Package "linux"

 linux (4.15.0-162.170) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-162.170 -proposed tracker (LP: #1947293)
 .
   * Add final-checks to check certificates (LP: #1947174)
     - [Packaging] Add system trusted and revocation keys final check
 .
   * CVE-2020-36385
     - RDMA/cma: Add missing locking to rdma_accept()
     - RDMA/ucma: Fix the locking of ctx->file
     - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
 .
   * CVE-2021-28950
     - fuse: fix live lock in fuse_iget()
 .
   * CVE-2020-36322
     - fuse: fix bad inode
 .
   * Bionic update: upstream stable patchset 2021-10-13 (LP: #1947011)
     - rcu: Fix missed wakeup of exp_wq waiters
     - apparmor: remove duplicate macro list_entry_is_head()
     - crypto: talitos - fix max key size for sha384 and sha512
     - sctp: validate chunk size in __rcv_asconf_lookup
     - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
     - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
     - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
     - 9p/trans_virtio: Remove sysfs file on probe failure
     - prctl: allow to setup brk for et_dyn executables
     - profiling: fix shift-out-of-bounds bugs
     - pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was
       registered
     - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH
     - parisc: Move pci_dev_is_behind_card_dino to where it is used
     - dmaengine: ioat: depends on !UML
     - dmaengine: xilinx_dma: Set DMA mask for coherent APIs
     - ceph: lockdep annotations for try_nonblocking_invalidate
     - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
     - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
     - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
     - pwm: rockchip: Don't modify HW state in .remove() callback
     - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
     - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
     - nilfs2: use refcount_dec_and_lock() to fix potential UAF
     - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
 .
   * Invalid backport to v4.15: missing pgtable_l5_enabled (LP: #1946464)
     - SAUCE: Revert "x86/mm: Don't free P4D table when it is folded at runtime"
 .
   * CVE-2021-38199
     - NFSv4: Initialise connection to the server in nfs4_alloc_client()
 .
   * CVE-2019-19449
     - f2fs: fix wrong total_sections check and fsmeta check
     - f2fs: fix to do sanity check on segment/section count
 .
   * vrf: fix refcnt leak with vxlan slaves (LP: #1945180)
     - ipv4: Fix device used for dst_alloc with local routes
 .
   * Check for changes relevant for security certifications (LP: #1945989)
     - [Packaging] Add a new fips-checks script
     - [Packaging] Add fips-checks as part of finalchecks
 .
   * CVE-2021-3759
     - memcg: enable accounting of ipc resources
 .
   * Bionic update: upstream stable patchset 2021-09-27 (LP: #1945224)
     - ARC: Fix CONFIG_STACKDEPOT
     - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
       and TX error counters
     - Revert "USB: serial: ch341: fix character loss at high transfer rates"
     - USB: serial: option: add new VID/PID to support Fibocom FG150
     - usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
     - usb: dwc3: gadget: Stop EP0 transfers during pullup disable
     - IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
     - e1000e: Fix the max snoop/no-snoop latency for 10M
     - ip_gre: add validation for csum_start
     - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()'
     - net: marvell: fix MVNETA_TX_IN_PRGRS bit number
     - usb: gadget: u_audio: fix race condition on endpoint stop
     - opp: remove WARN when no valid OPPs remain
     - virtio: Improve vq->broken access to avoid any compiler optimization
     - vringh: Use wiov->used to check for read/write desc order
     - drm: Copy drm_wait_vblank to user before returning
     - drm/nouveau/disp: power down unused DP links during init
     - net/rds: dma_map_sg is entitled to merge entries
     - vt_kdsetmode: extend console locking
     - fbmem: add margin check to fb_check_caps()
     - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
     - Revert "floppy: reintroduce O_NDELAY fix"
     - net: qrtr: fix another OOB Read in qrtr_endpoint_post
     - net: hns3: fix get wrong pfc_en when query PFC configuration
     - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
     - qed: Fix the VF msix vectors flow
     - net: macb: Add a NULL check on desc_ptp
     - qede: Fix memset corruption
     - perf/x86/intel/pt: Fix mask of num_address_ranges
     - perf/x86/amd/ibs: Work around erratum #1197
     - cryptoloop: add a deprecation warning
     - ARM: 8918/2: only build return_address() if needed
     - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
     - clk: fix build warning for orphan_list
     - media: stkwebcam: fix memory leak in stk_camera_probe
     - igmp: Add ip_mc_list lock in ip_check_mc_rcu
     - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
     - f2fs: fix potential overflow
     - ath10k: fix recent bandwidth conversion bug
     - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing
       table (v2)
     - crypto: talitos - reduce max key size for SEC1
     - powerpc/module64: Fix comment in R_PPC64_ENTRY handling
     - powerpc/boot: Delete unneeded .globl _zimage_start
     - net: ll_temac: Remove left-over debug message
     - mm/page_alloc: speed up the iteration of max_order
     - Revert "btrfs: compression: don't try to compress if we don't have enough
       pages"
     -

 linux (4.15.0-161.169) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-161.169 -proposed tracker (LP: #1947358)
 .
   * Bionic/linux-aws Boot failure downgrading from Bionic/linux-aws-5.4 on
     r5.metal (LP: #1946149)
     - SAUCE: Revert "PCI/MSI: Enforce MSI[X] entry updates to be visible"
     - SAUCE: Revert "PCI/MSI: Enforce that MSI-X table entry is masked for update"
 .

 linux (4.15.0-159.167) bionic; urgency=medium
 .
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)
 .
   * dell300x: rsi wifi and bluetooth crash after suspend and resume
     (LP: #1940488)
     - Revert "rsi: Use resume_noirq for SDIO"
 .
   * LRMv5: switch primary version handling to kernel-versions data set
     (LP: #1928921)
     - [Packaging] switch to kernel-versions
 .
   * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
     (LP: #1932966)
     - kvm: Add emulation for movups/movupd
 .
   * memory leaking when removing a profile (LP: #1939915)
     - security/apparmor/label.c: Clean code by removing redundant instructions
     - apparmor: Fix memory leak of profile proxy
 .
   * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
     dump_page() (LP: #1941829)
     - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
       hot-remove error test
 .
   * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
     - btrfs: mark compressed range uptodate only if all bio succeed
     - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - net: Fix zero-copy head len calculation.
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - KVM: do not allow mapping valid but non-reference-counted pages
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     - spi: mediatek: Fix fifo transfer
     - padata: validate cpumask without removed CPU during offline
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
     - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
       regulator
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - nfp: update ethtool reporting of pauseframe control
     - mips: Fix non-POSIX regexp
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: otg-fsm: Fix hrtimer list corruption
     - scripts/tracing: fix the bug that can't parse raw_trace_func
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
     - pcmcia: i82092: fix a null pointer dereference bug
     - spi: meson-spicc: fix memory leak in meson_spicc_remove
     - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
     - qmi_wwan: add network device usage statistics for qmimux devices
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - alpha: Send stop IPI to send to online CPUs
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ppp: Fix generating ppp unit id when ifname is not specified
     - ovl: prevent private clone if bind mount is not allowed
     - net: xilinx_emaclite: Do not print real IOMEM pointer
     - KVM: x86: accept userspace interrupt only if no event is injected
     - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
 .
   * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
     - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
     - KVM: x86: determine if an exception has an error code only when injecting
       it.
     - net: split out functions related to registering inflight socket files
     - [Config] updateconfigs for UNIX_SCM
     - af_unix: fix garbage collect vs MSG_PEEK
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - ARM: dts: versatile: Fix up interrupt controller node names
     - virtio_net: Do not pull payload in skb->head
     - gro: ensure frag0 meets IP header alignment
     - x86/kvm: fix vcpu-id indexed array sizes
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - NIU: fix incorrect error return, missed in previous revert
     - nfc: nfcsim: fix use after free during module unload
     - x8

 linux (4.15.0-157.164) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-157.164 -proposed tracker (LP: #1942588)
 .
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)
 .
   * dell300x: rsi wifi and bluetooth crash after suspend and resume
     (LP: #1940488)
     - Revert "rsi: Use resume_noirq for SDIO"
 .
   * LRMv5: switch primary version handling to kernel-versions data set
     (LP: #1928921)
     - [Packaging] switch to kernel-versions
 .
   * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
     (LP: #1932966)
     - kvm: Add emulation for movups/movupd
 .
   * memory leaking when removing a profile (LP: #1939915)
     - security/apparmor/label.c: Clean code by removing redundant instructions
     - apparmor: Fix memory leak of profile proxy
 .
   * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
     dump_page() (LP: #1941829)
     - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
       hot-remove error test
 .
   * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
     - btrfs: mark compressed range uptodate only if all bio succeed
     - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - net: Fix zero-copy head len calculation.
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - KVM: do not allow mapping valid but non-reference-counted pages
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     - spi: mediatek: Fix fifo transfer
     - padata: validate cpumask without removed CPU during offline
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
     - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
       regulator
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - nfp: update ethtool reporting of pauseframe control
     - mips: Fix non-POSIX regexp
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: otg-fsm: Fix hrtimer list corruption
     - scripts/tracing: fix the bug that can't parse raw_trace_func
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
     - pcmcia: i82092: fix a null pointer dereference bug
     - spi: meson-spicc: fix memory leak in meson_spicc_remove
     - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
     - qmi_wwan: add network device usage statistics for qmimux devices
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - alpha: Send stop IPI to send to online CPUs
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ppp: Fix generating ppp unit id when ifname is not specified
     - ovl: prevent private clone if bind mount is not allowed
     - net: xilinx_emaclite: Do not print real IOMEM pointer
     - KVM: x86: accept userspace interrupt only if no event is injected
     - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
 .
   * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
     - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
     - KVM: x86: determine if an exception has an error code only when injecting
       it.
     - net: split out functions related to registering inflight socket files
     - [Config] updateconfigs for UNIX_SCM
     - af_unix: fix garbage collect vs MSG_PEEK
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - ARM: dts: versatile: Fix up interrupt controller node names
     - virtio_net: Do not pull payload in skb->head
     - gro: ensure frag0 meets IP header alignment
     - x86/kvm: fix vcpu-id indexed array sizes
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - NIU: fix incorrect error return, missed in previous revert

 linux (4.15.0-156.163) bionic; urgency=medium
 .
   * bionic/linux: 4.15.0-156.163 -proposed tracker (LP: #1940162)
 .
   * linux (LP: #1940564)
     - SAUCE: Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue"
 .
   * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653
     - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
       (CVE-2021-3653)
 .
   * fails to launch linux L2 guests on AMD (LP: #1940134)
     - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits
       from L2 in int_ctl"
 .