This bug was fixed in the package linux - 4.4.0-97.120
---------------
linux (4.4.0-97.120) xenial; urgency=low
* linux: 4.4.0-97.120 -proposed tracker (LP: #1718149)
* blk-mq: possible deadlock on CPU hot(un)plug (LP: #1670634)
- [Config] s390x -- disable CONFIG_{DM, SCSI}_MQ_DEFAULT
* Xenial update to 4.4.87 stable release (LP: #1715678)
- irqchip: mips-gic: SYNC after enabling GIC region
- i2c: ismt: Don't duplicate the receive length for block reads
- i2c: ismt: Return EMSGSIZE for block reads with bogus length
- ceph: fix readpage from fscache
- cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
- cpuset: Fix incorrect memory_pressure control file mapping
- alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
- CIFS: remove endian related sparse warning
- wl1251: add a missing spin_lock_init()
- xfrm: policy: check policy direction value
- drm/ttm: Fix accounting error when fail to get pages for pool
- kvm: arm/arm64: Fix race in resetting stage2 PGD
- kvm: arm/arm64: Force reading uncached stage2 PGD
- epoll: fix race between ep_poll_callback(POLLFREE) and
ep_free()/ep_remove()
- crypto: algif_skcipher - only call put_page on referenced and used pages
- Linux 4.4.87
* Xenial update to 4.4.86 stable release (LP: #1715430)
- scsi: isci: avoid array subscript warning
- ALSA: au88x0: Fix zero clear of stream->resources
- btrfs: remove duplicate const specifier
- i2c: jz4780: drop superfluous init
- gcov: add support for gcc version >= 6
- gcov: support GCC 7.1
- lightnvm: initialize ppa_addr in dev_to_generic_addr()
- p54: memset(0) whole array
- lpfc: Fix Device discovery failures during switch reboot test.
- arm64: mm: abort uaccess retries upon fatal signal
- x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
- arm64: fpsimd: Prevent registers leaking across exec
- scsi: sg: protect accesses to 'reserved' page array
- scsi: sg: reset 'res_in_use' after unlinking reserved array
- drm/i915: fix compiler warning in drivers/gpu/drm/i915/intel_uncore.c
- Linux 4.4.86
* Xenial update to 4.4.85 stable release (LP: #1714298)
- af_key: do not use GFP_KERNEL in atomic contexts
- dccp: purge write queue in dccp_destroy_sock()
- dccp: defer ccid_hc_tx_delete() at dismantle time
- ipv4: fix NULL dereference in free_fib_info_rcu()
- net_sched/sfq: update hierarchical backlog when drop packet
- ipv4: better IP_MAX_MTU enforcement
- sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
- tipc: fix use-after-free
- ipv6: reset fn->rr_ptr when replacing route
- ipv6: repair fib6 tree in failure case
- tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
- irda: do not leak initialized list.dev to userspace
- net: sched: fix NULL pointer dereference when action calls some targets
- net_sched: fix order of queue length updates in qdisc_replace()
- mei: me: add broxton pci device ids
- mei: me: add lewisburg device ids
- Input: trackpoint - add new trackpoint firmware ID
- Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
- ALSA: core: Fix unexpected error at replacing user TLV
- ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
- ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
- i2c: designware: Fix system suspend
- drm: Release driver tracking before making the object available again
- drm/atomic: If the atomic check fails, return its value first
- drm: rcar-du: lvds: Fix PLL frequency-related configuration
- drm: rcar-du: lvds: Rename PLLEN bit to PLLON
- drm: rcar-du: Fix crash in encoder failure error path
- drm: rcar-du: Fix display timing controller parameter
- drm: rcar-du: Fix H/V sync signal polarity configuration
- tracing: Fix freeing of filter in create_filter() when set_str is false
- cifs: Fix df output for users with quota limits
- cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
- nfsd: Limit end of page list when decoding NFSv4 WRITE
- perf/core: Fix group {cpu,task} validation
- Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
- Bluetooth: cmtp: fix possible might sleep error in cmtp_session
- Bluetooth: bnep: fix possible might sleep error in bnep_session
- binder: use group leader instead of open thread
- binder: Use wake up hint for synchronous transactions.
- ANDROID: binder: fix proc->tsk check.
- iio: imu: adis16480: Fix acceleration scale factor for adis16480
- iio: hid-sensor-trigger: Fix the race with user space powering up sensors
- staging: rtl8188eu: add RNX-N150NUB support
- ASoC: simple-card: don't fail if sysclk setting is not supported
- ASoC: rsnd: disable SRC.out only when stop timing
- ASoC: rsnd: avoid pointless loop in rsnd_mod_interrupt()
- ASoC: rsnd: Add missing initialization of ADG req_rate
- ASoC: rsnd: ssi: 24bit data needs right-aligned settings
- ASoC: rsnd: don't call update callback if it was NULL
- ntb_transport: fix qp count bug
- ntb_transport: fix bug calculating num_qps_mw
- ACPI: ioapic: Clear on-stack resource before using it
- ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
- Linux 4.4.85
* Xenial update to 4.4.84 stable release (LP: #1713729)
- audit: Fix use after free in audit_remove_watch_rule()
- parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
- crypto: x86/sha1 - Fix reads beyond the number of blocks passed
- Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
- ALSA: seq: 2nd attempt at fixing race creating a queue
- Revert "UBUNTU: SAUCE: (no-up) ALSA: usb-audio: Add quirk for sennheiser
officerunner"
- ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
- ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
- mm/mempolicy: fix use after free when calling get_mempolicy
- xen: fix bio vec merging
- x86/asm/64: Clear AC on NMI entries
- irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
- irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
- Sanitize 'move_pages()' permission checks
- pids: make task_tgid_nr_ns() safe
- perf/x86: Fix LBR related crashes on Intel Atom
- usb: optimize acpi companion search for usb port devices
- usb: qmi_wwan: add D-Link DWM-222 device ID
- Linux 4.4.84
* Intel i40e PF reset due to incorrect MDD detection (LP: #1713553)
- i40e: Limit TX descriptor count in cases where frag size is greater than
16K
* Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
- sock: add sk_dst_pending_confirm flag
- net: add dst_pending_confirm flag to skbuff
- sctp: add dst_pending_confirm flag
- tcp: replace dst_confirm with sk_dst_confirm
- net: add confirm_neigh method to dst_ops
- net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
- net: pending_confirm is not used anymore
* CVE-2017-14106
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
* [CIFS] Fix maximum SMB2 header size (LP: #1713884)
- CIFS: Fix maximum SMB2 header size
* Middle button of trackpoint doesn't work (LP: #1715271)
- Input: trackpoint - assume 3 buttons when buttons detection fails
* kernel BUG at /build/linux-lts-xenial-_hWfOZ/linux-lts-
xenial-4.4.0/security/apparmor/include/context.h:69! (LP: #1626984)
- SAUCE: fix oops when disabled and module parameters, are accessed
* Touchpad not detected (LP: #1708852)
- Input: elan_i2c - add ELAN0608 to the ACPI table
-- Kleber Sacilotto de Souza <kleber.so...@canonical.com> Tue, 19 Sep
2017 17:55:11 +0200
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1626984
Title:
kernel BUG at /build/linux-lts-xenial-_hWfOZ/linux-lts-
xenial-4.4.0/security/apparmor/include/context.h:69!
Status in linux package in Ubuntu:
Confirmed
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Zesty:
Fix Released
Bug description:
I am runing sosreport on ubuntu 14.04.4 LTS which has upgrade the kernel to
4.4.0-38-generic, it get oops while copying
/sys/module/apparmor/parameters/audit. and it also can be triggered with
cat /sys/module/apparmor/parameters/audit.
[ 213.174092] ------------[ cut here ]------------
[ 213.174130] kernel BUG at
/build/linux-lts-xenial-_hWfOZ/linux-lts-xenial-4.4.0/security/apparmor/include/context.h:69!
[ 213.174187] invalid opcode: 0000 [#1] SMP
[ 213.174215] Modules linked in: ppdev lp joydev serio_raw parport_pc
parport psmouse virtio_scsi floppy
[ 213.174283] CPU: 0 PID: 2246 Comm: cat Not tainted 4.4.0-38-generic
#57~14.04.1-Ubuntu
[ 213.174324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014
[ 213.174380] task: ffff880037b15780 ti: ffff8800399c4000 task.ti:
ffff8800399c4000
[ 213.174419] RIP: 0010:[<ffffffff813888a1>] [<ffffffff813888a1>]
aa_current_raw_label.part.6+0x4/0x6
[ 213.174478] RSP: 0018:ffff8800399c7d60 EFLAGS: 00010246
[ 213.174506] RAX: 0000000000000000 RBX: ffff88003a426000 RCX:
ffff88003e3802a0
[ 213.174542] RDX: ffff88003a426000 RSI: ffffffff81ddc0d8 RDI:
ffff88003a426000
[ 213.174578] RBP: ffff8800399c7d60 R08: ffff88003e3802a0 R09:
0000000000000000
[ 213.174614] R10: 0000000000001000 R11: 0000000000000246 R12:
ffffffff81e44ae0
[ 213.174658] R13: ffff88003e3802a0 R14: ffffffff81e4c220 R15:
ffff88003c2b2e40
[ 213.174702] FS: 00007f7bea106740(0000) GS:ffff88003fc00000(0000)
knlGS:0000000000000000
[ 213.174743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 213.174781] CR2: 0000000000a40038 CR3: 000000003cdfa000 CR4:
00000000000006f0
[ 213.174819] Stack:
[ 213.174832] ffff8800399c7d88 ffffffff8136d58a ffff88003a426000
ffff88003a426000
[ 213.174885] ffff88003e3802a0 ffff8800399c7da0 ffffffff8136fda2
ffff88003e39c5f0
[ 213.174928] ffff8800399c7dd0 ffffffff8109a7e4 ffff88003c2b2e40
ffffffff81a170c0
[ 213.174971] Call Trace:
[ 213.174996] [<ffffffff8136d58a>] policy_view_capable+0x1ba/0x220
[ 213.175030] [<ffffffff8136fda2>] param_get_audit+0x12/0x50
[ 213.175062] [<ffffffff8109a7e4>] param_attr_show+0x54/0xa0
[ 213.175092] [<ffffffff8109a20d>] module_attr_show+0x1d/0x30
[ 213.175130] [<ffffffff8127a6e2>] sysfs_kf_seq_show+0xc2/0x1a0
[ 213.175162] [<ffffffff81278f73>] kernfs_seq_show+0x23/0x30
[ 213.175199] [<ffffffff81220d55>] seq_read+0xe5/0x350
[ 213.175227] [<ffffffff8127970d>] kernfs_fop_read+0x10d/0x170
[ 213.176170] [<ffffffff811fda18>] __vfs_read+0x18/0x40
[ 213.177101] [<ffffffff811fdfcf>] vfs_read+0x7f/0x130
[ 213.178016] [<ffffffff811feda6>] SyS_read+0x46/0xa0
[ 213.178932] [<ffffffff817fa336>] entry_SYSCALL_64_fastpath+0x16/0x75
[ 213.179814] Code: 80 3d 1a 7f b8 00 00 75 1d 55 be 2e 00 00 00 48 c7 c7 f0
2f cb 81 48 89 e5 e8 7c 50 cf ff 5d c6 05 fb 7e b8 00 01 c3 55 48 89 e5 <0f> 0b
b8 01 00 00 00 3e 0f c1 07 ff c0 ff c8 7f 26 80 3d df 7e
[ 213.182634] RIP [<ffffffff813888a1>] aa_current_raw_label.part.6+0x4/0x6
[ 213.183528] RSP <ffff8800399c7d60>
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626984/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
