Accepted linux-4.9 4.9.210-1+deb9u1~deb8u1 (all source) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 09 Jun 2020 18:20:21 +0100
Binary: linux-doc-4.9 linux-headers-4.9.0-0.bpo.12-common linux-headers-4.9.0-0.bpo.12-common-rt linux-manual-4.9 linux-source-4.9 linux-support-4.9.0-0.bpo.12
Source: linux-4.9
Architecture: all source
Version: 4.9.210-1+deb9u1~deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Closes: 952660
Description:
linux-doc-4.9 - Linux kernel specific documentation for version 4.9
linux-headers-4.9.0-0.bpo.12-common - Common header files for Linux 4.9.0-0.bpo.12
linux-headers-4.9.0-0.bpo.12-common-rt - Common header files for Linux 4.9.0-0.bpo.12-rt
linux-manual-4.9 - Linux kernel API manual pages for version 4.9
linux-source-4.9 - Linux kernel source for version 4.9 with Debian patches
linux-support-4.9.0-0.bpo.12 - Support files for Linux 4.9
Changes:
linux-4.9 (4.9.210-1+deb9u1~deb8u1) jessie-security; urgency=medium
.
* Backport to jessie; no further changes required
.
linux (4.9.210-1+deb9u1) stretch-security; urgency=high
.
[ Salvatore Bonaccorso ]
* selinux: properly handle multiple messages in selinux_netlink_send()
(CVE-2020-10751)
* fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114)
* USB: core: Fix free-while-in-use bug in the USB S-Glibrary
(CVE-2020-12464)
* scsi: sg: add sg_remove_request in sg_common_write
* scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770)
* USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143)
* netlabel: cope with NULL catmap (CVE-2020-10711)
* fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
(CVE-2020-10732)
* kernel/relay.c: handle alloc_percpu returning NULL in relay_open
(CVE-2019-19462)
* mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757)
.
[ Ben Hutchings ]
* [arm64] Enforce BBM for huge IO/VMAP mappings (CVE-2019-2182):
- arm64: mm: BUG on unsupported manipulations of live kernel mappings
- arm64: don't open code page table entry creation
- arm64: mm: Change page table pointer name in p[md]_set_huge()
- arm64: Enforce BBM for huge IO/VMAP mappings
- arm64: Make sure permission updates happen for pmd/pud
* cfg80211/mac80211: make ieee80211_send_layer2_update a public function
* mac80211: Do not send Layer 2 Update frame before authorization
(CVE-2019-5108)
* ext4: Fix various bugs:
- ext4: Make checks for metadata_csum feature safer
- ext4: avoid declaring fs inconsistent due to invalid file handles
- ext4: protect journal inode's blocks using block_validity
(CVE-2019-19319)
- ext4: unsigned int compared against zero
- ext4: fix block validity checks for journal inodes using indirect blocks
- ext4: don't perform block validity checks on the journal inode
- ext4: add cond_resched() to ext4_protect_reserved_inode (CVE-2020-8992)
* blktrace: Fix various locking issues:
- blktrace: Fix potential deadlock between delete & sysfs ops
- blktrace: fix unlocked access to init/start-stop/teardown
- blktrace: fix trace mutex deadlock
- blktrace: Protect q->blk_trace with RCU (CVE-2019-19768)
- blktrace: fix dereference after null check
* media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
(CVE-2019-20806)
* [x86] KVM: nVMX: Fix incorrect instruction emulation (CVE-2020-2732):
- KVM: x86: emulate RDPID
- KVM: nVMX: Don't emulate instructions in guest mode
- KVM: nVMX: Refactor IO bitmap checks into helper function
- KVM: nVMX: Check IO instruction VM-exit conditions
* vfs: do_last(): fetch directory ->i_mode and ->i_uid before it's too late
(CVE-2020-8428)
* vfs: fix do_last() regression
* vgacon: Fix a UAF in vgacon_invert_region (CVE-2020-8647, CVE-2020-8649)
* locking/atomic, kref: Add kref_read()
* vt: Fix various bugs:
- vt: selection, handle pending signals in paste_selection
- VT_RESIZEX: get rid of field-by-field copyin
- vt: vt_ioctl: fix race in VT_RESIZEX
- vt: selection, close sel_buffer race (CVE-2020-8648)
- vt: selection, push console lock down
- vt: selection, push sel_lock up
- vt: selection, introduce vc_is_sel
- vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
- vt: switch vt_dont_switch to bool
- vt: vt_ioctl: remove unnecessary console allocation checks
- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual
- vt: vt_ioctl: fix use-after-free in vt_in_use()
* floppy: check FDC index for errors before assigning it (CVE-2020-9383)
* vhost: Check docket sk_family instead of call getname (CVE-2020-10942)
* slip, slcan: Fix various bugs:
- can, slip: Protect tty->disc_data in write_wakeup and close
- slcan: not call free_netdev before rtnl_unlock in slcan_open
- slcan: Fix double-free on slcan_open() error path
- slcan: Don't transmit uninitialized stack data in padding
(CVE-2020-11494)
- slip: stop double free sl->dev in slip_open
- slip: not call free_netdev before rtnl_unlock in slip_open
- slip: make slhc_compress() more robust against malicious
* mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
(CVE-2020-11565)
* media: usb: Fix several descriptor checks:
- media: ov519: add missing endpoint sanity checks (CVE-2020-11608)
- media: stv06xx: add missing descriptor sanity checks (CVE-2020-11609)
- media: xirlink_cit: add missing descriptor sanity checks (CVE-2020-11668)
* scsi: mptfusion: Fix double fetch bug in ioctl (CVE-2020-12652)
* mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
(CVE-2020-12653)
* mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
(CVE-2020-12654)
* macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()
(Closes: #952660)
* block: Avoid ABI change for blktrace locking
* net-sysfs: Fix reference counting bugs:
- net: don't decrement kobj reference count on init failure
- net-sysfs: call dev_hold if kobject_init_and_add success
(CVE-2019-20811)
- net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject
- net-sysfs: fix netdev_queue_add_kobject() breakage
- net-sysfs: Call dev_hold always in netdev_queue_add_kobject
- net-sysfs: Call dev_hold always in rx_queue_add_kobject
* propagate_one(): mnt_set_mountpoint() needs mount_lock
* [x86] Add support for mitigation of Special Register Buffer Data Sampling
(SRBDS) (CVE-2020-0543):
- x86/cpu: Add 'table' argument to cpu_matches()
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
mitigation
- x86/speculation: Add SRBDS vulnerability and mitigation documentation
- x86/speculation: Add Ivy Bridge to affected list
* [x86] speculation: Do not match steppings, to avoid an ABI change
* random: always use batched entropy for get_random_u{32,64}
* [rt] Refresh "random: avoid preempt_disable()ed section"
Checksums-Sha1:
7ed22bcf727f721987985128aea249c4e364b44d 15751 linux-4.9_4.9.210-1+deb9u1~deb8u1.dsc
3bcd4922369b83889ce615ae1c03aca0c3933c55 2100936 linux-4.9_4.9.210-1+deb9u1~deb8u1.debian.tar.xz
dd6c3365a541fd8fba2679385313ed6a715866ba 7749982 linux-headers-4.9.0-0.bpo.12-common_4.9.210-1+deb9u1~deb8u1_all.deb
47e25e474eaaa3952c4892dbaa9ebd167fdee61d 5806962 linux-headers-4.9.0-0.bpo.12-common-rt_4.9.210-1+deb9u1~deb8u1_all.deb
501c540a317dd953afec60c3253ed0c56c77006d 746004 linux-support-4.9.0-0.bpo.12_4.9.210-1+deb9u1~deb8u1_all.deb
a31534b18ccf48381e61bf906388319554af5e18 11498188 linux-doc-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
2b0a0ab75b5f56afbc69d929dad61ca6da4e482d 3298118 linux-manual-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
33ad9ccf612d936d534740f0187f89b5dabb97b2 96988286 linux-source-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
Checksums-Sha256:
1e3b9fd7e0d69046ddafb43a0d49c794d4ee62e5c5605722501f721b436c36b3 15751 linux-4.9_4.9.210-1+deb9u1~deb8u1.dsc
1a6785147c383c71c15503546aebbed917eb2af0e447da255c26358d014b229e 2100936 linux-4.9_4.9.210-1+deb9u1~deb8u1.debian.tar.xz
640b386abd2953310766a36a5bad956e8839d264b26c3840feb50e0b9fd569d2 7749982 linux-headers-4.9.0-0.bpo.12-common_4.9.210-1+deb9u1~deb8u1_all.deb
04e576cf6a7fec9ede25d30dc5a5b788a9bceedf840fc12411d3ded877ecc950 5806962 linux-headers-4.9.0-0.bpo.12-common-rt_4.9.210-1+deb9u1~deb8u1_all.deb
42d30c5a0c0a440e15490e42a955bab51c62eba72c099cf29f93617371e84df0 746004 linux-support-4.9.0-0.bpo.12_4.9.210-1+deb9u1~deb8u1_all.deb
a417217c71bedae2c99ba09a4b43357e5fe63f2ccbe674e06257e6194dbba0eb 11498188 linux-doc-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
c6fa6ad6d45d065ec12fe7d87e13969235e31af4418b113c0d5b0fb330fc4079 3298118 linux-manual-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
c9a2ad764097688fcaf6b5d122b87b7b77fd1e82eb208f963dd46111356080cc 96988286 linux-source-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
Files:
aa10eab04fa590a1d83e058577757759 15751 kernel optional linux-4.9_4.9.210-1+deb9u1~deb8u1.dsc
1ca81ef3861e8f1d5c909c8583ffdf3a 2100936 kernel optional linux-4.9_4.9.210-1+deb9u1~deb8u1.debian.tar.xz
fc88f70caa98de3f9d89c5fa4b55fe3a 7749982 kernel optional linux-headers-4.9.0-0.bpo.12-common_4.9.210-1+deb9u1~deb8u1_all.deb
e30d1eaee582390ecc1dbab4228785ad 5806962 kernel optional linux-headers-4.9.0-0.bpo.12-common-rt_4.9.210-1+deb9u1~deb8u1_all.deb
9e2d404f9f87badfa95bda92d761979d 746004 devel optional linux-support-4.9.0-0.bpo.12_4.9.210-1+deb9u1~deb8u1_all.deb
bd5462cfe1b9f063911a694fad833883 11498188 doc optional linux-doc-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
07d28a630e19cc005168aa2c44a1f7b2 3298118 doc optional linux-manual-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
8035fbdaeb69bb57420a7bc217e721d9 96988286 kernel optional linux-source-4.9_4.9.210-1+deb9u1~deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl7gA3wACgkQ57/I7JWG
EQkcsQ//cAt2waEIb8SZ+eMn2fwPu07LQGznWDQVGiMtxHSzmEfpc/7vZ+xG5meq
qdCMLm+RbbscPQ4F3daf9d9CJub8AIrXrqmFb3v2My/ADsD53HQqWP6IO+z27rIl
vq3lvNMc04uFfCccdn/aWMEL7fFqv7l21/ZLW7cyov7dz/PnLacKbVSvupXJosxP
wN2h3c9FWbwaXYyA8JnZ+xzQZAZjjfBVgi1iddPWhjgzZEePJU+U02mPyr8i/H4p
q/h/jGXqkHDRDounsuF246WX1b1sB3Wzp6QhYuR0qmZ2sLAIuFrq/E1a+8yD0dQg
2662BPnZ50VnfBh+L2tO5pgEtNqNs/d1zqRs2yz7gb63pLutKdXUnFffgfPTaoXI
kGX23Ag2GkgxDP0DnNEeWz1cgob4NOrKfUK8Pk1vxmbeWpQH8ujwLQixtn73V7i1
R/rlTKriYnj7Hnl66saCbYrZo4o8G77h6vO7dnX5zgBAkSFE4nBvSPxyW2tpPnZU
GJ3GfGUT6YizzHdEfAKeb+hyyM4kLUND+QYnAwszCasG67Emv8GYJUjnwEeg7iOn
Yh96a1tJ56TY8eWbbQQnXHTa6ZH1rBOPZ5JGu4zp9L8L8yNEVuBGYoe+PQDaaUcH
LHdbQGqwjiJNbpXhwBPwnqaXKfTFYVBnkQ6LHjqkT9/6StmLll4=
=I3Kk
-----END PGP SIGNATURE-----