This bug was fixed in the package linux - 4.2.0-16.19
---------------
linux (4.2.0-16.19) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1504143
* [Config] CONFIG_X86_LEGACY_VM86=y, CONFIG_VM86=y for i386
- LP: #1499089
* [Config] CONFIG_MODIFY_LDT_SYSCALL=y
- LP: #1499089
* SAUCE: intel_pstate: Allow manually forcing the use of HWP on Skylake-S
* [Config] CONFIG_ARM64_ERRATUM_843419=n
- LP: #1502946
* [Config] CONFIG_CAVIUM_ERRATUM_22375=y, CONFIG_CAVIUM_ERRATUM_23154=y
[ Christophe Lombard ]
* SAUCE: (noup) cxl: Fix number of allocated pages in SPA
- LP: #1499849
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix to avoid corrupting port selection mask
[ Robert Richter ]
* SAUCE: (noup) irqchip/gicv3-its: Add range check for number of
allocated pages
* SAUCE: (noup) irqchip/gicv3: Workaround for Cavium ThunderX erratum
23154
* SAUCE: (noup) irqchip/gicv3-its: Read typer register outside the loop
* SAUCE: (noup) irqchip/gicv3-its: Add HW revision detection and
configuration
* SAUCE: (noup) irqchip/gicv3-its: Workaround for Cavium ThunderX errata
22375, 24313
[ Upstream Kernel Changes ]
* x86/compat: Define ARCH_WANT_OLD_COMPAT_IPC only for 32-bit compat
- LP: #1499089
* x86/compat: Clean up HAVE_UID16 config
- LP: #1499089
* x86/compat: Separate ia32 and x32 compat ABIs
- LP: #1499089
* x86/entry/vm86: Clean up saved_fs/gs
- LP: #1499089
* x86/entry/vm86: Preserve 'orig_ax'
- LP: #1499089
* x86/entry/vm86: Move userspace accesses to do_sys_vm86()
- LP: #1499089
* x86/kconfig/32: Rename CONFIG_VM86 and default it to 'n'
- LP: #1499089
* x86/ldt: Make modify_ldt() optional
- LP: #1499089
* x86/vm86: Move vm86 fields out of 'thread_struct'
- LP: #1499089
* x86/vm86: Move fields from 'struct kernel_vm86_struct' to 'struct vm86'
- LP: #1499089
* x86/vm86: Eliminate 'struct kernel_vm86_struct'
- LP: #1499089
* x86/vm86: Use the normal pt_regs area for vm86
- LP: #1499089
* x86/vm86: Move the vm86 IRQ definitions to vm86.h
- LP: #1499089
* x86/vm86: Clean up vm86.h includes
- LP: #1499089
* x86/vm86: Rename vm86->vm86_info to user_vm86
- LP: #1499089
* x86/vm86: Rename vm86->v86flags and v86mask
- LP: #1499089
* x86/selftests, x86/vm86: Improve entry_from_vm86 selftest
- LP: #1499089
* selftests/x86/vm86: Fix entry_from_vm86 test on 64-bit kernels
- LP: #1499089
* x86/vm86: Block non-root vm86(old) if mmap_min_addr != 0
- LP: #1499089
* x86/vm86: Fix the misleading CONFIG_VM86 Kconfig help text
- LP: #1499089
* netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- LP: #1503902
linux (4.2.0-15.18) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503692
[ Andy Whitcroft ]
* Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()"
Was incorrectly backported.
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Tim Gardner ]
* [Debian] config-check and prepare using ${DEBIAN}/config/annotations
Makes the LTS update script work better.
linux (4.2.0-15.17) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503016
* rebase to v4.2.3
[ Andrew Donnellan ]
* SAUCE: cxl: fix leak of IRQ names in cxl_free_afu_irqs()
* SAUCE: cxl: fix leak of ctx->irq_bitmap when releasing context via
kernel API
* SAUCE: cxl: fix leak of ctx->mapping when releasing kernel API contexts
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Dan Carpenter ]
* SAUCE: (noup) cxlflash: a couple off by one bugs
- LP: #1499849
[ John Johansen ]
* SAUCE: (no-up) apparmor: fix mount not handling disconnected paths
- LP: #1496430
[ Manoj Kumar ]
* SAUCE: (noup) cxlflash: Fix to avoid invalid port_sel value
- LP: #1499849
* SAUCE: (noup) cxlflash: Replace magic numbers with literals
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix read capacity timeout
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to double the delay each time
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to escalate to LINK_RESET on login timeout
- LP: #1499849
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix potential oops following LUN removal
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix data corruption when vLUN used over
multiple cards
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid sizeof(bool)
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix context encode mask width
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid CXL services during EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct naming of limbo state and waitq
- LP: #1499849
* SAUCE: (noup) cxlflash: Make functions static
- LP: #1499849
* SAUCE: (noup) cxlflash: Refine host/device attributes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid spamming the kernel log
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid stall while waiting on TMF
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix location of setting resid
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix host link up event handling
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix async interrupt bypass logic
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove dual port online dependency
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix AFU version access/storage and add check
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct usage of scsi_host_put()
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent workq from accessing freed
memory
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct behavior in device reset handler
following EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove unnecessary scsi_block_requests
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix function prolog parameters and return codes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix MMIO and endianness errors
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent EEH recovery failure
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct spelling, grammar, and alignment
mistakes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent stale AFU RRQ
- LP: #1499849
* SAUCE: (noup) MAINTAINERS: Add cxlflash driver
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid corrupting adapter fops
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct trace string
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid potential deadlock on EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid leaving dangling interrupt
resources
- LP: #1499849
[ Philippe Bergheaud ]
* SAUCE: cxl: Workaround malformed pcie packets on some cards
[ Tim Gardner ]
* [Config] CONFIG_CC_STACKPROTECTOR_STRONG=y
- LP: #1380025
* [Config] Add MMC modules sufficient for net booting
- LP: #1502772
[ Upstream Kernel Changes ]
* Initialize msg/shm IPC objects before doing ipc_addid()
* RDS: verify the underlying transport exists before creating a
connection
* cxl: abort cxl_pci_enable_device_hook() if PCI channel is offline
* cxl: Fix build failure due to -Wunused-variable behaviour change
* cxl: Fix lockdep warning while creating afu_err_buff attribute
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- CVE-2015-2925
* hv_netvsc: Add support to set MTU reservation from guest side
- LP: #1494431
* hv_netvsc: Add close of RNDIS filter into change mtu call
- LP: #1494431
-- Tim Gardner <tim.gard...@canonical.com> Thu, 08 Oct 2015 08:37:53
-0400
** Changed in: linux (Ubuntu Wily)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7312
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1503902
Title:
Network stops working after inserting nf_conntrack.ko to kernel
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Wily:
Fix Released
Bug description:
While evaluating Wily for further use I found that after random period
of time Internet connection drops (while IP stack is configured
properly) and system message log gets quickly filled with following
messages:
Oct 07 14:06:25 hikari kernel: nf_conntrack: table full, dropping packet
Oct 07 14:06:26 hikari kernel: nf_conntrack: table full, dropping packet
Problem occurs only if I manually load nf_conntrack or related kernel
modules or start Shorewall (which loads nf_conntrack obviously).
Removing nf_conntrack and nf_conntrack and dependent modules fixes
problem and restores Internet connection.
With older builds of linux kernel (4.1.0-*) everything works as
expected.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: linux-image-4.2.0-14-generic 4.2.0-14.16
ProcVersionSignature: Ubuntu 4.2.0-14.16-generic 4.2.2
Uname: Linux 4.2.0-14-generic x86_64
ApportVersion: 2.19.1-0ubuntu1
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: blami 1805 F.... pulseaudio
CurrentDesktop: Unity
Date: Wed Oct 7 23:56:46 2015
MachineType: LENOVO 2325DV5
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.2.0-14-generic
root=UUID=ac8f53c6-5a42-45b3-aa74-4237647b3936 ro rootflags=subvol=@ quiet
splash vt.handoff=7
RelatedPackageVersions:
linux-restricted-modules-4.2.0-14-generic N/A
linux-backports-modules-4.2.0-14-generic N/A
linux-firmware 1.148
SourcePackage: linux
UdevLog: Error: [Errno 2] No such file or directory: '/var/log/udev'
UpgradeStatus: No upgrade log present (probably fresh install)
WifiSyslog:
dmi.bios.date: 03/05/2013
dmi.bios.vendor: LENOVO
dmi.bios.version: G2ETA0WW (2.60 )
dmi.board.asset.tag: Not Available
dmi.board.name: 2325DV5
dmi.board.vendor: LENOVO
dmi.board.version: Not Defined
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias:
dmi:bvnLENOVO:bvrG2ETA0WW(2.60):bd03/05/2013:svnLENOVO:pn2325DV5:pvrThinkPadX230:rvnLENOVO:rn2325DV5:rvrNotDefined:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.name: 2325DV5
dmi.product.version: ThinkPad X230
dmi.sys.vendor: LENOVO
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1503902/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
