UbuntuUpdates.org

Package "linux-hwe-edge"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-hwe-edge

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP
  • Linux kernel version specific cloud tools for version 5.0.0-20
  • Linux kernel version specific cloud tools for version 5.0.0-20

Latest version: 5.0.0-20.21~18.04.1
Release: bionic (18.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux-hwe-edge": https://www.ubuntuupdates.org/linux-hwe-edge



Other versions of "linux-hwe-edge" in Bionic

Repository Area Version
security main 5.0.0-20.21~18.04.1
updates main 5.0.0-20.21~18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.0.0-20.21~18.04.1 2019-06-27 08:08:52 UTC

 linux-hwe-edge (5.0.0-20.21~18.04.1) bionic; urgency=medium
 .
   * linux-hwe-edge: 5.0.0-20.21~18.04.1 -proposed tracker (LP: #1833930)
 .
   [ Ubuntu: 5.0.0-20.21 ]
 .
   * linux: 5.0.0-20.21 -proposed tracker (LP: #1833934)
   * CVE-2019-11479
     - SAUCE: tcp: add tcp_min_snd_mss sysctl
     - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
   * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
     manipulation (LP: #1831638) // CVE-2019-11478
     - tcp: refine memory limit test in tcp_fragment()

Source diff to previous version
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer

Version: 5.0.0-18.19~18.04.2 2019-06-17 23:07:45 UTC

 linux-hwe-edge (5.0.0-18.19~18.04.2) bionic; urgency=medium
 .
   * linux-hwe-edge: 5.0.0-18.19~18.04.1 -proposed tracker (LP: #1832489)
 .
   * [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on
     Ubuntu (LP: #1761379)
     - [Packaging] Support building libperf-jvmti.so for HWE
 .
   * Disco update: 5.0.12 upstream stable release (LP: #1830934)
     - [Config] Document drop of axis-fifo for amd64/i386
 .
   [ Ubuntu: 5.0.0-18.19 ]
 .
   * linux: 5.0.0-18.19 -proposed tracker (LP: #1832492)
   * CVE-2019-11479
     - SAUCE: tcp: add tcp_min_snd_mss sysctl
     - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
   * CVE-2019-11884
     - Bluetooth: hidp: fix buffer overflow
   * TPM module can not initial (LP: #1826142)
     - spi: Optionally use GPIO descriptors for CS GPIOs
     - spi: dw: Convert to use CS GPIO descriptors
     - spi: dw: fix warning unused variable 'ret'
     - spi: Support high CS when using descriptors
     - spi: dw: Fix default polarity of native chipselect
     - gpio: of: Fix logic inversion
     - spi: Add missing error handling for CS GPIOs
   * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
     - SAUCE: Synchronize MDS mitigations with upstream
     - Documentation: Correct the possible MDS sysfs values
     - x86/speculation/mds: Fix documentation typo
   * CVE-2019-11091
     - x86/mds: Add MDSUM variant to the MDS documentation
   * Regression for ubuntu_kernel_selftests [net] ubuntu_bpf test case fails to
     build on disco (LP: #1829812)
     - tools: bpftool: add basic probe capability, probe syscall availability
     - tools: bpftool: add probes for eBPF program types
   * POSIX fix for ftrace test in ubuntu_kernel_selftests (LP: #1828995)
     - selftests/ftrace: Replace \e with \033
     - selftests/ftrace: Replace echo -e with printf
   * Disco update: 5.0.12 upstream stable release (LP: #1830934)
     - selinux: use kernel linux/socket.h for genheaders and mdp
     - Revert "ACPICA: Clear status of GPEs before enabling them"
     - drm/i915: Do not enable FEC without DSC
     - mm: make page ref count overflow check tighter and more explicit
     - mm: add 'try_get_page()' helper function
     - mm: prevent get_user_pages() from overflowing page refcount
     - fs: prevent page refcount overflow in pipe_buf_get
     - arm64: dts: renesas: r8a77990: Fix SCIF5 DMA channels
     - ARM: dts: bcm283x: Fix hdmi hpd gpio pull
     - s390: limit brk randomization to 32MB
     - mt76x02: fix hdr pointer in write txwi for USB
     - mt76: mt76x2: fix external LNA gain settings
     - mt76: mt76x2: fix 2.4 GHz channel gain settings
     - net: ieee802154: fix a potential NULL pointer dereference
     - ieee802154: hwsim: propagate genlmsg_reply return code
     - Btrfs: fix file corruption after snapshotting due to mix of buffered/DIO
       writes
     - net: stmmac: don't set own bit too early for jumbo frames
     - net: stmmac: fix jumbo frame sending with non-linear skbs
     - qlcnic: Avoid potential NULL pointer dereference
     - xsk: fix umem memory leak on cleanup
     - staging: axis-fifo: add CONFIG_OF dependency
     - staging, mt7621-pci: fix build without pci support
     - netfilter: nft_set_rbtree: check for inactive element after flag mismatch
     - netfilter: bridge: set skb transport_header before entering
       NF_INET_PRE_ROUTING
     - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies
     - netfilter: ip6t_srh: fix NULL pointer dereferences
     - s390/qeth: fix race when initializing the IP address table
     - ARM: imx51: fix a leaked reference by adding missing of_node_put
     - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
     - serial: ar933x_uart: Fix build failure with disabled console
     - KVM: arm64: Reset the PMU in preemptible context
     - arm64: KVM: Always set ICH_HCR_EL2.EN if GICv4 is enabled
     - KVM: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory
     - KVM: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots
     - usb: dwc3: pci: add support for Comet Lake PCH ID
     - usb: gadget: net2280: Fix overrun of OUT messages
     - usb: gadget: net2280: Fix net2280_dequeue()
     - usb: gadget: net2272: Fix net2272_dequeue()
     - ARM: dts: pfla02: increase phy reset duration
     - i2c: i801: Add support for Intel Comet Lake
     - KVM: arm/arm64: Fix handling of stage2 huge mappings
     - net: ks8851: Dequeue RX packets explicitly
     - net: ks8851: Reassert reset pin if chip ID check fails
     - net: ks8851: Delay requesting IRQ until opened
     - net: ks8851: Set initial carrier state to down
     - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc
     - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference
     - staging: rtl8712: uninitialized memory in read_bbreg_hdl()
     - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc
     - net: phy: Add DP83825I to the DP83822 driver
     - net: macb: Add null check for PCLK and HCLK
     - net/sched: don't dereference a->goto_chain to read the chain index
     - ARM: dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi
     - drm/tegra: hub: Fix dereference before check
     - NFS: Fix a typo in nfs_init_timeout_values()
     - net: xilinx: fix possible object reference leak
     - net: ibm: fix possible object reference leak
     - net: ethernet: ti: fix possible object reference leak
     - drm: Fix drm_release() and device unplug
     - gpio: aspeed: fix a potential NULL pointer dereference
     - drm/meson: Fix invalid pointer in meson_drv_unbind()
     - drm/meson: Uninstall IRQ handler
     - ARM: davinci: fix build failure with allnoconfig
     - sbitmap: order READ/WRITE freed instance and setting clear bit
     - staging: vc04_services: Fix an error code in vchiq_probe()
     - scsi: mpt3sas: Fix kernel panic during expander reset
     - scsi: aacraid: Insure we don

Source diff to previous version
1761379 [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on Ubuntu
1830934 Disco update: 5.0.12 upstream stable release
1826142 TPM module can not initial
1829812 Regression for ubuntu_kernel_selftests [net] ubuntu_bpf test case fails to build on disco
1828995 POSIX fix for ftrace test in ubuntu_kernel_selftests
1830929 Disco update: 5.0.11 upstream stable release
1830922 Disco update: 5.0.10 upstream stable release
1830906 Disco update: 5.0.9 upstream stable release
1828868 crashdump fails on HiSilicon D06
1828798 Eletrical noise occurred when external headset enter powersaving mode on a DEll machine
1829306 ethtool identify command doesn't blink LED on Hi1620 NICs
1830175 Add support to Comet Lake LPSS
1830587 Reduce NAPI weight in hns driver from 256 to 64
CVE-2019-11884 The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive in
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory

Version: 5.0.0-16.17~18.04.1 2019-05-20 17:08:28 UTC

 linux-hwe-edge (5.0.0-16.17~18.04.1) bionic; urgency=medium
 .
   * linux-hwe-edge: 5.0.0-16.17~18.04.1 -proposed tracker (LP: #1829171)
 .
   * Disco update: 5.0.8 upstream stable release (LP: #1828415)
     - [Packaging] remove n_r3964 from built modules list
 .
   [ Ubuntu: 5.0.0-16.17 ]
 .
   * linux: 5.0.0-16.17 -proposed tracker (LP: #1829173)
   * shiftfs: lock security sensitive superblock flags (LP: #1827122)
     - SAUCE: shiftfs: lock down certain superblock flags
   * Please package libbpf (which is done out of the kernel src) in Debian [for
     19.10] (LP: #1826410)
     - SAUCE: tools -- fix add ability to disable libbfd
   * Disco update: 5.0.8 upstream stable release (LP: #1828415)
     - drm/i915/gvt: do not let pin count of shadow mm go negative
     - kbuild: pkg: use -f $(srctree)/Makefile to recurse to top Makefile
     - netfilter: nft_compat: use .release_ops and remove list of extension
     - netfilter: nf_tables: use-after-free in dynamic operations
     - netfilter: nf_tables: add missing ->release_ops() in error path of newrule()
     - hv_netvsc: Fix unwanted wakeup after tx_disable
     - ibmvnic: Fix completion structure initialization
     - ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
     - ipv6: Fix dangling pointer when ipv6 fragment
     - ipv6: sit: reset ip header pointer in ipip6_rcv
     - kcm: switch order of device registration to fix a crash
     - net: ethtool: not call vzalloc for zero sized memory request
     - net-gro: Fix GRO flush when receiving a GSO packet.
     - net/mlx5: Decrease default mr cache size
     - netns: provide pure entropy for net_hash_mix()
     - net: rds: force to destroy connection if t_sock is NULL in
       rds_tcp_kill_sock().
     - net/sched: act_sample: fix divide by zero in the traffic path
     - net/sched: fix ->get helper of the matchall cls
     - qmi_wwan: add Olicard 600
     - r8169: disable ASPM again
     - sctp: initialize _pad of sockaddr_in before copying to user memory
     - tcp: Ensure DCTCP reacts to losses
     - tcp: fix a potential NULL pointer dereference in tcp_sk_exit
     - vrf: check accept_source_route on the original netdevice
     - net/mlx5e: Fix error handling when refreshing TIRs
     - net/mlx5e: Add a lock on tir list
     - nfp: validate the return code from dev_queue_xmit()
     - nfp: disable netpoll on representors
     - bnxt_en: Improve RX consumer index validity check.
     - bnxt_en: Reset device on RX buffer errors.
     - net: ip_gre: fix possible use-after-free in erspan_rcv
     - net: ip6_gre: fix possible use-after-free in ip6erspan_rcv
     - net: bridge: always clear mcast matching struct on reports and leaves
     - net: thunderx: fix NULL pointer dereference in nicvf_open/nicvf_stop
     - net: vrf: Fix ping failed when vrf mtu is set to 0
     - net: core: netif_receive_skb_list: unlist skb before passing to pt->func
     - r8169: disable default rx interrupt coalescing on RTL8168
     - net: mlx5: Add a missing check on idr_find, free buf
     - net/mlx5e: Update xoff formula
     - net/mlx5e: Update xon formula
     - kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD
     - lib/string.c: implement a basic bcmp
     - Revert "clk: meson: clean-up clock registration"
     - tty: mark Siemens R3964 line discipline as BROKEN
     - [Config]: remove CONFIG_R3964
     - [Config]: add CONFIG_LDISC_AUTOLOAD=y
     - tty: ldisc: add sysctl to prevent autoloading of ldiscs
     - hwmon: (w83773g) Select REGMAP_I2C to fix build error
     - hwmon: (occ) Fix power sensor indexing
     - SMB3: Allow persistent handle timeout to be configurable on mount
     - HID: logitech: Handle 0 scroll events for the m560
     - ACPICA: Clear status of GPEs before enabling them
     - ACPICA: Namespace: remove address node from global list after method
       termination
     - ALSA: seq: Fix OOB-reads from strlcpy
     - ALSA: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233
     - ALSA: hda/realtek - Add quirk for Tuxedo XC 1509
     - ALSA: xen-front: Do not use stream buffer size before it is set
     - mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd()
     - arm64: dts: rockchip: fix rk3328 sdmmc0 write errors
     - mmc: alcor: don't write data before command has completed
     - mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning
     - parisc: Detect QEMU earlier in boot process
     - parisc: regs_return_value() should return gpr28
     - parisc: also set iaoq_b in instruction_pointer_set()
     - alarmtimer: Return correct remaining time
     - drm/i915/gvt: do not deliver a workload if its creation fails
     - drm/sun4i: DW HDMI: Lower max. supported rate for H6
     - drm/udl: add a release method and delay modeset teardown
     - kvm: svm: fix potential get_num_contig_pages overflow
     - include/linux/bitrev.h: fix constant bitrev
     - mm: writeback: use exact memcg dirty counts
     - ASoC: intel: Fix crash at suspend/resume after failed codec registration
     - ASoC: fsl_esai: fix channel swap issue when stream starts
     - Btrfs: do not allow trimming when a fs is mounted with the nologreplay
       option
     - btrfs: prop: fix zstd compression parameter validation
     - btrfs: prop: fix vanished compression property after failed set
     - riscv: Fix syscall_get_arguments() and syscall_set_arguments()
     - block: Revert v5.0 blk_mq_request_issue_directly() changes
     - block: do not leak memory in bio_copy_user_iov()
     - block: fix the return errno for direct IO
     - genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
     - genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n
     - virtio: Honour 'may_reduce_num' in vring_create_virtqueue
     - ARM: OMAP1: ams-delta: Fix broken GPIO ID allocation
     - ARM: dts: rockchip: fix rk3288 cpu opp node reference
     - ARM: dts: am335x-evmsk: Correct the regulators for the audio codec
     - ARM: dts: am335x

Source diff to previous version
1828415 Disco update: 5.0.8 upstream stable release
1827122 shiftfs: lock security sensitive superblock flags
1826410 Please package libbpf (which is done out of the kernel src) in Debian [for 19.10]
1828410 Disco update: 5.0.7 upstream stable release
1822871 enabling ftrace on Hi1620 CS causes an Oops
1827972 The noise keeps occurring when Headset is plugged in on a Dell machine
1824864 CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64
1827967 There are 4 HDMI/Displayport audio output listed in sound setting without attach any HDMI/DP monitor
1824259 Headphone jack switch sense is inverted: plugging in headphones disables headphone output
1828092 ratelimit cma_alloc messages
1806380 linux-buildinfo: pull out ABI information into its own package
1766201 CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error Checking for all LINUX clients for devops4p10
1825777 False positive test result in run_netsocktests from net in ubuntu_kernel_selftest

Version: 5.0.0-15.16~18.04.1 2019-05-14 21:09:14 UTC

 linux-hwe-edge (5.0.0-15.16~18.04.1) bionic; urgency=medium
 .
   [ Ubuntu: 5.0.0-15.16 ]
 .
   * CVE-2019-11683
     - udp: fix GRO reception in case of length mismatch
     - udp: fix GRO packet of death
   * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
     - x86/msr-index: Cleanup bit defines
     - x86/speculation: Consolidate CPU whitelists
     - x86/speculation/mds: Add basic bug infrastructure for MDS
     - x86/speculation/mds: Add BUG_MSBDS_ONLY
     - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
     - x86/speculation/mds: Add mds_clear_cpu_buffers()
     - x86/speculation/mds: Clear CPU buffers on exit to user
     - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
     - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
     - x86/speculation/mds: Add mitigation control for MDS
     - x86/speculation/mds: Add sysfs reporting for MDS
     - x86/speculation/mds: Add mitigation mode VMWERV
     - Documentation: Move L1TF to separate directory
     - Documentation: Add MDS vulnerability documentation
     - x86/speculation/mds: Add mds=full,nosmt cmdline option
     - x86/speculation: Move arch_smt_update() call to after mitigation decisions
     - x86/speculation/mds: Add SMT warning message
     - x86/speculation/mds: Fix comment
     - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
     - x86/speculation/mds: Add 'mitigations=' support for MDS
   * CVE-2017-5715 // CVE-2017-5753
     - s390/speculation: Support 'mitigations=' cmdline option
   * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
     - powerpc/speculation: Support 'mitigations=' cmdline option
   * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
     CVE-2018-3646
     - cpu/speculation: Add 'mitigations=' cmdline option
     - x86/speculation: Support 'mitigations=' cmdline option
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
 .

Source diff to previous version
1786013 Packaging resync
CVE-2019-11683 udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-ou
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 5.0.0-14.15~18.04.1 2019-04-26 02:12:59 UTC

 linux-hwe-edge (5.0.0-14.15~18.04.1) bionic; urgency=medium
 .
   * linux-hwe-edge: 5.0.0-14.15~18.04.1 -proposed tracker (LP: #1826147)
 .
   [ Ubuntu: 5.0.0-14.15 ]
 .
   * linux: 5.0.0-14.15 -proposed tracker (LP: #1826150)
   * [SRU] Please sync vbox modules from virtualbox 6.0.6 on next kernel update
     (LP: #1825210)
     - vbox-update: updates for renamed makefiles
     - ubuntu: vbox -- update to 6.0.6-dfsg-1
   * Intel I210 Ethernet card not working after hotplug [8086:1533]
     (LP: #1818490)
     - igb: Fix WARN_ONCE on runtime suspend
   * [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
     upgrade (LP: #1821663)
     - ALSA: hda - Add two more machines to the power_save_blacklist
   * CVE-2019-9500
     - brcmfmac: assure SSID length from firmware is limited
   * CVE-2019-9503
     - brcmfmac: add subtype check for event handling in data path
   * CVE-2019-3882
     - vfio/type1: Limit DMA mappings per container
   * autofs kernel module missing (LP: #1824333)
     - [Config] Update autofs4 path in inclusion list
   * The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
     - misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
     - SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
   * headset-mic doesn't work on two Dell laptops. (LP: #1825272)
     - ALSA: hda/realtek - add two more pin configuration sets to quirk table
   * CVE-2019-3887
     - KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
     - KVM: x86: nVMX: fix x2APIC VTPR read intercept
   * CVE-2019-3874
     - sctp: implement memory accounting on tx path
     - sctp: implement memory accounting on rx path
   * CVE-2019-1999
     - binder: fix race between munmap() and direct reclaim
   * apparmor does not start in Disco LXD containers (LP: #1824812)
     - SAUCE: shiftfs: use separate llseek method for directories

1825210 [SRU] Please sync vbox modules from virtualbox 6.0.6 on next kernel update
1818490 Intel I210 Ethernet card not working after hotplug [8086:1533]
1821663 [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04 upgrade
1824333 autofs kernel module missing
1825487 The Realtek card reader does not enter PCIe 1.1/1.2
1825272 headset-mic doesn't work on two Dell laptops.
1824812 apparmor does not start in Disco LXD containers
CVE-2019-9500 brcmfmac: assure SSID length from firmware is limited
CVE-2019-9503 brcmfmac: add subtype check for event handling in data path
CVE-2019-3882 DoS through vfio/type1 DMA mappings
CVE-2019-3887 A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1
CVE-2019-3874 The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of
CVE-2019-1999 In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privileg



About   -   Send Feedback to @ubuntu_updates