kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #109230
[Bug 1431280] Re: x86: mm/fault: Fix semaphore imbalance
This bug was fixed in the package linux - 3.2.0-79.115
---------------
linux (3.2.0-79.115) precise; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1431359
* Merged back all changes that were in Ubuntu-3.2.0-78.113
[ Upstream Kernel Changes ]
* x86: mm/fault: Fix semaphore imbalance
- LP: #1431280
linux (3.2.0-78.113) precise; urgency=low
[ Seth Forshee ]
* Release Tracking Bug
- LP: #1427736
[ Upstream Kernel Changes ]
* Revert "tcp: Apply device TSO segment limit earlier"
- LP: #1427413
* eCryptfs: Force RO mount when encrypted view is enabled
- LP: #1427413
* sound: simplify au0828 quirk table
- LP: #1427413
* sound: Update au0828 quirks table
- LP: #1427413
* af9005: fix kernel panic on init if compiled without IR
- LP: #1427413
* writeback: Move I_DIRTY_PAGES handling
- LP: #1427413
* writeback: fix a subtle race condition in I_DIRTY clearing
- LP: #1427413
* usb: renesas_usbhs: gadget: fix NULL pointer dereference in
ep_disable()
- LP: #1427413
* ipv4: Remove all uses of LL_ALLOCATED_SPACE
- LP: #1427413
* ipv6: Remove all uses of LL_ALLOCATED_SPACE
- LP: #1427413
* ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs
- LP: #1427413
* KVM: s390: flush CPU on load control
- LP: #1427413
* UBI: Fix invalid vfree()
- LP: #1427413
* driver core: Fix unbalanced device reference in drivers_probe
- LP: #1427413
* drbd: merge_bvec_fn: properly remap bvm->bi_bdev
- LP: #1427413
* PCI: Restore detection of read-only BARs
- LP: #1427413
* scsi: correct return values for .eh_abort_handler implementations
- LP: #1427413
* bus: omap_l3_noc: Correct returning IRQ_HANDLED unconditionally in the
irq handler
- LP: #1427413
* genhd: check for int overflow in disk_expand_part_tbl()
- LP: #1427413
* USB: cdc-acm: check for valid interfaces
- LP: #1427413
* uvcvideo: Fix destruction order in uvc_delete()
- LP: #1427413
* mfd: tc6393xb: Fail ohci suspend if full state restore is required
- LP: #1427413
* serial: samsung: wait for transfer completion before clock disable
- LP: #1427413
* Bluetooth: btusb: Add support for Belkin F8065bf
- LP: #1427413
* Bluetooth: ath3k: Add support for a new AR3012 device
- LP: #1427413
* Bluetooth: ath3k: Add support for another AR3012 card
- LP: #1427413
* Bluetooth: Add support for Toshiba Bluetooth device [0930:0220]
- LP: #1427413
* Bluetooth: Enable Atheros 0cf3:311e for firmware upload
- LP: #1427413
* Bluetooth: Add firmware update for Atheros 0cf3:311f
- LP: #1427413
* Bluetooth: btusb: Add IMC Networks (Broadcom based)
- LP: #1427413
* Bluetooth: sort the list of IDs in the source code
- LP: #1427413
* Bluetooth: append new supported device to the list [0b05:17d0]
- LP: #1427413
* Bluetooth: Add support for Intel bootloader devices
- LP: #1427413
* Bluetooth: Ignore isochronous endpoints for Intel USB bootloader
- LP: #1427413
* Bluetooth: Add support for Acer [13D3:3432]
- LP: #1427413
* Bluetooth: Add support for Broadcom device of Asus Z97-DELUXE
motherboard
- LP: #1427413
* Add a new PID/VID 0227/0930 for AR3012.
- LP: #1427413
* Bluetooth: Add support for Acer [0489:e078]
- LP: #1427413
* Bluetooth: ath3k: Add support of MCI 13d3:3408 bt device
- LP: #1427413
* Bluetooth: Add USB device 04ca:3010 as Atheros AR3012
- LP: #1427413
* eCryptfs: Remove buggy and unnecessary write in file name decode
routine
- LP: #1427413
* USB: adutux: NULL dereferences on disconnect
- LP: #1427413
* ALSA: hda - using uninitialized data
- LP: #1427413
* dm space map metadata: fix sm_bootstrap_get_nr_blocks()
- LP: #1427413
* ath9k_hw: fix hardware queue allocation
- LP: #1427413
* ath9k: fix BE/BK queue order
- LP: #1427413
* ath5k: fix hardware queue index assignment
- LP: #1427413
* iommu/vt-d: Fix an off-by-one bug in __domain_mapping()
- LP: #1427413
* drm/vmwgfx: Don't use memory accounting for kernel-side fence objects
- LP: #1427413
* hp_accel: Add support for HP ZBook 15
- LP: #1427413
* ALSA: usb-audio: Don't resubmit pending URBs at MIDI error recovery
- LP: #1427413
* KEYS: Fix stale key registration at error path
- LP: #1427413
* fib_trie: Fix /proc/net/fib_trie when CONFIG_IP_MULTIPLE_TABLES is not
defined
- LP: #1427413
* Btrfs: fix fs corruption on transaction abort if device supports
discard
- LP: #1427413
* ncpfs: return proper error from NCP_IOC_SETROOT ioctl
- LP: #1427413
* x86_64, switch_to(): Load TLS descriptors before switching DS and ES
- LP: #1427413
* mac80211: fix multicast LED blinking and counter
- LP: #1427413
* genirq: Prevent proc race against freeing of irq descriptors
- LP: #1427413
* decompress_bunzip2: off by one in get_next_block()
- LP: #1427413
* x86/tls: Disallow unusual TLS segments
- LP: #1427413
* iscsi-target: Fail connection on short sendmsg writes
- LP: #1427413
* ceph: introduce global empty snap context
- LP: #1427413
* x86/tls: Don't validate lm in set_thread_area() after all
- LP: #1427413
* ALSA: usb-audio: extend KEF X300A FU 10 tweak to Arcam rPAC
- LP: #1427413
* ocfs2: fix journal commit deadlock
- LP: #1427413
* udf: Verify i_size when loading inode
- LP: #1427413
* udf: Verify symlink size before loading it
- LP: #1427413
* udf: Treat symlink component of type 2 as /
- LP: #1427413
* udf: Check path length when reading symlink
- LP: #1427413
* udf: Check component length before reading it
- LP: #1427413
* crypto: af_alg - fix backlog handling
- LP: #1427413
* net: Fix stacked vlan offload features computation
- LP: #1427413
* video/logo: prevent use of logos after they have been freed
- LP: #1427413
* video/fbdev: fix defio's fsync
- LP: #1427413
* USB: cp210x: fix ID for production CEL MeshConnect USB Stick
- LP: #1427413
* ALSA: hda - Fix wrong gpio_dir & gpio_mask hint setups for IDT/STAC
codecs
- LP: #1427413
* spi: dw: Fix detecting FIFO depth
- LP: #1427413
* spi: dw-mid: fix FIFO size
- LP: #1427413
* virtio: use dev_to_virtio wrapper in virtio
- LP: #1427413
* virtio_pci: defer kfree until release callback
- LP: #1427413
* virtio_pci: document why we defer kfree
- LP: #1427413
* USB: cp210x: add IDs for CEL USB sticks and MeshWorks devices
- LP: #1427413
* ASoC: wm8960: Fix capture sample rate from 11250 to 11025
- LP: #1427413
* mm: propagate error from stack expansion even for guard page
- LP: #1427413
* sata_dwc_460ex: fix resource leak on error path
- LP: #1427413
* time: settimeofday: Validate the values of tv from user
- LP: #1427413
* Input: i8042 - reset keyboard to fix Elantech touchpad detection
- LP: #1427413
* regulator: core: fix race condition in regulator_put()
- LP: #1427413
* Input: I8042 - add Acer Aspire 7738 to the nomux list
- LP: #1427413
* mm: prevent endless growth of anon_vma hierarchy
- LP: #1427413
* mm: remove unused arg of set_page_dirty_balance()
- LP: #1427413
* mm: protect set_page_dirty() from ongoing truncation
- LP: #1427413
* HID: roccat: potential out of bounds in pyra_sysfs_write_settings()
- LP: #1427413
* OHCI: add a quirk for ULi M5237 blocking on reset
- LP: #1427413
* usb: gadget: udc: atmel: change setting for DMA
- LP: #1427413
* usb: gadget: udc: atmel: fix possible IN hang issue
- LP: #1427413
* usb: gadget: udc: atmel: fix possible oops when unloading module
- LP: #1427413
* USB: console: fix potential use after free
- LP: #1427413
* mm: Don't count the stack guard page towards RLIMIT_STACK
- LP: #1427413
* mm: fix corner case in anon_vma endless growing prevention
- LP: #1427413
* gpio: fix memory and reference leaks in gpiochip_add error path
- LP: #1427413
* ftrace/jprobes/x86: Fix conflict between jprobes and function graph
tracing
- LP: #1427413
* can: dev: fix crtlmode_supported check
- LP: #1427413
* sysfs.h: add ATTRIBUTE_GROUPS() macro
- LP: #1427413
* driver core: Introduce device_create_groups
- LP: #1427413
* gpio: sysfs: fix gpio-chip device-attribute leak
- LP: #1427413
* gpiolib: Refactor gpio_export
- LP: #1427413
* Fix circular locking dependency (3.3-rc2)
- LP: #1427413
* gpio: sysfs: fix gpio device-attribute leak
- LP: #1427413
* gpio: sysfs: fix gpio attribute-creation race
- LP: #1427413
* net: sctp: fix race for one-to-many sockets in sendmsg's auto associate
- LP: #1427413
* ALSA: usb-audio: Add mic volume fix quirk for Logitech Webcam C210
- LP: #1427413
* libata: allow sata_sil24 to opt-out of tag ordered submission
- LP: #1427413
* scripts/recordmcount.pl: There is no -m32 gcc option on Super-H anymore
- LP: #1427413
* libata: prevent HSM state change race between ISR and PIO
- LP: #1427413
* x86, hyperv: Mark the Hyper-V clocksource as being continuous
- LP: #1427413
* x86, tls, ldt: Stop checking lm in LDT_empty
- LP: #1427413
* Input: i8042 - add noloop quirk for Medion Akoya E7225 (MD98857)
- LP: #1427413
* x86, tls: Interpret an all-zero struct user_desc as "no segment"
- LP: #1427413
* nl80211: fix per-station group key get/del and memory leak
- LP: #1427413
* usb-storage/SCSI: blacklist FUA on JMicron 152d:2566 USB-SATA
controller
- LP: #1427413
* usb-core bInterval quirk
- LP: #1427413
* USB: Add OTG PET device to TPL
- LP: #1427413
* drm/i915: Only fence tiled region of object.
- LP: #1427413
* ALSA: seq-dummy: remove deadlock-causing events on close
- LP: #1427413
* net: sctp: fix slab corruption from use after free on INIT collisions
- LP: #1427413
* vm: add VM_FAULT_SIGSEGV handling support
- LP: #1427413
* vm: make stack guard page errors return VM_FAULT_SIGSEGV rather than
SIGBUS
- LP: #1427413
* ACPI / EC: Fix regression due to conflicting firmware behavior between
Samsung and Acer.
- LP: #1427413
* s390/3215: fix tty output containing tabs
- LP: #1427413
* x86, cpu, amd: Add workaround for family 16h, erratum 793
- LP: #1427413
* fsnotify: next_i is freed during fsnotify_unmount_inodes.
- LP: #1427413
* netfilter: ipset: small potential read beyond the end of buffer
- LP: #1427413
* dcache: Fix locking bugs in backported "deal with deadlock in d_walk()"
- LP: #1427413
* tg3: tg3_disable_ints using uninitialized mailbox value to disable
interrupts
- LP: #1427413
* enic: fix rx skb checksum
- LP: #1427413
* net/core: Handle csum for CHECKSUM_COMPLETE VXLAN forwarding
- LP: #1427413
* vfs: Fix vfsmount_lock imbalance in path_init()
- LP: #1427413
* splice: Apply generic position and size checks to each write
- LP: #1427413
- CVE-2014-7822
* PCI: Handle read-only BARs on AMD CS553x devices
- LP: #1427413
* Linux 3.2.67
- LP: #1427413
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Thu, 12 Mar 2015 11:20:15 +0000
** Changed in: linux (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-7822
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1431280
Title:
x86: mm/fault: Fix semaphore imbalance
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Precise:
Fix Released
Bug description:
The qrt kernel_security are hanging with "task hung" errors/warnings
on the console with Precise. This seems to be due to an issue in the
backport to the 3.2.67 stable kernel of commit:
commit 33692f27597fcab536d7cbbcc8f52905133e4aa7
Author: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Date: Thu Jan 29 10:51:32 2015 -0800
vm: add VM_FAULT_SIGSEGV handling support
3.2.68 kernel fixes this issue with commit:
commit 6749fd110bf44164782df9bba86c0327474446b9
Author: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
Date: Wed Feb 25 00:02:28 2015 +0000
x86: mm/fault: Fix semaphore imbalance
When backporting commit 33692f27597f ('vm: add VM_FAULT_SIGSEGV
handling support') I didn't notice that it depended on a recent change
to the locking context of mm_fault_error() (commit 7fb08eca4527,
'x86: mm: move mmap_sem unlock from mm_fault_error() to caller').
That isn't easily applicable to 3.2, so instead make sure we drop
mm->mmap_sem on the new branch of mm_fault_error().
The ubuntu-qrt-apparmor are also hanging, possibly for the same
reason.
Including commit 6749fd110bf4 ("x86: mm/fault: Fix semaphore
imbalance") in Precise seems to fix these issues.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1431280/+subscriptions
References
