UbuntuUpdates.org

Package "linux-hwe"

Name: linux-hwe

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 4.15.0-35
  • Linux kernel version specific cloud tools for version 4.15.0-35
  • Header files related to Linux kernel version 4.15.0
  • Linux kernel headers for version 4.15.0 on 32 bit x86 SMP

Latest version: 4.15.0-35.38~16.04.1
Release: xenial (16.04)
Level: proposed
Repository: main

Links

Save this URL for the latest version of "linux-hwe": https://www.ubuntuupdates.org/linux-hwe



Other versions of "linux-hwe" in Xenial

Repository Area Version
security main 4.15.0-34.37~16.04.1
updates main 4.15.0-34.37~16.04.1
PPA: Canonical Kernel Team 4.15.0-35.38~16.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-35.38~16.04.1 2018-09-13 17:06:42 UTC

  linux-hwe (4.15.0-35.38~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-35.38~16.04.1 -proposed tracker (LP: #1791740)

  * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018-3639 (arm64)
    - arm64: alternatives: Add dynamic patching feature
    - KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
    - KVM: arm64: Avoid storing the vcpu pointer on the stack
    - arm/arm64: smccc: Add SMCCC-specific return codes
    - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
    - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
    - arm64: Add ARCH_WORKAROUND_2 probing
    - arm64: Add 'ssbd' command-line option
    - arm64: ssbd: Add global mitigation state accessor
    - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
    - arm64: ssbd: Restore mitigation status on CPU resume
    - arm64: ssbd: Introduce thread flag to control userspace mitigation
    - arm64: ssbd: Add prctl interface for per-thread mitigation
    - arm64: KVM: Add HYP per-cpu accessors
    - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
    - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
    - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
    - [Config] ARM64_SSBD=y

  * Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
    - Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching
      process"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown
      message"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF
      response"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
      hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
      shift in hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
      assignment probelm"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
      configuration operation while resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
      phy driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
      resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
      register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
      frequently"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
      command queue register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
      global or core reset"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
      reset cause"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
      hclgevf_main module"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
      selftest"
    - Revert "UBUNTU: SAUCE: {top

1792099 device hotplug of vfio devices can lead to deadlock in vfio_pci_release
1788563 L1TF mitigation not effective in some CPU and RAM combinations
1790602 Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state disabled (performance)
1790636 Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered
1785675 Security fix: check if IOMMU page is contained in the pinned physical page
1789924 Missing Intel GPU pci-id's
1789358 Support Power Management for Thunderbolt Controller
1790480 random oopses on s390 systems using NVMe devices
1787993 [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support for arm64 using SMC firmware call to set a hardware chicken bit
1787477 Reconcile hns3 SAUCE patches with upstream
1790188 Bionic update: upstream stable patchset 2018-08-31
1789666 Bionic update: upstream stable patchset 2018-08-29
1788897 Bionic update: upstream stable patchset 2018-08-24
1787281 errors when scanning partition table of corrupted AIX disk
1789772 tlbie master timeout checkstop (using NVidia/GPU)
1788097 performance drop with ATS enabled
1786878 [Regression] kernel crashdump fails on arm64
1785780 TB 16 issue on Dell Lattitude 7490 with large amount of data
1762385 dell_wmi: Unknown key codes
1773940 Enable AMD PCIe MP2 for AMDI0011
1779817 r8169 no internet after suspending
1789790 Fix Intel Cannon Lake LPSS I2C input clock
1789145 Microphone cannot be detected with front panel audio combo jack on HP Z8-G4 machine
1787945 Tango platform uses __initcall without further checks
1787898 [18.10 FEAT] Add kernel config option \
CVE-2018-15594 arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectr
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-15572 The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context swi
CVE-2018-3639 Speculative Store Bypass
CVE-2018-6555 The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users
CVE-2018-6554 Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows lo

Version: *DELETED* 2018-09-12 00:06:35 UTC
No changelog for deleted or moved packages.

Version: 4.15.0-34.37~16.04.1 2018-08-29 16:06:49 UTC

  linux-hwe (4.15.0-34.37~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-34.37~16.04.1 -proposed tracker (LP: #1788760)

  * linux: 4.15.0-34.37 -proposed tracker (LP: #1788744)

  * Bionic update: upstream stable patchset 2018-08-09 (LP: #1786352)
    - MIPS: c-r4k: Fix data corruption related to cache coherence
    - MIPS: ptrace: Expose FIR register through FP regset
    - MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
    - KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
    - affs_lookup(): close a race with affs_remove_link()
    - fs: don't scan the inode cache before SB_BORN is set
    - aio: fix io_destroy(2) vs. lookup_ioctx() race
    - ALSA: timer: Fix pause event notification
    - do d_instantiate/unlock_new_inode combinations safely
    - mmc: sdhci-iproc: remove hard coded mmc cap 1.8v
    - mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
    - mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus
    - libata: Blacklist some Sandisk SSDs for NCQ
    - libata: blacklist Micron 500IT SSD with MU01 firmware
    - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
    - drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros
    - arm64: lse: Add early clobbers to some input/output asm operands
    - powerpc/64s: Clear PCR on boot
    - IB/hfi1: Use after free race condition in send context error path
    - IB/umem: Use the correct mm during ib_umem_release
    - idr: fix invalid ptr dereference on item delete
    - Revert "ipc/shm: Fix shmat mmap nil-page protection"
    - ipc/shm: fix shmat() nil address after round-down when remapping
    - mm/kasan: don't vfree() nonexistent vm_area
    - kasan: free allocated shadow memory on MEM_CANCEL_ONLINE
    - kasan: fix memory hotplug during boot
    - kernel/sys.c: fix potential Spectre v1 issue
    - KVM: s390: vsie: fix < 8k check for the itdba
    - KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
    - kvm: x86: IA32_ARCH_CAPABILITIES is always supported
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
    - MIPS: generic: Fix machine compatible matching
    - mac80211: mesh: fix wrong mesh TTL offset calculation
    - ARC: Fix malformed ARC_EMUL_UNALIGNED default
    - ptr_ring: prevent integer overflow when calculating size
    - arm64: dts: rockchip: fix rock64 gmac2io stability issues
    - arm64: dts: rockchip: correct ep-gpios for rk3399-sapphire
    - libata: Fix compile warning with ATA_DEBUG enabled
    - selftests: sync: missing CFLAGS while compiling
    - selftest/vDSO: fix O=
    - selftests: pstore: Adding config fragment CONFIG_PSTORE_RAM=m
    - selftests: memfd: add config fragment for fuse
    - ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
    - ARM: OMAP3: Fix prm wake interrupt for resume
    - ARM: OMAP2+: Fix sar_base inititalization for HS omaps
    - ARM: OMAP1: clock: Fix debugfs_create_*() usage
    - tls: retrun the correct IV in getsockopt
    - xhci: workaround for AMD Promontory disabled ports wakeup
    - IB/uverbs: Fix method merging in uverbs_ioctl_merge
    - IB/uverbs: Fix possible oops with duplicate ioctl attributes
    - IB/uverbs: Fix unbalanced unlock on error path for rdma_explicit_destroy
    - arm64: dts: rockchip: Fix DWMMC clocks
    - ARM: dts: rockchip: Fix DWMMC clocks
    - iwlwifi: mvm: fix security bug in PN checking
    - iwlwifi: mvm: fix IBSS for devices that support station type API
    - iwlwifi: mvm: always init rs with 20mhz bandwidth rates
    - NFC: llcp: Limit size of SDP URI
    - rxrpc: Work around usercopy check
    - MD: Free bioset when md_run fails
    - md: fix md_write_start() deadlock w/o metadata devices
    - s390/dasd: fix handling of internal requests
    - xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos
    - mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
    - mac80211: fix a possible leak of station stats
    - mac80211: fix calling sleeping function in atomic context
    - cfg80211: clear wep keys after disconnection
    - mac80211: Do not disconnect on invalid operating class
    - mac80211: Fix sending ADDBA response for an ongoing session
    - gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle
    - gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle
    - md raid10: fix NULL deference in handle_write_completed()
    - drm/exynos: g2d: use monotonic timestamps
    - drm/exynos: fix comparison to bitshift when dealing with a mask
    - drm/meson: fix vsync buffer update
    - arm64: perf: correct PMUVer probing
    - RDMA/bnxt_re: Unpin SQ and RQ memory if QP create fails
    - RDMA/bnxt_re: Fix system crash during load/unload
    - net/mlx5e: Return error if prio is specified when offloading eswitch vlan
      push
    - locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
    - md: raid5: avoid string overflow warning
    - virtio_net: fix XDP code path in receive_small()
    - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
    - bug.h: work around GCC PR82365 in BUG()
    - selftests/memfd: add run_fuse_test.sh to TEST_FILES
    - seccomp: add a selftest for get_metadata
    - soc: imx: gpc: de-register power domains only if initialized
    - powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
    - s390/cio: fix ccw_device_start_timeout API
    - s390/cio: fix return code after missing interrupt
    - s390/cio: clear timer when terminating driver I/O
    - selftests/bpf/test_maps: exit child process without error in ENOMEM case
    - PKCS#7: fix direct verification of SignerInfo signature
    - arm64: dts: cavium: fix PCI bus dtc warnings
    - nfs: system crashes after NFS4ERR_MOVED recovery
    - ARM: OMAP: Fix dmtimer init for omap1
    - smsc75xx: fix smsc75xx_set_feat

1786352 Bionic update: upstream stable patchset 2018-08-09
1785282 arm-smmu-v3 arm-smmu-v3.1.auto: failed to allocate MSIs
1772467 Driver iwlwifi for Intel Wireless-AC 9560 is slow and unreliable in kernel 4.15.0-20-generic
1786981 [Bionic] i2c: xlp9xx: Add SMBAlert support
1786057 qeth: don't clobber buffer on async TX completion
1777338 Linux 4.15.0-23 crashes during the boot process with a \
1787058 ThinkPad systems have no HDMI sound when using the nvidia GPU
1787240 [Bionic] i2c: xlp9xx: Fix case where SSIF read transaction completes early
1787469 [Bionic] integrate upstream fix for Cavium zram driver
1788222 Bugfix for handling of shadow doorbell buffer
1789227 nvme devices namespace assigned to the wrong controller
1739107 linux-cloud-tools-common: Ensure hv-kvp-daemon.service starts before walinuxagent.service
1783138 hinic interfaces aren't getting predictable names
1774950 Suspend fails in Ubuntu and Kubuntu 18.04 but works fine in Ubuntu and Kubuntu 17.10 (and on Kubuntu 18.04 using kernel 4.14.47)
1784835 [Bionic] Bluetooth: Support RTL8723D and RTL8821C Devices
1776254 CacheFiles: Error: Overlong wait for old active object to go away.
1776277 fscache cookie refcount updated incorrectly during fscache object allocation
1774336 FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false
1786110 SMB3: Fix regression in server reconnect detection
CVE-2018-1118 Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in t

Version: *DELETED* 2018-08-23 18:06:40 UTC
No changelog for deleted or moved packages.

Version: 4.15.0-33.36~16.04.1 2018-08-17 02:33:35 UTC

  linux-hwe (4.15.0-33.36~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-33.36~16.04.1 -proposed tracker (LP: #1787163)

  * linux: 4.15.0-33.36 -proposed tracker (LP: #1787149)

  * RTNL assertion failure on ipvlan (LP: #1776927)
    - ipvlan: drop ipv6 dependency
    - ipvlan: use per device spinlock to protect addrs list updates
    - SAUCE: fix warning from "ipvlan: drop ipv6 dependency"

  * ubuntu_bpf_jit test failed on Bionic s390x systems (LP: #1753941)
    - test_bpf: flag tests that cannot be jited on s390

  * HDMI/DP audio can't work on the laptop of Dell Latitude 5495 (LP: #1782689)
    - drm/nouveau: fix nouveau_dsm_get_client_id()'s return type
    - drm/radeon: fix radeon_atpx_get_client_id()'s return type
    - drm/amdgpu: fix amdgpu_atpx_get_client_id()'s return type
    - platform/x86: apple-gmux: fix gmux_get_client_id()'s return type
    - ALSA: hda: use PCI_BASE_CLASS_DISPLAY to replace PCI_CLASS_DISPLAY_VGA
    - vga_switcheroo: set audio client id according to bound GPU id

  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets

  * Update2 for ocxl driver (LP: #1781436)
    - ocxl: Fix page fault handler in case of fault on dying process

  * netns: unable to follow an interface that moves to another netns
    (LP: #1774225)
    - net: core: Expose number of link up/down transitions
    - dev: always advertise the new nsid when the netns iface changes
    - dev: advertise the new ifindex when the netns iface changes

  * [Bionic] Disk IO hangs when using BFQ as io scheduler (LP: #1780066)
    - block, bfq: fix occurrences of request finish method's old name
    - block, bfq: remove batches of confusing ifdefs
    - block, bfq: add requeue-request hook

  * HP ProBook 455 G5 needs mute-led-gpio fixup (LP: #1781763)
    - ALSA: hda: add mute led support for HP ProBook 455 G5

  * [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
    (LP: #1781476)
    - i2c: xlp9xx: Fix issue seen when updating receive length
    - i2c: xlp9xx: Make sure the transfer size is not more than
      I2C_SMBUS_BLOCK_SIZE

  * x86/kvm: fix LAPIC timer drift when guest uses periodic mode (LP: #1778486)
    - x86/kvm: fix LAPIC timer drift when guest uses periodic mode

  * Please include ax88179_178a and r8152 modules in d-i udeb (LP: #1771823)
    - [Config:] d-i: Add ax88179_178a and r8152 to nic-modules

  * Nvidia fails after switching its mode (LP: #1778658)
    - PCI: Restore config space on runtime resume despite being unbound

  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.5-1ubuntu16.3

  * CVE-2018-12232
    - PATCH 1/1] socket: close race condition between sock_close() and
      sockfs_setattr()

  * CVE-2018-10323
    - xfs: set format back to extents if xfs_bmap_extents_to_btree

  * change front mic location for more lenovo m7/8/9xx machines (LP: #1781316)
    - ALSA: hda/realtek - Fix the problem of two front mics on more machines
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION

  * Cephfs + fscache: unable to handle kernel NULL pointer dereference at
    0000000000000000 IP: jbd2__journal_start+0x22/0x1f0 (LP: #1783246)
    - ceph: track read contexts in ceph_file_info

  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52

  * xhci_hcd 0000:00:14.0: Root hub is not suspended (LP: #1779823)
    - usb: xhci: dbc: Fix lockdep warning
    - usb: xhci: dbc: Don't decrement runtime PM counter if DBC is not started

  * CVE-2018-13406
    - video: uvesafb: Fix integer overflow in allocation

  * CVE-2018-10840
    - ext4: correctly handle a zero-length xattr with a non-zero e_value_offs

  * CVE-2018-11412
    - ext4: do not allow external inodes for inline data

  * CVE-2018-10881
    - ext4: clear i_data in ext4_inode_info when removing inline data

  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size

  * CVE-2018-12904
    - kvm: nVMX: Enforce cpl=0 for VMX instructions

  * Error parsing PCC subspaces from PCCT (LP: #1528684)
    - mailbox: PCC: erroneous error message when parsing ACPI PCCT

  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp

  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories

  * Invoking obsolete 'firmware_install' target breaks snap build (LP: #1782166)
    - snapcraft.yaml: stop invoking the obsolete (and non-existing)
      'firmware_install' target

  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build

  * Allow Raven Ridge's audio controller to be runtime suspended (LP: #1782540)
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge

  * CVE-2018-11506
    - sr: pass down correctly sized SCSI sense buffer

  * Bionic update: upstream stable patchset 2018-07-24 (LP: #1783418)
    - net: Fix a bug in removing queues from XPS map
    - net/mlx4_core: Fix error handling in mlx4_init_port_info.
    - net/sched: fix refcnt leak in the error path of tcf_vlan_init()
    - net: sched: red: avoid hashing NULL child
    - net/smc: check for missing nlattrs in SMC_PNETID messages
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - vmxnet3: set the DMA mask before the first DMA map operation
    - vmxnet3: use DMA memory barriers where required
    -

1776927 RTNL assertion failure on ipvlan
1753941 ubuntu_bpf_jit test failed on Bionic s390x systems
1782689 HDMI/DP audio can't work on the laptop of Dell Latitude 5495
1780227 locking sockets broken due to missing AppArmor socket mediation patches
1781436 Update2 for ocxl driver
1774225 netns: unable to follow an interface that moves to another netns
1780066 [Bionic] Disk IO hangs when using BFQ as io scheduler
1781763 HP ProBook 455 G5 needs mute-led-gpio fixup
1781476 [Bionic] bug fixes to improve stability of the ThunderX2 i2c driver
1778486 x86/kvm: fix LAPIC timer drift when guest uses periodic mode
1771823 Please include ax88179_178a and r8152 modules in d-i udeb
1778658 Nvidia fails after switching its mode
1781364 Kernel error \
1781316 change front mic location for more lenovo m7/8/9xx machines
1783246 Cephfs + fscache: unable to handle kernel NULL pointer dereference at 0000000000000000 IP: jbd2__journal_start+0x22/0x1f0
1779802 Touchpad of ThinkPad P52 failed to work with message \
1779823 xhci_hcd 0000:00:14.0: Root hub is not suspended
1528684 Error parsing PCC subspaces from PCCT
1779923 other users' coredumps can be read via setgid directory and killpriv bypass
1782166 Invoking obsolete 'firmware_install' target breaks snap build
1782116 snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
1782540 Allow Raven Ridge's audio controller to be runtime suspended
1783418 Bionic update: upstream stable patchset 2018-07-24
1782846 Bionic update: upstream stable patchset 2018-07-20
1780858 Bionic update: upstream stable patchset 2018-07-09
1780499 Bionic update: upstream stable patchset 2018-07-06
1778759 Bionic update: upstream stable patchset 2018-06-26
1778265 Bionic update: upstream stable patchset 2018-06-22
1756700 Ryzen/Raven Ridge USB ports do not work
1776389 [Ubuntu 1804][boston][ixgbe] EEH causes kernel BUG at /build/linux-jWa1Fv/linux-4.15.0/drivers/pci/msi.c:352 (i2S)
1770095 Need fix to aacraid driver to prevent panic
1775391 kernel: Fix arch random implementation
1775390 kernel: Fix memory leak on CCA and EP11 CPRB processing.
1774471 Various fixes for CXL kernel module
1764645 Bluetooth not working
1776491 linux-snapdragon: wcn36xx: mac address generation on boot
1777029 fscache: Fix hanging wait on page discarded by writeback
CVE-2018-12232 In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket f
CVE-2018-10323 The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service
CVE-2018-13406 An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attacker
CVE-2018-10840 Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by
CVE-2018-11412 In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain cir
CVE-2018-10881 A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of se
CVE-2018-12233 In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twic
CVE-2018-12904 In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, pot
CVE-2018-13094 An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da
CVE-2018-13405 The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership,
CVE-2018-11506 The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based
CVE-2018-1108 kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the



About   -   Send Feedback to @ubuntu_updates