group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #21803
[Bug 1748671] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
This bug was fixed in the package linux - 4.4.0-116.140
---------------
linux (4.4.0-116.140) xenial; urgency=medium
* linux: 4.4.0-116.140 -proposed tracker (LP: #1748990)
* BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
(LP: #1748671)
- SAUCE: net: ipv4: fix for a race condition in raw_sendmsg -- fix backport
linux (4.4.0-115.139) xenial; urgency=medium
* linux: 4.4.0-115.138 -proposed tracker (LP: #1748745)
* CVE-2017-5715 (Spectre v2 Intel)
- Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
- SAUCE: turn off IBRS when full retpoline is present
- [Packaging] retpoline files must be sorted
- [Packaging] pull in retpoline files
linux (4.4.0-114.137) xenial; urgency=medium
* linux: 4.4.0-114.137 -proposed tracker (LP: #1748484)
* ALSA backport missing NVIDIA GPU codec IDs to patch table to
Ubuntu 16.04 LTS Kernel (LP: #1744117)
- ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table
* Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
- scsi: libiscsi: Allow sd_shutdown on bad transport
* libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
* KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
(LP: #1747090)
- KVM: s390: wire up bpb feature
- KVM: s390: Enable all facility bits that are known good for passthrough
* CVE-2017-5715 (Spectre v2 Intel)
- SAUCE: drop lingering gmb() macro
- x86/feature: Enable the x86 feature to control Speculation
- x86/feature: Report presence of IBPB and IBRS control
- x86/enter: MACROS to set/clear IBRS and set IBPB
- x86/enter: Use IBRS on syscall and interrupts
- x86/idle: Disable IBRS entering idle and enable it on wakeup
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- x86/mm: Set IBPB upon context switch
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread
- x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- x86/kvm: Set IBPB when switching VM
- x86/kvm: Toggle IBRS on VM entry and exit
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
- x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
- x86/cpu/AMD: Add speculative control support for AMD
- x86/microcode: Extend post microcode reload to support IBPB feature
- KVM: SVM: Do not intercept new speculative control MSRs
- x86/svm: Set IBRS value on VM entry and exit
- x86/svm: Set IBPB when running a different VCPU
- KVM: x86: Add speculative control CPUID support for guests
- SAUCE: Fix spec_ctrl support in KVM
- SAUCE: turn off IBPB when full retpoline is present
linux (4.4.0-113.136) xenial; urgency=low
* linux: 4.4.0-113.136 -proposed tracker (LP: #1746936)
[ Stefan Bader ]
* Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
(LP: #1743638)
- [d-i] Add qede to nic-modules udeb
* CVE-2017-5753 (Spectre v1 Intel)
- x86/cpu/AMD: Make the LFENCE instruction serialized
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- SAUCE: reinstate MFENCE_RDTSC feature definition
- locking/barriers: introduce new observable speculation barrier
- bpf: prevent speculative execution in eBPF interpreter
- x86, bpf, jit: prevent speculative execution when JIT is enabled
- SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
- carl9170: prevent speculative execution
- qla2xxx: prevent speculative execution
- Thermal/int340x: prevent speculative execution
- ipv4: prevent speculative execution
- ipv6: prevent speculative execution
- fs: prevent speculative execution
- net: mpls: prevent speculative execution
- udf: prevent speculative execution
- userns: prevent speculative execution
- SAUCE: claim mitigation via observable speculation barrier
- SAUCE: powerpc: add osb barrier
- SAUCE: s390/spinlock: add osb memory barrier
- SAUCE: arm64: no osb() implementation yet
- SAUCE: arm: no osb() implementation yet
* CVE-2017-5715 (Spectre v2 retpoline)
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- x86/cpu: Factor out application of forced CPU caps
- x86/cpufeatures: Make CPU bugs sticky
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE
- x86/cpu, x86/pti: Do not enable PTI on AMD processors
- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
- x86/cpu: Merge bugs.c and bugs_64.c
- sysfs/cpu: Add vulnerability folder
- x86/cpu: Implement CPU vulnerabilites sysfs functions
- x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier
- x86/asm: Use register variable to get stack pointer value
- x86/kbuild: enable modversions for symbols exported from asm
- x86/asm: Make asm/alternative.h safe from assembly
- EXPORT_SYMBOL() for asm
- kconfig.h: use __is_defined() to check if MODULE is defined
- x86/retpoline: Add initial retpoline support
- x86/spectre: Add boot time option to select Spectre v2 mitigation
- x86/retpoline/crypto: Convert crypto assembler indirect jumps
- x86/retpoline/entry: Convert entry assembler indirect jumps
- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
- x86/retpoline/hyperv: Convert assembler indirect jumps
- x86/retpoline/xen: Convert Xen hypercall indirect jumps
- x86/retpoline/checksum32: Convert assembler indirect jumps
- x86/retpoline/irq32: Convert assembler indirect jumps
- x86/retpoline: Fill return stack buffer on vmexit
- x86/retpoline: Remove compile time warning
- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
- module: Add retpoline tag to VERMAGIC
- x86/mce: Make machine check speculation protected
- retpoline: Introduce start/end markers of indirect thunk
- kprobes/x86: Blacklist indirect thunk functions for kprobes
- kprobes/x86: Disable optimizing on the function jumps to indirect thunk
- x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
- [Config] CONFIG_RETPOLINE=y
- [Packaging] retpoline -- add call site validation
- [Config] disable retpoline checks for first upload
* CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
- Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM"
- Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()"
- Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
- Revert "Revert "x86/svm: Add code to clear registers on VM exit""
- Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
support IBPB feature -- repair missmerge"
- Revert "arm: no gmb() implementation yet"
- Revert "arm64: no gmb() implementation yet"
- Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
- Revert "s390/spinlock: add gmb memory barrier"
- Revert "powerpc: add gmb barrier"
- Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
- Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
- Revert "x86/svm: Add code to clear registers on VM exit"
- Revert "x86/svm: Add code to clobber the RSB on VM exit"
- Revert "KVM: x86: Add speculative control CPUID support for guests"
- Revert "x86/svm: Set IBPB when running a different VCPU"
- Revert "x86/svm: Set IBRS value on VM entry and exit"
- Revert "KVM: SVM: Do not intercept new speculative control MSRs"
- Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
- Revert "x86/cpu/AMD: Add speculative control support for AMD"
- Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR"
- Revert "x86/entry: Use retpoline for syscall's indirect calls"
- Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
syscall entrance"
- Revert "x86/syscall: Clear unused extra registers on syscall entrance"
- Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
control"
- Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
- Revert "x86/kvm: Pad RSB on VM transition"
- Revert "x86/kvm: Toggle IBRS on VM entry and exit"
- Revert "x86/kvm: Set IBPB when switching VM"
- Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
- Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
- Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
thread"
- Revert "x86/mm: Set IBPB upon context switch"
- Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
- Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
- Revert "x86/enter: Use IBRS on syscall and interrupts"
- Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
- Revert "x86/feature: Report presence of IBPB and IBRS control"
- Revert "x86/feature: Enable the x86 feature to control Speculation"
- Revert "udf: prevent speculative execution"
- Revert "net: mpls: prevent speculative execution"
- Revert "fs: prevent speculative execution"
- Revert "ipv6: prevent speculative execution"
- Revert "userns: prevent speculative execution"
- Revert "Thermal/int340x: prevent speculative execution"
- Revert "qla2xxx: prevent speculative execution"
- Revert "carl9170: prevent speculative execution"
- Revert "uvcvideo: prevent speculative execution"
- Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* CVE-2017-17712
- net: ipv4: fix for a race condition in raw_sendmsg
* upload urgency should be medium by default (LP: #1745338)
- [Packaging] update urgency to medium by default
* CVE-CVE-2017-12190
- more bio_map_user_iov() leak fixes
* CVE-2015-8952
- mbcache2: reimplement mbcache
- ext2: convert to mbcache2
- ext4: convert to mbcache2
- mbcache2: limit cache size
- mbcache2: Use referenced bit instead of LRU
- ext4: kill ext4_mballoc_ready
- ext4: shortcut setting of xattr to the same value
- mbcache: remove mbcache
- mbcache2: rename to mbcache
- mbcache: get rid of _e_hash_list_head
- mbcache: add reusable flag to cache entries
* CVE-2017-15115
- sctp: do not peel off an assoc from one netns to another one
* CVE-2017-8824
- dccp: CVE-2017-8824: use-after-free in DCCP code
-- Khalid Elmously <khalid.elmously@xxxxxxxxxxxxx> Mon, 12 Feb 2018
20:17:57 +0000
** Changed in: linux (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8952
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12190
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15115
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17712
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8824
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1748671
Title:
BUG: unable to handle kernel NULL pointer dereference at
0000000000000009
Status in linux package in Ubuntu:
Triaged
Status in linux source package in Xenial:
Fix Released
Bug description:
Got this bug/oops while running with the linux-image-4.4.0-113-generic
(4.4.0-113.136) kernel from -proposed:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
IP: [<ffffffffab413ad5>] csum_and_copy_from_iter+0x55/0x4c0
PGD 0
Oops: 0000 [#1] SMP
Modules linked in: ctr ccm veth xt_CHECKSUM iptable_mangle xt_comment ec_sys bridge stp llc nf_log_ipv6 ip6table_filter ip6t_MASQUERADE nf_nat_masquerade_ipv6 ip6table_nat nf_nat_ipv6 ip6_tables nf_log_ip
snd ghash_clmulni_intel soundcore r8169 psmouse input_leds cfg80211 rtsx_pci mii vhost_net vhost media ahci libahci macvtap macvlan mei_me mei kvm_intel kvm irqbypass tpm_crb i2c_hid intel_lpss_acpi inte
CPU: 2 PID: 3997 Comm: dnsmasq Tainted: P W O 4.4.0-113-generic #136-Ubuntu
Hardware name: System76 Lemur/Lemur, BIOS 5.12 02/17/2017
task: ffff880830269e00 ti: ffff880035c44000 task.ti: ffff880035c44000
RIP: 0010:[<ffffffffab413ad5>] [<ffffffffab413ad5>] csum_and_copy_from_iter+0x55/0x4c0
RSP: 0018:ffff880035c47a18 EFLAGS: 00010246
RAX: 00000000ab729fd0 RBX: 000000000000001c RCX: ffff880035c47e98
RDX: ffff880035c47a94 RSI: 000000000000001c RDI: ffff8807ef1a7424
RBP: ffff880035c47a80 R08: 0000000000000000 R09: ffff8807ef1a7424
R10: ffff8807ef1a7424 R11: ffff8807ef1a7400 R12: ffff880035c47e98
R13: 0000000000000000 R14: 00ffffffabea6920 R15: 0000000000000001
FS: 00007ff2b234d880(0000) GS:ffff88086ed00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000009 CR3: 0000000035c1e000 CR4: 0000000000360670
Stack:
ffff88084e001600 ffffffffab72d1d7 ffff880830f18500 ffff880035c47aaf
ffff880035c47a94 00000000000001c0 00000000ffffffff b0f4001fc4815eea
000000000000001c ffff880830f18500 0000000000000000 ffff880035c47d30
Call Trace:
[<ffffffffab72d1d7>] ? __alloc_skb+0x87/0x1f0
[<ffffffffab782cb6>] ip_generic_getfrag+0x56/0xe0
[<ffffffffab7abc0f>] raw_getfrag+0xaf/0x100
[<ffffffffab78450a>] __ip_append_data.isra.45+0x98a/0xb90
[<ffffffffab7abb60>] ? raw_recvmsg+0x1c0/0x1c0
[<ffffffffab7abb60>] ? raw_recvmsg+0x1c0/0x1c0
[<ffffffffab78478a>] ip_append_data.part.46+0x7a/0xe0
[<ffffffffab785474>] ip_append_data+0x34/0x40
[<ffffffffab7ac8a4>] raw_sendmsg+0x724/0xc00
[<ffffffffab3a4ea0>] ? aa_sk_perm+0x70/0x210
[<ffffffffab3a5761>] ? aa_sock_msg_perm+0x61/0x150
[<ffffffffab7bc91b>] inet_sendmsg+0x6b/0xa0
[<ffffffffab723b5e>] sock_sendmsg+0x3e/0x50
[<ffffffffab724151>] SYSC_sendto+0x101/0x190
[<ffffffffab729fd0>] ? sock_setsockopt+0x180/0x830
[<ffffffffab397072>] ? apparmor_socket_setsockopt+0x22/0x30
[<ffffffffab724c7e>] SyS_sendto+0xe/0x10
[<ffffffffab84df9f>] entry_SYSCALL_64_fastpath+0x1c/0x93
Code: f3 48 0f 47 de 48 85 db 0f 84 8b 01 00 00 8b 02 49 89 f9 49 89 cc 4c 8b 71 08 89 45 c4 8b 01 a8 04 0f 85 79 01 00 00 4c 8b 79 18 <4d> 8b 6f 08 4d 29 f5 49 39 dd 4c 0f 47 eb a8 02 0f 85 36 02 00
RIP [<ffffffffab413ad5>] csum_and_copy_from_iter+0x55/0x4c0
RSP <ffff880035c47a18>
CR2: 0000000000000009
---[ end trace bdd9157c94a456b6 ]---
The trigger is when I start an artful lxd container and it tries to
get an IPv4/IPv6. Oddly enough, the same thing works perfectly for my
xenial container. My lxd-bridge has dnsmasq contained by Apparmor
which is non standard but always worked flawlessly.
I can trigger the bug 100% of the time so validating any tentative fix
should be easy.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-113-generic 4.4.0-113.136
ProcVersionSignature: Ubuntu 4.4.0-112.135-generic 4.4.98
Uname: Linux 4.4.0-112-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: simon 7244 F.... pulseaudio
CurrentDesktop: Unity
CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted
Date: Sat Feb 10 16:45:26 2018
HibernationDevice: RESUME=/dev/mapper/nvme0n1p3_crypt
InstallationDate: Installed on 2016-12-06 (431 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20161206)
MachineType: System76 Lemur
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-112-generic.efi.signed root=UUID=49432620-38ed-44bd-912a-7bc51eec3a35 ro quiet splash possible_cpus=4 nmi_watchdog=0 kaslr vsyscall=none vt.handoff=7
RelatedPackageVersions:
linux-restricted-modules-4.4.0-112-generic N/A
linux-backports-modules-4.4.0-112-generic N/A
linux-firmware 1.157.16
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 02/17/2017
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 5.12
dmi.board.asset.tag: Tag 12345
dmi.board.name: Lemur
dmi.board.vendor: System76
dmi.board.version: lemu7
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: System76
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr5.12:bd02/17/2017:svnSystem76:pnLemur:pvrlemu7:rvnSystem76:rnLemur:rvrlemu7:cvnSystem76:ct10:cvrN/A:
dmi.product.name: Lemur
dmi.product.version: lemu7
dmi.sys.vendor: System76
---
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: simon 7244 F.... pulseaudio
CurrentDesktop: Unity
CurrentDmesg: Error: command ['dmesg'] failed with exit code 1: dmesg: read kernel buffer failed: Operation not permitted
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=/dev/mapper/nvme0n1p3_crypt
InstallationDate: Installed on 2016-12-06 (431 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Beta amd64 (20161206)
MachineType: System76 Lemur
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
Package: linux (not installed)
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-112-generic.efi.signed root=UUID=49432620-38ed-44bd-912a-7bc51eec3a35 ro quiet splash possible_cpus=4 nmi_watchdog=0 kaslr vsyscall=none vt.handoff=7
ProcVersionSignature: Ubuntu 4.4.0-112.135-generic 4.4.98
RelatedPackageVersions:
linux-restricted-modules-4.4.0-112-generic N/A
linux-backports-modules-4.4.0-112-generic N/A
linux-firmware 1.157.16
RfKill: Error: [Errno 2] No such file or directory
Tags: xenial
Uname: Linux 4.4.0-112-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip libvirtd lpadmin lxd plugdev sambashare sudo wireshark
_MarkForUpload: True
dmi.bios.date: 02/17/2017
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 5.12
dmi.board.asset.tag: Tag 12345
dmi.board.name: Lemur
dmi.board.vendor: System76
dmi.board.version: lemu7
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: System76
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr5.12:bd02/17/2017:svnSystem76:pnLemur:pvrlemu7:rvnSystem76:rnLemur:rvrlemu7:cvnSystem76:ct10:cvrN/A:
dmi.product.name: Lemur
dmi.product.version: lemu7
dmi.sys.vendor: System76
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748671/+subscriptions
