leads to controller firmware crash
    - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
    - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
    - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
    - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
    - Smack: slab-out-of-bounds in vsscanf
    - drm/vkms: Hold gem object while still in-use
    - mm/slub: fix a memory leak in sysfs_slab_add()
    - fat: don't allow to mount if the FAT length == 0
    - perf: Add cond_resched() to task_function_call()
    - agp/intel: Reinforce the barrier after GTT updates
    - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
    - ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
    - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
    - xen/pvcalls-back: test for errors when calling backend_connect()
    - KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
    - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
    - drm: bridge: adv7511: Extend list of audio sample rates
    - crypto: ccp -- don't "select" CONFIG_DMADEVICES
    - media: si2157: Better check for running tuner in init
    - objtool: Ignore empty alternatives
    - spi: pxa2xx: Apply CS clk quirk to BXT
    - net: atlantic: make hw_get_regs optional
    - net: ena: fix error returning in ena_com_get_hash_function()
    - efi/libstub/x86: Work around LLVM ELF quirk build regression
    - arm64: cacheflush: Fix KGDB trap detection
    - spi: dw: Zero DMA Tx and Rx configurations on stack
    - arm64: insn: Fix two bugs in encoding 32-bit logical immediates
    - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
    - MIPS: Loongson: Build ATI Radeon GPU driver as module
    - Bluetooth: Add SCO fallback for invalid LMP parameters error
    - kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
    - kgdb: Prevent infinite recursive entries to the debugger
    - spi: dw: Enable interrupts in accordance with DMA xfer mode
    - clocksource: dw_apb_timer: Make CPU-affiliation being optional
    - clocksource: dw_apb_timer_of: Fix missing clockevent timers
    - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
    - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
    - batman-adv: Revert "disable ethtool link speed detection when auto
      negotiation off"
    - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
    - spi: dw: Fix Rx-only DMA transfers
    - x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
    - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
      vmxnet3_get_rss()
    - staging: android: ion: use vmap instead of vm_map_ram
    - brcmfmac: fix wrong location to get firmware feature
    - tools api fs: Make xxx__mountpoint() more scalable
    - e1000: Distribute switch variables for initialization
    - dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
    - audit: fix a net reference leak in audit_send_reply()
    - media: dvb: return -EREMOTEIO on i2c transfer failure.
    - media: platform: fcp: Set appropriate DMA parameters
    - MIPS: Make sparse_init() using top-down allocation
    - Bluetooth: btbcm: Add 2 missing models to subver tables
    - audit: fix a net reference leak in audit_list_rules_send()
    - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
    - selftests/bpf: Fix memory leak in extract_build_id()
    - net: bcmgenet: set Rx mode before starting netif
    - lib/mpi: Fix 64-bit MIPS build with Clang
    - exit: Move preemption fixup up, move blocking operations down
    - sched/core: Fix illegal RCU from offline CPUs
    - drivers/perf: hisi: Fix typo in events attribute array
    - net: lpc-enet: fix error return code in lpc_mii_init()
    - media: cec: silence shift wrapping warning in __cec_s_log_addrs()
    - net: allwinner: Fix use correct return type for ndo_start_xmit()
    - powerpc/spufs: fix copy_to_user while atomic
    - xfs: clean up the error handling in xfs_swap_extents
    - Crypto/chcr: fix for ccm(aes) failed test
    - MIPS: Truncate link address into 32bit for 32bit kernel
    - mips: cm: Fix an invalid error code of INTVN_*_ERR
    - kgdb: Fix spurious true from in_dbg_master()
    - xfs: reset buffer write failure state on successful completion
    - xfs: fix duplicate verification from xfs_qm_dqflush()
    - platform/x86: intel-vbtn: Use acpi_evaluate_integer()
    - platform/x86: intel-vbtn: Split keymap into buttons and switches parts
    - platform/x86: intel-vbtn: Do not advertise switches to userspace if they 
are
      not there
    - platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" 
and
      "Portable" chassis-types
    - nvme: refine the Qemu Identify CNS quirk
    - ath10k: Remove msdu from idr when management pkt send fails
    - wcn36xx: Fix error handling path in 'wcn36xx_probe()'
    - net: qed*: Reduce RX and TX default ring count when running inside kdump
      kernel
    - mt76: avoid rx reorder buffer overflow
    - md: don't flush workqueue unconditionally in md_open
    - veth: Adjust hard_start offset on redirect XDP frames
    - net/mlx5e: IPoIB, Drop multicast packets that this interface sent
    - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
    - mwifiex: Fix memory corruption in dump_station
    - x86/boot: Correct relocation destination on old linkers
    - mips: MAAR: Use more precise address mask
    - mips: Add udelay lpj numbers adjustment
    - crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
    - crypto: stm32/crc32 - fix run-time self test issue.
    - crypto: stm32/crc32 - fix multi-instance
    - x86/mm: Stop printing BRK addresses
    - m68k: mac: Don't call via_flush_cache() on Mac IIfx
    - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a 
new
      qgroup
    - macvlan: Skip loopback packets in RX handler
    - PCI: Don't disable decoding when mmio_always_on is set
    - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
    - bcache: fix refcount underflow in bcache_device_free()
    - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
    - staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
    - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
    - ixgbe: fix signed-integer-overflow warning
    - mmc: sdhci-esdhc-imx: fix the mask for tuning start point
    - spi: dw: Return any value retrieved from the dma_transfer callback
    - cpuidle: Fix three reference count leaks
    - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
    - platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
    - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / 
"Laptop"
      chasis-type
    - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
    - btrfs: include non-missing as a qualifier for the latest_bdev
    - btrfs: send: emit file capabilities after chown
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
    - mm: initialize deferred pages with interrupts enabled
    - ima: Fix ima digest hash table key calculation
    - ima: Directly assign the ima_default_policy pointer to ima_rules
    - evm: Fix possible memory leak in evm_calc_hmac_or_hash()
    - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
    - ext4: fix error pointer dereference
    - ext4: fix race between ext4_sync_parent() and rename()
    - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
    - PCI: Add ACS quirk for iProc PAXB
    - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
    - PCI: mediatek: Add controller support for MT7629
    - ALSA: lx6464es - add support for LX6464ESe pci express variant
    - PCI: Add Genesys Logic, Inc. Vendor ID
    - PCI: Add Amazon's Annapurna Labs vendor ID
    - PCI: vmd: Add device id for VMD device 8086:9A0B
    - x86/amd_nb: Add Family 19h PCI IDs
    - PCI: Add Loongson vendor ID
    - serial: 8250_pci: Move Pericom IDs to pci_ids.h
    - btrfs: fix error handling when submitting direct I/O bio
    - btrfs: fix wrong file range cleanup after an error filling dealloc range
    - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
    - PCI: Program MPS for RCiEP devices
    - e1000e: Relax condition to trigger reset for ME workaround
    - carl9170: remove P2P_GO support
    - media: go7007: fix a miss of snd_card_free
    - Bluetooth: hci_bcm: fix freeing not-requested IRQ
    - b43legacy: Fix case where channel status is corrupted
    - b43: Fix connection problem with WPA3
    - b43_legacy: Fix connection problem with WPA3
    - media: ov5640: fix use of destroyed mutex
    - igb: Report speed and duplex as unknown when device is runtime suspended
    - power: vexpress: add suppress_bind_attrs to true
    - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
    - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
    - gnss: sirf: fix error return code in sirf_probe()
    - sparc32: fix register window handling in genregs32_[gs]et()
    - sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
    - dm crypt: avoid truncating the logical block size
    - alpha: fix memory barriers so that they conform to the specification
    - kernel/cpu_pm: Fix uninitted local in cpu_pm
    - ARM: tegra: Correct PL310 Auxiliary Control Register initialization
    - ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
    - ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
    - ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
    - drivers/macintosh: Fix memleak in windfarm_pm112 driver
    - powerpc/64s: Don't let DT CPU features set FSCR_DSCR
    - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
    - kbuild: force to build vmlinux if CONFIG_MODVERSION=y
    - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate
      registrations.
    - sunrpc: clean up properly in gss_mech_unregister()
    - mtd: rawnand: brcmnand: fix hamming oob layout
    - mtd: rawnand: pasemi: Fix the probe error path
    - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
    - perf probe: Do not show the skipped events
    - perf probe: Fix to check blacklist address correctly
    - perf probe: Check address correctness by map instead of _etext
    - perf symbols: Fix debuginfo search for Ubuntu
    - mlxsw: core: Use different get_trend() callbacks for different thermal 
zones
    - elfnote: mark all .note sections SHF_ALLOC
    - csky: Fixup abiv2 syscall_trace break a4 & a5
    - gfs2: Even more gfs2_find_jhead fixes
    - spi: dw: Fix native CS being unset
    - s390/pci: Log new handle in clp_disable_fh()
    - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
    - selftests: fix flower parent qdisc
    - fanotify: fix ignore mask logic for events on child and on dir
    - perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel
      Tremont
    - KVM: x86: respect singlestep when emulating instruction
    - powerpc/ptdump: Properly handle non standard page size
    - ASoC: max9867: fix volume controls
    - io_uring: use kvfree() in io_sqe_buffer_register()
    - smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
    - smb3: add indatalen that can be a non-zero value to calculation of credit
      charge in smb2 ioctl
    - watchdog: imx_sc_wdt: Fix reboot on crash
    - ALSA: fireface: fix configuration error for nominal sampling transfer
      frequency
    - ALSA: pcm: fix snd_pcm_link() lockdep splat
    - arm64: acpi: fix UBSAN warning
    - lib/lzo: fix ambiguous encoding bug in lzo-rle
    - spi: bcm-qspi: Handle clock probe deferral
    - gup: document and work around "COW can break either way" issue
    - crypto: algapi - Avoid spurious modprobe on LOADED
    - crypto: drbg - fix error return code in drbg_alloc_state()
    - firmware: imx: warn on unexpected RX
    - firmware: imx-scu: Support one TX and one RX
    - firmware: imx: scu: Fix corruption of header
    - dccp: Fix possible memleak in dccp_init and dccp_fini
    - net/mlx5: drain health workqueue in case of driver load error
    - net/mlx5: Fix fatal error handling during device load
    - net/mlx5e: Fix repeated XSK usage on one channel
    - remoteproc: Fall back to using parent memory pool if no dedicated 
available
    - remoteproc: Fix and restore the parenting hierarchy for vdev
    - cpufreq: Fix up cpufreq_boost_set_sw()
    - EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable
    - video: vt8500lcdfb: fix fallthrough warning
    - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
    - KVM: arm64: Stop writing aarch32's CSSELR into ACTLR
    - selftests/ftrace: Return unsupported if no error_log file
    - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
    - mmc: tmio: Further fixup runtime PM management at remove
    - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
    - mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card()
    - block/floppy: fix contended case in floppy_queue_rq()
    - KVM: arm64: Save the host's PtrAuth keys in non-preemptible context

  * Eoan update: upstream stable patchset 2020-06-24 (LP: #1885011)
    - devinet: fix memleak in inetdev_init()
    - l2tp: add sk_family checks to l2tp_validate_socket
    - l2tp: do not use inet_hash()/inet_unhash()
    - net: usb: qmi_wwan: add Telit LE910C1-EUX composition
    - NFC: st21nfca: add missed kfree_skb() in an error path
    - vsock: fix timeout in vsock_accept()
    - net: check untrusted gso_size at kernel entry
    - USB: serial: qcserial: add DW5816e QDL support
    - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
    - USB: serial: option: add Telit LE910C1-EUX compositions
    - iio: vcnl4000: Fix i2c swapped word reading.
    - usb: musb: start session in resume for host port
    - usb: musb: Fix runtime PM imbalance on error
    - vt: keyboard: avoid signed integer overflow in k_ascii
    - tty: hvc_console, fix crashes on parallel open/close
    - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
    - CDC-ACM: heed quirk also in error handling
    - nvmem: qfprom: remove incorrect write support
    - uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly
      aligned
    - Revert "net/mlx5: Annotate mutex destroy for root ns"
    - net/mlx5: Fix crash upon suspend/resume
    - net: stmmac: enable timestamp snapshot for required PTP packets in dwmac
      v5.10a
    - nfp: flower: fix used time of merge flow statistics
    - net: be more gentle about silly gso requests coming from user
    - USB: serial: ch341: add basis for quirk detection
    - iio:chemical:sps30: Fix timestamp alignment
    - iio:chemical:pms7003: Fix timestamp alignment and prevent data leak.
    - iio: adc: stm32-adc: fix a wrong error message when probing interrupts

  * Eoan update: upstream stable patchset 2020-06-19 (LP: #1884296)
    - Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race
      window"
    - HID: sony: Fix for broken buttons on DS3 USB dongles
    - HID: i2c-hid: add Schneider SCL142ALM to descriptor override
    - p54usb: add AirVasT USB stick device-id
    - mmc: fix compilation of user API
    - scsi: ufs: Release clock if DMA map fails
    - net: dsa: mt7530: set CPU port to fallback mode
    - airo: Fix read overflows sending packets
    - powerpc/powernv: Avoid re-registration of imc debugfs directory
    - s390/ftrace: save traced function caller
    - ARC: Fix ICCM & DCCM runtime size checks
    - ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT
    - evm: Fix RCU list related warnings
    - i2c: altera: Fix race between xfer_msg and isr thread
    - x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables
    - net: bmac: Fix read of MAC address from ROM
    - drm/edid: Add Oculus Rift S to non-desktop list
    - s390/mm: fix set_huge_pte_at() for empty ptes
    - null_blk: return error for invalid zone size
    - net/ethernet/freescale: rework quiesce/activate for ucc_geth
    - net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x
    - net: smsc911x: Fix runtime PM imbalance on error
    - HID: multitouch: add support for the Smart Tech panel
    - HID: multitouch: enable multi-input as a quirk for some devices
    - mt76: mt76x02u: Add support for newer versions of the XBox One wifi 
adapter
    - media: Revert "staging: imgu: Address a compiler warning on alignment"
    - media: staging: ipu3-imgu: Move alignment attribute to field
    - ASoC: intel - fix the card names
    - RDMA/qedr: Fix qpids xarray api used
    - RDMA/qedr: Fix synchronization methods and memory leaks in qedr
    - io_uring: initialize ctx->sqo_wait earlier
    - selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer

  * Eoan update: upstream stable patchset 2020-06-09 (LP: #1882831)
    - ax25: fix setsockopt(SO_BINDTODEVICE)
    - dpaa_eth: fix usage as DSA master, try 3
    - net: dsa: mt7530: fix roaming from DSA user ports
    - __netif_receive_skb_core: pass skb by reference
    - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
    - net: ipip: fix wrong address family in init error path
    - net/mlx5: Add command entry handling completion
    - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
    - net: revert "net: get rid of an signed integer overflow in
      ip_idents_reserve()"
    - net sched: fix reporting the first-time use timestamp
    - r8152: support additional Microsoft Surface Ethernet Adapter variant
    - sctp: Don't add the shutdown timer if its already been added
    - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and
      socket is closed
    - net/mlx5e: Update netdev txq on completions during closure
    - net/mlx5: Annotate mutex destroy for root ns
    - net: sun: fix missing release regions in cas_init_one().
    - net/mlx4_core: fix a memory leak bug.
    - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case 
reload
      fails
    - ARM: dts: rockchip: fix phy nodename for rk3228-evb
    - arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts
    - arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node
    - ARM: dts: rockchip: swap clock-names of gpu nodes
    - ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi
    - gpio: tegra: mask GPIO IRQs during IRQ shutdown
    - ALSA: usb-audio: add mapping for ASRock TRX40 Creator
    - net: microchip: encx24j600: add missed kthread_stop
    - gfs2: move privileged user check to gfs2_quota_lock_check
    - cachefiles: Fix race between read_waiter and read_copier involving 
op->to_do
    - usb: dwc3: pci: Enable extcon driver for Intel Merrifield
    - usb: gadget: legacy: fix redundant initialization warnings
    - net: freescale: select CONFIG_FIXED_PHY where needed
    - IB/i40iw: Remove bogus call to netdev_master_upper_dev_get()
    - riscv: stacktrace: Fix undefined reference to `walk_stackframe'
    - cifs: Fix null pointer check in cifs_read
    - samples: bpf: Fix build error
    - Input: usbtouchscreen - add support for BonXeon TP
    - Input: evdev - call input_flush_device() on release(), not flush()
    - Input: xpad - add custom init packet for Xbox One S controllers
    - Input: dlink-dir685-touchkeys - fix a typo in driver name
    - Input: i8042 - add ThinkPad S230u to i8042 reset list
    - Input: synaptics-rmi4 - really fix attn_data use-after-free
    - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()
    - ARM: 8970/1: decompressor: increase tag size
    - ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h
    - ARM: uaccess: integrate uaccess_save and uaccess_restore
    - ARM: uaccess: fix DACR mismatch with nested exceptions
    - gpio: exar: Fix bad handling for ida_simple_get error path
    - IB/qib: Call kobject_put() when kobject_init_and_add() fails
    - ARM: dts/imx6q-bx50v3: Set display interface clock parents
    - ARM: dts: bcm2835-rpi-zero-w: Fix led polarity
    - ARM: dts: bcm: HR2: Fix PPI interrupt types
    - mmc: block: Fix use-after-free issue for rpmb
    - RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe()
    - ALSA: hwdep: fix a left shifting 1 by 31 UB bug
    - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround
    - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
    - exec: Always set cap_ambient in cap_bprm_set_creds
    - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio
    - ALSA: hda/realtek - Add new codec supported for ALC287
    - libceph: ignore pool overlay and cache logic on redirects
    - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode
    - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
    - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
    - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
    - iommu: Fix reference count leak in iommu_group_alloc.
    - parisc: Fix kernel panic in mem_init()
    - RDMA/core: Fix double destruction of uobject
    - mac80211: mesh: fix discovery timer re-arming issue / crash
    - x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
    - copy_xstate_to_kernel(): don't leave parts of destination uninitialized
    - xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
    - xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
    - xfrm interface: fix oops when deleting a x-netns interface
    - xfrm: fix a warning in xfrm_policy_insert_list
    - xfrm: fix a NULL-ptr deref in xfrm_local_error
    - xfrm: fix error in comment
    - ip_vti: receive ipip packet by calling ip_tunnel_rcv
    - netfilter: nft_reject_bridge: enable reject with bridge vlan
    - netfilter: ipset: Fix subcounter update skip
    - netfilter: nfnetlink_cthelper: unbreak userspace helper support
    - netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
    - esp6: get the right proto for transport mode in esp6_gso_encap
    - bnxt_en: Fix accumulation of bp->net_stats_prev.
    - xsk: Add overflow check for u64 division, stored into u32
    - qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
    - crypto: chelsio/chtls: properly set tp->lsndtime
    - bonding: Fix reference count leak in bond_sysfs_slave_add.
    - netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
    - net: don't return invalid table id error when we fall back to PF_UNSPEC
    - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
    - net: mvpp2: fix RX hashing for non-10G ports
    - net: nlmsg_cancel() if put fails for nhmsg
    - net/tls: fix race condition causing kernel panic
    - nexthop: Fix attribute checking for groups
    - tipc: block BH before using dst_cache
    - net/mlx5e: kTLS, Destroy key object after destroying the TIS
    - net/mlx5e: Fix inner tirs handling
    - net/mlx5: Fix memory leak in mlx5_events_init
    - net/mlx5: Fix error flow in case of function_setup failure
    - net/tls: fix encryption error checking
    - net/tls: free record only on encryption error
    - gfs2: Grab glock reference sooner in gfs2_add_revoke
    - drm/amd/powerplay: perform PG ungate prior to CG ungate
    - usb: phy: twl6030-usb: Fix a resource leak in an error handling path in
      'twl6030_usb_probe()'
    - clk: ti: am33xx: fix RTC clock parent
    - csky: Fixup msa highest 3 bits mask
    - csky: Fixup perf callchain unwind
    - csky: Fixup remove duplicate irq_disable
    - csky: Fixup raw_copy_from_user()
    - arm64: dts: mt8173: fix vcodec-enc clock
    - soc: mediatek: cmdq: return send msg error code
    - gpu/drm: Ingenic: Fix opaque pointer casted to wrong type
    - gpio: pxa: Fix return value of pxa_gpio_probe()
    - gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe()
    - ceph: flush release queue when handling caps for unknown inode
    - drm/amd/display: drop cursor position check in atomic test
    - Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and
      REQ_NOWAIT"
    - gpio: fix locking open drain IRQ lines
    - xfrm: do pskb_pull properly in __xfrm_transport_prep
    - xfrm: remove the xfrm_state_put call becofe going to out_reset
    - netfilter: conntrack: make conntrack userspace helpers work again
    - ieee80211: Fix incorrect mask for default PE duration
    - nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry
    - nexthops: don't modify published nexthop groups
    - nexthop: Expand nexthop_is_multipath in a few places
    - ipv4: nexthop version of fib_info_nh_uses_dev
    - netfilter: conntrack: comparison of unsigned in cthelper confirmation
    - netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
    - perf: Make perf able to build with latest libbfd

  * shiftfs: O_TMPFILE reports ESTALE (LP: #1872757)
    - SAUCE: shiftfs: prevent ESTALE for LOOKUP_JUMP lookups

  * shiftfs: fix btrfs regression (LP: #1884767)
    - SAUCE: Revert "UBUNTU: SAUCE: shiftfs: fix dentry revalidation"

  * Update lockdown patches (LP: #1884159)
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: Restrict when kernel is locked down
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - SAUCE: selftests: net: ip_defrag: limit packet to 1000 fragments
    - selftests: net: ip_defrag: ignore EPERM

  * CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap

  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount

  * apparmor reference leak causes refcount_t overflow with af_alg_accept()
    (LP: #1883962)
    - apparmor: check/put label on apparmor_sk_clone_security()

  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start

  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open

 -- Khalid Elmously <khalid.elmou...@canonical.com>  Fri, 10 Jul 2020
15:22:34 -0400

** Changed in: linux (Ubuntu Eoan)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-16089

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19642

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10757

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11935

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1882831

Title:
  Eoan update: upstream stable patchset 2020-06-09

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Eoan:
  Fix Released

Bug description:
  SRU Justification

      Impact:
         The upstream process for stable tree updates is quite similar
         in scope to the Ubuntu SRU process, e.g., each patch has to
         demonstrably fix a bug, and each patch is vetted by upstream
         by originating either directly from a mainline/stable Linux tree or
         a minimally backported form of that patch. The following upstream
         stable patches should be included in the Ubuntu kernel:

         upstream stable patchset 2020-06-09

                  Ported from the following upstream stable releases:
                          v4.19.126, v5.4.44

         from git://git.kernel.org/

  ax25: fix setsockopt(SO_BINDTODEVICE)
  dpaa_eth: fix usage as DSA master, try 3
  net: dsa: mt7530: fix roaming from DSA user ports
  __netif_receive_skb_core: pass skb by reference
  net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
  net: ipip: fix wrong address family in init error path
  net/mlx5: Add command entry handling completion
  net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
  net: revert "net: get rid of an signed integer overflow in 
ip_idents_reserve()"
  net sched: fix reporting the first-time use timestamp
  r8152: support additional Microsoft Surface Ethernet Adapter variant
  sctp: Don't add the shutdown timer if its already been added
  sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and 
socket is closed
  net/mlx5e: Update netdev txq on completions during closure
  net/mlx5: Annotate mutex destroy for root ns
  net: sun: fix missing release regions in cas_init_one().
  net/mlx4_core: fix a memory leak bug.
  mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload 
fails
  ARM: dts: rockchip: fix phy nodename for rk3228-evb
  arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts
  arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node
  ARM: dts: rockchip: swap clock-names of gpu nodes
  ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi
  gpio: tegra: mask GPIO IRQs during IRQ shutdown
  ALSA: usb-audio: add mapping for ASRock TRX40 Creator
  net: microchip: encx24j600: add missed kthread_stop
  gfs2: move privileged user check to gfs2_quota_lock_check
  cachefiles: Fix race between read_waiter and read_copier involving op->to_do
  usb: dwc3: pci: Enable extcon driver for Intel Merrifield
  usb: gadget: legacy: fix redundant initialization warnings
  net: freescale: select CONFIG_FIXED_PHY where needed
  IB/i40iw: Remove bogus call to netdev_master_upper_dev_get()
  riscv: stacktrace: Fix undefined reference to `walk_stackframe'
  cifs: Fix null pointer check in cifs_read
  samples: bpf: Fix build error
  Input: usbtouchscreen - add support for BonXeon TP
  Input: evdev - call input_flush_device() on release(), not flush()
  Input: xpad - add custom init packet for Xbox One S controllers
  Input: dlink-dir685-touchkeys - fix a typo in driver name
  Input: i8042 - add ThinkPad S230u to i8042 reset list
  Input: synaptics-rmi4 - really fix attn_data use-after-free
  Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()
  ARM: 8970/1: decompressor: increase tag size
  ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h
  ARM: uaccess: integrate uaccess_save and uaccess_restore
  ARM: uaccess: fix DACR mismatch with nested exceptions
  gpio: exar: Fix bad handling for ida_simple_get error path
  IB/qib: Call kobject_put() when kobject_init_and_add() fails
  ARM: dts/imx6q-bx50v3: Set display interface clock parents
  ARM: dts: bcm2835-rpi-zero-w: Fix led polarity
  ARM: dts: bcm: HR2: Fix PPI interrupt types
  mmc: block: Fix use-after-free issue for rpmb
  RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe()
  ALSA: hwdep: fix a left shifting 1 by 31 UB bug
  ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround
  ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC
  exec: Always set cap_ambient in cap_bprm_set_creds
  ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio
  ALSA: hda/realtek - Add new codec supported for ALC287
  libceph: ignore pool overlay and cache logic on redirects
  IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode
  mm: remove VM_BUG_ON(PageSlab()) from page_mapcount()
  fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
  include/asm-generic/topology.h: guard cpumask_of_node() macro argument
  iommu: Fix reference count leak in iommu_group_alloc.
  parisc: Fix kernel panic in mem_init()
  RDMA/core: Fix double destruction of uobject
  mac80211: mesh: fix discovery timer re-arming issue / crash
  x86/dma: Fix max PFN arithmetic overflow on 32 bit systems
  copy_xstate_to_kernel(): don't leave parts of destination uninitialized
  xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
  xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
  xfrm interface: fix oops when deleting a x-netns interface
  xfrm: fix a warning in xfrm_policy_insert_list
  xfrm: fix a NULL-ptr deref in xfrm_local_error
  xfrm: fix error in comment
  ip_vti: receive ipip packet by calling ip_tunnel_rcv
  netfilter: nft_reject_bridge: enable reject with bridge vlan
  netfilter: ipset: Fix subcounter update skip
  netfilter: nfnetlink_cthelper: unbreak userspace helper support
  netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
  esp6: get the right proto for transport mode in esp6_gso_encap
  bnxt_en: Fix accumulation of bp->net_stats_prev.
  xsk: Add overflow check for u64 division, stored into u32
  qlcnic: fix missing release in qlcnic_83xx_interrupt_test.
  crypto: chelsio/chtls: properly set tp->lsndtime
  bonding: Fix reference count leak in bond_sysfs_slave_add.
  netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
  net: don't return invalid table id error when we fall back to PF_UNSPEC
  net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
  net: mvpp2: fix RX hashing for non-10G ports
  net: nlmsg_cancel() if put fails for nhmsg
  net/tls: fix race condition causing kernel panic
  nexthop: Fix attribute checking for groups
  tipc: block BH before using dst_cache
  net/mlx5e: kTLS, Destroy key object after destroying the TIS
  net/mlx5e: Fix inner tirs handling
  net/mlx5: Fix memory leak in mlx5_events_init
  net/mlx5: Fix error flow in case of function_setup failure
  net/tls: fix encryption error checking
  net/tls: free record only on encryption error
  gfs2: Grab glock reference sooner in gfs2_add_revoke
  drm/amd/powerplay: perform PG ungate prior to CG ungate
  usb: phy: twl6030-usb: Fix a resource leak in an error handling path in 
'twl6030_usb_probe()'
  clk: ti: am33xx: fix RTC clock parent
  csky: Fixup msa highest 3 bits mask
  csky: Fixup perf callchain unwind
  csky: Fixup remove duplicate irq_disable
  csky: Fixup raw_copy_from_user()
  arm64: dts: mt8173: fix vcodec-enc clock
  soc: mediatek: cmdq: return send msg error code
  gpu/drm: Ingenic: Fix opaque pointer casted to wrong type
  gpio: pxa: Fix return value of pxa_gpio_probe()
  gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe()
  ceph: flush release queue when handling caps for unknown inode
  drm/amd/display: drop cursor position check in atomic test
  Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and 
REQ_NOWAIT"
  gpio: fix locking open drain IRQ lines
  xfrm: do pskb_pull properly in __xfrm_transport_prep
  xfrm: remove the xfrm_state_put call becofe going to out_reset
  netfilter: conntrack: make conntrack userspace helpers work again
  ieee80211: Fix incorrect mask for default PE duration
  nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry
  nexthops: don't modify published nexthop groups
  nexthop: Expand nexthop_is_multipath in a few places
  ipv4: nexthop version of fib_info_nh_uses_dev
  netfilter: conntrack: comparison of unsigned in cthelper confirmation
  netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update
  perf: Make perf able to build with latest libbfd
  UBUNTU: upstream stable to v4.19.126, v5.4.44

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1882831/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to