This bug was fixed in the package linux - 4.4.0-103.126
---------------
linux (4.4.0-103.126) xenial; urgency=low
* linux: 4.4.0-103.126 -proposed tracker (LP: #1736181)
* CVE-2017-1000405
- mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
* CVE-2017-16939
- netlink: add a start callback for starting a netlink dump
- ipsec: Fix aborted xfrm policy dump crash
linux (4.4.0-102.125) xenial; urgency=low
* linux: 4.4.0-102.125 -proposed tracker (LP: #1733541)
* tar -x sometimes fails on overlayfs (LP: #1728489)
- ovl: check if all layers are on the same fs
- ovl: persistent inode number for directories
* NVMe timeout is too short (LP: #1729119)
- nvme: update timeout module parameter type
* Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
- [Config]: Set PANIC_TIMEOUT=10 on ppc64el
* Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
- Bluetooth: increase timeout for le auto connections
* CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config (LP: #1729337)
- SMB3: Validate negotiate request must always be signed
* Plantronics P610 does not support sample rate reading (LP: #1719853)
- ALSA: usb-audio: Add sample rate quirk for Plantronics P610
* Invalid btree pointer causes the kernel NULL pointer dereference
(LP: #1729256)
- xfs: reinit btree pointer on attr tree inactivation walk
* Samba mount/umount in docker container triggers kernel Oops (LP: #1729637)
- ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER
- ipv6: fix NULL dereference in ip6_route_dev_notify()
* [kernel] tty/hvc: Use opal irqchip interface if available (LP: #1728098)
- tty/hvc: Use opal irqchip interface if available
* Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
- scsi: mptsas: Fixup device hotplug for VMWare ESXi
* NMI watchdog: BUG: soft lockup on Guest upon boot (KVM) (LP: #1727331)
- KVM: PPC: Book3S: Treat VTB as a per-subcore register, not per-thread
* Attempt to map rbd image from ceph jewel/luminous hangs (LP: #1728739)
- crush: ensure bucket id is valid before indexing buckets array
- crush: ensure take bucket value is valid
- crush: add chooseleaf_stable tunable
- crush: decode and initialize chooseleaf_stable
- libceph: advertise support for TUNABLES5
- libceph: MOSDOpReply v7 encoding
* Xenial update to 4.4.98 stable release (LP: #1732698)
- adv7604: Initialize drive strength to default when using DT
- video: fbdev: pmag-ba-fb: Remove bad `__init' annotation
- PCI: mvebu: Handle changes to the bridge windows while enabled
- xen/netback: set default upper limit of tx/rx queues to 8
- drm: drm_minor_register(): Clean up debugfs on failure
- KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
- iommu/arm-smmu-v3: Clear prior settings when updating STEs
- powerpc/corenet: explicitly disable the SDHC controller on kmcoge4
- ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6
- crypto: vmx - disable preemption to enable vsx in aes_ctr.c
- iio: trigger: free trigger resource correctly
- phy: increase size of MII_BUS_ID_SIZE and bus_id
- serial: sh-sci: Fix register offsets for the IRDA serial port
- usb: hcd: initialize hcd->flags to 0 when rm hcd
- netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
- IPsec: do not ignore crypto err in ah4 input
- Input: mpr121 - handle multiple bits change of status register
- Input: mpr121 - set missing event capability
- IB/ipoib: Change list_del to list_del_init in the tx object
- s390/qeth: issue STARTLAN as first IPA command
- (config) Add NET_DSA=n
- net: dsa: select NET_SWITCHDEV
- platform/x86: hp-wmi: Fix detection for dock and tablet mode
- cdc_ncm: Set NTB format again after altsetting switch for Huawei devices
- KEYS: trusted: sanitize all key material
- KEYS: trusted: fix writing past end of buffer in trusted_read()
- platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state
- platform/x86: hp-wmi: Do not shadow error values
- x86/uaccess, sched/preempt: Verify access_ok() context
- workqueue: Fix NULL pointer dereference
- crypto: x86/sha1-mb - fix panic due to unaligned access
- KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
- ARM: 8720/1: ensure dump_instr() checks addr_limit
- ALSA: seq: Fix OSS sysex delivery in OSS emulation
- ALSA: seq: Avoid invalid lockdep class warning
- MIPS: microMIPS: Fix incorrect mask in insn_table_MM
- MIPS: Fix CM region target definitions
- MIPS: SMP: Use a completion event to signal CPU up
- MIPS: Fix race on setting and getting cpu_online_mask
- MIPS: SMP: Fix deadlock & online race
- test: firmware_class: report errors properly on failure
- selftests: firmware: add empty string and async tests
- selftests: firmware: send expected errors to /dev/null
- tools: firmware: check for distro fallback udev cancel rule
- MIPS: AR7: Defer registration of GPIO
- MIPS: AR7: Ensure that serial ports are properly set up
- Input: elan_i2c - add ELAN060C to the ACPI table
- drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
- rbd: use GFP_NOIO for parent stat and data requests
- can: sun4i: handle overrun in RX FIFO
- can: c_can: don't indicate triple sampling support for D_CAN
- x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
- PKCS#7: fix unitialized boolean 'want'
- Linux 4.4.98
* ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
install (LP: #1727544)
- Input: elan_i2c - add ELAN060C to the ACPI table
* Xenial update to 4.4.97 stable release (LP: #1731915)
- ALSA: timer: Add missing mutex lock for compat ioctls
- ALSA: seq: Fix nested rwsem annotation for lockdep splat
- cifs: check MaxPathNameComponentLength != 0 before using it
- KEYS: return full count in keyring_read() if buffer is too small
- KEYS: fix out-of-bounds read during ASN.1 parsing
- ASoC: adau17x1: Workaround for noise bug in ADC
- arm64: ensure __dump_instr() checks addr_limit
- ARM: dts: mvebu: pl310-cache disable double-linefill
- ARM: 8715/1: add a private asm/unaligned.h
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim
- perf tools: Fix build failure on perl script context
- drm/msm: Fix potential buffer overflow issue
- drm/msm: fix an integer overflow test
- tracing/samples: Fix creation and deletion of simple_thread_fn creation
- Fix tracing sample code warning.
- PM / wakeirq: report a wakeup_event on dedicated wekup irq
- mmc: s3cmci: include linux/interrupt.h for tasklet_struct
- ARM: pxa: Don't rely on public mmc header to include leds.h
- mfd: ab8500-sysctrl: Handle probe deferral
- mfd: axp20x: Fix axp288 PEK_DBR and PEK_DBF irqs being swapped
- staging: rtl8712u: Fix endian settings for structs describing network
packets
- ext4: fix stripe-unaligned allocations
- ext4: do not use stripe_width if it is not set
- i2c: riic: correctly finish transfers
- drm/amdgpu: when dpm disabled, also need to stop/start vce.
- perf tools: Only increase index if perf_evsel__new_idx() succeeds
- cx231xx: Fix I2C on Internal Master 3 Bus
- xen/manage: correct return value check on xenbus_scanf()
- scsi: aacraid: Process Error for response I/O
- platform/x86: intel_mid_thermal: Fix module autoload
- staging: lustre: llite: don't invoke direct_IO for the EOF case
- staging: lustre: hsm: stack overrun in hai_dump_data_field
- staging: lustre: ptlrpc: skip lock if export failed
- exynos4-is: fimc-is: Unmap region obtained by of_iomap()
- mei: return error on notification request to a disconnected client
- s390/dasd: check for device error pointer within state change interrupts
- bt8xx: fix memory leak
- xen: don't print error message in case of missing Xenstore entry
- staging: r8712u: Fix Sparse warning in rtl871x_xmit.c
- Linux 4.4.97
* Xenial update to 4.4.96 stable release (LP: #1731882)
- workqueue: replace pool->manager_arb mutex with a flag
- ALSA: hda/realtek - Add support for ALC236/ALC3204
- ALSA: hda - fix headset mic problem for Dell machines with alc236
- ceph: unlock dangling spinlock in try_flush_caps()
- usb: xhci: Handle error condition in xhci_stop_device()
- spi: uapi: spidev: add missing ioctl header
- fuse: fix READDIRPLUS skipping an entry
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
- Input: elan_i2c - add ELAN0611 to the ACPI table
- Input: gtco - fix potential out-of-bound access
- assoc_array: Fix a buggy node-splitting case
- scsi: zfcp: fix erp_action use-before-initialize in REC action trace
- scsi: sg: Re-fix off by one in sg_fill_request_table()
- can: sun4i: fix loopback mode
- can: kvaser_usb: Correct return value in printout
- can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
- regulator: fan53555: fix I2C device ids
- x86/microcode/intel: Disable late loading on model 79
- ecryptfs: fix dereference of NULL user_key_payload
- Revert "drm: bridge: add DT bindings for TI ths8135"
- Linux 4.4.96
* Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
- Input: elan_i2c - add ELAN0611 to the ACPI table
-- Stefan Bader <stefan.ba...@canonical.com> Mon, 04 Dec 2017 16:50:53
+0100
** Changed in: linux (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000405
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16939
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1729337
Title:
CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Trusty:
In Progress
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Zesty:
In Progress
Status in linux source package in Artful:
Fix Committed
Bug description:
== SRU Justification ==
The bug reporter stated they have a cluster of servers that applied Xenial
updates
and then were unable to mount CIFS shares after upgrading to 4.4.0-98. The
same machines on 4.4.0-97 do not hit the regression. It was found that the
regression is fixed by mainline commit:
4587eee04e2a ("SMB3: Validate negotiate request must always be signed").
This fix is required in all Ubuntu supported releases. Commit 4587eee04e2a
landed in mailine as of 4.14-rc7. It was also cc'd to upstream stable,
but it has not landed in any stable releases yet, which is the reason for
this SRU.
== Fix ==
commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd
Author: Steve French <smfre...@gmail.com>
Date: Wed Oct 25 15:58:31 2017 -0500
SMB3: Validate negotiate request must always be signed
== Regression Potential ==
This patch is to fix a regression. It was also cc'd to upstream stable, so
it received addition review upstream.
We have a cluster of servers that applied a security update overnight
and were unable to mount CIFS shares after upgrading to 4.4.0-98. The
same machines on 4.4.0-97 were fine the night before, and are fine
after downgrading. The only error message CIFS would report, even on
verbose, was:
[ 257.089876] CIFS VFS: validate protocol negotiate failed: -11
[ 257.089964] CIFS VFS: cifs_mount failed w/return code = -5
Rebooting did not help. Nor did attempting to mount the share
manually using mount -t cifs.
Here's the offending line from our /etc/fstab (with hostnames
sanitized):
//server/share /mnt/share cifs
rw,user,credentials=/etc/samba/credentials.share,uid=33,gid=33,file_mode=0770,dir_mode=0770
,exec,soft,noserverino,vers=3.0 0 0
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-98-generic 4.4.0-98.121
ProcVersionSignature: Ubuntu 4.4.0-98.121-generic 4.4.90
Uname: Linux 4.4.0-98-generic x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Nov 1 07:56 seq
crw-rw---- 1 root audio 116, 33 Nov 1 07:56 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.20.1-0ubuntu2.10
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
Date: Wed Nov 1 08:49:47 2017
HibernationDevice: RESUME=/dev/mapper/ubuntu--template--vg-swap_1
InstallationDate: Installed on 2016-12-16 (319 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64
(20160719)
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
Lsusb: Error: command ['lsusb'] failed with exit code 1:
MachineType: VMware, Inc. VMware Virtual Platform
PciMultimedia:
ProcFB: 0 svgadrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-98-generic
root=/dev/mapper/ubuntu--template--vg-root ro
RelatedPackageVersions:
linux-restricted-modules-4.4.0-98-generic N/A
linux-backports-modules-4.4.0-98-generic N/A
linux-firmware 1.157.13
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/21/2015
dmi.bios.vendor: Phoenix Technologies LTD
dmi.bios.version: 6.00
dmi.board.name: 440BX Desktop Reference Platform
dmi.board.vendor: Intel Corporation
dmi.board.version: None
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 1
dmi.chassis.vendor: No Enclosure
dmi.chassis.version: N/A
dmi.modalias:
dmi:bvnPhoenixTechnologiesLTD:bvr6.00:bd09/21/2015:svnVMware,Inc.:pnVMwareVirtualPlatform:pvrNone:rvnIntelCorporation:rn440BXDesktopReferencePlatform:rvrNone:cvnNoEnclosure:ct1:cvrN/A:
dmi.product.name: VMware Virtual Platform
dmi.product.version: None
dmi.sys.vendor: VMware, Inc.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1729337/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
