UbuntuUpdates.org

Package "linux-kvm"

Name: linux-kvm

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1028.28
Release: bionic (18.04)
Level: proposed
Repository: main

Links

Save this URL for the latest version of "linux-kvm": https://www.ubuntuupdates.org/linux-kvm



Other versions of "linux-kvm" in Bionic

Repository Area Version
base main 4.15.0-1008.8
security main 4.15.0-1027.27
updates main 4.15.0-1027.27
PPA: Canonical Kernel Team 4.15.0-1028.28

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1028.28 2018-12-07 23:06:17 UTC

  linux-kvm (4.15.0-1028.28) bionic; urgency=medium

  * linux-kvm: 4.15.0-1028.28 -proposed tracker (LP: #1806667)

  [ Ubuntu: 4.15.0-43.46 ]

  * linux: 4.15.0-43.46 -proposed tracker (LP: #1806659)
  * System randomly hangs during suspend when mei_wdt is loaded (LP: #1803942)
    - SAUCE: base/dd: limit release function changes to vfio driver only
  * Workaround CSS timeout on AMD SNPS 3.0 xHC (LP: #1806838)
    - xhci: Allow more than 32 quirks
    - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Packaging] limit preparation to linux-libc-dev in headers
    - [Packaging] commonise debhelper invocation
    - [Packaging] ABI -- accumulate abi information at the end of the build
    - [Packaging] buildinfo -- add basic build information
    - [Packaging] buildinfo -- add firmware information to the flavour ABI
    - [Packaging] buildinfo -- add compiler information to the flavour ABI
    - [Packaging] buildinfo -- add buildinfo support to getabis
    - [Config] buildinfo -- add retpoline version markers
  * linux packages should own /usr/lib/linux/triggers (LP: #1770256)
    - [Packaging] own /usr/lib/linux/triggers
  * CVE-2018-12896
    - posix-timers: Sanitize overrun handling
  * CVE-2018-16276
    - USB: yurex: fix out-of-bounds uaccess in read handler
  * CVE-2018-10902
    - ALSA: rawmidi: Change resized buffers atomically
  * CVE-2018-18710
    - cdrom: fix improper type cast, which can leat to information leak.
  * CVE-2018-18690
    - xfs: don't fail when converting shortform attr to long form during
      ATTR_REPLACE
  * CVE-2018-14734
    - infiniband: fix a possible use-after-free bug
  * CVE-2018-18445
    - bpf: 32-bit RSH verification must truncate input before the ALU op
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

 -- Khalid Elmously <email address hidden> Fri, 07 Dec 2018 04:34:12 +0000

1803942 System randomly hangs during suspend when mei_wdt is loaded
1806838 Workaround CSS timeout on AMD SNPS 3.0 xHC
1806380 linux-buildinfo: pull out ABI information into its own package
1770256 linux packages should own /usr/lib/linux/triggers
1786013 Packaging resync
CVE-2018-12896 An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by th
CVE-2018-16276 An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/write
CVE-2018-10902 It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_
CVE-2018-18710 An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by lo
CVE-2018-18690 In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the ne
CVE-2018-14734 drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup ste
CVE-2018-18445 In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-o

Version: *DELETED* 2018-12-04 11:06:58 UTC
No changelog for deleted or moved packages.

Version: 4.15.0-1027.27 2018-11-17 10:06:39 UTC

  linux-kvm (4.15.0-1027.27) bionic; urgency=medium

  * linux-kvm: 4.15.0-1027.27 -proposed tracker (LP: #1802561)

  [ Ubuntu: 4.15.0-42.45 ]

  * linux: 4.15.0-42.45 -proposed tracker (LP: #1803592)
  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - KVM: s390: reset crypto attributes for all vcpus
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - s390/zcrypt: remove VLA usage from the AP bus
    - s390/zcrypt: Remove deprecated ioctls.
    - s390/zcrypt: Remove deprecated zcrypt proc interface.
    - s390/zcrypt: Support up to 256 crypto adapters.
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
  * CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs
  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

  [ Ubuntu: 4.15.0-40.43 ]

  * linux: 4.15.0-40.43 -proposed tracker (LP: #1802554)
  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()
  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: don't keep track of MAC address's cast type
    - s390/qeth: consolidate qeth MAC address helpers
    - s390/qeth: avoid using is_multicast_ether_addr_64bits on (u8 *)[6]
    - s390/qeth: remove outdated portname debug msg
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages
  * [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver
    binding (LP: #1799184)
    - s390/zcrypt: code beautify
    - s390/zcrypt: AP bus support for alternate driver(s)
    - s390/zcrypt: hex string mask improvements for apmask and aqmask.
    - s390/zcrypt: remove unused functions and declarations
    - s390/zcrypt: Show load of cards and queues in sysfs
  * [GLK/CLX] Enhanced IBRS (LP: #1786139)
    - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
    - x86/speculation: Support Enhanced IBRS on future CPUs
  * Allow signed kernels to be kexec'ed under lockdown (LP: #1798441)
    - Fix kexec forbidding kernels signed with keys in the secondary keyring to
      boot
  * Overlayfs in user namespace leaks directory content of inaccessible
    directories (LP: #1793458) // CVE-2018-6559
    - SAUCE: overlayfs: ensure mounter privileges when reading directories
  * Update ENA driver to version 2.0.1K (LP: #1798182)
    - net: ena: remove ndo_poll_controller
    - net: ena: fix warning in rmmod caused by double iounmap
    - net: ena: fix rare bug when failed restart/resume is followed by driver
      removal
    - net: ena: fix NULL dereference due to untimely napi initialization
    - net: ena: fix auto casting to boolean
    - net: ena: minor performance improvement
    - net: ena: complete host info to match latest ENA spec
    - net: ena: introduce Low Latency Queues data structures according to ENA spec
    - net: ena: add functions for handling Low Latency Queues in ena_com
    - net: ena: add functions for handling Low Latency Queues in ena_netdev
    - net: ena: use CSUM_CHECKED device indication to report skb's checksum status
    - net: ena: explicit casting and initialization, and clearer error handling
    - net: ena: limit refill Rx threshold to 256 to avoid latency issues
    - net: ena: change rx copybreak default to reduce kernel memory pressure
    - net: ena: remove redundant parameter in ena_com_admin_init()
    - net: ena: update driver version to 2.0.1
    - net: ena: fix indentations in ena_defs for better readability
    - net: ena: Fix Kconfig dependency on X86
    - net: ena: enable Low Latency Queues
    -

1787405 [FEAT] Guest-dedicated Crypto Adapters
1789161 Bypass of mount visibility through userns + mount propagation
1801924 CVE-2018-18955: nested user namespaces with more than five extents incorrectly grant privileges over inode
1797990 kdump fail due to an IRQ storm
1797367 Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
1799184 [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
1786139 [GLK/CLX] Enhanced IBRS
1798441 Allow signed kernels to be kexec'ed under lockdown
1793458 Overlayfs in user namespace leaks directory content of inaccessible directories
1798182 Update ENA driver to version 2.0.1K
1800537 Bionic update: upstream stable patchset 2018-10-29
1799049 [bionic]mlx5: reading SW stats through ifstat cause kernel crash
1799281 [Bionic][Cosmic] ipmi: Fix timer race with module unload
1799276 [Bionic] ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver
1786729 execveat03 in ubuntu_ltp_syscalls failed on X/B
1799794 [Bionic][Cosmic] Fix to ipmi to support vendor specific messages greater than 255 bytes
1784501 libvirtd is unable to configure bridge devices inside of LXD containers
1800849 [Ubuntu] kvm: fix deadlock when killed by oom
1800639 [Ubuntu] net/af_iucv: fix skb leaks for HiperTransport
1801875 Power consumption during s2idle is higher than long idle(sk hynix)
1798552 Enable keyboard wakeup for S2Idle laptops
1801878 NULL pointer dereference at 0000000000000020 when access dst_orig-\u003eops-\u003efamily in function xfrm_lookup_with_ifid()
1801686 [Ubuntu] qdio: reset old sbal_state flags
1802023 hns3: map tx ring to tc
1800641 [Ubuntu] qeth: Fix potential array overrun in cmd/rc lookup
1798165 Vulkan applications cause permanent memory leak with Intel GPU
1792580 Mounting SOFS SMB shares fails
1786013 Packaging resync
CVE-2018-18955 userns: also map extents in the reverse map to kernel IDs
CVE-2018-6559 The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able

Version: *DELETED* 2018-11-14 08:17:02 UTC
No changelog for deleted or moved packages.

Version: 4.15.0-1026.26 2018-10-24 17:06:54 UTC

  linux-kvm (4.15.0-1026.26) bionic; urgency=medium

  * linux-kvm: 4.15.0-1026.26 -proposed tracker (LP: #1799417)

  * Linux: insufficient shootdown for paging-structure caches (LP: #1798897)
    - [Config] CONFIG_HAVE_RCU_TABLE_INVALIDATE=y

  [ Ubuntu: 4.15.0-39.42 ]

  * linux: 4.15.0-39.42 -proposed tracker (LP: #1799411)
  * Linux: insufficient shootdown for paging-structure caches (LP: #1798897)
    - mm: move tlb_table_flush to tlb_flush_mmu_free
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE
    - [Config] CONFIG_HAVE_RCU_TABLE_INVALIDATE=y
  * Ubuntu18.04: GPU total memory is reduced (LP: #1792102)
    - Revert "powerpc/powernv: Increase memory block size to 1GB on radix"
  * arm64: snapdragon: reduce boot noise (LP: #1797154)
    - [Config] arm64: snapdragon: DRM_MSM=m
    - [Config] arm64: snapdragon: SND*=m
    - [Config] arm64: snapdragon: disable ARM_SDE_INTERFACE
    - [Config] arm64: snapdragon: disable DRM_I2C_ADV7511_CEC
    - [Config] arm64: snapdragon: disable VIDEO_ADV7511, VIDEO_COBALT
  * [Bionic] CPPC bug fixes (LP: #1796949)
    - ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id
    - cpufreq: CPPC: Don't set transition_latency
    - ACPI / CPPC: Fix invalid PCC channel status errors
  * regression in 'ip --family bridge neigh' since linux v4.12 (LP: #1796748)
    - rtnetlink: fix rtnl_fdb_dump() for ndmsg header
  * screen displays abnormally on the lenovo M715 with the AMD GPU (Radeon Vega
    8 Mobile, rev ca, 1002:15dd) (LP: #1796786)
    - drm/amd/display: Fix takover from VGA mode
    - drm/amd/display: early return if not in vga mode in disable_vga
    - drm/amd/display: Refine disable VGA
  * arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271
    reserve_memblock_reserved_regions (LP: #1797139)
    - SAUCE: arm64: Fix /proc/iomem for reserved but not memory regions
  * The front MIC can't work on the Lenovo M715 (LP: #1797292)
    - ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
  * Keyboard backlight sysfs sometimes is missing on Dell laptops (LP: #1797304)
    - platform/x86: dell-smbios: Correct some style warnings
    - platform/x86: dell-smbios: Rename dell-smbios source to dell-smbios-base
    - platform/x86: dell-smbios: Link all dell-smbios-* modules together
    - [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y
  * rpi3b+: ethernet not working (LP: #1797406)
    - lan78xx: Don't reset the interface on open
  * 87cdf3148b11 was never backported to 4.15 (LP: #1795653)
    - xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto
  * [Ubuntu18.04][Power9][DD2.2]package installation segfaults inside debian
    chroot env in P9 KVM guest with HTM enabled (kvm) (LP: #1792501)
    - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds
  * Provide mode where all vCPUs on a core must be the same VM (LP: #1792957)
    - KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core must be the same
      VM
  * fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
    - SAUCE: fscache: Fix race in decrementing refcount of op->npages
  * CVE-2018-9363
    - Bluetooth: hidp: buffer overflow in hidp_process_report
  * CVE-2017-13168
    - scsi: sg: mitigate read/write abuse
  * [Bionic] ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID
    is set (LP: #1797200)
    - ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set
  * [Bionic] arm64: topology: Avoid checking numa mask for scheduler MC
    selection (LP: #1797202)
    - arm64: topology: Avoid checking numa mask for scheduler MC selection
  * crypto/vmx - Backport of Fix sleep-in-atomic bugs patch for 18.04
    (LP: #1790832)
    - crypto: vmx - Fix sleep-in-atomic bugs
  * hns3: autoneg settings get lost on down/up (LP: #1797654)
    - net: hns3: Fix for information of phydev lost problem when down/up
  * not able to unwind the stack from within __kernel_clock_gettime in the Linux
    vDSO (LP: #1797963)
    - powerpc/vdso: Correct call frame information
  * Signal 7 error when running GPFS tracing in cluster (LP: #1792195)
    - powerpc/mm/books3s: Add new pte bit to mark pte temporarily invalid.
    - powerpc/mm/radix: Only need the Nest MMU workaround for R -> RW transition
  * Support Edge Gateway's WIFI LED (LP: #1798330)
    - SAUCE: mwifiex: Switch WiFi LED state according to the device status
  * Support Edge Gateway's Bluetooth LED (LP: #1798332)
    - SAUCE: Bluetooth: Support for LED on Edge Gateways
  * USB cardreader (0bda:0328) make the system can't enter s3 or hang
    (LP: #1798328)
    - usb: Don't disable Latency tolerance Messaging (LTM) before port reset
  * CVE-2018-15471
    - xen-netback: fix input validation in xenvif_set_hash_mapping()
  * CVE-2018-16658
    - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
  * [Bionic] Update ThunderX2 implementation defined pmu core events
    (LP: #1796904)
    - perf vendor events arm64: Update ThunderX2 implementation defined pmu core
      events
  * the machine of lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca,
    1002:15dd) often hangs randomly (LP: #1796789)
    - drm/amd: Add missing fields in atom_integrated_system_info_v1_11
  * [18.04] GLK hang after a while (LP: #1760545)
    - drm/i915/glk: Add MODULE_FIRMWARE for Geminilake
  * Fix usbcore.quirks when used at boot (LP: #1795784)
    - usb: core: safely deal with the dynamic quirk lists

 -- Kleber Sacilotto de Souza <email address hidden> Wed, 24 Oct 2018 10:19:31 +0000

1798897 Linux: insufficient shootdown for paging-structure caches
1792102 Ubuntu18.04: GPU total memory is reduced
1797154 arm64: snapdragon: reduce boot noise
1796949 [Bionic] CPPC bug fixes
1796748 regression in 'ip --family bridge neigh' since linux v4.12
1796786 screen displays abnormally on the lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca, 1002:15dd)
1797139 arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271 reserve_memblock_reserved_regions
1797292 The front MIC can't work on the Lenovo M715
1797304 Keyboard backlight sysfs sometimes is missing on Dell laptops
1797406 rpi3b+: ethernet not working
1795653 87cdf3148b11 was never backported to 4.15
1792501 [Ubuntu18.04][Power9][DD2.2]package installation segfaults inside debian chroot env in P9 KVM guest with HTM enabled (kvm)
1792957 Provide mode where all vCPUs on a core must be the same VM
1797314 fscache: bad refcounting in fscache_op_complete leads to OOPS
1797200 [Bionic] ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set
1797202 [Bionic] arm64: topology: Avoid checking numa mask for scheduler MC selection
1790832 crypto/vmx - Backport of Fix sleep-in-atomic bugs patch for 18.04
1797654 hns3: autoneg settings get lost on down/up
1797963 not able to unwind the stack from within __kernel_clock_gettime in the Linux vDSO
1792195 Signal 7 error when running GPFS tracing in cluster
1798330 Support Edge Gateway's WIFI LED
1798332 Support Edge Gateway's Bluetooth LED
1798328 USB cardreader (0bda:0328) make the system can't enter s3 or hang
1796904 [Bionic] Update ThunderX2 implementation defined pmu core events
1796789 the machine of lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca, 1002:15dd) often hangs randomly
1760545 [18.04] GLK hang after a while
1795784 Fix usbcore.quirks when used at boot
CVE-2018-9363 HID: Bluetooth: hidp: buffer overflow in hidp_process_report
CVE-2017-13168 An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
CVE-2018-15471 An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.
CVE-2018-16658 An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by



About   -   Send Feedback to @ubuntu_updates