UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP

Latest version: 4.4.0-154.181
Release: xenial (16.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "linux": https://www.ubuntuupdates.org/linux



Other versions of "linux" in Xenial

Repository Area Version
base main 4.4.0-21.37
updates main 4.4.0-154.181
proposed main 4.4.0-155.182
PPA: Canonical Kernel Team 4.4.0-156.183

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.4.0-154.181 2019-06-28 22:07:01 UTC

  linux (4.4.0-154.181) xenial; urgency=medium

  * linux: 4.4.0-154.181 -proposed tracker (LP: #1834030)

  * CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()

  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Khalid Elmously <email address hidden> Tue, 25 Jun 2019 00:36:38 -0400

Source diff to previous version
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...

Version: 4.4.0-151.178 2019-06-19 13:11:04 UTC

  linux (4.4.0-151.178) xenial; urgency=medium

  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs
    - SAUCE: tcp: fix fack_count accounting on tcp_shift_skb_data()

  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits

 -- Stefan Bader <email address hidden> Tue, 11 Jun 2019 09:36:19 +0200

Source diff to previous version
1831637 Remote denial of service (system crash) caused by integer overflow in TCP SACK handling
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation

Version: 4.4.0-150.176 2019-06-05 14:07:09 UTC

  linux (4.4.0-150.176) xenial; urgency=medium

  * linux: 4.4.0-150.176 -proposed tracker (LP: #1830941)

  * glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175
    (LP: #1830890)
    - x86/vdso: Pass --eh-frame-hdr to the linker

Source diff to previous version
1830890 glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175

Version: 4.4.0-148.174 2019-05-15 18:07:15 UTC

  linux (4.4.0-148.174) xenial; urgency=medium

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - perf/x86/intel: Add model number for Skylake Server to perf
    - perf/x86: Add model numbers for Kabylake CPUs
    - perf/x86/intel: Use Intel family macros for core perf events
    - perf/x86/msr: Use Intel family macros for MSR events code
    - perf/x86/msr: Add missing Intel models
    - SAUCE: perf/x86/{cstate,rapl,uncore}: Use Intel Model name macros
    - perf/x86/msr: Add missing CPU IDs
    - x86/speculation: Simplify the CPU bug detection logic
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - bitops: avoid integer overflow in GENMASK(_ULL)
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - locking/static_keys: Provide DECLARE and well as DEFINE macros
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - SAUCE: sched/smt: Introduce sched_smt_{active,present}
    - SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
    - SAUCE: x86/speculation: Introduce arch_smt_update()
    - x86/speculation: Rework SMT state change
    - x86/speculation: Reorder the spec_v2 code
    - x86/speculation: Unify conditional spectre v2 print functions
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

Source diff to previous version
1786013 Packaging resync
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 4.4.0-145.171 2019-04-02 16:12:08 UTC

  linux (4.4.0-145.171) xenial; urgency=medium

  * linux: 4.4.0-145.171 -proposed tracker (LP: #1821724)

  * linux-generic should depend on linux-base >=4.1 (LP: #1820419)
    - [Packaging] Fix linux-base dependency

1820419 linux-generic should depend on linux-base \u003e=4.1



About   -   Send Feedback to @ubuntu_updates