UbuntuUpdates.org

Package "linux-aws"

Name: linux-aws

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0
  • Header files related to Linux kernel version 4.4.0

Latest version: 4.4.0-1122.136
Release: xenial (16.04)
Level: security
Repository: main

Links



Other versions of "linux-aws" in Xenial

Repository Area Version
security universe 4.4.0-1012.21
updates universe 4.4.0-1012.21
updates main 4.4.0-1122.136
proposed main 4.4.0-1123.137
PPA: Canonical Kernel Team 4.4.0-1123.137

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.4.0-1122.136 2021-02-24 12:06:20 UTC

  linux-aws (4.4.0-1122.136) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1122.136 -proposed tracker (LP: #1914129)

  * Xenial update: v4.4.249 upstream stable release (LP: #1910139)
    - [Config] updateconfigs for SPI_DYNAMIC

  * aws: properly support instance types with > 255 cpu cores (LP: #1913739)
    - iommu/vt-d: Gracefully handle DMAR units with no supported address widths

  [ Ubuntu: 4.4.0-203.235 ]

  * xenial/linux: 4.4.0-203.235 -proposed tracker (LP: #1914140)
  * Ubuntu 16.04 kernel 4.4.0-202 basic commands hanging (LP: #1913853)
    - SAUCE: Revert "mm: check that mm is still valid in madvise()"

  [ Ubuntu: 4.4.0-202.234 ]

  * xenial/linux: 4.4.0-202.234 -proposed tracker (LP: #1913086)
  * DMI entry syntax fix for Pegatron / ByteSpeed C15B (LP: #1910639)
    - Input: i8042 - unbreak Pegatron C15B
  * CVE-2020-29372
    - mm: check that mm is still valid in madvise()
  * errinjct open fails on IBM POWER LPAR (LP: #1908710)
    - powerpc/rtas: Fix typo of ibm, open-errinjct in RTAS filter
  * 4.4 kernel panics in kvm wake_up() handler (LP: #1908428)
    - kvm: vmx: rename vmx_pre/post_block to pi_pre/post_block
    - KVM: VMX: extract __pi_post_block
    - KVM: VMX: avoid double list add with VT-d posted interrupts
  * restore reverted commit "crypto: arm64/sha - avoid non-standard inline asm
    tricks" (LP: #1907489)
    - crypto: arm64/sha - avoid non-standard inline asm tricks
  * CVE-2020-29374
    - gup: document and work around "COW can break either way" issue
  * Xenial update: v4.4.249 upstream stable release (LP: #1910139)
    - spi: bcm2835aux: Fix use-after-free on unbind
    - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe
    - ARC: stack unwinding: don't assume non-current task is sleeping
    - platform/x86: acer-wmi: add automatic keyboard background light toggle key
      as KEY_LIGHTS_TOGGLE
    - Input: cm109 - do not stomp on control URB
    - Input: i8042 - add Acer laptops to the i8042 reset list
    - [Config] updateconfigs for SPI_DYNAMIC
    - spi: Prevent adding devices below an unregistering controller
    - net/mlx4_en: Avoid scheduling restart task if it is already running
    - tcp: fix cwnd-limited bug for TSO deferral where we send nothing
    - net: stmmac: delete the eee_ctrl_timer after napi disabled
    - net: bridge: vlan: fix error return code in __vlan_add()
    - USB: dummy-hcd: Fix uninitialized array use in init()
    - USB: add RESET_RESUME quirk for Snapscan 1212
    - ALSA: usb-audio: Fix potential out-of-bounds shift
    - ALSA: usb-audio: Fix control 'access overflow' errors from chmap
    - xhci: Give USB2 ports time to enter U3 in bus suspend
    - USB: sisusbvga: Make console support depend on BROKEN
    - [Config] updateconfigs for USB_SISUSBVGA_CON
    - ALSA: pcm: oss: Fix potential out-of-bounds shift
    - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
    - USB: serial: cp210x: enable usb generic throttle/unthrottle
    - scsi: bnx2i: Requires MMU
    - can: softing: softing_netdev_open(): fix error handling
    - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
    - dm table: Remove BUG_ON(in_interrupt())
    - soc/tegra: fuse: Fix index bug in get_process_id
    - USB: serial: option: add interface-number sanity check to flag handling
    - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
    - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
    - media: msi2500: assign SPI bus number dynamically
    - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
    - drm/gma500: fix double free of gma_connector
    - ARM: p2v: fix handling of LPAE translation in BE mode
    - crypto: talitos - Fix return type of current_desc_hdr()
    - spi: img-spfi: fix reference leak in img_spfi_resume
    - ASoC: pcm: DRAIN support reactivation
    - Bluetooth: Fix null pointer dereference in hci_event_packet()
    - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
    - spi: tegra20-slink: fix reference leak in slink ops of tegra20
    - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
    - spi: tegra114: fix reference leak in tegra spi ops
    - RDMa/mthca: Work around -Wenum-conversion warning
    - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
    - media: solo6x10: fix missing snd_card_free in error handling case
    - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
    - Input: ads7846 - fix integer overflow on Rt calculation
    - Input: ads7846 - fix unaligned access on 7845
    - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
    - soc: ti: knav_qmss: fix reference leak in knav_queue_probe
    - soc: ti: Fix reference imbalance in knav_dma_probe
    - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
    - memstick: fix a double-free bug in memstick_check
    - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
    - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
    - orinoco: Move context allocation after processing the skb
    - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
    - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
    - NFSv4.2: condition READDIR's mask for security label based on LSM state
    - lockd: don't use interval-based rebinding over TCP
    - NFS: switch nfsiod to be an UNBOUND workqueue.
    - media: saa7146: fix array overflow in vidioc_s_audio()
    - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
    - memstick: r592: Fix error return in r592_probe()
    - ASoC: jz4740-i2s: add missed checks for clk_get()
    - dm ioctl: fix error return code in target_message
    - clocksource/drivers/arm_arch_timer: Correct fault programming of
      CNTKCTL_EL1.EVNTI
    - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
    - cpufreq: loongson1: Add missing MODULE_ALIAS
    - cpufreq: scpi: Add missing

Source diff to previous version
1910139 Xenial update: v4.4.249 upstream stable release
1913739 aws: properly support instance types with \u003e 255 cpu cores
1913853 Ubuntu 16.04 kernel 4.4.0-202 basic commands hanging
1910639 DMI entry syntax fix for Pegatron / ByteSpeed C15B
1908710 errinjct open fails on IBM POWER LPAR
1908428 4.4 kernel panics in kvm wake_up() handler
1907489 restore reverted commit \
1887190 MSFT Touchpad not working on Lenovo Legion-5 15ARH05
1910137 Xenial update: v4.4.248 upstream stable release
CVE-2020-29372 An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the
CVE-2020-29374 An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when

Version: 4.4.0-1121.135 2021-01-27 22:06:19 UTC

  linux-aws (4.4.0-1121.135) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1121.135 -proposed tracker (LP: #1911254)

  [ Ubuntu: 4.4.0-201.233 ]

  * xenial/linux: 4.4.0-201.233 -proposed tracker (LP: #1911265)
  * Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
    - Input: i8042 - add ByteSpeed touchpad to noloop table
  * stack trace in kernel (LP: #1903596)
    - net: napi: remove useless stack trace
  * CVE-2020-27777
    - powerpc/rtas: Restrict RTAS requests from userspace
    - [Config]: Set CONFIG_PPC_RTAS_FILTER
  * Xenial update: v4.4.247 upstream stable release (LP: #1906703)
    - btrfs: tree-checker: Enhance chunk checker to validate chunk profile
    - btrfs: inode: Verify inode mode to avoid NULL pointer dereference
    - HID: cypress: Support Varmilo Keyboards' media hotkeys
    - Input: i8042 - allow insmod to succeed on devices without an i8042
      controller
    - HID: hid-sensor-hub: Fix issue with devices with no report ID
    - x86/xen: don't unbind uninitialized lock_kicker_irq
    - proc: don't allow async path resolution of /proc/self components
    - dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
    - scsi: libiscsi: Fix NOP race condition
    - scsi: target: iscsi: Fix cmd abort fabric stop race
    - scsi: ufs: Fix race between shutdown and runtime resume flow
    - bnxt_en: fix error return code in bnxt_init_board()
    - video: hyperv_fb: Fix the cache type when mapping the VRAM
    - bnxt_en: Release PCI regions when DMA mask setup fails during probe.
    - IB/mthca: fix return value of error branch in mthca_init_cq()
    - nfc: s3fwrn5: use signed integer for parsing GPIO numbers
    - efivarfs: revert "fix memory leak in efivarfs_create()"
    - perf probe: Fix to die_entrypc() returns error correctly
    - USB: core: Change %pK for __user pointers to %px
    - x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
    - USB: core: add endpoint-blacklist quirk
    - USB: core: Fix regression in Hercules audio card
    - btrfs: fix lockdep splat when reading qgroup config on mount
    - Linux 4.4.247
  * Xenial update: v4.4.246 upstream stable release (LP: #1906700)
    - ah6: fix error return code in ah6_input()
    - atm: nicstar: Unmap DMA on send error
    - net: b44: fix error return code in b44_init_one()
    - net: bridge: add missing counters to ndo_get_stats64 callback
    - netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
    - netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
    - net/mlx4_core: Fix init_hca fields offset
    - net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
    - qlcnic: fix error return code in qlcnic_83xx_restart_hw()
    - sctp: change to hold/put transport for proto_unreach_timer
    - net: usb: qmi_wwan: Set DTR quirk for MR400
    - net: Have netpoll bring-up DSA management interface
    - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
    - arm64: psci: Avoid printing in cpu_psci_cpu_die()
    - MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS
    - Input: adxl34x - clean up a data type in adxl34x_probe()
    - arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
    - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
    - perf lock: Don't free "lock_seq_stat" if read_count isn't zero
    - can: dev: can_restart(): post buffer from the right context
    - can: peak_usb: fix potential integer overflow on shift of a int
    - can: m_can: m_can_handle_state_change(): fix state change
    - MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
    - regulator: ti-abb: Fix array out of bound read access on the first
      transition
    - libfs: fix error cast of negative value in simple_attr_write()
    - ALSA: ctl: fix error path at adding user-defined element set
    - ALSA: mixart: Fix mutex deadlock
    - tty: serial: imx: keep console clocks always on
    - efivarfs: fix memory leak in efivarfs_create()
    - ext4: fix bogus warning in ext4_update_dx_flag()
    - xtensa: disable preemption around cache alias management calls
    - mac80211: minstrel: remove deferred sampling code
    - mac80211: minstrel: fix tx status processing corner case
    - mac80211: allow driver to prevent two stations w/ same address
    - mac80211: free sta in sta_info_insert_finish() on errors
    - s390/cpum_sf.c: fix file permission for cpum_sfb_size
    - x86/microcode/intel: Check patch signature before saving microcode for early
      loading
    - Linux 4.4.246
  * Xenial update: v4.4.245 upstream stable release (LP: #1906698)
    - i2c: imx: Fix external abort on interrupt in exit paths
    - xfs: catch inode allocation state mismatch corruption
    - xfs: validate cached inodes are free when allocated
    - powerpc/8xx: Always fault when _PAGE_ACCESSED is not set
    - Input: sunkbd - avoid use-after-free in teardown paths
    - mac80211: always wind down STA state
    - KVM: x86: clflushopt should be treated as a no-op by emulation
    - Linux 4.4.245

  [ Ubuntu: 4.4.0-200.232 ]

  * xenial/linux: 4.4.0-200.232 -proposed tracker (LP: #1911151)
  * CVE-2020-28374
    - target: simplify XCOPY wwn->se_dev lookup helper
    - SAUCE: target: fix XCOPY NAA identifier lookup

 -- Ian May <email address hidden> Tue, 19 Jan 2021 15:43:43 -0600

Source diff to previous version
1906128 Touchpad not detected on ByteSpeed C15B laptop
1903596 stack trace in kernel
1906703 Xenial update: v4.4.247 upstream stable release
1906700 Xenial update: v4.4.246 upstream stable release
1906698 Xenial update: v4.4.245 upstream stable release
CVE-2020-27777 A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest sy
CVE-2020-28374 In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10. ...

Version: 4.4.0-1119.133 2021-01-05 13:06:21 UTC

  linux-aws (4.4.0-1119.133) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1119.133 -proposed tracker (LP: #1906041)

  [ Ubuntu: 4.4.0-198.230 ]

  * xenial/linux: 4.4.0-198.230 -proposed tracker (LP: #1906052)
  * Xenial update: v4.4.244 upstream stable release (LP: #1904914)
    - ring-buffer: Fix recursion protection transitions between interrupt context
    - gfs2: Wake up when sd_glock_disposal becomes zero
    - mm: mempolicy: fix potential pte_unmap_unlock pte error
    - time: Prevent undefined behaviour in timespec64_to_ns()
    - btrfs: reschedule when cloning lots of extents
    - net: xfrm: fix a race condition during allocing spi
    - perf tools: Add missing swap for ino_generation
    - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
    - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
      context
    - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
      frames
    - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
    - can: peak_usb: add range checking in decode operations
    - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
    - Btrfs: fix missing error return if writeback for extent buffer never started
    - i40e: Wrong truncation from u16 to u8
    - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
    - ath9k_htc: Use appropriate rs_datalen type
    - usb: gadget: goku_udc: fix potential crashes in probe
    - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
    - gfs2: check for live vs. read-only file system in gfs2_fitrim
    - drm/amdgpu: perform srbm soft reset always on SDMA resume
    - mac80211: fix use of skb payload instead of header
    - cfg80211: regulatory: Fix inconsistent format argument
    - iommu/amd: Increase interrupt remapping table limit to 512 entries
    - xfs: fix a missing unlock on error in xfs_fs_map_blocks
    - of/address: Fix of_node memory leak in of_dma_is_coherent
    - cosa: Add missing kfree in error path of cosa_write
    - perf: Fix get_recursion_context()
    - ext4: correctly report "not supported" for {usr,grp}jquota when
      !CONFIG_QUOTA
    - ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
    - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
    - mei: protect mei_cl_mtu from null dereference
    - ocfs2: initialize ip_next_orphan
    - don't dump the threads that had been already exiting when zapped.
    - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
    - pinctrl: amd: use higher precision for 512 RtcClk
    - pinctrl: amd: fix incorrect way to disable debounce filter
    - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
    - IPv6: Set SIT tunnel hard_header_len to zero
    - net/af_iucv: fix null pointer dereference on shutdown
    - net/x25: Fix null-ptr-deref in x25_connect
    - net: Update window_clamp if SOCK_RCVBUF is set
    - random32: make prandom_u32() output unpredictable
    - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
      on STIBP
    - xen/events: avoid removing an event channel while handling it
    - xen/events: add a proper barrier to 2-level uevent unmasking
    - xen/events: fix race in evtchn_fifo_unmask()
    - xen/events: add a new "late EOI" evtchn framework
    - xen/blkback: use lateeoi irq binding
    - xen/netback: use lateeoi irq binding
    - xen/scsiback: use lateeoi irq binding
    - xen/pciback: use lateeoi irq binding
    - xen/events: switch user event channels to lateeoi model
    - xen/events: use a common cpu hotplug hook for event channels
    - xen/events: defer eoi in case of excessive number of events
    - xen/events: block rogue events for some time
    - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
    - reboot: fix overflow parsing reboot cpu number
    - ext4: fix leaking sysfs kobject after failed mount
    - Convert trailing spaces and periods in path components
    - Linux 4.4.244
  * Xenial update: v4.4.243 upstream stable release (LP: #1904904)
    - Linux 4.4.243
  * Xenial update: v4.4.242 upstream stable release (LP: #1903750)
    - SUNRPC: ECONNREFUSED should cause a rebind.
    - scripts/setlocalversion: make git describe output more reliable
    - ravb: Fix bit fields checking in ravb_hwtstamp_get()
    - tipc: fix memory leak caused by tipc_buf_append()
    - mtd: lpddr: Fix bad logic in print_drs_error
    - ata: sata_rcar: Fix DMA boundary mask
    - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
    - f2fs crypto: avoid unneeded memory allocation in ->readdir
    - powerpc/powernv/smp: Fix spurious DBG() warning
    - sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
    - f2fs: fix to check segment boundary during SIT page readahead
    - um: change sigio_spinlock to a mutex
    - xfs: fix realtime bitmap/summary file truncation when growing rt volume
    - video: fbdev: pvr2fb: initialize variables
    - ath10k: fix VHT NSS calculation when STBC is enabled
    - mmc: via-sdmmc: Fix data race bug
    - printk: reduce LOG_BUF_SHIFT range for H8300
    - kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
    - USB: adutux: fix debugging
    - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
    - power: supply: test_power: add missing newlines when printing parameters by
      sysfs
    - md/bitmap: md_bitmap_get_counter returns wrong blocks
    - clk: ti: clockdomain: fix static checker warning
    - net: 9p: initialize sun_server.sun_path to have addr's value only when addr
      is valid
    - drivers: watchdog: rdc321x_wdt: Fix race condition bugs
    - ext4: Detect already used quota file early
    - gfs2: add validation checks for size of superblock
    - memory: emif: Remove bogus debugfs error handling
    - ARM: dts: s5pv210: move PMU node out of clock controller
    - ARM: dts: s5pv210: remove ded

Source diff to previous version
1904914 Xenial update: v4.4.244 upstream stable release
1904904 Xenial update: v4.4.243 upstream stable release
1903750 Xenial update: v4.4.242 upstream stable release
1894667 [HP 635] Radeon 6310 brightness control does not work
1905336 sha1_ce and sha2_ce modules no longer load on arm64
1905475 Fails to build on powerpc
CVE-2020-4788 IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under exten

Version: 4.4.0-1118.132 2020-12-01 19:06:19 UTC

  linux-aws (4.4.0-1118.132) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1118.132 -proposed tracker (LP: #1903096)

  * Xenial update: v4.4.237 upstream stable release (LP: #1897602)
    - [Config] aws: updateconfigs for VGACON_SOFT_SCROLLBACK

  [ Ubuntu: 4.4.0-195.227 ]

  * xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)
  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX
  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline
  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.
  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function
  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve
  * Xenial update: v4.4.241 upstream stable release (LP: #1902097)
    - ibmveth: Identify ingress large send packets.
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - net/ipv4: always honour route mtu during forwarding
    - r8169: fix data corruption issue on RTL8402
    - ALSA: bebob: potential info leak in hwdep_read()
    - mm/kasan: print name of mem[set,cpy,move]() caller in report
    - mm/kasan: add API to check memory regions
    - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
    - compiler.h: Add read_word_at_a_time() function.
    - lib/strscpy: Shut up KASAN false-positives in strscpy()
    - x86/mm/ptdump: Fix soft lockup in page table walker
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - cifs: remove bogus debug code
    - ima: Don't ignore errors from crypto_shash_update()
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
    - media: m5mols: Check function pointer in m5mols_sensor_power
    - media: omap3isp: Fix memleak in isp_probe
    - crypto: omap-sham - fix digcnt register handling with export/import
    - media: tc358743: initialize variable
    - media: ti-vpe: Fix a missing check and reference count leak
    - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
    - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
    - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
    - mwifiex: Do not use GFP_KERNEL in atomic context
    - drm/gma500: fix error check
    - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
    - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
    - backlight: sky81452-backlight: Fix refcount imbalance on error
    - VMCI: check return value of get_user_pages_fast() for errors
    - tty: serial: earlycon dependency
    - pty: do tty_flip_buffer_push without port->lock in pty_write
    - drivers/virt/fsl_hypervisor: Fix error handling path
    - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
    - video: fbdev: sis: fix null ptr dereference
    - HID: roccat: add bounds checking in kone_sysfs_write_settings()
    - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
    - misc: mic: scif: Fix error handling path
    - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
    - quota: clear padding in v2r1_mem2diskdqb()
    - net: enic: Cure the enic api locking trainwreck
    - mfd: sm501: Fix leaks in probe()
    - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
    - nl80211: fix non-split wiphy information
    - mwifiex: fix double free
    - net: korina: fix kfree of rx/tx descriptor array
    - IB/mlx4: Adjust delayed work when a dup is observed
    - powerpc/pseries: Fix missing of_node_put() in rng_init()
    - powerpc/icp-hv: Fix missing of_node_put() in success path
    - mtd: lpddr: fix excessive stack usage with clang
    - mtd: mtdoops: Don't write panic data twice
    - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
    - powerpc/tau: Use appropriate temperature sample interval
    - powerpc/tau: Remove duplicated set_thresholds() call
    - powerpc/tau: Disable TAU between measurements
    - perf intel-pt: Fix "context_switch event has no tid" error
    - kdb: Fix pager search for multi-line strings
    - powerpc/perf/hv-gpci: Fix starting index value
    - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
    - lib/crc32.c: fix trivial typo in preprocessor condition
    - vfio/pci: Clear token on bypass registration failure
    - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
    - Input: ep93xx_keypad - fix handling of platform_get_irq() error
    - Input: omap4-keypad - fix handling of platform_get_irq() error
    - Input: sun4i-ps2 - fix handling of platform_get_irq() error
    - KVM: x86: emulating RDPID failure shall return #UD rather than #GP
    - memory: omap-gpmc: Fix a couple off by ones
    - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
    - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
    - powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
      handler
    - powerpc/powernv/dump: Fix race while processing OPAL dump
    - media: firewire: fix memory leak
    - media: ati_remote: sanity check for both endpoints
    - media: exynos4-is: Fix several reference count leaks due to
      pm_runtime_get_sync
    - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
    - media: exynos4-is: Fix a reference

Source diff to previous version
1897602 Xenial update: v4.4.237 upstream stable release
1902957 Update kernel packaging to support forward porting kernels
1903293 Avoid double newline when running insertchanges
1902097 Xenial update: v4.4.241 upstream stable release
1902096 Xenial update: v4.4.240 upstream stable release
1902095 Xenial update: v4.4.239 upstream stable release
1899506 Xenial update: v4.4.238 upstream stable release
CVE-2020-14351 perf: Fix race in perf_mmap_close function
CVE-2020-25645 A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to
CVE-2020-12352 Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-0427 In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no
CVE-2020-8694 Insufficient access control in the Linux kernel driver for some Intel( ...

Version: 4.4.0-1117.131 2020-10-14 02:06:45 UTC

  linux-aws (4.4.0-1117.131) xenial; urgency=medium

  [ Ubuntu: 4.4.0-193.224 ]

  * CVE-2020-16119
    - SAUCE: dccp: avoid double free of ccid on child socket




About   -   Send Feedback to @ubuntu_updates