UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 4.4.0 on 32 bit x86 SMP

Latest version: 4.4.0-154.181
Release: xenial (16.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "linux": https://www.ubuntuupdates.org/linux



Other versions of "linux" in Xenial

Repository Area Version
base main 4.4.0-21.37
security main 4.4.0-154.181
proposed main 4.4.0-156.183
PPA: Canonical Kernel Team 4.4.0-156.183

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.4.0-154.181 2019-06-27 23:06:59 UTC

  linux (4.4.0-154.181) xenial; urgency=medium

  * linux: 4.4.0-154.181 -proposed tracker (LP: #1834030)

  * CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()

  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Khalid Elmously <email address hidden> Tue, 25 Jun 2019 00:36:38 -0400

Source diff to previous version
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...

Version: 4.4.0-151.178 2019-06-17 21:07:09 UTC

  linux (4.4.0-151.178) xenial; urgency=medium

  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs
    - SAUCE: tcp: fix fack_count accounting on tcp_shift_skb_data()

  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits

 -- Stefan Bader <email address hidden> Tue, 11 Jun 2019 09:36:19 +0200

Source diff to previous version
1831637 Remote denial of service (system crash) caused by integer overflow in TCP SACK handling
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation

Version: 4.4.0-150.176 2019-06-04 10:07:05 UTC

  linux (4.4.0-150.176) xenial; urgency=medium

  * linux: 4.4.0-150.176 -proposed tracker (LP: #1830941)

  * glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175
    (LP: #1830890)
    - x86/vdso: Pass --eh-frame-hdr to the linker

Source diff to previous version
1830890 glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175

Version: 4.4.0-148.174 2019-05-14 20:06:33 UTC

  linux (4.4.0-148.174) xenial; urgency=medium

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - perf/x86/intel: Add model number for Skylake Server to perf
    - perf/x86: Add model numbers for Kabylake CPUs
    - perf/x86/intel: Use Intel family macros for core perf events
    - perf/x86/msr: Use Intel family macros for MSR events code
    - perf/x86/msr: Add missing Intel models
    - SAUCE: perf/x86/{cstate,rapl,uncore}: Use Intel Model name macros
    - perf/x86/msr: Add missing CPU IDs
    - x86/speculation: Simplify the CPU bug detection logic
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - bitops: avoid integer overflow in GENMASK(_ULL)
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - locking/static_keys: Provide DECLARE and well as DEFINE macros
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - SAUCE: sched/smt: Introduce sched_smt_{active,present}
    - SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
    - SAUCE: x86/speculation: Introduce arch_smt_update()
    - x86/speculation: Rework SMT state change
    - x86/speculation: Reorder the spec_v2 code
    - x86/speculation: Unify conditional spectre v2 print functions
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS

  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option

  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

Source diff to previous version
1786013 Packaging resync
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 4.4.0-146.172 2019-04-23 14:06:30 UTC

  linux (4.4.0-146.172) xenial; urgency=medium

  * linux: 4.4.0-146.172 -proposed tracker (LP: #1822834)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
    triggers system hang on i386 (LP: #1812845)
    - btrfs: raid56: properly unmap parity page in finish_parity_scrub()

  * Xenial update: 4.4.177 upstream stable release (LP: #1822271)
    - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
    - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
    - KEYS: allow reaching the keys quotas exactly
    - mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
    - mfd: twl-core: Fix section annotations on {,un}protect_pm_master
    - mfd: db8500-prcmu: Fix some section annotations
    - mfd: ab8500-core: Return zero in get_register_interruptible()
    - mfd: qcom_rpm: write fw_version to CTRL_REG
    - mfd: wm5110: Add missing ASRC rate register
    - mfd: mc13xxx: Fix a missing check of a register-read failure
    - net: hns: Fix use after free identified by SLUB debug
    - MIPS: ath79: Enable OF serial ports in the default config
    - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
    - scsi: isci: initialize shost fully before calling scsi_add_host()
    - MIPS: jazz: fix 64bit build
    - isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
    - atm: he: fix sign-extension overflow on large shift
    - leds: lp5523: fix a missing check of return value of lp55xx_read
    - isdn: avm: Fix string plus integer warning from Clang
    - RDMA/srp: Rework SCSI device reset handling
    - KEYS: user: Align the payload buffer
    - KEYS: always initialize keyring_index_key::desc_len
    - batman-adv: fix uninit-value in batadv_interface_tx()
    - net/packet: fix 4gb buffer limit due to overflow check
    - team: avoid complex list operations in team_nl_cmd_options_set()
    - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
    - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
    - ARCv2: Enable unaligned access in early ASM code
    - Revert "bridge: do not add port to router list when receives query with
      source 0.0.0.0"
    - libceph: handle an empty authorize reply
    - drm/msm: Unblock writer if reader closes file
    - ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
    - ALSA: compress: prevent potential divide by zero bugs
    - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
    - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
    - usb: gadget: Potential NULL dereference on allocation error
    - ASoC: dapm: change snprintf to scnprintf for possible overflow
    - ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
    - ARC: fix __ffs return value to avoid build warnings
    - mac80211: fix miscounting of ttl-dropped frames
    - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
    - scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state()
    - net: altera_tse: fix connect_local_phy error path
    - ibmveth: Do not process frames after calling napi_reschedule
    - mac80211: don't initiate TDLS connection if station is not associated to AP
    - cfg80211: extend range deviation for DMG
    - KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting
      to L1
    - arm/arm64: KVM: Feed initialized memory to MMIO accesses
    - KVM: arm/arm64: Fix MMIO emulation data handling
    - powerpc: Always initialize input array when calling epapr_hypercall()
    - mmc: spi: Fix card detection during probe
    - x86/uaccess: Don't leak the AC flag into __put_user() value evaluation
    - USB: serial: option: add Telit ME910 ECM composition
    - USB: serial: cp210x: add ID for Ingenico 3070
    - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
    - cpufreq: Use struct kobj_attribute instead of struct global_attr
    - sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names
    - ncpfs: fix build warning of strncpy
    - isdn: isdn_tty: fix build warning of strncpy
    - staging: lustre: fix buffer overflow of string buffer
    - net-sysfs: Fix mem leak in netdev_register_kobject
    - team: Free BPF filter when unregistering netdev
    - bnxt_en: Drop oversize TX packets to prevent errors.
    - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
    - xen-netback: fix occasional leak of grant ref mappings under memory pressure
    - net: Add __icmp_send helper.
    - net: avoid use IPCB in cipso_v4_error
    - net: phy: Micrel KSZ8061: link failure after cable connect
    - x86/CPU/AMD: Set the CPB bit unconditionally on F17h
    - applicom: Fix potential Spectre v1 vulnerabilities
    - MIPS: irq: Allocate accurate order pages for irq stack
    - hugetlbfs: fix races and page leaks during migration
    - netlabel: fix out-of-bounds memory accesses
    - net: dsa: mv88e6xxx: Fix u64 statistics
    - ip6mr: Do not call __IP6_INC_STATS() from preemptible context
    - media: uvcvideo: Fix 'type' check leading to overflow
    - vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
    - perf tools: Handle TOPOLOGY headers with no CPU
    - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
    - ipvs: Fix signed integer overflow when setsockopt timeout
    - iommu/amd: Fix IOMMU page flush when detach device from a domain
    - xtensa: SMP: fix ccount_timer_shutdown
    - xtensa: SMP: fix secondary CPU initialization
    - xtensa: smp_lx200_defconfig: fix vectors clash
    - xtensa: SMP: mark each possible CPU as present
    - xtensa: SMP: limit number of possible CPUs by NR_CPUS
    - net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case
    - net: hns: Fix wrong read accesses via Clause 45 MDIO protocol
    - net: stmmac: dwmac-rk

1786013 Packaging resync
1812845 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386
1822271 Xenial update: 4.4.177 upstream stable release
1807259 sky2 ethernet card doesn't work after returning from suspend
1809843 sky2 ethernet card link not up after suspend
1819881 [CONFIG] please enable highdpi font FONT_TER16x32
1821259 Hard lockup in 2 CPUs due to deadlock in cpu_stoppers



About   -   Send Feedback to @ubuntu_updates