linux (3.2.0-150.197) precise; urgency=medium
* precise/linux: 3.2.0-150.197 -proposed tracker (LP: #1919172)
* CVE-2021-27365
- scsi: iscsi: Verify lengths on passthrough PDUs
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
* CVE-2021-27363 // CVE-2021-27364
- scsi: iscsi: Restrict sessions and handles to admin capabilities
* CVE-2021-27364
- scsi: iscsi: respond to netlink with unicast when appropriate
- Add file_ns_capable() helper function for open-time capability checking
- net: Add variants of capable for use on on sockets
- netlink: Make the sending netlink socket availabe in NETLINK_CB
linux (3.2.0-149.196) precise; urgency=medium
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* CVE-2020-16119
- SAUCE: dccp: avoid double free of ccid on child socket
linux (3.2.0-148.195) precise; urgency=medium
* precise/linux: 3.2.0-148.195 -proposed tracker (LP: #1882773)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* CVE-2020-0543
- UBUNTU/SAUCE: x86/speculation/srbds: do not try to turn mitigation off
when
not supported
linux (3.2.0-147.194) precise; urgency=medium
* CVE-2020-0543
- x86, cpufeature: Add the RDSEED and ADX features
- SAUCE: x86/cpu: Add a steppings field to struct x86_cpu_id
- SAUCE: x86/cpu: Add 'table' argument to cpu_matches()
- SAUCE: x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
mitigation
- SAUCE: x86/speculation: Add SRBDS vulnerability and mitigation
documentation
- SAUCE: x86/speculation: Add Ivy Bridge to affected list
linux (3.2.0-145.192) precise; urgency=medium
* precise/linux: 3.2.0-145.192 -proposed tracker (LP: #1878876)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] resync getabis
- [Packaging] update helper scripts
* CVE-2020-12654
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
linux (3.2.0-144.191) precise; urgency=medium
* CVE-2019-11135
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* The 3.13 kernel for Precise ESM does not provide the expected version number
(LP: #1838610)
- [debian] Allow for package revisions condusive for branching
- [debian] Fix regression with ABI subversions and backport
- [Packaging] uploadnum should be the remainder of the version
linux (3.2.0-143.190) precise; urgency=medium
* CVE-2019-14835
- vhost: make sure log_num < in_num
linux (3.2.0-142.189) precise; urgency=medium
* linux: 3.2.0-142.189 -proposed tracker (LP: #1835270)
* CVE-2017-5715 // MDS: CPU buffers are not cleared on all paths from kernel
to userspace (LP: #1833047)
- SAUCE: KVM: x86: Make use of x86_spec_ctrl_{set_guest,restore_host}
* CVE-2017-5715 // x86/speculation: SPEC_CTRL MSR not properly set/restored on
VMENTER/VMEXIT (LP: #1834635)
- SAUCE: x86/speculation: Introduce x86_spec_ctrl_{set_guest,restore_host}
* x86/speculation: SPEC_CTRL MSR not properly set/restored on VMENTER/VMEXIT
(LP: #1834635)
- SAUCE: KVM: VMX: Move spec_ctrl from kvm_vcpu_arch to vcpu_vmx
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091 // MDS:
CPU buffers are not cleared on all paths from kernel to userspace (LP:
#1833047)
- x86/asm: Error out if asm/jump_label.h is included inappropriately
- x86/asm: Make asm/alternative.h safe from assembly
- x86/jump-label: Use best default nops for inital jump label calls
- SAUCE: [Fix] x86/speculation/mds: Clear CPU buffers on exit to user
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091 // MDS:
Incorrect warning when booting with 'nosmt' (LP: #1830018)
- SAUCE: [Fix] x86/speculation/mds: Add SMT warning message
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
- x86/speculation: Remove redundant arch_smt_update() invocation
- KVM: VMX: fixes for vmentry_l1d_flush module parameter
* CVE-2017-5715
- SAUCE: Reset the SPEC_CTRL MSR on secondary CPUs
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active
- SAUCE: Synchronize MDS mitigations with upstream
- Documentation: Correct the possible MDS sysfs values
- x86/speculation/mds: Fix documentation typo
- SAUCE: [Fix] UBUNTU: SAUCE: sched/smt: Introduce
sched_smt_{active,present}
* CVE-2018-3615 // CVE-2018-3620 // CVE-2018-3646
- x86/speculation: Mark string arrays const correctly
* CVE-2017-5715 // CVE-2018-3639
- x86/cpu: Re-apply forced caps every time CPU caps are re-read
* CVE-2017-5754
- SAUCE: Show 'pti' in /proc/cpuinfo
* CVE-2019-11091
- x86/mds: Add MDSUM variant to the MDS documentation
* CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM
* CVE-2019-11478
- tcp: refine memory limit test in tcp_fragment()
* Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2017-5754
- x86/Documentation: Add PTI description
- x86/pti: Document fix wrong index
- SAUCE: x86/pti: Query MSR IA32_ARCH_CAPABILITIES for ARCH_CAP_RDCL_NO
* Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2017-5715
- SAUCE: x86/cpufeatures: Reorder auxiliary feature bits
- SAUCE: x86/msr: Rename MSR spec control feature bits
- SAUCE: x86/speculation: Introduce spectre_v2_select_mitigation() stub
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier)
support
- SAUCE: x86/cpufeatures: Clean up Spectre v2 related feature bits
- x86/speculation: Use IBRS if available before calling into firmware
- SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86/speculation: Query individual feature flags when reloading
microcode
- SAUCE: x86/speculation: Make use of indirect_branch_prediction_barrier()
- SAUCE: x86/speculation: Cleanup IBRS and IBPB runtime control handling
* Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2017-5715 //
CVE-2018-3639
- SAUCE: x86/speculation: Introduce x86_spec_ctrl_base
* intel-microcode 3.20180312.0 causes lockup at login screen (LP: #1759920) //
Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2017-5715
- Revert "UBUNTU: SAUCE: x86/mm: Only set IBPB when the new thread cannot
ptrace current thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch
* Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2018-12126 //
CVE-2018-12127 // CVE-2018-12130
- SAUCE: x86/msr: Fix formatting of msr-index.h
* Cleanup Meltdown/Spectre implementation (LP: #1779848) // CVE-2017-5753
- Revert "UBUNTU: SAUCE: x86/cpu/AMD: Make the LFENCE instruction
serialized"
- x86/cpu/AMD: Make LFENCE a serializing instruction
- x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
linux (3.2.0-141.188) precise; urgency=medium
* Remote denial of service (system crash) caused by integer overflow in TCP
SACK handling (LP: #1831637)
- SAUCE: tcp: limit payload size of sacked skbs
- SAUCE: tcp: fix fack_count accounting on tcp_shift_skb_data()
* Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
manipulation (LP: #1831638)
- SAUCE: tcp: tcp_fragment() should apply sane memory limits
* Switch getabis to the new format (LP: #1829882)
- [Packaging] Switch getabis to the new format
linux (3.2.0-140.186) precise; urgency=medium
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] update helper scripts
- [Packaging] Sync in-tree getabis script
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpufeature: Use enum cpuid_leafs instead of magic numbers
- KVM: x86: remove magic number with enum cpuid_leafs
- perf/x86/intel: Use Intel family macros for core perf events
- x86/cpu: Sanitize FAM6_ATOM naming
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
new <linux/bits.h> file
- x86/msr-index: Cleanup bit defines
- x86/speculation: Consolidate CPU whitelists
- x86/speculation/mds: Add basic bug infrastructure for MDS
- x86/speculation/mds: Add BUG_MSBDS_ONLY
- x86/speculation/mds: Add mds_clear_cpu_buffers()
- locking/static_keys: Provide DECLARE and well as DEFINE macros
- include/linux/jump_label.h: expose the reference count
- jump_label: Allow asm/jump_label.h to be included in assembly
- jump_label: Allow jump labels to be used in assembly
- x86/headers: Don't include asm/processor.h in asm/atomic.h
- SAUCE: locking/jump_label_key: Mimick the new static key API
- x86/speculation/mds: Clear CPU buffers on exit to user
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry
- SAUCE: sched: Expose cpu_smt_mask()
- SAUCE: sched/smt: Introduce sched_smt_{active,present}
- SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
- SAUCE: x86/speculation: Introduce arch_smt_update()
- x86/speculation: Rework SMT state change
- x86/speculation/mds: Add mitigation control for MDS
- x86/speculation/mds: Add sysfs reporting for MDS
- x86/speculation/mds: Add mitigation mode VMWERV
- Documentation: Move L1TF to separate directory
- Documentation: Add MDS vulnerability documentation
- x86/speculation/mds: Add mds=full,nosmt cmdline option
- x86/speculation/mds: Add SMT warning message
- x86/speculation/mds: Fix comment
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
- x86/speculation/mds: Add 'mitigations=' support for MDS
- KVM: Add x86_hyper_kvm to complete detect_hypervisor_platform check
* CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
CVE-2018-3646
- cpu/speculation: Add 'mitigations=' cmdline option
- x86/speculation: Support 'mitigations=' cmdline option
* CVE-2018-3639 (x86)
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
* ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) //
CVE-2017-5715
- SAUCE: remove ibrs_dump sysctl interface
linux (3.2.0-139.185) precise; urgency=medium
* linux: 3.2.0-139.185 -proposed tracker (LP: #1806430)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* Update to upstream's implementation of Spectre v1 mitigation
(LP: #1774181) // CVE-2017-5753
- SAUCE: x86/speculation: Add X86_BUG_SPECTRE_V[12] and sysfs show functions
- Documentation: Document array_index_nospec
- array_index_nospec: Sanitize speculative array de-references
- x86: Implement array_index_mask_nospec
- x86/spectre_v1: Disable compiler optimizations over
array_index_mask_nospec()
- x86/speculation: Fix up array_index_nospec_mask() asm constraint
- SAUCE: Drop gmb() in favor of array_index_nospec()
- Revert "UBUNTU: SAUCE: x86/cpu/AMD: Remove now unused definition of
MFENCE_RDTSC feature"
- x86: Introduce barrier_nospec
- x86/get_user: Use pointer masking to limit speculation
- x86/syscall: Sanitize syscall table de-references under speculation
- nl80211: Sanitize array index in parse_txq_params
- x86/spectre: Report get_user mitigation for spectre_v1
- ALSA: opl3: Hardening for potential Spectre v1
- ALSA: asihpi: Hardening for potential Spectre v1
- ALSA: hdspm: Hardening for potential Spectre v1
- ALSA: rme9652: Hardening for potential Spectre v1
- ALSA: control: Hardening for potential Spectre v1
- ALSA: seq: oss: Hardening for potential Spectre v1
- ALSA: hda: Hardening for potential Spectre v1
- net: atm: Fix potential Spectre v1
- atm: zatm: Fix potential Spectre v1
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
- kernel/sys.c: fix potential Spectre v1 issue
- HID: hiddev: fix potential Spectre v1
- atm: zatm: Fix potential Spectre v1
- net: cxgb3_main: fix potential Spectre v1
- netlink: Fix spectre v1 gadget in netlink_create()
- net: socket: fix potential spectre v1 gadget in socketcall
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
- ext4: fix spectre gadget in ext4_mb_regular_allocator()
- fs/quota: Fix spectre gadget in do_quotactl
- misc: hmc6352: fix potential Spectre v1
- tty: vt_ioctl: fix potential Spectre v1
* Update to upstream's implementation of Spectre v1 mitigation
(LP: #1774181) // Prevent speculation on user controlled pointer
(LP: #1775137) // CVE-2017-5753
- x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
- x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
linux (3.2.0-138.184) precise; urgency=medium
* linux: 3.2.0-138.184 -proposed tracker (LP: #1802777)
* CVE-2017-5754
- SAUCE: x86/pti: Add X86_BUG_CPU_MELTDOWN and sysfs show function
linux (3.2.0-137.183) precise; urgency=medium
* linux: 3.2.0-137.183 -proposed tracker (LP: #1799398)
* L1TF mitigation not effective in some CPU and RAM combinations
(LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
- x86/speculation/l1tf: Fix off-by-one error when warning that system has
too
much RAM
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
* CVE-2018-3620 // CVE-2018-3646
- mm: x86 pgtable: drop unneeded preprocessor ifdef
- x86/asm: Move PUD_PAGE macros to page_types.h
- x86/asm: Add pud/pmd mask interfaces to handle large PAT bit
- x86/asm: Fix pud/pmd interfaces to handle large PAT bit
- x86/mm: Fix regression with huge pages on PAE
- x86/mm: Simplify p[g4um]d_page() macros
- x86/cpu: Merge bugs.c and bugs_64.c
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
- x86/speculation/l1tf: Change order of offset/type in swap entry
- x86/speculation/l1tf: Protect swap entries against L1TF
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
- x86/speculation/l1tf: Make sure the first page is always reserved
- SAUCE: x86/fremap: Invert the offset when converting to/from a PTE
- x86: Fix 32-bit *_cpu_data initializers
- x86, cpu: Expand cpufeature facility to include cpu bugs
- x86, cpu: Convert F00F bug detection
- x86, cpu: Convert FDIV bug detection
- x86, cpu: Convert Cyrix coma bug detection
- x86, cpu: Convert AMD Erratum 383
- x86, cpu: Convert AMD Erratum 400
- x86/cpu/intel: Introduce macros for Intel family numbers
- x86/cpu: Factor out application of forced CPU caps
- x86/cpufeatures: Make CPU bugs sticky
- SAUCE: x86/cpu: Introduce x86_match_cpu()
- SAUCE: sysfs/cpu: Add vulnerability folder
- [Config] updateconfigs - enable CONFIG_GENERIC_CPU_VULNERABILITIES
- x86/speculation/l1tf: Add sysfs reporting for l1tf
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2
- x86: fix boot on uniprocessor systems
- ACPI / processor: Introduce apic_id in struct processor to save parsed
APIC
id
- ACPI processor: Remove unneeded variable passed by
acpi_processor_hotadd_init V2
- ACPI / processor: use apic_id and remove duplicated _MAT evaluation
- x86 / ACPI: simplify _acpi_map_lsapic()
- x86/topology: Create logical package id
- x86/topology: Fix logical package mapping
- x86/topology: Fix Intel HT disable
- x86/topology: Use total_cpus not nr_cpu_ids for logical packages
- x86/topology: Handle CPUID bogosity gracefully
- x86/topology: Fix AMD core count
- x86/smp: Provide topology_is_primary_thread()
- x86/topology: Provide topology_smt_supported()
- cpu/hotplug: Split do_cpu_down()
- x86/topology: Add topology_max_smt_threads()
- SAUCE: Introduce lock/unlock device hotplug functions
- cpu/hotplug: Provide knobs to control SMT
- [Config] updateconfigs - enable CONFIG_HOTPLUG_SMT
- x86/CPU: Modify detect_extended_topology() to return result
- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available
- x86/cpu: Remove the pointless CPU printout
- x86/cpu/AMD: Remove the pointless detect_ht() call
- x86/cpu/common: Provide detect_ht_early()
- x86/cpu/topology: Provide detect_extended_topology_early()
- x86/cpu/intel: Evaluate smp_num_siblings early
- x86/cpu/AMD: Evaluate smp_num_siblings early
- x86/apic: Ignore secondary threads if nosmt=force
- x86/speculation/l1tf: Extend 64bit swap file size limit
- SAUCE: x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add detection of L1D cache flush support.
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
- x86/speculation/l1tf: Protect PAE swap entries against L1TF
- SAUCE: Work-around for gcc 4.6.3 segmentation fault
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
- Revert "x86/apic: Ignore secondary threads if nosmt=force"
- cpu/hotplug: Boot HT siblings at least once
- SAUCE: Alternative approach to boot nosmt
- SAUCE: x86/mce: Try register mce notifier earlier
- KVM: x86: Introducing kvm_x86_ops VM init/destroy hooks
- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present.
- x86/KVM/VMX: Add module argument for L1TF mitigation
- x86/KVM/VMX: Add L1D flush algorithm
- x86/KVM/VMX: Add L1D MSR based flush
- KVM: add kvm_arch_sched_in
- x86/KVM/VMX: Add L1D flush logic
- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest
numbers
- x86/KVM/VMX: Add find_msr() helper function
- x86/KVM/VMX: Seperate the VMX AUTOLOAD guest/host number accounting
- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
- cpu/hotplug: Online siblings when SMT control is turned on
- arch: Introduce post-init read-only memory
- x86/litf: Introduce vmx status variable
- x86/kvm: Drop L1TF MSR list approach
- x86/l1tf: Handle EPT disabled state proper
- x86/kvm: Move l1tf setup function
- x86/kvm: Add static key for flush always
- x86/kvm: Serialize L1D flush parameter setter
- x86/kvm: Allow runtime control of L1D flush
- cpu/hotplug: Expose SMT control init function
- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
- Documentation: Add section about CPU vulnerabilities
- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
- Documentation/l1tf: Fix typos
- cpu/hotplug: detect SMT disabled by BIOS
- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
- x86: Don't include linux/irq.h from asm/hardirq.h
- SAUCE: Move __this_cpu_{read,write} to percpu-ubuntu.h
- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
- Documentation/l1tf: Remove Yonah processors from not vulnerable list
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
- cpu/hotplug: Fix SMT supported evaluation
- x86/speculation/l1tf: Invert all not present mappings
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
linux (3.2.0-136.182) precise; urgency=medium
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-14634
- exec: Limit arg stack to at most 75% of _STK_LIM
* CVE-2018-5390
- SAUCE: tcp: Correct the backport of the CVE-2018-5390 fix
* Improvements to the kernel source package preparation (LP: #1793461)
- [Packaging] startnewrelease: add support for backport kernels
linux (3.2.0-135.181) precise; urgency=medium
* linux: 3.2.0-135.181 -proposed tracker (LP: #1788762)
* CVE-2018-5390
- tcp: avoid collapses in tcp_prune_queue() if possible
- tcp: detect malicious patterns in tcp_collapse_ofo_queue()
linux (3.2.0-134.180) precise; urgency=medium
* CVE-2018-8897
- x86/traps: Enable DEBUG_STACK after cpu_init() for TRAP_DB/BP
- x86/entry/64: Don't use IST entry for #BP stack
* CVE-2018-1087
- KVM: VMX: Fix DR6 update on #DB exception
- KVM: VMX: Advance rip to after an ICEBP instruction
- kvm/x86: fix icebp instruction handling
* CVE-2018-1000199
- perf/hwbp: Simplify the perf-hwbp code, fix documentation
linux (3.2.0-133.179) precise; urgency=medium
* linux: 3.2.0-133.179 -proposed tracker (LP: #1745959)
* upload urgency should be medium by default (LP: #1745338)
- [Packaging] update urgency to medium by default
* Do not duplicate changelog entries assigned to more than one bug or CVE
(LP: #1743383)
- [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
* CVE-2017-5715 // CVE-2017-5753
- SAUCE: locking/barriers: introduce new memory barrier gmb()
- SAUCE: uvcvideo: prevent speculative execution
- SAUCE: carl9170: prevent speculative execution
- SAUCE: p54: prevent speculative execution
- SAUCE: qla2xxx: prevent speculative execution
- SAUCE: fs: prevent speculative execution
- SAUCE: udf: prevent speculative execution
- SAUCE: x86/feature: Enable the x86 feature to control Speculation
- SAUCE: x86/feature: Report presence of IBPB and IBRS control
- SAUCE: x86/enter: MACROS to set/clear IBRS and set IBPB
- x86, alternative: Add header guards to <asm/alternative-asm.h>
- SAUCE: x86/enter: Use IBRS on syscall and interrupts
- x86, microcode: Share native MSR accessing variants
- SAUCE: x86/idle: Disable IBRS entering idle and enable it on wakeup
- SAUCE: x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- SAUCE: x86/mm: Set IBPB upon context switch
- Fix race in process_vm_rw_core
- ptrace: mark __ptrace_may_access() static
- SAUCE: x86/mm: Only set IBPB when the new thread cannot ptrace current
thread
- SAUCE: x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
- SAUCE: x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- SAUCE: x86/kvm: Set IBPB when switching VM
- SAUCE: x86/kvm: Toggle IBRS on VM entry and exit
- SAUCE: x86/kvm: Pad RSB on VM transition
- x86 / msr: add 64bit _on_cpu access functions
- SAUCE: x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- SAUCE: x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
control
- SAUCE: x86/entry: Use retpoline for syscall's indirect calls
- bitops: Introduce BIT_ULL
- SAUCE: x86/cpu/AMD: Add speculative control support for AMD
- SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
- SAUCE: KVM: SVM: Do not intercept new speculative control MSRs
- SAUCE: x86/svm: Set IBRS value on VM entry and exit
- SAUCE: x86/svm: Set IBPB when running a different VCPU
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- SAUCE: KVM: x86: Add speculative control CPUID support for guests
- SAUCE: x86/svm: Add code to clobber the RSB on VM exit
- kvm: vmx: Scrub hardware GPRs at VM-exit
- x86/bitops: Move BIT_64() for a wider use
- x86, pvops: Remove hooks for {rd,wr}msr_safe_regs
- x86, cpu: Fix show_msr MSR accessing function
- x86, cpu, amd: Fix crash as Xen Dom0 on AMD Trinity systems
- x86, cpu, amd: Deprecate AMD-specific MSR variants
- x86, cpu: Rename checking_wrmsrl() to wrmsrl_safe()
- x86: Add another set of MSR accessor functions
- x86/asm/msr: Make wrmsrl_safe() a function
- SAUCE: x86/cpu/AMD: Make the LFENCE instruction serialized
- SAUCE: x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- SAUCE: arm: no gmb() implementation yet
- SAUCE: powerpc: no gmb() implementation yet
* CVE-2017-5754
- kaiser: Set _PAGE_NX only if supported
- kaiser: Set _PAGE_NX only if supported
linux (3.2.0-132.178) precise; urgency=low
* linux: 3.2.0-132.178 -proposed tracker (LP: #1741612)
* CVE-2017-5754
- perf/x86: Correctly use FEATURE_PDCM
- x86/mm: Disable preemption during CR3 read+write
- x86, cpufeature: Add CPU features from Intel document 319433-012A
- x86/mm: Add INVPCID helpers
- x86/mm: Fix INVPCID asm constraint
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID
- x86/mm: If INVPCID is available, use it to flush global mappings
- mm/mmu_context, sched/core: Fix mmu_context.h assumption
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP
- x86/mm, sched/core: Uninline switch_mm()
- x86/mm, sched/core: Turn off IRQs in switch_mm()
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off()
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP
code
- x86/mm: Disable PCID on 32-bit kernels
- x86/mm: Add the 'nopcid' boot option to turn off PCID
- x86/mm: Enable CR4.PCIDE on supported systems
- x86/mm/64: Fix reboot interaction with CR4.PCIDE
- KAISER: Kernel Address Isolation
- x86/mm/kaiser: re-enable vsyscalls
- kaiser: user_map __kprobes_text too
- kaiser: alloc_ldt_struct() use get_zeroed_page()
- x86/alternatives: Cleanup DPRINTK macro
- x86/alternatives: Add instruction padding
- x86/alternatives: Make JMPs more robust
- x86/alternatives: Use optimized NOPs for padding
- kaiser: add "nokaiser" boot option, using ALTERNATIVE
- x86, boot: Carve out early cmdline parsing function
- x86/boot: Fix early command-line parsing when matching at end
- x86/boot: Fix early command-line parsing when partial word matches
- x86/boot: Simplify early command line parsing
- x86/boot: Pass in size to early cmdline parsing
- x86/boot: Add early cmdline parsing for options with arguments
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
- x86/kaiser: Check boottime cmdline params
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush
- kaiser: asm/tlbflush.h handle noPGE at lower level
- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID
- x86/paravirt: Dont patch flush_tlb_single
- x86/kaiser: Reenable PARAVIRT
- kaiser: disabled on Xen PV
- x86/kaiser: Move feature detection up
- KPTI: Rename to PAGE_TABLE_ISOLATION
- KPTI: Report when enabled
- [Config] updateconfigs - enable PAGE_TABLE_ISOLATION
- x86/pti: Do not enable PTI on AMD processors
linux (3.2.0-131.177) precise; urgency=low
* linux: 3.2.0-131.177 -proposed tracker (LP: #1716644)
* CVE-2017-1000251
- Bluetooth: Properly check L2CAP config option output buffer length
linux (3.2.0-130.176) precise; urgency=low
* linux: 3.2.0-130.176 -proposed tracker (LP: #1704996)
* CVE-2017-1000364
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
- mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
linux (3.2.0-129.174) precise; urgency=low
* linux: 3.2.0-129.174 -proposed tracker (LP: #1700563)
* CVE-2017-1000364
- Revert "mm: do not collapse stack gap into THP"
- Revert "mm: enlarge stack guard gap"
- mm: larger stack guard gap, between vmas
- Allow stack to grow up to address space limit
linux (3.2.0-128.173) precise; urgency=low
* CVE-2016-4997
- netfilter: x_tables: add and use xt_check_entry_offsets
- netfilter: x_tables: kill check_entry helper
- netfilter: x_tables: add compat version of xt_check_entry_offsets
- netfilter: x_tables: check for bogus target offset
* CVE-2017-1000364
- mm: enlarge stack guard gap
- mm: do not collapse stack gap into THP
Date: 2021-04-05 22:22:09.691838+00:00
Changed-By: Thadeu Lima de Souza Cascardo <thadeu.casca...@canonical.com>
Signed-By: Steve Langasek <steve.langa...@canonical.com>
https://launchpad.net/ubuntu/+source/linux/3.2.0-150.197
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes
