UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 4.13.0-42
  • Linux kernel version specific cloud tools for version 4.13.0-42
  • Linux kernel version specific cloud tools for version 4.13.0-42
  • Linux kernel version specific cloud tools for version 4.13.0-44

Latest version: 4.13.0-44.49
Release: artful (17.10)
Level: proposed
Repository: main

Links

Save this URL for the latest version of "linux": https://www.ubuntuupdates.org/linux



Other versions of "linux" in Artful

Repository Area Version
base main 4.13.0-16.19
security main 4.13.0-43.48
updates main 4.13.0-43.48
PPA: Canonical Kernel Team 4.13.0-44.49

Packages in group

Deleted packages are displayed in grey.

linux-cloud-tools-4.13.0-42 linux-cloud-tools-4.13.0-42-generic linux-cloud-tools-4.13.0-42-lowlatency linux-cloud-tools-4.13.0-44 linux-cloud-tools-4.13.0-44-generic
linux-cloud-tools-4.13.0-44-lowlatency linux-cloud-tools-common linux-doc linux-headers-4.13.0-42 linux-headers-4.13.0-42-generic
linux-headers-4.13.0-42-lowlatency linux-headers-4.13.0-44 linux-headers-4.13.0-44-generic linux-headers-4.13.0-44-lowlatency linux-image-4.13.0-42-generic
linux-image-4.13.0-42-lowlatency linux-image-4.13.0-44-generic linux-image-4.13.0-44-lowlatency linux-image-extra-4.13.0-42-generic linux-image-extra-4.13.0-44-generic
linux-libc-dev linux-source-4.13.0 linux-tools-4.13.0-42 linux-tools-4.13.0-42-generic linux-tools-4.13.0-42-lowlatency
linux-tools-4.13.0-44 linux-tools-4.13.0-44-generic linux-tools-4.13.0-44-lowlatency linux-tools-common

Changelog

Version: 4.13.0-44.49 2018-05-24 20:07:12 UTC

  linux (4.13.0-44.49) artful; urgency=medium

  * linux: 4.13.0-44.49 -proposed tracker (LP: #1772951)

  * CVE-2018-3639 (x86)
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.

  * [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
    - SAUCE: (no-up) s390: fix rwlock implementation

  * CVE-2018-7492
    - rds: Fix NULL pointer dereference in __rds_rdma_map

  * CVE-2018-8781
    - drm: udl: Properly check framebuffer mmap offsets

  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race

  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap

  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle

  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated

  * [SRU][Artful] using vfio-pci on a combination of cn8xxx and some PCI devices
    results in a kernel panic. (LP: #1770254)
    - PCI: Avoid bus reset if bridge itself is broken
    - PCI: Mark Cavium CN8xxx to avoid bus reset
    - PCI: Avoid slot reset if bridge itself is broken

  * Battery drains when laptop is off (shutdown) (LP: #1745646)
    - PCI / PM: Check device_may_wakeup() in pci_enable_wake()

  * perf record crash: refcount_inc assertion failed (LP: #1769027)
    - perf cgroup: Fix refcount usage
    - perf xyarray: Fix wrong processing when closing evsel fd

  * Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
    (LP: #1764194)
    - drm/i915/bios: filter out invalid DDC pins from VBT child devices

  * Fix an issue that some PCI devices get incorrectly suspended (LP: #1764684)
    - PCI / PM: Always check PME wakeup capability for runtime wakeup support

  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking

  * CVE-2018-1068
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets

  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()

  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device

  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - ipv4: convert dst_metrics.refcnt from atomic_t to refcount_t
    - xfrm: reuse uncached_list to track xdsts

  * Acer Swift sf314-52 power button not managed (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
    - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
    machine (LP: #1766477)
    - ALSA: hda/realtek - adjust the location of one mic

 -- Stefan Bader <email address hidden> Thu, 24 May 2018 10:31:54 +0200

Source diff to previous version
CVE-2018-8087 Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to caus
CVE-2018-1068 A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily wri
CVE-2018-1092 The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, whic
CVE-2018-8781 The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnera
CVE-2018-7492 A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to ca
CVE-2018-3639 Speculative Store Bypass
1766477 Chang the location for one of two front mics on a lenovo thinkcentre machine
1766398 set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630
1766054 Acer Swift sf314-52 power button not managed
1746474 unregister_netdevice: waiting for eth0 to become free. Usage count = 5
1763748 Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in DELL XPS 13 9370 with firmware 1.50
1769696 [SRU][Bionic/Artful] fix false positives in W+X checking
1764684 Fix an issue that some PCI devices get incorrectly suspended
1764194 Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
1769027 perf record crash: refcount_inc assertion failed
1745646 Battery drains when laptop is off (shutdown)
1770254 [SRU][Artful] using vfio-pci on a combination of cn8xxx and some PCI devices results in a kernel panic.
1771542 Suspend to idle: Open lid didn't resume
1771679 Kernel panic on boot (m1.small in cn-north-1)
1765564 fsnotify: Fix fsnotify_mark_connector race
1761674 [Ubuntu 16.04] kernel: fix rwlock implementation

Version: 4.13.0-43.48 2018-05-22 00:06:57 UTC

  linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit

  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Source diff to previous version
1769263 LSM Stacking prctl values should be redefined as to not collide with upstream prctls
CVE-2018-3639 Speculative Store Bypass

Version: 4.13.0-42.47 2018-05-10 14:07:22 UTC

  linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation

  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
    - netlink: Add netns check on taps

  * CVE-2017-17975
    - media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"

  * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Kleber Sacilotto de Souza <email address hidden> Mon, 07 May 2018 15:06:58 +0200

Source diff to previous version
1765850 arm64: fix CONFIG_DEBUG_WX address reporting
1765977 HiSilicon HNS NIC names are truncated in /proc/interrupts
1763271 [8086:3e92] display becomes blank after S3
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1760712 perf vendor events arm64: Enable JSON events for ThunderX2 B0
1762693 No network with e1000e driver on 4.13.0-38-generic
1762812 /dev/ipmi enumeration flaky on Cavium Sabre nodes
1761534 \
1761104 fix regression in mm/hotplug, allows NVIDIA driver to work
1755627 ibrs/ibpb fixes result in excessive kernel logging
CVE-2017-18208 The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by tr
CVE-2018-8822 Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/stag
CVE-2017-18203 The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leverag
CVE-2017-17449 The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restric
CVE-2017-17975 Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a de

Version: 4.13.0-41.46 2018-05-08 19:07:12 UTC

  linux (4.13.0-41.46) artful; urgency=medium

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack

  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling

  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden> Wed, 02 May 2018 11:58:49 +0200

Source diff to previous version
CVE-2018-8897 error in exception handling leads to DoS
CVE-2018-1087 error in exception handling leads to wrong debug stack value
CVE-2018-1000199 ptrace() incorrect error handling leads to corruption and DoS

Version: 4.13.0-40.45 2018-04-27 17:07:07 UTC

  linux (4.13.0-40.45) artful; urgency=medium

  * linux: 4.13.0-40.45 -proposed tracker (LP: #1766592)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation

  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
    - netlink: Add netns check on taps

  * CVE-2017-17975
    - media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"

  * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Khalid Elmously <email address hidden> Wed, 25 Apr 2018 02:34:24 +0000

1765850 arm64: fix CONFIG_DEBUG_WX address reporting
1765977 HiSilicon HNS NIC names are truncated in /proc/interrupts
1763271 [8086:3e92] display becomes blank after S3
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1760712 perf vendor events arm64: Enable JSON events for ThunderX2 B0
1762693 No network with e1000e driver on 4.13.0-38-generic
1762812 /dev/ipmi enumeration flaky on Cavium Sabre nodes
1761534 \
1761104 fix regression in mm/hotplug, allows NVIDIA driver to work
1755627 ibrs/ibpb fixes result in excessive kernel logging
CVE-2017-18208 The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by tr
CVE-2018-8822 Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/stag
CVE-2017-18203 The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leverag
CVE-2017-17449 The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restric
CVE-2017-17975 Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a de



About   -   Send Feedback to @ubuntu_updates