This bug was fixed in the package linux-aws - 4.4.0-1009.18 --------------- linux-aws (4.4.0-1009.18) xenial; urgency=low
[ Kamal Mostafa ] * Release Tracking Bug - LP: #1672505 * aufs filesystem not available in linux-aws (LP: #1672464) - [config] AWS: aufs.ko moved to linux-image package linux-aws (4.4.0-1008.17) xenial; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - LP: #1671237 [ Ubuntu-4.4.0-67.88 ] * Recent KVM RTC cherry-picks break (some) Windows Live-Migrations (LP: #1668594) - kvm: x86: correctly reset dest_map->vector when restoring LAPIC state * Regression in 4.4.0-65-generic causes very frequent system crashes (LP: #1669611) - Revert "UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir" - Revert "UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count" - Revert "UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails" - Revert "UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails" * Upgrade Redpine RS9113 driver to support AP mode (LP: #1665211) - SAUCE: Redpine driver to support Host AP mode * NFS client : permission denied when trying to access subshare, since kernel 4.4.0-31 (LP: #1649292) - fs: Better permission checking for submounts * [Hyper-V] SAUCE: pci-hyperv fixes for SR-IOV on Azure (LP: #1665097) - SAUCE: PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal - SAUCE: pci-hyperv: properly handle pci bus remove - SAUCE: pci-hyperv: lock pci bus on device eject * [Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image (LP: #1650058) - net/mlx4_en: Fix bad WQE issue - net/mlx4_core: Fix racy CQ (Completion Queue) free - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions - net/mlx4_core: Avoid command timeouts during VF driver device shutdown * Xenial update to v4.4.49 stable release (LP: #1664960) - ARC: [arcompact] brown paper bag bug in unaligned access delay slot fixup - selinux: fix off-by-one in setprocattr - Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback" - cpumask: use nr_cpumask_bits for parsing functions - hns: avoid stack overflow with CONFIG_KASAN - ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write - target: Don't BUG_ON during NodeACL dynamic -> explicit conversion - target: Use correct SCSI status during EXTENDED_COPY exception - target: Fix early transport_generic_handle_tmr abort scenario - target: Fix COMPARE_AND_WRITE ref leak for non GOOD status - ARM: 8642/1: LPAE: catch pending imprecise abort on unmask - mac80211: Fix adding of mesh vendor IEs - netvsc: Set maximum GSO size in the right place - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send - scsi: aacraid: Fix INTx/MSI-x issue with older controllers - scsi: mpt3sas: disable ASPM for MPI2 controllers - xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend() - ALSA: seq: Fix race at creating a queue - ALSA: seq: Don't handle loop timeout at snd_seq_pool_done() - drm/i915: fix use-after-free in page_flip_completed() - Linux 4.4.49 * NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab (LP: #1650336) - SUNRPC: fix refcounting problems with auth_gss messages. * [0bda:0328] Card reader failed after S3 (LP: #1664809) - usb: hub: Wait for connection to be reestablished after port reset * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial 4.4.0-63.84~14.04.2 (LP: #1664912) - SAUCE: apparmor: fix link auditing failure due to, uninitialized var * ibmvscsis: Add SGL LIMIT (LP: #1662551) - ibmvscsis: Add SGL limit * [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions) (LP: #1663687) - scsi: storvsc: Enable tracking of queue depth - scsi: storvsc: Remove the restriction on max segment size - scsi: storvsc: Enable multi-queue support - scsi: storvsc: use tagged SRB requests if supported by the device - scsi: storvsc: properly handle SRB_ERROR when sense message is present - scsi: storvsc: properly set residual data length on errors * ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe (LP: #1662666) - blk-mq: Avoid memory reclaim when remapping queues - blk-mq: Fix failed allocation path when mapping queues * Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo (LP: #1624164) - SAUCE: i915_bpo: Remove MODULE_FIRMWARE statement for i915/kbl_dmc_ver1.bin * Intel I210 ethernet does not work both after S3 (LP: #1662763) - igb: implement igb_ptp_suspend - igb: call igb_ptp_suspend during suspend/resume cycle * [Hyper-V] Fix ring buffer handling to avoid host throttling (LP: #1661430) - Drivers: hv: vmbus: On write cleanup the logic to interrupt the host - Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host - Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read() * brd module compiled as built-in (LP: #1593293) - [Config] CONFIG_BLK_DEV_RAM=m * regession tests failing after stackprofile test is run (LP: #1661030) - SAUCE: fix regression with domain change in complain mode * Permission denied and inconsistent behavior in complain mode with 'ip netns list' command (LP: #1648903) - SAUCE: fix regression with domain change in complain mode * flock not mediated by 'k' (LP: #1658219) - SAUCE: apparmor: flock mediation is not being enforced on cache check * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt from a unshared mount namespace (LP: #1656121) - SAUCE: apparmor: null profiles should inherit parent control flags * apparmor refcount leak of profile namespace when removing profiles (LP: #1660849) - SAUCE: apparmor: fix ns ref count link when removing profiles from policy * tor in lxd: apparmor="DENIED" operation="change_onexec" namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined" name="system_tor" (LP: #1648143) - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces * apparmor_parser hangs indefinitely when called by multiple threads (LP: #1645037) - SAUCE: apparmor: fix lock ordering for mkdir * apparmor leaking securityfs pin count (LP: #1660846) - SAUCE: apparmor: fix leak on securityfs pin count * apparmor reference count leak when securityfs_setup_d_inode\ () fails (LP: #1660845) - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails * apparmor not checking error if security_pin_fs() fails (LP: #1660842) - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840) - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails * apparmor auditing denied access of special apparmor .null fi\ le (LP: #1660836) - SAUCE: apparmor: Don't audit denied access of special apparmor .null file * apparmor label leak when new label is unused (LP: #1660834) - SAUCE: apparmor: fix label leak when new label is unused * apparmor reference count bug in label_merge_insert() (LP: #1660833) - SAUCE: apparmor: fix reference count bug in label_merge_insert() * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996) - SAUCE: apparmor: fix replacement race in reading rawdata * unix domain socket cross permission check failing with nested namespaces (LP: #1660832) - SAUCE: apparmor: fix cross ns perm of unix domain sockets * docker permission issues with overlay2 storage driver (LP: #1659417) - SAUCE: overlayfs: Replace ovl_prepare_creds() with ovl_override_creds() - Revert "UBUNTU: SAUCE: cred: Add clone_cred() interface" - ovl: check mounter creds on underlying lookup * Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel (LP: #1660634) - [Config] CONFIG_NET_DROP_MONITOR=m * Xenial update to v4.4.48 stable release (LP: #1663657) - PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies - ext4: validate s_first_meta_bg at mount time - drm/nouveau/disp/gt215: Fix HDA ELD handling (thus, HDMI audio) on gt215 - drm/nouveau/nv1a,nv1f/disp: fix memory clock rate retrieval - crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg - crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes - perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory - ata: sata_mv:- Handle return value of devm_ioremap. - libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices - powerpc/eeh: Fix wrong flag passed to eeh_unfreeze_pe() - powerpc: Add missing error check to prom_find_boot_cpu() - NFSD: Fix a null reference case in find_or_create_lock_stateid() - svcrpc: fix oops in absence of krb5 module - zswap: disable changing params if init fails - cifs: initialize file_info_lock - mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone() - mm, fs: check for fatal signals in do_generic_file_read() - can: bcm: fix hrtimer/tasklet termination in bcm op removal - mmc: sdhci: Ignore unexpected CARD_INT interrupts - percpu-refcount: fix reference leak during percpu-atomic transition - HID: wacom: Fix poor prox handling in 'wacom_pl_irq' - KVM: x86: do not save guest-unsupported XSAVE state - USB: serial: qcserial: add Dell DW5570 QDL - USB: serial: pl2303: add ATEN device ID - USB: Add quirk for WORLDE easykey.25 MIDI keyboard - usb: gadget: f_fs: Assorted buffer overflow checks. - USB: serial: option: add device ID for HP lt2523 (Novatel E371) - x86/irq: Make irq activate operations symmetric - base/memory, hotplug: fix a kernel oops in show_valid_zones() - Linux 4.4.48 * Xenial update to v4.4.47 stable release (LP: #1662507) - r8152: fix the sw rx checksum is unavailable - mlxsw: spectrum: Fix memory leak at skb reallocation - mlxsw: switchx2: Fix memory leak at skb reallocation - mlxsw: pci: Fix EQE structure definition - net: lwtunnel: Handle lwtunnel_fill_encap failure - net: ipv4: fix table id in getroute response - net: systemport: Decouple flow control from __bcm_sysport_tx_reclaim - tcp: fix tcp_fastopen unaligned access complaints on sparc - openvswitch: maintain correct checksum state in conntrack actions - ravb: do not use zero-length alignment DMA descriptor - ax25: Fix segfault after sock connection timeout - net: fix harmonize_features() vs NETIF_F_HIGHDMA - net: phy: bcm63xx: Utilize correct config_intr function - ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock - tcp: initialize max window for a new fastopen socket - bridge: netlink: call br_changelink() during br_dev_newlink() - r8152: don't execute runtime suspend if the tx is not empty - af_unix: move unix_mknod() out of bindlock - qmi_wwan/cdc_ether: add device ID for HP lt2523 (Novatel E371) WWAN card - net: dsa: Bring back device detaching in dsa_slave_suspend() - Linux 4.4.47 * Xenial update to v4.4.46 stable release (LP: #1660994) - fbdev: color map copying bounds checking - tile/ptrace: Preserve previous registers for short regset write - drm: Fix broken VT switch with video=1366x768 option - mm/mempolicy.c: do not put mempolicy before using its nodemask - sysctl: fix proc_doulongvec_ms_jiffies_minmax() - ISDN: eicon: silence misleading array-bounds warning - RDMA/cma: Fix unknown symbol when CONFIG_IPV6 is not enabled - s390/ptrace: Preserve previous registers for short regset write - can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer - can: ti_hecc: add missing prepare and unprepare of the clock - ARC: udelay: fix inline assembler by adding LP_COUNT to clobber list - ARC: [arcompact] handle unaligned access delay slot corner case - parisc: Don't use BITS_PER_LONG in userspace-exported swab.h header - nfs: Don't increment lock sequence ID after NFS4ERR_MOVED - NFSv4.0: always send mode in SETATTR after EXCLUSIVE4 - SUNRPC: cleanup ida information when removing sunrpc module - drm/i915: Don't leak edid in intel_crt_detect_ddc() - IB/ipoib: move back IB LL address into the hard header - IB/umem: Release pid in error and ODP flow - s5k4ecgx: select CRC32 helper - pinctrl: broxton: Use correct PADCFGLOCK offset - platform/x86: intel_mid_powerbtn: Set IRQ_ONESHOT - mm, memcg: do not retry precharge charges - Linux 4.4.46 * Xenial update to v4.4.45 stable release (LP: #1660993) - ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it - IB/mlx5: Wait for all async command completions to complete - IB/mlx4: Set traffic class in AH - IB/mlx4: Fix out-of-range array index in destroy qp flow - IB/mlx4: Fix port query for 56Gb Ethernet links - IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs - IB/IPoIB: Remove can't use GFP_NOIO warning - perf scripting: Avoid leaking the scripting_context variable - ARM: dts: imx31: fix clock control module interrupts description - ARM: dts: imx31: move CCM device node to AIPS2 bus devices - ARM: dts: imx31: fix AVIC base address - tmpfs: clear S_ISGID when setting posix ACLs - x86/PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F - svcrpc: don't leak contexts on PROC_DESTROY - fuse: clear FR_PENDING flag when moving requests out of pending queue - PCI: Enumerate switches below PCI-to-PCIe bridges - HID: corsair: fix DMA buffers on stack - HID: corsair: fix control-transfer error handling - mmc: mxs-mmc: Fix additional cycles after transmission stop - ieee802154: atusb: do not use the stack for buffers to make them DMA able - mtd: nand: xway: disable module support - x86/ioapic: Restore IO-APIC irq_chip retrigger callback - qla2xxx: Fix crash due to null pointer access - ubifs: Fix journal replay wrt. xattr nodes - clocksource/exynos_mct: Clear interrupt when cpu is shut down - svcrdma: avoid duplicate dma unmapping during error recovery - ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs - ceph: fix bad endianness handling in parse_reply_info_extra - ARM: dts: da850-evm: fix read access to SPI flash - arm64/ptrace: Preserve previous registers for short regset write - arm64/ptrace: Preserve previous registers for short regset write - 2 - arm64/ptrace: Preserve previous registers for short regset write - 3 - arm64/ptrace: Avoid uninitialised struct padding in fpr_set() - arm64/ptrace: Reject attempts to set incomplete hardware breakpoint fields - ARM: dts: imx6qdl-nitrogen6_max: fix sgtl5000 pinctrl init - ARM: ux500: fix prcmu_is_cpu_in_wfi() calculation - ARM: 8613/1: Fix the uaccess crash on PB11MPCore - blackfin: check devm_pinctrl_get() for errors - ite-cir: initialize use_demodulator before using it - dmaengine: pl330: Fix runtime PM support for terminated transfers - selftest/powerpc: Wrong PMC initialized in pmc56_overflow test - arm64: avoid returning from bad_mode - Linux 4.4.45 [ Ubuntu: 4.4.0-66.87 ] * CVE-2017-2636 - TTY: n_hdlc, fix lockdep false positive - tty: n_hdlc: get rid of racy n_hdlc.tbuf -- Kamal Mostafa <ka...@canonical.com> Mon, 13 Mar 2017 12:13:59 -0700 ** Changed in: linux-aws (Ubuntu Xenial) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-2636 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1672505 Title: linux-aws: 4.4.0-1009.18 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1672505/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs