Package "linux"

  linux (4.15.0-176.185) bionic; urgency=medium

  * bionic/linux: 4.15.0-176.185 -proposed tracker (LP: #1966771)

  * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717)
    - can: bcm: fix UAF of bcm op
    - net: bridge: clear bridge's private skb space on xmit
    - s390/hypfs: include z/VM guests with access control group set
    - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP
      devices
    - udf: Restore i_lenAlloc when inode expansion fails
    - udf: Fix NULL ptr deref when converting from inline format
    - PM: wakeup: simplify the output logic of pm_show_wakelocks()
    - netfilter: nft_payload: do not update layer 4 checksum when mangling
      fragments
    - serial: stm32: fix software flow control transfer
    - tty: n_gsm: fix SW flow control encoding/handling
    - tty: Add support for Brainboxes UC cards.
    - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
    - usb: common: ulpi: Fix crash in ulpi_match()
    - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
    - USB: core: Fix hang in usb_kill_urb by adding memory barriers
    - usb: typec: tcpm: Do not disconnect while receiving VBUS off
    - net: sfp: ignore disabled SFP node
    - powerpc/32: Fix boot failure with GCC latent entropy plugin
    - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing()
    - i40e: Increase delay to 1 s after global EMP reset
    - i40e: fix unsigned stat widths
    - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
    - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
    - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
    - ipv6_tunnel: Rate limit warning messages
    - net: fix information leakage in /proc/net/ptype
    - ping: fix the sk_bound_dev_if match in ping_lookup
    - ipv4: avoid using shared IP generator for connected sockets
    - hwmon: (lm90) Reduce maximum conversion rate for G781
    - NFSv4: Handle case where the lookup of a directory fails
    - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
    - net-procfs: show net devices bound packet types
    - drm/msm: Fix wrong size calculation
    - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
    - ibmvnic: don't spin in tasklet
    - yam: fix a memory leak in yam_siocdevprivate()
    - ipv4: raw: lock the socket in raw_bind()
    - ipv4: tcp: send zero IPID in SYNACK messages
    - netfilter: nat: remove l4 protocol port rovers
    - netfilter: nat: limit port clash resolution attempts
    - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
    - net: amd-xgbe: ensure to reset the tx_timer_active flag
    - net: amd-xgbe: Fix skb data length underflow
    - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
    - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
    - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
    - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
    - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
    - drm/nouveau: fix off by one in BIOS boundary checking
    - block: bio-integrity: Advance seed correctly for larger interval sizes
    - RDMA/mlx4: Don't continue event handler after memory allocation failure
    - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
    - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
    - spi: bcm-qspi: check for valid cs before applying chip select
    - spi: mediatek: Avoid NULL pointer crash in interrupt
    - spi: meson-spicc: add IRQ check in meson_spicc_probe
    - net: ieee802154: ca8210: Stop leaking skb's
    - net: ieee802154: Return meaningful error codes from the netlink helpers
    - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
    - drm/i915/overlay: Prevent divide by zero bugs in scaling
    - ASoC: fsl: Add missing error handling in pcm030_fabric_probe
    - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
    - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
    - selftests: futex: Use variable MAKE instead of make
    - rtc: cmos: Evaluate century appropriate
    - EDAC/altera: Fix deferred probing
    - EDAC/xgene: Fix deferred probing
    - ext4: fix error handling in ext4_restore_inline_data()
    - serial: 8250: of: Fix mapped region size when using reg-offset property
    - i40e: Fix issue when maximum queues is exceeded
    - i40e: Fix queues reservation for XDP
    - ipv6: annotate accesses to fn->fn_sernum
    - ibmvnic: init ->running_cap_crqs early

  * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // audit:
    improve audit queue handling when "audit=1" on cmdline (LP: #1965723)
    - audit: improve audit queue handling when "audit=1" on cmdline

  * CVE-2021-43975
    - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

  * Packaging resync (LP: #1786013)
    - [Packaging] resync dkms-build{,--nvidia-N} from LRMv5

 -- Luke Nowakowski-Krijger <email address hidden> Tue, 29 Mar 2022 09:53:21 -0700

  linux (4.15.0-175.184) bionic; urgency=medium

  * bionic/linux: 4.15.0-175.184 -proposed tracker (LP: #1966304)

  * CVE-2022-27666
    - esp: Fix possible buffer overflow in ESP transformation

 -- Luke Nowakowski-Krijger <email address hidden> Thu, 24 Mar 2022 09:53:43 -0700

  linux (4.15.0-173.182) bionic; urgency=medium

  * bionic/linux: 4.15.0-173.182 -proposed tracker (LP: #1965552)

  * Pick fixup from upstream stable patchset 2022-03-04 to address cert
    failure with clock jitter test on NUC7i3DNHE (LP: #1964213)
    - Bluetooth: refactor malicious adv data check

  linux (4.15.0-171.180) bionic; urgency=medium

  * CVE-2022-0001
    - cpu/SMT: create and export cpu_smt_possible()
    - x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
    - x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
    - SAUCE: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
    - SAUCE: x86/speculation: Add eIBRS + Retpoline options
    - SAUCE: Documentation/hw-vuln: Update spectre doc

  * Disable unprivileged BPF by default (LP: #1961338)
    - bpf: Add kconfig knob for disabling unpriv bpf by default
    - [Config] set CONFIG_BPF_UNPRIV_DEFAULT_OFF=y

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 02 Mar 2022 13:21:15 -0300

  linux (4.15.0-169.177) bionic; urgency=medium

  * bionic/linux: 4.15.0-169.177 -proposed tracker (LP: #1959877)

  * ubuntu_kernel_selftests.ftrace:ftracetest fails with bionic:linux
    4.15.0-168.176 on s390x (LP: #1959752)
    - recordmcount.pl: fix typo in s390 mcount regex