This bug was fixed in the package linux - 5.8.0-53.60
---------------
linux (5.8.0-53.60) groovy; urgency=medium
* CVE-2021-3491
- io_uring: fix provide_buffers sign extension
- io_uring: fix overflows checks in provide buffers
- SAUCE: proc: Avoid mixing integer types in mem_rw()
- SAUCE: io_uring: truncate lengths larger than MAX_RW_COUNT on provide
buffers
* CVE-2021-3490
- bpf: Fix a verifier failure with xor
- SAUCE: bpf: verifier: fix ALU32 bounds tracking with bitwise ops
* CVE-2021-3489
- SAUCE: bpf: ringbuf: deny reserve of buffers larger than ringbuf
- SAUCE: bpf: prevent writable memory-mapping of read-only ringbuf pages
-- Stefan Bader <stefan.ba...@canonical.com> Thu, 06 May 2021 07:43:20
+0200
** Changed in: linux (Ubuntu Groovy)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3489
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3490
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3491
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1920571
Title:
Groovy update: upstream stable patchset 2021-03-19
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Groovy:
Fix Released
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2021-03-19
Ported from the following upstream stable releases:
v5.4.98, v5.10.16,
v5.4.99, v5.10.17,
v5.4.100, v5.10.18,
v5.4.101, v5.10.19
from git://git.kernel.org/
af_key: relax availability checks for skb size calculation
regulator: core: avoid regulator_resolve_supply() race condition
ASoC: wm_adsp: Fix control name parsing for multi-fw
mac80211: 160MHz with extended NSS BW in CSA
ASoC: Intel: Skylake: Zero snd_ctl_elem_value
chtls: Fix potential resource leak
pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
pNFS/NFSv4: Improve rejection of out-of-order layouts
ALSA: hda: intel-dsp-config: add PCI id for TGL-H
ASoC: ak4458: correct reset polarity
ASoC: Intel: sof_sdw: set proper flags for Dell TGL-H SKU 0A5E
iwlwifi: mvm: skip power command when unbinding vif during CSA
iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
iwlwifi: pcie: fix context info memory leak
iwlwifi: mvm: invalidate IDs of internal stations at mvm start
iwlwifi: pcie: add rules to match Qu with Hr2
iwlwifi: mvm: guard against device removal in reprobe
SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
SUNRPC: Handle 0 length opaque XDR object data properly
i2c: mediatek: Move suspend and resume handling to NOIRQ phase
blk-cgroup: Use cond_resched() when destroy blkgs
regulator: Fix lockdep warning resolving supplies
bpf: Fix verifier jmp32 pruning decision logic
bpf: Fix 32 bit src register truncation on div/mod
bpf: Fix verifier jsgt branch analysis on max bound
drm/i915: Fix ICL MG PHY vswing handling
drm/i915: Skip vswing programming for TBT
nilfs2: make splice write available again
squashfs: avoid out of bounds writes in decompressors
squashfs: add more sanity checks in id lookup
squashfs: add more sanity checks in inode lookup
squashfs: add more sanity checks in xattr id lookup
UBUNTU: upstream stable to v5.4.98, v5.10.16
gpio: mxs: GPIO_MXS should not default to y unconditionally
gpio: ep93xx: fix BUG_ON port F usage
gpio: ep93xx: Fix single irqchip with multi gpiochips
tracing: Do not count ftrace events in top level enable output
tracing: Check length before giving out the filter buffer
drm/i915: Fix overlay frontbuffer tracking
arm/xen: Don't probe xenbus as part of an early initcall
cgroup: fix psi monitor for root cgroup
drm/i915/tgl+: Make sure TypeC FIA is powered up when initializing it
drm/dp_mst: Don't report ports connected if nothing is attached to them
dmaengine: move channel device_node deletion to driver
soc: ti: omap-prm: Fix boot time errors for rst_map_012 bits 0 and 1
arm64: dts: rockchip: Fix PCIe DT properties on rk3399
arm64: dts: qcom: sdm845: Reserve LPASS clocks in gcc
ARM: OMAP2+: Fix suspcious RCU usage splats for omap_enter_idle_coupled
arm64: dts: rockchip: remove interrupt-names property from rk3399 vdec node
platform/x86: hp-wmi: Disable tablet-mode reporting by default
ovl: perform vfs_getxattr() with mounter creds
cap: fix conversions on getxattr
ovl: skip getxattr of security labels
scsi: lpfc: Fix EEH encountering oops with NVMe traffic
x86/split_lock: Enable the split lock feature on Sapphire Rapids and Alder
Lake CPUs
x86/split_lock: Enable the split lock feature on another Alder Lake CPU
nvme-pci: ignore the subsysem NQN on Phison E16
drm/amd/display: Fix DPCD translation for LTTPR AUX_RD_INTERVAL
drm/amd/display: Add more Clock Sources to DCN2.1
drm/amd/display: Release DSC before acquiring
drm/amd/display: Fix dc_sink kref count in emulated_link_detect
drm/amd/display: Free atomic state after drm_atomic_commit
drm/amd/display: Decrement refcount of dc_sink before reassignment
riscv: virt_addr_valid must check the address belongs to linear mapping
ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
kallsyms: fix nonconverging kallsyms table with lld
ARM: ensure the signal page contains defined contents
ARM: kexec: fix oops after TLB are invalidated
ubsan: implement __ubsan_handle_alignment_assumption
x86/efi: Remove EFI PGD build time checks
lkdtm: don't move ctors to .rodata
cgroup-v1: add disabled controller check in cgroup1_parse_param()
mt76: dma: fix a possible memory leak in mt76_add_fragment()
drm/vc4: hvs: Fix buffer overflow with the dlist handling
bpf: Unbreak BPF_PROG_TYPE_KPROBE when kprobe is called via do_int3
bpf: Check for integer overflow when using roundup_pow_of_two()
netfilter: xt_recent: Fix attempt to update deleted entry
netfilter: nftables: fix possible UAF over chains from packet path in netns
netfilter: flowtable: fix tcp and udp header checksum update
xen/netback: avoid race in xenvif_rx_ring_slots_available()
net: hdlc_x25: Return meaningful error code in x25_open
net: ipa: set error code in gsi_channel_setup()
hv_netvsc: Reset the RSC count if NVSP_STAT_FAIL in netvsc_receive()
net: enetc: initialize the RFS and RSS memories
selftests: txtimestamp: fix compilation issue
net: stmmac: set TxQ mode back to DCB after disabling CBS
ibmvnic: Clear failover_pending if unable to schedule
netfilter: conntrack: skip identical origin tuple in same zone only
scsi: scsi_debug: Fix a memory leak
x86/build: Disable CET instrumentation in the kernel for 32-bit too
net: hns3: add a check for queue_id in hclge_reset_vf_queue()
net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
net: hns3: add a check for index in hclge_get_rss_key()
firmware_loader: align .builtin_fw to 8
drm/sun4i: tcon: set sync polarity for tcon1 channel
drm/sun4i: dw-hdmi: always set clock rate
drm/sun4i: Fix H6 HDMI PHY configuration
drm/sun4i: dw-hdmi: Fix max. frequency for H6
clk: sunxi-ng: mp: fix parent rate change flag check
i2c: stm32f7: fix configuration of the digital filter
h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
scripts: set proper OpenSSL include dir also for sign-file
rxrpc: Fix clearance of Tx/Rx ring when releasing a call
udp: fix skb_copy_and_csum_datagram with odd segment sizes
net: dsa: call teardown method on probe failure
cpufreq: ACPI: Extend frequency tables to cover boost frequencies
cpufreq: ACPI: Update arch scale-invariance max perf ratio if CPPC is not
there
net: gro: do not keep too many GRO packets in napi->rx_list
net: fix iteration for sctp transport seq_files
net/vmw_vsock: fix NULL pointer dereference
net/vmw_vsock: improve locking in vsock_connect_timeout()
net: watchdog: hold device global xmit lock during tx disable
bridge: mrp: Fix the usage of br_mrp_port_switchdev_set_state
switchdev: mrp: Remove SWITCHDEV_ATTR_ID_MRP_PORT_STAT
vsock/virtio: update credit only if socket is not closed
vsock: fix locking in vsock_shutdown()
net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
net/qrtr: restrict user-controlled length in qrtr_tun_write_iter()
ovl: expand warning in ovl_d_real()
kcov, usb: only collect coverage from __usb_hcd_giveback_urb in softirq
usb: dwc3: ulpi: fix checkpatch warning
UBUNTU: upstream stable to v5.4.99, v5.10.17
net: qrtr: Fix port ID for control messages
mptcp: skip to next candidate if subflow has unacked data
mt76: mt7915: fix endian issues
mt76: mt7615: fix rdd mcu cmd endianness
net: sched: incorrect Kconfig dependencies on Netfilter modules
net: openvswitch: fix TTL decrement exception action execution
net: bridge: Fix a warning when del bridge sysfs
net: fix proc_fs init handling in af_packet and tls
Xen/x86: don't bail early from clear_foreign_p2m_mapping()
Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
Xen/gntdev: correct error checking in gntdev_map_grant_pages()
xen/arm: don't ignore return errors from set_phys_to_machine
xen-blkback: don't "handle" error by BUG()
xen-netback: don't "handle" error by BUG()
xen-scsiback: don't "handle" error by BUG()
xen-blkback: fix error handling in xen_blkbk_map()
tty: protect tty_write from odd low-level tty disciplines
btrfs: fix backport of 2175bf57dc952 in 5.10.13
media: pwc: Use correct device for DMA
UBUNTU: upstream stable to v5.4.100, v5.10.18
bpf: Fix truncation handling for mod32 dst reg wrt zero
HID: make arrays usage and value to be the same
RDMA: Lift ibdev_to_node from rds to common code
nvme-rdma: Use ibdev_to_node instead of dereferencing ->dma_device
USB: quirks: sort quirk entries
usb: quirks: add quirk to start video capture on ELMO L-12F document camera
reliable
ceph: downgrade warning from mdsmap decode to debug
ntfs: check for valid standard information attribute
Bluetooth: btusb: Some Qualcomm Bluetooth adapters stop working
arm64: tegra: Add power-domain for Tegra210 HDA
hwmon: (dell-smm) Add XPS 15 L502X to fan control blacklist
mm: unexport follow_pte_pmd
mm: simplify follow_pte{,pmd}
KVM: do not assume PTE is writable after follow_pfn
mm: provide a saner PTE walking API for modules
KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped()
NET: usb: qmi_wwan: Adding support for Cinterion MV31
cxgb4: Add new T6 PCI device id 0x6092
cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.
kbuild: fix CONFIG_TRIM_UNUSED_KSYMS build for ppc64
scripts/recordmcount.pl: support big endian for ARCH sh
UBUNTU: upstream stable to v5.4.101, v5.10.19
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1920571/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
