UbuntuUpdates.org

Package "linux-azure-5.15-headers-5.15.0-1076"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-azure-5.15-headers-5.15.0-1076

Description:

Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1076.85~20.04.1
Release: focal (20.04)
Level: base
Repository: main
Head package: linux-azure-5.15

Links


Download "linux-azure-5.15-headers-5.15.0-1076"


Other versions of "linux-azure-5.15-headers-5.15.0-1076" in Focal

Repository Area Version
proposed main 5.15.0-1076.85~20.04.1

Changelog

Version: 5.15.0-1076.85~20.04.1 2024-11-15 12:08:20 UTC

 linux-azure-5.15 (5.15.0-1076.85~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1076.85~20.04.1 -proposed tracker
     (LP: #2086312)
 .
   [ Ubuntu: 5.15.0-1076.85 ]
 .
   * jammy/linux-azure: 5.15.0-1076.85 -proposed tracker (LP: #2086313)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * jammy/linux: 5.15.0-127.137 -proposed tracker (LP: #2086357)
   * Jammy update: v5.15.168 upstream stable release (LP: #2086242)
     - parisc: Fix 64-bit userspace syscall path
     - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
     - of/irq: Support #msi-cells=<0> in of_msi_get_domain
     - drm: omapdrm: Add missing check for alloc_ordered_workqueue
     - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
     - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
     - mm: krealloc: consider spare memory for __GFP_ZERO
     - ocfs2: fix the la space leak when unmounting an ocfs2 volume
     - ocfs2: fix uninit-value in ocfs2_get_block()
     - ocfs2: reserve space for inline xattr before attaching reflink tree
     - ocfs2: cancel dqi_sync_work before freeing oinfo
     - ocfs2: remove unreasonable unlock in ocfs2_read_blocks
     - ocfs2: fix null-ptr-deref when journal load failed.
     - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
     - usbnet: ipheth: fix carrier detection in modes 1 and 4
     - net: ethernet: use ip_hdrlen() instead of bit shift
     - net: phy: vitesse: repair vsc73xx autonegotiation
     - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
     - btrfs: update target inode's ctime on unlink
     - Input: ads7846 - ratelimit the spi_sync error message
     - Input: synaptics - enable SMBus for HP Elitebook 840 G2
     - HID: multitouch: Add support for GT7868Q
     - scripts: kconfig: merge_config: config files: add a trailing newline
     - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
     - drm/msm/adreno: Fix error return if missing firmware-name
     - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
     - NFSv4: Fix clearing of layout segments in layoutreturn
     - NFS: Avoid unnecessary rescanning of the per-server delegation list
     - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
     - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
     - mptcp: pm: Fix uaf in __timer_delete_sync
     - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
       Puma
     - minmax: reduce min/max macro expansion in atomisp driver
     - net: tighten bad gso csum offset check in virtio_net_hdr
     - mm: avoid leaving partial pfn mappings around in error case
     - fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
     - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
     - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
     - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
     - hwmon: (pmbus) Introduce and use write_byte_data callback
     - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
       1.2
     - ice: fix accounting for filters shared by multiple VSIs
     - igb: Always call igb_xdp_ring_update_tail() under Tx lock
     - net/mlx5e: Add missing link modes to ptys2ethtool_map
     - net/mlx5: Explicitly set scheduling element and TSAR type
     - net/mlx5: Add support to create match definer
     - net/mlx5: Add IFC bits and enums for flow meter
     - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
     - fou: fix initialization of grc
     - octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush
     - octeontx2-af: Modify SMQ flush sequence to drop packets
     - net: ftgmac100: Enable TX interrupt to avoid TX timeout
     - netfilter: nft_socket: fix sk refcount leaks
     - net: dpaa: Pad packets to ETH_ZLEN
     - spi: nxp-fspi: fix the KASAN report out-of-bounds bug
     - dma-buf: heaps: Fix off-by-one in CMA heap fault handler
     - ASoC: meson: axg-card: fix 'use-after-free'
     - ASoC: allow module autoloading for table db1200_pids
     - ALSA: hda/realtek - Fixed ALC256 headphone no sound
     - ALSA: hda/realtek - FIxed ALC285 headphone no sound
     - scsi: lpfc: Fix overflow build issue
     - pinctrl: at91: make it work with current gpiolib
     - microblaze: don't treat zero reserved memory regions as error
     - net: ftgmac100: Ensure tx descriptor updates are visible
     - wifi: iwlwifi: lower message level for FW buffer destination
     - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation
     - wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
     - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
     - wifi: iwlwifi: clear trans->state earlier upon error
     - ASoC: intel: fix module autoloading
     - ASoC: tda7419: fix module autoloading
     - spi: spidev: Add an entry for elgin,jg10309-01
     - drm: komeda: Fix an issue related to normalized zpos
     - spi: bcm63xx: Enable module autoloading
     - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
     - spi: spidev: Add missing spi_device_id for jg10309-01
     - ocfs2: add bounds checking to ocfs2_xattr_find_entry()
     - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
     - cgroup: Make operations on the cgroup root_list RCU safe
     - Revert "wifi: cfg80211: check wiphy mutex is held for wdev mutex"
     - gpio: prevent potential speculation leaks in gpio_device_get_desc()
     - gpiolib: cdev: Ignore reconfiguration without direction
     - cgroup: Move rcu_head up near the top of cgroup_root
     - USB: serial: pl2303: add device id for Macrosilicon MS3020
     - USB: usbtmc: prevent kernel-usb-infoleak
     - EDAC/synopsys: Add support for version 3 of the Synopsys EDAC DDR
     - EDAC/synopsys: U

Source diff to previous version
1786013 Packaging resync
2086242 Jammy update: v5.15.168 upstream stable release
2080378 IOMMU warnings on AMD systems after booting into kdump kernel
2064176 LXD fan bridge causes blocked tasks
2085082 Cannot detect audio sinks and sources in proposed kernel
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2024-42158 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_exp
CVE-2024-38667 In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52532 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably
CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These thre
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se

Version: 5.15.0-1075.84~20.04.1 2024-11-04 21:08:34 UTC

 linux-azure-5.15 (5.15.0-1075.84~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1075.84~20.04.1 -proposed tracker
     (LP: #2082956)
 .
   [ Ubuntu: 5.15.0-1075.84 ]
 .
   * jammy/linux-azure: 5.15.0-1075.84 -proposed tracker (LP: #2082957)
   * Jammy update: v5.15.165 upstream stable release (LP: #2078428)
     - [Config] azure: Disabling FSL_IFC
   * Missing fix in linux kernel cifs/smb client module (LP: #2071744)
     - cifs: prevent updating file size from server if we have a read/write lease
   * Azure: Update CIFS to v6.8 (LP: #2082641)
     - cifs: is_network_name_deleted should return a bool
     - cifs: fix charset issue in reconnection
     - cifs: update the ctime on a partial page write
     - smb: client: introduce DFS_CACHE_TGT_LIST()
     - smb: client: ensure to try all targets when finding nested links
     - smb: client: move some params to cifs_open_info_data
     - smb: client: make smb2_compound_op() return resp buffer on success
     - smb: client: rename cifs_dfs_ref.c to namespace.c
     - smb: client: get rid of dfs naming in automount code
     - smb: client: get rid of dfs code dep in namespace.c
     - smb: client: parse reparse point flag in create response
     - smb: client: do not query reparse points twice on symlinks
     - smb: client: query reparse points in older dialects
     - smb: cilent: set reparse mount points as automounts
     - smb: client: reduce stack usage in cifs_try_adding_channels()
     - smb: client: reduce stack usage in cifs_demultiplex_thread()
     - smb: client: reduce stack usage in smb_send_rqst()
     - smb: client: reduce stack usage in smb2_set_ea()
     - smb: client: reduce stack usage in smb2_query_info_compound()
     - smb: client: reduce stack usage in smb2_query_reparse_point()
     - cifs: update desired access while requesting for directory lease
     - send channel sequence number in SMB3 requests after reconnects
     - SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion
     - cifs: Add a laundromat thread for cached directories
     - smb3: allow controlling length of time directory entries are cached with dir
       leases
     - smb3: add trace point for queryfs (statfs)
     - smb3: allow controlling maximum number of cached directories
     - cifs: update internal module version number for cifs.ko
     - smb3: fix minor typo in SMB2_GLOBAL_CAP_LARGE_MTU
     - smb3: move server check earlier when setting channel sequence number
     - smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP
     - smb3: fix some minor typos and repeated words
     - smb3: Add dynamic trace points for RDMA (smbdirect) reconnect
     - SAUCE: smb3: do not start laundromat thread when dir leases disabled
     - cifs: Fix UAF in cifs_demultiplex_thread()
     - smb3: remove duplicate error mapping
     - smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
     - smb3: fix confusing debug message
     - fs/smb/client: Reset password pointer to NULL
     - smb: client: do not start laundromat thread on nohandlecache
     - smb: client: make laundromat a delayed worker
     - smb: client: prevent new fids from being removed by laundromat
     - smb3: fix touch -h of symlink
     - cifs: Add client version details to NTLM authenticate message
     - SMB3: clarify some of the unused CreateOption flags
     - Add definition for new smb3.1.1 command type
     - smb3: fix creating FIFOs when mounting with "sfu" mount option
     - smb: client: fix potential deadlock when releasing mids
     - smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
     - smb: use crypto_shash_digest() in symlink_hash()
     - cifs: print server capabilities in DebugData
     - cifs: add xid to query server interface call
     - smb: client: remove extra @chan_count check in __cifs_put_smb_ses()
     - smb: client: fix use-after-free in smb2_query_info_compound()
     - cifs: reconnect helper should set reconnect for the right channel
     - cifs: do not reset chan_max if multichannel is not supported at mount
     - cifs: force interface update before a fresh session setup
     - smb3: minor RDMA cleanup
     - smb3: more minor cleanups for session handling routines
     - cifs: handle cases where a channel is closed
     - cifs: distribute channels across interfaces based on speed
     - cifs: account for primary channel in the interface list
     - cifs: do not pass cifs_sb when trying to add channels
     - cifs: reconnect work should have reference on server struct
     - smb3: minor cleanup of session handling code
     - smb3: fix caching of ctime on setxattr
     - smb: client: fix mount when dns_resolver key is not available
     - smb3: allow dumping session and tcon id to improve stats analysis and
       debugging
     - Missing field not being returned in ioctl CIFS_IOC_GET_MNT_INFO
     - cifs: handle when server starts supporting multichannel
     - cifs: handle when server stops supporting multichannel
     - cifs: update internal module version number for cifs.ko
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - cifs: fix leak of iface for primary channel
     - cifs: fix lock ordering while disabling multichannel
     - cifs: fix use after free for iface while disabling secondary channels
     - smb: client: implement ->query_reparse_point() for SMB1
     - smb: client: introduce ->parse_reparse_point()
     - smb: client: set correct file type from NFS reparse points
     - smb: client: introduce cifs_sfu_make_node()
     - smb: client: fix missing mode bits for SMB symlinks
     - smb: client: report correct st_size for SMB and NFS symlinks
     - cifs: Fix FALLOC_FL_ZERO_RANGE by setting i_size if EOF moved
     - cifs: Fix FALLOC_FL_INSERT_RANGE by setting i_size after EOF moved
     - smb: client, common: fix fortify warnings
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
  

Source diff to previous version
2078428 Jammy update: v5.15.165 upstream stable release
2071744 Missing fix in linux kernel cifs/smb client module
2082641 Azure: Update CIFS to v6.8
2084052 RDMA/mana_ib patches
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1072.81~20.04.1 2024-08-20 06:12:09 UTC

 linux-azure-5.15 (5.15.0-1072.81~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1072.81~20.04.1 -proposed tracker
     (LP: #2075857)
 .
   [ Ubuntu: 5.15.0-1072.81 ]
 .
   * jammy/linux-azure: 5.15.0-1072.81 -proposed tracker (LP: #2075858)
   * kernel panic was caused by a fatal exception due to a null pointer
     dereference in the iptable_nat module (LP: #2076291)
     - netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
   * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
   * jammy:linux bpf selftest do not build (LP: #2076334)
     - SAUCE: Revert "bpf: Allow reads from uninit stack"
   * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.08.05)
   * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
     - Compiler Attributes: Add __uninitialized macro
     - locking/mutex: Introduce devm_mutex_init()
     - drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - wifi: mt76: replace skb_put with skb_put_zero
     - net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - igc: fix a log entry using uninitialized netdev
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - s390/pkey: Wipe sensitive data on failure
     - tools/power turbostat: Remember global max_die_id
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - KVM: s390: fix LPSWEY handling
     - e1000e: Fix S0ix residency on corporate systems
     - net: allow skb_datagram_iter to be called from any context
     - wifi: wilc1000: fix ies_len type in connect path
     - riscv: kexec: Avoid deadlock in kexec crash path
     - netfilter: nf_tables: unconditionally flush pending work before notifier
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
     - selftests: fix OOM in msg_zerocopy selftest
     - selftests: make order checking verbose in msg_zerocopy selftest
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - gpiolib: of: factor out code overriding gpio line polarity
     - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
     - gpiolib: of: add polarity quirk for TSC2005
     - Revert "igc: fix a log entry using uninitialized netdev"
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - btrfs: fix adding block group to a reclaim list and the unused list during
       reclaim
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Ensure ECC configuration is propagated to upper layers
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - mtd: rawnand: rockchip: ensure NVDDR timings are rejected
     - ima: Avoid blocking in RCU read-side critical section
     - media: dw2102: fix a potential buffer overflow
     - clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - fs/ntfs3: Mark volume as dirty if xattr is broken
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - dma-mapping: benchmark: avoid needless copy_to_user if benchmark fails
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - regmap-i2c: Subtract reg size from max_write
     - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
       tablet
     - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nfc/nci: Add the inconsistency check between the input data length and count
     - null_blk: Do not allow runt zone with zone capacity smaller then zone size
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NU

Source diff to previous version
2076291 kernel panic was caused by a fatal exception due to a null pointer dereference in the iptable_nat module
2076334 jammy:linux bpf selftest do not build
1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori

Version: 5.15.0-1070.79~20.04.1 2024-07-30 18:11:26 UTC

 linux-azure-5.15 (5.15.0-1070.79~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1070.79~20.04.1 -proposed tracker
     (LP: #2072208)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure-5.15/dkms-versions -- update from kernel-versions
       (main/2024.07.08)
 .
   [ Ubuntu: 5.15.0-1070.79 ]
 .
   * jammy/linux-azure: 5.15.0-1070.79 -proposed tracker (LP: #2072209)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
       (main/2024.07.08)
   * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
   * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
     - drm/amd/display: Fix division by zero in setup_dsc_config
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - nfsd: don't allow nfsd threads to be signalled.
     - KEYS: trusted: Fix memory leak in tpm2_key_encode()
     - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
     - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - net: bcmgenet: synchronize UMAC_CMD access
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - netlink: annotate data-races around sk->sk_err
     - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper()
     - binder: fix max_thread type inconsistency
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
     - KEYS: trusted: Do not use WARN when encode fails
     - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
     - docs: kernel_include.py: Cope with docutils 0.21
     - Linux 5.15.160
   * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
     - dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
     - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
     - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition
     - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
     - pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
     - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
     - pinctrl: mediatek: paris: Rework support for
       PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - power: rt9455: hide unused rt9455_boost_voltage_values
     - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - regulator: mt6360: De-capitalize devicetree regulator subnodes
     - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
     - bpf: Fix a verifier verbose message
     - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
     - s390/mm: Fix storage key clearing for guest huge pages
     - s390/mm: Fix clearing storage keys for huge pages
     - xdp: Move conversion to xdp_frame out of map functions
     - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
     - xdp: use flags field to disambiguate broadcast redirect
     - bna: ensure the copied buf is NUL terminated
     - octeontx2-af: avoid off-by-one read from userspace
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - s390/vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - ASoC: meson: axg-fifo: use FIELD helpers
     - ASoC: meson: axg-fifo: use threaded irq to check periods
     - ASoC: meson: axg-card: make links nonatomic
     - ASoC: meson: axg-tdm-interface: manage formatters in trigger
     - ASoC: meson: cards: select SND_DYNAMIC_MINORS
     - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
     - s390/cio: Ensure the copied buf is NUL terminated
     - cxgb4: Properly lock TX queue for the selftest.
     - net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - tipc: fix a possible memleak in tipc_buf_append
     - s390/qeth: don't keep track of Input Queue count
     - s390/qeth: Fix kernel panic after setting hsuid
     - drm/panel: ili9341: Respect deferred probe
     - drm/panel: ili9341: Use predefined error codes
     - net: gro: add flush check in udp_gro_receive_segment
     - clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
     - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
     - scsi: lpf

Source diff to previous version
1786013 Packaging resync
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following

Version: 5.15.0-1068.77~20.04.1 2024-06-22 00:11:29 UTC

 linux-azure-5.15 (5.15.0-1068.77~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1068.77~20.04.1 -proposed tracker
     (LP: #2068349)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure-5.15/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
 .
   [ Ubuntu: 5.15.0-1068.77 ]
 .
   * jammy/linux-azure: 5.15.0-1068.77 -proposed tracker (LP: #2068350)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * Backport request for Ubuntu 5.15 kernels - CIFS Issue (LP: #2070076)
     - keys: Fix overwrite of key expiration on instantiation
   * Azure: Fix hibernation failure (LP: #2069749)
     - drm: Check output polling initialized before disabling
     - drm: Check polling initialized before enabling in
       drm_helper_probe_single_connector_modes
   * Hairpinning Issue on AKS with Latest Linux Stable Kernels (LP: #2070072)
     - SAUCE: Revert "netfilter: br_netfilter: skip conntrack input hook for
       promisc packets"
   * Azure: net: mana: Fix Rx DMA datasize and skb_over_panic (LP: #2066992)
     - net: mana: Fix Rx DMA datasize and skb_over_panic
   * Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
     (LP: #2066982)
     - net: mana: Enable MANA driver on ARM64 with 4K page size
   * jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * Jammy update: v5.15.158 upstream stable release (LP: #2067974)
     - smb: client: fix rename(2) regression against samba
     - cifs: reinstate original behavior again for forceuid/forcegid
     - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
     - HID: logitech-dj: allow mice to use all types of reports
     - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
     - arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
     - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
     - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
     - arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
     - arm64: dts: mediatek: mt7622: add support for coherent DMA
     - arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
     - arm64: dts: mediatek: mt7622: fix clock controllers
     - arm64: dts: mediatek: mt7622: fix IR nodename
     - arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
     - arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
     - arm64: dts: mediatek: mt2712: fix validation errors
     - ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
     - vxlan: drop packets from invalid src-address
     - mlxsw: core: Unregister EMAD trap using FORWARD action
     - icmp: prevent possible NULL dereferences from icmp_build_probe()
     - bridge/br_netlink.c: no need to return void function
     - NFC: trf7970a: disable all regulators on removal
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
     - mlxsw: spectrum_acl_tcam: Rate limit error message
     - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
     - mlxsw: spectrum_acl_tcam: Fix warning during rehash
     - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
     - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - serial: mxs-auart: add spinlock around changing cts state
     - drm-print: add drm_dbg_driver to improve namespace symmetry
     - drm/vmwgfx: Fix crtc's atomic check conditional
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - x86/cpu: Fix check for RDPKRU in __show_regs()
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - Bluetooth: qca: fix NULL-deref on non-serdev suspend
     - mmc: sdhci-msm: pervent access to suspended controller
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - [Configs] Update CPU mitigation configs
     - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: res

1786013 Packaging resync
2070076 Backport request for Ubuntu 5.15 kernels - CIFS Issue
2069749 Azure: Fix hibernation failure
2070072 Hairpinning Issue on AKS with Latest Linux Stable Kernels
2066992 Azure: net: mana: Fix Rx DMA datasize and skb_over_panic
2066982 Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout



About   -   Send Feedback to @ubuntu_updates