UbuntuUpdates.org

Package "linux-kvm"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-kvm

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0

Latest version: 4.4.0-1024.29
Release: xenial (16.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux-kvm": https://www.ubuntuupdates.org/linux-kvm



Other versions of "linux-kvm" in Xenial

Repository Area Version
security main 4.4.0-1026.31
updates universe 4.4.0-1007.12
updates main 4.4.0-1026.31
proposed main 4.4.0-1026.31

Packages in group

Deleted packages are displayed in grey.

linux-kvm-headers-4.4.0-1003 linux-kvm-headers-4.4.0-1004 linux-kvm-headers-4.4.0-1005 linux-kvm-headers-4.4.0-1006 linux-kvm-headers-4.4.0-1007
linux-kvm-headers-4.4.0-1008 linux-kvm-headers-4.4.0-1009 linux-kvm-headers-4.4.0-1010 linux-kvm-headers-4.4.0-1011 linux-kvm-headers-4.4.0-1012
linux-kvm-headers-4.4.0-1013 linux-kvm-headers-4.4.0-1014 linux-kvm-headers-4.4.0-1015 linux-kvm-headers-4.4.0-1017 linux-kvm-headers-4.4.0-1018
linux-kvm-headers-4.4.0-1019 linux-kvm-headers-4.4.0-1020 linux-kvm-headers-4.4.0-1021 linux-kvm-headers-4.4.0-1022 linux-kvm-headers-4.4.0-1024

Changelog

Version: 4.4.0-1024.29 2018-05-09 16:09:34 UTC

 linux-kvm (4.4.0-1024.29) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1024.29 -proposed tracker (LP: #1770019)
 .
   [ Ubuntu: 4.4.0-125.150 ]
 .
   * linux: 4.4.0-125.150 -proposed tracker (LP: #1770011)
   * Unable to insert test_bpf module on Xenial (LP: #1765698)
     - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
     - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
   * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
     - SAUCE: (no-up) virtio-scsi: Fix race in target free
   * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
     (LP: #1763454) // CVE-2017-17862
     - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
   * Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
     - rfkill: fix missing return on rfkill_init
   * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
     - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
   * Xenial update to 4.4.128 stable release (LP: #1765010)
     - cfg80211: make RATE_INFO_BW_20 the default
     - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
     - rtc: snvs: fix an incorrect check of return value
     - x86/asm: Don't use RBP as a temporary register in
       csum_partial_copy_generic()
     - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
     - IB/srpt: Fix abort handling
     - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
     - mac80211: bail out from prep_connection() if a reconfig is ongoing
     - bna: Avoid reading past end of buffer
     - qlge: Avoid reading past end of buffer
     - ipmi_ssif: unlock on allocation failure
     - net: cdc_ncm: Fix TX zero padding
     - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
     - lockd: fix lockd shutdown race
     - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
     - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
       alloc_pid()
     - s390: move _text symbol to address higher than zero
     - net/mlx4_en: Avoid adding steering rules with invalid ring
     - NFSv4.1: Work around a Linux server bug...
     - CIFS: silence lockdep splat in cifs_relock_file()
     - net: qca_spi: Fix alignment issues in rx path
     - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
     - Input: elan_i2c - check if device is there before really probing
     - Input: elantech - force relative mode on a certain module
     - KVM: PPC: Book3S PR: Check copy_to/from_user return values
     - vmxnet3: ensure that adapter is in proper state during force_close
     - SMB2: Fix share type handling
     - bus: brcmstb_gisb: Use register offsets with writes too
     - bus: brcmstb_gisb: correct support for 64-bit address output
     - PowerCap: Fix an error code in powercap_register_zone()
     - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
     - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
       calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
     - x86/tsc: Provide 'tsc=unstable' boot parameter
     - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
     - ipv6: avoid dad-failures for addresses with NODAD
     - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
     - usb: dwc3: keystone: check return value
     - btrfs: fix incorrect error return ret being passed to mapping_set_error
     - ata: libahci: properly propagate return value of platform_get_irq()
     - neighbour: update neigh timestamps iff update is effective
     - arp: honour gratuitous ARP _replies_
     - usb: chipidea: properly handle host or gadget initialization failure
     - USB: ene_usb6250: fix first command execution
     - net: x25: fix one potential use-after-free issue
     - USB: ene_usb6250: fix SCSI residue overwriting
     - serial: 8250: omap: Disable DMA for console UART
     - serial: sh-sci: Fix race condition causing garbage during shutdown
     - sh_eth: Use platform device for printing before register_netdev()
     - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
     - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
     - ath5k: fix memory leak on buf on failed eeprom read
     - selftests/powerpc: Fix TM resched DSCR test with some compilers
     - xfrm: fix state migration copy replay sequence numbers
     - iio: hi8435: avoid garbage event at first enable
     - iio: hi8435: cleanup reset gpio
     - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
     - md-cluster: fix potential lock issue in add_new_disk
     - ARM: davinci: da8xx: Create DSP device only when assigned memory
     - ray_cs: Avoid reading past end of buffer
     - leds: pca955x: Correct I2C Functionality
     - sched/numa: Use down_read_trylock() for the mmap_sem
     - net/mlx5: Tolerate irq_set_affinity_hint() failures
     - selinux: do not check open permission on sockets
     - block: fix an error code in add_partition()
     - mlx5: fix bug reading rss_hash_type from CQE
     - net: ieee802154: fix net_device reference release too early
     - libceph: NULL deref on crush_decode() error path
     - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
     - pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
     - ASoC: rsnd: SSI PIO adjust to 24bit mode
     - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
     - fix race in drivers/char/random.c:get_reg()
     - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
     - tcp: better validation of received ack sequences
     - net: move somaxconn init from sysctl code
     - Input: elan_i2c - clear INT before resetting controller
     - bonding: Don't update slave->link until ready to commit
     - KVM: nVMX: Fix handling of lmsw instruction
     - net: llc: add lock_sock in llc_ui_bind to avoid a race condition
     -

Source diff to previous version
1765698 Unable to insert test_bpf module on Xenial
1765241 virtio_scsi race can corrupt memory, panic kernel
1763454 bpf_map_lookup_elem: BUG: unable to handle kernel paging request
1764810 Xenial: rfkill: fix missing return on rfkill_init
1761534 \
1765010 Xenial update to 4.4.128 stable release
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1765007 Xenial update to 4.4.127 stable release
1764999 Xenial update to 4.4.126 stable release
1764973 Xenial update to 4.4.125 stable release
1726930 System fails to start (boot) on battery due to read-only root file-system
1764762 Xenial update to 4.4.124 stable release
1764666 Xenial update to 4.4.123 stable release
1764627 Xenial update to 4.4.122 stable release
1764367 Xenial update to 4.4.121 stable release
1764316 Xenial update to 4.4.120 stable release
1762453 Xenial update to 4.4.119 stable release
1749420 [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics
1756866 Xenial update to 4.4.118 stable release
1755627 ibrs/ibpb fixes result in excessive kernel logging
CVE-2017-17862 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This beh
CVE-2017-16995 The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corrupt
CVE-2018-1000004 In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadl

Version: 4.4.0-1022.27 2018-04-26 09:09:15 UTC

 linux-kvm (4.4.0-1022.27) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1022.27 -proposed tracker (LP: #1766610)
 .
   * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
     kvm kernel (LP: #1766832)
     - kvm: [config] enable CONFIG_MODULE_UNLOAD
 .
   * test_072_config_debug_set_module_ronx in kernel security test failed with
     4.4 X-kvm (LP: #1760646)
     - kvm: [config] enable CONFIG_DEBUG_SET_MODULE_RONX
 .
   * test_151_sysctl_disables_bpf_unpriv_userns in kernel security test failed
     with 4.4/4.15 kvm (LP: #1760656)
     - kvm: [config] enable BPF_SYSCALL
 .
   * test_077_config_security_ipsec in kernel security test failed with 4.4/4.15
     kvm (LP: #1760653)
     - kvm: [config] enable ipsec configs
 .
   * test_072_config_strict_devmem in kernel security test failed with 4.4/4.15
     kvm (LP: #1760648) // test_072_strict_devmem in kernel security test failed
     with 4.4/4.15 kvm (LP: #1760649)
     - kvm: [config] enable DEVMEM
 .
   * test_076_config_security_acl_ext4 in kernel security test failed with
     4.4/4.15 kvm (LP: #1760652) // test_160_setattr_CVE_2015_1350 in kernel
     security test failed with 4.4/4.15 kvm (LP: #1760657)
     - kvm: [config] enable POSIX_ACL, XATTR, FS_SECURITY for all filesystems
 .
   * test_074_config_security_default_mmap_min_addr in kernel security test
     failed with 4.4/4.15 kvm (LP: #1760650)
     - kvm: [config] DEFAULT_MMAP_MIN_ADDR=65536
 .
   [ Ubuntu: 4.4.0-123.147 ]
 .
   * linux: 4.4.0-123.147 -proposed tracker (LP: #1766604)
   * Unable to insert test_bpf module on Xenial (LP: #1765698)
     - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
     - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
   * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
     - SAUCE: (no-up) virtio-scsi: Fix race in target free
   * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
     (LP: #1763454) // CVE-2017-17862
     - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"
   * Xenial: rfkill: fix missing return on rfkill_init (LP: #1764810)
     - rfkill: fix missing return on rfkill_init
   * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
     - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
   * Xenial update to 4.4.128 stable release (LP: #1765010)
     - cfg80211: make RATE_INFO_BW_20 the default
     - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
     - rtc: snvs: fix an incorrect check of return value
     - x86/asm: Don't use RBP as a temporary register in
       csum_partial_copy_generic()
     - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
     - IB/srpt: Fix abort handling
     - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
     - mac80211: bail out from prep_connection() if a reconfig is ongoing
     - bna: Avoid reading past end of buffer
     - qlge: Avoid reading past end of buffer
     - ipmi_ssif: unlock on allocation failure
     - net: cdc_ncm: Fix TX zero padding
     - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
     - lockd: fix lockd shutdown race
     - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
     - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
       alloc_pid()
     - s390: move _text symbol to address higher than zero
     - net/mlx4_en: Avoid adding steering rules with invalid ring
     - NFSv4.1: Work around a Linux server bug...
     - CIFS: silence lockdep splat in cifs_relock_file()
     - net: qca_spi: Fix alignment issues in rx path
     - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
     - Input: elan_i2c - check if device is there before really probing
     - Input: elantech - force relative mode on a certain module
     - KVM: PPC: Book3S PR: Check copy_to/from_user return values
     - vmxnet3: ensure that adapter is in proper state during force_close
     - SMB2: Fix share type handling
     - bus: brcmstb_gisb: Use register offsets with writes too
     - bus: brcmstb_gisb: correct support for 64-bit address output
     - PowerCap: Fix an error code in powercap_register_zone()
     - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
     - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
       calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
     - x86/tsc: Provide 'tsc=unstable' boot parameter
     - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
     - ipv6: avoid dad-failures for addresses with NODAD
     - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
     - usb: dwc3: keystone: check return value
     - btrfs: fix incorrect error return ret being passed to mapping_set_error
     - ata: libahci: properly propagate return value of platform_get_irq()
     - neighbour: update neigh timestamps iff update is effective
     - arp: honour gratuitous ARP _replies_
     - usb: chipidea: properly handle host or gadget initialization failure
     - USB: ene_usb6250: fix first command execution
     - net: x25: fix one potential use-after-free issue
     - USB: ene_usb6250: fix SCSI residue overwriting
     - serial: 8250: omap: Disable DMA for console UART
     - serial: sh-sci: Fix race condition causing garbage during shutdown
     - sh_eth: Use platform device for printing before register_netdev()
     - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
     - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
     - ath5k: fix memory leak on buf on failed eeprom read
     - selftests/powerpc: Fix TM resched DSCR test with some compilers
     - xfrm: fix state migration copy replay sequence numbers
     - iio: hi8435: avoid garbage event at first enable
     - iio: hi8435: cleanup reset gpio
     - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
     - md-cluster: fix pot

Source diff to previous version
1766832 test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel
1760646 test_072_config_debug_set_module_ronx in kernel security test failed with 4.4 X-kvm
1760656 test_151_sysctl_disables_bpf_unpriv_userns in kernel security test failed with 4.4/4.15 kvm
1760653 test_077_config_security_ipsec in kernel security test failed with 4.4/4.15 kvm
1760648 test_072_config_strict_devmem in kernel security test failed with 4.4/4.15 kvm
1760649 test_072_strict_devmem in kernel security test failed with 4.4/4.15 kvm
1760652 test_076_config_security_acl_ext4 in kernel security test failed with 4.4/4.15 kvm
1760657 test_160_setattr_CVE_2015_1350 in kernel security test failed with 4.4/4.15 kvm
1760650 test_074_config_security_default_mmap_min_addr in kernel security test failed with 4.4/4.15 kvm
1765698 Unable to insert test_bpf module on Xenial
1765241 virtio_scsi race can corrupt memory, panic kernel
1763454 bpf_map_lookup_elem: BUG: unable to handle kernel paging request
1764810 Xenial: rfkill: fix missing return on rfkill_init
1761534 \
1765010 Xenial update to 4.4.128 stable release
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1765007 Xenial update to 4.4.127 stable release
1764999 Xenial update to 4.4.126 stable release
1764973 Xenial update to 4.4.125 stable release
1726930 System fails to start (boot) on battery due to read-only root file-system
1764762 Xenial update to 4.4.124 stable release
1764666 Xenial update to 4.4.123 stable release
1764627 Xenial update to 4.4.122 stable release
1764367 Xenial update to 4.4.121 stable release
1764316 Xenial update to 4.4.120 stable release
1762453 Xenial update to 4.4.119 stable release
1749420 [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics
1756866 Xenial update to 4.4.118 stable release
1755627 ibrs/ibpb fixes result in excessive kernel logging
1757435 Redpine: WiFi scan stopping issue observed with BLE
1763644 Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware
CVE-2017-17862 kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This beh
CVE-2017-16995 The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corrupt

Version: 4.4.0-1021.26 2018-04-05 18:08:34 UTC

 linux-kvm (4.4.0-1021.26) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1021.26 -proposed tracker (LP: #1761445)
 .
   * linux-kvm VFIO support for Kata containers (LP: #1759421)
     - kvm: [config] Enable VFIO
 .
   [ Ubuntu: 4.4.0-120.144 ]
 .
   * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)
   * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
     image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
     - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
       thread"
     - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
   * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
     install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
     - [Packaging] include the retpoline extractor in the headers
   * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
     - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
     - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
     - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
     - x86/paravirt, objtool: Annotate indirect calls
     - x86/asm: Stop depending on ptrace.h in alternative.h
     - [Packaging] retpoline -- add safe usage hint support
     - [Packaging] retpoline-check -- only report additions
     - [Packaging] retpoline -- widen indirect call/jmp detection
     - [Packaging] retpoline -- elide %rip relative indirections
     - [Packaging] retpoline -- clear hint information from packages
     - SAUCE: modpost: add discard to non-allocatable whitelist
     - KVM: x86: Make indirect calls in emulator speculation safe
     - KVM: VMX: Make indirect call speculation safe
     - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
     - SAUCE: early/late -- annotate indirect calls in early/late initialisation
       code
     - SAUCE: vga_set_mode -- avoid jump tables
     - [Config] retpoline -- switch to new format
     - [Packaging] final-checks -- remove check for empty retpoline files
   * Xenial update to 4.4.117 stable release (LP: #1756860)
     - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
     - PM / devfreq: Propagate error from devfreq_add_device()
     - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
     - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
     - arm: spear600: Add missing interrupt-parent of rtc
     - arm: spear13xx: Fix dmas cells
     - arm: spear13xx: Fix spics gpio controller's warning
     - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
     - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
       by always inlining iterator helper methods
     - x86/cpu: Change type of x86_cache_size variable to unsigned int
     - drm/radeon: adjust tested variable
     - rtc-opal: Fix handling of firmware error codes, prevent busy loops
     - ext4: save error to disk in __ext4_grp_locked_error()
     - ext4: correct documentation for grpid mount option
     - mm: hide a #warning for COMPILE_TEST
     - video: fbdev: atmel_lcdfb: fix display-timings lookup
     - console/dummy: leave .con_font_get set to NULL
     - rtlwifi: rtl8821ae: Fix connection lost problem correctly
     - Btrfs: fix deadlock in run_delalloc_nocow
     - Btrfs: fix crash due to not cleaning up tree log block's dirty bits
     - Btrfs: fix unexpected -EEXIST when creating new inode
     - ALSA: hda - Fix headset mic detection problem for two Dell machines
     - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
     - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
     - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
     - ALSA: seq: Fix racy pool initializations
     - mvpp2: fix multicast address filter
     - dm: correctly handle chained bios in dec_pending()
     - x86: fix build warnign with 32-bit PAE
     - vfs: don't do RCU lookup of empty pathnames
     - ARM: pxa/tosa-bt: add MODULE_LICENSE tag
     - ARM: dts: s5pv210: add interrupt-parent for ohci
     - media: r820t: fix r820t_write_reg for KASAN
     - Linux 4.4.117
   * zfs system process hung on container stop/delete (LP: #1754584)
     - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu19
     - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
   * apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471)
     - SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized
   * Xenial update to 4.4.116 stable release (LP: #1756121)
     - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le
     - powerpc/64: Fix flush_(d|i)cache_range() called from modules
     - powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
     - powerpc: Simplify module TOC handling
     - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
     - usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit
     - usbip: fix 3eee23c3ec14 tcp_socket address still in the status file
     - net: cdc_ncm: initialize drvflags before usage
     - ASoC: simple-card: Fix misleading error message
     - ASoC: rsnd: don't call free_irq() on Parent SSI
     - ASoC: rsnd: avoid duplicate free_irq()
     - drm: rcar-du: Use the VBK interrupt for vblank events
     - drm: rcar-du: Fix race condition when disabling planes at CRTC stop
     - x86/asm: Fix inline asm call constraints for GCC 4.4
     - ip6mr: fix stale iterator
     - net: igmp: add a missing rcu locking section
     - qlcnic: fix deadlock bug
     - r8169: fix RTL8168EP take too long to complete driver initialization.
     - tcp: release sk_frag.page in tcp_disconnect
     - vhost_net: stop device during reset owner
     - media: soc_camera: soc_scale_crop: add missing
       MODULE_DESCRIPTION/AUTHOR/LICENSE
     - KEYS: encrypted: fix buffer overread in valid_master_desc()
     - don't put symlink bodies in pagecache into highmem
     - crypto: t

Source diff to previous version
1759421 linux-kvm VFIO support for Kata containers
1759920 intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-image-4.13.0-37-generic)
1760876 DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel
1758856 retpoline hints: primary infrastructure and initial hints
1756860 Xenial update to 4.4.117 stable release
1754584 zfs system process hung on container stop/delete
1758471 apparmor: fix bad __initdata tagging on, apparmor_initialized
1756121 Xenial update to 4.4.116 stable release
1723127 Intel i40e PF reset due to incorrect MDD detection (continues...)
1755509 Xenial update to 4.4.115 stable release
1752655 retpoline: ignore %cs:0xNNN constant indirections
1759821 Dell XPS 13 9360 bluetooth scan can not detect any device
1758869 Kernel panic with AWS 4.4.0-1053 / 4.4.0-1015 (Trusty)
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-8043 The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availabilit

Version: 4.4.0-1020.25 2018-03-19 13:08:44 UTC

 linux-kvm (4.4.0-1020.25) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1020.25 -proposed tracker (LP: #1755219)
 .
   * linux-kvm standard configs for Ubuntu Server workloads (LP: #1736561)
     - kvm: [config] enable NO_HZ_IDLE, HIGH_RES_TIMERS
     - kvm: [config] enable NUMA
     - kvm: [config] enable all CGROUPs
     - kvm: [config] enable all CONFIG_RD decompressors
     - kvm: [config] enable COREDUMP
     - kvm: [config] enable X86_X2APIC
     - kvm: [config] enable PREEMPT_VOLUNTARY
     - kvm: [config] enable HOTPLUG_CPU
     - kvm: [config] enable BLK_DEV_SD
     - kvm: [config] enable ATA, PATA, SATA
     - kvm: [config] enable BONDING, MACVLAN, TUN, VETH
     - kvm: [config] enable HW_RANDOM_{AMD,INTEL,TIMERIOMEM}
     - kvm: [config] enable EFI_VARS
     - kvm: [config] enable SQUASHFS
     - kvm: [retpoline] add new retpoline call sites
 .
   * Xenial update to 4.4.114 stable release (LP: #1754592)
     - kvm: [config] enable X86_VSYSCALL_EMULATION
 .
   * Xenial update to 4.4.110 stable release (LP: #1745071)
     - [config] updateconfigs for master changes
 .
   * linux-kvm configs for Kata containers (LP: #1752147)
     - kvm: [config] Enable PCI Hotplug
     - kvm: [config] Add support for DPDK
     - kvm: [config] Enable DAX
     - kvm: [config] Enable 9P fs
 .
   [ Ubuntu: 4.4.0-117.141 ]
 .
   * linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)
   * Xenial update to 4.4.114 stable release (LP: #1754592)
     - x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
     - usbip: prevent vhci_hcd driver from leaking a socket pointer address
     - usbip: Fix implicit fallthrough warning
     - usbip: Fix potential format overflow in userspace tools
     - x86/microcode/intel: Fix BDW late-loading revision check
     - x86/retpoline: Fill RSB on context switch for affected CPUs
     - sched/deadline: Use the revised wakeup rule for suspending constrained dl
       tasks
     - can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
     - can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
     - PM / sleep: declare __tracedata symbols as char[] rather than char
     - time: Avoid undefined behaviour in ktime_add_safe()
     - timers: Plug locking race vs. timer migration
     - Prevent timer value 0 for MWAITX
     - drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
     - drivers: base: cacheinfo: fix boot error message when acpi is enabled
     - PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
     - PCI: layerscape: Fix MSG TLP drop setting
     - mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
     - fs/select: add vmalloc fallback for select(2)
     - hwpoison, memcg: forcibly uncharge LRU pages
     - cma: fix calculation of aligned offset
     - mm, page_alloc: fix potential false positive in __zone_watermark_ok
     - ipc: msg, make msgrcv work with LONG_MIN
     - x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
     - ACPI / processor: Avoid reserving IO regions too early
     - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
     - ACPICA: Namespace: fix operand cache leak
     - netfilter: x_tables: speed up jump target validation
     - netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
       in 64bit kernel
     - netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
     - netfilter: nf_ct_expect: remove the redundant slash when policy name is
       empty
     - netfilter: nfnetlink_queue: reject verdict request from different portid
     - netfilter: restart search if moved to other chain
     - netfilter: nf_conntrack_sip: extend request line validation
     - netfilter: use fwmark_reflect in nf_send_reset
     - ext2: Don't clear SGID when inheriting ACLs
     - reiserfs: fix race in prealloc discard
     - reiserfs: don't preallocate blocks for extended attributes
     - reiserfs: Don't clear SGID when inheriting ACLs
     - fs/fcntl: f_setown, avoid undefined behaviour
     - scsi: libiscsi: fix shifting of DID_REQUEUE host byte
     - Input: trackpoint - force 3 buttons if 0 button is reported
     - usb: usbip: Fix possible deadlocks reported by lockdep
     - usbip: fix stub_rx: get_pipe() to validate endpoint number
     - usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
     - usbip: prevent leaking socket pointer address in messages
     - um: link vmlinux with -no-pie
     - vsyscall: Fix permissions for emulate mode with KAISER/PTI
     - eventpoll.h: add missing epoll event masks
     - x86/microcode/intel: Extend BDW late-loading further with LLC size check
     - hrtimer: Reset hrtimer cpu base proper on CPU hotplug
     - dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
     - ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
     - ipv6: fix udpv6 sendmsg crash caused by too small MTU
     - ipv6: ip6_make_skb() needs to clear cork.base.dst
     - lan78xx: Fix failure in USB Full Speed
     - net: igmp: fix source address check for IGMPv3 reports
     - tcp: __tcp_hdrlen() helper
     - net: qdisc_pkt_len_init() should be more robust
     - pppoe: take ->needed_headroom of lower device into account on xmit
     - r8169: fix memory corruption on retrieval of hardware statistics.
     - sctp: do not allow the v4 socket to bind a v4mapped v6 address
     - sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
     - vmxnet3: repair memory leak
     - net: Allow neigh contructor functions ability to modify the primary_key
     - ipv4: Make neigh lookup keys for loopback/point-to-point devices be
       INADDR_ANY
     - flow_dissector: properly cap thoff field
     - net: tcp: close sock if net namespace is exiting
     - nfsd: auth: Fix gid sorting when rootsquash enabled
     - Linux 4.4.114
   * Xenial update to 4.4.113 stable release (LP: #1754375)
     - gcov: disable for COMPILE_TEST
     - scsi: sg: disable SET_FO

Source diff to previous version
1736561 linux-kvm standard configs for Ubuntu Server workloads
1754592 Xenial update to 4.4.114 stable release
1745071 Xenial update to 4.4.110 stable release
1752147 linux-kvm configs for Kata containers
1754375 Xenial update to 4.4.113 stable release
1754076 i2c-thunderx: erroneous error message \
1750810 qeth: fix calculation of required buffer elements for skb
1745130 Support rfkill-any led trigger for Fujitsu u727
1753438 Redpine: Sometimes Wi-Fi connection shows \
1753439 Redpine: BLE scanning for nearby beacons per second is too low and result high loss rate.
1750568 qeth: check not more than 16 SBALEs on the completion queue
1750813 qeth: fix L3 next-hop im xmit qeth hdr
1744754 qemu-efi-aarch64 in \u003e= artful can't boot xenial cloud images
1747896 OOM and High CPU utilization in update_blocked_averages because of too many cfs_rqs in rq-\u003eleaf_cfs_rq_list
1748922 linux-tools: perf incorrectly linking libbfd
1751021 retpoline abi files are empty on i386
1715519 bnx2x_attn_int_deasserted3:4323 MC assert!
1729674 TB16 dock ethernet corrupts data with hw checksum silently failing
1744078 linux \u003c 4.8: x-netns vti is broken
1745266 Xenial update to 4.4.112 stable release
1745263 Xenial update to 4.4.111 stable release
1745364 x86/net/bpf: return statement missing value
1744736 Ubuntu 16.04 - s390/cpuinfo: show facilities as reported by stfle
1745069 Xenial update to 4.4.109 stable release
1745054 Xenial update to 4.4.108 stable release
1745052 Xenial update to 4.4.107 stable release
1745047 Xenial update to 4.4.106 stable release
1745046 Xenial update to 4.4.105 stable release
1745043 Xenial update to 4.4.104 stable release
1744873 Xenial update to 4.4.103 stable release
1736954 ppc64el: Do not call ibm,os-term on panic
1744870 Xenial update to 4.4.102 stable release
1744794 Xenial update to 4.4.101 stable release
1744639 Xenial update to 4.4.100 stable release
1744636 Xenial update to 4.4.99 stable release
1733605 elantech touchpad of Lenovo L480/580 failed to detect hw_version
1737176 Disabling zfs does not always disable module checks for the zfs modules
1735977 Using asymmetric key for IMA appraisal crashes the system in Ubuntu 16.04
1724614 [KVM] Lower the default for halt_poll_ns to 200000 ns
1744077 $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
1742090 Redpine: Wifi/BT not functioning after s3 resume
1742094 [16.04][classic] Redpine: wowlan feature doesn't work
1664602 Using an NVMe drive causes huge power drain
1705748 Samsung SSD 960 EVO 500GB refused to change power state
1738219 the kernel is blackholing IPv6 packets to linkdown nexthops
1729145 /dev/bcache/by-uuid links not created after reboot
1730550 e1000e in 4.4.0-97-generic breaks 82574L under heavy load.
1736317 ath10k: enhance rf signal strength
1720228 User reports excessive ALUA retry messages
1734757 Add installer support for new Broadcom network drivers.
1703742 Transparent hugepages should default to enabled=madvise
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi

Version: 4.4.0-1019.24 2018-02-13 12:08:36 UTC

 linux-kvm (4.4.0-1019.24) xenial; urgency=medium
 .
   * linux-kvm: 4.4.0-1019.24 -proposed tracker (LP: #1749092)
 .
   [ Ubuntu: 4.4.0-116.140 ]
 .
   * linux: 4.4.0-116.140 -proposed tracker (LP: #1748990)
   * BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
     (LP: #1748671)
     - SAUCE: net: ipv4: fix for a race condition in raw_sendmsg -- fix backport
 .
   [ Ubuntu: 4.4.0-115.139 ]
 .
   * linux: 4.4.0-115.138 -proposed tracker (LP: #1748745)
   * CVE-2017-5715 (Spectre v2 Intel)
     - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
     - SAUCE: turn off IBRS when full retpoline is present
     - [Packaging] retpoline files must be sorted
     - [Packaging] pull in retpoline files
 .
   [ Ubuntu: 4.4.0-114.137 ]
 .
   * linux: 4.4.0-114.137 -proposed tracker (LP: #1748484)
   * ALSA backport missing NVIDIA GPU codec IDs to patch table to
     Ubuntu 16.04 LTS Kernel (LP: #1744117)
     - ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table
   * Shutdown hang on 16.04 with iscsi targets (LP: #1569925)
     - scsi: libiscsi: Allow sd_shutdown on bad transport
   * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
     - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
   * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
     (LP: #1747090)
     - KVM: s390: wire up bpb feature
     - KVM: s390: Enable all facility bits that are known good for passthrough
   * CVE-2017-5715 (Spectre v2 Intel)
     - SAUCE: drop lingering gmb() macro
     - x86/feature: Enable the x86 feature to control Speculation
     - x86/feature: Report presence of IBPB and IBRS control
     - x86/enter: MACROS to set/clear IBRS and set IBPB
     - x86/enter: Use IBRS on syscall and interrupts
     - x86/idle: Disable IBRS entering idle and enable it on wakeup
     - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
     - x86/mm: Set IBPB upon context switch
     - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
     - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
     - x86/kvm: Set IBPB when switching VM
     - x86/kvm: Toggle IBRS on VM entry and exit
     - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
     - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
     - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
     - x86/cpu/AMD: Add speculative control support for AMD
     - x86/microcode: Extend post microcode reload to support IBPB feature
     - KVM: SVM: Do not intercept new speculative control MSRs
     - x86/svm: Set IBRS value on VM entry and exit
     - x86/svm: Set IBPB when running a different VCPU
     - KVM: x86: Add speculative control CPUID support for guests
     - SAUCE: Fix spec_ctrl support in KVM
     - SAUCE: turn off IBPB when full retpoline is present
 .

1748671 BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
1744117 ALSA backport missing NVIDIA GPU codec IDs to patch table to Ubuntu 16.04 LTS Kernel
1743053 libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
1747090 KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at



About   -   Send Feedback to @ubuntu_updates