Package "linux-aws"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-aws


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0

Latest version: 4.4.0-1108.119
Release: xenial (16.04)
Level: base
Repository: main


Save this URL for the latest version of "linux-aws": https://www.ubuntuupdates.org/linux-aws

Other versions of "linux-aws" in Xenial

Repository Area Version
security main 4.4.0-1107.118
security universe 4.4.0-1012.21
updates universe 4.4.0-1012.21
updates main 4.4.0-1107.118
proposed main 4.4.0-1108.119

Packages in group

Deleted packages are displayed in grey.


Version: 4.4.0-1108.119 2020-05-21 09:08:17 UTC

 linux-aws (4.4.0-1108.119) xenial; urgency=medium
   * xenial/linux-aws: 4.4.0-1108.119 -proposed tracker (LP: #1878861)
   [ Ubuntu: 4.4.0-180.210 ]
   * xenial/linux: 4.4.0-180.210 -proposed tracker (LP: #1878873)
   * Xenial update: 4.4.223 upstream stable release (LP: #1878232)
     - mwifiex: fix PCIe register information for 8997 chipset
     - drm/qxl: qxl_release use after free
     - drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
     - staging: rtl8192u: Fix crash due to pointers being "confusing"
     - usb: gadget: f_acm: Fix configfs attr name
     - usb: gadged: pch_udc: get rid of redundant assignments
     - usb: gadget: pch_udc: reorder spin_[un]lock to avoid deadlock
     - usb: gadget: udc: core: don't starve DMA resources
     - MIPS: Fix macro typo
     - MIPS: ptrace: Drop cp0_tcstatus from regoffset_table[]
     - MIPS: BMIPS: Fix PRID_IMP_BMIPS5000 masking for BMIPS5200
     - MIPS: smp-cps: Stop printing EJTAG exceptions to UART
     - MIPS: scall: Handle seccomp filters which redirect syscalls
     - MIPS: BMIPS: BMIPS5000 has I cache filing from D cache
     - MIPS: BMIPS: Clear MIPS_CACHE_ALIASES earlier
     - MIPS: BMIPS: local_r4k___flush_cache_all needs to blast S-cache
     - MIPS: BMIPS: Pretty print BMIPS5200 processor name
     - MIPS: Fix HTW config on XPA kernel without LPA enabled
     - MIPS: BMIPS: Adjust mips-hpt-frequency for BCM7435
     - MIPS: math-emu: Fix BC1{EQ,NE}Z emulation
     - MIPS: Fix BC1{EQ,NE}Z return offset calculation
     - MIPS: perf: Fix I6400 event numbers
     - MIPS: KVM: Fix translation of MFC0 ErrCtl
     - MIPS: SMP: Update cpu_foreign_map on CPU disable
     - MIPS: c-r4k: Fix protected_writeback_scache_line for EVA
     - MIPS: Octeon: Off by one in octeon_irq_gpio_map()
     - bpf, mips: fix off-by-one in ctx offset allocation
     - MIPS: RM7000: Double locking bug in rm7k_tc_disable()
     - mips/panic: replace smp_send_stop() with kdump friendly version in panic
     - ARM: dts: armadillo800eva Correct extal1 frequency to 24 MHz
     - ARM: imx: select SRC for i.MX7
     - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wxl/wsxl
     - ARM: dts: kirkwood: gpio pin fixes for linkstation ls-wvl/vl
     - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wxl/wsxl
     - ARM: dts: kirkwood: gpio-leds fixes for linkstation ls-wvl/vl
     - ARM: dts: orion5x: gpio pin fixes for linkstation lswtgl
     - ARM: dts: orion5x: fix the missing mtd flash on linkstation lswtgl
     - ARM: dts: kirkwood: use unique machine name for ds112
     - ARM: dts: kirkwood: add kirkwood-ds112.dtb to Makefile
     - ARM: OMAP2+: hwmod: fix _idle() hwmod state sanity check sequence
     - perf/x86: Fix filter_events() bug with event mappings
     - x86/LDT: Print the real LDT base address
     - x86/apic/uv: Silence a shift wrapping warning
     - ALSA: fm801: explicitly free IRQ line
     - ALSA: fm801: propagate TUNER_ONLY bit when autodetected
     - ALSA: fm801: detect FM-only card earlier
     - netfilter: nfnetlink: use original skbuff when acking batches
     - xfrm: fix crash in XFRM_MSG_GETSA netlink handler
     - mwifiex: fix IBSS data path issue.
     - mwifiex: add missing check for PCIe8997 chipset
     - iwlwifi: set max firmware version of 7265 to 17
     - Bluetooth: btmrvl: fix hung task warning dump
     - dccp: limit sk_filter trim to payload
     - net/mlx4_core: Do not BUG_ON during reset when PCI is offline
     - mlxsw: pci: Correctly determine if descriptor queue is full
     - PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive()
     - alpha/PCI: Call iomem_is_exclusive() for IORESOURCE_MEM, but not
     - vfio/pci: Allow VPD short read
     - mlxsw: Treat local port 64 as valid
     - IB/mlx4: Initialize hop_limit when creating address handle
     - GRE: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU
     - powerpc/pci/of: Parse unassigned resources
     - firmware: actually return NULL on failed request_firmware_nowait()
     - c8sectpfe: Rework firmware loading mechanism
     - net/mlx5: Avoid passing dma address 0 to firmware
     - IB/mlx5: Fix RC transport send queue overhead computation
     - net/mlx5: Make command timeout way shorter
     - IB/mlx5: Fix FW version diaplay in sysfs
     - net/mlx5e: Fix MLX5E_100BASE_T define
     - net/mlx5: Fix the size of modify QP mailbox
     - net/mlx5: Fix masking of reserved bits in XRCD number
     - net/mlx5e: Fix blue flame quota logic
     - net/mlx5: use mlx5_buf_alloc_node instead of mlx5_buf_alloc in
     - net/mlx5: Avoid calling sleeping function by the health poll thread
     - net/mlx5: Fix wait_vital for VFs and remove fixed sleep
     - net/mlx5: Fix potential deadlock in command mode change
     - net/mlx5: Add timeout handle to commands with callback
     - net/mlx5: Fix pci error recovery flow
     - net/mlx5e: Copy all L2 headers into inline segment
     - net_sched: keep backlog updated with qlen
     - sch_drr: update backlog as well
     - sch_hfsc: always keep backlog updated
     - sch_prio: update backlog as well
     - sch_qfq: keep backlog updated with qlen
     - sch_sfb: keep backlog updated with qlen
     - sch_tbf: update backlog as well
     - btrfs: cleaner_kthread() doesn't need explicit freeze
     - irda: Free skb on irda_accept error path.
     - phy: fix device reference leaks
     - bonding: prevent out of bound accesses
     - mtd: nand: fix ONFI parameter page layout
     - ath10k: free cached fw bin contents when get board id fails
     - xprtrdma: checking for NULL instead of IS_ERR()
     - xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock)
     - xprtrdma: xprt_rdma_free() must not release backchannel reqs
     - xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len
     - RDMA/cxgb3: device driver frees DMA memory with di

Source diff to previous version
CVE-2020-1749 net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup
1877958 Do not treat unresolved test case in ftrace from ubuntu_kernel_selftests as failure
1877858 Improve TSC refinement (and calibration) reliability
1874444 Bionic ubuntu ethtool doesn't check ring parameters boundaries
1876982 tunnels over IPv6 are unencrypted when using IPsec
1812176 psock_tpacket from the net test in ubuntu_kernel_selftests failed on KVM kernels
1821434 Panic on suspend/resume Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: sata_pmp_eh_recover+0xa2b/0xa40
1875905 Xenial update: 4.4.220 upstream stable release
1878098 Xenial update: 4.4.221 upstream stable release
1878246 Xenial update: 4.4.222 upstream stable release
1878232 Xenial update: 4.4.223 upstream stable release

Version: 4.4.0-1107.118 2020-05-04 01:08:50 UTC

 linux-aws (4.4.0-1107.118) xenial; urgency=medium
   * xenial/linux-aws: 4.4.0-1107.118 -proposed tracker (LP: #1874793)
   * getitimer returns it_value=0 erroneously (LP: #1349028)
     - [Config] CONTEXT_TRACKING_FORCE policy should be unset
   [ Ubuntu: 4.4.0-179.209 ]
   * xenial/linux: 4.4.0-179.209 -proposed tracker (LP: #1874804)
   * Add debian/rules targets to compile/run kernel selftests (LP: #1874286)
     - [Packaging] add support to compile/run selftests
   * getitimer returns it_value=0 erroneously (LP: #1349028)
     - [Config] CONTEXT_TRACKING_FORCE policy should be unset
   * CVE-2020-11608
     - media: ov519: add missing endpoint sanity checks
   * CVE-2019-19060
     - iio: imu: adis16400: release allocated memory on failure
   * Xenial update: 4.4.219 upstream stable release (LP: #1874045)
     - drm/bochs: downgrade pci_request_region failure from error to warning
     - ipv4: fix a RCU-list lock in fib_triestat_seq_show
     - net, ip_tunnel: fix interface lookup with no key
     - sctp: fix possibly using a bad saddr with a given dst
     - l2tp: Correctly return -EBADF from pppol2tp_getname.
     - net: l2tp: Make l2tp_ip6 namespace aware
     - l2tp: fix race in l2tp_recv_common()
     - l2tp: ensure session can't get removed during pppol2tp_session_ioctl()
     - l2tp: fix duplicate session creation
     - l2tp: Refactor the codes with existing macros instead of literal number
     - l2tp: ensure sessions are freed after their PPPOL2TP socket
     - l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
     - usb: gadget: uac2: Drop unused device qualifier descriptor
     - usb: gadget: printer: Drop unused device qualifier descriptor
     - padata: always acquire cpu_hotplug_lock before pinst->lock
     - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
     - net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
     - random: always use batched entropy for get_random_u{32,64}
     - tools/accounting/getdelays.c: fix netlink attribute length
     - power: supply: axp288_charger: Fix unchecked return value
     - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
     - IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
     - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
     - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
     - clk: qcom: rcg: Return failure for RCG update
     - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
     - Linux 4.4.219
   * Xenial update: 4.4.218 upstream stable release (LP: #1873852)
     - spi: qup: call spi_qup_pm_resume_runtime before suspending
     - powerpc: Include .BTF section
     - ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
     - spi/zynqmp: remove entry that causes a cs glitch
     - drm/exynos: dsi: propagate error value and silence meaningless warning
     - drm/exynos: dsi: fix workaround for the legacy clock name
     - altera-stapl: altera_get_note: prevent write beyond end of 'key'
     - USB: Disable LPM on WD19's Realtek Hub
     - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
     - USB: serial: option: add ME910G1 ECM composition 0x110b
     - usb: host: xhci-plat: add a shutdown
     - USB: serial: pl2303: add device-id for HP LD381
     - ALSA: line6: Fix endless MIDI read loop
     - ALSA: seq: virmidi: Fix running status after receiving sysex
     - ALSA: seq: oss: Fix running status after receiving sysex
     - ALSA: pcm: oss: Avoid plugin buffer overflow
     - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
     - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
     - staging/speakup: fix get_word non-space look-ahead
     - intel_th: Fix user-visible error codes
     - rtc: max8907: add missing select REGMAP_IRQ
     - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
     - mm: slub: be more careful about the double cmpxchg of freelist
     - mm, slub: prevent kmalloc_node crashes and memory leaks
     - x86/mm: split vmalloc_sync_all()
     - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
     - USB: cdc-acm: fix rounding error in TIOCSSERIAL
     - kbuild: Disable -Wpointer-to-enum-cast
     - futex: Fix inode life-time issue
     - futex: Unbreak futex hashing
     - arm64: smp: fix smp_send_stop() behaviour
     - Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
     - hsr: fix general protection fault in hsr_addr_is_self()
     - net: dsa: Fix duplicate frames flooded by learning
     - net_sched: cls_route: remove the right filter from hashtable
     - net_sched: keep alloc_hash updated after hash allocation
     - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
     - slcan: not call free_netdev before rtnl_unlock in slcan_open
     - vxlan: check return value of gro_cells_init()
     - hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
     - hsr: add restart routine into hsr_get_node_list()
     - hsr: set .netnsok flag
     - vhost: Check docket sk_family instead of call getname
     - IB/ipoib: Do not warn if IPoIB debugfs doesn't exist
     - uapi glibc compat: fix outer guard of net device flags enum
     - KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
     - drivers/hwspinlock: use correct radix tree API
     - net: ipv4: don't let PMTU updates increase route MTU
     - cpupower: avoid multiple definition with gcc -fno-common
     - dt-bindings: net: FMan erratum A050385
     - scsi: ipr: Fix softlockup when rescanning devices in petitboot
     - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
     - sxgbe: Fix off by one in samsung driver strncpy size arg
     - i2c: hix5hd2: add missed clk_disable_unprepare in remove
     - perf probe: Do not depend on dwfl_module_addrsym()
     - scripts/dtc: Remove redundant YYLOC global declaration
     - scsi: sd: Fix optimal I/O

Source diff to previous version
1349028 getitimer returns it_value=0 erroneously
1874286 Add debian/rules targets to compile/run kernel selftests
1874045 Xenial update: 4.4.219 upstream stable release
1873852 Xenial update: 4.4.218 upstream stable release
1866357 Pop sound from build-in speaker during cold boot and resume from S3
1869644 add_key05 from ubuntu_ltp_syscalls failed
CVE-2020-11608 An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs an
CVE-2019-19060 A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a d
CVE-2020-11494 An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame

Version: 4.4.0-1106.117 2020-04-08 12:08:23 UTC

 linux-aws (4.4.0-1106.117) xenial; urgency=medium
   * xenial/linux-aws: 4.4.0-1106.117 -proposed tracker (LP: #1870649)
   [ Ubuntu: 4.4.0-178.208 ]
   * xenial/linux: 4.4.0-178.208 -proposed tracker (LP: #1870660)
   * CVE-2019-19768
     - blktrace: Protect q->blk_trace with RCU
     - blktrace: fix dereference after null check
   * Multiple Kexec in AWS Nitro instances fail (LP: #1869948)
     - net: ena: Add PCI shutdown handler to allow safe kexec
   * Insert test_bpf module will report 4 failures for ubuntu_bpf_jit on X s390x
     (LP: #1768452)
     - test_bpf: flag tests that cannot be jited on s390
   * Mounting LVM snapshots with xfs can hit kernel BUG in nvme driver
     (LP: #1869229)
     - block: fix bio_will_gap() for first bvec with offset
   * Xenial update: 4.4.217 upstream stable release (LP: #1868629)
     - NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
     - r8152: check disconnect status after long sleep
     - net: nfc: fix bounds checking bugs on "pipe"
     - bnxt_en: reinitialize IRQs when MTU is modified
     - fib: add missing attribute validation for tun_id
     - nl802154: add missing attribute validation
     - nl802154: add missing attribute validation for dev_type
     - team: add missing attribute validation for port ifindex
     - team: add missing attribute validation for array index
     - nfc: add missing attribute validation for SE API
     - nfc: add missing attribute validation for vendor subcommand
     - ipvlan: add cond_resched_rcu() while processing muticast backlog
     - ipvlan: do not add hardware address of master to its unicast filter list
     - ipvlan: egress mcast packets are not exceptional
     - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
     - ipvlan: don't deref eth hdr before checking it's set
     - macvlan: add cond_resched() during multicast processing
     - net: fec: validate the new settings in fec_enet_set_coalesce()
     - slip: make slhc_compress() more robust against malicious packets
     - bonding/alb: make sure arp header is pulled before accessing it
     - net: fq: add missing attribute validation for orphan mask
     - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn +
     - drm/amd/display: remove duplicated assignment to grph_obj_type
     - gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
     - KVM: x86: clear stale x86_emulate_ctxt->intercept value
     - ARC: define __ALIGN_STR and __ALIGN symbols for ARC
     - efi: Fix a race and a buffer overflow while reading efivars via sysfs
     - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
     - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
     - nl80211: add missing attribute validation for critical protocol indication
     - nl80211: add missing attribute validation for channel switch
     - netfilter: cthelper: add missing attribute validation for cthelper
     - iommu/vt-d: Fix the wrong printing in RHSA parsing
     - iommu/vt-d: Ignore devices with out-of-spec domain number
     - ipv6: restrict IPV6_ADDRFORM operation
     - efi: Add a sanity check to efivar_store_raw()
     - batman-adv: Fix invalid read while copying bat_iv.bcast_own
     - batman-adv: Only put gw_node list reference when removed
     - batman-adv: Only put orig_node_vlan list reference when removed
     - batman-adv: Avoid endless loop in bat-on-bat netdevice check
     - batman-adv: Fix unexpected free of bcast_own on add_if error
     - batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq
     - batman-adv: init neigh node last seen field
     - batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
     - batman-adv: Drop reference to netdevice on last reference
     - batman-adv: Fix reference counting of vlan object for tt_local_entry
     - batman-adv: Avoid duplicate neigh_node additions
     - batman-adv: fix skb deref after free
     - batman-adv: Fix use-after-free/double-free of tt_req_node
     - batman-adv: Fix ICMP RR ethernet access after skb_linearize
     - batman-adv: Clean up untagged vlan when destroying via rtnl-link
     - batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
     - batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
     - batman-adv: Fix orig_node_vlan leak on orig_node_release
     - batman-adv: lock crc access in bridge loop avoidance
     - batman-adv: Fix non-atomic bla_claim::backbone_gw access
     - batman-adv: Fix reference leak in batadv_find_router
     - batman-adv: Free last_bonding_candidate on release of orig_node
     - batman-adv: Fix speedy join in gateway client mode
     - batman-adv: Add missing refcnt for last_candidate
     - batman-adv: Fix double free during fragment merge error
     - batman-adv: Fix transmission of final, 16th fragment
     - batman-adv: Fix rx packet/bytes stats on local ARP reply
     - batman-adv: fix TT sync flag inconsistencies
     - batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
     - batman-adv: Fix internal interface indices types
     - batman-adv: update data pointers after skb_cow()
     - batman-adv: Fix skbuff rcsum on packet reroute
     - batman-adv: Avoid race in TT TVLV allocator helper
     - batman-adv: Fix TT sync flags for intermediate TT responses
     - batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
     - batman-adv: Fix debugfs path for renamed hardif
     - batman-adv: Fix debugfs path for renamed softif
     - batman-adv: Avoid storing non-TT-sync flags on singular entries too
     - batman-adv: Prevent duplicated gateway_node entry
     - batman-adv: Prevent duplicated nc_node entry
     - batman-adv: Prevent duplicated global TT entry
     - batman-adv: Prevent duplicated tvlv handler
     - batman-adv: Reduce claim hash refcnt only for removed entry
     - batman-adv: Reduce tt_local hash refcnt only for removed entry
     - batman-adv: Reduce tt_glo

Source diff to previous version
1869948 Multiple Kexec in AWS Nitro instances fail
1768452 Insert test_bpf module will report 4 failures for ubuntu_bpf_jit on X s390x
1869229 Mounting LVM snapshots with xfs can hit kernel BUG in nvme driver
1868629 Xenial update: 4.4.217 upstream stable release
1868628 Xenial update: 4.4.216 upstream stable release
1868627 Xenial update: 4.4.215 upstream stable release
CVE-2019-19768 In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out

Version: 4.4.0-1105.116 2020-03-18 07:08:28 UTC

 linux-aws (4.4.0-1105.116) xenial; urgency=medium
   * xenial/linux-aws: 4.4.0-1105.116 -proposed tracker (LP: #1867231)
   [ Ubuntu: 4.4.0-177.207 ]
   * xenial/linux: 4.4.0-177.207 -proposed tracker (LP: #1867243)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
   * Xenial update: 4.4.214 upstream stable release (LP: #1864775)
     - media: iguanair: fix endpoint sanity check
     - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
     - sparc32: fix struct ipc64_perm type definition
     - ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node
     - cls_rsvp: fix rsvp_policy
     - net: hsr: fix possible NULL deref in hsr_handle_frame()
     - net_sched: fix an OOB access in cls_tcindex
     - tcp: clear tp->total_retrans in tcp_disconnect()
     - tcp: clear tp->segs_{in|out} in tcp_disconnect()
     - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
     - mfd: dln2: More sanity checking for endpoints
     - brcmfmac: Fix memory leak in brcmf_usbdev_qinit
     - usb: gadget: legacy: set max_speed to super-speed
     - usb: gadget: f_ncm: Use atomic_t to track in-flight request
     - usb: gadget: f_ecm: Use atomic_t to track in-flight request
     - ALSA: dummy: Fix PCM format loop in proc output
     - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
     - powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
     - mmc: spi: Toggle SPI polarity, do not hardcode it
     - PCI: keystone: Fix link training retries initiation
     - crypto: api - Check spawn->alg under lock in crypto_drop_spawn
     - scsi: qla2xxx: Fix mtcp dump collection failure
     - power: supply: ltc2941-battery-gauge: fix use-after-free
     - of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
     - dm space map common: fix to ensure new block isn't already in use
     - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
     - crypto: api - Fix race condition in crypto_spawn_alg
     - crypto: picoxcell - adjust the position of tasklet_init and fix missed
     - btrfs: set trans->drity in btrfs_commit_transaction
     - ARM: tegra: Enable PLLP bypass during Tegra124 LP1
     - mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
     - sunrpc: expiry_time should be seconds not timeval
     - KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
     - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
     - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF
     - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
     - KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF
     - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
     - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks
       in x86.c
     - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
     - KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit()
       from Spectre-v1/L1TF attacks
     - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
     - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
     - KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
     - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
     - scsi: csiostor: Adjust indentation in csio_device_reset
     - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
     - ext2: Adjust indentation in ext2_fill_super
     - powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
     - NFC: pn544: Adjust indentation in pn544_hci_check_presence
     - ppp: Adjust indentation into ppp_async_input
     - net: smc911x: Adjust indentation in smc911x_phy_configure
     - net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
     - mfd: da9062: Fix watchdog compatible string
     - mfd: rn5t618: Mark ADC control register volatile
     - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
     - bonding/alb: properly access headers in bond_alb_xmit()
     - NFS: Fix memory leaks and corruption in readdir
     - NFS: Fix bool initialization/comparison
     - NFS: Directory page cache pages need to be locked when read
     - Btrfs: fix assertion failure on fsync with NO_HOLES enabled
     - btrfs: remove trivial locking wrappers of tree mod log
     - Btrfs: fix race between adding and putting tree mod seq elements and nodes
     - drm: atmel-hlcdc: enable clock before configuring timing engine
     - KVM: x86: drop picdev_in_range()
     - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
     - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
     - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
     - btrfs: flush write bio if we loop in extent_write_cache_pages
     - KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
     - KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
     - KVM: nVMX: vmread should not set rflags to specify success in case of #PF
     - cifs: fail i/o on soft mounts if sessionsetup errors out
     - clocksource: Prevent double add_timer_on() for watchdog_timer
     - perf/core: Fix mlock accounting in perf_mmap()
     - ASoC: pcm: update FE/BE trigger order based on the command
     - scsi: ufs: Fix ufshcd_probe_hba() reture value in case
       ufshcd_scsi_add_wlus() fails
     - rtc: hym8563: Return -EINVAL if the time is known to be invalid
     - ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
     - ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
     - ARM: dts: at91: sama5d3: define clock rate range for tcb1
     - powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce
       for DDW
     - pinctrl: sh-pfc: r8a

Source diff to previous version
1786013 Packaging resync
1864775 Xenial update: 4.4.214 upstream stable release
1860231 5.4.0-11 crash on cryptsetup open
1864774 Xenial update: 4.4.213 upstream stable release
1864773 Xenial update: 4.4.212 upstream stable release
1865967 xfs fill_fs test in fallocate06 from ubuntu_ltp_syscalls failed
1858834 ipc/sem.c : process loops infinitely in exit_sem()
1864092 quotactl07 from ubuntu_ltp_syscalls failed
CVE-2020-8428 fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or

Version: 4.4.0-1104.115 2020-03-02 09:07:55 UTC

 linux-aws (4.4.0-1104.115) xenial; urgency=medium
   * xenial/linux-aws: 4.4.0-1104.115 -proposed tracker (LP: #1865245)
   [ Ubuntu: 4.4.0-176.206 ]
   * xenial/linux: 4.4.0-176.206 -proposed tracker (LP: #1865106)
   * CVE-2020-2732
     - x86/vdso: Use RDPID in preference to LSL when available
     - KVM: x86: emulate RDPID
     - KVM: nVMX: Don't emulate instructions in guest mode
     - KVM: nVMX: Refactor IO bitmap checks into helper function
     - KVM: nVMX: Check IO instruction VM-exit conditions

CVE-2020-2732 kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources

About   -   Send Feedback to @ubuntu_updates