canonical-hw-cert team mailing list archive
-
canonical-hw-cert team
-
Mailing list archive
-
Message #12233
[Bug 1981301] Re: bionic/linux-azure-4.15: 4.15.0-1147.162 -proposed tracker
*** This bug is a duplicate of bug 1983495 ***
https://bugs.launchpad.net/bugs/1983495
This bug was fixed in the package linux-azure-4.15 - 4.15.0-1149.164
---------------
linux-azure-4.15 (4.15.0-1149.164) bionic; urgency=medium
[ Ubuntu: 4.15.0-191.202 ]
* CVE-2022-2586
- SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
* CVE-2022-2588
- SAUCE: net_sched: cls_route: remove from list when handle is 0
* CVE-2022-34918
- netfilter: nf_tables: stricter validation of element data
* BUG: kernel NULL pointer dereference, address: 0000000000000008
(LP: #1981658)
- tcp: make sure treq->af_specific is initialized
linux-azure-4.15 (4.15.0-1148.163) bionic; urgency=medium
* bionic/linux-azure-4.15: 4.15.0-1148.163 -proposed tracker (LP:
#1983495)
* BUG: kernel NULL pointer dereference, address: 0000000000000008
(LP: #1981658)
- tcp: make sure treq->af_specific is initialized
linux-azure-4.15 (4.15.0-1147.162) bionic; urgency=medium
* bionic/linux-azure-4.15: 4.15.0-1147.162 -proposed tracker (LP:
#1981301)
* Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355)
- [Config] updateconfigs for NVM, NVM_PBLK
[ Ubuntu: 4.15.0-190.201 ]
* bionic/linux: 4.15.0-190.201 -proposed tracker (LP: #1981321)
* CVE-2022-1679
- SAUCE: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
* Bionic update: upstream stable patchset 2022-07-06 (LP: #1980879)
- MIPS: Use address-of operator on section symbols
- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
- can: grcan: grcan_probe(): fix broken system id check for errata workaround
needs
- can: grcan: only use the NAPI poll budget for RX
- Bluetooth: Fix the creation of hdev->name
- mmc: rtsx: add 74 Clocks in power on flow
- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
__mcopy_atomic()
- ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
- ALSA: pcm: Fix races among concurrent read/write and buffer changes
- ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
- ALSA: pcm: Fix races among concurrent prealloc proc writes
- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
- VFS: Fix memory leak caused by concurrently mounting fs with subtype
- batman-adv: Don't skb_split skbuffs with frag_list
- net: Fix features skip in for_each_netdev_feature()
- ipv4: drop dst in multicast routing path
- netlink: do not reset transport header in netlink_recvmsg()
- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
- hwmon: (ltq-cputemp) restrict it to SOC_XWAY
- s390/ctcm: fix variable dereferenced before check
- s390/ctcm: fix potential memory leak
- s390/lcs: fix variable dereferenced before check
- net/smc: non blocking recvmsg() return -EAGAIN when no data and
signal_pending
- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
- hwmon: (f71882fg) Fix negative temperature
- ASoC: max98090: Reject invalid values in custom control put()
- ASoC: max98090: Generate notifications on changes for custom control
- ASoC: ops: Validate input values in snd_soc_put_volsw_range()
- tcp: resalt the secret every 10 seconds
- usb: cdc-wdm: fix reading stuck on device close
- USB: serial: pl2303: add device id for HP LM930 Display
- USB: serial: qcserial: add support for Sierra Wireless EM7590
- USB: serial: option: add Fibocom L610 modem
- USB: serial: option: add Fibocom MA510 modem
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
- drm/vmwgfx: Initialize drm_mode_fb_cmd2
- ping: fix address binding wrt vrf
- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe()
- net/sched: act_pedit: really ensure the skb is writable
- um: Cleanup syscall_handler_t definition/cast, fix warning
- Input: add bounds checking to input_set_capability()
- Input: stmfts - fix reference leak in stmfts_input_open
- MIPS: lantiq: check the return value of kzalloc()
- drbd: remove usage of list iterator variable after loop
- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()
- ALSA: wavefront: Proper check of get_user() error
- perf: Fix sys_perf_event_open() race against self
- drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
- mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC
- mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD
- mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch()
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
- clk: at91: generated: consider range when calculating best rate
- net/qla3xxx: Fix a test in ql_reset_work()
- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
- ARM: 9196/1: spectre-bhb: enable for Cortex-A15
- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
- igb: skip phy status check where unavailable
- net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
- gpio: gpio-vf610: do not touch other bits when set the target bit
- gpio: mvebu/pwm: Refuse requests with inverted polarity
- perf bench numa: Address compiler error on s390
- scsi: qla2xxx: Fix missed DMA unmap for aborted commands
- mac80211: fix rx reordering with non explicit / psmp ack policy
- ethernet: tulip: fix missing pci_disable_device() on error in
tulip_init_one()
- net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()
- net: atlantic: verify hw_head_ lies within TX buffer ring
- swiotlb: fix info leak with DMA_FROM_DEVICE
- Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
- net: macb: Increment rx bd head after allocating skb and buffer
- net/sched: act_pedit: sanitize shift argument before usage
- afs: Fix afs_getattr() to refetch file status if callback break occurred
- x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
- tcp: change source port randomizarion at connect() time
- secure_seq: use the 64 bits of the siphash for port offset calculation
- ACPI: sysfs: Make sparse happy about address space in use
- Revert "UBUNTU: SAUCE: ACPI: sysfs: copy ACPI data using io memory copying"
- ACPI: sysfs: Fix BERT error region memory mapping
- net: af_key: check encryption module availability consistency
- net: ftgmac100: Disable hardware checksum on AST2600
- drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI
controllers
- assoc_array: Fix BUG_ON during garbage collect
- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
- exec: Force single empty string when argv is empty
- netfilter: conntrack: re-fetch conntrack after insertion
- zsmalloc: fix races between asynchronous zspage free and page migration
- dm integrity: fix error code in dm_integrity_ctr()
- dm crypt: make printing of the key constant-time
- dm stats: add cond_resched when looping over entries
- dm verity: set DM_TARGET_IMMUTABLE feature flag
- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
- docs: submitting-patches: Fix crossref to 'The canonical patch format'
- NFSD: Fix possible sleep during nfsd4_release_lockowner()
- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
* Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355)
- floppy: disable FDRAWCMD by default
- [Config] updateconfigs for BLK_DEV_FD_RAWCMD
- hamradio: defer 6pack kfree after unregister_netdev
- hamradio: remove needs_free_netdev to avoid UAF
- lightnvm: disable the subsystem
- [Config] updateconfigs for NVM, NVM_PBLK
- usb: mtu3: fix USB 3.0 dual-role-switch from device to host
- USB: quirks: add a Realtek card reader
- USB: quirks: add STRING quirk for VCOM device
- USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
- xhci: stop polling roothubs after shutdown
- iio: dac: ad5592r: Fix the missing return value.
- iio: dac: ad5446: Fix read_raw not returning set value
- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
- usb: misc: fix improper handling of refcount in uss720_probe()
- usb: gadget: uvc: Fix crash when encoding data for usb request
- usb: gadget: configfs: clear deactivation flag in
configfs_composite_unbind()
- serial: 8250: Also set sticky MCR bits in console restoration
- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
- hex2bin: make the function hex_to_bin constant-time
- hex2bin: fix access beyond string end
- USB: Fix xhci event ring dequeue pointer ERDP update issue
- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue
- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
- phy: samsung: exynos5250-sata: fix missing device put in probe error paths
- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init
- ARM: dts: Fix mmc order for omap3-gta04
- ipvs: correctly print the memory size of ip_vs_conn_tab
- mtd: rawnand: Fix return value check of wait_for_completion_timeout
- sctp: check asoc strreset_chunk in sctp_generate_reconf_event
- pinctrl: pistachio: fix use of irq_of_parse_and_map()
- ip_gre: Make o_seqno start from 0 in native mode
- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create()
- clk: sunxi: sun9i-mmc: check return value after calling
platform_get_resource()
- net: bcmgenet: hide status block before TX timestamping
- bnx2x: fix napi API usage sequence
- ASoC: wm8731: Disable the regulator when probing fails
- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
- cifs: destage any unwritten data to the server before calling
copychunk_write
- drivers: net: hippi: Fix deadlock in rr_close()
- x86/cpu: Load microcode during restore_processor_state()
- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
- tty: n_gsm: fix malformed counter for out of frame data
- tty: n_gsm: fix insufficient txframe size
- tty: n_gsm: fix missing explicit ldisc flush
- tty: n_gsm: fix wrong command retry handling
- tty: n_gsm: fix wrong command frame length field encoding
- tty: n_gsm: fix incorrect UA handling
- MIPS: Fix CP0 counter erratum detection for R4k CPUs
- parisc: Merge model and model name into one line in /proc/cpuinfo
- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
- Revert "SUNRPC: attempt AF_LOCAL connect on setup"
- firewire: fix potential uaf in outbound_phy_packet_callback()
- firewire: remove check of list iterator against head past the loop body
- firewire: core: extend card->lock in fw_core_handle_bus_reset
- ASoC: wm8958: Fix change notifications for DSP controls
- can: grcan: grcan_close(): fix deadlock
- can: grcan: use ofdev->dev when allocating DMA memory
- nfc: replace improper check device_is_registered() in netlink related
functions
- NFC: netlink: fix sleep in atomic bug when firmware download timeout
- hwmon: (adt7470) Fix warning on module removal
- ASoC: dmaengine: Restore NULL prepare_slave_config() callback
- net: emaclite: Add error handling for of_address_to_resource()
- smsc911x: allow using IRQ0
- btrfs: always log symlinks in full mode
- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
- net: ipv6: ensure we call ipv6_mc_down() at most once
- dm: fix mempool NULL pointer race when completing IO
- dm: interlock pending dm_io and dm_wait_for_bios_completion
- PCI: aardvark: Clear all MSIs at setup
- PCI: aardvark: Fix reading MSI interrupt number
- tcp: md5: incorrect tcp_header_len for incoming connections
- net: hns3: add validity check for message data length
- genirq: Synchronize interrupt thread startup
- net: stmmac: dwmac-sun8i: add missing of_node_put() in
sun8i_dwmac_register_mdio_mux()
- mm: fix unexpected zeroed page mapping with zram swap
* unprivileged tests in test_verifier from ubuntu_bpf failed with "Failed to
load prog 'Operation not permitted'" on B-4.15 (LP: #1980648)
- selftests/bpf: Count tests skipped by unpriv
- selftests/bpf: Only run tests if !bpf_disabled
* CVE-2022-1734
- nfc: nfcmrvl: main: reorder destructive operations in
nfcmrvl_nci_unregister_dev to avoid bugs
* CVE-2022-1652
- floppy: use a statically allocated error counter
-- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx> Thu, 04 Aug
2022 19:11:41 +0200
** Changed in: linux-azure-4.15 (Ubuntu Bionic)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1652
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1679
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1734
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2586
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2588
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-34918
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1981301
Title:
bionic/linux-azure-4.15: 4.15.0-1147.162 -proposed tracker
Status in Kernel SRU Workflow:
Fix Committed
Status in Kernel SRU Workflow automated-testing series:
In Progress
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
New
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
In Progress
Status in Kernel SRU Workflow signing-signoff series:
Invalid
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
Confirmed
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-azure-4.15 source package in Bionic:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
boot-testing-requested: true
bugs-spammed: true
built:
from: 3d68801d9ffad493
route-entry: 1
delta:
promote-to-proposed:
- lrm
- main
- meta
- lrs
- signed
- lrg
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
issue: KSRU-4439
kernel-stable-master-bug: 1981321
packages:
lrg: linux-restricted-generate-azure-4.15
lrm: linux-restricted-modules-azure-4.15
lrs: linux-restricted-signatures-azure-4.15
main: linux-azure-4.15
meta: linux-meta-azure-4.15
signed: linux-signed-azure-4.15
phase: Testing
phase-changed: Friday, 29. July 2022 09:36 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason:
automated-testing: Ongoing -s testing in progress
security-signoff: Stalled -s waiting for signoff
stakeholder-signoff: Stalled -s waiting for signoff
synthetic:
:promote-to-as-proposed: Fix Released
trackers:
bionic/linux-azure-fips: bug 1981297
trusty/linux-azure: bug 1981300
xenial/linux-azure: bug 1981299
variant: debs
versions:
lrm: 4.15.0-1147.162
main: 4.15.0-1147.162
meta: 4.15.0.1147.117
signed: 4.15.0-1147.162
~~:
clamps:
new-review: 3d68801d9ffad493
promote-to-proposed: 3d68801d9ffad493
self: 4.15.0-1147.162
sru-review: 3d68801d9ffad493
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1981301/+subscriptions