UbuntuUpdates.org

Package "linux-azure"

Name: linux-azure

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.10.0
  • Header files related to Linux kernel version 4.10.0
  • Header files related to Linux kernel version 4.11.0
  • Header files related to Linux kernel version 4.11.0

Latest version: 4.15.0-1014.14~16.04.1
Release: xenial (16.04)
Level: proposed
Repository: main

Links

Save this URL for the latest version of "linux-azure": https://www.ubuntuupdates.org/linux-azure



Other versions of "linux-azure" in Xenial

Repository Area Version
security main 4.15.0-1013.13~16.04.2
updates main 4.15.0-1013.13~16.04.2
PPA: Canonical Kernel Team 4.15.0-1014.14~16.04.1

Packages in group

Deleted packages are displayed in grey.

linux-azure-headers-4.10.0-1005 linux-azure-headers-4.10.0-1006 linux-azure-headers-4.11.0-1002 linux-azure-headers-4.11.0-1003 linux-azure-headers-4.11.0-1004
linux-azure-headers-4.11.0-1005 linux-azure-headers-4.11.0-1006 linux-azure-headers-4.11.0-1007 linux-azure-headers-4.11.0-1008 linux-azure-headers-4.11.0-1009
linux-azure-headers-4.11.0-1010 linux-azure-headers-4.11.0-1011 linux-azure-headers-4.11.0-1012 linux-azure-headers-4.11.0-1013 linux-azure-headers-4.11.0-1014
linux-azure-headers-4.11.0-1015 linux-azure-headers-4.11.0-1016 linux-azure-headers-4.13.0-1001 linux-azure-headers-4.13.0-1002 linux-azure-headers-4.13.0-1004
linux-azure-headers-4.13.0-1005 linux-azure-headers-4.13.0-1006 linux-azure-headers-4.13.0-1007 linux-azure-headers-4.13.0-1008 linux-azure-headers-4.13.0-1009
linux-azure-headers-4.13.0-1010 linux-azure-headers-4.13.0-1011 linux-azure-headers-4.13.0-1012 linux-azure-headers-4.13.0-1013 linux-azure-headers-4.13.0-1014
linux-azure-headers-4.13.0-1016 linux-azure-headers-4.13.0-1017 linux-azure-headers-4.13.0-1018 linux-azure-headers-4.15.0-1013 linux-azure-headers-4.15.0-1014

Changelog

Version: 4.15.0-1014.14~16.04.1 2018-06-15 11:06:44 UTC

  linux-azure (4.15.0-1014.14~16.04.1) xenial; urgency=medium

  * linux-azure: 4.15.0-1014.14~16.04.1 -proposed tracker (LP: #1776346)

  * linux-azure: 4.15.0-1014.14 -proposed tracker (LP: #1776342)

  * [Hyper-V] Disable CONFIG_HOTPLUG_CPU in linux-azure (LP: #1776293)
    - [Config] azure: CONFIG_HOTPLUG_CPU=n

  * [Hyper-V] IB/mlx5: Respect new UMR capabilities (LP: #1762554)
    - IB/mlx5: Enable ECN capable bits for UD RoCE v2 QPs
    - IB/mlx5: Respect new UMR capabilities

  [ Ubuntu: 4.15.0-24.26 ]

  * linux: 4.15.0-24.26 -proposed tracker (LP: #1776338)
  * Bionic update: upstream stable patchset 2018-06-06 (LP: #1775483)
    - drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
    - i40e: Fix attach VF to VM issue
    - tpm: cmd_ready command can be issued only after granting locality
    - tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
    - tpm: add retry logic
    - Revert "ath10k: send (re)assoc peer command when NSS changed"
    - bonding: do not set slave_dev npinfo before slave_enable_netpoll in
      bond_enslave
    - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
    - ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
    - KEYS: DNS: limit the length of option strings
    - l2tp: check sockaddr length in pppol2tp_connect()
    - net: validate attribute sizes in neigh_dump_table()
    - llc: delete timers synchronously in llc_sk_free()
    - tcp: don't read out-of-bounds opsize
    - net: af_packet: fix race in PACKET_{R|T}X_RING
    - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
    - net: fix deadlock while clearing neighbor proxy table
    - team: avoid adding twice the same option to the event list
    - net/smc: fix shutdown in state SMC_LISTEN
    - team: fix netconsole setup over team
    - packet: fix bitfield update race
    - tipc: add policy for TIPC_NLA_NET_ADDR
    - pppoe: check sockaddr length in pppoe_connect()
    - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
    - amd-xgbe: Add pre/post auto-negotiation phy hooks
    - sctp: do not check port in sctp_inet6_cmp_addr
    - amd-xgbe: Improve KR auto-negotiation and training
    - strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
    - amd-xgbe: Only use the SFP supported transceiver signals
    - strparser: Fix incorrect strp->need_bytes value.
    - net: sched: ife: signal not finding metaid
    - tcp: clear tp->packets_out when purging write queue
    - net: sched: ife: handle malformed tlv length
    - net: sched: ife: check on metadata length
    - llc: hold llc_sap before release_sock()
    - llc: fix NULL pointer deref for SOCK_ZAPPED
    - net: ethernet: ti: cpsw: fix tx vlan priority mapping
    - virtio_net: split out ctrl buffer
    - virtio_net: fix adding vids on big-endian
    - KVM: s390: force bp isolation for VSIE
    - s390: correct module section names for expoline code revert
    - microblaze: Setup dependencies for ASM optimized lib functions
    - commoncap: Handle memory allocation failure.
    - scsi: mptsas: Disable WRITE SAME
    - cdrom: information leak in cdrom_ioctl_media_changed()
    - m68k/mac: Don't remap SWIM MMIO region
    - block/swim: Check drive type
    - block/swim: Don't log an error message for an invalid ioctl
    - block/swim: Remove extra put_disk() call from error path
    - block/swim: Rename macros to avoid inconsistent inverted logic
    - block/swim: Select appropriate drive on device open
    - block/swim: Fix array bounds check
    - block/swim: Fix IO error at end of medium
    - tracing: Fix missing tab for hwlat_detector print format
    - s390/cio: update chpid descriptor after resource accessibility event
    - s390/dasd: fix IO error for newly defined devices
    - s390/uprobes: implement arch_uretprobe_is_alive()
    - ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
    - docs: ip-sysctl.txt: fix name of some ipv6 variables
    - net: mvpp2: Fix DMA address mask size
    - net: stmmac: Disable ACS Feature for GMAC >= 4
    - l2tp: hold reference on tunnels in netlink dumps
    - l2tp: hold reference on tunnels printed in pppol2tp proc file
    - l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file
    - l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow
    - s390/qeth: fix error handling in adapter command callbacks
    - s390/qeth: avoid control IO completion stalls
    - s390/qeth: handle failure on workqueue creation
    - bnxt_en: Fix memory fault in bnxt_ethtool_init()
    - virtio-net: add missing virtqueue kick when flushing packets
    - VSOCK: make af_vsock.ko removable again
    - hwmon: (k10temp) Add temperature offset for Ryzen 2700X
    - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics
    - s390/cpum_cf: rename IBM z13/z14 counter names
    - kprobes: Fix random address output of blacklist file
    - Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
  * Lenovo V330 needs patch in ideapad_laptop module for rfkill (LP: #1774636)
    - SAUCE: Add Lenovo V330 to the ideapad_laptop rfkill blacklist
  * bluetooth controller fail after suspend with USB autosuspend on XPS 13 9360
    (LP: #1775217)
    - Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table
  * [Hyper-V] PCI: hv: Fix 2 hang issues in hv_compose_msi_msg (LP: #1758378)
    - PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary
    - PCI: hv: Remove the bogus test in hv_eject_device_work()
    - PCI: hv: Fix a comment typo in _hv_pcifront_read_config()
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * Network installs fail on SocioNext board (LP: #1775884)
    - net: netsec: reduce DMA mask to 40 bits
    - net: socionext: reset hardware in ndo_st

1776293 [Hyper-V] Disable CONFIG_HOTPLUG_CPU in linux-azure
1762554 [Hyper-V] IB/mlx5: Respect new UMR capabilities
1775483 Bionic update: upstream stable patchset 2018-06-06
1774636 Lenovo V330 needs patch in ideapad_laptop module for rfkill
1775217 bluetooth controller fail after suspend with USB autosuspend on XPS 13 9360
1758378 [Hyper-V] PCI: hv: Fix 2 hang issues in hv_compose_msi_msg
1775856 register on binfmt_misc may overflow and crash the system
1775884 Network installs fail on SocioNext board
1752772 r8169 ethernet card don't work after returning from suspension
1759723 ISST-LTE:KVM:Ubuntu18.04:BostonLC:boslcp3:boslcp3g3:Guest conosle hangs after hotplug CPU add operation.
1770974 Fix several bugs in RDMA/hns driver
1771844 powerpc/livepatch: Implement reliable stack tracing for the consistency model
1768143 vmxnet3: update to latest ToT
1773162 4.15.0-22-generic fails to boot on IBM S822LC (POWER8 (raw), altivec supported)
1770244 Decode ARM CPER records in kernel
1772610 Adding back alx WoL feature
1768103 Lancer A0 Asic HBA's won't boot with 18.04
1771780 [LTCTest][OPAL][OP920] cpupower idle-info is not listing stop4 and stop5 idle states when all CORES are guarded
1770970 Huawei 25G/100G Network Adapters Unsupported
1772991 [Ubuntu 18.04.1] POWER9 - Nvidia Volta - Kernel changes to enable Nvidia driver on bare metal
1772593 cpum_sf: ensure sample freq is non-zero
1773243 PCIe link speeds of 16 GT/s are shown as \
1773295 False positive ACPI _PRS error messages
1773299 Dell systems crash when disabling Nvidia dGPU
1720930 wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
1770231 Expose arm64 CPU topology to userspace
1774466 hisi_sas robustness fixes
1774467 hisi_sas: Support newer v3 hardware
1774472 hisi_sas: improve performance by optimizing DQ locking
1768431 Request to revert SAUCE patches in the 18.04 SRU and update with upstream version
1773520 After update to 4.13-43 Intel Graphics are Laggy
1773509 ELANPAD ELAN0612 does not work, patch available
1774336 FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false
1768670 hns3 driver updates
1774306 enable mic-mute hotkey and led on Lenovo M820z and M920z
1774063 Bionic update: upstream stable patchset 2018-05-29
1773233 Bionic update: upstream stable patchset 2018-05-24
CVE-2018-11508 The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel mem
CVE-2018-7755 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a k

Version: *DELETED* 2018-06-14 09:07:01 UTC
No changelog for deleted or moved packages.

Version: 4.15.0-1013.13~16.04.2 2018-05-31 11:07:14 UTC

  linux-azure (4.15.0-1013.13~16.04.2) xenial; urgency=medium

  * linux-azure: 4.15.0-1013.13~16.04.2 -proposed tracker (LP: #1772940)

  * linux-azure: 4.15.0-1013.13 -proposed tracker (LP: #1772930)

  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev

  [ Ubuntu: 4.15.0-23.25 ]

  * linux: 4.15.0-23.25 -proposed tracker (LP: #1772927)
  * arm64 SDEI support needs trampoline code for KPTI (LP: #1768630)
    - arm64: mmu: add the entry trampolines start/end section markers into
      sections.h
    - arm64: sdei: Add trampoline code for remapping the kernel
  * Some PCIe errors not surfaced through rasdaemon (LP: #1769730)
    - ACPI: APEI: handle PCIe AER errors in separate function
    - ACPI: APEI: call into AER handling regardless of severity
  * qla2xxx: Fix page fault at kmem_cache_alloc_node() (LP: #1770003)
    - scsi: qla2xxx: Fix session cleanup for N2N
    - scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion()
    - scsi: qla2xxx: Serialize session deletion by using work_lock
    - scsi: qla2xxx: Serialize session free in qlt_free_session_done
    - scsi: qla2xxx: Don't call dma_free_coherent with IRQ disabled.
    - scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
    - scsi: qla2xxx: Prevent relogin trigger from sending too many commands
    - scsi: qla2xxx: Fix double free bug after firmware timeout
    - scsi: qla2xxx: Fixup locking for session deletion
  * Several hisi_sas bug fixes (LP: #1768974)
    - scsi: hisi_sas: dt-bindings: add an property of signal attenuation
    - scsi: hisi_sas: support the property of signal attenuation for v2 hw
    - scsi: hisi_sas: fix the issue of link rate inconsistency
    - scsi: hisi_sas: fix the issue of setting linkrate register
    - scsi: hisi_sas: increase timer expire of internal abort task
    - scsi: hisi_sas: remove unused variable hisi_sas_devices.running_req
    - scsi: hisi_sas: fix return value of hisi_sas_task_prep()
    - scsi: hisi_sas: Code cleanup and minor bug fixes
  * [bionic] machine stuck and bonding not working well when nvmet_rdma module
    is loaded (LP: #1764982)
    - nvmet-rdma: Don't flush system_wq by default during remove_one
    - nvme-rdma: Don't flush delete_wq by default during remove_one
  * Warnings/hang during error handling of SATA disks on SAS controller
    (LP: #1768971)
    - scsi: libsas: defer ata device eh commands to libata
  * Hotplugging a SATA disk into a SAS controller may cause crash (LP: #1768948)
    - ata: do not schedule hot plug if it is a sas host
  * ISST-LTE:pKVM:Ubuntu1804: rcu_sched self-detected stall on CPU follow by CPU
    ATTEMPT TO RE-ENTER FIRMWARE! (LP: #1767927)
    - powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
    - powerpc/64s: return more carefully from sreset NMI
    - powerpc/64s: sreset panic if there is no debugger or crash dump handlers
  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
    - fsnotify: Fix fsnotify_mark_connector race
  * Hang on network interface removal in Xen virtual machine (LP: #1771620)
    - xen-netfront: Fix hang on device removal
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * Ubuntu 18.04 kernel crashed while in degraded mode (LP: #1770849)
    - SAUCE: powerpc/perf: Fix memory allocation for core-imc based on
      num_possible_cpus()
  * Switch Build-Depends: transfig to fig2dev (LP: #1770770)
    - [Config] update Build-Depends: transfig to fig2dev
  * smp_call_function_single/many core hangs with stop4 alone (LP: #1768898)
    - cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer
      interrupt
  * Add d-i support for Huawei NICs (LP: #1767490)
    - d-i: add hinic to nic-modules udeb
  * unregister_netdevice: waiting for eth0 to become free. Usage count = 5
    (LP: #1746474)
    - xfrm: reuse uncached_list to track xdsts
  * Include nfp driver in linux-modules (LP: #1768526)
    - [Config] Add nfp.ko to generic inclusion list
  * Kernel panic on boot (m1.small in cn-north-1) (LP: #1771679)
    - x86/xen: Reset VCPU0 info pointer after shared_info remap
  * CVE-2018-3639 (x86)
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - bpf: Prevent memory disambiguation attack
    - KVM: VMX: Expose SSBD properly to guests.
  * Suspend to idle: Open lid didn't resume (LP: #1771542)
    - ACPI / PM: Do not reconfigure GPEs for suspend-to-idle
  * Fix initialization failure detection in SDEI for device-tree based systems
    (LP: #1768663)
    - firmware: arm_sdei: Fix return value check in sdei_present_dt()
  * No driver for Huawei network adapters on arm64 (LP: #1769899)
    - net-next/hinic: add arm64 support
  * CVE-2018-1092
    - ext4: fail ext4_iget for root directory if unallocated
  * kernel 4.15 breaks nouveau on Lenovo P50 (LP: #1763189)
    - drm/nouveau: Fix deadlock in nv50_mstm_register_connector()
  * update-initramfs not adding i915 GuC firmware for Kaby Lake, firmware

1768630 arm64 SDEI support needs trampoline code for KPTI
1769730 Some PCIe errors not surfaced through rasdaemon
1770003 qla2xxx: Fix page fault at kmem_cache_alloc_node()
1768974 Several hisi_sas bug fixes
1764982 [bionic] machine stuck and bonding not working well when nvmet_rdma module is loaded
1768971 Warnings/hang during error handling of SATA disks on SAS controller
1768948 Hotplugging a SATA disk into a SAS controller may cause crash
1767927 ISST-LTE:pKVM:Ubuntu1804: rcu_sched self-detected stall on CPU follow by CPU ATTEMPT TO RE-ENTER FIRMWARE!
1765564 fsnotify: Fix fsnotify_mark_connector race
1771620 Hang on network interface removal in Xen virtual machine
1765977 HiSilicon HNS NIC names are truncated in /proc/interrupts
1770849 Ubuntu 18.04 kernel crashed while in degraded mode
1768898 smp_call_function_single/many core hangs with stop4 alone
1767490 Add d-i support for Huawei NICs
1746474 unregister_netdevice: waiting for eth0 to become free. Usage count = 5
1768526 Include nfp driver in linux-modules
1771679 Kernel panic on boot (m1.small in cn-north-1)
1771542 Suspend to idle: Open lid didn't resume
1768663 Fix initialization failure detection in SDEI for device-tree based systems
1769899 No driver for Huawei network adapters on arm64
1763189 kernel 4.15 breaks nouveau on Lenovo P50
1728238 update-initramfs not adding i915 GuC firmware for Kaby Lake, firmware fails to load
1745646 Battery drains when laptop is off (shutdown)
1764194 Dell Latitude 5490/5590 BIOS update 1.1.9 causes black screen at boot
1748853 Intel 9462 A370:42A4 doesn't work
1764684 Fix an issue that some PCI devices get incorrectly suspended
1769696 [SRU][Bionic/Artful] fix false positives in W+X checking
1769723 Bionic update to v4.15.18 stable release
1768852 Kernel bug when unplugging Thunderbolt 3 cable, leaves xHCI host controller dead
1766052 Incorrect blacklist of bcm2835_wdt
1763748 Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in DELL XPS 13 9370 with firmware 1.50
1769721 [ALSA] [PATCH] Clevo P950ER ALC1220 Fixup
1768292 Bionic: Intermittently sent to Emergency Mode on boot with unhandled kernel NULL pointer dereference at 0000000000000980
1768761 linux-snapdragon: reduce EPROBEDEFER noise during boot
1767088 regression Aquantia Corp. AQC107 4.15.0-13-generic -\u003e 4.15.0-20-generic ?
1764892 e1000e msix interrupts broken in linux-image-4.15.0-15-generic
1766054 Acer Swift sf314-52 power button not managed
1766398 set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630
1766477 Chang the location for one of two front mics on a lenovo thinkcentre machine
1764690 SRU: bionic: apply 50 ZFS upstream bugfixes
1763271 [8086:3e92] display becomes blank after S3
CVE-2018-3639 Speculative Store Bypass
CVE-2018-1092 The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, whic
CVE-2018-8087 Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to caus

Version: *DELETED* 2018-05-31 01:07:05 UTC
No changelog for deleted or moved packages.

Version: 4.13.0-1018.21 2018-05-22 00:06:54 UTC

  linux-azure (4.13.0-1018.21) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation
  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
    - netlink: Add netns check on taps
  * CVE-2017-17975
    - media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0
  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly
  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"
  * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

1769263 LSM Stacking prctl values should be redefined as to not collide with upstream prctls
1765850 arm64: fix CONFIG_DEBUG_WX address reporting
1765977 HiSilicon HNS NIC names are truncated in /proc/interrupts
1763271 [8086:3e92] display becomes blank after S3
1758507 sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
1760712 perf vendor events arm64: Enable JSON events for ThunderX2 B0
1762693 No network with e1000e driver on 4.13.0-38-generic
1762812 /dev/ipmi enumeration flaky on Cavium Sabre nodes
1761534 \
1761104 fix regression in mm/hotplug, allows NVIDIA driver to work
1755627 ibrs/ibpb fixes result in excessive kernel logging
CVE-2018-3639 Speculative Store Bypass
CVE-2017-18208 The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by tr
CVE-2018-8822 Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/stag
CVE-2017-18203 The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leverag
CVE-2017-17449 The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restric
CVE-2017-17975 Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a de



About   -   Send Feedback to @ubuntu_updates