UbuntuUpdates.org

Package "linux-oem"

Name: linux-oem

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.13.0
  • Header files related to Linux kernel version 4.13.0
  • Header files related to Linux kernel version 4.13.0
  • Header files related to Linux kernel version 4.13.0

Latest version: 4.13.0-1032.36
Release: xenial (16.04)
Level: security
Repository: universe

Links



Other versions of "linux-oem" in Xenial

Repository Area Version
updates universe 4.13.0-1032.36

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.13.0-1032.36 2018-07-23 15:06:40 UTC

  linux-oem (4.13.0-1032.36) xenial; urgency=medium

  * linux-oem: 4.13.0-1032.36 -proposed tracker (LP: #1779353)

  * Touchpad of ThinkPad P52 failed to work with message "lost sync at byte"
    (LP: #1779802)
    - Input: elantech - fix V4 report decoding for module with middle key
    - Input: elantech - enable middle button of touchpads on ThinkPad P52

 -- Timo Aaltonen <email address hidden> Thu, 05 Jul 2018 15:31:38 +0300

Source diff to previous version
1779802 Touchpad of ThinkPad P52 failed to work with message \

Version: 4.13.0-1031.35 2018-07-02 10:07:29 UTC

  linux-oem (4.13.0-1031.35) xenial; urgency=medium

  * linux-oem: 4.13.0-1031.35 -proposed tracker (LP: #1776337)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-46.51
    - SAUCE: i2c:amd move out pointer in union i2c_event_base

  [ Ubuntu: 4.13.0-46.51 ]

  * linux: 4.13.0-46.51 -proposed tracker (LP: #1776333)
  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow
  * CVE-2018-11508
    - compat: fix 4-byte infoleak via uninitialized struct field
  * rfi-flush: Switch to new linear fallback flush (LP: #1744173)
    - SAUCE: rfi-flush: Factor out init_fallback_flush()
    - SAUCE: rfi-flush: Move rfi_flush_fallback_area to end of paca
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
  * Fix enabling bridge MMIO windows (LP: #1771344)
    - powerpc/eeh: Fix enabling bridge MMIO windows
  * CVE-2018-1130
    - dccp: check sk for closed state in dccp_sendmsg()
  * CVE-2018-7757
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
  * wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
    (LP: #1720930)
    - iwlwifi: mvm: fix "failed to remove key" message
  * CVE-2018-6927
    - futex: Prevent overflow by strengthen input validation
  * After update to 4.13-43 Intel Graphics are Laggy (LP: #1773520)
    - SAUCE: Revert "drm/i915/edp: Allow alternate fixed mode for eDP if
      available."
  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table
  * kernel backtrace when receiving large UDP packages (LP: #1772031)
    - iov_iter: fix page_copy_sane for compound pages
  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race
  * CVE-2018-5803
    - sctp: verify size of a new chunk in _sctp_make_chunk()
  * enable mic-mute hotkey and led on Lenovo M820z and M920z (LP: #1774306)
    - ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
  * CVE-2018-5750
    - ACPI: sbshc: remove raw pointer from printk() message

 -- Chia-Lin Kao (AceLan) <email address hidden> Wed, 20 Jun 2018 14:04:03 +0800

Source diff to previous version
1775856 register on binfmt_misc may overflow and crash the system
1744173 rfi-flush: Switch to new linear fallback flush
1771344 Fix enabling bridge MMIO windows
1772593 cpum_sf: ensure sample freq is non-zero
1720930 wlp3s0: failed to remove key (1, ff:ff:ff:ff:ff:ff) from hardware (-22)
1773520 After update to 4.13-43 Intel Graphics are Laggy
1773509 ELANPAD ELAN0612 does not work, patch available
1772031 kernel backtrace when receiving large UDP packages
1774336 FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false
1774306 enable mic-mute hotkey and led on Lenovo M820z and M920z
CVE-2018-11508 The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel mem
CVE-2018-1130 Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a
CVE-2018-7757 Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cau
CVE-2018-6927 The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow)
CVE-2018-5803 Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
CVE-2018-7755 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a k
CVE-2018-5750 The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information

Version: 4.13.0-1030.33 2018-06-11 17:07:07 UTC

  linux-oem (4.13.0-1030.33) xenial; urgency=medium

  * linux-oem: 4.13.0-1030.33 -proposed tracker (LP: #1774126)

  * Miscellaneous Ubuntu changes
    - Rebase to 4.13.0-45.50

  [ Ubuntu: 4.13.0-45.50 ]

  * linux: 4.13.0-45.50 -proposed tracker (LP: #1774124)
  * CVE-2018-3639 (x86)
    - SAUCE: Set generic SSBD feature for Intel cpus

Source diff to previous version
CVE-2018-3639 Speculative Store Bypass

Version: 4.13.0-1028.31 2018-05-22 02:10:31 UTC

  linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

Source diff to previous version
1769263 LSM Stacking prctl values should be redefined as to not collide with upstream prctls
CVE-2018-3639 Speculative Store Bypass

Version: 4.13.0-1026.29 2018-05-08 23:08:03 UTC

  linux-oem (4.13.0-1026.29) xenial; urgency=medium

  [ Ubuntu: 4.13.0-41.46 ]

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack
  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling
  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Kleber Sacilotto de Souza <email address hidden> Fri, 04 May 2018 10:59:20 +0200

CVE-2018-8897 error in exception handling leads to DoS
CVE-2018-1087 error in exception handling leads to wrong debug stack value
CVE-2018-1000199 ptrace() incorrect error handling leads to corruption and DoS



About   -   Send Feedback to @ubuntu_updates