Public bug reported:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
4.4.217 upstream stable release
from git://git.kernel.org/
Linux 4.4.217
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
signal: avoid double atomic counter increments for user accounting
net: ks8851-ml: Fix IRQ handling and locking
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Only read OGM tvlv_len after buffer len check
batman-adv: Reduce tt_global hash refcnt only for removed entry
batman-adv: Reduce tt_local hash refcnt only for removed entry
batman-adv: Reduce claim hash refcnt only for removed entry
batman-adv: Prevent duplicated tvlv handler
batman-adv: Prevent duplicated global TT entry
batman-adv: Prevent duplicated nc_node entry
batman-adv: Prevent duplicated gateway_node entry
batman-adv: Avoid storing non-TT-sync flags on singular entries too
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix skbuff rcsum on packet reroute
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: fix TT sync flag inconsistencies
batman-adv: Fix rx packet/bytes stats on local ARP reply
batman-adv: Fix transmission of final, 16th fragment
batman-adv: Fix double free during fragment merge error
batman-adv: Add missing refcnt for last_candidate
batman-adv: Fix speedy join in gateway client mode
batman-adv: Free last_bonding_candidate on release of orig_node
batman-adv: Fix reference leak in batadv_find_router
batman-adv: Fix non-atomic bla_claim::backbone_gw access
batman-adv: lock crc access in bridge loop avoidance
batman-adv: Fix orig_node_vlan leak on orig_node_release
batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
batman-adv: Clean up untagged vlan when destroying via rtnl-link
batman-adv: Fix ICMP RR ethernet access after skb_linearize
batman-adv: Fix use-after-free/double-free of tt_req_node
batman-adv: fix skb deref after free
batman-adv: Avoid duplicate neigh_node additions
batman-adv: Fix reference counting of vlan object for tt_local_entry
batman-adv: Drop reference to netdevice on last reference
batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
batman-adv: init neigh node last seen field
batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq
batman-adv: Fix unexpected free of bcast_own on add_if error
batman-adv: Avoid endless loop in bat-on-bat netdevice check
batman-adv: Only put orig_node_vlan list reference when removed
batman-adv: Only put gw_node list reference when removed
batman-adv: Fix invalid read while copying bat_iv.bcast_own
efi: Add a sanity check to efivar_store_raw()
ipv6: restrict IPV6_ADDRFORM operation
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for critical protocol indication
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
drm/amd/display: remove duplicated assignment to grph_obj_type
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn +
add_taint
net: fq: add missing attribute validation for orphan mask
bonding/alb: make sure arp header is pulled before accessing it
slip: make slhc_compress() more robust against malicious packets
net: fec: validate the new settings in fec_enet_set_coalesce()
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
bnxt_en: reinitialize IRQs when MTU is modified
net: nfc: fix bounds checking bugs on "pipe"
r8152: check disconnect status after long sleep
NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Confirmed
** Affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Tags: kernel-stable-tracking-bug
** Changed in: linux (Ubuntu)
Status: New => Confirmed
** Tags added: kernel-stable-tracking-bug
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1868629
Title:
Xenial update: 4.4.217 upstream stable release
Status in linux package in Ubuntu:
Confirmed
Status in linux source package in Xenial:
New
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
4.4.217 upstream stable release
from git://git.kernel.org/
Linux 4.4.217
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
signal: avoid double atomic counter increments for user accounting
net: ks8851-ml: Fix IRQ handling and locking
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Only read OGM tvlv_len after buffer len check
batman-adv: Reduce tt_global hash refcnt only for removed entry
batman-adv: Reduce tt_local hash refcnt only for removed entry
batman-adv: Reduce claim hash refcnt only for removed entry
batman-adv: Prevent duplicated tvlv handler
batman-adv: Prevent duplicated global TT entry
batman-adv: Prevent duplicated nc_node entry
batman-adv: Prevent duplicated gateway_node entry
batman-adv: Avoid storing non-TT-sync flags on singular entries too
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: Fix skbuff rcsum on packet reroute
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: fix TT sync flag inconsistencies
batman-adv: Fix rx packet/bytes stats on local ARP reply
batman-adv: Fix transmission of final, 16th fragment
batman-adv: Fix double free during fragment merge error
batman-adv: Add missing refcnt for last_candidate
batman-adv: Fix speedy join in gateway client mode
batman-adv: Free last_bonding_candidate on release of orig_node
batman-adv: Fix reference leak in batadv_find_router
batman-adv: Fix non-atomic bla_claim::backbone_gw access
batman-adv: lock crc access in bridge loop avoidance
batman-adv: Fix orig_node_vlan leak on orig_node_release
batman-adv: Avoid nullptr dereference in dat after vlan_insert_tag
batman-adv: Avoid nullptr dereference in bla after vlan_insert_tag
batman-adv: Clean up untagged vlan when destroying via rtnl-link
batman-adv: Fix ICMP RR ethernet access after skb_linearize
batman-adv: Fix use-after-free/double-free of tt_req_node
batman-adv: fix skb deref after free
batman-adv: Avoid duplicate neigh_node additions
batman-adv: Fix reference counting of vlan object for tt_local_entry
batman-adv: Drop reference to netdevice on last reference
batman-adv: Deactivate TO_BE_ACTIVATED hardif on shutdown
batman-adv: init neigh node last seen field
batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq
batman-adv: Fix unexpected free of bcast_own on add_if error
batman-adv: Avoid endless loop in bat-on-bat netdevice check
batman-adv: Only put orig_node_vlan list reference when removed
batman-adv: Only put gw_node list reference when removed
batman-adv: Fix invalid read while copying bat_iv.bcast_own
efi: Add a sanity check to efivar_store_raw()
ipv6: restrict IPV6_ADDRFORM operation
mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for critical protocol indication
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
drm/amd/display: remove duplicated assignment to grph_obj_type
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn +
add_taint
net: fq: add missing attribute validation for orphan mask
bonding/alb: make sure arp header is pulled before accessing it
slip: make slhc_compress() more robust against malicious packets
net: fec: validate the new settings in fec_enet_set_coalesce()
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
bnxt_en: reinitialize IRQs when MTU is modified
net: nfc: fix bounds checking bugs on "pipe"
r8152: check disconnect status after long sleep
NFS: Remove superfluous kmap in nfs_readdir_xdr_to_array
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1868629/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
