linux-lts-xenial (4.4.0-137.163~14.04.1) trusty; urgency=medium
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely
linux (4.4.0-136.162) xenial; urgency=medium
* linux: 4.4.0-136.162 -proposed tracker (LP: #1791745)
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- Revert "UBUNTU: SAUCE: bpf: Use barrier_nospec() instead of osb()"
- Revert "bpf: prevent speculative execution in eBPF interpreter"
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
* Xenial update to 4.4.144 stable release (LP: #1791080)
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
parallel.
- x86/MCE: Remove min interval polling limitation
- fat: fix memory allocation failure handling of match_strdup()
- ALSA: rawmidi: Change resized buffers atomically
- ARC: Fix CONFIG_SWAP
- ARC: mm: allow mprotect to make stack mappings executable
- mm: memcg: fix use after free in mem_cgroup_iter()
- ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
- ipv6: fix useless rol32 call on hash
- lib/rhashtable: consider param->min_size when setting initial table size
- net/ipv4: Set oif in fib_compute_spec_dst
- net: phy: fix flag masking in __set_phy_supported
- ptp: fix missing break in switch
- tg3: Add higher cpu clock for 5762.
- net: Don't copy pfmemalloc flag in __copy_skb_header()
- skbuff: Unconditionally copy pfmemalloc in __skb_clone()
- xhci: Fix perceived dead host due to runtime suspend race with event handler
- x86/paravirt: Make native_save_fl() extern inline
- SAUCE: Add missing CPUID_7_EDX defines
- SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
- x86/pti: Mark constant arrays as __initconst
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce
speculation attack surface
- x86/speculation: Clean up various Spectre related details
- x86/speculation: Fix up array_index_nospec_mask() asm constraint
- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
- x86/mm: Factor out LDT init from context init
- x86/mm: Give each mm TLB flush generation a unique ID
- SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context
switch
- x86/speculation: Use IBRS if available before calling into firmware
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
- selftest/seccomp: Fix the seccomp(2) signature
- xen: set cpu capabilities from xen_start_kernel()
- x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
- SAUCE: Preserve SPEC_CTRL MSR in new inlines
- SAUCE: Add Knights Mill to NO SSB list
- x86/process: Correct and optimize TIF_BLOCKSTEP switch
- x86/process: Optimize TIF_NOTSC switch
- Revert "x86/cpufeatures: Add FEATURE_ZEN"
- Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"
- x86/cpu/AMD: Fix erratum 1076 (CPB bit)
- x86/cpufeatures: Add FEATURE_ZEN
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
- x86/cpu: Re-apply forced caps every time CPU caps are re-read
- block: do not use interruptible wait anywhere
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
- ubi: Introduce vol_ignored()
- ubi: Rework Fastmap attach base code
- ubi: Be more paranoid while seaching for the most recent Fastmap
- ubi: Fix races around ubi_refill_pools()
- ubi: Fix Fastmap's update_vol()
- ubi: fastmap: Erase outdated anchor PEBs during attach
- Linux 4.4.144
* CVE-2017-5715 (Spectre v2 s390x)
- s390: detect etoken facility
- s390/lib: use expoline for all bcr instructions
- SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT
* Xenial update to 4.4.143 stable release (LP: #1790884)
- compiler, clang: suppress warning for unused static inline functions
- compiler, clang: properly override 'inline' for clang
- compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
- bcm63xx_enet: correct clock usage
- bcm63xx_enet: do not write to random DMA channel on BCM6345
- crypto: crypto4xx - remove bad list_del
- crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
- atm: zatm: Fix potential Spectre v1
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock
- net/mlx5: Fix incorrect raw command length parsing
- net: sungem: fix rx checksum support
- qed: Limit msix vectors in kdump kernel to the minimum required count.
- r8152: napi hangup fix after disconnect
- tcp: fix Fast Open key endianness
- tcp: prevent bogus FRTO undos with non-SACK flows
- vhost_net: validate sock before trying to put its fd
- net_sched: blackhole: tell upper qdisc about dropped packets
- net/mlx5: Fix command interface race in polling mode
- net: cxgb3_main: fix potential Spectre v1
- rtlwifi: rtl8821ae: fix firmware is not ready to run
- MIPS: Call dump_stack() from show_regs()
- MIPS: Use async IPIs for arch_tr
|