Package "linux-hwe"

  linux-hwe (4.15.0-142.146~16.04.1) xenial; urgency=medium

  * P8 node entei unable to boot with 4.15.0-141.145~16.04.1 (LP: #1922997)
    - [Packaging] HWE: disable CONFIG_MODVERSIONS

  [ Ubuntu: 4.15.0-142.146 ]

  * overlayfs calls vfs_setxattr without cap_convert_nscap
    - vfs: move cap_convert_nscap() call into vfs_setxattr()
  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64

  linux-hwe (4.15.0-140.144~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-140.144~16.04.1 -proposed tracker (LP: #1920168)

  [ Ubuntu: 4.15.0-140.144 ]

  * bionic/linux: 4.15.0-140.144 -proposed tracker (LP: #1920169)
  * CVE-2020-27170
    - bpf: Fix off-by-one for area size in creating mask to left
  * CVE-2020-27171
    - bpf: Prohibit alu ops for pointer types not defining ptr_limit

 -- Kelsey Skunberg <email address hidden> Fri, 19 Mar 2021 12:51:04 -0600

  linux-hwe (4.15.0-139.143~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-139.143~16.04.1 -proposed tracker (LP: #1919217)

  [ Ubuntu: 4.15.0-139.143 ]

  * bionic/linux: 4.15.0-139.143 -proposed tracker (LP: #1919218)
  * CVE-2021-27365
    - scsi: iscsi: Verify lengths on passthrough PDUs
    - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
    - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
  * CVE-2021-27363 // CVE-2021-27364
    - scsi: iscsi: Restrict sessions and handles to admin capabilities

 -- Khalid Elmously <email address hidden> Wed, 17 Mar 2021 03:55:55 -0400

  linux-hwe (4.15.0-137.141~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-137.141~16.04.1 -proposed tracker (LP: #1916198)

  [ Ubuntu: 4.15.0-137.141 ]

  * bionic/linux: 4.15.0-137.141 -proposed tracker (LP: #1916199)
  * Fix oops in skb_segment for Bionic series (LP: #1915552)
    - net: permit skb_segment on head_frag frag_list skb
    - net: bpf: add a test for skb_segment in test_bpf module
    - test_bpf: Fix NULL vs IS_ERR() check in test_skb_segment()
  * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328)
    - net: cdc_ncm: correct overhead in delayed_ndp_size
    - net: vlan: avoid leaks on register_vlan_dev() failures
    - net: ip: always refragment ip defragmented packets
    - net: fix pmtu check in nopmtudisc mode
    - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR
    - x86/resctrl: Don't move a task to the same resource group
    - vmlinux.lds.h: Add PGO and AutoFDO input sections
    - drm/i915: Fix mismatch between misplaced vma check and vma insert
    - spi: pxa2xx: Fix use-after-free on unbind
    - iio: imu: st_lsm6dsx: flip irq return logic
    - iio: imu: st_lsm6dsx: fix edge-trigger interrupts
    - ARM: OMAP2+: omap_device: fix idling of devices during probe
    - i2c: sprd: use a specific timeout to avoid system hang up issue
    - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
    - spi: stm32: FIFO threshold level - fix align packet size
    - dmaengine: xilinx_dma: check dma_async_device_register return value
    - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
    - wil6210: select CONFIG_CRC32
    - block: rsxx: select CONFIG_CRC32
    - iommu/intel: Fix memleak in intel_irq_remapping_alloc
    - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
    - net/mlx5e: Fix two double free cases
    - wan: ds26522: select CONFIG_BITREVERSE
    - KVM: arm64: Don't access PMCR_EL0 when no PMU is available
    - block: fix use-after-free in disk_part_iter_next
    - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed
      packet
    - net: hns3: fix the number of queues actually used by ARQ
    - net: stmmac: dwmac-sun8i: Balance internal PHY resource references
    - net: stmmac: dwmac-sun8i: Balance internal PHY power
    - net/sonic: Fix some resource leaks in error handling paths
    - net: ipv6: fib: flush exceptions when purging route
    - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe()
    - lightnvm: select CONFIG_CRC32
    - ASoC: dapm: remove widget from dirty list on free
    - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB
    - MIPS: relocatable: fix possible boot hangup with KASLR enabled
    - ACPI: scan: Harden acpi_device_add() against device ID overflows
    - mm/hugetlb: fix potential missing huge page size info
    - dm snapshot: flush merged data before committing metadata
    - r8152: Add Lenovo Powered USB-C Travel Hub
    - ext4: fix bug for rename with RENAME_WHITEOUT
    - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE
    - ARC: build: add uImage.lzma to the top-level target
    - ARC: build: add boot_targets to PHONY
    - btrfs: fix transaction leak and crash after RO remount caused by qgroup
      rescan
    - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram
    - arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC
    - misdn: dsp: select CONFIG_BITREVERSE
    - net: ethernet: fs_enet: Add missing MODULE_LICENSE
    - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
    - ARM: picoxcell: fix missing interrupt-parent properties
    - dump_common_audit_data(): fix racy accesses to ->d_name
    - ASoC: Intel: fix error code cnl_set_dsp_D0()
    - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
    - pNFS: Mark layout for return if return-on-close was not sent
    - NFS: nfs_igrab_and_active must first reference the superblock
    - ext4: fix superblock checksum failure when setting password salt
    - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp
    - mm, slub: consider rest of partial list if acquire_slab() fails
    - net: sunrpc: interpret the return value of kstrtou32 correctly
    - dm: eliminate potential source of excessive kernel log noise
    - ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
    - ALSA: fireface: Fix integer overflow in transmit_midi_msg()
    - netfilter: conntrack: fix reading nf_conntrack_buckets
    - usb: ohci: Make distrust_firmware param default to false
    - nfsd4: readdirplus shouldn't return parent of export
    - netxen_nic: fix MSI/MSI-x interrupts
    - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request
    - esp: avoid unneeded kmap_atomic call
    - net: dcb: Validate netlink message in DCB handler
    - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands
    - net: stmmac: Fixed mtu channged by cache aligned
    - net: sit: unregister_netdevice on newlink's error path
    - net: avoid 32 x truesize under-estimation for tiny skbs
    - rxrpc: Fix handling of an unsupported token type in rxrpc_read()
    - tipc: fix NULL deref in tipc_link_xmit()
    - spi: cadence: cache reference clock rate during probe
    - x86/hyperv: check cpu mask after interrupt has been disabled
    - mtd: rawnand: fsl_ifc: check result of SRAM initialization fixup
    - kbuild: enforce -Werror=return-type
    - crypto: x86/crc32c - fix building with clang ias
    - rxrpc: Call state should be read with READ_ONCE() under some circumstances
  * [ssbs-0118] backport SSBS bug (arm64: cpufeature: Detect SSBS and advertise
    to userspace) (LP: #1911376)
    - SAUCE: Move SSBS snippet from arm64_elf_hwcaps to arm64_features
  * Bionic update: upstream stable patchset 2021-01-25 (LP: #1913214)
    - x86/entry/64: Add instruction suffix
    - md/raid10: initialize r10_bio->read_slot before use.
   

  linux-hwe (4.15.0-136.140~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-136.140~16.04.1 -proposed tracker (LP: #1913116)

  * stop building nvidia dkms on kernels with no lrm (LP: #1910749)
    - [Packaging]: Stop building nvidia dkms

  [ Ubuntu: 4.15.0-136.140 ]

  * bionic/linux: 4.15.0-136.140 -proposed tracker (LP: #1913117)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
    - update dkms package versions
  * Introduce the new NVIDIA 460-server series and update the 460 series
    (LP: #1913200)
    - [Config] dkms-versions -- drop NVIDIA 435 455 and 440-server
    - [Config] dkms-versions -- add the 460-server nvidia driver
  * switch to an autogenerated nvidia series based core via dkms-versions
    (LP: #1912803)
    - [Packaging] nvidia -- use dkms-versions to define versions built
    - [Packaging] update-version-dkms -- maintain flags fields
    - [Config] dkms-versions -- add transitional/skip information for nvidia
      packages
  * DMI entry syntax fix for Pegatron / ByteSpeed C15B (LP: #1910639)
    - Input: i8042 - unbreak Pegatron C15B
  * CVE-2020-29372
    - mm: check that mm is still valid in madvise()
  * update ENA driver, incl. new ethtool stats (LP: #1910291)
    - net: ena: change num_queues to num_io_queues for clarity and consistency
    - net: ena: ethtool: get_channels: use combined only
    - net: ena: ethtool: support set_channels callback
    - net: ena: ethtool: remove redundant non-zero check on rc
    - net/amazon: Ensure that driver version is aligned to the linux kernel
    - net: ena: ethtool: clean up minor indentation issue
    - net: ena: remove code that does nothing
    - net: ena: add unmask interrupts statistics to ethtool
    - net: ena: cosmetic: change ena_com_stats_admin stats to u64
    - net: ena: cosmetic: remove unnecessary code
    - net: ena: ethtool: convert stat_offset to 64 bit resolution
    - net: ena: ethtool: Add new device statistics
    - net: ena: Change license into format to SPDX in all files
    - net: ena: Change RSS related macros and variables names
  * CVE-2020-29374
    - gup: document and work around "COW can break either way" issue
  * Bionic update: upstream stable patchset 2021-01-12 (LP: #1911331)
    - spi: bcm2835aux: Fix use-after-free on unbind
    - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe
    - iwlwifi: pcie: limit memory read spin time
    - arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards.
    - iwlwifi: mvm: fix kernel panic in case of assert during CSA
    - ARC: stack unwinding: don't assume non-current task is sleeping
    - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
    - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu)
    - platform/x86: acer-wmi: add automatic keyboard background light toggle key
      as KEY_LIGHTS_TOGGLE
    - Input: cm109 - do not stomp on control URB
    - Input: i8042 - add Acer laptops to the i8042 reset list
    - kbuild: avoid static_assert for genksyms
    - scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()"
    - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP
    - PCI: qcom: Add missing reset for ipq806x
    - net: stmmac: free tx skb buffer in stmmac_resume()
    - tcp: fix cwnd-limited bug for TSO deferral where we send nothing
    - net/mlx4_en: Avoid scheduling restart task if it is already running
    - net/mlx4_en: Handle TX error CQE
    - net: stmmac: delete the eee_ctrl_timer after napi disabled
    - net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux
    - net: bridge: vlan: fix error return code in __vlan_add()
    - mac80211: mesh: fix mesh_pathtbl_init() error path
    - USB: dummy-hcd: Fix uninitialized array use in init()
    - USB: add RESET_RESUME quirk for Snapscan 1212
    - ALSA: usb-audio: Fix potential out-of-bounds shift
    - ALSA: usb-audio: Fix control 'access overflow' errors from chmap
    - xhci: Give USB2 ports time to enter U3 in bus suspend
    - USB: UAS: introduce a quirk to set no_write_same
    - USB: sisusbvga: Make console support depend on BROKEN
    - [Config] updateconfigs for USB_SISUSBVGA_CON
    - ALSA: pcm: oss: Fix potential out-of-bounds shift
    - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
    - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi
    - pinctrl: merrifield: Set default bias in case no particular value given
    - pinctrl: baytrail: Avoid clearing debounce value when turning it off
    - ARM: dts: sun8i: v3s: fix GIC node memory range
    - gpio: mvebu: fix potential user-after-free on probe
    - scsi: bnx2i: Requires MMU
    - can: softing: softing_netdev_open(): fix error handling
    - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
    - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling
    - drm/tegra: sor: Disable clocks on error in tegra_sor_init()
    - vxlan: Add needed_headroom for lower device
    - vxlan: Copy needed_tailroom from lowerdev
    - scsi: mpt3sas: Increase IOCInit request timeout to 30s
    - dm table: Remove BUG_ON(in_interrupt())
    - soc/tegra: fuse: Fix index bug in get_process_id
    - USB: serial: option: add interface-number sanity check to flag handling
    - USB: gadget: f_acm: add support for SuperSpeed Plus
    - USB: gadget: f_midi: setup SuperSpeed Plus descriptors
    - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus
    - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
    - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
    - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU
    - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on
      Exynos5410
    - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU
    - HID: i2c-hid: add Vero K147 to descriptor override
    - serial_core: Check for port state when tty is in error