Groovy update: upstream stable patchset 2021-05-13
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Groovy |
Fix Released
|
Medium
|
Kamal Mostafa |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2021-05-13
from git://git.
ALSA: aloop: Fix initialization of controls
ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
ASoC: intel: atom: Stop advertising non working S24LE support
nfc: fix refcount leak in llcp_sock_bind()
nfc: fix refcount leak in llcp_sock_connect()
nfc: fix memory leak in llcp_sock_connect()
nfc: Avoid endless loops caused by repeated llcp_sock_connect()
selinux: make nslot handling in avtab more robust
xen/evtchn: Change irq_info lock to raw_spinlock_t
net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
net: dsa: lantiq_gswip: Don't use PHY auto polling
net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
drm/i915: Fix invalid access to ACPI _DSM objects
ACPI: processor: Fix build when CONFIG_
IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
gcov: re-fix clang-11+ support
ia64: fix user_stack_
nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
ocfs2: fix deadlock between setattr and dio_end_io_write
fs: direct-io: fix missing sdio->boundary
ethtool: fix incorrect datatype in set_eee ops
of: property: fw_devlink: do not link ".*,nr-gpios"
parisc: parisc-agp requires SBA IOMMU driver
parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
batman-adv: initialize "struct batadv_
ice: Increase control queue timeout
ice: prevent ice_open and ice_stop during reset
ice: remove DCBNL_DEVRESET bit from PF state
ice: Fix for dereference of NULL pointer
ice: Cleanup fltr list in case of allocation issues
iwlwifi: pcie: properly set LTR workarounds on 22000 devices
net: hso: fix null-ptr-deref during tty device unregistration
libbpf: Fix bail out from 'ringbuf_
bpf: Enforce that struct_ops programs be GPL-only
bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
ethernet/
libbpf: Only create rx and tx XDP rings when necessary
bpf, sockmap: Fix sk->prot unhash op reset
net: ensure mac header is set in virtio_
i40e: Fix sparse warning: missing error code 'err'
i40e: Fix sparse error: 'vsi->netdev' could be null
i40e: Fix sparse errors in i40e_txrx.c
net: sched: sch_teql: fix null-pointer dereference
net: sched: fix action overwrite reference counting
mac80211: fix TXQ AC confusion
net: hsr: Reset MAC header for Tx path
net-ipv6: bugfix - raw & sctp - switch to ipv6_can_
net: let skb_orphan_partial wake-up waiters.
usbip: add sysfs_lock to synchronize sysfs code paths
usbip: stub-dev synchronize sysfs code paths
usbip: vudc synchronize sysfs code paths
usbip: synchronize event handler with sysfs code paths
driver core: Fix locking bug in deferred_
scsi: target: iscsi: Fix zero tag inside a trace event
i2c: turn recovery error on init to debug
ice: Refactor DCB related variables out of the ice_port_info struct
ice: Recognize 860 as iSCSI port in CEE mode
xfrm: interface: fix ipv4 pmtu check to honor ip header df
xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
regulator: bd9571mwv: Fix AVS and DVFS voltage range
ARM: OMAP4: Fix PMIC voltage domains for bionic
ARM: OMAP4: PM: update ROM return address for OSWR and OFF
net: xfrm: Localize sequence counter per network namespace
esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
ASoC: SOF: Intel: HDA: fix core status verification
ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
xfrm: Fix NULL pointer dereference on policy lookup
virtchnl: Fix layout of RSS structures
i40e: Added Asym_Pause to supported link modes
i40e: Fix kernel oops when i40e driver removes VF's
hostfs: fix memory handling in follow_link()
amd-xgbe: Update DMA coherency values
sch_red: fix off-by-one checks in red_check_params()
arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
xfrm: Provide private skb extensions for segmented and hw offloaded ESP packets
can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
gianfar: Handle error code at MAC address change
cxgb4: avoid collecting SGE_QBASE regs during traffic
net:tipc: Fix a double free in tipc_sk_mcast_rcv
ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
net/ncsi: Avoid channel_monitor hrtimer deadlock
net: qrtr: Fix memory leak on qrtr_tx_wait failure
nfp: flower: ignore duplicate merge hints from FW
net: phy: broadcom: Only advertise EEE for supported modes
I2C: JZ4780: Fix bug for Ingenic X1000.
ASoC: sunxi: sun4i-codec: fill ASoC card owner
net/mlx5e: Fix ethtool indication of connector type
net/mlx5: Don't request more than supported EQs
net/rds: Fix a use after free in rds_message_
xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
soc/fsl: qbman: fix conflicting alignment attributes
i40e: Fix display statistics for veb_tc
RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session files
drm/msm: Set drvdata to NULL when msm_drm_init() fails
net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
mptcp: forbit mcast-related sockopt on MPTCP sockets
scsi: ufs: core: Fix task management request completion timeout
scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
net: cls_api: Fix uninitialised struct field bo->unlocked_
net: macb: restore cmp registers on resume path
clk: fix invalid usage of list cursor in register
clk: fix invalid usage of list cursor in unregister
workqueue: Move the position of debug_work_
s390/cpcmd: fix inline assembly register clobbering
perf inject: Fix repipe usage
net: openvswitch: conntrack: simplify the return expression of ovs_ct_
openvswitch: fix send of uninitialized stack memory in ct limit reply
i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
tipc: increment the tmp aead refcnt before attaching it
net: hns3: clear VF down state bit before request link status
net/mlx5: Fix placement of log_max_
net/mlx5: Fix PPLM register mapping
net/mlx5: Fix PBMC register mapping
RDMA/cxgb4: check for ipv6 address properly while destroying listener
perf report: Fix wrong LBR block sorting
i40e: Fix parameters in aq_get_
RDMA/addr: Be strict with gid size
RAS/CEC: Correct ce_add_elem()'s returned values
clk: socfpga: fix iomem pointer cast on 64-bit
lockdep: Address clang -Wformat warning printing for %hd
dt-bindings: net: ethernet-
cfg80211: remove WARN_ON() in cfg80211_
net: tun: set tun->dev->addr_len during TUNSETLINK processing
drivers: net: fix memory leak in atusb_probe
drivers: net: fix memory leak in peak_usb_create_dev
net: mac802154: Fix general protection fault
net: ieee802154: nl-mac: fix check on panid
net: ieee802154: fix nl802154 del llsec key
net: ieee802154: fix nl802154 del llsec dev
net: ieee802154: fix nl802154 add llsec key
net: ieee802154: fix nl802154 del llsec devkey
net: ieee802154: forbid monitor for set llsec params
net: ieee802154: forbid monitor for del llsec seclevel
net: ieee802154: stop dump llsec params for monitors
UBUNTU: upstream stable to v5.4.112, v5.10.30
interconnect: core: fix error return code of icc_link_destroy()
gfs2: Flag a withdraw if init_threads() fails
KVM: arm64: Hide system instruction access to Trace registers
KVM: arm64: Disable guest access to trace filter controls
drm/imx: imx-ldb: fix out of bounds array access warning
gfs2: report "already frozen/thawed" errors
ftrace: Check if pages were allocated before calling free_pages()
tools/kvm_stat: Add restart delay
drm/tegra: dc: Don't set PLL clock to 0Hz
gpu: host1x: Use different lock classes for each client
block: only update parent bi_status when bio fail
radix tree test suite: Register the main thread with the RCU library
idr test suite: Take RCU read lock in idr_find_test_1
idr test suite: Create anchor before launching throbber
io_uring: don't mark S_ISBLK async work as unbounded
riscv,entry: fix misaligned base for excp_vect_table
block: don't ignore REQ_NOWAIT for direct IO
perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches
net: sfp: relax bitrate-derived mode check
net: sfp: cope with SFPs that set both LOS normal and LOS inverted
xen/events: fix setting irq affinity
perf tools: Use %zd for size_t printf formats on 32-bit
UBUNTU: upstream stable to v5.4.113, v5.10.31
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
Changed in linux (Ubuntu Groovy): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
description: | updated |
Changed in linux (Ubuntu Groovy): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux - 5.8.0-59.66
---------------
linux (5.8.0-59.66) groovy; urgency=medium
* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
- SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
- SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu
linux (5.8.0-57.64) groovy; urgency=medium
* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
* pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
(LP: #1931731)
- net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
linux (5.8.0-56.63) groovy; urgency=medium
* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
* Packaging resync (LP: #1786013)
- update dkms package versions
* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
- scsi: storvsc: Parameterize number hardware queues
* CVE-2021-33200
- bpf: Wrap aux data inside bpf_sanitize_info container
- bpf: Fix mask direction swap upon off reg sign change
- bpf: No need to simulate speculative domain for immediates
* CVE-2021-3490
- SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
bitwise ops"
- gpf: Fix alu32 const subreg bound tracking on bitwise operations
* CVE-2021-3489
- SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
only ringbuf pages"
- bpf: Prevent writable memory-mapping of read-only ringbuf pages
* Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
(LP: #1928242)
- USB: Verify the port status when timeout happens during port suspend
* CVE-2020-26145
- ath10k: drop fragments with multicast DA for SDIO
- ath10k: add CCMP PN replay protection for fragmented frames for PCIe
- ath10k: drop fragments with multicast DA for PCIe
* CVE-2020-26141
- ath10k: Fix TKIP Michael MIC verification for PCIe
* CVE-2020-24587
- ath11k: Clear the fragment cache during key install
* CVE-2020-24588
- mac80211: properly handle A-MSDUs that start with an RFC 1042 header
- cfg80211: mitigate A-MSDU aggregation attacks
- mac80211: drop A-MSDUs on old ciphers
- ath10k: drop MPDU which has discard flag set by firmware for SDIO
* CVE-2020-26139
- mac80211: do not accept/forward invalid EAPOL frames
* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
- mac80211: extend protection against mixed key and fragment cache attacks
* CVE-2020-24586 // CVE-2020-24587
- mac80211: prevent mixed key and fragment cache attacks
- mac80211: add fragment cache to sta_info
- mac80211: check defrag PN against current frame
- mac80211: prevent attacks on TKIP/WEP as well
* CVE-2020-26147
- mac80211: assure all fragments are encrypted
* raid10: Block discard is very slow, causing severe delays for mkfs and discard_ bio() for submitting discard bio
fstrim operations (LP: #1896578)
- md: add md_submit_
- md/raid10: extend r10bio devs to raid disks
- md/raid10: pull the code that wait for blocked dev into one...