This bug was fixed in the package linux - 4.15.0-42.45
---------------
linux (4.15.0-42.45) bionic; urgency=medium
* linux: 4.15.0-42.45 -proposed tracker (LP: #1803592)
* [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
- KVM: s390: reset crypto attributes for all vcpus
- KVM: s390: vsie: simulate VCPU SIE entry/exit
- KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
- KVM: s390: refactor crypto initialization
- s390: vfio-ap: base implementation of VFIO AP device driver
- s390: vfio-ap: register matrix device with VFIO mdev framework
- s390: vfio-ap: sysfs interfaces to configure adapters
- s390: vfio-ap: sysfs interfaces to configure domains
- s390: vfio-ap: sysfs interfaces to configure control domains
- s390: vfio-ap: sysfs interface to view matrix mdev matrix
- KVM: s390: interface to clear CRYCB masks
- s390: vfio-ap: implement mediated device open callback
- s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
- s390: vfio-ap: zeroize the AP queues
- s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
- KVM: s390: Clear Crypto Control Block when using vSIE
- KVM: s390: vsie: Do the CRYCB validation first
- KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
- KVM: s390: vsie: Allow CRYCB FORMAT-2
- KVM: s390: vsie: allow CRYCB FORMAT-1
- KVM: s390: vsie: allow CRYCB FORMAT-0
- KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
- KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
- KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
- KVM: s390: device attrs to enable/disable AP interpretation
- KVM: s390: CPU model support for AP virtualization
- s390: doc: detailed specifications for AP virtualization
- KVM: s390: fix locking for crypto setting error path
- KVM: s390: Tracing APCB changes
- s390: vfio-ap: setup APCB mask using KVM dedicated function
- s390/zcrypt: Add ZAPQ inline function.
- s390/zcrypt: Review inline assembler constraints.
- s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
- s390/zcrypt: fix ap_instructions_available() returncodes
- s390/zcrypt: remove VLA usage from the AP bus
- s390/zcrypt: Remove deprecated ioctls.
- s390/zcrypt: Remove deprecated zcrypt proc interface.
- s390/zcrypt: Support up to 256 crypto adapters.
- [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
* Bypass of mount visibility through userns + mount propagation (LP: #1789161)
- mount: Retest MNT_LOCKED in do_umount
- mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
* CVE-2018-18955: nested user namespaces with more than five extents
incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
- userns: also map extents in the reverse map to kernel IDs
* kdump fail due to an IRQ storm (LP: #1797990)
- SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
- SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
- SAUCE: x86/quirks: Scan all busses for early PCI quirks
-- Thadeu Lima de Souza Cascardo <casca...@canonical.com> Thu, 15 Nov
2018 17:01:46 -0200
** Changed in: linux (Ubuntu Bionic)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18955
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1803592
Title:
linux: 4.15.0-42.45 -proposed tracker
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
In Progress
Status in Kernel SRU Workflow promote-to-updates series:
In Progress
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow snap-release-to-beta series:
Fix Released
Status in Kernel SRU Workflow snap-release-to-candidate series:
Fix Released
Status in Kernel SRU Workflow snap-release-to-edge series:
Fix Released
Status in Kernel SRU Workflow snap-release-to-stable series:
Invalid
Status in Kernel SRU Workflow upload-to-ppa series:
Invalid
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Bionic:
Fix Released
Bug description:
This bug is for tracking the 4.15.0-42.45 upload package. This bug
will contain status and testing results related to that upload.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
backports: bug 1805398 (linux-aws-edge), bug 1805608 (linux-azure-edge)
boot-testing-requested: true
bugs-spammed: true
derivatives: bug 1805362 (linux-aws)
phase: Uploaded
phase-changed: Tuesday, 27. November 2018 11:08 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason:
promote-to-security: Packages not yet published
promote-to-updates: Packages not yet published
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1803592/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
