← Back to team overview

canonical-hw-cert team mailing list archive

  1. canonical-hw-cert team
  2. Mailing list archive
  3. Message #54763

[Bug 1997863] Re: bionic/linux-kvm: 4.15.0-1133.138 -proposed tracker

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package linux-kvm - 4.15.0-1133.138

---------------
linux-kvm (4.15.0-1133.138) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1133.138 -proposed tracker (LP: #1997863)

  [ Ubuntu: 4.15.0-201.212 ]

  * bionic/linux: 4.15.0-201.212 -proposed tracker (LP: #1997871)
  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates
  * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434)
    - s390/archrandom: prevent CPACF trng invocations in interrupt context
  * BUG: scheduling while atomic: ip/1210/0x00000200 on xenial/hwe rumford
    (LP: #1995870)
    - tg3: prevent scheduling while atomic splat
  * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349)
    - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
    - selftests/bpf: Fix test_align verifier log patterns
    - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
    - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
    - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
    - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler
    - kcm: fix strp_init() order and cleanup
    - serial: fsl_lpuart: RS485 RTS polariy is inverse
    - staging: rtl8712: fix use after free bugs
    - vt: Clear selection before changing the font
    - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
    - binder: fix UAF of ref->proc caused by race condition
    - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
    - Input: rk805-pwrkey - fix module autoloading
    - hwmon: (gpio-fan) Fix array out of bounds access
    - thunderbolt: Use the actual buffer in tb_async_error()
    - xhci: Add grace period after xHC start to prevent premature runtime suspend.
    - USB: serial: cp210x: add Decagon UCA device id
    - USB: serial: option: add support for OPPO R11 diag port
    - USB: serial: option: add Quectel EM060K modem
    - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
    - usb: dwc2: fix wrong order of phy_power_on and phy_init
    - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
    - usb-storage: Add ignore-residue quirk for NXP PN7462AU
    - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
    - s390: fix nospec table alignments
    - USB: core: Prevent nested device-reset calls
    - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
    - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
    - net: mac802154: Fix a condition in the receive path
    - ALSA: seq: oss: Fix data-race for max_midi_devs access
    - ALSA: seq: Fix data-race at module auto-loading
    - efi: capsule-loader: Fix use-after-free in efi_capsule_write
    - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
      il4965_rs_fill_link_cmd()
    - fs: only do a memory barrier for the first set_buffer_uptodate()
    - Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
    - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
    - drm/radeon: add a force flush to delay work when radeon
    - parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources()
    - parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines
    - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
    - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
    - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
    - ALSA: usb-audio: Fix an out-of-bounds bug in
      __snd_usb_parse_audio_interface()
    - kprobes: Prohibit probes in gate area
    - scsi: mpt3sas: Fix use-after-free warning
    - driver core: Don't probe devices after bus_type.match() probe deferral
    - netfilter: br_netfilter: Drop dst references before setting.
    - sch_sfb: Don't assume the skb is still around after enqueueing to child
    - tipc: fix shift wrapping bug in map_get()
    - ipv6: sr: fix out-of-bounds read when setting HMAC data.
    - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
    - sch_sfb: Also store skb len before calling child enqueue
    - usb: dwc3: fix PHY disable sequence
    - USB: serial: ch341: fix lost character on LCR updates
    - USB: serial: ch341: fix disabled rx timer on older devices
    - MIPS: loongson32: ls1c: Fix hang during startup
    - SUNRPC: use _bh spinlocking on ->transport_lock
    - net: dp83822: disable false carrier interrupt
    - tcp: annotate data-race around challenge_timestamp
    - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
    - clk: core: Fix runtime PM sequence in clk_core_unprepare()
    - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
    - i40e: Fix kernel crash during module removal
    - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
    - drm/msm/rd: Fix FIFO-full deadlock
    - HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
    - tg3: Disable tg3 device on system reboot to avoid triggering AER
    - ieee802154: cc2520: add rc code in cc2520_tx()
    - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes
    - tracefs: Only clobber mode/uid/gid on remount if asked
    - net: dp83822: disable rx error interrupt
  * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112)
    - audit: fix potential double free on error path from fsnotify_add_inode_mark
    - parisc: Fix exception handler for fldw and fstw instructions
    - pinctrl: amd: Don't save/restore interrupt status and wake status bits
    - xfrm: fix refcount leak in __xfrm_policy_check()
    - rose: check NULL rose_loopback_neigh->loopback
    - bonding: 802.3ad: fix no transmission of LACPDUs
    - net: ipvtap - add __init/__exit annotations to module init/exit funcs
    - netfilter: ebtables: reject blobs that don't provide all entry points
    - netfilter: nft_payload: report ERANGE for too long offset and length
    - netfilter: nft_payload: do not truncate csum_offset and csum_type
    - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
    - ratelimit: Fix data-races in ___ratelimit().
    - net: Fix a data-race around sysctl_tstamp_allow_data.
    - net: Fix a data-race around sysctl_net_busy_poll.
    - net: Fix a data-race around sysctl_net_busy_read.
    - net: Fix a data-race around netdev_budget.
    - net: Fix a data-race around netdev_budget_usecs.
    - net: Fix a data-race around sysctl_somaxconn.
    - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
    - btrfs: check if root is readonly while setting security xattr
    - loop: Check for overflow while configuring loop
    - asm-generic: sections: refactor memory_intersects
    - mm/hugetlb: fix hugetlb not supporting softdirty tracking
    - md: call __md_stop_writes in md_stop
    - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
    - arm64: map FDT as RW for early_init_dt_scan()
    - s390/mm: do not trigger write fault when vma does not allow VM_WRITE
    - x86/bugs: Add "unknown" reporting for MMIO Stale Data
    - kbuild: Fix include path in scripts/Makefile.modpost
    - Bluetooth: L2CAP: Fix build errors in some archs
    - media: pvrusb2: fix memory leak in pvr_probe
    - HID: hidraw: fix memory leak in hidraw_release()
    - fbdev: fb_pm2fb: Avoid potential divide by zero error
    - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is
      dead
    - neigh: fix possible DoS due to net iface start/stop loop
    - s390/hypfs: avoid error message under KVM
    - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
    - kprobes: don't call disarm_kprobe() for disabled kprobes
    - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
    - net: Fix data-races around netdev_tstamp_prequeue.
    - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
    - s390: fix double free of GS and RI CBs on fork() failure
    - scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
    - bpf: Fix the off-by-two error in range markings
  * CVE-2022-2663
    - netfilter: nf_conntrack_irc: Fix forged IP logic
  * CVE-2022-3061
    - video: fbdev: i740fb: Error out if 'pixclock' equals zero

 -- Kuba Pawlak <kuba.pawlak@xxxxxxxxxxxxx>  Fri, 02 Dec 2022 14:10:07
+0100

** Changed in: linux-kvm (Ubuntu Bionic)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2663

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3061

-- 
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1997863

Title:
  bionic/linux-kvm: 4.15.0-1133.138 -proposed tracker

Status in canonical-signing-jobs:
  Fix Released
Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow boot-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  Fix Released
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-kvm source package in Bionic:
  Fix Released

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: 44ad22b95faba699
    route-entry: 1
  delta:
    promote-to-proposed: [main, meta]
    promote-to-updates: [meta, main]
  flag:
    boot-testing-requested: true
    bugs-respammed: true
    bugs-spammed: true
    proposed-announcement-sent: true
    proposed-testing-requested: true
    stream-from-cycle: true
  issue: KSRU-5796
  kernel-stable-master-bug: 1998819
  packages:
    main: linux-kvm
    meta: linux-meta-kvm
  phase: Holding before Promote to Security
  phase-changed: Friday, 06. January 2023 00:40 UTC
  reason:
    promote-to-security: Holding -- not ready for security (replication
      dwell)
  synthetic:
    :promote-to-as-proposed: Fix Released
  variant: debs
  versions:
    main: 4.15.0-1133.138
    meta: 4.15.0.1133.124
  ~~:
    clamps:
      new-review: 44ad22b95faba699
      promote-to-proposed: 44ad22b95faba699
      self: 4.15.0-1133.138
      sru-review: 44ad22b95faba699

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/+bug/1997863/+subscriptions
  Thread PreviousDate PreviousThread Next