group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #26301
[Bug 1788563] Re: L1TF mitigation not effective in some CPU and RAM combinations
This bug was fixed in the package linux - 4.15.0-36.39
---------------
linux (4.15.0-36.39) bionic; urgency=medium
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely
linux (4.15.0-35.38) bionic; urgency=medium
* linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)
* device hotplug of vfio devices can lead to deadlock in vfio_pci_release
(LP: #1792099)
- SAUCE: vfio -- release device lock before userspace requests
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563)
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
* CVE-2017-5715 (Spectre v2 s390x)
- KVM: s390: implement CPU model only facilities
- s390: detect etoken facility
- KVM: s390: add etoken support for guests
- s390/lib: use expoline for all bcr instructions
- s390: fix br_r1_trampoline for machines without exrl
- SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
* Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
disabled (performance) (LP: #1790602)
- cpuidle: powernv: Fix promotion from snooze if next state disabled
* Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
- powerpc: hard disable irqs in smp_send_stop loop
- powerpc: Fix deadlock with multiple calls to smp_send_stop
- powerpc: smp_send_stop do not offline stopped CPUs
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled
* Security fix: check if IOMMU page is contained in the pinned physical page
(LP: #1785675)
- vfio/spapr: Use IOMMU pageshift rather than pagesize
- KVM: PPC: Check if IOMMU page is contained in the pinned physical page
* Missing Intel GPU pci-id's (LP: #1789924)
- drm/i915/kbl: Add KBL GT2 sku
- drm/i915/whl: Introducing Whiskey Lake platform
- drm/i915/aml: Introducing Amber Lake platform
- drm/i915/cfl: Add a new CFL PCI ID.
* CVE-2018-15572
- x86/speculation: Protect against userspace-userspace spectreRSB
* Support Power Management for Thunderbolt Controller (LP: #1789358)
- thunderbolt: Handle NULL boot ACL entries properly
- thunderbolt: Notify userspace when boot_acl is changed
- thunderbolt: Use 64-bit DMA mask if supported by the platform
- thunderbolt: Do not unnecessarily call ICM get route
- thunderbolt: No need to take tb->lock in domain suspend/complete
- thunderbolt: Use correct ICM commands in system suspend
- thunderbolt: Add support for runtime PM
* random oopses on s390 systems using NVMe devices (LP: #1790480)
- s390/pci: fix out of bounds access during irq setup
* [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
for arm64 using SMC firmware call to set a hardware chicken bit
(LP: #1787993) // CVE-2018-3639 (arm64)
- arm64: alternatives: Add dynamic patching feature
- KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
- KVM: arm64: Avoid storing the vcpu pointer on the stack
- arm/arm64: smccc: Add SMCCC-specific return codes
- arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
- arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
- arm64: Add ARCH_WORKAROUND_2 probing
- arm64: Add 'ssbd' command-line option
- arm64: ssbd: Add global mitigation state accessor
- arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
- arm64: ssbd: Restore mitigation status on CPU resume
- arm64: ssbd: Introduce thread flag to control userspace mitigation
- arm64: ssbd: Add prctl interface for per-thread mitigation
- arm64: KVM: Add HYP per-cpu accessors
- arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
- arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
- arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
- [Config] ARM64_SSBD=y
* Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
- Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching
process"
- Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown
message"
- Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF
response"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
hclge_get_ring_chain_from_mbx"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
shift in hclge_get_ring_chain_from_mbx"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
assignment probelm"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
configuration operation while resetting"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
hns3_reset_notify_down_enet"
- Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
phy driver"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
resetting"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
register"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
frequently"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
command queue register"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
global or core reset"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
reset cause"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
hclgevf_main module"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
selftest"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: Add configure for mac minimal
frame size"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mailbox message truncated
problem"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for l4 checksum offload bug"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for waterline not setting
correctly"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mac pause not disable in
pfc mode"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix tc setup when netdev is first
up"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused struct member and
definition"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix mislead parameter name"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: modify inconsistent bit mask
macros"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: use decimal for bit offset
macros"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unreasonable code comments"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove extra space and brackets"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: standardize the handle of return
value"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
assignments"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unused function warning in VF
driver"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: modify hnae_ to hnae3_"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead
of kzalloc/dma_map_single"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: give default option while
dependency HNS3 set"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some unused members of
some structures"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove a redundant
hclge_cmd_csq_done"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: using modulo for cyclic counters
in hclge_cmd_send"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
assignments"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove useless code in
hclge_cmd_send"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused
hclge_ring_to_dma_dir"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: use lower_32_bits and
upper_32_bits"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove back in struct hclge_hw"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: add unlikely for error check"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the Redundant put_vector
in hns3_client_uninit"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: print the ret value in error
information"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: extraction an interface for state
state init|uninit"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused head file in
hnae3.c"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: add l4_type check for both ipv4
and ipv6"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: add vector status check before
free vector"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: rename the interface for
init_client_instance and uninit_client_instance"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: remove hclge_get_vector_index
from hclge_bind_ring_with_vector"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: RX BD information valid only in
last BD except VLD bit and buffer size"
- Revert "UBUNTU: SAUCE: {topost} net: hns3: add support for serdes loopback
selftest"
- net: hns3: Updates RX packet info fetch in case of multi BD
- net: hns3: remove unused hclgevf_cfg_func_mta_filter
- net: hns3: Fix for VF mailbox cannot receiving PF response
- net: hns3: Fix for VF mailbox receiving unknown message
- net: hns3: Optimize PF CMDQ interrupt switching process
- net: hns3: remove hclge_get_vector_index from hclge_bind_ring_with_vector
- net: hns3: rename the interface for init_client_instance and
uninit_client_instance
- net: hns3: add vector status check before free vector
- net: hns3: add l4_type check for both ipv4 and ipv6
- net: hns3: add unlikely for error check
- net: hns3: remove unused head file in hnae3.c
- net: hns3: extraction an interface for state init|uninit
- net: hns3: print the ret value in error information
- net: hns3: remove the Redundant put_vector in hns3_client_uninit
- net: hns3: remove back in struct hclge_hw
- net: hns3: use lower_32_bits and upper_32_bits
- net: hns3: remove unused hclge_ring_to_dma_dir
- net: hns3: remove useless code in hclge_cmd_send
- net: hns3: remove some redundant assignments
- net: hns3: simplify hclge_cmd_csq_clean
- net: hns3: remove a redundant hclge_cmd_csq_done
- net: hns3: remove some unused members of some structures
- net: hns3: give default option while dependency HNS3 set
- net: hns3: use dma_zalloc_coherent instead of kzalloc/dma_map_single
- net: hns3: modify hnae_ to hnae3_
- net: hns3: Fix tc setup when netdev is first up
- net: hns3: Fix for mac pause not disable in pfc mode
- net: hns3: Fix for waterline not setting correctly
- net: hns3: Fix for l4 checksum offload bug
- net: hns3: Fix for mailbox message truncated problem
- net: hns3: Add configure for mac minimal frame size
- net: hns3: Fix warning bug when doing lp selftest
- net: hns3: Fix get_vector ops in hclgevf_main module
- net: hns3: Remove the warning when clear reset cause
- net: hns3: Prevent sending command during global or core reset
- net: hns3: Modify the order of initializing command queue register
- net: hns3: Reset net device with rtnl_lock
- net: hns3: Prevent to request reset frequently
- net: hns3: Correct reset event status register
- net: hns3: Fix return value error in hns3_reset_notify_down_enet
- net: hns3: remove unnecessary ring configuration operation while resetting
- net: hns3: Fix for reset_level default assignment probelm
- net: hns3: Fix for using wrong mask and shift in
hclge_get_ring_chain_from_mbx
- net: hns3: Fix comments for hclge_get_ring_chain_from_mbx
- net: hns3: Remove some redundant assignments
- net: hns3: Standardize the handle of return value
- net: hns3: Remove extra space and brackets
- net: hns3: Correct unreasonable code comments
- net: hns3: Use decimal for bit offset macros
- net: hns3: Modify inconsistent bit mask macros
- net: hns3: Fix misleading parameter name
- net: hns3: Remove unused struct member and definition
- net: hns3: Add SPDX tags to HNS3 PF driver
- net: hns3: Add support for serdes loopback selftest
- net: hns3: Fix for phy link issue when using marvell phy driver
- SAUCE: {topost} net: hns3: separate roce from nic when resetting
* CVE-2018-6555
- SAUCE: irda: Only insert new objects into the global database via setsockopt
* CVE-2018-6554
- SAUCE: irda: Fix memory leak caused by repeated binds of irda socket
* Bionic update: upstream stable patchset 2018-08-31 (LP: #1790188)
- netfilter: nf_tables: fix NULL pointer dereference on
nft_ct_helper_obj_dump()
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
- af_key: Always verify length of provided sadb_key
- gpio: No NULL owner
- KVM: X86: Fix reserved bits check for MOV to CR3
- KVM: x86: introduce linear_{read,write}_system
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
kvm_write_guest_virt_system
- staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
- NFC: pn533: don't send USB data off of the stack
- usbip: vhci_sysfs: fix potential Spectre v1
- usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
- usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
- Input: xpad - add GPD Win 2 Controller USB IDs
- phy: qcom-qusb2: Fix crash if nvmem cell not specified
- usb: gadget: function: printer: avoid wrong list handling in printer_write()
- usb: gadget: udc: renesas_usb3: disable the controller's irqs for
reconnecting
- serial: sh-sci: Stop using printk format %pCr
- tty/serial: atmel: use port->name as name in request_irq()
- serial: samsung: fix maxburst parameter for DMA transactions
- serial: 8250: omap: Fix idling of clocks for unused uarts
- vmw_balloon: fixing double free when batching mode is off
- tty: pl011: Avoid spuriously stuck-off interrupts
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
- Input: goodix - add new ACPI id for GPD Win 2 touch screen
- crypto: caam - strip input zeros from RSA input buffer
- crypto: caam - fix DMA mapping dir for generated IV
- crypto: caam - fix IV DMA mapping and updating
- crypto: caam/qi - fix IV DMA mapping and updating
- crypto: caam - fix size of RSA prime factor q
- crypto: vmx - Remove overly verbose printk from AES init routines
- crypto: vmx - Remove overly verbose printk from AES XTS init
- crypto: omap-sham - fix memleak
- usb: typec: wcove: Remove dependency on HW FSM
- usb: gadget: udc: renesas_usb3: fix double phy_put()
- usb: gadget: udc: renesas_usb3: should remove debugfs
- usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add
udc
- usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
- usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
* Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666)
- scsi: sd_zbc: Avoid that resetting a zone fails sporadically
- mmap: introduce sane default mmap limits
- mmap: relax file size limit for regular files
- btrfs: define SUPER_FLAG_METADUMP_V2
- kconfig: Avoid format overflow warning from GCC 8.1
- be2net: Fix error detection logic for BE3
- bnx2x: use the right constant
- dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
- enic: set DMA mask to 47 bit
- ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
- ip6_tunnel: remove magic mtu value 0xFFF8
- ipmr: properly check rhltable_init() return value
- ipv4: remove warning in ip_recv_error
- ipv6: omit traffic class when calculating flow hash
- isdn: eicon: fix a missing-check bug
- kcm: Fix use-after-free caused by clonned sockets
- netdev-FAQ: clarify DaveM's position for stable backports
- net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
- net: metrics: add proper netlink validation
- net/packet: refine check for priv area size
- net: phy: broadcom: Fix bcm_write_exp()
- net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
- packet: fix reserve calculation
- qed: Fix mask for physical address in ILT entry
- sctp: not allow transport timeout value less than HZ/5 for hb_timer
- team: use netdev_features_t instead of u32
- vhost: synchronize IOTLB message with dev cleanup
- vrf: check the original netdevice for generating redirect
- ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
- net: phy: broadcom: Fix auxiliary control register reads
- net-sysfs: Fix memory leak in XPS configuration
- virtio-net: correctly transmit XDP buff after linearizing
- net/mlx4: Fix irq-unsafe spinlock usage
- tun: Fix NULL pointer dereference in XDP redirect
- virtio-net: correctly check num_buf during err path
- net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
- virtio-net: fix leaking page for gso packet during mergeable XDP
- rtnetlink: validate attributes in do_setlink()
- cls_flower: Fix incorrect idr release when failing to modify rule
- PCI: hv: Do not wait forever on a device that has disappeared
- drm: set FMODE_UNSIGNED_OFFSET for drm files
- l2tp: fix refcount leakage on PPPoL2TP sockets
- mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
- net: ethernet: ti: cpdma: correct error handling for chan create
- net: ethernet: davinci_emac: fix error handling in probe()
- net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
- net : sched: cls_api: deal with egdev path only if needed
* Bionic update: upstream stable patchset 2018-08-24 (LP: #1788897)
- fix io_destroy()/aio_complete() race
- mm: fix the NULL mapping case in __isolate_lru_page()
- objtool: Support GCC 8's cold subfunctions
- objtool: Support GCC 8 switch tables
- objtool: Detect RIP-relative switch table references
- objtool: Detect RIP-relative switch table references, part 2
- objtool: Fix "noreturn" detection for recursive sibling calls
- xfs: convert XFS_AGFL_SIZE to a helper function
- xfs: detect agfl count corruption and reset agfl
- Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI
- Input: synaptics - add Lenovo 80 series ids to SMBus
- Input: elan_i2c_smbus - fix corrupted stack
- tracing: Fix crash when freeing instances with event triggers
- tracing: Make the snapshot trigger work with instances
- selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
- cfg80211: further limit wiphy names to 64 bytes
- drm/amd/powerplay: Fix enum mismatch
- rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
- platform/chrome: cros_ec_lpc: remove redundant pointer request
- kbuild: clang: disable unused variable warnings only when constant
- tcp: avoid integer overflows in tcp_rcv_space_adjust()
- iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ
- iio:buffer: make length types match kfifo types
- iio:kfifo_buf: check for uint overflow
- iio: adc: select buffer for at91-sama5d2_adc
- MIPS: lantiq: gphy: Drop reboot/remove reset asserts
- MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
- MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
- scsi: scsi_transport_srp: Fix shost to rport translation
- stm class: Use vmalloc for the master map
- hwtracing: stm: fix build error on some arches
- IB/core: Fix error code for invalid GID entry
- mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty()
- Revert "rt2800: use TXOP_BACKOFF for probe frames"
- intel_th: Use correct device when freeing buffers
- drm/psr: Fix missed entry in PSR setup time table.
- drm/i915/lvds: Move acpi lid notification registration to registration phase
- drm/i915: Disable LVDS on Radiant P845
- drm/vmwgfx: Use kasprintf
- drm/vmwgfx: Fix host logging / guestinfo reading error paths
- nvme: fix extended data LBA supported setting
- iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after
resume
- x86/MCE/AMD: Define a function to get SMCA bank type
- x86/mce/AMD: Pass the bank number to smca_get_bank_type()
- x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
- x86/mce/AMD: Carve out SMCA get_block_address() code
- x86/MCE/AMD: Cache SMCA MISC block addresses
* errors when scanning partition table of corrupted AIX disk (LP: #1787281)
- partitions/aix: fix usage of uninitialized lv_info and lvname structures
- partitions/aix: append null character to print data from disk
* tlbie master timeout checkstop (using NVidia/GPU) (LP: #1789772)
- powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call
__ptep_set_access_flags directly
- powerpc/mm/radix: Move function from radix.h to pgtable-radix.c
- powerpc/mm: Change function prototype
- powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang
* performance drop with ATS enabled (LP: #1788097)
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage
* [Regression] kernel crashdump fails on arm64 (LP: #1786878)
- arm64: export memblock_reserve()d regions via /proc/iomem
- drivers: acpi: add dependency of EFI for arm64
- efi/arm: preserve early mapping of UEFI memory map longer for BGRT
- efi/arm: map UEFI memory map even w/o runtime services enabled
- arm64: acpi: fix alignment fault in accessing ACPI
- [Config] CONFIG_ARCH_SUPPORTS_ACPI=y
- arm64: fix ACPI dependencies
- ACPI: fix menuconfig presentation of ACPI submenu
* TB 16 issue on Dell Lattitude 7490 with large amount of data (LP: #1785780)
- r8152: disable RX aggregation on new Dell TB16 dock
* dell_wmi: Unknown key codes (LP: #1762385)
- platform/x86: dell-wmi: Ignore new rfkill and fn-lock events
* Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
- SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform
- SAUCE: i2c:amd move out pointer in union i2c_event_base
- SAUCE: i2c:amd Depends on ACPI
- [Config] i2c: CONFIG_I2C_AMD_MP2=y on x86
* r8169 no internet after suspending (LP: #1779817)
- r8169: restore previous behavior to accept BIOS WoL settings
- r8169: don't use MSI-X on RTL8168g
- r8169: don't use MSI-X on RTL8106e
* Fix Intel Cannon Lake LPSS I2C input clock (LP: #1789790)
- mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock
* Microphone cannot be detected with front panel audio combo jack on HP Z8-G4
machine (LP: #1789145)
- ALSA: hda/realtek - Fix HP Headset Mic can't record
* Tango platform uses __initcall without further checks (LP: #1787945)
- [Config] disable ARCH_TANGO
* [18.10 FEAT] Add kernel config option "CONFIG_SCLP_OFB" (LP: #1787898)
- [Config] CONFIG_SCLP_OFB=y for s390x
-- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx> Mon, 24 Sep
2018 16:08:41 +0200
** Changed in: linux (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1788563
Title:
L1TF mitigation not effective in some CPU and RAM combinations
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This bug has been reported in multiple bugs and affects Trusty,
Xenial and Bionic. All releases need different backports, so T and X
will be sent in separate SRU requests.
Due to this bug in the original L1TF patch set, L1TF mitigation not
effective in certain CPU and installed RAM configurations.
== Fixes ==
9df9516940a6 ("x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit")
b0a182f87568 ("x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM")
cc51e5428ea5 ("x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+")
== Regression Potential ==
Low. These are security fixes and have all been cc'd to upstream
stable, so they have had additional upstream review.
== Test Case ==
A test kernel was built with these patches and tested by the original bug reporter.
The bug reporter states the test kernel resolved the bug.
Lenovo Thinkpad W530 system with 32 GB RAM
dmesg | grep -i l1tf
[ 0.038386] L1TF: System has more than MAX_PA/2 memory. L1TF mitigation not effective.
[ 2652.469669] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
Related:
https://bugzilla.opensuse.org/show_bug.cgi?id=1105536
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-32-generic 4.15.0-32.35
ProcVersionSignature: Ubuntu 4.15.0-32.35-generic 4.15.18
Uname: Linux 4.15.0-32-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: pgera 2809 F.... pulseaudio
CurrentDesktop: Unity:Unity7:ubuntu
Date: Thu Aug 23 03:38:40 2018
InstallationDate: Installed on 2018-08-11 (12 days ago)
InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
MachineType: LENOVO 24382LU
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-32-generic root=UUID=e2607c8a-4bd1-49fe-ad07-83046492fac5 ro quiet splash vt.handoff=1
RelatedPackageVersions:
linux-restricted-modules-4.15.0-32-generic N/A
linux-backports-modules-4.15.0-32-generic N/A
linux-firmware 1.173.1
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 06/11/2018
dmi.bios.vendor: LENOVO
dmi.bios.version: G5ETB2WW (2.72 )
dmi.board.asset.tag: Not Available
dmi.board.name: 24382LU
dmi.board.vendor: LENOVO
dmi.board.version: NO DPK
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias: dmi:bvnLENOVO:bvrG5ETB2WW(2.72):bd06/11/2018:svnLENOVO:pn24382LU:pvrThinkPadW530:rvnLENOVO:rn24382LU:rvrNODPK:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.family: ThinkPad W530
dmi.product.name: 24382LU
dmi.product.version: ThinkPad W530
dmi.sys.vendor: LENOVO
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1788563/+subscriptions