UbuntuUpdates.org

Package "linux-azure"

Name: linux-azure

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 5.0.0-1014.14~18.04.1
Release: bionic (18.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "linux-azure": https://www.ubuntuupdates.org/linux-azure



Other versions of "linux-azure" in Bionic

Repository Area Version
base main 4.15.0-1009.9
security main 5.0.0-1014.14~18.04.1
proposed main 5.0.0-1016.17~18.04.1
PPA: Canonical Kernel Team 5.0.0-1017.18~18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.0.0-1014.14~18.04.1 2019-08-13 16:06:29 UTC

  linux-azure (5.0.0-1014.14~18.04.1) bionic; urgency=medium

  * zfs/spl build in conjunction with the kernel from DKMS source (LP: #1807378)
    - [Packaging] azure-bionic: Add dkms build dependencies

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update update.conf

  [ Ubuntu: 5.0.0-1014.14 ]

  * hibmc-drm Causes Unreadable Display for Huawei amd64 Servers (LP: #1762940)
    - [Config] Unset CONFIG_DRM_HISI_HIBMC
  * Make possible to load Mellanox OFED modules (LP: #1837397)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m
  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
  * disco/linux: 5.0.0-24.25 -proposed tracker (LP: #1838395)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * hibmc-drm Causes Unreadable Display for Huawei amd64 Servers (LP: #1762940)
    - [Config] Set CONFIG_DRM_HISI_HIBMC to arm64 only
    - SAUCE: Make CONFIG_DRM_HISI_HIBMC depend on ARM64
  * [18.04 FEAT] zKVM: Add hardware CPU Model - kernel part (LP: #1836153)
    - KVM: s390: add debug logging for cpu model subfunctions
    - KVM: s390: implement subfunction processor calls
    - KVM: s390: add vector enhancements facility 2 to cpumodel
    - KVM: s390: add vector BCD enhancements facility to cpumodel
    - KVM: s390: add MSA9 to cpumodel
    - KVM: s390: provide query function for instructions returning 32 byte
    - KVM: s390: add enhanced sort facilty to cpu model
    - KVM: s390: add deflate conversion facilty to cpu model
    - KVM: s390: enable MSA9 keywrapping functions depending on cpu model
  * bcache: risk of data loss on I/O errors in backing or caching devices
    (LP: #1829563)
    - Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()"
  * Intel ethernet I219 has slow RX speed (LP: #1836152)
    - SAUCE: e1000e: add workaround for possible stalled packet
    - SAUCE: e1000e: disable force K1-off feature
  * Intel ethernet I219 may wrongly detect connection speed as 10Mbps
    (LP: #1836177)
    - SAUCE: e1000e: Make watchdog use delayed work
  * Unhide Nvidia HDA audio controller (LP: #1836308)
    - PCI: Enable NVIDIA HDA controllers
  * Enable Armada SOCs and MVPP2 NIC driver for disco/generic arm64
    (LP: #1835054)
    - [Config] Enable Armada SOCs and MVPP2 NIC driver for disco/generic arm64
  * ixgbe{vf} - Physical Function gets IRQ when VF checks link state
    (LP: #1836760)
    - ixgbevf: Use cached link state instead of re-reading the value for ethtool
  * Two crashes on raid0 error path (during a member device removal)
    (LP: #1836806)
    - block: Fix a NULL pointer dereference in generic_make_request()
    - md/raid0: Do not bypass blocking queue entered for raid0 bios
  * CVE-2019-13233
    - x86/insn-eval: Fix use-after-free access to LDT entry
  * cifs set_oplock buffer overflow in strcat (LP: #1824981)
    - cifs: fix strcat buffer overflow and reduce raciness in
      smb21_set_oplock_level()
  * CVE-2019-13272
    - ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
  * hda/realtek: can't detect external mic on a Dell machine (LP: #1836755)
    - ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
  * CVE-2019-12614
    - powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property()
  * bnx2x driver causes 100% CPU load (LP: #1832082)
    - bnx2x: Prevent ptp_task to be rescheduled indefinitely
  * Sometimes touchpad detected as mouse(i2c designware fails to get adapter
    number) (LP: #1835150)
    - i2c: i2c-designware-platdrv: Cleanup setting of the adapter number
    - i2c: i2c-designware-platdrv: Always use a dynamic adapter number
  * Disco update: 5.0.18 upstream stable release (LP: #1836614)
    - locking/rwsem: Prevent decrement of reader count before increment
    - x86/speculation/mds: Revert CPU buffer clear on double fault exit
    - x86/speculation/mds: Improve CPU buffer clear documentation
    - objtool: Fix function fallthrough detection
    - arm64: dts: rockchip: fix IO domain voltage setting of APIO5 on rockpro64
    - arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
    - ARM: dts: qcom: ipq4019: enlarge PCIe BAR range
    - ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
    - ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
    - mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
    - ARM: exynos: Fix a leaked reference by adding missing of_node_put
    - power: supply: axp288_charger: Fix unchecked return value
    - power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the
      blacklist
    - arm64: mmap: Ensure file offset is treated as unsigned
    - arm64: arch_timer: Ensure counter register reads occur with seqlock held
    - arm64: compat: Reduce address limit
    - arm64: Clear OSDLR_EL1 on CPU boot
    - arm64: Save and restore OSDLR_EL1 across suspend/resume
    - sched/x86: Save [ER]FLAGS on context switch
    - x86/MCE: Add an MCE-record filtering function
    - x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
    - x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk
    - x86/MCE: Group AMD function prototypes in <asm/mce.h>
    - x86/MCE/AMD: Don't report L1 BTB MCA errors on some family 17h models
    - crypto: crypto4xx - fix ctr-aes missing output IV
    - crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
    - crypto: salsa20 - don't access already-freed walk.iv
    - crypto: lrw - don't access already-freed walk.iv
    - crypto: chacha-generic - fix use as arm64 no-NEON fallback
    - crypto: chacha20poly1305 - set cra_name correctly

Source diff to previous version
1807378 zfs/spl build in conjunction with the kernel from DKMS source
1786013 Packaging resync
1762940 hibmc-drm Causes Unreadable Display for Huawei amd64 Servers
1837397 Make possible to load Mellanox OFED modules
1836153 [18.04 FEAT] zKVM: Add hardware CPU Model - kernel part
1829563 bcache: risk of data loss on I/O errors in backing or caching devices
1835054 Enable Armada SOCs and MVPP2 NIC driver for disco/generic arm64
1836760 ixgbe{vf} - Physical Function gets IRQ when VF checks link state
1836806 Two crashes on raid0 error path (during a member device removal)
1824981 cifs set_oplock buffer overflow in strcat
1836755 hda/realtek: can't detect external mic on a Dell machine
1832082 bnx2x driver causes 100% CPU load
1835150 Sometimes touchpad detected as mouse(i2c designware fails to get adapter number)
1836614 Disco update: 5.0.18 upstream stable release
1836577 Disco update: 5.0.17 upstream stable release
1835580 Disco update: 5.0.16 upstream stable release
1836020 Sometimes touchpad(goodix) can't use tap function
1824690 proc_thermal flooding dmesg
1838115 linux hwe i386 kernel 5.0.0-21.22~18.04.1 crashes on Lenovo x220
CVE-2019-1125 RESERVED
CVE-2019-13233 In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition betwee
CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptr
CVE-2019-12614 An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked
CVE-2019-10126 A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.
CVE-2019-3846 A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malic
CVE-2019-12984 A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be t

Version: 4.18.0-1025.27~18.04.1 2019-07-29 12:06:53 UTC

  linux-azure (4.18.0-1025.27~18.04.1) bionic; urgency=medium

  * linux-azure: 4.18.0-1025.27~18.04.1 -proposed tracker (LP: #1835436)

  [ Ubuntu: 4.18.0-1025.27 ]

  * linux-azure: 4.18.0-1025.27 -proposed tracker (LP: #1835438)
  * [linux-azure] panic in ext4_resize_fs() found during storage testing
    (LP: #1835322)
    - ext4: fix crash during online resizing
  * linux: 4.18.0-26.27 -proposed tracker (LP: #1834904)
  * QCA9377 isn't being recognized sometimes (LP: #1757218)
    - SAUCE: USB: Disable USB2 LPM at shutdown
  * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140)
    - net: hns: fix ICMP6 neighbor solicitation messages discard problem
    - net: hns: fix unsigned comparison to less than zero
  * Fix occasional boot time crash in hns driver (LP: #1833138)
    - net: hns: Fix probabilistic memory overwrite when HNS driver initialized
  * use-after-free in hns_nic_net_xmit_hw (LP: #1833136)
    - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
  * hns: attempt to restart autoneg when disabled should report error
    (LP: #1833147)
    - net: hns: Restart autoneg need return failed when autoneg off
  * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
    (LP: #1832625)
    - pkey: Indicate old mkvp only if old and current mkvp are different
  * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
    (LP: #1832623)
    - s390/crypto: fix gcm-aes-s390 selftest failures
  * rtlwifi: aggressive memory leak (LP: #1831751)
    - rtlwifi: Fix leak of skb when processing C2H_BT_INFO
  * Kernel modules generated incorrectly when system is localized to a non-
    English language (LP: #1828084)
    - scripts: override locale from environment when running recordmcount.pl
  * CVE-2019-11815
    - net: rds: force to destroy connection if t_sock is NULL in
      rds_tcp_kill_sock().
  * Sound device not detected after resume from hibernate (LP: #1826868)
    - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled
    - drm/i915: Save the old CDCLK atomic state
    - drm/i915: Remove redundant store of logical CDCLK state
    - drm/i915: Skip modeset for cdclk changes if possible
  * Handle overflow in proc_get_long of sysctl (LP: #1833935)
    - sysctl: handle overflow in proc_get_long
  * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe
    drains lots of power under s2idle (LP: #1808957)
    - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3
      and being disabled"
    - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when
      suspending"
    - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3"
    - Revert "SAUCE: nvme: add quirk to not call disable function when suspending"
    - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3"
    - PCI: PM: Avoid possible suspend-to-idle issue
    - PCI: PM: Skip devices in D0 for suspend-to-idle
    - nvme-pci: Sync queues on reset
    - nvme: Export get and set features
    - nvme-pci: Use host managed power state for suspend
  * hinic: fix oops due to race in set_rx_mode (LP: #1832048)
    - hinic: fix a bug in set rx mode
  * ubuntu 18.04 flickering screen with Radeon X1600 (LP: #1791312)
    - drm/radeon: prefer lower reference dividers
  * [linux-azure] Block Layer Commits Requested in Azure Kernels (LP: #1834499)
    - block: Clear kernel memory before copying to user
    - block/bio: Do not zero user pages
  * CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64 (LP: #1824864)
    - [Config] CONFIG_LOG_BUF_SHIFT=18 on all 64bit arches
  * Handle overflow for file-max (LP: #1834310)
    - sysctl: handle overflow for file-max
    - kernel/sysctl.c: fix out-of-bounds access when setting file-max
  * [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14) (LP: #1827555)
    - ALSA: hda/realtek - Headset fixup for System76 Gazelle (gaze14)
    - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
  * crashdump fails on HiSilicon D06 (LP: #1828868)
    - iommu/arm-smmu-v3: Don't disable SMMU in kdump kernel
  * CVE-2019-11833
    - ext4: zero out the unused memory region in the extent tree block
  * does not detect headphone when there is no other output devices
    (LP: #1831065)
    - ALSA: hda/realtek - Fixed hp_pin no value
    - ALSA: hda/realtek - Use a common helper for hp pin reference
  * Support new ums-realtek device (LP: #1831840)
    - USB: usb-storage: Add new ID to ums-realtek
  * amd_iommu possible data corruption (LP: #1823037)
    - iommu/amd: Reserve exclusion range in iova-domain
    - iommu/amd: Set exclusion range correctly
  * Add new sound card PCIID into the alsa driver (LP: #1832299)
    - ALSA: hda/intel: add CometLake PCI IDs
  * sky2 ethernet card doesn't work after returning from suspend
    (LP: #1807259) // sky2 ethernet card link not up after suspend
    (LP: #1809843)
    - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
  * idle-page oopses when accessing page frames that are out of range
    (LP: #1833410)
    - mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
  * Add pointstick support on HP ZBook 17 G5 (LP: #1833387)
    - Revert "HID: multitouch: Support ALPS PTP stick with pid 0x120A"
    - SAUCE: HID: multitouch: Add pointstick support for ALPS Touchpad
  * [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2
    new thinpads (LP: #1833637)
    - Input: elantech - enable middle button support on 2 ThinkPads
  * CVE-2019-11884
    - Bluetooth: hidp: fix buffer overflow
  * af_alg06 test from crypto test suite in LTP failed with kernel oops on B/C
    (LP: #1829725)
    - crypto: authenc - fix parsing key with misaligned rta_len
  * Address performance issue w/ GICv4-based guests (LP: #1829942)
    - arm64: KVM: Always set ICH_HCR_EL2.EN if GICv4 is enabled
  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE:

Source diff to previous version
1835322 [linux-azure] panic in ext4_resize_fs() found during storage testing
1757218 QCA9377 isn't being recognized sometimes
1833140 hns: fix ICMP6 neighbor solicitation messages discard problem
1833138 Fix occasional boot time crash in hns driver
1833136 use-after-free in hns_nic_net_xmit_hw
1833147 hns: attempt to restart autoneg when disabled should report error
1832625 [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different
1832623 [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing
1831751 rtlwifi: aggressive memory leak
1828084 Kernel modules generated incorrectly when system is localized to a non-English language
1826868 Sound device not detected after resume from hibernate
1833935 Handle overflow in proc_get_long of sysctl
1832048 hinic: fix oops due to race in set_rx_mode
1791312 ubuntu 18.04 flickering screen with Radeon X1600
1834499 [linux-azure] Block Layer Commits Requested in Azure Kernels
1824864 CONFIG_LOG_BUF_SHIFT set to 14 is too low on arm64
1834310 Handle overflow for file-max
1827555 [ALSA] [PATCH] Headset fixup for System76 Gazelle (gaze14)
1828868 crashdump fails on HiSilicon D06
1831065 does not detect headphone when there is no other output devices
1831840 Support new ums-realtek device
1823037 amd_iommu possible data corruption
1832299 Add new sound card PCIID into the alsa driver
1807259 sky2 ethernet card doesn't work after returning from suspend
1809843 sky2 ethernet card link not up after suspend
1833410 idle-page oopses when accessing page frames that are out of range
1833637 [SRU][B/B-OEM/B-OEM-OSP-1/C/D/E] Add trackpoint middle button support of 2 new thinpads
1829725 af_alg06 test from crypto test suite in LTP failed with kernel oops on B/C
1829942 Address performance issue w/ GICv4-based guests
1813118 alignment test in powerpc from ubuntu_kernel_selftests failed on B/C Power9
1812796 TRACE_syscall.ptrace_syscall_dropped in seccomp from ubuntu_kernel_selftests failed on B/C PowerPC
1828798 Eletrical noise occurred when external headset enter powersaving mode on a DEll machine
1761379 [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on Ubuntu
1830813 TCP : race condition on socket ownership in tcp_close()
1829306 ethtool identify command doesn't blink LED on Hi1620 NICs
1830175 Add support to Comet Lake LPSS
1830587 Reduce NAPI weight in hns driver from 256 to 64
CVE-2019-11815 An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free
CVE-2019-11833 fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local user
CVE-2019-11884 The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive in
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory
CVE-2019-11085 Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potenti

Version: 4.18.0-1024.25~18.04.1 2019-07-02 22:07:20 UTC

  linux-azure (4.18.0-1024.25~18.04.1) bionic; urgency=medium

  * linux-azure: 4.18.0-1024.25~18.04.1 -proposed tracker (LP: #1834701)

  [ Ubuntu: 4.18.0-1024.25 ]

  * linux-azure: 4.18.0-1024.25 -proposed tracker (LP: #1834702)
  * linux-azure: mlx4, mlx5, ibverbs, ib_umad are not being loaded by default
    (LP: #1834696)
    - Revert "UBUNTU: [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m"

 -- Marcelo Henrique Cerri <email address hidden> Fri, 28 Jun 2019 20:02:38 -0300

Source diff to previous version
1834696 linux-azure: mlx4, mlx5, ibverbs, ib_umad are not being loaded by default

Version: 4.18.0-1023.24~18.04.1 2019-06-26 22:07:27 UTC

  linux-azure (4.18.0-1023.24~18.04.1) bionic; urgency=medium

  * linux-azure: 4.18.0-1023.24~18.04.1 -proposed tracker (LP: #1833945)

  [ Ubuntu: 4.18.0-1023.24 ]

  * linux-azure: 4.18.0-1023.24 -proposed tracker (LP: #1833946)
  * [linux-azure] XDP generic fixes (LP: #1831254)
    - netvsc: unshare skb in VF rx handler
    - net: convert rps_needed and rfs_needed to new static
    - net: core: support XDP generic on stacked devices.
  * Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m
  * Azure: Backport vIOMMU driver (increase vCPU limits) (LP: #1826447)
    - PCI: hv: Replace hv_vp_set with hv_vpset
    - PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset()
    - x86/Hyper-V: Set x2apic destination mode to physical when x2apic is
      available
    - iommu/hyper-v: Add Hyper-V stub IOMMU driver
    - [Config] linux-azure: CONFIG_HYPERV_IOMMU=y
  * [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes
  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files
  * linux: 4.18.0-25.26 -proposed tracker (LP: #1833952)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-12817
    - SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

 -- Marcelo Henrique Cerri <email address hidden> Tue, 25 Jun 2019 11:42:46 -0300

Source diff to previous version
1831254 [linux-azure] XDP generic fixes
1827916 Enable eBPF JIT in the linux-azure kernels
1826447 Azure: Backport vIOMMU driver (increase vCPU limits)
1830266 [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and 18.04 linux-azure kernels
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-12817 RESERVED

Version: 4.18.0-1020.20~18.04.1 2019-06-17 21:07:13 UTC

  linux-azure (4.18.0-1020.20~18.04.1) bionic; urgency=medium

  [ Ubuntu: 4.18.0-1020.20 ]

  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits
  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs

 -- Marcelo Henrique Cerri <email address hidden> Wed, 05 Jun 2019 09:01:14 -0300

1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
1831637 Remote denial of service (system crash) caused by integer overflow in TCP SACK handling



About   -   Send Feedback to @ubuntu_updates