UbuntuUpdates.org

Package "linux-modules-extra-4.15.0-50-generic"

Name: linux-modules-extra-4.15.0-50-generic

Description:

Linux kernel extra modules for version 4.15.0 on 32 bit x86 SMP

Latest version: 4.15.0-50.54~16.04.1
Release: xenial (16.04)
Level: security
Repository: main
Head package: linux-hwe

Links

Save this URL for the latest version of "linux-modules-extra-4.15.0-50-generic": https://www.ubuntuupdates.org/linux-modules-extra-4.15.0-50-generic


Download "linux-modules-extra-4.15.0-50-generic"


Other versions of "linux-modules-extra-4.15.0-50-generic" in Xenial

Repository Area Version
updates main 4.15.0-50.54~16.04.1

Changelog

Version: 4.15.0-50.54~16.04.1 2019-05-15 21:07:11 UTC

  linux-hwe (4.15.0-50.54~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-50.54 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  [ Ubuntu: 4.15.0-49.53 ]

  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * bionic: fork out linux-snapdragon into its own topic kernel (LP: #1820868)
    - [Packaging] arm64: Drop snapdragon from kernel-versions

Source diff to previous version
1786013 Packaging resync
1820868 bionic: fork out linux-snapdragon into its own topic kernel
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 4.15.0-47.50~16.04.1 2019-04-02 16:12:08 UTC

  linux-hwe (4.15.0-47.50~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-47.50~16.04.1 -proposed tracker (LP: #1819715)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update update.conf

  * Strip specific changes from update-from-*master (LP: #1817734)
    - Packaging: Introduce copy-files and local-mangle
    - Packaging: Make update-from-*master call copy-files

  [ Ubuntu: 4.15.0-47.50 ]

  * linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype
  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
    - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
    - nvme-pci: fix out of bounds access in nvme_cqe_pending
  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()
  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
  * amdgpu with mst WARNING on blanking (LP: #1814308)
    - drm/amd/display: Don't use dc_link in link_encoder
    - drm/amd/display: Move wait for hpd ready out from edp power control.
    - drm/amd/display: eDP sequence BL off first then DP blank.
    - drm/amd/display: Fix unused variable compilation error
    - drm/amd/display: Fix warning about misaligned code
    - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
    - tun: implement carrier change
  * CVE-2019-8980
    - exec: Fix mem leak in kernel_read_file
  * raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
    (LP: #1811194)
    - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
      adjustments are in progress
  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive
  * CVE-2019-7308
    - bpf: move {prev_,}insn_idx into verifier env
    - bpf: move tmp variable into ax register in interpreter
    - bpf: enable access to ax register also from verifier rewrite
    - bpf: restrict map value pointer arithmetic for unprivileged
    - bpf: restrict stack pointer arithmetic for unprivileged
    - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
    - bpf: fix check_map_access smin_value test when pointer contains offset
    - bpf: prevent out of bounds speculation on pointer arithmetic
    - bpf: fix sanitation of alu op with pointer / scalar type from different
      paths
    - bpf: add various test cases to selftests
  * CVE-2017-5753
    - bpf: properly enforce index mask to prevent out-of-bounds speculation
    - bpf: fix inner map masking to prevent oob under speculation
  * BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
    - bpf/verifier: disallow pointer subtraction
  * squashfs hardening (LP: #1816756)
    - squashfs: more metadata hardening
    - squashfs metadata 2: electric boogaloo
    - squashfs: more metadata hardening
    - Squashfs: Compute expected length from inode size rather than block length
  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
    - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
  * Update ENA driver to version 2.0.3K (LP: #1816806)
    - net: ena: update driver version from 2.0.2 to 2.0.3
    - net: ena: fix race between link up and device initalization
    - net: ena: fix crash during failed resume from hibernation
  * ipset kernel error: 4.15.0-43-generic (LP: #1811394)
    - netfilter: ipset: Fix wraparound in hash:*net* types
  * Silent "Unknown key" message when pressing keyboard backlight hotkey
    (LP: #1817063)
    - platform/x86: dell-wmi: Ignore new keyboard backlight change event
  * CVE-2018-18021
    - arm64: KVM: Tighten guest core register access from userspace
    - KVM: arm/arm64: Introduce vcpu_el1_is_32bit
    - arm64: KVM: Sanitize PSTATE.M when being set from userspace
  * CVE-2018-14678
    - x86/entry/64: Remove %ebx handling from error_entry/exit
  * CVE-2018-19824
    - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
  * CVE-2019-3459
    - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
  * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
    - fork: unconditionally clear stack on fork
    - spi: spi-s3c64xx: Fix system resume support
    - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
    - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
    - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
    - kvm, mm: account shadow page tables to kmemcg
    - delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
    - tracing: Fix double free of event_trigger_data
    - tracing: Fix possible double free in event_enable_trigger_func()
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
    - tracing: Quiet gcc warning about maybe unused link variable
    - arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
    - mlxsw: spectrum_switchdev: Fix port_vlan refcounting
    - kcov: ensure irq code sees a valid area
    - xen/netfront: raise max number of slots in xennet_get_responses()
    - skip LAYOUTRETURN if layout is invalid
    - ALSA: emu10k1: add error handling for snd_ctl_add
    - ALSA: fm801: add error handling for snd_ctl_add
    - NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY
    - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
    - vfio: platform: Fix reset module leak in error path
    - vfio/mdev: Check globally for duplicate devices
    - vfio/type1: Fix task tracking

Source diff to previous version
1786013 Packaging resync
1817734 Strip specific changes from update-from-*master
1818162 arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout
1818747 Crash in nvme_irq_check() when using threaded interrupts
1814308 amdgpu with mst WARNING on blanking
1806392 tun/tap: unable to manage carrier state from userland
1811194 raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
1752072 [Packaging] Allow overlay of config annotations
1815259 BPF: kernel pointer leak to unprivileged userspace
1816756 squashfs hardening
1814982 efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
1816806 Update ENA driver to version 2.0.3K
1811394 ipset kernel error: 4.15.0-43-generic
1817063 Silent \
1815234 Bionic update: upstream stable patchset 2019-02-08
1814813 Bionic update: upstream stable patchset 2019-02-05
1817321 installer does not support iSCSI iBFT
1817628 Regular D-state processes impacting LXD containers
1817969 hns3 nic speed may not match optical port speed
1802021 [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start()
1817784 libsas disks can have non-unique by-path names
1817518 Bluetooth not working (Intel CyclonePeak)
1817200 Trackpad is not recognized.
1815831 [ALSA] [PATCH] System76 darp5 and oryp5 fixups
1817263 Constant noise in the headphone on Lenovo X1 machines
1745032 AC adapter status not detected on Asus ZenBook UX410UAK
1762672 TPM intermittently fails after cold-boot
1815033 qlcnic: Firmware aborts/hangs in QLogic NIC
CVE-2019-9213 In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to
CVE-2019-3460 Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp
CVE-2019-8980 A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory
CVE-2019-7308 kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, includ
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2018-18021 arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by at
CVE-2018-14678 An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/e
CVE-2018-19824 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with ze
CVE-2019-3459 Heap address infoleak in use of l2cap_get_conf_opt
CVE-2019-7222 KVM: x86: work around leak of uninitialized stack contents
CVE-2019-7221 KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
CVE-2019-6974 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading
CVE-2019-8912 In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to

Version: 4.15.0-46.49~16.04.1 2019-03-05 18:10:28 UTC

  linux-hwe (4.15.0-46.49~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-46.49~16.04.1 -proposed tracker (LP: #1814745)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 4.15.0-46.49 ]

  * linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)
  * mprotect fails on ext4 with dax (LP: #1799237)
    - x86/speculation/l1tf: Exempt zeroed PTEs from inversion
  * kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296! (LP: #1812086)
    - iscsi target: fix session creation failure handling
    - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
      fails
    - scsi: iscsi: target: Fix conn_ops double free
  * user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
    (LP: #1812198)
    - selftests: user: return Kselftest Skip code for skipped tests
    - selftests: kselftest: change KSFT_SKIP=4 instead of KSFT_PASS
    - selftests: kselftest: Remove outdated comment
  * RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
    - SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
    - [Config] CONFIG_RTLWIFI_DEBUG_ST=n
    - SAUCE: Add r8822be to signature inclusion list
  * kernel oops in bcache module (LP: #1793901)
    - SAUCE: bcache: never writeback a discard operation
  * CVE-2018-18397
    - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
    - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
    - userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
    - userfaultfd: shmem: add i_size checks
    - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set
  * Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
    - HID: i2c-hid: Ignore input report if there's no data present on Elan
      touchpanels
  * Vsock connect fails with ENODEV for large CID (LP: #1813934)
    - vhost/vsock: fix vhost vsock cid hashing inconsistent
  * SRU: Fix thinkpad 11e 3rd boot hang (LP: #1804604)
    - ACPI / LPSS: Force LPSS quirks on boot
  * Bionic update: upstream stable patchset 2019-01-17 (LP: #1812229)
    - scsi: sd_zbc: Fix variable type and bogus comment
    - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
      parallel.
    - x86/apm: Don't access __preempt_count with zeroed fs
    - x86/events/intel/ds: Fix bts_interrupt_threshold alignment
    - x86/MCE: Remove min interval polling limitation
    - fat: fix memory allocation failure handling of match_strdup()
    - ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
    - ARCv2: [plat-hsdk]: Save accl reg pair by default
    - ARC: Fix CONFIG_SWAP
    - ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
    - ARC: mm: allow mprotect to make stack mappings executable
    - mm: memcg: fix use after free in mem_cgroup_iter()
    - mm/huge_memory.c: fix data loss when splitting a file pmd
    - cpufreq: intel_pstate: Register when ACPI PCCH is present
    - vfio/pci: Fix potential Spectre v1
    - stop_machine: Disable preemption when waking two stopper threads
    - drm/i915: Fix hotplug irq ack on i965/g4x
    - drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
    - drm/nouveau: Avoid looping through fake MST connectors
    - gen_stats: Fix netlink stats dumping in the presence of padding
    - ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
    - ipv6: fix useless rol32 call on hash
    - ipv6: ila: select CONFIG_DST_CACHE
    - lib/rhashtable: consider param->min_size when setting initial table size
    - net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort
    - net: Don't copy pfmemalloc flag in __copy_skb_header()
    - skbuff: Unconditionally copy pfmemalloc in __skb_clone()
    - net/ipv4: Set oif in fib_compute_spec_dst
    - net: phy: fix flag masking in __set_phy_supported
    - ptp: fix missing break in switch
    - qmi_wwan: add support for Quectel EG91
    - tg3: Add higher cpu clock for 5762.
    - hv_netvsc: Fix napi reschedule while receive completion is busy
    - net/mlx4_en: Don't reuse RX page when XDP is set
    - net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite
    - ipv6: make DAD fail with enhanced DAD when nonce length differs
    - net: usb: asix: replace mii_nway_restart in resume path
    - alpha: fix osf_wait4() breakage
    - cxl_getfile(): fix double-iput() on alloc_file() failures
    - powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle)
    - xhci: Fix perceived dead host due to runtime suspend race with event handler
    - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
    - x86/kvmclock: set pvti_cpu0_va after enabling kvmclock
    - ALSA: hda/realtek - Yet another Clevo P950 quirk entry
    - drm/amdgpu: Reserve VM root shared fence slot for command submission (v3)
    - rhashtable: add restart routine in rhashtable_free_and_destroy()
    - sch_fq_codel: zero q->flows_cnt when fq_codel_init fails
    - sctp: introduce sctp_dst_mtu
    - sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
    - net: aquantia: vlan unicast address list correct handling
    - drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
  * Bionic update: upstream stable patchset 2019-01-15 (LP: #1811877)
    - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
    - x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
    - x86/paravirt: Make native_save_fl() extern inline
    - Btrfs: fix duplicate extents after fsync of file with prealloc extents
    - cpufreq / CPPC: Set platform specific transition_delay_us
    - PCI: exynos: Fix a potential init_clk_resources NULL pointer dereference
    - alx: take rtnl before calling __alx_open from resume
    - atm: Preserve value of skb->truesize when accounting to vcc
    - atm: zatm: Fix potential Spectre v1
    - ipv6: sr: fix passing wrong flags to cryp

Source diff to previous version
1786013 Packaging resync
1799237 mprotect fails on ext4 with dax
1812086 kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296!
1812198 user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
1806472 RTL8822BE WiFi Disabled in Kernel 4.18.0-12
1793901 kernel oops in bcache module
1813733 Ignore \
1813934 Vsock connect fails with ENODEV for large CID
1804604 SRU: Fix thinkpad 11e 3rd boot hang
1812229 Bionic update: upstream stable patchset 2019-01-17
1811877 Bionic update: upstream stable patchset 2019-01-15
1811777 Fix non-working pinctrl-intel
1812875 ip6_gre: fix tunnel list corruption for x-netns
1813873 Userspace break as a result of missing patch backport
1798776 kvm_stat : missing python dependency
1812797 [SRU] Fix Xorg crash with nomodeset when BIOS enable 64-bit fb addr
1812812 Fix non-working QCA Rome Bluetooth after S3
1813127 ptrace-tm-spd-gpr in powerpc/ptrace from ubuntu_kerenl_selftests failed on Bionic P8
1795453 [SRU] IO's are issued with incorrect Scatter Gather Buffer
1785816 Consider enabling CONFIG_NETWORK_PHY_TIMESTAMPING
1813532 x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000
1811929 Fix not working Goodix touchpad
1810797 bluetooth controller not detected with 4.15 kernel
1811755 X1 Extreme: only one of the two SSDs is loaded
1811803 Crash on \
CVE-2018-18397 The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowi
CVE-2018-19854 An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configu
CVE-2019-6133 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci

Version: 4.15.0-45.48~16.04.1 2019-02-04 13:06:15 UTC

  linux-hwe (4.15.0-45.48~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-45.48~16.04.1 -proposed tracker (LP: #1813780)

  [ Ubuntu: 4.15.0-45.48 ]

  * linux: 4.15.0-45.48 -proposed tracker (LP: #1813779)
  * External monitors does not work anymore 4.15.0-44 (LP: #1813663)
    - SAUCE: Revert "drm/i915/dp: Send DPCD ON for MST before phy_up"
  * kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled (LP: #1813727)
    - ext4: fix false negatives *and* false positives in ext4_check_descriptors()

Source diff to previous version
1813663 External monitors does not work anymore 4.15.0-44
1813727 kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled

Version: 4.15.0-43.46~16.04.1 2018-12-20 09:13:18 UTC

  linux-hwe (4.15.0-43.46~16.04.1) xenial; urgency=medium

  * linux-hwe: 4.15.0-43.46~16.04.1 -proposed tracker (LP: #1806674)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  [ Ubuntu: 4.15.0-43.46 ]

  * linux: 4.15.0-43.46 -proposed tracker (LP: #1806659)
  * System randomly hangs during suspend when mei_wdt is loaded (LP: #1803942)
    - SAUCE: base/dd: limit release function changes to vfio driver only
  * Workaround CSS timeout on AMD SNPS 3.0 xHC (LP: #1806838)
    - xhci: Allow more than 32 quirks
    - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Packaging] limit preparation to linux-libc-dev in headers
    - [Packaging] commonise debhelper invocation
    - [Packaging] ABI -- accumulate abi information at the end of the build
    - [Packaging] buildinfo -- add basic build information
    - [Packaging] buildinfo -- add firmware information to the flavour ABI
    - [Packaging] buildinfo -- add compiler information to the flavour ABI
    - [Packaging] buildinfo -- add buildinfo support to getabis
    - [Config] buildinfo -- add retpoline version markers
  * linux packages should own /usr/lib/linux/triggers (LP: #1770256)
    - [Packaging] own /usr/lib/linux/triggers
  * CVE-2018-12896
    - posix-timers: Sanitize overrun handling
  * CVE-2018-16276
    - USB: yurex: fix out-of-bounds uaccess in read handler
  * CVE-2018-10902
    - ALSA: rawmidi: Change resized buffers atomically
  * CVE-2018-18710
    - cdrom: fix improper type cast, which can leat to information leak.
  * CVE-2018-18690
    - xfs: don't fail when converting shortform attr to long form during
      ATTR_REPLACE
  * CVE-2018-14734
    - infiniband: fix a possible use-after-free bug
  * CVE-2018-18445
    - bpf: 32-bit RSH verification must truncate input before the ALU op
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

 -- Stefan Bader <email address hidden> Fri, 07 Dec 2018 12:11:02 +0100

1786013 Packaging resync
1803942 System randomly hangs during suspend when mei_wdt is loaded
1806838 Workaround CSS timeout on AMD SNPS 3.0 xHC
1806380 linux-buildinfo: pull out ABI information into its own package
1770256 linux packages should own /usr/lib/linux/triggers
CVE-2018-12896 An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by th
CVE-2018-16276 An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/write
CVE-2018-10902 It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_
CVE-2018-18710 An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by lo
CVE-2018-18690 In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the ne
CVE-2018-14734 drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup ste
CVE-2018-18445 In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-o



About   -   Send Feedback to @ubuntu_updates