group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #26287
[Bug 1788563] Re: L1TF mitigation not effective in some CPU and RAM combinations
This bug was fixed in the package linux - 4.4.0-137.163
---------------
linux (4.4.0-137.163) xenial; urgency=medium
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely
linux (4.4.0-136.162) xenial; urgency=medium
* linux: 4.4.0-136.162 -proposed tracker (LP: #1791745)
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- Revert "UBUNTU: SAUCE: bpf: Use barrier_nospec() instead of osb()"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
* Xenial update to 4.4.144 stable release (LP: #1791080)
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
parallel.
- x86/MCE: Remove min interval polling limitation
- fat: fix memory allocation failure handling of match_strdup()
- ALSA: rawmidi: Change resized buffers atomically
- ARC: Fix CONFIG_SWAP
- ARC: mm: allow mprotect to make stack mappings executable
- mm: memcg: fix use after free in mem_cgroup_iter()
- ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
- ipv6: fix useless rol32 call on hash
- lib/rhashtable: consider param->min_size when setting initial table size
- net/ipv4: Set oif in fib_compute_spec_dst
- net: phy: fix flag masking in __set_phy_supported
- ptp: fix missing break in switch
- tg3: Add higher cpu clock for 5762.
- net: Don't copy pfmemalloc flag in __copy_skb_header()
- skbuff: Unconditionally copy pfmemalloc in __skb_clone()
- xhci: Fix perceived dead host due to runtime suspend race with event handler
- x86/paravirt: Make native_save_fl() extern inline
- SAUCE: Add missing CPUID_7_EDX defines
- SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
- x86/pti: Mark constant arrays as __initconst
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce
speculation attack surface
- x86/speculation: Clean up various Spectre related details
- x86/speculation: Fix up array_index_nospec_mask() asm constraint
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
- x86/mm: Factor out LDT init from context init
- x86/mm: Give each mm TLB flush generation a unique ID
- SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context
switch
- x86/speculation: Use IBRS if available before calling into firmware
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
- selftest/seccomp: Fix the seccomp(2) signature
- xen: set cpu capabilities from xen_start_kernel()
- x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
- SAUCE: Preserve SPEC_CTRL MSR in new inlines
- SAUCE: Add Knights Mill to NO SSB list
- x86/process: Correct and optimize TIF_BLOCKSTEP switch
- x86/process: Optimize TIF_NOTSC switch
- Revert "x86/cpufeatures: Add FEATURE_ZEN"
- Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
- x86/cpu: Re-apply forced caps every time CPU caps are re-read
- block: do not use interruptible wait anywhere
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
- ubi: Introduce vol_ignored()
- ubi: Rework Fastmap attach base code
- ubi: Be more paranoid while seaching for the most recent Fastmap
- ubi: Fix races around ubi_refill_pools()
- ubi: Fix Fastmap's update_vol()
- ubi: fastmap: Erase outdated anchor PEBs during attach
- Linux 4.4.144
* CVE-2017-5715 (Spectre v2 s390x)
- s390: detect etoken facility
- s390/lib: use expoline for all bcr instructions
- SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
* Xenial update to 4.4.143 stable release (LP: #1790884)
- compiler, clang: suppress warning for unused static inline functions
- compiler, clang: properly override 'inline' for clang
- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
- bcm63xx_enet: correct clock usage
- bcm63xx_enet: do not write to random DMA channel on BCM6345
- crypto: crypto4xx - remove bad list_del
- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
- atm: zatm: Fix potential Spectre v1
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock
- net/mlx5: Fix incorrect raw command length parsing
- net: sungem: fix rx checksum support
- qed: Limit msix vectors in kdump kernel to the minimum required count.
- r8152: napi hangup fix after disconnect
- tcp: fix Fast Open key endianness
- tcp: prevent bogus FRTO undos with non-SACK flows
- vhost_net: validate sock before trying to put its fd
- net_sched: blackhole: tell upper qdisc about dropped packets
- net/mlx5: Fix command interface race in polling mode
- net: cxgb3_main: fix potential Spectre v1
- rtlwifi: rtl8821ae: fix firmware is not ready to run
- MIPS: Call dump_stack() from show_regs()
- MIPS: Use async IPIs for arch_trigger_cpumask_backtrace()
- netfilter: ebtables: reject non-bridge targets
- KEYS: DNS: fix parsing multiple options
- rds: avoid unenecessary cong_update in loop transport
- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
- Linux 4.4.143
* Xenial update to 4.4.142 stable release (LP: #1790883)
- Kbuild: fix # escaping in .cmd files for future Make
- perf tools: Move syscall number fallbacks from perf-sys.h to
tools/arch/x86/include/asm/
- Linux 4.4.142
* Xenial update to 4.4.141 stable release (LP: #1790620)
- MIPS: Fix ioremap() RAM check
- ibmasm: don't write out of bounds in read handler
- vmw_balloon: fix inflation with batching
- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
- USB: serial: ch341: fix type promotion bug in ch341_control_in()
- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
- USB: serial: keyspan_pda: fix modem-status error handling
- USB: yurex: fix out-of-bounds uaccess in read handler
- USB: serial: mos7840: fix status-register error handling
- usb: quirks: add delay quirks for Corsair Strafe
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
- HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
- tools build: fix # escaping in .cmd files for future Make
- iw_cxgb4: correctly enforce the max reg_mr depth
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpu: Provide a config option to disable static_cpu_has
- x86/fpu: Add an XSTATE_OP() macro
- x86/fpu: Get rid of xstate_fault()
- x86/headers: Don't include asm/processor.h in asm/atomic.h
- x86/cpufeature: Replace the old static_cpu_has() with safe variant
- x86/cpufeature: Get rid of the non-asm goto variant
- x86/alternatives: Add an auxilary section
- x86/alternatives: Discard dynamic check after init
- x86/vdso: Use static_cpu_has()
- x86/boot: Simplify kernel load address alignment check
- x86/cpufeature: Speed up cpu_feature_enabled()
- x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions
- x86/mm/pkeys: Fix mismerge of protection keys CPUID bits
- x86/cpu: Add detection of AMD RAS Capabilities
- x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys
- x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated
- x86/cpufeature: Add helper macro for mask check macros
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
- netfilter: nf_queue: augment nfqa_cfg_policy
- netfilter: x_tables: initialise match/target check parameter struct
- loop: add recursion validation to LOOP_CHANGE_FD
- PM / hibernate: Fix oops at snapshot_write()
- SAUCE: RDMA/ucm: Blacklist UCM module
- loop: remember whether sysfs_create_group() was done
- Linux 4.4.141
- [Config] Refresh configs for 4.4.141
* regression with EXT4 file systems and meta_bg flag (LP: #1789653)
- ext4: fix false negatives *and* false positives in ext4_check_descriptors()
* CVE-2018-15572
- x86/speculation: Protect against userspace-userspace spectreRSB
* random oopses on s390 systems using NVMe devices (LP: #1790480)
- s390/pci: fix out of bounds access during irq setup
* CVE-2018-6555
- SAUCE: irda: Only insert new objects into the global database via setsockopt
* CVE-2018-6554
- SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
* errors when scanning partition table of corrupted AIX disk (LP: #1787281)
- partitions/aix: fix usage of uninitialized lv_info and lvname structures
- partitions/aix: append null character to print data from disk
-- Stefan Bader <stefan.bader@xxxxxxxxxxxxx> Mon, 24 Sep 2018 13:39:05
+0200
** Changed in: linux (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-14633
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15572
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15594
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17182
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3620
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3646
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6554
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6555
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-1093
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-14634
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1788563
Title:
L1TF mitigation not effective in some CPU and RAM combinations
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This bug has been reported in multiple bugs and affects Trusty,
Xenial and Bionic. All releases need different backports, so T and X
will be sent in separate SRU requests.
Due to this bug in the original L1TF patch set, L1TF mitigation not
effective in certain CPU and installed RAM configurations.
== Fixes ==
9df9516940a6 ("x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit")
b0a182f87568 ("x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM")
cc51e5428ea5 ("x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+")
== Regression Potential ==
Low. These are security fixes and have all been cc'd to upstream
stable, so they have had additional upstream review.
== Test Case ==
A test kernel was built with these patches and tested by the original bug reporter.
The bug reporter states the test kernel resolved the bug.
Lenovo Thinkpad W530 system with 32 GB RAM
dmesg | grep -i l1tf
[ 0.038386] L1TF: System has more than MAX_PA/2 memory. L1TF mitigation not effective.
[ 2652.469669] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
Related:
https://bugzilla.opensuse.org/show_bug.cgi?id=1105536
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-32-generic 4.15.0-32.35
ProcVersionSignature: Ubuntu 4.15.0-32.35-generic 4.15.18
Uname: Linux 4.15.0-32-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: pgera 2809 F.... pulseaudio
CurrentDesktop: Unity:Unity7:ubuntu
Date: Thu Aug 23 03:38:40 2018
InstallationDate: Installed on 2018-08-11 (12 days ago)
InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
MachineType: LENOVO 24382LU
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-32-generic root=UUID=e2607c8a-4bd1-49fe-ad07-83046492fac5 ro quiet splash vt.handoff=1
RelatedPackageVersions:
linux-restricted-modules-4.15.0-32-generic N/A
linux-backports-modules-4.15.0-32-generic N/A
linux-firmware 1.173.1
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 06/11/2018
dmi.bios.vendor: LENOVO
dmi.bios.version: G5ETB2WW (2.72 )
dmi.board.asset.tag: Not Available
dmi.board.name: 24382LU
dmi.board.vendor: LENOVO
dmi.board.version: NO DPK
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias: dmi:bvnLENOVO:bvrG5ETB2WW(2.72):bd06/11/2018:svnLENOVO:pn24382LU:pvrThinkPadW530:rvnLENOVO:rn24382LU:rvrNODPK:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.family: ThinkPad W530
dmi.product.name: 24382LU
dmi.product.version: ThinkPad W530
dmi.sys.vendor: LENOVO
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1788563/+subscriptions
