Groovy update: upstream stable patchset 2021-05-20

Bug #1929132 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Groovy
Fix Released
Medium
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2021-05-20

                Ported from the following upstream stable releases:
                        v5.4.114, v5.10.32
                        v5.4.115, v5.10.33
                        v5.4.116, v5.10.34
                        v5.4.117, v5.10.35

       from git://git.kernel.org/

Input: nspire-keypad - enable interrupts only when opened
gpio: sysfs: Obey valid_mask
dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
dmaengine: idxd: fix delta_rec and crc size field for completion record
dmaengine: idxd: fix opcap sysfs attribute output
dmaengine: idxd: fix wq size store permission state
dmaengine: dw: Make it dependent to HAS_IOMEM
dmaengine: Fix a double free in dma_async_device_register
dmaengine: plx_dma: add a missing put_device() on error path
ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
lockdep: Add a missing initialization hint to the "INFO: Trying to register non-static key" message
arc: kernel: Return -EFAULT if copy_to_user() fails
iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
xfrm: BEET mode doesn't support fragments for inner packets
ASoC: max98373: Added 30ms turn on/off time delay
gpu/xen: Fix a use after free in xen_drm_drv_init
neighbour: Disregard DEAD dst in neigh_update
ARM: keystone: fix integer overflow warning
ARM: omap1: fix building with clang IAS
drm/msm: Fix a5xx/a6xx timestamps
ASoC: fsl_esai: Fix TDM slot setup for I2S mode
scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
iwlwifi: add support for Qu with AX201 device
net: ieee802154: stop dump llsec keys for monitors
net: ieee802154: forbid monitor for add llsec key
net: ieee802154: forbid monitor for del llsec key
net: ieee802154: stop dump llsec devs for monitors
net: ieee802154: forbid monitor for add llsec dev
net: ieee802154: forbid monitor for del llsec dev
net: ieee802154: stop dump llsec devkeys for monitors
net: ieee802154: forbid monitor for add llsec devkey
net: ieee802154: forbid monitor for del llsec devkey
net: ieee802154: stop dump llsec seclevels for monitors
net: ieee802154: forbid monitor for add llsec seclevel
pcnet32: Use pci_resource_len to validate PCI resource
mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
virt_wifi: Return micros for BSS TSF values
lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
Input: s6sy761 - fix coordinate read bit shift
Input: i8042 - fix Pegatron C15B ID entry
HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
dm verity fec: fix misaligned RS roots IO
readdir: make sure to verify directory entry for legacy interfaces too
arm64: fix inline asm in load_unaligned_zeropad()
arm64: alternatives: Move length validation in alternative_{insn, endif}
vfio/pci: Add missing range check in vfio_pci_mmap
riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
scsi: libsas: Reset num_scatter if libata marks qc as NODATA
netfilter: flowtable: fix NAT IPv6 offload mangling
netfilter: conntrack: do not print icmpv6 as unknown via /proc
ice: Fix potential infinite loop when using u8 loop counter
libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
netfilter: bridge: add pre_exit hooks for ebtable unregistration
netfilter: arp_tables: add pre_exit hook for table unregister
net: macb: fix the restore of cmp registers
net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
netfilter: nft_limit: avoid possible divide error in nft_limit_init
net/mlx5e: Fix setting of RS FEC mode
net: davicom: Fix regulator not turned off on failed probe
net: sit: Unregister catch-all devices
net: ip6_tunnel: Unregister catch-all devices
mm: ptdump: fix build failure
net: Make tcp_allowed_congestion_control readonly in non-init netns
i40e: fix the panic when running bpf in xdpdrv mode
ia64: remove duplicate entries in generic_defconfig
ia64: tools: remove inclusion of ia64-specific version of errno.h header
ibmvnic: avoid calling napi_disable() twice
ibmvnic: remove duplicate napi_schedule call in do_reset function
ibmvnic: remove duplicate napi_schedule call in open function
gro: ensure frag0 meets IP header alignment
ARM: OMAP2+: Fix warning for omap_init_time_of()
ARM: footbridge: fix PCI interrupt mapping
ARM: OMAP2+: Fix uninitialized sr_inst
arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference
bpf: Use correct permission flag for mixed signed bounds arithmetic
r8169: tweak max read request size for newer chips also in jumbo mtu mode
r8169: don't advertise pause in jumbo mode
bpf: Ensure off_reg has no mixed signed bounds for all types
bpf: Move off_reg into sanitize_ptr_alu
ARM: 9071/1: uprobes: Don't hook on thumb instructions
bpf: Rework ptr_limit into alu_limit and add common error path
bpf: Improve verifier error messages for users
bpf: Move sanitize_val_alu out of op switch
net: phy: marvell: fix detection of PHY on Topaz switches
UBUNTU: upstream stable to v5.4.114, v5.10.32
vhost-vdpa: protect concurrent access to vhost device iotlb
gpio: omap: Save and restore sysconfig
KEYS: trusted: Fix TPM reservation for seal/unseal
pinctrl: lewisburg: Update number of pins in community
arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
bpf: Permits pointers on stack for helper calls
bpf: Refactor and streamline bounds check into helper
bpf: Tighten speculative pointer arithmetic mask
perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
perf auxtrace: Fix potential NULL pointer dereference
perf map: Fix error return code in maps__clone()
HID: google: add don USB id
HID: alps: fix error return code in alps_input_configured()
HID: wacom: Assign boolean values to a bool variable
ARM: dts: Fix swapped mmc order for omap3
net: geneve: check skb is large enough for IPv4/IPv6 header
dmaengine: tegra20: Fix runtime PM imbalance on error
s390/entry: save the caller of psw_idle
arm64: kprobes: Restore local irqflag if kprobes is cancelled
xen-netback: Check for hotplug-status existence before watching
cavium/liquidio: Fix duplicate argument
kasan: fix hwasan build for gcc
csky: change a Kconfig symbol name to fix e1000 build error
ia64: fix discontig.c section mismatches
ia64: tools: remove duplicate definition of ia64_mf() on ia64
x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
net: hso: fix NULL-deref on disconnect regression
USB: CDC-ACM: fix poison/unpoison imbalance
UBUNTU: upstream stable to v5.4.115, v5.10.33
iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
mei: me: add Alder Lake P device id.
bpf: Update selftests to reflect new error states
UBUNTU: upstream stable to v5.4.116, v5.10.34
mips: Do not include hi and lo in clobber list for R6
netfilter: conntrack: Make global sysctls readonly in non-init netns
net: usb: ax88179_178a: initialize local variables before use
igb: Enable RSS for Intel I211 Ethernet Controller
bpf: Fix masking negation logic upon negative dst register
bpf: Fix leakage of uninitialized bpf stack under speculation
net: qrtr: Avoid potential use after free in MHI send
perf data: Fix error return code in perf_data__create_dir()
capabilities: require CAP_SETFCAP to map uid 0
perf ftrace: Fix access to pid in array when setting a pid filter
driver core: add a min_align_mask field to struct device_dma_parameters
swiotlb: add a IO_TLB_SIZE define
swiotlb: factor out an io_tlb_offset helper
swiotlb: factor out a nr_slots helper
swiotlb: clean up swiotlb_tbl_unmap_single
swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
ovl: fix leaked dentry
ovl: allow upperdir inside lowerdir
ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
USB: Add reset-resume quirk for WD19's Realtek Hub
platform/x86: thinkpad_acpi: Correct thermal sensor allocation
perf/core: Fix unconditional security_locked_down() call
vfio: Depend on MMU
avoid __memcat_p link failure
UBUNTU: upstream stable to v5.4.117, v5.10.35

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Groovy):
assignee: nobody → Kamal Mostafa (kamalmostafa)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: Confirmed → Invalid
description: updated
description: updated
Changed in linux (Ubuntu Groovy):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (23.2 KiB)

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one...

Changed in linux (Ubuntu Groovy):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.