Public bug reported:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2020-11-10
Ported from the following upstream stable releases:
v4.14.202, v4.19.152,
v4.14.203, v4.19.153
from git://git.kernel.org/
Bluetooth: fix kernel oops in store_pending_adv_report
Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
Bluetooth: Disconnect if E0 is used for Level 4
media: usbtv: Fix refcounting mixup
USB: serial: option: add Cellient MPL200 card
USB: serial: option: Add Telit FT980-KS composition
staging: comedi: check validity of wMaxPacketSize of usb endpoints found
USB: serial: pl2303: add device-id for HP GC device
USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
reiserfs: Initialize inode keys properly
reiserfs: Fix oops during mount
drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case
crypto: bcm - Verify GCM/CCM key length in setkey
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
ARM: 8858/1: vdso: use $(LD) instead of $(CC) to link VDSO
ARM: 8939/1: kbuild: use correct nm executable
ARM: 8867/1: vdso: pass --be8 to linker if necessary
UBUNTU: upstream stable to v4.14.202, v4.19.152
ibmveth: Switch order of ibmveth_helper calls.
ibmveth: Identify ingress large send packets.
ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
mlx4: handle non-napi callers to napi_poll
net: usb: qmi_wwan: add Cellient MPL200 card
tipc: fix the skb_unshare() in tipc_buf_append()
net/ipv4: always honour route mtu during forwarding
r8169: fix data corruption issue on RTL8402
binder: fix UAF when releasing todo list
ALSA: bebob: potential info leak in hwdep_read()
net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup
nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
nfc_genl_fw_download()
tcp: fix to update snd_wl1 in bulk receiver fast path
icmp: randomize the global rate limiter
cifs: remove bogus debug code
cifs: Return the error from crypt_message when enc/dec key not found.
KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
KVM: SVM: Initialize prev_ga_tag before use
ima: Don't ignore errors from crypto_shash_update()
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
EDAC/i5100: Fix error handling order in i5100_init_one()
x86/fpu: Allow multiple bits in clearcpuid= parameter
drivers/perf: xgene_pmu: Fix uninitialized resource struct
crypto: algif_skcipher - EBUSY on aio should be an error
crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
media: tuner-simple: fix regression in simple_set_radio_freq
media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()"
media: m5mols: Check function pointer in m5mols_sensor_power
media: uvcvideo: Set media controller entity functions
media: omap3isp: Fix memleak in isp_probe
crypto: omap-sham - fix digcnt register handling with export/import
cypto: mediatek - fix leaks in mtk_desc_ring_alloc
media: mx2_emmaprp: Fix memleak in emmaprp_probe
media: tc358743: initialize variable
media: platform: fcp: Fix a reference count leak.
media: s5p-mfc: Fix a reference count leak
media: ti-vpe: Fix a missing check and reference count leak
regulator: resolve supply after creating regulator
ath10k: provide survey info as accumulated data
Bluetooth: hci_uart: Cancel init work before unregistering
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
ASoC: qcom: lpass-platform: fix memory leak
ASoC: qcom: lpass-cpu: fix concurrency issue
brcmfmac: check ndev pointer
mwifiex: Do not use GFP_KERNEL in atomic context
drm/gma500: fix error check
scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
backlight: sky81452-backlight: Fix refcount imbalance on error
VMCI: check return value of get_user_pages_fast() for errors
tty: serial: earlycon dependency
pty: do tty_flip_buffer_push without port->lock in pty_write
pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
pwm: lpss: Add range limit check for the base_unit register value
drivers/virt/fsl_hypervisor: Fix error handling path
video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
video: fbdev: sis: fix null ptr dereference
HID: roccat: add bounds checking in kone_sysfs_write_settings()
pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
pinctrl: mcp23s08: Fix mcp23x17 precious range
ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
misc: mic: scif: Fix error handling path
ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
usb: dwc2: Fix parameter type in function pointer prototype
quota: clear padding in v2r1_mem2diskdqb()
HID: hid-input: fix stylus battery reporting
qtnfmac: fix resource leaks on unsupported iftype error return path
net: enic: Cure the enic api locking trainwreck
mfd: sm501: Fix leaks in probe()
iwlwifi: mvm: split a print to avoid a WARNING in ROC
usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
nl80211: fix non-split wiphy information
usb: dwc2: Fix INTR OUT transfers in DDMA mode.
scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
mwifiex: fix double free
net: korina: fix kfree of rx/tx descriptor array
mm/memcg: fix device private memcg accounting
mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
IB/mlx4: Fix starvation in paravirt mux/demux
IB/mlx4: Adjust delayed work when a dup is observed
powerpc/pseries: Fix missing of_node_put() in rng_init()
powerpc/icp-hv: Fix missing of_node_put() in success path
mtd: lpddr: fix excessive stack usage with clang
mtd: mtdoops: Don't write panic data twice
ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
xfs: limit entries returned when counting fsmap records
RDMA/qedr: Fix use of uninitialized field
powerpc/tau: Use appropriate temperature sample interval
powerpc/tau: Remove duplicated set_thresholds() call
powerpc/tau: Disable TAU between measurements
perf intel-pt: Fix "context_switch event has no tid" error
RDMA/hns: Set the unsupported wr opcode
kdb: Fix pager search for multi-line strings
overflow: Include header file with SIZE_MAX declaration
powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
powerpc/perf/hv-gpci: Fix starting index value
cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
IB/rdmavt: Fix sizeof mismatch
f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
lib/crc32.c: fix trivial typo in preprocessor condition
ramfs: fix nommu mmap with gaps in the page cache
rapidio: fix error handling path
rapidio: fix the missed put_device() for rio_mport_add_riodev
mailbox: avoid timer start from callback
i2c: rcar: Auto select RESET_CONTROLLER
PCI: iproc: Set affinity mask on MSI interrupts
clk: at91: clk-main: update key before writing AT91_CKGR_MOR
clk: bcm2835: add missing release if devm_clk_hw_register fails
ext4: limit entries returned when counting fsmap records
vfio/pci: Clear token on bypass registration failure
vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
Input: stmfts - fix a & vs && typo
Input: ep93xx_keypad - fix handling of platform_get_irq() error
Input: omap4-keypad - fix handling of platform_get_irq() error
Input: twl4030_keypad - fix handling of platform_get_irq() error
Input: sun4i-ps2 - fix handling of platform_get_irq() error
KVM: x86: emulating RDPID failure shall return #UD rather than #GP
memory: omap-gpmc: Fix a couple off by ones
memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
powerpc/powernv/dump: Fix race while processing OPAL dump
nvmet: fix uninitialized work for zero kato
NTB: hw: amd: fix an issue about leak system resources
perf: correct SNOOPX field offset
i2c: core: Restore acpi_walk_dep_device_list() getting called after registering
the ACPI i2c devs
crypto: ccp - fix error handling
media: firewire: fix memory leak
media: ati_remote: sanity check for both endpoints
media: st-delta: Fix reference count leak in delta_run_work
media: sti: Fix reference count leaks
media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak
media: vsp1: Fix runtime PM imbalance on error
media: platform: s3c-camif: Fix runtime PM imbalance on error
media: platform: sti: hva: Fix runtime PM imbalance on error
media: bdisp: Fix runtime PM imbalance on error
media: media/pci: prevent memory leak in bttv_probe
media: uvcvideo: Ensure all probed info is returned to v4l2
mmc: sdio: Check for CISTPL_VERS_1 buffer size
media: saa7134: avoid a shift overflow
fs: dlm: fix configfs memory leak
media: venus: core: Fix runtime PM imbalance in venus_probe
ntfs: add check for mft record size in superblock
mac80211: handle lack of sband->bitrates in rates
PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
scsi: mvumi: Fix error return in mvumi_io_attach()
scsi: target: core: Add CONTROL field for trace events
mic: vop: copy data to kernel space then write to io memory
misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
usb: gadget: function: printer: fix use-after-free in __lock_acquire
udf: Limit sparing table size
udf: Avoid accessing uninitialized data on failed inode read
USB: cdc-acm: handle broken union descriptors
can: flexcan: flexcan_chip_stop(): add error handling and propagate error value
ath9k: hif_usb: fix race condition between usb_get_urb() and
usb_kill_anchored_urbs()
misc: rtsx: Fix memory leak in rtsx_pci_probe
reiserfs: only call unlock_new_inode() if I_NEW
xfs: make sure the rt allocator doesn't run off the end
usb: ohci: Default to per-port over-current protection
Bluetooth: Only mark socket zapped after unlocking
scsi: ibmvfc: Fix error return in ibmvfc_probe()
brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
rtl8xxxu: prevent potential memory leak
Fix use after free in get_capset_info callback.
scsi: qedi: Protect active command list to avoid list corruption
scsi: qedi: Fix list_del corruption while removing active I/O
tty: ipwireless: fix error handling
ipvs: Fix uninit-value in do_ip_vs_set_ctl()
reiserfs: Fix memory leak in reiserfs_parse_options()
mwifiex: don't call del_timer_sync() on uninitialized timer
brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
usb: core: Solve race condition in anchor cleanup functions
scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
net: korina: cast KSEG0 address to pointer in kfree
tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
eeprom: at25: set minimum read/write access stride to 1
usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
handler
net: fix pos incrementment in ipv6_route_seq_next
ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
x86/nmi: Fix nmi_handle() duration miscalculation
x86/events/amd/iommu: Fix sizeof mismatch
media: uvcvideo: Silence shift-out-of-bounds warning
hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
media: tc358743: cleanup tc358743_cec_isr
pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
staging: rtl8192u: Do not use GFP_KERNEL in atomic context
net: stmmac: use netif_tx_start|stop_all_queues() function
scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
ipvs: clear skb->tstamp in forwarding path
netfilter: nf_log: missing vlan offload tag and proto
RDMA/ucma: Fix locking for ctx->events_reported
RDMA/ucma: Add missing locking around rdma_leave_multicast()
RDMA/qedr: Fix inline size returned for iWARP
UBUNTU: upstream stable to v4.14.203, v4.19.153
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Confirmed
** Affects: linux (Ubuntu Bionic)
Importance: Undecided
Assignee: Kamal Mostafa (kamalmostafa)
Status: In Progress
** Tags: kernel-stable-tracking-bug
** Changed in: linux (Ubuntu)
Status: New => Confirmed
** Tags added: kernel-stable-tracking-bug
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Bionic)
Status: New => In Progress
** Changed in: linux (Ubuntu Bionic)
Assignee: (unassigned) => Kamal Mostafa (kamalmostafa)
** Description changed:
-
- SRU Justification
-
- Impact:
- The upstream process for stable tree updates is quite similar
- in scope to the Ubuntu SRU process, e.g., each patch has to
- demonstrably fix a bug, and each patch is vetted by upstream
- by originating either directly from a mainline/stable Linux tree or
- a minimally backported form of that patch. The following upstream
- stable patches should be included in the Ubuntu kernel:
-
- upstream stable patchset 2020-11-10
- from git://git.kernel.org/
+ SRU Justification
+
+ Impact:
+ The upstream process for stable tree updates is quite similar
+ in scope to the Ubuntu SRU process, e.g., each patch has to
+ demonstrably fix a bug, and each patch is vetted by upstream
+ by originating either directly from a mainline/stable Linux tree or
+ a minimally backported form of that patch. The following upstream
+ stable patches should be included in the Ubuntu kernel:
+
+ upstream stable patchset 2020-11-10
+
+ Ported from the following upstream stable releases:
+ v4.14.202, v4.19.152,
+ v4.14.203, v4.19.153
+
+ from git://git.kernel.org/
+
+ Bluetooth: fix kernel oops in store_pending_adv_report
+ Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
+ Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
+ Bluetooth: Disconnect if E0 is used for Level 4
+ media: usbtv: Fix refcounting mixup
+ USB: serial: option: add Cellient MPL200 card
+ USB: serial: option: Add Telit FT980-KS composition
+ staging: comedi: check validity of wMaxPacketSize of usb endpoints found
+ USB: serial: pl2303: add device-id for HP GC device
+ USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
+ reiserfs: Initialize inode keys properly
+ reiserfs: Fix oops during mount
+ drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case
+ crypto: bcm - Verify GCM/CCM key length in setkey
+ crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
+ ARM: 8858/1: vdso: use $(LD) instead of $(CC) to link VDSO
+ ARM: 8939/1: kbuild: use correct nm executable
+ ARM: 8867/1: vdso: pass --be8 to linker if necessary
+ UBUNTU: upstream stable to v4.14.202, v4.19.152
+ ibmveth: Switch order of ibmveth_helper calls.
+ ibmveth: Identify ingress large send packets.
+ ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
+ mlx4: handle non-napi callers to napi_poll
+ net: usb: qmi_wwan: add Cellient MPL200 card
+ tipc: fix the skb_unshare() in tipc_buf_append()
+ net/ipv4: always honour route mtu during forwarding
+ r8169: fix data corruption issue on RTL8402
+ binder: fix UAF when releasing todo list
+ ALSA: bebob: potential info leak in hwdep_read()
+ net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
+ net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup
+ nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
nfc_genl_fw_download()
+ tcp: fix to update snd_wl1 in bulk receiver fast path
+ icmp: randomize the global rate limiter
+ cifs: remove bogus debug code
+ cifs: Return the error from crypt_message when enc/dec key not found.
+ KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
+ KVM: SVM: Initialize prev_ga_tag before use
+ ima: Don't ignore errors from crypto_shash_update()
+ crypto: algif_aead - Do not set MAY_BACKLOG on the async path
+ EDAC/i5100: Fix error handling order in i5100_init_one()
+ x86/fpu: Allow multiple bits in clearcpuid= parameter
+ drivers/perf: xgene_pmu: Fix uninitialized resource struct
+ crypto: algif_skcipher - EBUSY on aio should be an error
+ crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
+ crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
+ media: tuner-simple: fix regression in simple_set_radio_freq
+ media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()"
+ media: m5mols: Check function pointer in m5mols_sensor_power
+ media: uvcvideo: Set media controller entity functions
+ media: omap3isp: Fix memleak in isp_probe
+ crypto: omap-sham - fix digcnt register handling with export/import
+ cypto: mediatek - fix leaks in mtk_desc_ring_alloc
+ media: mx2_emmaprp: Fix memleak in emmaprp_probe
+ media: tc358743: initialize variable
+ media: platform: fcp: Fix a reference count leak.
+ media: s5p-mfc: Fix a reference count leak
+ media: ti-vpe: Fix a missing check and reference count leak
+ regulator: resolve supply after creating regulator
+ ath10k: provide survey info as accumulated data
+ Bluetooth: hci_uart: Cancel init work before unregistering
+ ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
+ ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
+ wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
+ ASoC: qcom: lpass-platform: fix memory leak
+ ASoC: qcom: lpass-cpu: fix concurrency issue
+ brcmfmac: check ndev pointer
+ mwifiex: Do not use GFP_KERNEL in atomic context
+ drm/gma500: fix error check
+ scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
+ scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
+ backlight: sky81452-backlight: Fix refcount imbalance on error
+ VMCI: check return value of get_user_pages_fast() for errors
+ tty: serial: earlycon dependency
+ pty: do tty_flip_buffer_push without port->lock in pty_write
+ pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
+ pwm: lpss: Add range limit check for the base_unit register value
+ drivers/virt/fsl_hypervisor: Fix error handling path
+ video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
+ video: fbdev: sis: fix null ptr dereference
+ HID: roccat: add bounds checking in kone_sysfs_write_settings()
+ pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
+ pinctrl: mcp23s08: Fix mcp23x17 precious range
+ ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
+ misc: mic: scif: Fix error handling path
+ ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
+ usb: dwc2: Fix parameter type in function pointer prototype
+ quota: clear padding in v2r1_mem2diskdqb()
+ HID: hid-input: fix stylus battery reporting
+ qtnfmac: fix resource leaks on unsupported iftype error return path
+ net: enic: Cure the enic api locking trainwreck
+ mfd: sm501: Fix leaks in probe()
+ iwlwifi: mvm: split a print to avoid a WARNING in ROC
+ usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
+ usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
+ nl80211: fix non-split wiphy information
+ usb: dwc2: Fix INTR OUT transfers in DDMA mode.
+ scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
+ mwifiex: fix double free
+ net: korina: fix kfree of rx/tx descriptor array
+ mm/memcg: fix device private memcg accounting
+ mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
+ IB/mlx4: Fix starvation in paravirt mux/demux
+ IB/mlx4: Adjust delayed work when a dup is observed
+ powerpc/pseries: Fix missing of_node_put() in rng_init()
+ powerpc/icp-hv: Fix missing of_node_put() in success path
+ mtd: lpddr: fix excessive stack usage with clang
+ mtd: mtdoops: Don't write panic data twice
+ ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
+ arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
+ xfs: limit entries returned when counting fsmap records
+ RDMA/qedr: Fix use of uninitialized field
+ powerpc/tau: Use appropriate temperature sample interval
+ powerpc/tau: Remove duplicated set_thresholds() call
+ powerpc/tau: Disable TAU between measurements
+ perf intel-pt: Fix "context_switch event has no tid" error
+ RDMA/hns: Set the unsupported wr opcode
+ kdb: Fix pager search for multi-line strings
+ overflow: Include header file with SIZE_MAX declaration
+ powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
+ powerpc/perf/hv-gpci: Fix starting index value
+ cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
+ IB/rdmavt: Fix sizeof mismatch
+ f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
+ lib/crc32.c: fix trivial typo in preprocessor condition
+ ramfs: fix nommu mmap with gaps in the page cache
+ rapidio: fix error handling path
+ rapidio: fix the missed put_device() for rio_mport_add_riodev
+ mailbox: avoid timer start from callback
+ i2c: rcar: Auto select RESET_CONTROLLER
+ PCI: iproc: Set affinity mask on MSI interrupts
+ clk: at91: clk-main: update key before writing AT91_CKGR_MOR
+ clk: bcm2835: add missing release if devm_clk_hw_register fails
+ ext4: limit entries returned when counting fsmap records
+ vfio/pci: Clear token on bypass registration failure
+ vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
+ Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
+ Input: stmfts - fix a & vs && typo
+ Input: ep93xx_keypad - fix handling of platform_get_irq() error
+ Input: omap4-keypad - fix handling of platform_get_irq() error
+ Input: twl4030_keypad - fix handling of platform_get_irq() error
+ Input: sun4i-ps2 - fix handling of platform_get_irq() error
+ KVM: x86: emulating RDPID failure shall return #UD rather than #GP
+ memory: omap-gpmc: Fix a couple off by ones
+ memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
+ arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
+ ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
+ arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
+ powerpc/powernv/dump: Fix race while processing OPAL dump
+ nvmet: fix uninitialized work for zero kato
+ NTB: hw: amd: fix an issue about leak system resources
+ perf: correct SNOOPX field offset
+ i2c: core: Restore acpi_walk_dep_device_list() getting called after
registering the ACPI i2c devs
+ crypto: ccp - fix error handling
+ media: firewire: fix memory leak
+ media: ati_remote: sanity check for both endpoints
+ media: st-delta: Fix reference count leak in delta_run_work
+ media: sti: Fix reference count leaks
+ media: exynos4-is: Fix several reference count leaks due to
pm_runtime_get_sync
+ media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
+ media: exynos4-is: Fix a reference count leak
+ media: vsp1: Fix runtime PM imbalance on error
+ media: platform: s3c-camif: Fix runtime PM imbalance on error
+ media: platform: sti: hva: Fix runtime PM imbalance on error
+ media: bdisp: Fix runtime PM imbalance on error
+ media: media/pci: prevent memory leak in bttv_probe
+ media: uvcvideo: Ensure all probed info is returned to v4l2
+ mmc: sdio: Check for CISTPL_VERS_1 buffer size
+ media: saa7134: avoid a shift overflow
+ fs: dlm: fix configfs memory leak
+ media: venus: core: Fix runtime PM imbalance in venus_probe
+ ntfs: add check for mft record size in superblock
+ mac80211: handle lack of sband->bitrates in rates
+ PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
+ scsi: mvumi: Fix error return in mvumi_io_attach()
+ scsi: target: core: Add CONTROL field for trace events
+ mic: vop: copy data to kernel space then write to io memory
+ misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
+ usb: gadget: function: printer: fix use-after-free in __lock_acquire
+ udf: Limit sparing table size
+ udf: Avoid accessing uninitialized data on failed inode read
+ USB: cdc-acm: handle broken union descriptors
+ can: flexcan: flexcan_chip_stop(): add error handling and propagate error
value
+ ath9k: hif_usb: fix race condition between usb_get_urb() and
usb_kill_anchored_urbs()
+ misc: rtsx: Fix memory leak in rtsx_pci_probe
+ reiserfs: only call unlock_new_inode() if I_NEW
+ xfs: make sure the rt allocator doesn't run off the end
+ usb: ohci: Default to per-port over-current protection
+ Bluetooth: Only mark socket zapped after unlocking
+ scsi: ibmvfc: Fix error return in ibmvfc_probe()
+ brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
+ rtl8xxxu: prevent potential memory leak
+ Fix use after free in get_capset_info callback.
+ scsi: qedi: Protect active command list to avoid list corruption
+ scsi: qedi: Fix list_del corruption while removing active I/O
+ tty: ipwireless: fix error handling
+ ipvs: Fix uninit-value in do_ip_vs_set_ctl()
+ reiserfs: Fix memory leak in reiserfs_parse_options()
+ mwifiex: don't call del_timer_sync() on uninitialized timer
+ brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
+ usb: core: Solve race condition in anchor cleanup functions
+ scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
+ ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
+ net: korina: cast KSEG0 address to pointer in kfree
+ tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
+ usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
+ USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
+ eeprom: at25: set minimum read/write access stride to 1
+ usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
+ powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
handler
+ net: fix pos incrementment in ipv6_route_seq_next
+ ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
+ x86/nmi: Fix nmi_handle() duration miscalculation
+ x86/events/amd/iommu: Fix sizeof mismatch
+ media: uvcvideo: Silence shift-out-of-bounds warning
+ hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
+ media: tc358743: cleanup tc358743_cec_isr
+ pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
+ spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
+ staging: rtl8192u: Do not use GFP_KERNEL in atomic context
+ net: stmmac: use netif_tx_start|stop_all_queues() function
+ scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
+ ipvs: clear skb->tstamp in forwarding path
+ netfilter: nf_log: missing vlan offload tag and proto
+ RDMA/ucma: Fix locking for ctx->events_reported
+ RDMA/ucma: Add missing locking around rdma_leave_multicast()
+ RDMA/qedr: Fix inline size returned for iWARP
+ UBUNTU: upstream stable to v4.14.203, v4.19.153
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1903768
Title:
Bionic update: upstream stable patchset 2020-11-10
Status in linux package in Ubuntu:
Confirmed
Status in linux source package in Bionic:
In Progress
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2020-11-10
Ported from the following upstream stable releases:
v4.14.202, v4.19.152,
v4.14.203, v4.19.153
from git://git.kernel.org/
Bluetooth: fix kernel oops in store_pending_adv_report
Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
Bluetooth: Disconnect if E0 is used for Level 4
media: usbtv: Fix refcounting mixup
USB: serial: option: add Cellient MPL200 card
USB: serial: option: Add Telit FT980-KS composition
staging: comedi: check validity of wMaxPacketSize of usb endpoints found
USB: serial: pl2303: add device-id for HP GC device
USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
reiserfs: Initialize inode keys properly
reiserfs: Fix oops during mount
drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case
crypto: bcm - Verify GCM/CCM key length in setkey
crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
ARM: 8858/1: vdso: use $(LD) instead of $(CC) to link VDSO
ARM: 8939/1: kbuild: use correct nm executable
ARM: 8867/1: vdso: pass --be8 to linker if necessary
UBUNTU: upstream stable to v4.14.202, v4.19.152
ibmveth: Switch order of ibmveth_helper calls.
ibmveth: Identify ingress large send packets.
ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
mlx4: handle non-napi callers to napi_poll
net: usb: qmi_wwan: add Cellient MPL200 card
tipc: fix the skb_unshare() in tipc_buf_append()
net/ipv4: always honour route mtu during forwarding
r8169: fix data corruption issue on RTL8402
binder: fix UAF when releasing todo list
ALSA: bebob: potential info leak in hwdep_read()
net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup
nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
nfc_genl_fw_download()
tcp: fix to update snd_wl1 in bulk receiver fast path
icmp: randomize the global rate limiter
cifs: remove bogus debug code
cifs: Return the error from crypt_message when enc/dec key not found.
KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
KVM: SVM: Initialize prev_ga_tag before use
ima: Don't ignore errors from crypto_shash_update()
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
EDAC/i5100: Fix error handling order in i5100_init_one()
x86/fpu: Allow multiple bits in clearcpuid= parameter
drivers/perf: xgene_pmu: Fix uninitialized resource struct
crypto: algif_skcipher - EBUSY on aio should be an error
crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
media: tuner-simple: fix regression in simple_set_radio_freq
media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()"
media: m5mols: Check function pointer in m5mols_sensor_power
media: uvcvideo: Set media controller entity functions
media: omap3isp: Fix memleak in isp_probe
crypto: omap-sham - fix digcnt register handling with export/import
cypto: mediatek - fix leaks in mtk_desc_ring_alloc
media: mx2_emmaprp: Fix memleak in emmaprp_probe
media: tc358743: initialize variable
media: platform: fcp: Fix a reference count leak.
media: s5p-mfc: Fix a reference count leak
media: ti-vpe: Fix a missing check and reference count leak
regulator: resolve supply after creating regulator
ath10k: provide survey info as accumulated data
Bluetooth: hci_uart: Cancel init work before unregistering
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
ASoC: qcom: lpass-platform: fix memory leak
ASoC: qcom: lpass-cpu: fix concurrency issue
brcmfmac: check ndev pointer
mwifiex: Do not use GFP_KERNEL in atomic context
drm/gma500: fix error check
scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
backlight: sky81452-backlight: Fix refcount imbalance on error
VMCI: check return value of get_user_pages_fast() for errors
tty: serial: earlycon dependency
pty: do tty_flip_buffer_push without port->lock in pty_write
pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
pwm: lpss: Add range limit check for the base_unit register value
drivers/virt/fsl_hypervisor: Fix error handling path
video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
video: fbdev: sis: fix null ptr dereference
HID: roccat: add bounds checking in kone_sysfs_write_settings()
pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
pinctrl: mcp23s08: Fix mcp23x17 precious range
ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
misc: mic: scif: Fix error handling path
ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
usb: dwc2: Fix parameter type in function pointer prototype
quota: clear padding in v2r1_mem2diskdqb()
HID: hid-input: fix stylus battery reporting
qtnfmac: fix resource leaks on unsupported iftype error return path
net: enic: Cure the enic api locking trainwreck
mfd: sm501: Fix leaks in probe()
iwlwifi: mvm: split a print to avoid a WARNING in ROC
usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
nl80211: fix non-split wiphy information
usb: dwc2: Fix INTR OUT transfers in DDMA mode.
scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
mwifiex: fix double free
net: korina: fix kfree of rx/tx descriptor array
mm/memcg: fix device private memcg accounting
mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
IB/mlx4: Fix starvation in paravirt mux/demux
IB/mlx4: Adjust delayed work when a dup is observed
powerpc/pseries: Fix missing of_node_put() in rng_init()
powerpc/icp-hv: Fix missing of_node_put() in success path
mtd: lpddr: fix excessive stack usage with clang
mtd: mtdoops: Don't write panic data twice
ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
xfs: limit entries returned when counting fsmap records
RDMA/qedr: Fix use of uninitialized field
powerpc/tau: Use appropriate temperature sample interval
powerpc/tau: Remove duplicated set_thresholds() call
powerpc/tau: Disable TAU between measurements
perf intel-pt: Fix "context_switch event has no tid" error
RDMA/hns: Set the unsupported wr opcode
kdb: Fix pager search for multi-line strings
overflow: Include header file with SIZE_MAX declaration
powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
powerpc/perf/hv-gpci: Fix starting index value
cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
IB/rdmavt: Fix sizeof mismatch
f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
lib/crc32.c: fix trivial typo in preprocessor condition
ramfs: fix nommu mmap with gaps in the page cache
rapidio: fix error handling path
rapidio: fix the missed put_device() for rio_mport_add_riodev
mailbox: avoid timer start from callback
i2c: rcar: Auto select RESET_CONTROLLER
PCI: iproc: Set affinity mask on MSI interrupts
clk: at91: clk-main: update key before writing AT91_CKGR_MOR
clk: bcm2835: add missing release if devm_clk_hw_register fails
ext4: limit entries returned when counting fsmap records
vfio/pci: Clear token on bypass registration failure
vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
Input: stmfts - fix a & vs && typo
Input: ep93xx_keypad - fix handling of platform_get_irq() error
Input: omap4-keypad - fix handling of platform_get_irq() error
Input: twl4030_keypad - fix handling of platform_get_irq() error
Input: sun4i-ps2 - fix handling of platform_get_irq() error
KVM: x86: emulating RDPID failure shall return #UD rather than #GP
memory: omap-gpmc: Fix a couple off by ones
memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
powerpc/powernv/dump: Fix race while processing OPAL dump
nvmet: fix uninitialized work for zero kato
NTB: hw: amd: fix an issue about leak system resources
perf: correct SNOOPX field offset
i2c: core: Restore acpi_walk_dep_device_list() getting called after
registering the ACPI i2c devs
crypto: ccp - fix error handling
media: firewire: fix memory leak
media: ati_remote: sanity check for both endpoints
media: st-delta: Fix reference count leak in delta_run_work
media: sti: Fix reference count leaks
media: exynos4-is: Fix several reference count leaks due to
pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak
media: vsp1: Fix runtime PM imbalance on error
media: platform: s3c-camif: Fix runtime PM imbalance on error
media: platform: sti: hva: Fix runtime PM imbalance on error
media: bdisp: Fix runtime PM imbalance on error
media: media/pci: prevent memory leak in bttv_probe
media: uvcvideo: Ensure all probed info is returned to v4l2
mmc: sdio: Check for CISTPL_VERS_1 buffer size
media: saa7134: avoid a shift overflow
fs: dlm: fix configfs memory leak
media: venus: core: Fix runtime PM imbalance in venus_probe
ntfs: add check for mft record size in superblock
mac80211: handle lack of sband->bitrates in rates
PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
scsi: mvumi: Fix error return in mvumi_io_attach()
scsi: target: core: Add CONTROL field for trace events
mic: vop: copy data to kernel space then write to io memory
misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
usb: gadget: function: printer: fix use-after-free in __lock_acquire
udf: Limit sparing table size
udf: Avoid accessing uninitialized data on failed inode read
USB: cdc-acm: handle broken union descriptors
can: flexcan: flexcan_chip_stop(): add error handling and propagate error
value
ath9k: hif_usb: fix race condition between usb_get_urb() and
usb_kill_anchored_urbs()
misc: rtsx: Fix memory leak in rtsx_pci_probe
reiserfs: only call unlock_new_inode() if I_NEW
xfs: make sure the rt allocator doesn't run off the end
usb: ohci: Default to per-port over-current protection
Bluetooth: Only mark socket zapped after unlocking
scsi: ibmvfc: Fix error return in ibmvfc_probe()
brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
rtl8xxxu: prevent potential memory leak
Fix use after free in get_capset_info callback.
scsi: qedi: Protect active command list to avoid list corruption
scsi: qedi: Fix list_del corruption while removing active I/O
tty: ipwireless: fix error handling
ipvs: Fix uninit-value in do_ip_vs_set_ctl()
reiserfs: Fix memory leak in reiserfs_parse_options()
mwifiex: don't call del_timer_sync() on uninitialized timer
brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
usb: core: Solve race condition in anchor cleanup functions
scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
net: korina: cast KSEG0 address to pointer in kfree
tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
eeprom: at25: set minimum read/write access stride to 1
usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt
handler
net: fix pos incrementment in ipv6_route_seq_next
ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
x86/nmi: Fix nmi_handle() duration miscalculation
x86/events/amd/iommu: Fix sizeof mismatch
media: uvcvideo: Silence shift-out-of-bounds warning
hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
media: tc358743: cleanup tc358743_cec_isr
pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
staging: rtl8192u: Do not use GFP_KERNEL in atomic context
net: stmmac: use netif_tx_start|stop_all_queues() function
scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
ipvs: clear skb->tstamp in forwarding path
netfilter: nf_log: missing vlan offload tag and proto
RDMA/ucma: Fix locking for ctx->events_reported
RDMA/ucma: Add missing locking around rdma_leave_multicast()
RDMA/qedr: Fix inline size returned for iWARP
UBUNTU: upstream stable to v4.14.203, v4.19.153
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1903768/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
