UbuntuUpdates.org

Package "linux-kvm"

Name: linux-kvm

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1056.57
Release: bionic (18.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "linux-kvm": https://www.ubuntuupdates.org/linux-kvm



Other versions of "linux-kvm" in Bionic

Repository Area Version
base main 4.15.0-1008.8
updates main 4.15.0-1056.57
proposed main 4.15.0-1058.59
PPA: Canonical Kernel Team 4.15.0-1058.59

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1056.57 2020-03-17 12:06:19 UTC

  linux-kvm (4.15.0-1056.57) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1056.57 -proposed tracker (LP: #1865247)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync dkms-build and family
    - [Packaging] resync getabis
    - [Packaging] update helper scripts

  [ Ubuntu: 4.15.0-91.92 ]

  * bionic/linux: 4.15.0-91.92 -proposed tracker (LP: #1865109)
  * CVE-2020-2732
    - KVM: x86: emulate RDPID
    - KVM: nVMX: Don't emulate instructions in guest mode
    - KVM: nVMX: Refactor IO bitmap checks into helper function
    - KVM: nVMX: Check IO instruction VM-exit conditions

  [ Ubuntu: 4.15.0-90.91 ]

  * bionic/linux: 4.15.0-90.91 -proposed tracker (LP: #1864753)
  * dkms artifacts may expire from the pool (LP: #1850958)
    - [Packaging] autoreconstruct -- manage executable debian files
    - [packaging] handle downloads from the librarian better

Source diff to previous version
1786013 Packaging resync
1850958 dkms artifacts may expire from the pool
CVE-2020-2732 kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources

Version: 4.15.0-1053.53 2020-02-18 12:07:03 UTC

  linux-kvm (4.15.0-1053.53) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1053.53 -proposed tracker (LP: #1862811)

  [ Ubuntu: 4.15.0-88.88 ]

  * bionic/linux: 4.15.0-88.88 -proposed tracker (LP: #1862824)
  * Segmentation fault (kernel oops) with memory-hotplug in
    ubuntu_kernel_selftests on Bionic kernel (LP: #1862312)
    - Revert "mm/memory_hotplug: fix online/offline_pages called w.o.
      mem_hotplug_lock"
    - mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock

  [ Ubuntu: 4.15.0-87.87 ]

  * bionic/linux: 4.15.0-87.87 -proposed tracker (LP: #1861165)
  * Bionic update: upstream stable patchset 2020-01-22 (LP: #1860602)
    - scsi: lpfc: Fix discovery failures when target device connectivity bounces
    - scsi: mpt3sas: Fix clear pending bit in ioctl status
    - scsi: lpfc: Fix locking on mailbox command completion
    - Input: atmel_mxt_ts - disable IRQ across suspend
    - iommu/tegra-smmu: Fix page tables in > 4 GiB memory
    - scsi: target: compare full CHAP_A Algorithm strings
    - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
    - scsi: csiostor: Don't enable IRQs too early
    - powerpc/pseries: Mark accumulate_stolen_time() as notrace
    - powerpc/pseries: Don't fail hash page table insert for bolted mapping
    - powerpc/tools: Don't quote $objdump in scripts
    - dma-debug: add a schedule point in debug_dma_dump_mappings()
    - clocksource/drivers/asm9260: Add a check for of_clk_get
    - powerpc/security/book3s64: Report L1TF status in sysfs
    - powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
    - ext4: update direct I/O read lock pattern for IOCB_NOWAIT
    - jbd2: Fix statistics for the number of logged blocks
    - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
    - scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
    - f2fs: fix to update dir's i_pino during cross_rename
    - clk: qcom: Allow constant ratio freq tables for rcg
    - irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
    - irqchip: ingenic: Error out if IRQ domain creation failed
    - fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
    - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
    - scsi: ufs: fix potential bug which ends in system hang
    - powerpc/pseries/cmm: Implement release() function for sysfs device
    - powerpc/security: Fix wrong message when RFI Flush is disable
    - scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
    - clk: pxa: fix one of the pxa RTC clocks
    - bcache: at least try to shrink 1 node in bch_mca_scan()
    - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
    - libnvdimm/btt: fix variable 'rc' set but not used
    - HID: Improve Windows Precision Touchpad detection.
    - scsi: pm80xx: Fix for SATA device discovery
    - scsi: ufs: Fix error handing during hibern8 enter
    - scsi: scsi_debug: num_tgts must be >= 0
    - scsi: NCR5380: Add disconnect_mask module parameter
    - scsi: iscsi: Don't send data to unbound connection
    - scsi: target: iscsi: Wait for all commands to finish before freeing a
      session
    - gpio: mpc8xxx: Don't overwrite default irq_set_type callback
    - apparmor: fix unsigned len comparison with less than zero
    - scripts/kallsyms: fix definitely-lost memory leak
    - cdrom: respect device capabilities during opening action
    - perf script: Fix brstackinsn for AUXTRACE
    - perf regs: Make perf_reg_name() return "unknown" instead of NULL
    - s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR
    - libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
    - s390/cpum_sf: Check for SDBT and SDB consistency
    - ocfs2: fix passing zero to 'PTR_ERR' warning
    - kernel: sysctl: make drop_caches write-only
    - userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK
    - x86/mce: Fix possibly incorrect severity calculation on AMD
    - net, sysctl: Fix compiler warning when only cBPF is present
    - netfilter: nf_queue: enqueue skbs with NULL dst
    - ALSA: hda - Downgrade error message for single-cmd fallback
    - bonding: fix active-backup transition after link failure
    - perf strbuf: Remove redundant va_end() in strbuf_addv()
    - Make filldir[64]() verify the directory entry filename is valid
    - filldir[64]: remove WARN_ON_ONCE() for bad directory entries
    - netfilter: ebtables: compat: reject all padding in matches/watchers
    - 6pack,mkiss: fix possible deadlock
    - netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
    - inetpeer: fix data-race in inet_putpeer / inet_putpeer
    - net: add a READ_ONCE() in skb_peek_tail()
    - net: icmp: fix data-race in cmp_global_allow()
    - hrtimer: Annotate lockless access to timer->state
    - spi: fsl: don't map irq during probe
    - tty/serial: atmel: fix out of range clock divider handling
    - pinctrl: baytrail: Really serialize all register accesses
    - net: ena: fix napi handler misbehavior when the napi budget is zero
    - net/mlxfw: Fix out-of-memory error in mfa2 flash burning
    - ptp: fix the race between the release of ptp_clock and cdev
    - udp: fix integer overflow while computing available space in sk_rcvbuf
    - vhost/vsock: accept only packets with the right dst_cid
    - net: add bool confirm_neigh parameter for dst_ops.update_pmtu
    - gtp: do not confirm neighbor when do pmtu update
    - net/dst: add new function skb_dst_update_pmtu_no_confirm
    - tunnel: do not confirm neighbor when do pmtu update
    - vti: do not confirm neighbor when do pmtu update
    - sit: do not confirm neighbor when do pmtu update
    - gtp: do not allow adding duplicate tid and ms_addr pdp context
    - tcp/dccp: fix possible race __inet_lookup_established()
    - tcp: do not send empty skb from tcp_write_xmit()
    - gtp: fix wrong condition in gtp_genl_dump_pdp()
    - gt

Source diff to previous version
1862312 Segmentation fault (kernel oops) with memory-hotplug in ubuntu_kernel_selftests on Bionic kernel
1860602 Bionic update: upstream stable patchset 2020-01-22
1859712 Bionic update: upstream stable patchset 2020-01-14
1859249 Bionic update: upstream stable patchset 2020-01-10
1856603 fstrim on nvme / AMD CPU fails and produces kernel error messages
1853375 net selftest psock_fanout fails on xenial s390x due to incorrect queue lengths
1858761 Dell AIO can't adjust brightness
1858988 USB key cannot be detected by hotplug on Sunix USB Type-A 3.1 Gen 2 card [1b21:2142]
1860523 Fix misleading error message: Configuring the VNIC characteristics failed
1848739 [linux-azure] Patch to prevent possible data corruption
1857541 [SRU][B/OEM-B/OEM-OSP1/D/E/F] Add LG I2C touchscreen multitouch support
1857496 usb-audio: the mic can't record any sound after resume on Dell Dock WD19
1855409 qede driver causes 100% CPU load
1853990 [roce-1126]RDMA/hns: Fixs hw access invalid dma memory error
1854842 mlx5_core reports hardware checksum error for padded packets on Mellanox NICs
1855999 alsa/hda/realtek: the line-out jack doens't work on a dell AIO
1809704 efivarfs test in ubuntu_kernel_selftest failed on the second run
1857158 Bionic update: upstream stable patchset 2019-12-20
1846148 Realtek ALC256M with DTS Audio Processing internal microphone doesn't work on Redmi Book 14 2019
1825778 False positive test result in run_afpackettests from net in ubuntu_kernel_selftest
1854401 headphone has noise as not mute on dell machines with alc236/256
1855787 Bionic update: upstream stable patchset 2019-12-09
1854975 Bionic update: upstream stable patchset 2019-12-03
1853326 [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
1853485 Bionic kernel panic on Cavium ThunderX CN88XX
1857074 Cavium ThunderX CN88XX crashes on boot
1859522 use-after-free in i915_ppgtt_close
1858815 PAN is broken for execute-only user mappings on ARMv8
1856608 [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
1820063 [Hyper-V] KVP daemon fails to start on first boot of disco VM
1854207 Unrevert \
CVE-2019-5108 An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by trig
CVE-2019-20096 In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff09
CVE-2019-18885 fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_dev
CVE-2019-19082 Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a
CVE-2019-19078 A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to
CVE-2019-19332 KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
CVE-2020-7053 In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm t ...
CVE-2019-14615 Insufficient control flow in certain data structures for some Intel(R) ...

Version: 4.15.0-1052.52 2020-01-07 11:06:55 UTC

  linux-kvm (4.15.0-1052.52) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1052.52 -proposed tracker (LP: #1854805)

  * Bionic update: upstream stable patchset 2019-11-21 (LP: #1853519)
    - kvm: [Config] disable CONFIG_SGL_ALLOC

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - kvm: [Config] disable CONFIG_DIMLIB

  [ Ubuntu: 4.15.0-73.82 ]

  * bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)
  * CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
  * CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor
  * CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
  * Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template
  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling
  * Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2
  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues
  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table
  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy
  * CVE-2019-19083
    - drm/amd/display: memory leak
  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval
  * CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64 (LP: #1825222)
    - [Config] Enable ROCKCHIP support for arm64
  * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash
  * The alsa hda driver is not loaded due to the missing of PCIID for Comet
    Lake-S [8086:a3f0] (LP: #1852070)
    - SAUCE: ALSA: hda: Add Cometlake-S PCI ID
  * Can't adjust brightness on DELL UHD dGPU AIO (LP: #1813877)
    - SAUCE: platform/x86: dell-uart-backlight: add missing status command
    - SAUCE: platform/x86: dell-uart-backlight: load driver by scalar status
    - SAUCE: platform/x86: dell-uart-backlight: add force parameter
    - SAUCE: platform/x86: dell-uart-backlight: add quirk for old platforms
  * Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens
  * Disable unreliable HPET on CFL-H system (LP: #1852216)
    - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake H platforms
  * i40e: Setting VF MAC address causes General Protection Fault (LP: #1852432)
    - i40e: Fix crash caused by stress setting of VF MAC addresses
  * Bionic update: upstream stable patchset 2019-11-27 (LP: #1854216)
    - spi: mediatek: use correct mata->xfer_len when in fifo transfer
    - tee: optee: add missing of_node_put after of_device_is_available
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - idr: Fix idr_get_next race with idr_remove
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
    - mm/memory_hotplug: fix updating the node span
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - fbdev: Ditch fb_edid_add_monspecs
    - net: ovs: fix return type of ndo_start_xmit function
    - net: xen-netback: fix return type of ndo_start_xmit function
    - ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
    - ARM: dts: omap5: enable OTG role for DWC3 controller
    - f2fs: return correct errno in f2fs_gc
    - ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
    - SUNRPC: Fix priority queue fairness
    - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
    - kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
    - arm64/numa: Report correct memblock range for the dummy node
    - ath10k: fix vdev-start timeout on error
    - ata: ahci_brcm: Allow using driver or DSL SoCs
    - ath9k: fix reporting calculated new FFT upper max
    - usb: ga

Source diff to previous version
1853519 Bionic update: upstream stable patchset 2019-11-21
1853180 update ENA driver for DIMLIB dynamic interrupt moderation
1853142 CVE-2019-18660: patches for Ubuntu
1853192 Please add patch fixing RK818 ID detection
1853246 [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current whitelist
1827961 Lenovo dock MAC Address pass through doesn't work in Ubuntu
1852257 s390/dasd: reduce the default queue depth and nr of hardware queues
1853791 External microphone can't work on some dell machines with the codec alc256 or alc236
1853197 Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
1825222 CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64
1852637 backport DIMLIB (lib/dim/) to pre-5.2 kernels
1852070 The alsa hda driver is not loaded due to the missing of PCIID for Comet Lake-S [8086:a3f0]
1851623 Enable framebuffer fonts auto selection for HighDPI screen
1852432 i40e: Setting VF MAC address causes General Protection Fault
1854216 Bionic update: upstream stable patchset 2019-11-27
1853915 Bionic update: upstream stable patchset 2019-11-25
1853208 Bionic update: upstream stable patchset 2019-11-19
1853326 [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
1852723 [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX2 and Kunpeng920
CVE-2019-14901 A heap overflow flaw was found in the Linux kernel, all versions 3.x.x ...
CVE-2019-14896 A heap-based buffer overflow vulnerability was found in the Linux kern ...
CVE-2019-14897 A stack-based buffer overflow was found in the Linux kernel, version k ...
CVE-2019-14895 A heap-based buffer overflow was discovered in the Linux kernel, all v ...
CVE-2019-18660 The Linux kernel through 5.3.13 on powerpc allows Information Exposure ...
CVE-2019-19083 Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a den

Version: 4.15.0-1051.51 2019-12-03 13:07:04 UTC

  linux-kvm (4.15.0-1051.51) bionic; urgency=medium

  * bionic/linux-kvm: 4.15.0-1051.51 -proposed tracker (LP: #1852273)

  [ Ubuntu: 4.15.0-71.80 ]

  * bionic/linux: 4.15.0-71.80 -proposed tracker (LP: #1852289)
  * Bionic update: upstream stable patchset 2019-10-29 (LP: #1850541)
    - panic: ensure preemption is disabled during panic()
    - f2fs: use EINVAL for superblock with invalid magic
    - [Config] updateconfigs for USB_RIO500
    - USB: rio500: Remove Rio 500 kernel driver
    - USB: yurex: Don't retry on unexpected errors
    - USB: yurex: fix NULL-derefs on disconnect
    - USB: usb-skeleton: fix runtime PM after driver unbind
    - USB: usb-skeleton: fix NULL-deref on disconnect
    - xhci: Fix false warning message about wrong bounce buffer write length
    - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
    - xhci: Check all endpoints for LPM timeout
    - usb: xhci: wait for CNR controller not ready bit in xhci resume
    - USB: adutux: fix use-after-free on disconnect
    - USB: adutux: fix NULL-derefs on disconnect
    - USB: adutux: fix use-after-free on release
    - USB: iowarrior: fix use-after-free on disconnect
    - USB: iowarrior: fix use-after-free on release
    - USB: iowarrior: fix use-after-free after driver unbind
    - USB: usblp: fix runtime PM after driver unbind
    - USB: chaoskey: fix use-after-free on release
    - USB: ldusb: fix NULL-derefs on driver unbind
    - serial: uartlite: fix exit path null pointer
    - USB: serial: keyspan: fix NULL-derefs on open() and write()
    - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
    - USB: serial: option: add Telit FN980 compositions
    - USB: serial: option: add support for Cinterion CLS8 devices
    - USB: serial: fix runtime PM after driver unbind
    - USB: usblcd: fix I/O after disconnect
    - USB: microtek: fix info-leak at probe
    - USB: dummy-hcd: fix power budget for SuperSpeed mode
    - usb: renesas_usbhs: gadget: Do not discard queues in
      usb_ep_set_{halt,wedge}()
    - usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
    - USB: legousbtower: fix slab info leak at probe
    - USB: legousbtower: fix deadlock on disconnect
    - USB: legousbtower: fix potential NULL-deref on disconnect
    - USB: legousbtower: fix open after failed reset request
    - USB: legousbtower: fix use-after-free on release
    - staging: vt6655: Fix memory leak in vt6655_probe
    - iio: adc: ad799x: fix probe error handling
    - iio: adc: axp288: Override TS pin bias current for some models
    - iio: light: opt3001: fix mutex unlock race
    - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
    - perf llvm: Don't access out-of-scope array
    - perf inject jit: Fix JIT_CODE_MOVE filename
    - CIFS: Gracefully handle QueryInfo errors during open
    - CIFS: Force revalidate inode when dentry is stale
    - CIFS: Force reval dentry if LOOKUP_REVAL flag is set
    - kernel/sysctl.c: do not override max_threads provided by userspace
    - firmware: google: increment VPD key_len properly
    - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source
    - Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
    - iio: hx711: add delay until DOUT is ready
    - iio: adc: hx711: fix bug in sampling of data
    - btrfs: fix incorrect updating of log root tree
    - NFS: Fix O_DIRECT accounting of number of bytes read/written
    - MIPS: Disable Loongson MMI instructions for kernel build
    - Fix the locking in dcache_readdir() and friends
    - media: stkwebcam: fix runtime PM after driver unbind
    - tracing/hwlat: Report total time spent in all NMIs during the sample
    - tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
    - ftrace: Get a reference counter for the trace_array on filter files
    - tracing: Get trace_array reference for available_tracers files
    - x86/asm: Fix MWAITX C-state hint value
    - iio: adc: stm32-adc: fix a race when using several adcs with dma and irq
    - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
    - btrfs: fix uninitialized ret in ref-verify
    - arm64/sve: Fix wrong free for task->thread.sve_state
    - [Config] updateconfigs for USB_RIO500
  * Bionic update: upstream stable patchset 2019-11-13 (LP: #1852492)
    - zram: fix race between backing_dev_show and backing_dev_store
    - dm snapshot: use mutex instead of rw_semaphore
    - dm snapshot: introduce account_start_copy() and account_end_copy()
    - dm snapshot: rework COW throttling to fix deadlock
    - dm: Use kzalloc for all structs with embedded biosets/mempools
    - f2fs: flush quota blocks after turnning it off
    - scsi: lpfc: Fix a duplicate 0711 log message number.
    - sc16is7xx: Fix for "Unexpected interrupt: 8"
    - powerpc/powernv: hold device_hotplug_lock when calling
      memtrace_offline_pages()
    - HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override
    - x86/cpu: Add Atom Tremont (Jacobsville)
    - HID: i2c-hid: Add Odys Winbook 13 to descriptor override
    - clk: boston: unregister clks on failure in clk_boston_setup()
    - scripts/setlocalversion: Improve -dirty check with git-status --no-optional-
      locks
    - HID: Add ASUS T100CHI keyboard dock battery quirks
    - usb: handle warm-reset port requests on hub resume
    - rtc: pcf8523: set xtal load capacitance from DT
    - mlxsw: spectrum: Set LAG port collector only when active
    - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume
    - media: vimc: Remove unused but set variables
    - exec: load_script: Do not exec truncated interpreter path
    - PCI/PME: Fix possible use-after-free on remove
    - power: supply: max14656: fix potential use-after-free
    - iio: adc: meson_saradc: Fix memory allocation order
    - iio: fix center temperature of bmc150-accel-core
    - libsubcmd: Make _FORTIFY_SOURCE defines dependent o

Source diff to previous version
1850541 Bionic update: upstream stable patchset 2019-10-29
1852492 Bionic update: upstream stable patchset 2019-11-13
1654448 Dell XPS 13 9350/9360 headphone audio hiss
1845810 [XPS 13 9360, Realtek ALC3246, Black Headphone Out, Front] High noise floor
1851506 Add GeminiLake support on Intel int340x thermal device
1851216 System hangs at early boot
1851810 Some EFI systems fail to boot in efi_init() when booted via maas
1850958 dkms artifacts may expire from the pool
1850175 update ENA driver to version 2.1.0
1849871 Skip frame when buffer overflow on UVC camera
1812352 Handle the skip return code in kernel_selftests on Bionic
1851876 Bionic update: upstream stable patchset 2019-11-08
1819968 Colour banding in Lenovo G50-80 laptop display (i915)
1848481 cloudimg: no iavf/i40evf module so no network available with SR-IOV enabled cloud
1850599 [SRU][B/OEM-B/OEM-OSP1/D/E] UBUNTU: SAUCE: add rtl623 codec support and fix mic issues
1850572 AMD Prairie Falcon platform failed to boot up
1843487 UIO: mutex used in interrupt handler causes crash
1851380 root can lift kernel lockdown
1844021 Suspend stopped working from 4.4.0-157 onwards
1849576 Bionic update: upstream stable patchset 2019-10-23
1851709 Ubuntu-5.0.0-33.35 introduces KVM regression with old Intel CPUs and Linux guests
1852141 CVE-2019-0155: incomplete fix for 64-bit x86 kernels
CVE-2019-0155 Insufficient access control in a subsystem for Intel (R) processor gra ...

Version: 4.15.0-1050.50 2019-11-13 02:09:03 UTC

  linux-kvm (4.15.0-1050.50) bionic; urgency=medium

  * CVE-2019-11135
    - [Config] Disable TSX by default when possible

  [ Ubuntu: 4.15.0-69.78 ]

  * KVM NULL pointer deref (LP: #1851205)
    - KVM: nVMX: handle page fault in vmread fix
  * CVE-2018-12207
    - KVM: MMU: drop vcpu param in gpte_access
    - kvm: Convert kvm_lock to a mutex
    - kvm: x86: Do not release the page inside mmu_set_spte()
    - KVM: x86: make FNAME(fetch) and __direct_map more similar
    - KVM: x86: remove now unneeded hugepage gfn adjustment
    - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
    - KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
    - kvm: x86, powerpc: do not allow clearing largepages debugfs entry
    - SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
      active
    - SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
    - SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
    - SAUCE: kvm: Add helper function for creating VM worker threads
    - SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
    - SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
    - SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
  * CVE-2019-11135
    - KVM: x86: use Intel speculation bugs and features as derived in generic x86
      code
    - x86/msr: Add the IA32_TSX_CTRL MSR
    - x86/cpu: Add a helper function x86_read_arch_cap_msr()
    - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
    - x86/speculation/taa: Add mitigation for TSX Async Abort
    - x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
    - x86/tsx: Add "auto" option to the tsx= cmdline parameter
    - x86/speculation/taa: Add documentation for TSX Async Abort
    - x86/tsx: Add config options to set tsx=on|off|auto
    - SAUCE: x86/speculation/taa: Call tsx_init()
    - SAUCE: x86/cpu: Include cpu header from bugs.c
    - [Config] Disable TSX by default when possible
  * CVE-2019-0154
    - SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
    - SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
  * CVE-2019-0155
    - drm/i915/gtt: Add read only pages to gen8_pte_encode
    - drm/i915/gtt: Read-only pages for insert_entries on bdw+
    - drm/i915/gtt: Disable read-only support under GVT
    - drm/i915: Prevent writing into a read-only object via a GGTT mmap
    - drm/i915/cmdparser: Check reg_table_count before derefencing.
    - drm/i915/cmdparser: Do not check past the cmd length.
    - drm/i915: Silence smatch for cmdparser
    - drm/i915: Move engine->needs_cmd_parser to engine->flags
    - SAUCE: drm/i915: Rename gen7 cmdparser tables
    - SAUCE: drm/i915: Disable Secure Batches for gen6+
    - SAUCE: drm/i915: Remove Master tables from cmdparser
    - SAUCE: drm/i915: Add support for mandatory cmdparsing
    - SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
    - SAUCE: drm/i915: Allow parsing of unsized batches
    - SAUCE: drm/i915: Add gen9 BCS cmdparsing
    - SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
    - SAUCE: drm/i915/cmdparser: Add support for backward jumps
    - SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching

  [ Ubuntu: 4.15.0-68.77 ]

  * bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
  * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
    setting (LP: #1849682)
    - Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."

1849682 [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout setting
CVE-2019-11135 TSX Asynchronous Abort
CVE-2018-12207 iTLB Multihit



About   -   Send Feedback to @ubuntu_updates