Package "linux-kvm"

  linux-kvm (4.15.0-1082.84) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1082.84 -proposed tracker (LP: #1907628)

  [ Ubuntu: 4.15.0-129.132 ]

  * bionic/linux: 4.15.0-129.132 -proposed tracker (LP: #1907635)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * Ubuntu 18.04- call trace in kernel buffer when unloading ib_ipoib module
    (LP: #1904848)
    - SAUCE: net/mlx5e: IPoIB, initialize update_stat_work for ipoib devices
  * memory is leaked when tasks are moved to net_prio (LP: #1886859)
    - netprio_cgroup: Fix unlimited memory leak of v2 cgroups
  * s390: dbginfo.sh triggers kernel panic, reading from
    /sys/kernel/mm/page_idle/bitmap (LP: #1904884)
    - mm/page_idle.c: skip offline pages
  * Bionic update: upstream stable patchset 2020-11-23 (LP: #1905333)
    - drm/i915: Break up error capture compression loops with cond_resched()
    - tipc: fix use-after-free in tipc_bcast_get_mode
    - gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
    - gianfar: Account for Tx PTP timestamp in the skb headroom
    - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition
    - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms
    - sfp: Fix error handing in sfp_probe()
    - Blktrace: bail out early if block debugfs is not configured
    - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
    - Fonts: Replace discarded const qualifier
    - ALSA: usb-audio: Add implicit feedback quirk for Qu-16
    - lib/crc32test: remove extra local_irq_disable/enable
    - kthread_worker: prevent queuing delayed work from timer_fn when it is being
      canceled
    - mm: always have io_remap_pfn_range() set pgprot_decrypted()
    - gfs2: Wake up when sd_glock_disposal becomes zero
    - ftrace: Fix recursion check for NMI test
    - ftrace: Handle tracing when switching between context
    - tracing: Fix out of bounds write in get_trace_buf
    - futex: Handle transient "ownerless" rtmutex state correctly
    - ARM: dts: sun4i-a10: fix cpu_alert temperature
    - x86/kexec: Use up-to-dated screen_info copy to fill boot params
    - of: Fix reserved-memory overlap detection
    - blk-cgroup: Fix memleak on error path
    - blk-cgroup: Pre-allocate tree node on blkg_conf_prep
    - scsi: core: Don't start concurrent async scan on same host
    - vsock: use ns_capable_noaudit() on socket create
    - drm/vc4: drv: Add error handding for bind
    - ACPI: NFIT: Fix comparison to '-ENXIO'
    - vt: Disable KD_FONT_OP_COPY
    - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
    - serial: 8250_mtk: Fix uart_get_baud_rate warning
    - serial: txx9: add missing platform_driver_unregister() on error in
      serial_txx9_init
    - USB: serial: cyberjack: fix write-URB completion race
    - USB: serial: option: add Quectel EC200T module support
    - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
    - USB: serial: option: add Telit FN980 composition 0x1055
    - USB: Add NO_LPM quirk for Kingston flash drive
    - usb: mtu3: fix panic in mtu3_gadget_stop()
    - ARC: stack unwinding: avoid indefinite looping
    - Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE"
    - PM: runtime: Resume the device earlier in __device_release_driver()
    - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io()
    - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts
    - btrfs: tree-checker: fix the error message for transid error
    - mm: mempolicy: fix potential pte_unmap_unlock pte error
    - tools: perf: Fix build error in v4.19.y
    - net: dsa: read mac address from DT for slave device
    - arm64: dts: marvell: espressobin: Add ethernet switch aliases
  * Bionic update: upstream stable patchset 2020-11-23 (LP: #1905333) //
    CVE-2019-19770 which shows this issue is not a core debugfs issue, but
    - blktrace: fix debugfs use after free
  * Bionic update: upstream stable patchset 2020-11-18 (LP: #1904791)
    - scripts/setlocalversion: make git describe output more reliable
    - arm64: link with -z norelro regardless of CONFIG_RELOCATABLE
    - gtp: fix an use-before-init in gtp_newlink()
    - ravb: Fix bit fields checking in ravb_hwtstamp_get()
    - tipc: fix memory leak caused by tipc_buf_append()
    - arch/x86/amd/ibs: Fix re-arming IBS Fetch
    - x86/xen: disable Firmware First mode for correctable memory errors
    - fuse: fix page dereference after free
    - p54: avoid accessing the data mapped to streaming DMA
    - mtd: lpddr: Fix bad logic in print_drs_error
    - ata: sata_rcar: Fix DMA boundary mask
    - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
    - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10
      compiled kernels
    - mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
    - futex: Fix incorrect should_fail_futex() handling
    - powerpc/powernv/smp: Fix spurious DBG() warning
    - powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM
    - sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
    - f2fs: add trace exit in exception path
    - f2fs: fix to check segment boundary during SIT page readahead
    - um: change sigio_spinlock to a mutex
    - ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
    - xfs: fix realtime bitmap/summary file truncation when growing rt volume
    - video: fbdev: pvr2fb: initialize variables
    - ath10k: start recovery process when payload length exceeds max htc length
      for sdio
    - ath10k: fix VHT NSS calculation when STBC is enabled
    - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working
      correctly
    - media: videodev2.h: RGB BT2020 and HSV are always full range
    - media: platform: Improve queue set up flow for bug fixing
    - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after
      tSwapSourceStart
    - m

  linux-kvm (4.15.0-1081.83) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1081.83 -proposed tracker (LP: #1907347)

  [ Ubuntu: 4.15.0-128.131 ]

  * bionic/linux: 4.15.0-128.131 -proposed tracker (LP: #1907354)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * raid10: discard leads to corrupted file system (LP: #1907262)
    - Revert "md/raid10: improve discard request for far layout"
    - Revert "md/raid10: improve raid10 discard request"
    - Revert "md/raid10: pull codes that wait for blocked dev into one function"
    - Revert "md/raid10: extend r10bio devs to raid disks"
    - Revert "md: add md_submit_discard_bio() for submitting discard bio"

  [ Ubuntu: 4.15.0-126.129 ]

  * bionic/linux: 4.15.0-126.129 -proposed tracker (LP: #1905305)
  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

 -- Marcelo Henrique Cerri <email address hidden> Wed, 09 Dec 2020 12:08:38 -0300

  linux-kvm (4.15.0-1079.81) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1079.81 -proposed tracker (LP: #1905658)

  * CONFIG options for (ipip, sit) should not be built-in to the KVM kernels
    (LP: #1899832)
    - [config] Set CONFIG_NET_IPIP and CONIG_IPV6_SIT =m

  linux-kvm (4.15.0-1077.79) bionic; urgency=medium

  [ Ubuntu: 4.15.0-120.122 ]

  * CVE-2020-16119
    - SAUCE: dccp: avoid double free of ccid on child socket
  * CVE-2020-16120
    - Revert "UBUNTU: SAUCE: overlayfs: ensure mounter privileges when reading
      directories"
    - ovl: pass correct flags for opening real directory
    - ovl: switch to mounter creds in readdir
    - ovl: verify permissions in ovl_path_open()

  linux-kvm (4.15.0-1075.76) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1075.76 -proposed tracker (LP: #1894690)

  [ Ubuntu: 4.15.0-118.119 ]

  * bionic/linux: 4.15.0-118.119 -proposed tracker (LP: #1894697)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * Introduce the new NVIDIA 450-server and the 450 UDA series (LP: #1887674)
    - [packaging] add signed modules for nvidia 450 and 450-server
  * cgroup refcount is bogus when cgroup_sk_alloc is disabled (LP: #1886860)
    - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
  * CVE-2020-12888
    - vfio/type1: Support faulting PFNMAP vmas
    - vfio-pci: Fault mmaps to enable vma tracking
    - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
  * [Hyper-V] VSS and File Copy daemons intermittently fails to start
    (LP: #1891224)
    - [Packaging] Bind hv_vss_daemon startup to hv_vss device
    - [Packaging] bind hv_fcopy_daemon startup to hv_fcopy device
  * KVM: Fix zero_page reference counter overflow when using KSM on KVM compute
    host (LP: #1837810)
    - KVM: fix overflow of zero page refcount with ksm running
  * Fix false-negative return value for rtnetlink.sh in kselftests/net
    (LP: #1890136)
    - selftests: rtnetlink: correct the final return value for the test
    - selftests: rtnetlink: make kci_test_encap() return sub-test result
  * Bionic update: upstream stable patchset 2020-08-18 (LP: #1892091)
    - USB: serial: qcserial: add EM7305 QDL product ID
    - USB: iowarrior: fix up report size handling for some devices
    - usb: xhci: define IDs for various ASMedia host controllers
    - usb: xhci: Fix ASMedia ASM1142 DMA addressing
    - Revert "ALSA: hda: call runtime_allow() for all hda controllers"
    - ALSA: seq: oss: Serialize ioctls
    - staging: android: ashmem: Fix lockdep warning for write operation
    - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
    - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
    - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
    - omapfb: dss: Fix max fclk divider for omap36xx
    - binder: Prevent context manager from incrementing ref 0
    - vgacon: Fix for missing check in scrollback handling
    - mtd: properly check all write ioctls for permissions
    - leds: wm831x-status: fix use-after-free on unbind
    - leds: da903x: fix use-after-free on unbind
    - leds: lm3533: fix use-after-free on unbind
    - leds: 88pm860x: fix use-after-free on unbind
    - net/9p: validate fds in p9_fd_open
    - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some
      reason
    - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
    - i2c: slave: improve sanity check when registering
    - i2c: slave: add sanity check when unregistering
    - usb: hso: check for return value in hso_serial_common_create()
    - firmware: Fix a reference count leak.
    - cfg80211: check vendor command doit pointer before use
    - igb: reinit_locked() should be called with rtnl_lock
    - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
    - tools lib traceevent: Fix memory leak in process_dynamic_array_len
    - Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
    - xattr: break delegations in {set,remove}xattr
    - ipv4: Silence suspicious RCU usage warning
    - ipv6: fix memory leaks on IPV6_ADDRFORM path
    - net: ethernet: mtk_eth_soc: fix MTU warnings
    - vxlan: Ensure FDB dump is performed under RCU
    - net: lan78xx: replace bogus endpoint lookup
    - hv_netvsc: do not use VF device if link is down
    - net: gre: recompute gre csum for sctp over gre tunnels
    - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
    - Revert "vxlan: fix tos value before xmit"
    - selftests/net: relax cpu affinity requirement in msg_zerocopy test
    - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    - i40e: add num_vectors checker in iwarp handler
    - i40e: Wrong truncation from u16 to u8
    - i40e: Memory leak in i40e_config_iwarp_qvlist
    - Smack: fix use-after-free in smk_write_relabel_self()
  * Bionic update: upstream stable patchset 2020-08-11 (LP: #1891228)
    - AX.25: Fix out-of-bounds read in ax25_connect()
    - AX.25: Prevent out-of-bounds read in ax25_sendmsg()
    - dev: Defer free of skbs in flush_backlog
    - drivers/net/wan/x25_asy: Fix to make it work
    - net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    - net: udp: Fix wrong clean up for IS_UDPLITE macro
    - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    - AX.25: Prevent integer overflows in connect and sendmsg
    - ip6_gre: fix null-ptr-deref in ip6gre_init_net()
    - rtnetlink: Fix memory(net_device) leak when ->newlink fails
    - tcp: allow at most one TLP probe per flight
    - regmap: debugfs: check count when read regmap file
    - qrtr: orphan socket in qrtr_release()
    - sctp: shrink stream outq only when new outcnt < old outcnt
    - sctp: shrink stream outq when fails to do addstream reconf
    - crypto: ccp - Release all allocated memory if sha type is invalid
    - media: rc: prevent memory leak in cx23888_ir_probe
    - iio: imu: adis16400: fix memory leak
    - ath9k_htc: release allocated buffer if timed out
    - ath9k: release allocated buffer if timed out
    - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
    - wireless: Use offsetof instead of custom macro.
    - ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess
      watchpoints
    - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
    - drm: hold gem reference until object is no longer accessed
    - f2fs: check memory boundary by insane namelen
    - f2fs: check if file namelen exceeds max value
    - 9p/trans_fd: abort p9_read_work if req status changed
    - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_canc