UbuntuUpdates.org

Package "linux-aws"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-aws

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0

Latest version: 4.4.0-1023.23
Release: trusty (14.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux-aws": https://www.ubuntuupdates.org/linux-aws



Other versions of "linux-aws" in Trusty

Repository Area Version
security universe 4.4.0-1022.22
updates universe 4.4.0-1022.22
proposed universe 4.4.0-1022.22

Packages in group

Deleted packages are displayed in grey.

linux-aws-headers-4.4.0-1002 linux-aws-headers-4.4.0-1003 linux-aws-headers-4.4.0-1004 linux-aws-headers-4.4.0-1005 linux-aws-headers-4.4.0-1006
linux-aws-headers-4.4.0-1007 linux-aws-headers-4.4.0-1009 linux-aws-headers-4.4.0-1010 linux-aws-headers-4.4.0-1011 linux-aws-headers-4.4.0-1012
linux-aws-headers-4.4.0-1013 linux-aws-headers-4.4.0-1014 linux-aws-headers-4.4.0-1015 linux-aws-headers-4.4.0-1016 linux-aws-headers-4.4.0-1017
linux-aws-headers-4.4.0-1018 linux-aws-headers-4.4.0-1020 linux-aws-headers-4.4.0-1023

Changelog

Version: 4.4.0-1023.23 2018-05-26 00:09:21 UTC

 linux-aws (4.4.0-1023.23) trusty; urgency=medium
 .
   * linux-aws: 4.4.0-1023.23 -proposed tracker (LP: #1772963)
 .
   * Xenial update to 4.4.129 stable release (LP: #1768429)
     - [Config] Remove ARCH_HWEIGHT_CFLAGS
 .
   [ Ubuntu: 4.4.0-128.154 ]
 .
   * linux: 4.4.0-128.154 -proposed tracker (LP: #1772960)
   * CVE-2018-3639 (x86)
     - x86/cpu: Make alternative_msr_write work for 32-bit code
     - x86/bugs: Fix the parameters alignment and missing void
     - KVM: SVM: Move spec control call after restore of GS
     - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
     - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
     - x86/cpufeatures: Disentangle SSBD enumeration
     - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
     - x86/cpufeatures: Add FEATURE_ZEN
     - x86/speculation: Handle HT correctly on AMD
     - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
     - x86/speculation: Add virtualized speculative store bypass disable support
     - x86/speculation: Rework speculative_store_bypass_update()
     - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
     - x86/bugs: Expose x86_spec_ctrl_base directly
     - x86/bugs: Remove x86_spec_ctrl_set()
     - x86/bugs: Rework spec_ctrl base and mask logic
     - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
     - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
     - x86/bugs: Rename SSBD_NO to SSB_NO
     - KVM: VMX: Expose SSBD properly to guests.
   * [i915_bpo] Fix flickering issue after panel change (LP: #1770565)
     - drm/i915: Fix iboost setting for DDI with 4 lanes on SKL
     - drm/i915: Name the "iboost bit"
     - drm/i915: Program iboost settings for HDMI/DVI on SKL
     - drm/i915: Move bxt_ddi_vswing_sequence() call into intel_ddi_pre_enable()
       for HDMI
     - drm/i915: Explicitly use ddi buf trans entry 9 for hdmi
     - drm/i915: Split DP/eDP/FDI and HDMI/DVI DDI buffer programming apart
     - drm/i915: Get the iboost setting based on the port type
     - drm/i915: Simplify intel_ddi_get_encoder_port()
     - drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2
     - drm/i915: KBL - Recommended buffer translation programming for DisplayPort
     - drm/i915: Ignore OpRegion panel type except on select machines
   * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
     - init: fix false positives in W+X checking
   * [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
     - SAUCE: (no-up) s390: fix rwlock implementation
   * linux < 4.11: unable to use netfilter logging from non-init namespaces
     (LP: #1766573)
     - netfilter: allow logging from non-init namespaces
   * [LTC Test] Ubuntu 18.04: tm_sigreturn failed on P8 compat mode 16.04.04
     guest (LP: #1771439)
     - powerpc: signals: Discard transaction state from signal frames
   * QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
     - ath10k: update the IRAM bank number for QCA9377
   * i915/kbl_dmc_ver1.bin failed with error -2 package 1.157.17 kernel
     4.4.0-116-generic (LP: #1752536)
     - ubuntu: i915_bpo - Add MODULE_FIRMWARE for Geminilake's DMC
   * Xenial update to 4.4.131 stable release (LP: #1768825)
     - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
     - ext4: set h_journal if there is a failure starting a reserved handle
     - ext4: add validity checks for bitmap block numbers
     - ext4: fix bitmap position validation
     - usbip: usbip_host: fix to hold parent lock for device_attach() calls
     - usbip: vhci_hcd: Fix usb device and sockfd leaks
     - USB: serial: simple: add libtransistor console
     - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
     - USB: serial: cp210x: add ID for NI USB serial console
     - usb: core: Add quirk for HP v222w 16GB Mini
     - USB: Increment wakeup count on remote wakeup.
     - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
     - virtio: add ability to iterate over vqs
     - virtio_console: free buffers after reset
     - drm/virtio: fix vq wait_event condition
     - tty: Don't call panic() at tty_ldisc_init()
     - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
     - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
     - tty: Use __GFP_NOFAIL for tty_ldisc_get()
     - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
     - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
     - ALSA: hda/realtek - Add some fixes for ALC233
     - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
     - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
     - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
     - kobject: don't use WARN for registration failures
     - scsi: sd: Defer spinning up drive while SANITIZE is in progress
     - ARM: amba: Make driver_override output consistent with other buses
     - ARM: amba: Fix race condition with driver_override
     - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
     - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
     - libceph: validate con->state at the top of try_write()
     - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
     - x86/smpboot: Don't use mwait_play_dead() on AMD systems
     - serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init
     - serial: mctrl_gpio: Add missing module license
     - Linux 4.4.131
   * Xenial update to 4.4.130 stable release (LP: #1768474) // CVE-2017-5715 //
     CVE-2017-5753
     - SAUCE: s390: print messages for gmb and nobp
   * Xenial update to 4.4.130 stable release (LP: #1768474)
     - cifs: do not allow creating sockets except with SMB1 posix exensions
     - x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
     - perf: Return proper values for user stack errors
     - staging: ion : Donnot wakeup kswapd in ion system

Source diff to previous version
CVE-2018-8087 Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to caus
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
1766054 Acer Swift sf314-52 power button not managed
1750038 user space process hung in 'D' state waiting for disk io to complete
1769671 [Xenial] Kernels OOPS when mwifiex is in AP mode
1763748 Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in DELL XPS 13 9370 with firmware 1.50
1768474 Xenial update to 4.4.130 stable release
1768825 Xenial update to 4.4.131 stable release
1752536 i915/kbl_dmc_ver1.bin failed with error -2 package 1.157.17 kernel 4.4.0-116-generic
1748345 QCA9377 requires more IRAM banks for its new firmware
1771439 [LTC Test] Ubuntu 18.04: tm_sigreturn failed on P8 compat mode 16.04.04 guest
1766573 linux \u003c 4.11: unable to use netfilter logging from non-init namespaces
1761674 [Ubuntu 16.04] kernel: fix rwlock implementation
1769696 [SRU][Bionic/Artful] fix false positives in W+X checking
1770565 [i915_bpo] Fix flickering issue after panel change
1768429 Xenial update to 4.4.129 stable release

Version: 4.4.0-1020.20 2018-05-11 18:10:42 UTC

 linux-aws (4.4.0-1020.20) trusty; urgency=medium
 .
   * linux-aws: 4.4.0-1020.20 -proposed tracker (LP: #1770013)
 .
   * Xenial update to 4.4.118 stable release (LP: #1756866)
     - [Config] Add CONFIG_DST_CACHE=y
     - [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
 .
   [ Ubuntu: 4.4.0-125.150 ]
 .
   * linux: 4.4.0-125.150 -proposed tracker (LP: #1770011)
   * Unable to insert test_bpf module on Xenial (LP: #1765698)
     - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
     - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
   * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
     - SAUCE: (no-up) virtio-scsi: Fix race in target free
   * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
     (LP: #1763454) // CVE-2017-17862
     - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
   * Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
     - rfkill: fix missing return on rfkill_init
   * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
     - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
   * Xenial update to 4.4.128 stable release (LP: #1765010)
     - cfg80211: make RATE_INFO_BW_20 the default
     - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
     - rtc: snvs: fix an incorrect check of return value
     - x86/asm: Don't use RBP as a temporary register in
       csum_partial_copy_generic()
     - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
     - IB/srpt: Fix abort handling
     - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
     - mac80211: bail out from prep_connection() if a reconfig is ongoing
     - bna: Avoid reading past end of buffer
     - qlge: Avoid reading past end of buffer
     - ipmi_ssif: unlock on allocation failure
     - net: cdc_ncm: Fix TX zero padding
     - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
     - lockd: fix lockd shutdown race
     - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
     - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
       alloc_pid()
     - s390: move _text symbol to address higher than zero
     - net/mlx4_en: Avoid adding steering rules with invalid ring
     - NFSv4.1: Work around a Linux server bug...
     - CIFS: silence lockdep splat in cifs_relock_file()
     - net: qca_spi: Fix alignment issues in rx path
     - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
     - Input: elan_i2c - check if device is there before really probing
     - Input: elantech - force relative mode on a certain module
     - KVM: PPC: Book3S PR: Check copy_to/from_user return values
     - vmxnet3: ensure that adapter is in proper state during force_close
     - SMB2: Fix share type handling
     - bus: brcmstb_gisb: Use register offsets with writes too
     - bus: brcmstb_gisb: correct support for 64-bit address output
     - PowerCap: Fix an error code in powercap_register_zone()
     - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
     - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
       calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
     - x86/tsc: Provide 'tsc=unstable' boot parameter
     - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
     - ipv6: avoid dad-failures for addresses with NODAD
     - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
     - usb: dwc3: keystone: check return value
     - btrfs: fix incorrect error return ret being passed to mapping_set_error
     - ata: libahci: properly propagate return value of platform_get_irq()
     - neighbour: update neigh timestamps iff update is effective
     - arp: honour gratuitous ARP _replies_
     - usb: chipidea: properly handle host or gadget initialization failure
     - USB: ene_usb6250: fix first command execution
     - net: x25: fix one potential use-after-free issue
     - USB: ene_usb6250: fix SCSI residue overwriting
     - serial: 8250: omap: Disable DMA for console UART
     - serial: sh-sci: Fix race condition causing garbage during shutdown
     - sh_eth: Use platform device for printing before register_netdev()
     - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
     - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
     - ath5k: fix memory leak on buf on failed eeprom read
     - selftests/powerpc: Fix TM resched DSCR test with some compilers
     - xfrm: fix state migration copy replay sequence numbers
     - iio: hi8435: avoid garbage event at first enable
     - iio: hi8435: cleanup reset gpio
     - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
     - md-cluster: fix potential lock issue in add_new_disk
     - ARM: davinci: da8xx: Create DSP device only when assigned memory
     - ray_cs: Avoid reading past end of buffer
     - leds: pca955x: Correct I2C Functionality
     - sched/numa: Use down_read_trylock() for the mmap_sem
     - net/mlx5: Tolerate irq_set_affinity_hint() failures
     - selinux: do not check open permission on sockets
     - block: fix an error code in add_partition()
     - mlx5: fix bug reading rss_hash_type from CQE
     - net: ieee802154: fix net_device reference release too early
     - libceph: NULL deref on crush_decode() error path
     - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
     - pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
     - ASoC: rsnd: SSI PIO adjust to 24bit mode
     - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
     - fix race in drivers/char/random.c:get_reg()
     - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
     - tcp: better validation of received ack sequences
     - net: move somaxconn init from sysctl code
     - Input: elan_i2c - clear INT before resetting controller
     - bonding: Don't update slave->

Source diff to previous version
1756866 Xenial update to 4.4.118 stable release
1765698 Unable to insert test_bpf module on Xenial
1765241 virtio_scsi race can corrupt memory, panic kernel
1763454 bpf_map_lookup_elem: BUG: unable to handle kernel paging request
1764810 Xenial: rfkill: fix missing return on rfkill_init
1761534 \
1765010 Xenial update to 4.4.128 stable release
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1765007 Xenial update to 4.4.127 stable release
1764999 Xenial update to 4.4.126 stable release
1764973 Xenial update to 4.4.125 stable release
1726930 System fails to start (boot) on battery due to read-only root file-system
1764762 Xenial update to 4.4.124 stable release
1764666 Xenial update to 4.4.123 stable release
1764627 Xenial update to 4.4.122 stable release
1764367 Xenial update to 4.4.121 stable release
1764316 Xenial update to 4.4.120 stable release
1762453 Xenial update to 4.4.119 stable release
1749420 [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics
1755627 ibrs/ibpb fixes result in excessive kernel logging
CVE-2017-17862 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This beh
CVE-2017-16995 The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corrupt
CVE-2018-1000004 In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadl

Version: 4.4.0-1018.18 2018-04-27 11:10:02 UTC

 linux-aws (4.4.0-1018.18) trusty; urgency=medium
 .
   * linux-aws: 4.4.0-1018.18 -proposed tracker (LP: #1766605)
 .
   * Xenial update to 4.4.118 stable release (LP: #1756866)
     - [Config] Update config with stable changes
 .
   * Xenial update to 4.4.115 stable release (LP: #1755509)
     - aws: [Config] CONFIG_BPF_JIT_ALWAYS_ON=y
 .
   [ Ubuntu: 4.4.0-123.147 ]
 .
   * linux: 4.4.0-123.147 -proposed tracker (LP: #1766604)
   * Unable to insert test_bpf module on Xenial (LP: #1765698)
     - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
     - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
   * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
     - SAUCE: (no-up) virtio-scsi: Fix race in target free
   * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
     (LP: #1763454) // CVE-2017-17862
     - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
   * Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
     - rfkill: fix missing return on rfkill_init
   * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
     - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
   * Xenial update to 4.4.128 stable release (LP: #1765010)
     - cfg80211: make RATE_INFO_BW_20 the default
     - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
     - rtc: snvs: fix an incorrect check of return value
     - x86/asm: Don't use RBP as a temporary register in
       csum_partial_copy_generic()
     - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
     - IB/srpt: Fix abort handling
     - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
     - mac80211: bail out from prep_connection() if a reconfig is ongoing
     - bna: Avoid reading past end of buffer
     - qlge: Avoid reading past end of buffer
     - ipmi_ssif: unlock on allocation failure
     - net: cdc_ncm: Fix TX zero padding
     - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
     - lockd: fix lockd shutdown race
     - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
     - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
       alloc_pid()
     - s390: move _text symbol to address higher than zero
     - net/mlx4_en: Avoid adding steering rules with invalid ring
     - NFSv4.1: Work around a Linux server bug...
     - CIFS: silence lockdep splat in cifs_relock_file()
     - net: qca_spi: Fix alignment issues in rx path
     - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
     - Input: elan_i2c - check if device is there before really probing
     - Input: elantech - force relative mode on a certain module
     - KVM: PPC: Book3S PR: Check copy_to/from_user return values
     - vmxnet3: ensure that adapter is in proper state during force_close
     - SMB2: Fix share type handling
     - bus: brcmstb_gisb: Use register offsets with writes too
     - bus: brcmstb_gisb: correct support for 64-bit address output
     - PowerCap: Fix an error code in powercap_register_zone()
     - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
     - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
       calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
     - x86/tsc: Provide 'tsc=unstable' boot parameter
     - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
     - ipv6: avoid dad-failures for addresses with NODAD
     - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
     - usb: dwc3: keystone: check return value
     - btrfs: fix incorrect error return ret being passed to mapping_set_error
     - ata: libahci: properly propagate return value of platform_get_irq()
     - neighbour: update neigh timestamps iff update is effective
     - arp: honour gratuitous ARP _replies_
     - usb: chipidea: properly handle host or gadget initialization failure
     - USB: ene_usb6250: fix first command execution
     - net: x25: fix one potential use-after-free issue
     - USB: ene_usb6250: fix SCSI residue overwriting
     - serial: 8250: omap: Disable DMA for console UART
     - serial: sh-sci: Fix race condition causing garbage during shutdown
     - sh_eth: Use platform device for printing before register_netdev()
     - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
     - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
     - ath5k: fix memory leak on buf on failed eeprom read
     - selftests/powerpc: Fix TM resched DSCR test with some compilers
     - xfrm: fix state migration copy replay sequence numbers
     - iio: hi8435: avoid garbage event at first enable
     - iio: hi8435: cleanup reset gpio
     - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
     - md-cluster: fix potential lock issue in add_new_disk
     - ARM: davinci: da8xx: Create DSP device only when assigned memory
     - ray_cs: Avoid reading past end of buffer
     - leds: pca955x: Correct I2C Functionality
     - sched/numa: Use down_read_trylock() for the mmap_sem
     - net/mlx5: Tolerate irq_set_affinity_hint() failures
     - selinux: do not check open permission on sockets
     - block: fix an error code in add_partition()
     - mlx5: fix bug reading rss_hash_type from CQE
     - net: ieee802154: fix net_device reference release too early
     - libceph: NULL deref on crush_decode() error path
     - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
     - pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
     - ASoC: rsnd: SSI PIO adjust to 24bit mode
     - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
     - fix race in drivers/char/random.c:get_reg()
     - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
     - tcp: better validation of received ack sequences
     - net: move somaxconn init from sysctl code
     - Input: elan_i2c - clear INT

Source diff to previous version
1756866 Xenial update to 4.4.118 stable release
1755509 Xenial update to 4.4.115 stable release
1765698 Unable to insert test_bpf module on Xenial
1765241 virtio_scsi race can corrupt memory, panic kernel
1763454 bpf_map_lookup_elem: BUG: unable to handle kernel paging request
1764810 Xenial: rfkill: fix missing return on rfkill_init
1761534 \
1765010 Xenial update to 4.4.128 stable release
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1765007 Xenial update to 4.4.127 stable release
1764999 Xenial update to 4.4.126 stable release
1764973 Xenial update to 4.4.125 stable release
1726930 System fails to start (boot) on battery due to read-only root file-system
1764762 Xenial update to 4.4.124 stable release
1764666 Xenial update to 4.4.123 stable release
1764627 Xenial update to 4.4.122 stable release
1764367 Xenial update to 4.4.121 stable release
1764316 Xenial update to 4.4.120 stable release
1762453 Xenial update to 4.4.119 stable release
1749420 [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics
1755627 ibrs/ibpb fixes result in excessive kernel logging
1757435 Redpine: WiFi scan stopping issue observed with BLE
1763644 Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware
CVE-2017-17862 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This beh
CVE-2017-16995 The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corrupt
CVE-2018-1000004 In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadl

Version: 4.4.0-1017.17 2018-04-06 20:08:18 UTC

 linux-aws (4.4.0-1017.17) trusty; urgency=medium
 .
   * linux-aws: 4.4.0-1017.17 -proposed tracker (LP: #1761439)
 .
 .
   [ Ubuntu: 4.4.0-120.144 ]
 .
   * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)
   * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
     image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
     - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
       thread"
     - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
   * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
     install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
     - [Packaging] include the retpoline extractor in the headers
   * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
     - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
     - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
     - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
     - x86/paravirt, objtool: Annotate indirect calls
     - x86/asm: Stop depending on ptrace.h in alternative.h
     - [Packaging] retpoline -- add safe usage hint support
     - [Packaging] retpoline-check -- only report additions
     - [Packaging] retpoline -- widen indirect call/jmp detection
     - [Packaging] retpoline -- elide %rip relative indirections
     - [Packaging] retpoline -- clear hint information from packages
     - SAUCE: modpost: add discard to non-allocatable whitelist
     - KVM: x86: Make indirect calls in emulator speculation safe
     - KVM: VMX: Make indirect call speculation safe
     - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
     - SAUCE: early/late -- annotate indirect calls in early/late initialisation
       code
     - SAUCE: vga_set_mode -- avoid jump tables
     - [Config] retpoline -- switch to new format
     - [Packaging] final-checks -- remove check for empty retpoline files
   * Xenial update to 4.4.117 stable release (LP: #1756860)
     - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
     - PM / devfreq: Propagate error from devfreq_add_device()
     - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
     - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
     - arm: spear600: Add missing interrupt-parent of rtc
     - arm: spear13xx: Fix dmas cells
     - arm: spear13xx: Fix spics gpio controller's warning
     - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
     - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
       by always inlining iterator helper methods
     - x86/cpu: Change type of x86_cache_size variable to unsigned int
     - drm/radeon: adjust tested variable
     - rtc-opal: Fix handling of firmware error codes, prevent busy loops
     - ext4: save error to disk in __ext4_grp_locked_error()
     - ext4: correct documentation for grpid mount option
     - mm: hide a #warning for COMPILE_TEST
     - video: fbdev: atmel_lcdfb: fix display-timings lookup
     - console/dummy: leave .con_font_get set to NULL
     - rtlwifi: rtl8821ae: Fix connection lost problem correctly
     - Btrfs: fix deadlock in run_delalloc_nocow
     - Btrfs: fix crash due to not cleaning up tree log block's dirty bits
     - Btrfs: fix unexpected -EEXIST when creating new inode
     - ALSA: hda - Fix headset mic detection problem for two Dell machines
     - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
     - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
     - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
     - ALSA: seq: Fix racy pool initializations
     - mvpp2: fix multicast address filter
     - dm: correctly handle chained bios in dec_pending()
     - x86: fix build warnign with 32-bit PAE
     - vfs: don't do RCU lookup of empty pathnames
     - ARM: pxa/tosa-bt: add MODULE_LICENSE tag
     - ARM: dts: s5pv210: add interrupt-parent for ohci
     - media: r820t: fix r820t_write_reg for KASAN
     - Linux 4.4.117
   * zfs system process hung on container stop/delete (LP: #1754584)
     - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu19
     - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
   * apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471)
     - SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized
   * Xenial update to 4.4.116 stable release (LP: #1756121)
     - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le
     - powerpc/64: Fix flush_(d|i)cache_range() called from modules
     - powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
     - powerpc: Simplify module TOC handling
     - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
     - usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit
     - usbip: fix 3eee23c3ec14 tcp_socket address still in the status file
     - net: cdc_ncm: initialize drvflags before usage
     - ASoC: simple-card: Fix misleading error message
     - ASoC: rsnd: don't call free_irq() on Parent SSI
     - ASoC: rsnd: avoid duplicate free_irq()
     - drm: rcar-du: Use the VBK interrupt for vblank events
     - drm: rcar-du: Fix race condition when disabling planes at CRTC stop
     - x86/asm: Fix inline asm call constraints for GCC 4.4
     - ip6mr: fix stale iterator
     - net: igmp: add a missing rcu locking section
     - qlcnic: fix deadlock bug
     - r8169: fix RTL8168EP take too long to complete driver initialization.
     - tcp: release sk_frag.page in tcp_disconnect
     - vhost_net: stop device during reset owner
     - media: soc_camera: soc_scale_crop: add missing
       MODULE_DESCRIPTION/AUTHOR/LICENSE
     - KEYS: encrypted: fix buffer overread in valid_master_desc()
     - don't put symlink bodies in pagecache into highmem
     - crypto: tcrypt - fix S/G table for test_aead_speed()
     - x86/microcode: Do the family check first
     

Source diff to previous version
1759920 intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-image-4.13.0-37-generic)
1760876 DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel
1758856 retpoline hints: primary infrastructure and initial hints
1756860 Xenial update to 4.4.117 stable release
1754584 zfs system process hung on container stop/delete
1758471 apparmor: fix bad __initdata tagging on, apparmor_initialized
1756121 Xenial update to 4.4.116 stable release
1723127 Intel i40e PF reset due to incorrect MDD detection (continues...)
1755509 Xenial update to 4.4.115 stable release
1752655 retpoline: ignore %cs:0xNNN constant indirections
1759821 Dell XPS 13 9360 bluetooth scan can not detect any device
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at

Version: 4.4.0-1016.16 2018-03-28 22:08:32 UTC

 linux-aws (4.4.0-1016.16) trusty; urgency=medium
 .
   * linux-aws: 4.4.0-1016.16 -proposed tracker (LP: #1759610)
 .
 .
   [ Ubuntu: 4.4.0-118.142 ]
 .
   * linux: 4.4.0-118.142 -proposed tracker (LP: #1759607)
   * Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty) (LP: #1758869)
     - x86/microcode/AMD: Do not load when running on a hypervisor
   * CVE-2018-8043
     - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
       unimac_mdio_probe()
 .

1758869 Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty)
CVE-2018-8043 The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availabilit



About   -   Send Feedback to @ubuntu_updates