This bug was fixed in the package linux - 5.4.0-21.25
---------------
linux (5.4.0-21.25) focal; urgency=medium
* CVE-2020-8835
- SAUCE: bpf: undo incorrect __reg_bound_offset32 handling
-- Thadeu Lima de Souza Cascardo <casca...@canonical.com> Thu, 26 Mar
2020 17:51:28 -0300
** Changed in: linux (Ubuntu Focal)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-8835
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1867178
Title:
Focal update: v5.4.25 upstream stable release
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Focal:
Fix Released
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.4.25 upstream stable release
from git://git.kernel.org/
Linux 5.4.25
drm/virtio: module_param_named() requires linux/moduleparam.h
csky: Implement copy_thread_tls
block, bfq: remove ifdefs from around gets/puts of bfq groups
block, bfq: get a ref to a group when adding it to a service tree
efi: READ_ONCE rng seed size before munmap
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
bus: ti-sysc: Fix 1-wire reset quirk
arm64: dts: meson: fix gxm-khadas-vim2 wifi
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
dma-buf: free dmabuf->name in dma_buf_release()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RDMA/core: Fix protection fault in ib_mr_pool_destroy
RDMA/iwcm: Fix iwcm work deallocation
RDMA/siw: Fix failure handling during device creation
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/rw: Fix error flow during RDMA context initialization
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
soc: imx-scu: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: misc: Align imx sc msg structs to 4
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
ARM: dts: imx6: phycore-som: fix emmc supply
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
drm/i915/selftests: Fix return in assert_mmap_offset()
drm/i915: Program MBUS with rmw during initialization
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: Add separate DE3 VI layer formats
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/panfrost: Don't try to map on error faults
spi: atmel-quadspi: fix possible MMIO window size overrun
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
powerpc: Convert flush_icache_range & friends to C
powerpc: define helpers to get L1 icache sizes
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
drm/virtio: fix resource id creation race
drm/virtio: make resource id workaround runtime switchable.
spi: bcm63xx-hsspi: Really keep pll clk enabled
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
arm64: dts: meson-sm1-sei610: add missing interrupt-names
dm: fix congested_fn for request-based device
dm zoned: Fix reference counter initial value of chunk works
dm writecache: verify watermark during resume
dm: report suspended device during destroy
dm cache: fix a crash due to incorrect work item cancelling
dm integrity: fix invalid table returned due to argument count mismatch
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: imx-sdma: fix context cache
s390/mm: fix panic in gup_fast on large pud
s390/pci: Fix unexpected write combine on resource
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
spi: spidev: Fix CS polarity if GPIO descriptors are used
perf arm-spe: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf intel-pt: Fix endless record after being terminated
media: v4l2-mem2mem.c: fix broken links
media: vicodec: process all 4 components for RGB32 formats
media: mc-entity.c: use & to check pad flags, not ==
media: hantro: Fix broken media controller links
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty: serial: fsl_lpuart: free IDs allocated by IDA
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
arm64: dts: socfpga: agilex: Fix gmac compatible
btrfs: fix RAID direct I/O reads with alternate csums
fat: fix uninit-memory access for partial initialized inode
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking
page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: cdns3: gadget: link trb should point to next request
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: fix rename() by ensuring source handle opened with DELETE bit
cifs: don't leak -EAGAIN for stat() during reconnect
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Add Headset Mic supported
binder: prevent UAF for binderfs devices II
binder: prevent UAF for binderfs devices
firmware: imx: scu: Ensure sequential TX
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
arch/csky: fix some Kconfig typos
csky: Fixup compile warning for three unimplemented syscalls
csky: Fixup ftrace modify panic
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/mm: Fixup export invalid_pte_table symbol
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
ice: Don't tell the OS that link is going down
nvme: Fix uninitialized-variable warning
s390/qdio: fill SL with absolute addresses
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
nvme-pci: Use single IRQ vector for old Apple models
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
iommu/amd: Disable IOMMU on Stoney Ridge systems
net/mlx5: DR, Fix matching on vport gvmi
efi: Only print errors about failing to get certs if EFI vars are found
s390: make 'install' not depend on vmlinux
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
net: atlantic: check rpc result and wait for rpc address
selftests: forwarding: vxlan_bridge_1d: fix tos value
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
drm/msm/dsi/pll: call vco set rate explicitly
drm/msm/dsi: save pll state before dsi host is powered off
scsi: megaraid_sas: silence a warning
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
drm/modes: Make sure to parse valid rotation value from cmdline
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
habanalabs: patched cb equals user cb in device memset
habanalabs: do not halt CoreSight during hard reset
habanalabs: halt the engines before hard-reset
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
ALSA: hda: do not override bus codec_mask in link_get()
blktrace: fix dereference after null check
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
kbuild: fix 'No such file or directory' warning when cleaning
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
dm thin metadata: fix lockdep complaint
net: stmmac: fix notifier registration
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
block, bfq: do not insert oom queue into position tree
block, bfq: get extra ref to prevent a queue from being freed during a group
move
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1867178/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
