This bug was fixed in the package linux-azure - 4.18.0-1018.18
---------------
linux-azure (4.18.0-1018.18) cosmic; urgency=medium
[ Ubuntu: 4.18.0-20.21 ]
* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
- Documentation/l1tf: Fix small spelling typo
- x86/cpu: Sanitize FAM6_ATOM naming
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
- locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
new <linux/bits.h> file
- tools include: Adopt linux/bits.h
- x86/msr-index: Cleanup bit defines
- x86/speculation: Consolidate CPU whitelists
- x86/speculation/mds: Add basic bug infrastructure for MDS
- x86/speculation/mds: Add BUG_MSBDS_ONLY
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
- x86/speculation/mds: Add mds_clear_cpu_buffers()
- x86/speculation/mds: Clear CPU buffers on exit to user
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry
- x86/speculation/mds: Add mitigation control for MDS
- x86/speculation/mds: Add sysfs reporting for MDS
- x86/speculation/mds: Add mitigation mode VMWERV
- Documentation: Move L1TF to separate directory
- Documentation: Add MDS vulnerability documentation
- x86/speculation/mds: Add mds=full,nosmt cmdline option
- x86/speculation: Move arch_smt_update() call to after mitigation decisions
- x86/speculation/mds: Add SMT warning message
- x86/speculation/mds: Fix comment
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
- x86/speculation/mds: Add 'mitigations=' support for MDS
* CVE-2017-5715 // CVE-2017-5753
- s390/speculation: Support 'mitigations=' cmdline option
* CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
- powerpc/speculation: Support 'mitigations=' cmdline option
* CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
CVE-2018-3646
- cpu/speculation: Add 'mitigations=' cmdline option
- x86/speculation: Support 'mitigations=' cmdline option
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
linux-azure (4.18.0-1017.17) cosmic; urgency=medium
* linux-azure: 4.18.0-1017.17 -proposed tracker (LP: #1826166)
* [linux-azure] Include mainline commits fc96df16a1ce and ba50bf1ce9a5 in
Azure kernel (LP: #1821378)
- Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels
- Drivers: hv: vmbus: Check for ring when getting debug info
* [linux-azure] Commit To Improve NVMe Performance (LP: #1819689)
- blk-mq: remove the request_list usage
[ Ubuntu: 4.18.0-19.20 ]
* linux: 4.18.0-19.20 -proposed tracker (LP: #1826171)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
* autopkgtests run too often, too much and don't skip enough (LP: #1823056)
- [Debian] Set +x on rebuild testcase.
- [Debian] Skip rebuild test, for regression-suite deps.
- [Debian] Make ubuntu-regression-suite skippable on unbootable kernels.
- [Debian] make rebuild use skippable error codes when skipping.
- [Debian] Only run regression-suite, if requested to.
* CVE-2017-5753
- s390/keyboard: sanitize array index in do_kdsk_ioctl
- drm/bufs: Fix Spectre v1 vulnerability
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability
- ipv4: Fix potential Spectre v1 vulnerability
- aio: fix spectre gadget in lookup_ioctx
- ALSA: emux: Fix potential Spectre v1 vulnerabilities
- ALSA: pcm: Fix potential Spectre v1 vulnerability
- ip6mr: Fix potential Spectre v1 vulnerability
- ALSA: rme9652: Fix potential Spectre v1 vulnerability
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
- KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
- drm/ioctl: Fix Spectre v1 vulnerabilities
- net: core: Fix Spectre v1 vulnerability
- phonet: af_phonet: Fix Spectre v1 vulnerability
- nfc: af_nfc: Fix Spectre v1 vulnerability
- can: af_can: Fix Spectre v1 vulnerability
- net: Revert recent Spectre-v1 patches.
- char/mwave: fix potential Spectre v1 vulnerability
- applicom: Fix potential Spectre v1 vulnerabilities
- ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
- powerpc/ptrace: Mitigate potential Spectre v1
- cfg80211: prevent speculation on cfg80211_classify8021d() return
- ALSA: rawmidi: Fix potential Spectre v1 vulnerability
- ALSA: seq: oss: Fix Spectre v1 vulnerability
* NULL pointer dereference when using z3fold and zswap (LP: #1814874)
- z3fold: fix possible reclaim races
* The Realtek card reader does not enter PCIe 1.1/1.2 (LP: #1825487)
- misc: rtsx: Enable OCP for rts522a rts524a rts525a rts5260
- SAUCE: misc: rtsx: Fixed rts5260 power saving parameter and sd glitch
* headset-mic doesn't work on two Dell laptops. (LP: #1825272)
- ALSA: hda/realtek - add two more pin configuration sets to quirk table
* CVE-2018-16884
- sunrpc: use SVC_NET() in svcauth_gss_* functions
- sunrpc: use-after-free in svc_process_common()
* AMD Rome : Minimal support patches (LP: #1816669)
- x86: irq_remapping: Move irq remapping mode enum
- iommu/amd: Add support for higher 64-bit IOMMU Control Register
- iommu/amd: Add support for IOMMU XT mode
* sky2 ethernet card don't work after returning from suspension (LP: #1798921)
- sky2: Increase D3 delay again
* CVE-2019-9500
- brcmfmac: assure SSID length from firmware is limited
* CVE-2019-9503
- brcmfmac: add subtype check for event handling in data path
* CVE-2019-3882
- vfio/type1: Limit DMA mappings per container
* CVE-2019-3887
- KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
- KVM: x86: nVMX: fix x2APIC VTPR read intercept
* CVE-2019-3874
- sctp: use sk_wmem_queued to check for writable space
- sctp: implement memory accounting on tx path
- sctp: implement memory accounting on rx path
* Intel I210 Ethernet card not working after hotplug [8086:1533]
(LP: #1818490)
- igb: Fix WARN_ONCE on runtime suspend
* autofs kernel module missing (LP: #1824333)
- [Config] Update autofs4 path in inclusion list
* tasks doing write()/fsync() hit deadlock in write_cache_pages()
(LP: #1824827)
- mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock
* Pop noise when headset is plugged in or removed from GHS/Line-out jack
(LP: #1821290)
- ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode
for ALC225
- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
- ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
- ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
* mac80211_hwsim unable to handle kernel NULL pointer dereference
at0000000000000000 (LP: #1825058)
- mac80211_hwsim: Timer should be initialized before device registered
* [regression][snd_hda_codec_realtek] repeating crackling noise after 19.04
upgrade (LP: #1821663)
- ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
- ALSA: hda - Add two more machines to the power_save_blacklist
* systemd cause kernel trace "BUG: unable to handle kernel paging request at
6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
unable to handle kernel paging request at 6db23a14" on Cosmic i386
(LP: #1813244)
- openvswitch: fix flow actions reallocation
linux-azure (4.18.0-1016.16) cosmic; urgency=medium
* linux-azure: 4.18.0-1016.16 -proposed tracker (LP: #1824841)
* The 4.18.0-1015.15 Azure Kernel Panics Due to Missing Commit (LP: #1823805)
- scsi: storvsc: Fix a race in sub-channel creation that can cause panic
* linux-azure: Add the Catapult FPGA Driver (LP: #1824879)
- SAUCE: linux-azure: Include Catapult FPGA PCI driver
- [Config] linux-azure: CONFIG_CATAPULT_PCI=m
linux-azure (4.18.0-1015.15) cosmic; urgency=medium
* linux-azure: 4.18.0-1015.15 -proposed tracker (LP: #1822791)
* Upstream Commits Needed for DPDK on Azure (LP: #1812123)
- vmbus: keep pointer to ring buffer page
- uio: introduce UIO_MEM_IOVA
- hv_uio_generic: map ringbuffer phys addr
- uio_hv_generic: defer opening vmbus until first use
- uio_hv_generic: set callbacks on open
- vmbus: pass channel to hv_process_channel_removal
- vmbus: split ring buffer allocation from open
- vmbus: fix subchannel removal
* [Hyper-V] Enable CONFIG_HOTPLUG_CPU in linux-azure (LP: #1821934)
- Revert "UBUNTU: [Config] azure: CONFIG_HOTPLUG_CPU=n"
[ Ubuntu: 4.18.0-18.19 ]
* linux: 4.18.0-18.19 -proposed tracker (LP: #1822796)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
triggers system hang on i386 (LP: #1812845)
- btrfs: raid56: properly unmap parity page in finish_parity_scrub()
* [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
- ACPI / property: Allow multiple property compatible _DSD entries
- PCI / ACPI: Identify untrusted PCI devices
- iommu/vt-d: Force IOMMU on for platform opt in hint
- iommu/vt-d: Do not enable ATS for untrusted devices
- thunderbolt: Export IOMMU based DMA protection support to userspace
- iommu/vt-d: Disable ATS support on untrusted devices
* Huawei Hi1822 NIC has poor performance (LP: #1820187)
- net-next: hinic: fix a problem in free_tx_poll()
- hinic: remove ndo_poll_controller
- net-next/hinic: add checksum offload and TSO support
- hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
- net-next/hinic:replace multiply and division operators
- net-next/hinic:add rx checksum offload for HiNIC
- net-next/hinic:fix a bug in set mac address
- net-next/hinic: fix a bug in rx data flow
- net: hinic: fix null pointer dereference on pointer hwdev
- hinic: optmize rx refill buffer mechanism
- net-next/hinic:add shutdown callback
- net-next/hinic: replace disable_irq_nosync/enable_irq
* [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
- Fonts: New Terminus large console font
- [Config]: enable highdpi Terminus 16x32 font support
* [19.04 FEAT] qeth: Enhanced link speed - kernel part (LP: #1814892)
- s390/qeth: report 25Gbit link speed
* Avoid potential memory corruption on HiSilicon SoCs (LP: #1819546)
- iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
* CVE-2017-5715
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
- x86/speculation: Propagate information about RSB filling mitigation to
sysfs
- x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC
variant
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
- x86/retpoline: Remove minimal retpoline support
- x86/speculation: Update the TIF_SSBD comment
- x86/speculation: Clean up spectre_v2_parse_cmdline()
- x86/speculation: Remove unnecessary ret variable in cpu_show_common()
- x86/speculation: Move STIPB/IBPB string conditionals out of
cpu_show_common()
- x86/speculation: Disable STIBP when enhanced IBRS is in use
- x86/speculation: Rename SSBD update functions
- x86/speculation: Reorganize speculation control MSRs update
- sched/smt: Make sched_smt_present track topology
- x86/Kconfig: Select SCHED_SMT if SMP enabled
- sched/smt: Expose sched_smt_present static key
- x86/speculation: Rework SMT state change
- x86/l1tf: Show actual SMT state
- x86/speculation: Reorder the spec_v2 code
- x86/speculation: Mark string arrays const correctly
- x86/speculataion: Mark command line parser data __initdata
- x86/speculation: Unify conditional spectre v2 print functions
- x86/speculation: Add command line control for indirect branch speculation
- x86/speculation: Prepare for per task indirect branch speculation control
- x86/process: Consolidate and simplify switch_to_xtra() code
- x86/speculation: Avoid __switch_to_xtra() calls
- x86/speculation: Prepare for conditional IBPB in switch_mm()
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
- x86/speculation: Split out TIF update
- x86/speculation: Prevent stale SPEC_CTRL msr content
- x86/speculation: Prepare arch_smt_update() for PRCTL mode
- x86/speculation: Add prctl() control for indirect branch speculation
- x86/speculation: Enable prctl mode for spectre_v2_user
- x86/speculation: Add seccomp Spectre v2 user space protection mode
- x86/speculation: Provide IBPB always command line options
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
- x86/speculation: Change misspelled STIPB to STIBP
- x86/speculation: Add support for STIBP always-on preferred mode
- x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
* [Ubuntu] vfio-ap: add subsystem to matrix device to avoid libudev failures
(LP: #1818854)
- s390: vfio_ap: link the vfio_ap devices to the vfio_ap bus subsystem
* Kernel regularly logs: Bluetooth: hci0: last event is not cmd complete
(0x0f) (LP: #1748565)
- Bluetooth: Fix unnecessary error message for HCI request completion
* HiSilicon HNS ethernet broken in 4.15.0-45 (LP: #1818294)
- net: hns: Fix WARNING when hns modules installed
* Lenovo ideapad 330-15ICH Wifi rfkill hard blocked (LP: #1811815)
- platform/x86: ideapad: Add ideapad 330-15ICH to no_hw_rfkill
* Qualcomm Atheros QCA9377 wireless does not work (LP: #1818204)
- platform/x86: ideapad-laptop: Add Ideapad 530S-14ARR to no_hw_rfkill list
* fscache: jobs might hang when fscache disk is full (LP: #1821395)
- fscache: fix race between enablement and dropping of object
* hns3: fix oops in hns3_clean_rx_ring() (LP: #1821064)
- net: hns3: add dma_rmb() for rx description
* tcm_loop.ko: move from modules-extra into main modules package
(LP: #1817786)
- [Packaging] move tcm_loop.lo to main linux-modules package
* tcmu user space crash results in kernel module hang. (LP: #1819504)
- scsi: tcmu: delete unused __wait
- scsi: tcmu: track nl commands
- scsi: tcmu: simplify nl interface
- scsi: tcmu: add module wide block/reset_netlink support
* Intel XL710 - i40e driver does not work with kernel 4.15 (Ubuntu 18.04)
(LP: #1779756)
- i40e: prevent overlapping tx_timeout recover
* some codecs stop working after S3 (LP: #1820930)
- ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec
* 4.15 s390x kernel BUG at /build/linux-
Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565! (LP: #1788432)
- virtio/s390: avoid race on vcdev->config
- virtio/s390: fix race in ccw_io_helper()
* [SRU][B/B-OEM/C/D] Fix AMD IOMMU NULL dereference (LP: #1820990)
- iommu/amd: Fix NULL dereference bug in match_hid_uid
* New Intel Wireless-AC 9260 [8086:2526] card not correctly probed in Ubuntu
system (LP: #1821271)
- iwlwifi: add new card for 9260 series
* Add support for MAC address pass through on RTL8153-BD (LP: #1821276)
- r8152: Add support for MAC address pass through on RTL8153-BD
- r8152: Fix an error on RTL8153-BD MAC Address Passthrough support
-- Stefan Bader <stefan.ba...@canonical.com> Tue, 07 May 2019 19:14:33
+0200
** Changed in: linux-azure (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12126
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12127
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12130
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16884
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3620
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3646
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3874
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3882
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3887
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9500
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9503
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure in Ubuntu.
https://bugs.launchpad.net/bugs/1823805
Title:
The 4.18.0-1015.15 Azure Kernel Panics Due to Missing Commit
Status in linux-azure package in Ubuntu:
New
Status in linux-azure source package in Cosmic:
Fix Released
Bug description:
The following commit is being requested in the 18.04 4.18 based Bionic kernel
for Azure:
c967590457ca scsi: storvsc: Fix a race in sub-channel creation that can cause
panic
This commit was included when it was requested in bug 1805304.
However, the 18.04 Bionic kernel for Azure was based on the upstream
4.15 kernel at that time. The patch was applied to the 4.15 based
kernel as an Ubuntu SAUCE patch.
The 18.04 Bionic kernel for Azure has since been re-based to the 4.18
kernel. This requested commit was applied to mainline as of
v4.20-rc6. The patch was cc’d to upstream stable, but upstream 4.18
was EOL by that point. Due to this, the patch never made it into any
4.18 kernels, which is why it is now missing from 18.04, it was
rebased to 4.18.
This is a critical issue. The 4.18.0-1015 kernel immediately panics
on boot without this commit.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1823805/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
