Package "linux-aws-headers-4.15.0-1099"
Name: |
linux-aws-headers-4.15.0-1099
|
Description: |
Header files related to Linux kernel version 4.15.0
|
Latest version: |
4.15.0-1099.106~16.04.1 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
main |
Head package: |
linux-aws-hwe |
Links
Download "linux-aws-headers-4.15.0-1099"
Other versions of "linux-aws-headers-4.15.0-1099" in Xenial
Changelog
linux-aws-hwe (4.15.0-1099.106~16.04.1) xenial; urgency=medium
[ Ubuntu: 4.15.0-1099.106 ]
* overlayfs calls vfs_setxattr without cap_convert_nscap
- vfs: move cap_convert_nscap() call into vfs_setxattr()
* CVE-2021-29154
- SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
-- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 13 Apr 2021 15:06:29 -0300
|
Source diff to previous version |
CVE-2021-29154 |
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ... |
|
linux-aws-hwe (4.15.0-1098.105~16.04.1) xenial; urgency=medium
* xenial/linux-aws-hwe: 4.15.0-1098.105~16.04.1 -proposed tracker
(LP: #1919512)
* Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
- [Config] aws-hwe: Updateconfigs for USB_BDC_PCI
[ Ubuntu: 4.15.0-1098.105 ]
* bionic/linux-aws: 4.15.0-1098.105 -proposed tracker (LP: #1919513)
* Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
- [Config] aws: Add CONFIG_DRM_BOCHS=m (enforced)
* Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
- [Config] aws: Updateconfigs for USB_BDC_PCI
* Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
- [Config] aws: enable CONFIG_MODVERSIONS=y
- [Packaging] aws: build canonical-certs.pem from branch/arch certs
* aws: update Xen hibernation patch set (LP: #1913410)
- Revert "UBUNTU: SAUCE: xen-netfront: prevent unnecessary close on hibernate"
- Revert "UBUNTU SAUCE [aws]: xen: Only restore the ACPI SCI interrupt in
xen_restore_pirqs."
- Revert "UBUNTU SAUCE [aws]: xen: restore pirqs on resume from hibernation."
- Revert "UBUNTU SAUCE [aws]: block: xen-blkfront: consider new dom0 features
on restore"
- Revert "UBUNTU: SAUCE [aws] x86/xen: close event channels for PIRQs in
system core suspend callback"
- Revert "UBUNTU: SAUCE [aws] xen/events: add xen_shutdown_pirqs helper
function"
- Revert "UBUNTU: SAUCE [aws] x86/xen: save and restore steal clock"
- Revert "UBUNTU: SAUCE [aws] xen-time-introduce-xen_-save-restore-
_steal_clock"
- Revert "UBUNTU: SAUCE [aws] xen-netfront: add callbacks for PM suspend and
hibernation support"
- Revert "UBUNTU: SAUCE [aws] x86/xen: add system core suspend and resume
callbacks"
- Revert "UBUNTU: SAUCE [aws] x86/xen: Introduce new function to map
HYPERVISOR_shared_info on Resume"
- Revert "UBUNTU: SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call
to negotiate_mq"
- Revert "UBUNTU: SAUCE: xen-blkfront: resurrect request-based mode"
- Revert "UBUNTU: SAUCE: xen-blkfront: add callbacks for PM suspend and
hibernation"
- Revert "UBUNTU: SAUCE: xenbus: add freeze/thaw/restore callbacks support"
- Revert "UBUNTU: SAUCE: xen/manage: introduce helper function to know the on-
going suspend mode"
- Revert "UBUNTU: SAUCE: xen/manage: keep track of the on-going suspend mode"
- SAUCE: xen/manage: keep track of the on-going suspend mode
- SAUCE: xen/manage: introduce helper function to know the on-going suspend
mode
- SAUCE: xenbus: add freeze/thaw/restore callbacks support
- SAUCE: x86/xen: Introduce new function to map HYPERVISOR_shared_info on
Resume
- SAUCE: x86/xen: add system core suspend and resume callbacks
- SAUCE: xen-blkfront: add callbacks for PM suspend and hibernation
- SAUCE: xen-netfront: add callbacks for PM suspend and hibernation support
- SAUCE: xen/time: introduce xen_{save,restore}_steal_clock
- SAUCE: x86/xen: save and restore steal clock
- SAUCE: xen/events: add xen_shutdown_pirqs helper function
- SAUCE: x86/xen: close event channels for PIRQs in system core suspend
callback
- SAUCE: xen-blkfront: resurrect request-based mode
- SAUCE: xen-blkfront: add 'persistent_grants' parameter
- SAUCE: Revert "xen: dont fiddle with event channel masking in
suspend/resume"
- SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call to negotiate_mq
- SAUCE: block: xen-blkfront: consider new dom0 features on restore
- SAUCE: xen: restore pirqs on resume from hibernation.
- SAUCE: xen: Only restore the ACPI SCI interrupt in xen_restore_pirqs.
- SAUCE: xen-netfront: call netif_device_attach on resume
- SAUCE: xen: Restore xen-pirqs on resume from hibernation
- SAUCE: xen-blkfront: Delay flush till queue lock dropped
- SAUCE: drivers/block/xen-blkfront.c: Convert to use
set_capacity_revalidate_and_notify
- SAUCE: x86: tsc: avoid system instability in hibernation
- SAUCE: block/genhd: Notify udev about capacity change
- SAUCE: drivers/block/virtio_blk.c: Convert to use
set_capacity_revalidate_and_notify
- SAUCE: drivers/nvme/host/core.c: Convert to use
set_capacity_revalidate_and_notify
* aws: xen-netfront: prevent potential error on hibernate (LP: #1906850)
- SAUCE: xen-netfront: prevent unnecessary close on hibernate
* bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)
* binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
- [Packaging] quiet (nomially) benign errors in BUILD script
* selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
- bpf: Simplify alu_limit masking for pointer arithmetic
- bpf: Add sanity check for upper ptr_limit
- bpf, selftests: Fix up some test_verifier cases for unprivileged
* Packaging resync (LP: #1786013)
- update dkms package versions
* CVE-2018-13095
- xfs: More robust inode extent count validation
* i40e PF reset due to incorrect MDD event (LP: #1772675)
- i40e: change behavior on PF in response to MDD event
* Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
- ACPI: sysfs: Prefer "compatible" modalias
- ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
- wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
- net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
- drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
- drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
- KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
intel_arch_events[]
- KVM: x86: get smi pending status correctly
- xen: Fix XenStore initialisation for XS_LOCAL
- leds: trigger: fix potential deadlock with libata
- mt7601u: fix kernel crash unplugging th
|
Source diff to previous version |
1917093 |
Bionic update: upstream stable patchset 2021-02-26 |
1916290 |
Enforce CONFIG_DRM_BOCHS=m |
1898716 |
Please trust Canonical Livepatch Service kmod signing key |
1913410 |
aws: update Xen hibernation patch set |
1906850 |
aws: xen-netfront: prevent potential error on hibernate |
1919315 |
binary assembly failures with CONFIG_MODVERSIONS present |
1920995 |
selftests: bpf verifier fails after sanitize_ptr_alu fixes |
1786013 |
Packaging resync |
1772675 |
i40e PF reset due to incorrect MDD event |
1918330 |
Bionic update: upstream stable patchset 2021-03-09 |
1917918 |
SRU: Add FUA support for XFS |
1917138 |
Bionic kernel 4.15.0-136 causes dosemu2 (with kvm mode) freezes due to lack of KVM patch |
1917034 |
switch LRM to be signed using the Ubuntu Drivers signing key |
CVE-2018-13095 |
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occu |
CVE-2021-3348 |
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attacke |
|
linux-aws-hwe (4.15.0-1097.104~16.04.1) xenial; urgency=medium
* xenial/linux-aws-hwe: 4.15.0-1097.104~16.04.1 -proposed tracker
(LP: #1920145)
[ Ubuntu: 4.15.0-1097.104 ]
* bionic/linux-aws: 4.15.0-1097.104 -proposed tracker (LP: #1920146)
* bionic/linux: 4.15.0-140.144 -proposed tracker (LP: #1920169)
* CVE-2020-27170
- bpf: Fix off-by-one for area size in creating mask to left
* CVE-2020-27171
- bpf: Prohibit alu ops for pointer types not defining ptr_limit
-- Kelsey Skunberg <email address hidden> Fri, 19 Mar 2021 18:14:51 -0600
|
Source diff to previous version |
CVE-2020-27170 |
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ... |
CVE-2020-27171 |
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ... |
|
linux-aws-hwe (4.15.0-1096.103~16.04.1) xenial; urgency=medium
* xenial/linux-aws-hwe: 4.15.0-1096.103~16.04.1 -proposed tracker
(LP: #1919193)
[ Ubuntu: 4.15.0-1096.103 ]
* bionic/linux-aws: 4.15.0-1096.103 -proposed tracker (LP: #1919194)
* bionic/linux: 4.15.0-139.143 -proposed tracker (LP: #1919218)
* CVE-2021-27365
- scsi: iscsi: Verify lengths on passthrough PDUs
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
* CVE-2021-27363 // CVE-2021-27364
- scsi: iscsi: Restrict sessions and handles to admin capabilities
-- Kelsey Skunberg <email address hidden> Wed, 17 Mar 2021 16:08:43 -0600
|
Source diff to previous version |
CVE-2021-27365 |
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and c |
CVE-2021-27363 |
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structu |
CVE-2021-27364 |
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileg |
|
linux-aws-hwe (4.15.0-1095.102~16.04.1) xenial; urgency=medium
* xenial/linux-aws-hwe: 4.15.0-1095.102~16.04.1 -proposed tracker
(LP: #1916175)
[ Ubuntu: 4.15.0-1095.102 ]
* bionic/linux-aws: 4.15.0-1095.102 -proposed tracker (LP: #1916176)
* bionic/linux: 4.15.0-137.141 -proposed tracker (LP: #1916199)
* Fix oops in skb_segment for Bionic series (LP: #1915552)
- net: permit skb_segment on head_frag frag_list skb
- net: bpf: add a test for skb_segment in test_bpf module
- test_bpf: Fix NULL vs IS_ERR() check in test_skb_segment()
* Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328)
- net: cdc_ncm: correct overhead in delayed_ndp_size
- net: vlan: avoid leaks on register_vlan_dev() failures
- net: ip: always refragment ip defragmented packets
- net: fix pmtu check in nopmtudisc mode
- x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR
- x86/resctrl: Don't move a task to the same resource group
- vmlinux.lds.h: Add PGO and AutoFDO input sections
- drm/i915: Fix mismatch between misplaced vma check and vma insert
- spi: pxa2xx: Fix use-after-free on unbind
- iio: imu: st_lsm6dsx: flip irq return logic
- iio: imu: st_lsm6dsx: fix edge-trigger interrupts
- ARM: OMAP2+: omap_device: fix idling of devices during probe
- i2c: sprd: use a specific timeout to avoid system hang up issue
- cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
- spi: stm32: FIFO threshold level - fix align packet size
- dmaengine: xilinx_dma: check dma_async_device_register return value
- dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
- wil6210: select CONFIG_CRC32
- block: rsxx: select CONFIG_CRC32
- iommu/intel: Fix memleak in intel_irq_remapping_alloc
- net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
- net/mlx5e: Fix two double free cases
- wan: ds26522: select CONFIG_BITREVERSE
- KVM: arm64: Don't access PMCR_EL0 when no PMU is available
- block: fix use-after-free in disk_part_iter_next
- net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed
packet
- net: hns3: fix the number of queues actually used by ARQ
- net: stmmac: dwmac-sun8i: Balance internal PHY resource references
- net: stmmac: dwmac-sun8i: Balance internal PHY power
- net/sonic: Fix some resource leaks in error handling paths
- net: ipv6: fib: flush exceptions when purging route
- dmaengine: xilinx_dma: fix incompatible param warning in _child_probe()
- lightnvm: select CONFIG_CRC32
- ASoC: dapm: remove widget from dirty list on free
- MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB
- MIPS: relocatable: fix possible boot hangup with KASLR enabled
- ACPI: scan: Harden acpi_device_add() against device ID overflows
- mm/hugetlb: fix potential missing huge page size info
- dm snapshot: flush merged data before committing metadata
- r8152: Add Lenovo Powered USB-C Travel Hub
- ext4: fix bug for rename with RENAME_WHITEOUT
- ARC: build: remove non-existing bootpImage from KBUILD_IMAGE
- ARC: build: add uImage.lzma to the top-level target
- ARC: build: add boot_targets to PHONY
- btrfs: fix transaction leak and crash after RO remount caused by qgroup
rescan
- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram
- arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC
- misdn: dsp: select CONFIG_BITREVERSE
- net: ethernet: fs_enet: Add missing MODULE_LICENSE
- ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
- ARM: picoxcell: fix missing interrupt-parent properties
- dump_common_audit_data(): fix racy accesses to ->d_name
- ASoC: Intel: fix error code cnl_set_dsp_D0()
- NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
- pNFS: Mark layout for return if return-on-close was not sent
- NFS: nfs_igrab_and_active must first reference the superblock
- ext4: fix superblock checksum failure when setting password salt
- RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp
- mm, slub: consider rest of partial list if acquire_slab() fails
- net: sunrpc: interpret the return value of kstrtou32 correctly
- dm: eliminate potential source of excessive kernel log noise
- ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
- ALSA: fireface: Fix integer overflow in transmit_midi_msg()
- netfilter: conntrack: fix reading nf_conntrack_buckets
- usb: ohci: Make distrust_firmware param default to false
- nfsd4: readdirplus shouldn't return parent of export
- netxen_nic: fix MSI/MSI-x interrupts
- rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request
- esp: avoid unneeded kmap_atomic call
- net: dcb: Validate netlink message in DCB handler
- net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands
- net: stmmac: Fixed mtu channged by cache aligned
- net: sit: unregister_netdevice on newlink's error path
- net: avoid 32 x truesize under-estimation for tiny skbs
- rxrpc: Fix handling of an unsupported token type in rxrpc_read()
- tipc: fix NULL deref in tipc_link_xmit()
- spi: cadence: cache reference clock rate during probe
- x86/hyperv: check cpu mask after interrupt has been disabled
- mtd: rawnand: fsl_ifc: check result of SRAM initialization fixup
- kbuild: enforce -Werror=return-type
- crypto: x86/crc32c - fix building with clang ias
- rxrpc: Call state should be read with READ_ONCE() under some circumstances
* [ssbs-0118] backport SSBS bug (arm64: cpufeature: Detect SSBS and advertise
to userspace) (LP: #1911376)
- SAUCE: Move SSBS snippet from arm64_elf_hwcaps to arm64_features
* Bionic update: upstream stable patchset 2021-01-25 (LP: #1913214)
- x86/entry/64: Ad
|
1915552 |
Fix oops in skb_segment for Bionic series |
1915328 |
Bionic update: upstream stable patchset 2021-02-10 |
1911376 |
[ssbs-0118] backport SSBS bug (arm64: cpufeature: Detect SSBS and advertise to userspace) |
1913214 |
Bionic update: upstream stable patchset 2021-01-25 |
|
About
-
Send Feedback to @ubuntu_updates