UbuntuUpdates.org

Package "linux-aws"

Name: linux-aws

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1102.109
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "linux-aws" in Bionic

Repository Area Version
base main 4.15.0-1007.7
updates main 4.15.0-1102.109
proposed main 4.15.0-1102.109
PPA: Canonical Kernel Team 4.15.0-1103.110

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1102.109 2021-05-11 08:07:04 UTC

  linux-aws (4.15.0-1102.109) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1102.109 -proposed tracker (LP: #1926970)

  [ Ubuntu: 4.15.0-143.147 ]

  * bionic/linux: 4.15.0-143.147 -proposed tracker (LP: #1923811)
  * CVE-2021-29650
    - netfilter: x_tables: Use correct memory barriers.
  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] dkms-build{,--nvidia-N} sync back from LRMv4
  * Security-Fix Xen XSA 371 for Kernel 5.4.0-71 (LP: #1921902) //
    CVE-2021-28688
    - xen-blkback: don't leak persistent grants from xen_blkbk_map()
  * CVE-2021-20292
    - drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
  * CVE-2021-29264
    - gianfar: fix jumbo packets+napi+rx overrun crash
  * CVE-2021-29265
    - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
  * Bcache bypasse writeback on caching device with fragmentation (LP: #1900438)
    - bcache: consider the fragmentation when update the writeback rate
  * Bionic update: upstream stable patchset 2021-03-31 (LP: #1922124)
    - net: usb: qmi_wwan: support ZTE P685M modem
    - scripts: use pkg-config to locate libcrypto
    - scripts: set proper OpenSSL include dir also for sign-file
    - hugetlb: fix update_and_free_page contig page struct assumption
    - drm/virtio: use kvmalloc for large allocations
    - virtio/s390: implement virtio-ccw revision 2 correctly
    - arm64 module: set plt* section addresses to 0x0
    - arm64: Avoid redundant type conversions in xchg() and cmpxchg()
    - arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint
    - arm64: Use correct ll/sc atomic constraints
    - JFS: more checks for invalid superblock
    - media: mceusb: sanity check for prescaler value
    - xfs: Fix assert failure in xfs_setattr_size()
    - smackfs: restrict bytes count in smackfs write functions
    - net: fix up truesize of cloned skb in skb_prepare_for_shift()
    - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing
    - net: bridge: use switchdev for port flags set through sysfs too
    - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/
    - staging: fwserial: Fix error handling in fwserial_create
    - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk
    - vt/consolemap: do font sum unsigned
    - wlcore: Fix command execute failure 19 for wl12xx
    - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
    - ath10k: fix wmi mgmt tx queue full due to race condition
    - x86/build: Treat R_386_PLT32 relocation as R_386_PC32
    - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
    - staging: most: sound: add sanity check for function argument
    - media: uvcvideo: Allow entities with no pads
    - f2fs: handle unallocated section and zone on pinned/atgc
    - parisc: Bump 64-bit IRQ stack size to 64 KB
    - Xen/gnttab: handle p2m update errors on a per-slot basis
    - xen-netback: respect gnttab_map_refs()'s return value
    - zsmalloc: account the number of compacted pages correctly
    - swap: fix swapfile read/write offset
    - media: v4l: ioctl: Fix memory leak in video_usercopy
    - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse
    - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails
    - f2fs: fix to set/clear I_LINKABLE under i_lock
    - btrfs: fix error handling in commit_fs_roots
    - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ
    - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board
    - btrfs: raid56: simplify tracking of Q stripe presence
    - btrfs: fix raid6 qstripe kmap
    - usbip: tools: fix build error for multiple definition
    - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits
    - rsxx: Return -EFAULT if copy_to_user() fails
    - dm table: fix iterate_devices based device capability checks
    - dm table: fix DAX iterate_devices based device capability checks
    - dm table: fix zoned iterate_devices based device capability checks
    - iommu/amd: Fix sleeping in atomic in increase_address_space()
    - mwifiex: pcie: skip cancel_work_sync() on reset failure path
    - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines
    - platform/x86: acer-wmi: Cleanup accelerometer device handling
    - platform/x86: acer-wmi: Add new force_caps module parameter
    - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
    - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
    - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch
      10E SW3-016
    - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
    - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
    - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
    - Revert "zram: close udev startup race condition as default groups"
    - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter
  * Bionic update: upstream stable patchset 2021-03-16 (LP: #1919380)
    - fgraph: Initialize tracing_graph_pause at task creation
    - tracing: Do not count ftrace events in top level enable output
    - tracing: Check length before giving out the filter buffer
    - arm/xen: Don't probe xenbus as part of an early initcall
    - MIPS: BMIPS: Fix section mismatch warning
    - arm64: dts: rockchip: Fix PCIe DT properties on rk3399
    - platform/x86: hp-wmi: Disable tablet-mode reporting by default
    - ovl: perform vfs_getxattr() with mounter creds
    - cap: fix conversions on getxattr
    - ovl: skip getxattr of security labels
    - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
    - ARM: ensure the signal page contains defined contents
    - bpf: Check for integer overflow when using roundup_pow_of_two()
    - netfilter: xt_recent: Fix attempt to update deleted entry
    - xen/netback: avoid race in xenvif_rx_ring_slots_available()
    - netfilter: conntrack: skip

Source diff to previous version
1918134 LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
1921902 Security-Fix Xen XSA 371 for Kernel 5.4.0-71
1900438 Bcache bypasse writeback on caching device with fragmentation
1922124 Bionic update: upstream stable patchset 2021-03-31
1919380 Bionic update: upstream stable patchset 2021-03-16
CVE-2021-29650 An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net
CVE-2021-28688 The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initializa
CVE-2021-20292 RM Memory Management Double Free Privilege Escalation Vulnerability
CVE-2021-29264 An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows
CVE-2021-29265 An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of s

Version: 4.15.0-1101.108 2021-05-03 23:07:18 UTC

  linux-aws (4.15.0-1101.108) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1101.108 -proposed tracker (LP: #1926302)

  * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184)
    - locking/barriers: Introduce smp_cond_load_relaxed() and
      atomic_cond_read_relaxed()
    - locking/qrwlock: Fix ordering in queued_write_lock_slowpath()

 -- Tim Gardner <email address hidden> Tue, 27 Apr 2021 09:12:22 -0600

Source diff to previous version

Version: 4.15.0-1099.106 2021-04-15 22:06:27 UTC

  linux-aws (4.15.0-1099.106) bionic; urgency=medium

  [ Ubuntu: 4.15.0-142.146 ]

  * overlayfs calls vfs_setxattr without cap_convert_nscap
    - vfs: move cap_convert_nscap() call into vfs_setxattr()
  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64

 -- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 13 Apr 2021 10:11:54 -0300

Source diff to previous version
CVE-2021-29154 BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ...

Version: 4.15.0-1098.105 2021-04-13 15:06:37 UTC

  linux-aws (4.15.0-1098.105) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1098.105 -proposed tracker (LP: #1919513)

  * Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
    - [Config] aws: Add CONFIG_DRM_BOCHS=m (enforced)

  * Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
    - [Config] aws: Updateconfigs for USB_BDC_PCI

  * Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
    - [Config] aws: enable CONFIG_MODVERSIONS=y
    - [Packaging] aws: build canonical-certs.pem from branch/arch certs

  * aws: update Xen hibernation patch set (LP: #1913410)
    - Revert "UBUNTU: SAUCE: xen-netfront: prevent unnecessary close on hibernate"
    - Revert "UBUNTU SAUCE [aws]: xen: Only restore the ACPI SCI interrupt in
      xen_restore_pirqs."
    - Revert "UBUNTU SAUCE [aws]: xen: restore pirqs on resume from hibernation."
    - Revert "UBUNTU SAUCE [aws]: block: xen-blkfront: consider new dom0 features
      on restore"
    - Revert "UBUNTU: SAUCE [aws] x86/xen: close event channels for PIRQs in
      system core suspend callback"
    - Revert "UBUNTU: SAUCE [aws] xen/events: add xen_shutdown_pirqs helper
      function"
    - Revert "UBUNTU: SAUCE [aws] x86/xen: save and restore steal clock"
    - Revert "UBUNTU: SAUCE [aws] xen-time-introduce-xen_-save-restore-
      _steal_clock"
    - Revert "UBUNTU: SAUCE [aws] xen-netfront: add callbacks for PM suspend and
      hibernation support"
    - Revert "UBUNTU: SAUCE [aws] x86/xen: add system core suspend and resume
      callbacks"
    - Revert "UBUNTU: SAUCE [aws] x86/xen: Introduce new function to map
      HYPERVISOR_shared_info on Resume"
    - Revert "UBUNTU: SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call
      to negotiate_mq"
    - Revert "UBUNTU: SAUCE: xen-blkfront: resurrect request-based mode"
    - Revert "UBUNTU: SAUCE: xen-blkfront: add callbacks for PM suspend and
      hibernation"
    - Revert "UBUNTU: SAUCE: xenbus: add freeze/thaw/restore callbacks support"
    - Revert "UBUNTU: SAUCE: xen/manage: introduce helper function to know the on-
      going suspend mode"
    - Revert "UBUNTU: SAUCE: xen/manage: keep track of the on-going suspend mode"
    - SAUCE: xen/manage: keep track of the on-going suspend mode
    - SAUCE: xen/manage: introduce helper function to know the on-going suspend
      mode
    - SAUCE: xenbus: add freeze/thaw/restore callbacks support
    - SAUCE: x86/xen: Introduce new function to map HYPERVISOR_shared_info on
      Resume
    - SAUCE: x86/xen: add system core suspend and resume callbacks
    - SAUCE: xen-blkfront: add callbacks for PM suspend and hibernation
    - SAUCE: xen-netfront: add callbacks for PM suspend and hibernation support
    - SAUCE: xen/time: introduce xen_{save,restore}_steal_clock
    - SAUCE: x86/xen: save and restore steal clock
    - SAUCE: xen/events: add xen_shutdown_pirqs helper function
    - SAUCE: x86/xen: close event channels for PIRQs in system core suspend
      callback
    - SAUCE: xen-blkfront: resurrect request-based mode
    - SAUCE: xen-blkfront: add 'persistent_grants' parameter
    - SAUCE: Revert "xen: dont fiddle with event channel masking in
      suspend/resume"
    - SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call to negotiate_mq
    - SAUCE: block: xen-blkfront: consider new dom0 features on restore
    - SAUCE: xen: restore pirqs on resume from hibernation.
    - SAUCE: xen: Only restore the ACPI SCI interrupt in xen_restore_pirqs.
    - SAUCE: xen-netfront: call netif_device_attach on resume
    - SAUCE: xen: Restore xen-pirqs on resume from hibernation
    - SAUCE: xen-blkfront: Delay flush till queue lock dropped
    - SAUCE: drivers/block/xen-blkfront.c: Convert to use
      set_capacity_revalidate_and_notify
    - SAUCE: x86: tsc: avoid system instability in hibernation
    - SAUCE: block/genhd: Notify udev about capacity change
    - SAUCE: drivers/block/virtio_blk.c: Convert to use
      set_capacity_revalidate_and_notify
    - SAUCE: drivers/nvme/host/core.c: Convert to use
      set_capacity_revalidate_and_notify

  * aws: xen-netfront: prevent potential error on hibernate (LP: #1906850)
    - SAUCE: xen-netfront: prevent unnecessary close on hibernate

  [ Ubuntu: 4.15.0-141.145 ]

  * bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)
  * binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
    - [Packaging] quiet (nomially) benign errors in BUILD script
  * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2018-13095
    - xfs: More robust inode extent count validation
  * i40e PF reset due to incorrect MDD event (LP: #1772675)
    - i40e: change behavior on PF in response to MDD event
  * Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
    - ACPI: sysfs: Prefer "compatible" modalias
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
      intel_arch_events[]
    - KVM: x86: get smi pending status correctly
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - xen-blkfront: allow discard-* nodes to be optional
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - netfilter: nft_dynset: add timeout extension

Source diff to previous version
1916290 Enforce CONFIG_DRM_BOCHS=m
1917093 Bionic update: upstream stable patchset 2021-02-26
1898716 Please trust Canonical Livepatch Service kmod signing key
1913410 aws: update Xen hibernation patch set
1906850 aws: xen-netfront: prevent potential error on hibernate
1919315 binary assembly failures with CONFIG_MODVERSIONS present
1920995 selftests: bpf verifier fails after sanitize_ptr_alu fixes
1786013 Packaging resync
1772675 i40e PF reset due to incorrect MDD event
1918330 Bionic update: upstream stable patchset 2021-03-09
1917918 SRU: Add FUA support for XFS
1917138 Bionic kernel 4.15.0-136 causes dosemu2 (with kvm mode) freezes due to lack of KVM patch
1917034 switch LRM to be signed using the Ubuntu Drivers signing key
CVE-2018-13095 An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occu
CVE-2021-3348 nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attacke

Version: 4.15.0-1097.104 2021-03-25 11:06:17 UTC

  linux-aws (4.15.0-1097.104) bionic; urgency=medium

  * bionic/linux-aws: 4.15.0-1097.104 -proposed tracker (LP: #1920146)

  [ Ubuntu: 4.15.0-140.144 ]

  * bionic/linux: 4.15.0-140.144 -proposed tracker (LP: #1920169)
  * CVE-2020-27170
    - bpf: Fix off-by-one for area size in creating mask to left
  * CVE-2020-27171
    - bpf: Prohibit alu ops for pointer types not defining ptr_limit

 -- Juerg Haefliger <email address hidden> Fri, 19 Mar 2021 16:43:25 +0100

CVE-2020-27170 An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...
CVE-2020-27171 An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...



About   -   Send Feedback to @ubuntu_updates