UbuntuUpdates.org

Package "linux-hwe"

Name: linux-hwe

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 5.0.0 on 32 bit x86 SMP

Latest version: 5.0.0-36.39~18.04.1
Release: bionic (18.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "linux-hwe": https://www.ubuntuupdates.org/linux-hwe



Other versions of "linux-hwe" in Bionic

Repository Area Version
security main 5.0.0-36.39~18.04.1
proposed main 5.0.0-37.40~18.04.1
PPA: Canonical Kernel Team 5.0.0-37.40~18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.0.0-36.39~18.04.1 2019-11-13 21:06:31 UTC

  linux-hwe (5.0.0-36.39~18.04.1) bionic; urgency=medium

  [ Ubuntu: 5.0.0-36.39 ]

  * Ubuntu-5.0.0-33.35 introduces KVM regression with old Intel CPUs and Linux
    guests (LP: #1851709)
    - Revert "KVM: x86: Manually calculate reserved bits when loading PDPTRS"
  * Incomplete i915 fix for 64-bit x86 kernels (LP: #1852141) // CVE-2019-0155
    - SAUCE: drm/i915/cmdparser: Fix jump whitelist clearing

 -- Stefan Bader <email address hidden> Tue, 12 Nov 2019 11:46:30 +0100

Source diff to previous version
1851709 Ubuntu-5.0.0-33.35 introduces KVM regression with old Intel CPUs and Linux guests
1852141 CVE-2019-0155: incomplete fix for 64-bit x86 kernels

Version: 5.0.0-35.38~18.04.1 2019-11-13 00:07:15 UTC

  linux-hwe (5.0.0-35.38~18.04.1) bionic; urgency=medium

  [ Ubuntu: 5.0.0-35.38 ]

  * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
    setting (LP: #1849682)
    - SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout
      confusion."
  * refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
    - SAUCE: shiftfs: Correct id translation for lower fs operations
    - SAUCE: shiftfs: prevent type confusion
    - SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
  * CVE-2018-12207
    - kvm: Convert kvm_lock to a mutex
    - kvm: x86: Do not release the page inside mmu_set_spte()
    - KVM: x86: make FNAME(fetch) and __direct_map more similar
    - KVM: x86: remove now unneeded hugepage gfn adjustment
    - KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
    - KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
    - kvm: x86, powerpc: do not allow clearing largepages debugfs entry
    - SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
      active
    - SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
    - SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
    - SAUCE: kvm: Add helper function for creating VM worker threads
    - SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
    - SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
    - SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
  * CVE-2019-11135
    - KVM: x86: use Intel speculation bugs and features as derived in generic x86
      code
    - x86/msr: Add the IA32_TSX_CTRL MSR
    - x86/cpu: Add a helper function x86_read_arch_cap_msr()
    - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
    - x86/speculation/taa: Add mitigation for TSX Async Abort
    - x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
    - x86/tsx: Add "auto" option to the tsx= cmdline parameter
    - x86/speculation/taa: Add documentation for TSX Async Abort
    - x86/tsx: Add config options to set tsx=on|off|auto
    - SAUCE: x86/speculation/taa: Call tsx_init()
    - [Config] Disable TSX by default when possible
  * CVE-2019-0154
    - SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
    - SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
  * CVE-2019-0155
    - SAUCE: drm/i915: Rename gen7 cmdparser tables
    - SAUCE: drm/i915: Disable Secure Batches for gen6+
    - SAUCE: drm/i915: Remove Master tables from cmdparser
    - SAUCE: drm/i915: Add support for mandatory cmdparsing
    - SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
    - SAUCE: drm/i915: Allow parsing of unsized batches
    - SAUCE: drm/i915: Add gen9 BCS cmdparsing
    - SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
    - SAUCE: drm/i915/cmdparser: Add support for backward jumps
    - SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching

Source diff to previous version
1849682 [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout setting
1850867 refcount underflow and type confusion in shiftfs
CVE-2019-15793 RESERVED
CVE-2018-12207 iTLB Multihit
CVE-2019-11135 TSX Asynchronous Abort

Version: 5.0.0-32.34~18.04.2 2019-10-21 12:06:45 UTC

  linux-hwe (5.0.0-32.34~18.04.2) bionic; urgency=medium

  * bionic/linux-hwe: 5.0.0-32.34~18.04.2 -proposed tracker (LP: #1846092)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 5.0.0-32.34 ]

  * disco/linux: 5.0.0-32.34 -proposed tracker (LP: #1846097)
  * CVE-2019-14814 // CVE-2019-14815 // CVE-2019-14816
    - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
  * CVE-2019-15505
    - media: technisat-usb2: break out of loop at end of buffer
  * CVE-2019-2181
    - binder: check for overflow when alloc for security context
  * Support Hi1620 zip hw accelerator (LP: #1845355)
    - [Config] Enable HiSilicon QM/ZIP as modules
    - crypto: hisilicon - add queue management driver for HiSilicon QM module
    - crypto: hisilicon - add hardware SGL support
    - crypto: hisilicon - add HiSilicon ZIP accelerator support
    - crypto: hisilicon - add SRIOV support for ZIP
    - Documentation: Add debugfs doc for hisi_zip
    - crypto: hisilicon - add debugfs for ZIP and QM
    - MAINTAINERS: add maintainer for HiSilicon QM and ZIP controller driver
    - crypto: hisilicon - fix kbuild warnings
    - crypto: hisilicon - add dependency for CRYPTO_DEV_HISI_ZIP
    - crypto: hisilicon - init curr_sgl_dma to fix compile warning
    - crypto: hisilicon - add missing single_release
    - crypto: hisilicon - fix error handle in hisi_zip_create_req_q
    - crypto: hisilicon - Fix warning on printing %p with dma_addr_t
    - crypto: hisilicon - Fix return value check in hisi_zip_acompress()
    - crypto: hisilicon - avoid unused function warning
  * xfrm interface: several kernel panic (LP: #1836261)
    - xfrm interface: fix memory leak on creation
    - xfrm interface: avoid corruption on changelink
    - xfrm interface: ifname may be wrong in logs
    - xfrm interface: fix list corruption for x-netns
    - xfrm interface: fix management of phydev
  * shiftfs: drop entries from cache on unlink (LP: #1841977)
    - SAUCE: shiftfs: fix buggy unlink logic
  * shiftfs: mark kmem_cache as reclaimable (LP: #1842059)
    - SAUCE: shiftfs: mark slab objects SLAB_RECLAIM_ACCOUNT
  * Suspend to RAM(S3) does not wake up for latest megaraid and mpt3sas
    adapters(SAS3.5 onwards) (LP: #1838751)
    - PCI: Restore Resizable BAR size bits correctly for 1MB BARs
  * No sound inputs from the external microphone and headset on a Dell machine
    (LP: #1842265)
    - ALSA: hda - Expand pin_match function to match upcoming new tbls
    - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family
  * Add -fcf-protection=none when using retpoline flags (LP: #1843291)
    - SAUCE: kbuild: add -fcf-protection=none when using retpoline flags
  * Disco update: upstream stable patchset 2019-09-25 (LP: #1845390)
    - bridge/mdb: remove wrong use of NLM_F_MULTI
    - cdc_ether: fix rndis support for Mediatek based smartphones
    - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    - isdn/capi: check message length in capi_write()
    - ixgbe: Fix secpath usage for IPsec TX offload.
    - net: Fix null de-reference of device refcount
    - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
      linear-headed frag_list
    - net: phylink: Fix flow control resolution
    - net: sched: fix reordering issues
    - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    - tipc: add NULL pointer check before calling kfree_rcu
    - tun: fix use-after-free when register netdev failed
    - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist
    - gpio: fix line flag validation in linehandle_create
    - Btrfs: fix assertion failure during fsync and use of stale transaction
    - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us
    - genirq: Prevent NULL pointer dereference in resend_irqs()
    - KVM: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it
      as target for memset()
    - KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
    - KVM: x86: work around leak of uninitialized stack contents
    - KVM: nVMX: handle page fault in vmread
    - x86/purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large
      to fix kexec relocation errors
    - powerpc: Add barrier_nospec to raw_copy_in_user()
    - drm/meson: Add support for XBGR8888 & ABGR8888 formats
    - clk: rockchip: Don't yell about bad mmc phases when getting
    - mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue
    - PCI: Always allow probing with driver_override
    - gpio: fix line flag validation in lineevent_create
    - ubifs: Correctly use tnc_next() in search_dh_cookie()
    - driver core: Fix use-after-free and double free on glue directory
    - crypto: talitos - check AES key size
    - crypto: talitos - fix CTR alg blocksize
    - crypto: talitos - check data blocksize in ablkcipher.
    - crypto: talitos - fix ECB algs ivsize
    - crypto: talitos - Do not modify req->cryptlen on decryption.
    - crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
    - firmware: ti_sci: Always request response from firmware
    - drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
    - drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto
    - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
    - iio: adc: stm32-dfsdm: fix data type
    - modules: fix BUG when load module with rodata=n
    - modules: fix compile error if don't have strict module rwx
    - platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to
      critclk_systems DMI table
    - rsi: fix a double free bug in rsi_91x_deinit()
    - x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAG

Source diff to previous version
1786013 Packaging resync
1845355 Support Hi1620 zip hw accelerator
1836261 xfrm interface: several kernel panic
1841977 shiftfs: drop entries from cache on unlink
1842059 shiftfs: mark kmem_cache as reclaimable
1838751 Suspend to RAM(S3) does not wake up for latest megaraid and mpt3sas adapters(SAS3.5 onwards)
1842265 No sound inputs from the external microphone and headset on a Dell machine
1843291 Add -fcf-protection=none when using retpoline flags
1845390 Disco update: upstream stable patchset 2019-09-25
1844722 Disco update: upstream stable patchset 2019-09-19
1843622 Disco update: upstream stable patchset 2019-09-11
1838886 New ID in ums-realtek module breaks cardreader
1836912 ipv4: enable route flushing in network namespaces
1842774 Enhanced Hardware Support - Finalize Naming
CVE-2019-14814 There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows
CVE-2019-14816 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local
CVE-2019-15505 drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be r
CVE-2019-2181 In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local
CVE-2019-16714 In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory bec
CVE-2019-14821 An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coales

Version: 5.0.0-31.33~18.04.1 2019-10-04 11:06:54 UTC

  linux-hwe (5.0.0-31.33~18.04.1) bionic; urgency=medium

  * bionic/linux-hwe: 5.0.0-31.33~18.04.1 -proposed tracker (LP: #1846022)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 5.0.0-31.33 ]

  * disco/linux: 5.0.0-31.33 -proposed tracker (LP: #1846026)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * /proc/self/maps paths missing on live session (was vlc won't start; eoan
    19.10 & bionic 18.04 ubuntu/lubuntu/kubuntu/xubuntu/ubuntu-mate dailies)
    (LP: #1842382)
    - SAUCE: Revert "UBUNTU: SAUCE: shiftfs: enable overlayfs on shiftfs"

Source diff to previous version
1786013 Packaging resync
1842382 /proc/self/maps paths missing on live session (was vlc won't start; eoan 19.10 \u0026 bionic 18.04 ubuntu/lubuntu/kubuntu/xubuntu/ubuntu-mate dailies

Version: 5.0.0-29.31~18.04.1 2019-09-17 23:06:26 UTC

  linux-hwe (5.0.0-29.31~18.04.1) bionic; urgency=medium

  [ Ubuntu: 5.0.0-29.31 ]

  * powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
    (CVE-2019-15031) / powerpc/tm: Fix FP/VMX unavailable exceptions inside a
    transaction (CVE-2019-15030) (LP: #1843533) // CVE-2019-15031
    - powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
    - powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
  * CVE-2019-14835
    - vhost: fix dirty log buffer overflow
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis

 -- Stefan Bader <email address hidden> Thu, 12 Sep 2019 19:00:18 +0200

1843533 powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031) / powerpc/tm: Fix FP/VMX unavailable exceptions inside a transac
1786013 Packaging resync
CVE-2019-15031 In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exp
CVE-2019-15030 In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailab
CVE-2019-14835 A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in ...



About   -   Send Feedback to @ubuntu_updates