Package "linux-kvm"

  linux-kvm (4.15.0-1103.105) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1103.105 -proposed tracker (LP: #1949866)

  [ Ubuntu: 4.15.0-163.171 ]

  * bionic/linux: 4.15.0-163.171 -proposed tracker (LP: #1949874)
  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.08)
  * Unable to build net/reuseport_bpf and other tests in ubuntu_kernel_selftests
    on Bionic with make command (LP: #1949889)
    - selftests: Fix loss of test output in run_kselftests.sh
    - selftests: Makefile set KSFT_TAP_LEVEL to prevent nested TAP headers
    - selftests: fix headers_install circular dependency
    - selftests: fix bpf build/test workflow regression when KBUILD_OUTPUT is set
    - selftests: vm: Fix test build failure when built by itself
  * KVM emulation failure when booting into VM crash kernel with multiple CPUs
    (LP: #1948862)
    - KVM: x86: Properly reset MMU context at vCPU RESET/INIT
  * aufs: kernel bug with apparmor and fuseblk (LP: #1948470)
    - SAUCE: aufs: bugfix, stop omitting path->mnt
  * ebpf: bpf_redirect fails with ip6 gre interfaces (LP: #1947164)
    - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()
  * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516)
    - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc
  * ACL updates on OCFS2 are not revalidated (LP: #1947161)
    - ocfs2: fix remounting needed after setfacl command
  * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351)
    - powerpc/bpf: Fix BPF_MOD when imm == 1
  * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in
    cachefiles_read_backing_file while vmscan is active" (LP: #1947709)
    - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in
      cachefiles_read_backing_file while vmscan is active"
    - cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is
      active
  * Some test in ubuntu_bpf test_verifier failed on i386 Bionic kernel
    (LP: #1788578)
    - bpf: fix context access in tracing progs on 32 bit archs
  * test_bpf.sh from ubuntu_kernel_selftests.net from linux ADT test failure
    with linux/4.15.0-149.153 i386 (Segmentation fault) (LP: #1934414)
    - selftests/bpf: make test_verifier run most programs
    - bpf: add couple of test cases for div/mod by zero
    - bpf: add further test cases around div/mod and others
  * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512)
    - usb: gadget: r8a66597: fix a loop in set_feature()
    - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned()
    - cifs: fix incorrect check for null pointer in header_assemble
    - xen/x86: fix PV trap handling on secondary processors
    - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
    - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
    - staging: greybus: uart: fix tty use after free
    - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk
    - USB: serial: mos7840: remove duplicated 0xac24 device ID
    - USB: serial: option: add Telit LN920 compositions
    - USB: serial: option: remove duplicate USB device ID
    - USB: serial: option: add device id for Foxconn T99W265
    - mcb: fix error handling in mcb_alloc_bus()
    - serial: mvebu-uart: fix driver's tx_empty callback
    - net: hso: fix muxed tty registration
    - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
    - net/mlx4_en: Don't allow aRFS for encapsulated packets
    - scsi: iscsi: Adjust iface sysfs attr detection
    - thermal/core: Potential buffer overflow in thermal_build_list_of_policies()
    - irqchip/gic-v3-its: Fix potential VPE leak on error
    - md: fix a lock order reversal in md_alloc
    - blktrace: Fix uaf in blk_trace access after removing by sysfs
    - net: macb: fix use after free on rmmod
    - net: stmmac: allow CSR clock of 300MHz
    - m68k: Double cast io functions to unsigned long
    - xen/balloon: use a kernel thread instead a workqueue
    - compiler.h: Introduce absolute_pointer macro
    - net: i825xx: Use absolute_pointer for memcpy from fixed memory location
    - sparc: avoid stringop-overread errors
    - qnx4: avoid stringop-overread errors
    - parisc: Use absolute_pointer() to define PAGE0
    - arm64: Mark __stack_chk_guard as __ro_after_init
    - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile
    - net: 6pack: Fix tx timeout and slot time
    - spi: Fix tegra20 build with CONFIG_PM=n
    - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space
    - PCI: aardvark: Fix checking for PIO Non-posted Request
    - PCI: aardvark: Fix checking for PIO status
    - xen/balloon: fix balloon kthread freezing
    - qnx4: work around gcc false positive warning bug
    - tty: Fix out-of-bound vmalloc access in imageblit
    - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
    - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
    - mac80211: fix use-after-free in CCMP/GCMP RX
    - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
    - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
    - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
    - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
    - hwmon: (tmp421) fix rounding for negative values
    - e100: fix length calculation in e100_get_regs_len
    - e100: fix buffer overrun in e100_get_regs
    - scsi: csiostor: Add module softdep on cxgb4
    - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
    - ipack: ipoctal: fix stack information leak
    - ipack: ipoctal: fix tty registration race
    - ipack: ipoctal: fix tty-registration error handling
    - ipack: ipoctal: fix missing allocation-failure check
    - ipack: ipoctal: fix module reference leak
    - ext4: fix potential infinite loop in ext4_dx_readdir()
    - net: udp: annotate data race around udp_sk(sk)->corkfl

  linux-kvm (4.15.0-1102.104) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1102.104 -proposed tracker (LP: #1947285)

  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md

  [ Ubuntu: 4.15.0-162.170 ]

  * bionic/linux: 4.15.0-162.170 -proposed tracker (LP: #1947293)
  * Add final-checks to check certificates (LP: #1947174)
    - [Packaging] Add system trusted and revocation keys final check
  * CVE-2020-36385
    - RDMA/cma: Add missing locking to rdma_accept()
    - RDMA/ucma: Fix the locking of ctx->file
    - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
  * CVE-2021-28950
    - fuse: fix live lock in fuse_iget()
  * CVE-2020-36322
    - fuse: fix bad inode
  * Bionic update: upstream stable patchset 2021-10-13 (LP: #1947011)
    - rcu: Fix missed wakeup of exp_wq waiters
    - apparmor: remove duplicate macro list_entry_is_head()
    - crypto: talitos - fix max key size for sha384 and sha512
    - sctp: validate chunk size in __rcv_asconf_lookup
    - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
    - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
    - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
    - 9p/trans_virtio: Remove sysfs file on probe failure
    - prctl: allow to setup brk for et_dyn executables
    - profiling: fix shift-out-of-bounds bugs
    - pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was
      registered
    - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH
    - parisc: Move pci_dev_is_behind_card_dino to where it is used
    - dmaengine: ioat: depends on !UML
    - dmaengine: xilinx_dma: Set DMA mask for coherent APIs
    - ceph: lockdep annotations for try_nonblocking_invalidate
    - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
    - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
    - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
    - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
    - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
    - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
    - pwm: rockchip: Don't modify HW state in .remove() callback
    - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
    - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
    - nilfs2: use refcount_dec_and_lock() to fix potential UAF
    - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
  * Invalid backport to v4.15: missing pgtable_l5_enabled (LP: #1946464)
    - SAUCE: Revert "x86/mm: Don't free P4D table when it is folded at runtime"
  * CVE-2021-38199
    - NFSv4: Initialise connection to the server in nfs4_alloc_client()
  * CVE-2019-19449
    - f2fs: fix wrong total_sections check and fsmeta check
    - f2fs: fix to do sanity check on segment/section count
  * vrf: fix refcnt leak with vxlan slaves (LP: #1945180)
    - ipv4: Fix device used for dst_alloc with local routes
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
    - [Packaging] Add fips-checks as part of finalchecks
  * CVE-2021-3759
    - memcg: enable accounting of ipc resources
  * Bionic update: upstream stable patchset 2021-09-27 (LP: #1945224)
    - ARC: Fix CONFIG_STACKDEPOT
    - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
      and TX error counters
    - Revert "USB: serial: ch341: fix character loss at high transfer rates"
    - USB: serial: option: add new VID/PID to support Fibocom FG150
    - usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
    - usb: dwc3: gadget: Stop EP0 transfers during pullup disable
    - IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
    - e1000e: Fix the max snoop/no-snoop latency for 10M
    - ip_gre: add validation for csum_start
    - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()'
    - net: marvell: fix MVNETA_TX_IN_PRGRS bit number
    - usb: gadget: u_audio: fix race condition on endpoint stop
    - opp: remove WARN when no valid OPPs remain
    - virtio: Improve vq->broken access to avoid any compiler optimization
    - vringh: Use wiov->used to check for read/write desc order
    - drm: Copy drm_wait_vblank to user before returning
    - drm/nouveau/disp: power down unused DP links during init
    - net/rds: dma_map_sg is entitled to merge entries
    - vt_kdsetmode: extend console locking
    - fbmem: add margin check to fb_check_caps()
    - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
    - Revert "floppy: reintroduce O_NDELAY fix"
    - net: qrtr: fix another OOB Read in qrtr_endpoint_post
    - net: hns3: fix get wrong pfc_en when query PFC configuration
    - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
    - qed: Fix the VF msix vectors flow
    - net: macb: Add a NULL check on desc_ptp
    - qede: Fix memset corruption
    - perf/x86/intel/pt: Fix mask of num_address_ranges
    - perf/x86/amd/ibs: Work around erratum #1197
    - cryptoloop: add a deprecation warning
    - ARM: 8918/2: only build return_address() if needed
    - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
    - clk: fix build warning for orphan_list
    - media: stkwebcam: fix memory leak in stk_camera_probe
    - igmp: Add ip_mc_list lock in ip_check_mc_rcu
    - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
    - f2fs: fix potential overflow
    - ath10k: fix recent bandwidth conversion bug
    - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing
      table (v2)
    - crypto: talitos - reduce max key size for SEC1
    - powerpc/module64: Fix comment in R_PPC64_ENTRY handling
    - powerpc/boot: Delete unneeded .globl _zimage_start
    - net: ll_temac: Remove left-over debug message
    - mm/page_alloc: speed up the iteration of max_order
    - Revert "btrfs: compression: don't try to compress if we

  linux-kvm (4.15.0-1101.103) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1101.103 -proposed tracker (LP: #1944925)

  [ Ubuntu: 4.15.0-160.168 ]

  * bionic/linux: 4.15.0-160.168 -proposed tracker (LP: #1944933)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.27)
  * ext4 journal recovery fails w/ data=journal + mmap (LP: #1847340)
    - jbd2: introduce/export functions
      jbd2_journal_submit|finish_inode_data_buffers()
    - jbd2, ext4, ocfs2: introduce/use journal callbacks
      j_submit|finish_inode_data_buffers()
    - ext4: data=journal: fixes for ext4_page_mkwrite()
    - ext4: data=journal: write-protect pages on j_submit_inode_data_buffers()
    - ext4: fix mmap write protection for data=journal mode
  * CVE-2021-40490
    - ext4: fix race writing to an inline_data file while its xattrs are changing
  * Bionic update: upstream stable patchset 2021-09-22 (LP: #1944600)
    - iio: humidity: hdc100x: Add margin to the conversion time
    - iio: adc: Fix incorrect exit of for-loop
    - ASoC: intel: atom: Fix reference to PCM buffer address
    - i2c: dev: zero out array used for i2c reads from userspace
    - ACPI: NFIT: Fix support for virtual SPA ranges
    - ASoC: cs42l42: Correct definition of ADC Volume control
    - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
    - ASoC: cs42l42: Fix inversion of ADC Notch Switch control
    - ASoC: cs42l42: Remove duplicate control for WNF filter frequency
    - net: dsa: mt7530: add the missing RxUnicast MIB counter
    - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
    - psample: Add a fwd declaration for skbuff
    - net: Fix memory leak in ieee802154_raw_deliver
    - net: bridge: fix memleak in br_add_if()
    - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
      packets
    - xen/events: Fix race in set_evtchn_to_irq
    - vsock/virtio: avoid potential deadlock when vsock device remove
    - powerpc/kprobes: Fix kprobe Oops happens in booke
    - x86/tools: Fix objdump version check again
    - x86/resctrl: Fix default monitoring groups reporting
    - PCI/MSI: Enable and mask MSI-X early
    - PCI/MSI: Do not set invalid bits in MSI mask
    - PCI/MSI: Correct misleading comments
    - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
    - PCI/MSI: Protect msi_desc::masked for multi-MSI
    - PCI/MSI: Mask all unused MSI-X entries
    - PCI/MSI: Enforce that MSI-X table entry is masked for update
    - PCI/MSI: Enforce MSI[X] entry updates to be visible
    - vmlinux.lds.h: Handle clang's module.{c,d}tor sections
    - mac80211: drop data frames without key on encrypted links
    - x86/fpu: Make init_fpstate correct with optimized XSAVE
    - ath: Use safer key clearing with key cache entries
    - ath9k: Clear key cache explicitly on disabling hardware
    - ath: Export ath_hw_keysetmac()
    - ath: Modify ath_key_delete() to not need full key entry
    - ath9k: Postpone key cache entry deletion for TXQ frames reference it
    - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
    - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218
    - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not
      yet available
    - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
    - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
    - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
    - ARM: dts: nomadik: Fix up interrupt controller node names
    - net: usb: lan78xx: don't modify phy_device state concurrently
    - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
    - dccp: add do-while-0 stubs for dccp_pr_debug macros
    - vhost: Fix the calculation in vhost_overflow()
    - bnxt: don't lock the tx queue from napi poll
    - net: 6pack: fix slab-out-of-bounds in decode_data
    - ptp_pch: Restore dependency on PCI
    - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
    - net: mdio-mux: Don't ignore memory allocation errors
    - net: mdio-mux: Handle -EPROBE_DEFER correctly
    - mmc: dw_mmc: Fix hang on data CRC error
    - ALSA: hda - fix the 'Capture Switch' value change notifications
    - ipack: tpci200: fix many double free issues in tpci200_pci_probe
    - btrfs: prevent rename2 from exchanging a subvol with a directory from
      different parents
    - ASoC: intel: atom: Fix breakage for PCM buffer address setup
    - locks: print a warning when mount fails due to lack of "mand" support
    - fs: warn about impending deprecation of mandatory locks
    - netfilter: nft_exthdr: fix endianness of tcp option cast
    - KVM: X86: MMU: Use the correct inherited permissions to get shadow page
    - ASoC: cs42l42: Fix LRCLK frame start edge
    - net: igmp: fix data-race in igmp_ifc_timer_expire()
    - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
    - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
    - x86/msi: Force affinity setup before startup
    - x86/ioapic: Force affinity setup before startup
    - genirq/msi: Ensure deactivation on teardown

  [ Ubuntu: 4.15.0-158.166 ]

  * s390x BPF JIT vulnerabilities (LP: #1943960)
    - SAUCE: s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant
    - SAUCE: s390/bpf: Fix optimizing out zero-extensions

 -- Stefan Bader <email address hidden> Wed, 29 Sep 2021 15:21:16 +0200

  linux-kvm (4.15.0-1100.102) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1100.102 -proposed tracker (LP: #1942580)

  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - [Config] kvm: updateconfigs for UNIX_SCM

  * dbgsym contains no debug symbols (LP: #1935855)
    - [config] kvm: CONFIG_DEBUG_INFO=y

  [ Ubuntu: 4.15.0-157.164 ]

  * bionic/linux: 4.15.0-157.164 -proposed tracker (LP: #1942588)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)
  * dell300x: rsi wifi and bluetooth crash after suspend and resume
    (LP: #1940488)
    - Revert "rsi: Use resume_noirq for SDIO"
  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Packaging] switch to kernel-versions
  * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
    (LP: #1932966)
    - kvm: Add emulation for movups/movupd
  * memory leaking when removing a profile (LP: #1939915)
    - security/apparmor/label.c: Clean code by removing redundant instructions
    - apparmor: Fix memory leak of profile proxy
  * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
    dump_page() (LP: #1941829)
    - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
      hot-remove error test
  * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
    - btrfs: mark compressed range uptodate only if all bio succeed
    - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
    - r8152: Fix potential PM refcount imbalance
    - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
    - net: Fix zero-copy head len calculation.
    - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
      cancelled"
    - KVM: do not allow mapping valid but non-reference-counted pages
    - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
    - spi: mediatek: Fix fifo transfer
    - padata: validate cpumask without removed CPU during offline
    - Revert "ACPICA: Fix memory leak caused by _CID repair function"
    - ALSA: seq: Fix racy deletion of subscriber
    - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
    - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
      regulator
    - scsi: sr: Return correct event when media event code is 3
    - media: videobuf2-core: dequeue if start_streaming fails
    - net: natsemi: Fix missing pci_disable_device() in probe and remove
    - nfp: update ethtool reporting of pauseframe control
    - mips: Fix non-POSIX regexp
    - bnx2x: fix an error code in bnx2x_nic_load()
    - net: pegasus: fix uninit-value in get_interrupt_interval
    - net: fec: fix use-after-free in fec_drv_remove
    - net: vxge: fix use-after-free in vxge_device_unregister
    - Bluetooth: defer cleanup of resources in hci_unregister_dev()
    - USB: usbtmc: Fix RCU stall warning
    - USB: serial: option: add Telit FD980 composition 0x1056
    - USB: serial: ch341: fix character loss at high transfer rates
    - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
    - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
    - usb: gadget: f_hid: fixed NULL pointer dereference
    - usb: gadget: f_hid: idle uses the highest byte for duration
    - usb: otg-fsm: Fix hrtimer list corruption
    - scripts/tracing: fix the bug that can't parse raw_trace_func
    - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
    - media: rtl28xxu: fix zero-length control request
    - pipe: increase minimum default pipe size to 2 pages
    - ext4: fix potential htree corruption when growing large_dir directories
    - serial: 8250: Mask out floating 16/32-bit bus bits
    - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
    - pcmcia: i82092: fix a null pointer dereference bug
    - spi: meson-spicc: fix memory leak in meson_spicc_remove
    - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
    - qmi_wwan: add network device usage statistics for qmimux devices
    - libata: fix ata_pio_sector for CONFIG_HIGHMEM
    - reiserfs: add check for root_inode in reiserfs_fill_super
    - reiserfs: check directory items on read from disk
    - alpha: Send stop IPI to send to online CPUs
    - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
      ql_adapter_reset
    - USB:ehci:fix Kunpeng920 ehci hardware problem
    - ppp: Fix generating ppp unit id when ifname is not specified
    - ovl: prevent private clone if bind mount is not allowed
    - net: xilinx_emaclite: Do not print real IOMEM pointer
    - KVM: x86: accept userspace interrupt only if no event is injected
    - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
    - KVM: x86: determine if an exception has an error code only when injecting
      it.
    - net: split out functions related to registering inflight socket files
    - [Config] updateconfigs for UNIX_SCM
    - af_unix: fix garbage collect vs MSG_PEEK
    - net/802/mrp: fix memleak in mrp_request_join()
    - net/802/garp: fix memleak in garp_request_join()
    - net: annotate data race around sk_ll_usec
    - sctp: move 198 addresses from unusable to private scope
    - hfs: add missing clean-up in hfs_fill_super
    - hfs: fix high memory mapping in hfs_bnode_read
    - hfs: add lock nesting notation to hfs_find_init
    - ARM: dts: versatile: Fix up interrupt controller node names
    - virtio_net: Do not pull payload in skb->head
    - gro: ensure frag0 meets IP header alignment
    - x86/kvm: fix vcpu-id indexed array sizes
    - ocfs2: fix zero out valid data
    - ocfs2: issue zeroout to EOF blocks
    - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
    - can: mcba_usb_start(): add missing urb->transfer_dma

  linux-kvm (4.15.0-1099.101) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1099.101 -proposed tracker (LP: #1939825)

  [ Ubuntu: 4.15.0-156.163 ]

  * bionic/linux: 4.15.0-156.163 -proposed tracker (LP: #1940162)
  * linux (LP: #1940564)
    - SAUCE: Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue"
  * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653
    - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
      (CVE-2021-3653)
  * fails to launch linux L2 guests on AMD (LP: #1940134)
    - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits
      from L2 in int_ctl"

  [ Ubuntu: 4.15.0-155.162 ]

  * bionic/linux: 4.15.0-155.162 -proposed tracker (LP: #1939833)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.08.16)
  * CVE-2021-3656
    - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
  * CVE-2021-3653
    - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
  * dev_forward_skb: do not scrub skb mark within the same name space
    (LP: #1935040)
    - dev_forward_skb: do not scrub skb mark within the same name space
  * 'ptrace trace' needed to readlink() /proc/*/ns/* files on older kernels
    (LP: #1890848)
    - apparmor: fix ptrace read check
  * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824)
    - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
    - media: dvb-usb: fix wrong definition
    - Input: usbtouchscreen - fix control-request directions
    - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
    - usb: gadget: eem: fix echo command packet response issue
    - USB: cdc-acm: blacklist Heimann USB Appset device
    - ntfs: fix validity check for file name attribute
    - iov_iter_fault_in_readable() should do nothing in xarray case
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
    - ARM: dts: at91: sama5d4: fix pinctrl muxing
    - btrfs: send: fix invalid path for unlink operations after parent
      orphanization
    - btrfs: clear defrag status of a root if starting transaction fails
    - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
      transaction handle
    - ext4: fix kernel infoleak via ext4_extent_header
    - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    - ext4: remove check for zero nr_to_scan in ext4_es_scan()
    - ext4: fix avefreec in find_group_orlov
    - ext4: use ext4_grp_locked_error in mb_find_extent
    - can: gw: synchronize rcu operations before removing gw job entry
    - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in
      TX path
    - SUNRPC: Fix the batch tasks count wraparound.
    - SUNRPC: Should wake up the privileged task firstly.
    - s390/cio: dont call css_wait_for_slow_path() inside a lock
    - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
    - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA
      as volatile, too
    - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
    - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
    - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
    - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
    - serial_cs: remove wrong GLOBETROTTER.cis entry
    - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
    - ssb: sdio: Don't overwrite const buffer if block_write fails
    - rsi: Assign beacon rate settings to the correct rate_info descriptor field
    - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
    - fuse: check connected before queueing on fpq->io
    - spi: Make of_register_spi_device also set the fwnode
    - spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
    - spi: spi-topcliff-pch: Fix potential double free in
      pch_spi_process_messages()
    - spi: omap-100k: Fix the length judgment problem
    - crypto: nx - add missing MODULE_DEVICE_TABLE
    - media: cpia2: fix memory leak in cpia2_usb_probe
    - media: cobalt: fix race condition in setting HPD
    - media: pvrusb2: fix warning in pvr2_i2c_core_done
    - crypto: qat - check return code of qat_hal_rd_rel_reg()
    - crypto: qat - remove unused macro in FW loader
    - media: em28xx: Fix possible memory leak of em28xx struct
    - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
    - media: bt8xx: Fix a missing check bug in bt878_probe
    - media: st-hva: Fix potential NULL pointer dereferences
    - media: dvd_usb: memory leak in cinergyt2_fe_attach
    - mmc: via-sdmmc: add a check against NULL pointer dereference
    - crypto: shash - avoid comparing pointers to exported functions under CFI
    - media: dvb_net: avoid speculation from net slot
    - media: siano: fix device register error path
    - btrfs: fix error handling in __btrfs_update_delayed_inode
    - btrfs: abort transaction if we fail to update the delayed inode
    - btrfs: disable build on platforms having page size 256K
    - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
    - HID: do not use down_interruptible() when unbinding devices
    - ACPI: processor idle: Fix up C-state latency if not ordered
    - hv_utils: Fix passing zero to 'PTR_ERR' warning
    - lib: vsprintf: Fix handling of number field widths in vsscanf
    - ACPI: EC: Make more Asus laptops use ECDT _GPE
    - block_dump: remove block_dump feature in mark_inode_dirty()
    - fs: dlm: cancel work sync othercon
    - random32: Fix implicit truncation warning in prandom_seed_state()
    - fs: dlm: fix memory leak when fenced
    - ACPICA: Fix memory leak caused by _CID repair function
    - ACPI: bus: Call kobject_put() in acpi_init() error path
    - platform/x86: toshiba_acpi: Fix missing error code in
      toshiba_acpi_setup_keyboard()
    - ACPI: tables: Add custom DSDT file as makefile prerequisite