UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 4.13.0-21
  • Linux kernel version specific cloud tools for version 4.13.0-21
  • Linux kernel version specific cloud tools for version 4.13.0-21
  • Linux kernel version specific cloud tools for version 4.13.0-46

Latest version: 4.13.0-46.51
Release: artful (17.10)
Level: updates
Repository: main

Links

Save this URL for the latest version of "linux": https://www.ubuntuupdates.org/linux



Other versions of "linux" in Artful

Repository Area Version
base main 4.13.0-16.19
security main 4.13.0-46.51
PPA: Canonical Kernel Team 4.13.0-46.51

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.13.0-46.51 2018-07-02 10:07:33 UTC

  linux (4.13.0-46.51) artful; urgency=medium

  * linux: 4.13.0-46.51 -proposed tracker (LP: #1776333)

  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow

  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field

  * rfi-flush: Switch to new linear fallback flush (LP: #1744173)
    - SAUCE: rfi-flush: Factor out init_fallback_flush()
    - SAUCE: rfi-flush: Move rfi_flush_fallback_area to end of paca
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration

  * Fix enabling bridge MMIO windows (LP: #1771344)
    - powerpc/eeh: Fix enabling bridge MMIO windows

  * CVE-2018-1130
    - dccp: check sk for closed state in dccp_sendmsg()

  * CVE-2018-7757
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()

  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero

  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message

  * CVE-2018-6927
    - futex: Prevent overflow by strengthen input validation

  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."

  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table

  * kernel backtrace when receiving large UDP packages (LP: #1772031)
    - iov_iter: fix page_copy_sane for compound pages

  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race

  * CVE-2018-5803
    - sctp: verify size of a new chunk in _sctp_make_chunk()

  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs

  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

  * CVE-2018-5750
    - ACPI: sbshc: remove raw pointer from printk() message

 -- Khalid Elmously <email address hidden> Mon, 11 Jun 2018 23:25:30 +0000

Source diff to previous version
1775856 register on binfmt_misc may overflow and crash the system
1744173 rfi-flush: Switch to new linear fallback flush
1771344 Fix enabling bridge MMIO windows
1772593 cpum_sf: ensure sample freq is non-zero
1720930 wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
1773520 After update to 4.13-43 Intel Graphics are Laggy
1773509 ELANPAD ELAN0612 does not work, patch available
1772031 kernel backtrace when receiving large UDP packages
1774336 FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false
1774306 enable mic-mute hotkey and led on Lenovo M820z and M920z
CVE-2018-11508 The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel mem
CVE-2018-1130 Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a
CVE-2018-7757 Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cau
CVE-2018-6927 The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow)
CVE-2018-5803 Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
CVE-2018-7755 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a k
CVE-2018-5750 The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information

Version: 4.13.0-45.50 2018-06-11 17:07:12 UTC

  linux (4.13.0-45.50) artful; urgency=medium

  * linux: 4.13.0-45.50 -proposed tracker (LP: #1774124)

  * CVE-2018-3639 (x86)
    - SAUCE: Set generic SSBD feature for Intel cpus

Source diff to previous version
CVE-2018-3639 Speculative Store Bypass

Version: 4.13.0-43.48 2018-05-22 02:10:35 UTC

  linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit

  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Source diff to previous version
1769263 LSM Stacking prctl values should be redefined as to not collide with upstream prctls
CVE-2018-3639 Speculative Store Bypass

Version: 4.13.0-41.46 2018-05-08 23:08:05 UTC

  linux (4.13.0-41.46) artful; urgency=medium

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack

  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling

  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden> Wed, 02 May 2018 11:58:49 +0200

Source diff to previous version
CVE-2018-8897 error in exception handling leads to DoS
CVE-2018-1087 error in exception handling leads to wrong debug stack value
CVE-2018-1000199 ptrace() incorrect error handling leads to corruption and DoS

Version: 4.13.0-39.44 2018-04-23 14:09:06 UTC

  linux (4.13.0-39.44) artful; urgency=medium

  * linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)

  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
    Intel) // CVE-2017-5754
    - x86/mm: Reinitialize TLB state on hotplug and resume

  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch

  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] retpoline hints -- handle missing files when RETPOLINE not
      enabled
    - [Packaging] final-checks -- remove check for empty retpoline files

  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386

  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)

  * zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
    (LP: #1737761)
    - SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2

  * AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
    (LP: #1759312)
    - powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features

  * btrfs and tar sparse truncate archives (LP: #1757565)
    - Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
    - Btrfs: fix reported number of inode blocks after buffered append writes

  * efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
    - drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it

  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize

  * Fix an issue that when system in S3, USB keyboard can't wake up the system.
    (LP: #1759511)
    - ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW

  * [8086:3e92] display becomes blank after S3 (LP: #1759188)
    - drm/i915: Apply Display WA #1183 on skl, kbl, and cfl

  * add audio kernel patches for Raven (LP: #1758364)
    - ALSA: hda: Add Raven PCI ID
    - ALSA: hda/realtek - Fix ALC700 family no sound issue

  * Cpu utilization showing system time for kvm guests (performance) (sysstat)
    (LP: #1755979)
    - KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN

  * Kernel panic on a nfsroot system (LP: #1734327)
    - Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
      network hooks"
    - Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
      remaining blobs"

  * can't record sound via front headset port on the Dell Precision 3630
    (LP: #1759088)
    - ALSA: hda/realtek - Fix Dell headset Mic can't record

  * speaker can't output sound anymore after system resumes from S3 on a lenovo
    machine with alc257 (LP: #1758829)
    - ALSA: hda/realtek - Fix speaker no sound after system resume

  * hda driver initialization takes too much time on the machine with coffeelake
    audio controller [8086:a348] (LP: #1758800)
    - ALSA: hda - Force polling mode on CFL for fixing codec communication

  * Let headset-mode initialization be called on Dell Precision 3930
    (LP: #1757584)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop

  * ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
    (LP: #1755073)
    - SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK

  * [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
    file (LP: #1750349)
    - hv: kvp: Avoid reading past allocated blocks from KVP file

  * IMA policy parsing is broken in 4.13 (LP: #1755804)
    - ima/policy: fix parsing of fsuuid

  * external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
    - ALSA: hda/realtek - Add headset mode support for Dell laptop

  * sbsa watchdog crashes thunderx2 system (LP: #1755595)
    - watchdog: sbsa: use 32-bit read for WCV

  * CVE-2018-8043
    - net: phy: mdio-bcm-unimac: fix potential NULL dereference in
      unimac_mdio_probe()

 -- Stefan Bader <email address hidden> Thu, 05 Apr 2018 14:47:00 +0200

1759920 intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-image-4.13.0-37-generic)
1760876 DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel
1758856 retpoline hints: primary infrastructure and initial hints
1752655 retpoline: ignore %cs:0xNNN constant indirections
1754584 zfs system process hung on container stop/delete
1737761 zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
1759312 AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
1757565 btrfs and tar sparse truncate archives
1758375 efifb broken on ThunderX-based Gigabyte nodes
1723127 Intel i40e PF reset due to incorrect MDD detection (continues...)
1759511 Fix an issue that when system in S3, USB keyboard can't wake up the system.
1759188 [8086:3e92] display becomes blank after S3
1758364 add audio kernel patches for Raven
1755979 Cpu utilization showing system time for kvm guests (performance) (sysstat)
1734327 Kernel panic on a nfsroot system
1759088 can't record sound via front headset port on the Dell Precision 3630
1758829 speaker can't output sound anymore after system resumes from S3 on a lenovo machine with alc257
1758800 hda driver initialization takes too much time on the machine with coffeelake audio controller [8086:a348]
1757584 Let headset-mode initialization be called on Dell Precision 3930
1755073 ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
1750349 [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP file
1755804 IMA policy parsing is broken in 4.13
1755954 external mic not work on Dell OptiPlex 7460 AIO
1755595 sbsa watchdog crashes thunderx2 system
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-8043 The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availabilit



About   -   Send Feedback to @ubuntu_updates