Package "linux"

 linux (4.15.0-141.145) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)
 .
   * binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
     - [Packaging] quiet (nomially) benign errors in BUILD script
 .
   * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
     - bpf: Simplify alu_limit masking for pointer arithmetic
     - bpf: Add sanity check for upper ptr_limit
     - bpf, selftests: Fix up some test_verifier cases for unprivileged
 .
   * Packaging resync (LP: #1786013)
     - update dkms package versions
 .
   * CVE-2018-13095
     - xfs: More robust inode extent count validation
 .
   * i40e PF reset due to incorrect MDD event (LP: #1772675)
     - i40e: change behavior on PF in response to MDD event
 .
   * Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
     - ACPI: sysfs: Prefer "compatible" modalias
     - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
     - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
     - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
     - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
     - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
     - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
       intel_arch_events[]
     - KVM: x86: get smi pending status correctly
     - xen: Fix XenStore initialisation for XS_LOCAL
     - leds: trigger: fix potential deadlock with libata
     - mt7601u: fix kernel crash unplugging the device
     - mt7601u: fix rx buffer refcounting
     - xen-blkfront: allow discard-* nodes to be optional
     - ARM: imx: build suspend-imx6.S with arm instruction set
     - netfilter: nft_dynset: add timeout extension to template
     - xfrm: Fix oops in xfrm_replay_advance_bmp
     - RDMA/cxgb4: Fix the reported max_recv_sge value
     - iwlwifi: pcie: use jiffies for memory read spin time limit
     - iwlwifi: pcie: reschedule in long-running memory reads
     - mac80211: pause TX while changing interface type
     - can: dev: prevent potential information leak in can_fill_info()
     - x86/entry/64/compat: Preserve r8-r11 in int $0x80
     - x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80"
     - iommu/vt-d: Gracefully handle DMAR units with no supported address widths
     - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
     - NFC: fix resource leak when target index is invalid
     - NFC: fix possible resource leak
     - team: protect features update by RCU to avoid deadlock
     - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
     - kernel: kexec: remove the lock operation of system_transition_mutex
     - PM: hibernate: flush swap writer after marking
     - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
     - net/mlx5: Fix memory leak on flow table creation error flow
     - rxrpc: Fix memory leak in rxrpc_lookup_local
     - net: dsa: bcm_sf2: put device node before return
     - ibmvnic: Ensure that CRQ entry read are correctly ordered
     - ACPI: thermal: Do not call acpi_thermal_check() directly
     - net_sched: gen_estimator: support large ewma log
     - phy: cpcap-usb: Fix warning for missing regulator_disable
     - x86: __always_inline __{rd,wr}msr()
     - scsi: scsi_transport_srp: Don't block target in failfast state
     - scsi: libfc: Avoid invoking response handler twice if ep is already
       completed
     - mac80211: fix fast-rx encryption check
     - scsi: ibmvfc: Set default timeout to avoid crash during migration
     - objtool: Don't fail on missing symbol table
     - kthread: Extract KTHREAD_IS_PER_CPU
     - workqueue: Restrict affinity change to rescuer
     - USB: serial: cp210x: add pid/vid for WSDA-200-USB
     - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
     - USB: serial: option: Adding support for Cinterion MV31
     - arm64: dts: ls1046a: fix dcfg address range
     - net: lapb: Copy the skb before sending a packet
     - elfcore: fix building with clang
     - USB: gadget: legacy: fix an error code in eth_bind()
     - USB: usblp: don't call usb_set_interface if there's a single alt
     - usb: dwc2: Fix endpoint direction check in ep_from_windex
     - ovl: fix dentry leak in ovl_get_redirect
     - mac80211: fix station rate table updates on assoc
     - kretprobe: Avoid re-registration of the same kretprobe earlier
     - xhci: fix bounce buffer usage for non-sg list case
     - cifs: report error instead of invalid when revalidating a dentry fails
     - smb3: Fix out-of-bounds bug in SMB2_negotiate()
     - mmc: core: Limit retries when analyse of SDIO tuples fails
     - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
     - ARM: footbridge: fix dc21285 PCI configuration accessors
     - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
     - mm: hugetlb: fix a race between isolating and freeing page
     - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
     - mm: thp: fix MADV_REMOVE deadlock on shmem THP
     - x86/build: Disable CET instrumentation in the kernel
     - x86/apic: Add extra serialization for non-serializing MSRs
     - Input: xpad - sync supported devices with fork on GitHub
     - iommu/vt-d: Do not use flush-queue when caching-mode is on
     - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
     - net: mvpp2: TCAM entry enable should be written after SRAM data
     - memblock: do not start bottom-up allocations with kernel_end
     - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
     - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
     - KVM: SVM: Treat SVM as unsupported when running as an SEV guest
     - md: Set prev_flush_start and flush_bio in an atomic way
     - net: ip_tunnel: fix mtu calculation
     - block: fix N

 linux (4.15.0-140.144) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-140.144 -proposed tracker (LP: #1920169)
 .
   * CVE-2020-27170
     - bpf: Fix off-by-one for area size in creating mask to left
 .
   * CVE-2020-27171
     - bpf: Prohibit alu ops for pointer types not defining ptr_limit

 linux (4.15.0-139.143) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-139.143 -proposed tracker (LP: #1919218)
 .
   * CVE-2021-27365
     - scsi: iscsi: Verify lengths on passthrough PDUs
     - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
     - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
 .
   * CVE-2021-27363 // CVE-2021-27364
     - scsi: iscsi: Restrict sessions and handles to admin capabilities

 linux (4.15.0-138.142) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-138.142 -proposed tracker (LP: #1918823)
 .
   * Packaging resync (LP: #1786013)
     - update dkms package versions
 .
   * CVE-2018-13095
     - xfs: More robust inode extent count validation
 .
   * CVE-2021-27365
     - scsi: iscsi: Verify lengths on passthrough PDUs
     - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
     - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
 .
   * CVE-2021-27363 // CVE-2021-27364
     - scsi: iscsi: Restrict sessions and handles to admin capabilities
 .
   * i40e PF reset due to incorrect MDD event (LP: #1772675)
     - i40e: change behavior on PF in response to MDD event
 .
   * Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
     - ACPI: sysfs: Prefer "compatible" modalias
     - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
     - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
     - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
     - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
     - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
     - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
       intel_arch_events[]
     - KVM: x86: get smi pending status correctly
     - xen: Fix XenStore initialisation for XS_LOCAL
     - leds: trigger: fix potential deadlock with libata
     - mt7601u: fix kernel crash unplugging the device
     - mt7601u: fix rx buffer refcounting
     - xen-blkfront: allow discard-* nodes to be optional
     - ARM: imx: build suspend-imx6.S with arm instruction set
     - netfilter: nft_dynset: add timeout extension to template
     - xfrm: Fix oops in xfrm_replay_advance_bmp
     - RDMA/cxgb4: Fix the reported max_recv_sge value
     - iwlwifi: pcie: use jiffies for memory read spin time limit
     - iwlwifi: pcie: reschedule in long-running memory reads
     - mac80211: pause TX while changing interface type
     - can: dev: prevent potential information leak in can_fill_info()
     - x86/entry/64/compat: Preserve r8-r11 in int $0x80
     - x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80"
     - iommu/vt-d: Gracefully handle DMAR units with no supported address widths
     - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
     - NFC: fix resource leak when target index is invalid
     - NFC: fix possible resource leak
     - team: protect features update by RCU to avoid deadlock
     - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
     - kernel: kexec: remove the lock operation of system_transition_mutex
     - PM: hibernate: flush swap writer after marking
     - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
     - net/mlx5: Fix memory leak on flow table creation error flow
     - rxrpc: Fix memory leak in rxrpc_lookup_local
     - net: dsa: bcm_sf2: put device node before return
     - ibmvnic: Ensure that CRQ entry read are correctly ordered
     - ACPI: thermal: Do not call acpi_thermal_check() directly
     - net_sched: gen_estimator: support large ewma log
     - phy: cpcap-usb: Fix warning for missing regulator_disable
     - x86: __always_inline __{rd,wr}msr()
     - scsi: scsi_transport_srp: Don't block target in failfast state
     - scsi: libfc: Avoid invoking response handler twice if ep is already
       completed
     - mac80211: fix fast-rx encryption check
     - scsi: ibmvfc: Set default timeout to avoid crash during migration
     - objtool: Don't fail on missing symbol table
     - kthread: Extract KTHREAD_IS_PER_CPU
     - workqueue: Restrict affinity change to rescuer
     - USB: serial: cp210x: add pid/vid for WSDA-200-USB
     - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
     - USB: serial: option: Adding support for Cinterion MV31
     - arm64: dts: ls1046a: fix dcfg address range
     - net: lapb: Copy the skb before sending a packet
     - elfcore: fix building with clang
     - USB: gadget: legacy: fix an error code in eth_bind()
     - USB: usblp: don't call usb_set_interface if there's a single alt
     - usb: dwc2: Fix endpoint direction check in ep_from_windex
     - ovl: fix dentry leak in ovl_get_redirect
     - mac80211: fix station rate table updates on assoc
     - kretprobe: Avoid re-registration of the same kretprobe earlier
     - xhci: fix bounce buffer usage for non-sg list case
     - cifs: report error instead of invalid when revalidating a dentry fails
     - smb3: Fix out-of-bounds bug in SMB2_negotiate()
     - mmc: core: Limit retries when analyse of SDIO tuples fails
     - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
     - ARM: footbridge: fix dc21285 PCI configuration accessors
     - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
     - mm: hugetlb: fix a race between isolating and freeing page
     - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
     - mm: thp: fix MADV_REMOVE deadlock on shmem THP
     - x86/build: Disable CET instrumentation in the kernel
     - x86/apic: Add extra serialization for non-serializing MSRs
     - Input: xpad - sync supported devices with fork on GitHub
     - iommu/vt-d: Do not use flush-queue when caching-mode is on
     - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
     - net: mvpp2: TCAM entry enable should be written after SRAM data
     - memblock: do not start bottom-up allocations with kernel_end
     - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
     - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
     - KVM: SVM: Treat SVM as unsupported when running as an SEV guest
     - md: Set prev_flush_start and flush_bio in an atomic way
     - net: ip_tunnel: fix mtu calculation
     - block: fix NULL pointer dereference in register_disk
     - remoteproc: qcom_q6v5_mss: Valida

 linux (4.15.0-137.141) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-137.141 -proposed tracker (LP: #1916199)
 .
   * Fix oops in skb_segment for Bionic series (LP: #1915552)
     - net: permit skb_segment on head_frag frag_list skb
     - net: bpf: add a test for skb_segment in test_bpf module
     - test_bpf: Fix NULL vs IS_ERR() check in test_skb_segment()
 .
   * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328)
     - net: cdc_ncm: correct overhead in delayed_ndp_size
     - net: vlan: avoid leaks on register_vlan_dev() failures
     - net: ip: always refragment ip defragmented packets
     - net: fix pmtu check in nopmtudisc mode
     - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR
     - x86/resctrl: Don't move a task to the same resource group
     - vmlinux.lds.h: Add PGO and AutoFDO input sections
     - drm/i915: Fix mismatch between misplaced vma check and vma insert
     - spi: pxa2xx: Fix use-after-free on unbind
     - iio: imu: st_lsm6dsx: flip irq return logic
     - iio: imu: st_lsm6dsx: fix edge-trigger interrupts
     - ARM: OMAP2+: omap_device: fix idling of devices during probe
     - i2c: sprd: use a specific timeout to avoid system hang up issue
     - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
     - spi: stm32: FIFO threshold level - fix align packet size
     - dmaengine: xilinx_dma: check dma_async_device_register return value
     - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
     - wil6210: select CONFIG_CRC32
     - block: rsxx: select CONFIG_CRC32
     - iommu/intel: Fix memleak in intel_irq_remapping_alloc
     - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
     - net/mlx5e: Fix two double free cases
     - wan: ds26522: select CONFIG_BITREVERSE
     - KVM: arm64: Don't access PMCR_EL0 when no PMU is available
     - block: fix use-after-free in disk_part_iter_next
     - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed
       packet
     - net: hns3: fix the number of queues actually used by ARQ
     - net: stmmac: dwmac-sun8i: Balance internal PHY resource references
     - net: stmmac: dwmac-sun8i: Balance internal PHY power
     - net/sonic: Fix some resource leaks in error handling paths
     - net: ipv6: fib: flush exceptions when purging route
     - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe()
     - lightnvm: select CONFIG_CRC32
     - ASoC: dapm: remove widget from dirty list on free
     - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB
     - MIPS: relocatable: fix possible boot hangup with KASLR enabled
     - ACPI: scan: Harden acpi_device_add() against device ID overflows
     - mm/hugetlb: fix potential missing huge page size info
     - dm snapshot: flush merged data before committing metadata
     - r8152: Add Lenovo Powered USB-C Travel Hub
     - ext4: fix bug for rename with RENAME_WHITEOUT
     - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE
     - ARC: build: add uImage.lzma to the top-level target
     - ARC: build: add boot_targets to PHONY
     - btrfs: fix transaction leak and crash after RO remount caused by qgroup
       rescan
     - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram
     - arch/arc: add copy_user_page() to to fix build error on ARC
     - misdn: dsp: select CONFIG_BITREVERSE
     - net: ethernet: fs_enet: Add missing MODULE_LICENSE
     - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
     - ARM: picoxcell: fix missing interrupt-parent properties
     - dump_common_audit_data(): fix racy accesses to ->d_name
     - ASoC: Intel: fix error code cnl_set_dsp_D0()
     - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
     - pNFS: Mark layout for return if return-on-close was not sent
     - NFS: nfs_igrab_and_active must first reference the superblock
     - ext4: fix superblock checksum failure when setting password salt
     - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp
     - mm, slub: consider rest of partial list if acquire_slab() fails
     - net: sunrpc: interpret the return value of kstrtou32 correctly
     - dm: eliminate potential source of excessive kernel log noise
     - ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
     - ALSA: fireface: Fix integer overflow in transmit_midi_msg()
     - netfilter: conntrack: fix reading nf_conntrack_buckets
     - usb: ohci: Make distrust_firmware param default to false
     - nfsd4: readdirplus shouldn't return parent of export
     - netxen_nic: fix MSI/MSI-x interrupts
     - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request
     - esp: avoid unneeded kmap_atomic call
     - net: dcb: Validate netlink message in DCB handler
     - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands
     - net: stmmac: Fixed mtu channged by cache aligned
     - net: sit: unregister_netdevice on newlink's error path
     - net: avoid 32 x truesize under-estimation for tiny skbs
     - rxrpc: Fix handling of an unsupported token type in rxrpc_read()
     - tipc: fix NULL deref in tipc_link_xmit()
     - spi: cadence: cache reference clock rate during probe
     - x86/hyperv: check cpu mask after interrupt has been disabled
     - mtd: rawnand: fsl_ifc: check result of SRAM initialization fixup
     - kbuild: enforce -Werror=return-type
     - crypto: x86/crc32c - fix building with clang ias
     - rxrpc: Call state should be read with READ_ONCE() under some circumstances
 .
   * [ssbs-0118] backport SSBS bug (arm64: cpufeature: Detect SSBS and advertise
     to userspace) (LP: #1911376)
     - SAUCE: Move SSBS snippet from arm64_elf_hwcaps to arm64_features
 .
   * Bionic update: upstream stable patchset 2021-01-25 (LP: #1913214)
     - x86/entry/64: Add instruction suffix
     - md/raid10: initialize r10_bio->read_slot before use.
     - ALSA: usb-audio: simplify