UbuntuUpdates.org

Package "linux-aws-hwe"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-aws-hwe

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1038.40~16.04.1
Release: xenial (16.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux-aws-hwe": https://www.ubuntuupdates.org/linux-aws-hwe



Other versions of "linux-aws-hwe" in Xenial

Repository Area Version
security universe 4.15.0-1039.41~16.04.1
updates universe 4.15.0-1039.41~16.04.1
proposed universe 4.15.0-1039.41~16.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1038.40~16.04.1 2019-04-26 17:13:23 UTC

 linux-aws-hwe (4.15.0-1038.40~16.04.1) xenial; urgency=medium
 .
   * linux-aws-hwe: 4.15.0-1038.40~16.04.1 -proposed tracker (LP: #1826337)
 .
   [ Ubuntu: 4.15.0-1038.40 ]
 .
   * linux-aws: 4.15.0-1038.40 -proposed tracker (LP: #1826338)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
   * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
     (required for POWER9 DD2.3) (LP: #1822870)
     - powerpc/64s: Add support for ori barrier_nospec patching
     - powerpc/64s: Patch barrier_nospec in modules
     - powerpc/64s: Enable barrier_nospec based on firmware settings
     - powerpc: Use barrier_nospec in copy_from_user()
     - powerpc/64: Use barrier_nospec in syscall entry
     - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
     - powerpc/64: Disable the speculation barrier from the command line
     - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
     - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
     - powerpc/64: Call setup_barrier_nospec() from setup_arch()
     - powerpc/64: Make meltdown reporting Book3S 64 specific
     - powerpc/lib/code-patching: refactor patch_instruction()
     - powerpc/lib/feature-fixups: use raw_patch_instruction()
     - powerpc/asm: Add a patch_site macro & helpers for patching instructions
     - powerpc/64s: Add new security feature flags for count cache flush
     - powerpc/64s: Add support for software count cache flush
     - powerpc/pseries: Query hypervisor for count cache flush settings
     - powerpc/powernv: Query firmware for count cache flush settings
     - powerpc/fsl: Add nospectre_v2 command line argument
     - KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char()
     - [Config] Add CONFIG_PPC_BARRIER_NOSPEC
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * autopkgtests run too often, too much and don't skip enough (LP: #1823056)
     - [Debian] Set +x on rebuild testcase.
     - [Debian] Skip rebuild test, for regression-suite deps.
     - [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
     - [Debian] make rebuild use skippable error codes when skipping.
     - [Debian] Only run regression-suite, if requested to.
   * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
     - [Packaging] remove arm64 snapdragon from getabis
     - [Config] config changes for snapdragon split
     - packaging: arm64: disable building the snapdragon flavour
     - [Packaging] arm64: Drop snapdragon from kernel-versions
   * CVE-2017-5753
     - KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_get_irq()
     - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
     - sysvipc/sem: mitigate semnum index against spectre v1
     - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
     - s390/keyboard: sanitize array index in do_kdsk_ioctl
     - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
     - KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr()
     - pktcdvd: Fix possible Spectre-v1 for pkt_devs
     - net: socket: fix potential spectre v1 gadget in socketcall
     - net: socket: Fix potential spectre v1 gadget in sock_is_registered
     - drm/amdgpu/pm: Fix potential Spectre v1
     - netlink: Fix spectre v1 gadget in netlink_create()
     - ext4: fix spectre gadget in ext4_mb_regular_allocator()
     - drm/i915/kvmgt: Fix potential Spectre v1
     - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
     - fs/quota: Fix spectre gadget in do_quotactl
     - hwmon: (nct6775) Fix potential Spectre v1
     - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
     - switchtec: Fix Spectre v1 vulnerability
     - misc: hmc6352: fix potential Spectre v1
     - tty: vt_ioctl: fix potential Spectre v1
     - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
     - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
     - IB/ucm: Fix Spectre v1 vulnerability
     - RDMA/ucma: Fix Spectre v1 vulnerability
     - drm/bufs: Fix Spectre v1 vulnerability
     - usb: gadget: storage: Fix Spectre v1 vulnerability
     - ptp: fix Spectre v1 vulnerability
     - HID: hiddev: fix potential Spectre v1
     - vhost: Fix Spectre V1 vulnerability
     - drivers/misc/sgi-gru: fix Spectre v1 vulnerability
     - ipv4: Fix potential Spectre v1 vulnerability
     - aio: fix spectre gadget in lookup_ioctx
     - ALSA: emux: Fix potential Spectre v1 vulnerabilities
     - ALSA: pcm: Fix potential Spectre v1 vulnerability
     - ip6mr: Fix potential Spectre v1 vulnerability
     - ALSA: rme9652: Fix potential Spectre v1 vulnerability
     - ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
     - KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
     - drm/ioctl: Fix Spectre v1 vulnerabilities
     - char/mwave: fix potential Spectre v1 vulnerability
     - applicom: Fix potential Spectre v1 vulnerabilities
     - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
     - powerpc/ptrace: Mitigate potential Spectre v1
     - cfg80211: prevent speculation on cfg80211_classify8021d() return
     - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
     - ALSA: seq: oss: Fix Spectre v1 vulnerability
   * Bionic: Sync to Xenial (Spectre) (LP: #1822760)
     - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
     - KVM: SVM: Add MSR-based feature support for serializing LFENCE
     - KVM: VMX: fixes for vmentry_l1d_flush module parameter
     - KVM: X86: Allow userspace to define the microcode version
     - SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
     - SAUCE: [Fix] x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
       vmentry
   * [SRU] [B/OEM] Fix ACPI bug that causes boot failure (LP: #1819921)
     - SAUCE: ACPI / bus: Add some Lenovo laptops in list of acpi tabl

Source diff to previous version
1786013 Packaging resync
1822870 Backport support for software count cache flush Spectre v2 mitigation. (CVE) (required for POWER9 DD2.3)
1823056 autopkgtests run too often, too much and don't skip enough
1820868 bionic: fork out linux-snapdragon into its own topic kernel
1822760 Bionic: Sync to Xenial (Spectre)
1819921 [SRU] [B/OEM] Fix ACPI bug that causes boot failure
1824553 Bionic update: upstream stable patchset for fuse 2019-04-12
1814874 NULL pointer dereference when using z3fold and zswap
1812809 Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed on B PowerPC
1825487 The Realtek card reader does not enter PCIe 1.1/1.2
1825272 headset-mic doesn't work on two Dell laptops.
1798921 sky2 ethernet card don't work after returning from suspension
1818490 Intel I210 Ethernet card not working after hotplug [8086:1533]
1823972 bionic, xenial/hwe: misses \
1825074 amdgpu resume failure: failed to allocate wb slot
1821290 Pop noise when headset is plugged in or removed from GHS/Line-out jack
1825058 mac80211_hwsim unable to handle kernel NULL pointer dereference at0000000000000000
1821663 [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04 upgrade
1822247 ubuntu_nbd_smoke_test failed on P9 with Bionic kernel
1822821 TSC clocksource not available in nested guests
1819786 4.15 kernel ip_vs --ops causes performance and hang problem
1813244 systemd cause kernel trace \
1822692 Please ship the ib_uverbs driver module in the main modules package
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2019-3874 The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of
CVE-2018-16884 A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_proce
CVE-2019-9500 brcmfmac: assure SSID length from firmware is limited
CVE-2019-9503 brcmfmac: add subtype check for event handling in data path
CVE-2019-3882 DoS through vfio/type1 DMA mappings

Version: 4.15.0-1036.38~16.04.1 2019-04-10 10:08:08 UTC

 linux-aws-hwe (4.15.0-1036.38~16.04.1) xenial; urgency=medium
 .
   * linux-aws-hwe: 4.15.0-1036.38~16.04.1 -proposed tracker (LP: #1822804)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   [ Ubuntu: 4.15.0-1036.38 ]
 .
   * linux-aws: 4.15.0-1036.38 -proposed tracker (LP: #1822805)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * linux: 4.15.0-48.51 -proposed tracker (LP: #1822820)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - [Packaging] resync retpoline extraction
   * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
     triggers system hang on i386 (LP: #1812845)
     - btrfs: raid56: properly unmap parity page in finish_parity_scrub()
   * [P9][LTCTest][Opal][FW910] cpupower monitor shows multiple stop Idle_Stats
     (LP: #1719545)
     - cpupower : Fix header name to read idle state name
   * [amdgpu] screen corruption when using touchpad (LP: #1818617)
     - drm/amdgpu/gmc: steal the appropriate amount of vram for fw hand-over (v3)
     - drm/amdgpu: Free VGA stolen memory as soon as possible.
   * [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
     - ACPICA: AML parser: attempt to continue loading table after error
     - ACPI / property: Allow multiple property compatible _DSD entries
     - PCI / ACPI: Identify untrusted PCI devices
     - iommu/vt-d: Force IOMMU on for platform opt in hint
     - iommu/vt-d: Do not enable ATS for untrusted devices
     - thunderbolt: Export IOMMU based DMA protection support to userspace
     - iommu/vt-d: Disable ATS support on untrusted devices
   * Add basic support to NVLink2 passthrough (LP: #1819989)
     - powerpc/powernv/npu: Do not try invalidating 32bit table when 64bit table is
       enabled
     - powerpc/powernv: call OPAL_QUIESCE before OPAL_SIGNAL_SYSTEM_RESET
     - powerpc/powernv: Export opal_check_token symbol
     - powerpc/powernv: Make possible for user to force a full ipl cec reboot
     - powerpc/powernv/idoa: Remove unnecessary pcidev from pci_dn
     - powerpc/powernv: Move npu struct from pnv_phb to pci_controller
     - powerpc/powernv/npu: Move OPAL calls away from context manipulation
     - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation
     - powerpc/pseries/npu: Enable platform support
     - powerpc/pseries: Remove IOMMU API support for non-LPAR systems
     - powerpc/powernv/npu: Check mmio_atsd array bounds when populating
     - powerpc/powernv/npu: Fault user page into the hypervisor's pagetable
   * Huawei Hi1822 NIC has poor performance (LP: #1820187)
     - net-next: hinic: fix a problem in free_tx_poll()
     - hinic: remove ndo_poll_controller
     - net-next/hinic: add checksum offload and TSO support
     - hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
     - net-next/hinic:replace multiply and division operators
     - net-next/hinic:add rx checksum offload for HiNIC
     - net-next/hinic:fix a bug in set mac address
     - net-next/hinic: fix a bug in rx data flow
     - net: hinic: fix null pointer dereference on pointer hwdev
     - hinic: optmize rx refill buffer mechanism
     - net-next/hinic:add shutdown callback
     - net-next/hinic: replace disable_irq_nosync/enable_irq
   * [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
     - Fonts: New Terminus large console font
     - [Config]: enable highdpi Terminus 16x32 font support
   * [19.04 FEAT] qeth: Enhanced link speed - kernel part (LP: #1814892)
     - s390/qeth: report 25Gbit link speed
   * CVE-2017-5754
     - x86/nmi: Fix NMI uaccess race against CR3 switching
     - x86/mm: Fix documentation of module mapping range with 4-level paging
     - x86/pti: Enable global pages for shared areas
     - x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image
     - x86/pti: Leave kernel text global for !PCID
     - x86/pti: Fix boot problems from Global-bit setting
     - x86/pti: Fix boot warning from Global-bit setting
     - x86/pti: Reduce amount of kernel text allowed to be Global
     - x86/pti: Disallow global kernel text with RANDSTRUCT
     - x86/entry/32: Add explicit 'l' instruction suffix
     - x86/asm-offsets: Move TSS_sp0 and TSS_sp1 to asm-offsets.c
     - x86/entry/32: Rename TSS_sysenter_sp0 to TSS_entry2task_stack
     - x86/entry/32: Load task stack from x86_tss.sp1 in SYSENTER handler
     - x86/entry/32: Put ESPFIX code into a macro
     - x86/entry/32: Unshare NMI return path
     - x86/entry/32: Split off return-to-kernel path
     - x86/entry/32: Enter the kernel via trampoline stack
     - x86/entry/32: Leave the kernel via trampoline stack
     - x86/entry/32: Introduce SAVE_ALL_NMI and RESTORE_ALL_NMI
     - x86/entry/32: Handle Entry from Kernel-Mode on Entry-Stack
     - x86/entry/32: Simplify debug entry point
     - x86/entry/32: Add PTI cr3 switch to non-NMI entry/exit points
     - x86/entry/32: Add PTI CR3 switches to NMI handler code
     - x86/entry: Rename update_sp0 to update_task_stack
     - x86/pgtable: Rename pti_set_user_pgd() to pti_set_user_pgtbl()
     - x86/pgtable/pae: Unshare kernel PMDs when PTI is enabled
     - x86/pgtable/32: Allocate 8k page-tables when PTI is enabled
     - x86/pgtable: Move pgdp kernel/user conversion functions to pgtable.h
     - x86/pgtable: Move pti_set_user_pgtbl() to pgtable.h
     - x86/pgtable: Move two more functions from pgtable_64.h to pgtable.h
     - x86/mm/pae: Populate valid user PGD entries
     - x86/mm/pae: Populate the user page-table with user pgd's
     - x86/mm/pti: Add an overflow check to pti_clone_pmds()
     - x86/mm/pti: Define X86_CR3_PTI_PCID_USER_BIT on x86_32
     - x86/mm/pti: Clone CPU_ENTRY_AREA on PMD level on x86_32
     - x86/mm/pti: Make pti_clone_kernel_text() compile on 32 bit
     - x86/mm/pti: Keep permissions when cloning kernel text in
       pti_clone_kernel_text()
     - x86/mm/pti: Introduce pti_finalize()
     - x86

Source diff to previous version
1786013 Packaging resync
1812845 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386
1719545 [P9][LTCTest][Opal][FW910] cpupower monitor shows multiple stop Idle_Stats
1818617 [amdgpu] screen corruption when using touchpad
1820153 [SRU][B/C/OEM]IOMMU: add kernel dma protection
1819989 Add basic support to NVLink2 passthrough
1820187 Huawei Hi1822 NIC has poor performance
1819881 [CONFIG] please enable highdpi font FONT_TER16x32
1814892 [19.04 FEAT] qeth: Enhanced link speed - kernel part
1819546 Avoid potential memory corruption on HiSilicon SoCs
1818645 Ubuntu18.04.01: [Power9] power8 Compat guest(RHEL7.6) crashes during guest boot with \u003e 256G of memory (kernel/kvm)
1821961 Fix for dual Intel NVMes
1818854 [Ubuntu] vfio-ap: add subsystem to matrix device to avoid libudev failures
1748565 Kernel regularly logs: Bluetooth: hci0: last event is not cmd complete (0x0f)
1818294 HiSilicon HNS ethernet broken in 4.15.0-45
1788997 rtl8723be wifi does not work under linux-modules-extra-4.15.0-33-generic
1819486 Crash from :i915 module with 4.15.0-46-generic using multi-display
1814069 kernel linux-image-4.15.0-44 not booting on Hyperv Server 2008R2
1811815 Lenovo ideapad 330-15ICH Wifi rfkill hard blocked
1818204 Qualcomm Atheros QCA9377 wireless does not work
1821395 fscache: jobs might hang when fscache disk is full
1821064 hns3: fix oops in hns3_clean_rx_ring()
1821259 Hard lockup in 2 CPUs due to deadlock in cpu_stoppers
1817786 tcm_loop.ko: move from modules-extra into main modules package
1819504 tcmu user space crash results in kernel module hang.
1779756 Intel XL710 - i40e driver does not work with kernel 4.15 (Ubuntu 18.04)
1820930 some codecs stop working after S3
1820948 i40e xps management broken when \u003e 64 queues/cpus
1788432 4.15 s390x kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
1820990 [SRU][B/B-OEM/C/D] Fix AMD IOMMU NULL dereference
1821271 New Intel Wireless-AC 9260 [8086:2526] card not correctly probed in Ubuntu system
1821276 Add support for MAC address pass through on RTL8153-BD
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass

Version: 4.15.0-1035.37~16.04.1 2019-03-20 19:08:08 UTC

 linux-aws-hwe (4.15.0-1035.37~16.04.1) xenial; urgency=medium
 .
   * linux-aws-hwe: 4.15.0-1035.37~16.04.1 -proposed tracker (LP: #1819693)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update update.conf
     - [Packaging] update helper scripts
 .
   * Strip specific changes from update-from-*master (LP: #1817734)
     - Packaging: Introduce copy-files and local-mangle
     - Packaging: Make update-from-*master call copy-files
 .
   [ Ubuntu: 4.15.0-1035.37 ]
 .
   * linux-aws: 4.15.0-1035.37 -proposed tracker (LP: #1819694)
   * linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
     - [Packaging] resync retpoline extraction
   * C++ demangling support missing from perf (LP: #1396654)
     - [Packaging] fix a mistype
   * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
     - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
   * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
     - nvme-pci: fix out of bounds access in nvme_cqe_pending
   * CVE-2019-9213
     - mm: enforce min addr even if capable() in expand_downwards()
   * CVE-2019-3460
     - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
   * amdgpu with mst WARNING on blanking (LP: #1814308)
     - drm/amd/display: Don't use dc_link in link_encoder
     - drm/amd/display: Move wait for hpd ready out from edp power control.
     - drm/amd/display: eDP sequence BL off first then DP blank.
     - drm/amd/display: Fix unused variable compilation error
     - drm/amd/display: Fix warning about misaligned code
     - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
   * tun/tap: unable to manage carrier state from userland (LP: #1806392)
     - tun: implement carrier change
   * CVE-2019-8980
     - exec: Fix mem leak in kernel_read_file
   * raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
     (LP: #1811194)
     - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
       adjustments are in progress
   * [Packaging] Allow overlay of config annotations (LP: #1752072)
     - [Packaging] config-check: Add an include directive
   * CVE-2019-7308
     - bpf: move {prev_,}insn_idx into verifier env
     - bpf: move tmp variable into ax register in interpreter
     - bpf: enable access to ax register also from verifier rewrite
     - bpf: restrict map value pointer arithmetic for unprivileged
     - bpf: restrict stack pointer arithmetic for unprivileged
     - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
     - bpf: fix check_map_access smin_value test when pointer contains offset
     - bpf: prevent out of bounds speculation on pointer arithmetic
     - bpf: fix sanitation of alu op with pointer / scalar type from different
       paths
     - bpf: add various test cases to selftests
   * CVE-2017-5753
     - bpf: properly enforce index mask to prevent out-of-bounds speculation
     - bpf: fix inner map masking to prevent oob under speculation
   * BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
     - bpf/verifier: disallow pointer subtraction
   * squashfs hardening (LP: #1816756)
     - squashfs: more metadata hardening
     - squashfs metadata 2: electric boogaloo
     - squashfs: more metadata hardening
     - Squashfs: Compute expected length from inode size rather than block length
   * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
     - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
   * Update ENA driver to version 2.0.3K (LP: #1816806)
     - net: ena: update driver version from 2.0.2 to 2.0.3
     - net: ena: fix race between link up and device initalization
     - net: ena: fix crash during failed resume from hibernation
   * ipset kernel error: 4.15.0-43-generic (LP: #1811394)
     - netfilter: ipset: Fix wraparound in hash:*net* types
   * Silent "Unknown key" message when pressing keyboard backlight hotkey
     (LP: #1817063)
     - platform/x86: dell-wmi: Ignore new keyboard backlight change event
   * CVE-2018-18021
     - arm64: KVM: Tighten guest core register access from userspace
     - KVM: arm/arm64: Introduce vcpu_el1_is_32bit
     - arm64: KVM: Sanitize PSTATE.M when being set from userspace
   * CVE-2018-14678
     - x86/entry/64: Remove %ebx handling from error_entry/exit
   * CVE-2018-19824
     - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
   * CVE-2019-3459
     - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
   * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
     - fork: unconditionally clear stack on fork
     - spi: spi-s3c64xx: Fix system resume support
     - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
     - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
     - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
     - kvm, mm: account shadow page tables to kmemcg
     - delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
     - tracing: Fix double free of event_trigger_data
     - tracing: Fix possible double free in event_enable_trigger_func()
     - kthread, tracing: Don't expose half-written comm when creating kthreads
     - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
     - tracing: Quiet gcc warning about maybe unused link variable
     - arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
     - mlxsw: spectrum_switchdev: Fix port_vlan refcounting
     - kcov: ensure irq code sees a valid area
     - xen/netfront: raise max number of slots in xennet_get_responses()
     - skip LAYOUTRETURN if layout is invalid
     - ALSA: emu10k1: add error handling for snd_ctl_add
     - ALSA: fm801: add error handling for snd_ctl_add
     - NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY
     - nfsd: fix potential u

Source diff to previous version
1786013 Packaging resync
1817734 Strip specific changes from update-from-*master
1818162 arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout
1818747 Crash in nvme_irq_check() when using threaded interrupts
1814308 amdgpu with mst WARNING on blanking
1806392 tun/tap: unable to manage carrier state from userland
1811194 raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
1752072 [Packaging] Allow overlay of config annotations
1815259 BPF: kernel pointer leak to unprivileged userspace
1816756 squashfs hardening
1814982 efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
1816806 Update ENA driver to version 2.0.3K
1811394 ipset kernel error: 4.15.0-43-generic
1817063 Silent \
1815234 Bionic update: upstream stable patchset 2019-02-08
1814813 Bionic update: upstream stable patchset 2019-02-05
1817321 installer does not support iSCSI iBFT
1817628 Regular D-state processes impacting LXD containers
1817969 hns3 nic speed may not match optical port speed
1802021 [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start()
1817784 libsas disks can have non-unique by-path names
1817518 Bluetooth not working (Intel CyclonePeak)
1817200 Trackpad is not recognized.
1815831 [ALSA] [PATCH] System76 darp5 and oryp5 fixups
1817263 Constant noise in the headphone on Lenovo X1 machines
1745032 AC adapter status not detected on Asus ZenBook UX410UAK
1762672 TPM intermittently fails after cold-boot
1815033 qlcnic: Firmware aborts/hangs in QLogic NIC
CVE-2019-9213 In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to
CVE-2019-3460 Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp
CVE-2019-8980 A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory
CVE-2019-7308 kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, includ
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2018-18021 arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by at
CVE-2018-14678 An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/e
CVE-2018-19824 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with ze
CVE-2019-3459 Heap address infoleak in use of l2cap_get_conf_opt
CVE-2019-7222 KVM: x86: work around leak of uninitialized stack contents
CVE-2019-7221 KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
CVE-2019-6974 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading
CVE-2019-8912 In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to

Version: 4.15.0-1033.35~16.04.1 2019-02-14 21:07:38 UTC

 linux-aws-hwe (4.15.0-1033.35~16.04.1) xenial; urgency=medium
 .
   * linux-aws-hwe: 4.15.0-1033.35~16.04.1 -proposed tracker (LP: #1814742)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   [ Ubuntu: 4.15.0-1033.35 ]
 .
   * linux-aws: 4.15.0-1033.35 -proposed tracker (LP: #1814731)
   * linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)
   * mprotect fails on ext4 with dax (LP: #1799237)
     - x86/speculation/l1tf: Exempt zeroed PTEs from inversion
   * kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296! (LP: #1812086)
     - iscsi target: fix session creation failure handling
     - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
       fails
     - scsi: iscsi: target: Fix conn_ops double free
   * user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
     (LP: #1812198)
     - selftests: user: return Kselftest Skip code for skipped tests
     - selftests: kselftest: change KSFT_SKIP=4 instead of KSFT_PASS
     - selftests: kselftest: Remove outdated comment
   * RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
     - SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
     - [Config] CONFIG_RTLWIFI_DEBUG_ST=n
     - SAUCE: Add r8822be to signature inclusion list
   * kernel oops in bcache module (LP: #1793901)
     - SAUCE: bcache: never writeback a discard operation
   * CVE-2018-18397
     - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
     - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
     - userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
     - userfaultfd: shmem: add i_size checks
     - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set
   * Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
     - HID: i2c-hid: Ignore input report if there's no data present on Elan
       touchpanels
   * Vsock connect fails with ENODEV for large CID (LP: #1813934)
     - vhost/vsock: fix vhost vsock cid hashing inconsistent
   * SRU: Fix thinkpad 11e 3rd boot hang (LP: #1804604)
     - ACPI / LPSS: Force LPSS quirks on boot
   * Bionic update: upstream stable patchset 2019-01-17 (LP: #1812229)
     - scsi: sd_zbc: Fix variable type and bogus comment
     - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
       parallel.
     - x86/apm: Don't access __preempt_count with zeroed fs
     - x86/events/intel/ds: Fix bts_interrupt_threshold alignment
     - x86/MCE: Remove min interval polling limitation
     - fat: fix memory allocation failure handling of match_strdup()
     - ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
     - ARCv2: [plat-hsdk]: Save accl reg pair by default
     - ARC: Fix CONFIG_SWAP
     - ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
     - ARC: mm: allow mprotect to make stack mappings executable
     - mm: memcg: fix use after free in mem_cgroup_iter()
     - mm/huge_memory.c: fix data loss when splitting a file pmd
     - cpufreq: intel_pstate: Register when ACPI PCCH is present
     - vfio/pci: Fix potential Spectre v1
     - stop_machine: Disable preemption when waking two stopper threads
     - drm/i915: Fix hotplug irq ack on i965/g4x
     - drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
     - drm/nouveau: Avoid looping through fake MST connectors
     - gen_stats: Fix netlink stats dumping in the presence of padding
     - ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
     - ipv6: fix useless rol32 call on hash
     - ipv6: ila: select CONFIG_DST_CACHE
     - lib/rhashtable: consider param->min_size when setting initial table size
     - net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort
     - net: Don't copy pfmemalloc flag in __copy_skb_header()
     - skbuff: Unconditionally copy pfmemalloc in __skb_clone()
     - net/ipv4: Set oif in fib_compute_spec_dst
     - net: phy: fix flag masking in __set_phy_supported
     - ptp: fix missing break in switch
     - qmi_wwan: add support for Quectel EG91
     - tg3: Add higher cpu clock for 5762.
     - hv_netvsc: Fix napi reschedule while receive completion is busy
     - net/mlx4_en: Don't reuse RX page when XDP is set
     - net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite
     - ipv6: make DAD fail with enhanced DAD when nonce length differs
     - net: usb: asix: replace mii_nway_restart in resume path
     - alpha: fix osf_wait4() breakage
     - cxl_getfile(): fix double-iput() on alloc_file() failures
     - powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle)
     - xhci: Fix perceived dead host due to runtime suspend race with event handler
     - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
     - x86/kvmclock: set pvti_cpu0_va after enabling kvmclock
     - ALSA: hda/realtek - Yet another Clevo P950 quirk entry
     - drm/amdgpu: Reserve VM root shared fence slot for command submission (v3)
     - rhashtable: add restart routine in rhashtable_free_and_destroy()
     - sch_fq_codel: zero q->flows_cnt when fq_codel_init fails
     - sctp: introduce sctp_dst_mtu
     - sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
     - net: aquantia: vlan unicast address list correct handling
     - drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
   * Bionic update: upstream stable patchset 2019-01-15 (LP: #1811877)
     - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
     - x86/asm: Add _ASM_ARG* constants for argument registers to
     - x86/paravirt: Make native_save_fl() extern inline
     - Btrfs: fix duplicate extents after fsync of file with prealloc extents
     - cpufreq / CPPC: Set platform specific transition_delay_us
     - PCI: exynos: Fix a potential init_clk_resources NULL pointer dereference
     - alx: take rtnl before calling __alx_open from

Source diff to previous version
1786013 Packaging resync
1799237 mprotect fails on ext4 with dax
1812086 kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296!
1812198 user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
1806472 RTL8822BE WiFi Disabled in Kernel 4.18.0-12
1793901 kernel oops in bcache module
1813733 Ignore \
1813934 Vsock connect fails with ENODEV for large CID
1804604 SRU: Fix thinkpad 11e 3rd boot hang
1812229 Bionic update: upstream stable patchset 2019-01-17
1811877 Bionic update: upstream stable patchset 2019-01-15
1811777 Fix non-working pinctrl-intel
1812875 ip6_gre: fix tunnel list corruption for x-netns
1813873 Userspace break as a result of missing patch backport
1798776 kvm_stat : missing python dependency
1812797 [SRU] Fix Xorg crash with nomodeset when BIOS enable 64-bit fb addr
1812812 Fix non-working QCA Rome Bluetooth after S3
1813127 ptrace-tm-spd-gpr in powerpc/ptrace from ubuntu_kerenl_selftests failed on Bionic P8
1795453 [SRU] IO's are issued with incorrect Scatter Gather Buffer
1785816 Consider enabling CONFIG_NETWORK_PHY_TIMESTAMPING
1813532 x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000
1811929 Fix not working Goodix touchpad
1810797 bluetooth controller not detected with 4.15 kernel
1811755 X1 Extreme: only one of the two SSDs is loaded
1811803 Crash on \
1813663 External monitors does not work anymore 4.15.0-44
1813727 kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled
CVE-2018-18397 The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowi
CVE-2018-19854 An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configu
CVE-2019-6133 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci

Version: 4.15.0-1032.34~16.04.1 2019-01-18 20:07:55 UTC

 linux-aws-hwe (4.15.0-1032.34~16.04.1) xenial; urgency=medium
 .
   * linux-aws-hwe: 4.15.0-1032.34~16.04.1 -proposed tracker (LP: #1811430)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update update.conf
 .
   [ Ubuntu: 4.15.0-1032.34 ]
 .
   * linux-aws: 4.15.0-1032.34 -proposed tracker (LP: #1811422)
   * Packaging resync (LP: #1786013)
     - [Packaging] update update.conf
   * Add Cavium ThunderX2 SoC UNCORE PMU driver (LP: #1811200)
     - [Config] New config CONFIG_THUNDERX2_PMU=m
   * SATA device is not going to DEVSLP (LP: #1781533)
     - [Config] set CONFIG_SATA_MOBILE_LPM_POLICY=0
   * Bionic update: upstream stable patchset 2019-01-04 (LP: #1810554)
     - [config] x86 CRYPTO_SALSA20 deprecated
   * linux: 4.15.0-44.47 -proposed tracker (LP: #1811419)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * CPU hard lockup with rigorous writes to NVMe drive (LP: #1810998)
     - blk-wbt: pass in enum wbt_flags to get_rq_wait()
     - blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait
     - blk-wbt: move disable check into get_limit()
     - blk-wbt: use wq_has_sleeper() for wq active check
     - blk-wbt: fix has-sleeper queueing check
     - blk-wbt: abstract out end IO completion handler
     - blk-wbt: improve waking of tasks
   * To reduce the Realtek USB cardreader power consumption (LP: #1811337)
     - mmc: sdhci: Disable 1.8v modes (HS200/HS400/UHS) if controller can't support
       1.8v
     - mmc: core: Introduce MMC_CAP_SYNC_RUNTIME_PM
     - mmc: rtsx_usb_sdmmc: Don't runtime resume the device while changing led
     - mmc: rtsx_usb: Use MMC_CAP2_NO_SDIO
     - mmc: rtsx_usb: Enable MMC_CAP_ERASE to allow erase/discard/trim requests
     - mmc: rtsx_usb_sdmmc: Re-work runtime PM support
     - mmc: rtsx_usb_sdmmc: Re-work card detection/removal support
     - memstick: rtsx_usb_ms: Add missing pm_runtime_disable() in probe function
     - misc: rtsx_usb: Use USB remote wakeup signaling for card insertion detection
     - memstick: Prevent memstick host from getting runtime suspended during card
       detection
     - memstick: rtsx_usb_ms: Use ms_dev() helper
     - memstick: rtsx_usb_ms: Support runtime power management
   * Support non-strict iommu mode on arm64 (LP: #1806488)
     - iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
     - iommu/arm-smmu-v3: Implement flush_iotlb_all hook
     - iommu/dma: Add support for non-strict mode
     - iommu: Add "iommu.strict" command line option
     - iommu/io-pgtable-arm: Add support for non-strict mode
     - iommu/arm-smmu-v3: Add support for non-strict mode
     - iommu/io-pgtable-arm-v7s: Add support for non-strict mode
     - iommu/arm-smmu: Support non-strict mode
   * ELAN900C:00 04F3:2844 touchscreen doesn't work (LP: #1811335)
     - pinctrl: cannonlake: Fix community ordering for H variant
     - pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant
   * Add Cavium ThunderX2 SoC UNCORE PMU driver (LP: #1811200)
     - perf: Export perf_event_update_userpage
     - Documentation: perf: Add documentation for ThunderX2 PMU uncore driver
     - drivers/perf: Add Cavium ThunderX2 SoC UNCORE PMU driver
     - [Config] New config CONFIG_THUNDERX2_PMU=m
   * Update hisilicon SoC-specific drivers (LP: #1810457)
     - SAUCE: Revert "net: hns3: Updates RX packet info fetch in case of multi BD"
     - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
       resetting"
     - Revert "UBUNTU: SAUCE: {topost} net: hns3: Use roce handle when calling roce
       callback function"
     - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add calling roce callback
       function when link status change"
     - Revert "UBUNTU: SAUCE: {topost} net: hns3: optimize the process of notifying
       roce client"
     - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add pf reset for hip08 RoCE"
     - scsi: hisi_sas: Remove depends on HAS_DMA in case of platform dependency
     - ethernet: hisilicon: hns: hns_dsaf_mac: Use generic eth_broadcast_addr
     - scsi: hisi_sas: consolidate command check in hisi_sas_get_ata_protocol()
     - scsi: hisi_sas: remove some unneeded structure members
     - scsi: hisi_sas: Introduce hisi_sas_phy_set_linkrate()
     - net: hns: Fix the process of adding broadcast addresses to tcam
     - net: hns3: remove redundant variable 'protocol'
     - scsi: hisi_sas: Drop hisi_sas_slot_abort()
     - net: hns: Make many functions static
     - net: hns: make hns_dsaf_roce_reset non static
     - net: hisilicon: hns: Replace mdelay() with msleep()
     - net: hns3: fix return value error while hclge_cmd_csq_clean failed
     - net: hns: remove redundant variables 'max_frm' and 'tmp_mac_key'
     - net: hns: Mark expected switch fall-through
     - net: hns3: Mark expected switch fall-through
     - net: hns3: Remove tx ring BD len register in hns3_enet
     - net: hns: modify variable type in hns_nic_reuse_page
     - net: hns: use eth_get_headlen interface instead of hns_nic_get_headlen
     - net: hns3: modify variable type in hns3_nic_reuse_page
     - net: hns3: Fix for vf vlan delete failed problem
     - net: hns3: Fix for multicast failure
     - net: hns3: Fix error of checking used vlan id
     - net: hns3: Implement shutdown ops in hns3 pci driver
     - net: hns3: Fix for loopback selftest failed problem
     - net: hns3: Fix ping exited problem when doing lp selftest
     - net: hns3: Preserve vlan 0 in hardware table
     - net: hns3: Only update mac configuation when necessary
     - net: hns3: Change the dst mac addr of loopback packet
     - net: hns3: Remove redundant codes of query advertised flow control abilitiy
     - net: hns3: Refine hns3_get_link_ksettings()
     - net: hns: make function hns_gmac_wait_fifo_clean() static
     - net: hns3: Add default irq affinity
     - net: hns3: Add unlikely for buf_num check
     - net: hns3: Remove tx budget to clean more TX descriptors in a napi
  

1786013 Packaging resync
1811200 Add Cavium ThunderX2 SoC UNCORE PMU driver
1781533 SATA device is not going to DEVSLP
1810554 Bionic update: upstream stable patchset 2019-01-04
1810998 CPU hard lockup with rigorous writes to NVMe drive
1811337 To reduce the Realtek USB cardreader power consumption
1806488 Support non-strict iommu mode on arm64
1811335 ELAN900C:00 04F3:2844 touchscreen doesn't work
1810457 Update hisilicon SoC-specific drivers
1811094 iptables connlimit allows more connections than the limit when using multiple CPUs
1809046 Cannot initialize ATA disk if IDENTIFY command fails
1808912 scsi: libsas: fix a race condition when smp task timeout
1805085 Fix and issue that LG I2C touchscreen stops working after reboot
1805245 powerpc/powernv/pci: Work around races in PCI bridge enabling
1807757 Drivers: hv: vmbus: Offload the handling of channels to two workqueues
1802248 Disable LPM for Raydium Touchscreens
1805607 Power leakage at S5 with Qualcomm Atheros QCA9377 802.11ac Wireless Network Adapter
1806534 Fix USB2 device wrongly detected as USB1
1809488 armhf guests fail to boot in EFI mode
1801102 Bionic shows incorrect warning about number of pointers in TFD
1810891 audio output has constant noise on a Dell machine
1791758 ldisc crash on reopened tty
1808097 Console got stuck using serial tty after logout
1802454 fanotify10 in ubuntu_ltp_syscalls failed
1805344 SRU: Fix kernel xhci hang when resume from S3
1805081 Add pointstick support for Cirque Touchpad
1797587 Intel NVMe drives timeout when nvme format is attempted
1810892 lineout jack can't work on a Dell machine
1808353 Blacklist Realtek Virtual IPMI device
1809847 Ethernet[10ec:8136] doesn't work after S3 with kernel 4.15.0.43.64
1809219 Killer 802.11ac 2x2 (1550 or 1550i) [8086:2526][1a56:1550] is not supported
1811055 Support new Realtek ethernet chips
1805775 PC SN720 NVMe WDC 256GB consumes more power in S2Idle than during long idle
1804588 Power consumption during s2idle is higher than long idle (Intel SSDPEKKF)
1810781 mpt3sas - driver using the wrong register to update a queue index in FW
1810702 HP mobile workstations with hybrid graphics support, can not directly output to external monitors by dGPU
1802135 broken touchpad after i2c-i801 blacklist change
1806335 Enable new Realtek card reader
1806532 The line-out on the Dell Dock station can't work
1806380 linux-buildinfo: pull out ABI information into its own package
1806818 Fix Intel I210 doesn't work when ethernet cable gets plugged
1806850 Fix Terminus USB hub that may breaks connected USB devices after S3
1807342 Add support for Dell DW5821e WWAN/GPS module
1807333 Add support for 0cf3:535b QCA_ROME device
1808465 The mute led can't work anymore on the lenovo x1 carbon
1805079 click/pop noise in the headphone on several lenovo laptops
1728244 Touchpad stops working after reboot on Apollo Lake
1808729 MAC address pass through on RTL8153-BND for docking station
1805414 [Ubuntu] kernel: zcrypt: reinit ap queue state machine
1805802 [UBUNTU] qeth: fix length check in SNMP processing
1808183 ASPEED server console output extremely slow after upgrade to 18.04
1808399 Bionic update: upstream stable patchset 2018-12-13
1808185 Bionic update: upstream stable patchset 2018-12-12
1807469 Bionic update: upstream stable patchset 2018-12-07
1620762 Support AverMedia DVD EZMaker 7 USB video capture dongle
CVE-2018-16882 A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled.
CVE-2018-14625 A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condi
CVE-2018-17972 An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may i
CVE-2018-19407 The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer
CVE-2018-18281 Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes en



About   -   Send Feedback to @ubuntu_updates