[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
The Hirsute Hippo has reached End of Life, so this bug will not be fixed for that release. ** Changed in: linux (Ubuntu Hirsute) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
The Groovy Gorilla has reached end of life, so this bug will not be fixed for that release ** Changed in: linux (Ubuntu Groovy) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
This bug was fixed in the package linux - 4.15.0-143.147
---
linux (4.15.0-143.147) bionic; urgency=medium
* bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811)
* CVE-2021-29650
- netfilter: x_tables: Use correct memory barriers.
* LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
(LP: #1918134)
- [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4
* Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) //
CVE-2021-28688
- xen-blkback: don't leak persistent grants from xen_blkbk_map()
* CVE-2021-20292
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
* CVE-2021-29264
- gianfar: fix jumbo packets+napi+rx overrun crash
* CVE-2021-29265
- usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
* Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
- bcache: consider the fragmentation when update the writeback rate
* Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124)
- net: usb: qmi_wwan: support ZTE P685M modem
- scripts: use pkg-config to locate libcrypto
- scripts: set proper OpenSSL include dir also for sign-file
- hugetlb: fix update_and_free_page contig page struct assumption
- drm/virtio: use kvmalloc for large allocations
- virtio/s390: implement virtio-ccw revision 2 correctly
- arm64 module: set plt* section addresses to 0x0
- arm64: Avoid redundant type conversions in xchg() and cmpxchg()
- arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
- arm64: Use correct ll/sc atomic constraints
- JFS: more checks for invalid superblock
- media: mceusb: sanity check for prescaler value
- xfs: Fix assert failure in xfs_setattr_size()
- smackfs: restrict bytes count in smackfs write functions
- net: fix up truesize of cloned skb in skb_prepare_for_shift()
- mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
- net: bridge: use switchdev for port flags set through sysfs too
- dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/
- staging: fwserial: Fix error handling in fwserial_create
- x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
- vt/consolemap: do font sum unsigned
- wlcore: Fix command execute failure 19 for wl12xx
- pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
- ath10k: fix wmi mgmt tx queue full due to race condition
- x86/build: Treat R_386_PLT32 relocation as R_386_PC32
- Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
- staging: most: sound: add sanity check for function argument
- media: uvcvideo: Allow entities with no pads
- f2fs: handle unallocated section and zone on pinned/atgc
- parisc: Bump 64-bit IRQ stack size to 64 KB
- Xen/gnttab: handle p2m update errors on a per-slot basis
- xen-netback: respect gnttab_map_refs()'s return value
- zsmalloc: account the number of compacted pages correctly
- swap: fix swapfile read/write offset
- media: v4l: ioctl: Fix memory leak in video_usercopy
- PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse
- drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails
- f2fs: fix to set/clear I_LINKABLE under i_lock
- btrfs: fix error handling in commit_fs_roots
- ALSA: hda/realtek: Add quirk for Clevo NH55RZQ
- ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board
- btrfs: raid56: simplify tracking of Q stripe presence
- btrfs: fix raid6 qstripe kmap
- usbip: tools: fix build error for multiple definition
- ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
- rsxx: Return -EFAULT if copy_to_user() fails
- dm table: fix iterate_devices based device capability checks
- dm table: fix DAX iterate_devices based device capability checks
- dm table: fix zoned iterate_devices based device capability checks
- iommu/amd: Fix sleeping in atomic in increase_address_space()
- mwifiex: pcie: skip cancel_work_sync() on reset failure path
- platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines
- platform/x86: acer-wmi: Cleanup accelerometer device handling
- platform/x86: acer-wmi: Add new force_caps module parameter
- platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
- platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
- platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch
10E SW3-016
- PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
- misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
- drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
- Revert "zram: close udev startup race condition as default groups"
- HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube
Adapter
* Bionic update: upstre
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
** Changed in: linux (Ubuntu Bionic) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
Patches submitted: https://lists.ubuntu.com/archives/kernel-team/2021-April/118727.html https://lists.ubuntu.com/archives/kernel-team/2021-April/118765.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-28688 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
** Description changed:
- Today [XSA 371](http://xenbits.xen.org/xsa/advisory-371.html) was published
which contain a security patch for a commit which is included in proposed
5.4.0-71.
- The [Patch](http://xenbits.xen.org/xsa/xsa371-linux.patch) is only 1 line
maybe you can add this security fix to 5.4.0-71 release.
- Thank you in advance.
+ [SRU Justification]
+
+ See [XSA 371](http://xenbits.xen.org/xsa/advisory-371.html). commit
+ 871997bc9e423f05c7da7c9178e62dde5df2a7f8 ("xen-blkback: fix error
+ handling in xen_blkbk_map()") introduced a security vulnerability.
Original Commit:
- XSA-365: xen-blkback: fix error handling in xen_blkbk_map()
+ 871997bc9e423f05c7da7c9178e62dde5df2a7f8 ("xen-blkback: fix error handling in
xen_blkbk_map()")
New commit with security fix:
- XSA-371: xen-blkback: don't leak persistent grants from xen_blkbk_map()
+ a846738f8c3788d846ed1f587270d2f2e3d32432 ("xen-blkback: don't leak persistent
grants from xen_blkbk_map()")
- See
+ [Test Plan]
+ none
+
+ [Where problems could occur]
+ Unkown
+
+ [Other Info]
- http://xenbits.xen.org/xsa/advisory-371.html
- http://xenbits.xen.org/xsa/xsa371-linux.patch
- http://xenbits.xen.org/xsa/advisory-365.html
- http://xenbits.xen.org/xsa/xsa365-linux.patch
** Description changed:
[SRU Justification]
See [XSA 371](http://xenbits.xen.org/xsa/advisory-371.html). commit
871997bc9e423f05c7da7c9178e62dde5df2a7f8 ("xen-blkback: fix error
handling in xen_blkbk_map()") introduced a security vulnerability.
Original Commit:
871997bc9e423f05c7da7c9178e62dde5df2a7f8 ("xen-blkback: fix error handling in
xen_blkbk_map()")
New commit with security fix:
a846738f8c3788d846ed1f587270d2f2e3d32432 ("xen-blkback: don't leak persistent
grants from xen_blkbk_map()")
[Test Plan]
none
[Where problems could occur]
- Unkown
+ Unknown
[Other Info]
- http://xenbits.xen.org/xsa/advisory-371.html
- http://xenbits.xen.org/xsa/xsa371-linux.patch
- http://xenbits.xen.org/xsa/advisory-365.html
- http://xenbits.xen.org/xsa/xsa365-linux.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1921902
Title:
Security-Fix Xen XSA 371 for Kernel 5.4.0-71
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Hirsute) Importance: Undecided Status: Confirmed ** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress ** Changed in: linux (Ubuntu Bionic) Status: New => In Progress ** Changed in: linux (Ubuntu Focal) Status: New => In Progress ** Changed in: linux (Ubuntu Groovy) Status: New => In Progress ** Changed in: linux (Ubuntu Hirsute) Status: Confirmed => In Progress ** Tags added: bot-stop-nagging ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Groovy) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Hirsute) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Focal) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Groovy) Assignee: (unassigned) => Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Hirsute) Assignee: (unassigned) => Tim Gardner (timg-tpi) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
upstream commit a846738f8c3788d846ed1f587270d2f2e3d32432 ("xen-blkback:
don't leak persistent grants from xen_blkbk_map()")
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1921902
Title:
Security-Fix Xen XSA 371 for Kernel 5.4.0-71
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921902] Re: Security-Fix Xen XSA 371 for Kernel 5.4.0-71
Due to kind of report are no logs available. ** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921902 Title: Security-Fix Xen XSA 371 for Kernel 5.4.0-71 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1921902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
