UbuntuUpdates.org

Package "linux-bluefield"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-bluefield

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0

Latest version: 5.4.0-1082.89
Release: focal (20.04)
Level: base
Repository: main

Links



Other versions of "linux-bluefield" in Focal

Repository Area Version
security main 5.4.0-1081.88
updates main 5.4.0-1081.88
proposed main 5.4.0-1082.89

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-1072.78 2023-09-22 12:08:28 UTC

 linux-bluefield (5.4.0-1072.78) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1072.78 -proposed tracker (LP: #2033834)
 .
   * Focal update: v5.4.248 upstream stable release (LP: #2031121)
     - [Config] bluefield: updateconfigs for DECNET
 .
   * mlxbf-gige: Enable the OOB port in mlxbf_gige_open (LP: #2035128)
     - SAUCE: mlxbf-gige: Enable the OOB port in mlxbf_gige_open
 .
   [ Ubuntu: 5.4.0-164.181 ]
 .
   * focal/linux: 5.4.0-164.181 -proposed tracker (LP: #2033867)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
   * Azure: hv_netvsc: add support for vlans in AF_PACKET mode (LP: #2030872)
     - hv_netvsc: add support for vlans in AF_PACKET mode
   * systemd mount units fail during boot, while file system is correctly mounted
     (LP: #1837227)
     - list: introduce list_for_each_continue()
     - proc/mounts: add cursor
   * CVE-2023-40283
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   * CVE-2023-20588
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/CPU/AMD: Do not leak quotient data after a division by 0
     - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
   * CVE-2023-4194
     - net: tun_chr_open(): set sk_uid from current_fsuid()
     - net: tap_open(): set sk_uid from current_fsuid()
   * CVE-2023-1206
     - tcp: Reduce chance of collisions in inet6_hashfn().
   * CVE-2021-4001
     - bpf: Fix toctou on read-only map's constant scalar tracking
   * Focal update: v5.4.248 upstream stable release (LP: #2031121)
     - test_firmware: fix a memory leak with reqs buffer
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - dasd: refactor dasd_ioctl_information
     - s390/dasd: Use correct lock while counting channel queue length
     - power: supply: ab8500: Fix external_power_changed race
     - power: supply: sc27xx: Fix external_power_changed race
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - ARM: dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - irqchip/meson-gpio: Mark OF related data as maybe unused
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
     - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
     - MIPS: Alchemy: fix dbdma2
     - mips: Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nios2: dts: Fix tse_mac "max-frame-size" property
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - powerpc/purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel
     - [Config] updateconfigs for DECNET
     - USB: serial: option: add Quectel EM061KGL series
     - serial: lantiq: add missing interrupt ack
     - usb: dwc3: gadget: Reset num TRBs before giving back the request
     - spi: spi-fsl-dspi: Remove unused chip->void_write_data
     - spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - ping6: Fix send to link-local addresses with VRF.
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau/kms: Don't change EDID when it hasn't actually changed
     - drm/nouveau: add nv_encoder pointer check for NULL
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: lapbether: only support ethernet devices
     - net: tipc: resize nlattr array to correct size
     - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
     - afs: Fix vlserver probe RTT handling
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - neighbour: delete neigh_lookup_nodev as not used
     - drm/nouveau/kms: Fix NULL pointer dereference in
       nouveau_connector_detect_depth
     - mmc: block: ensure error propagation for non-blk
     - Linux 5.4.248
   * Focal update: v5.4.247 upstream stable release (LP: #2030818)
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - block/blk-iocost (gcc13): keep large values in a new enum
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - spi: qup: Request DMA before enabling clocks
     - neighbour: Replace zero-length array with flexible-array member
     - neighbour: fix unaligned

Source diff to previous version
2031121 Focal update: v5.4.248 upstream stable release
2035128 mlxbf-gige: Enable the OOB port in mlxbf_gige_open
2022361 Please enable Renesas RZ platform serial installer
2030872 Azure: hv_netvsc: add support for vlans in AF_PACKET mode
1837227 systemd mount units fail during boot, while file system is correctly mounted
2030818 Focal update: v5.4.247 upstream stable release
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2021-4001 A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/sys
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr

Version: 5.4.0-1070.76 2023-08-30 18:08:48 UTC

 linux-bluefield (5.4.0-1070.76) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1070.76 -proposed tracker (LP: #2030986)
 .
   * EFI pstore not cleared on boot (LP: #1978079)
     - [Config] bluefield: Enable CONFIG_EFI_VARS_PSTORE as build-in
     - [Config] bluefield: Remove efi-pstore from modules list
 .
   * Focal update: v5.4.246 upstream stable release (LP: #2028981)
     - [Config] bluefield: updateconfigs for SCSI_DPT_I2O
     - SAUCE: xfrm: Check if_id in xfrm full offload
 .
   * rshim console truncates dmesg output due to tmfifo issue (LP: #2028197)
     - SAUCE: mlxbf-tmfifo.c: Fix rhsim console w/ truncated dmesg output
 .
   * mlxbf-gige: Fix kernel panic after reboot (LP: #2030765)
     - SAUCE: mlxbf-gige: Fix kernel panic after reboot (part 1/2)
     - SAUCE: mlxbf-gige: Fix kernel panic after reboot (part 2/2)
 .
   [ Ubuntu: 5.4.0-162.179 ]
 .
   * focal/linux: 5.4.0-162.179 -proposed tracker (LP: #2031128)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
 .
   [ Ubuntu: 5.4.0-160.177 ]
 .
   * focal/linux: 5.4.0-160.177 -proposed tracker (LP: #2031017)
   * Fix boot test warning for log_check "CPU: 0 PID: 0 at
     arch/x86/kernel/fpu/xstate.c:878 get_xsave_addr+0x98/0xb0" (LP: #2031022)
     - x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate")
 .
   [ Ubuntu: 5.4.0-158.175 ]
 .
   * focal/linux: 5.4.0-158.175 -proposed tracker (LP: #2030466)
   * CVE-2022-40982
     - x86/mm: Initialize text poking earlier
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * CVE-2023-20593
     - x86/cpu/amd: Move the errata checking functionality up
     - x86/cpu/amd: Add a Zenbleed fix
   * CVE-2023-3611
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
   * stacked overlay file system mounts that have chroot() called against them
     appear to be getting locked (by the kernel most likely?) (LP: #2016398)
     - SAUCE: overlayfs: fix reference count mismatch
   * Focal update: v5.4.246 upstream stable release (LP: #2028981)
     - RDMA/efa: Fix unsupported page sizes in device
     - RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series
     - RDMA/bnxt_re: Refactor queue pair creation code
     - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
     - iommu/rockchip: Fix unwind goto issue
     - iommu/amd: Don't block updates to GATag if guest mode is on
     - dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - amd-xgbe: fix the false linkup in xgbe_phy_status
     - mtd: rawnand: ingenic: fix empty stub helper definitions
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - mtd: rawnand: marvell: ensure timing values are written
     - mtd: rawnand: marvell: don't set the NAND frequency select
     - watchdog: menz069_wdt: fix watchdog initialisation
     - mailbox: mailbox-test: Fix potential double-free in
       mbox_test_message_write()
     - ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - fbdev: stifb: Fix info entry in sti_struct on error path
     - nbd: Fix debugfs_create_dir error checking
     - ASoC: dwc: limit the number of overrun messages
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: ssm2602: Add workaround for playback distortions
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dv

Source diff to previous version
1978079 EFI pstore not cleared on boot
2028981 Focal update: v5.4.246 upstream stable release
2028197 rshim console truncates dmesg output due to tmfifo issue
2030765 mlxbf-gige: Fix kernel panic after reboot
2031093 libgnutls report \
2031022 Fix boot test warning for log_check \
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2028980 Focal update: v5.4.245 upstream stable release
2028697 Focal update: v5.4.244 upstream stable release
2025387 Focal update: v5.4.243 upstream stable release
2025094 Focal update: v5.4.242 upstream stable release
1786013 Packaging resync
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-2269 A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI
CVE-2023-3268 An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw coul

Version: 5.4.0-1068.74 2023-07-19 19:09:10 UTC

 linux-bluefield (5.4.0-1068.74) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1068.74 -proposed tracker (LP: #2026552)
 .
   * mlxbf-tmfifo: fix potential race (LP: #2016039)
     - SAUCE: mlxbf-tmfifo: fix potential race
 .
   * mlxbf-gige: Fix kernel panic at shutdown (LP: #2022370)
     - SAUCE: mlxbf-gige: Fix kernel panic at shutdown
 .
   * net: openvswitch: fix race on port output (LP: #2020606)
     - net: openvswitch: fix race on port output
 .
   * mlxbf-bootctl: support SMC call for setting ARM boot state (LP: #2013383)
     - SAUCE: mlxbf-bootctl: support SMC call for setting ARM boot state
 .
   * mlxbf-gige: Fix intermittent no ip issue (LP: #2022387)
     - SAUCE: mlxbf-gige: Fix intermittent no ip issue
 .
   * mlxbf-tmfifo: robust fix to drop over-sized packet or no Rx descriptors
     (LP: #2021749)
     - SAUCE: mlxbf-tmfifo: Drop the Rx packet if no more descriptors
     - SAUCE: mlxbf-tmfifo: Drop jumbo frames
 .
   [ Ubuntu: 5.4.0-156.173 ]
 .
   * focal/linux: 5.4.0-156.173 -proposed tracker (LP: #2026585)
   * CVE-2023-3390
     - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
   * Focal update: v5.4.241 upstream stable release (LP: #2023930)
     - scsi: ses: Handle enclosure with just a primary component gracefully
     - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
     - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
     - treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
     - smb3: fix problem with null cifs super block with previous patch
     - pinctrl: amd: Use irqchip template
     - pinctrl: amd: disable and mask interrupts on probe
     - pinctrl: amd: Disable and mask interrupts on resume
     - pwm: cros-ec: Explicitly set .polarity in .get_state()
     - pwm: sprd: Explicitly set .polarity in .get_state()
     - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
       sta
     - icmp: guard against too small mtu
     - net: don't let netpoll invoke NAPI if in xmit context
     - sctp: check send stream number after wait_for_sndbuf
     - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
     - gpio: davinci: Add irq chip flag to skip set wake
     - sunrpc: only free unix grouplist after RCU settles
     - NFSD: callback request does not use correct credential for AUTH_SYS
     - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
     - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
     - usb: typec: altmodes/displayport: Fix configure initial pin assignment
     - USB: serial: option: add Telit FE990 compositions
     - USB: serial: option: add Quectel RM500U-CN modem
     - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
     - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
     - tty: serial: sh-sci: Fix transmit end interrupt handler
     - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
     - tty: serial: fsl_lpuart: avoid checking for transfer complete when
       UARTCTRL_SBK is asserted in lpuart32_tx_empty
     - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
     - nilfs2: fix sysfs interface lifetime
     - ALSA: hda/realtek: Add quirk for Clevo X370SNW
     - perf/core: Fix the same task check in perf_event_set_output
     - ftrace: Mark get_lock_parent_ip() __always_inline
     - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
     - tracing: Free error logs of tracing instances
     - net_sched: prevent NULL dereference if default qdisc setup failed
     - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
     - ring-buffer: Fix race while reader and writer are on the same page
     - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
     - irqdomain: Look for existing mapping only once
     - irqdomain: Refactor __irq_domain_alloc_irqs()
     - irqdomain: Fix mapping-creation race
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - btrfs: print checksum type and implementation at mount time
     - btrfs: fix fast csum implementation detection
     - mtdblock: tolerate corrected bit-flips
     - mtd: rawnand: meson: fix bitmask for length in command word
     - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - qlcnic: check pci_reset_function result
     - sctp: fix a potential overflow in sctp_ifwdtsn_skip
     - RDMA/core: Fix GID entry ref leak when create_ah fails
     - udp6: fix potential access to stale information
     - net: macb: fix a memory corruption in extended buffer descriptor mode
     - power: supply: cros_usbpd: reclassify "default case!" as debug
     - i2c: imx-lpi2c: clean rx/tx buffers upon new message
     - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
     - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
     - verify_pefile: relax wrapper length check
     - asymmetric_keys: log on fatal failures in PE/pkcs7
     - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
     - mtd: ubi: wl: Fix a couple of kernel-doc issues
     - ubi: Fix deadlock caused by recursively holding work_sem
     - i2c: ocores: generate stop condition after timeout in polling mode
     - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
     - coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
 

Source diff to previous version
2016039 mlxbf-tmfifo: fix potential race
2022370 mlxbf-gige: Fix kernel panic at shutdown
2020606 net: openvswitch: fix race on port output
2013383 mlxbf-bootctl: support SMC call for setting ARM boot state
2022387 mlxbf-gige: Fix intermittent no ip issue
2021749 mlxbf-tmfifo: robust fix to drop over-sized packet or no Rx descriptors
2023930 Focal update: v5.4.241 upstream stable release
2019011 [UBUNTU 20.04] [HPS] Kernel panic with \
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2003053 NFS: client permission error after adding user to permissible group
2022098 Severe NFS performance degradation after LP #2003053
2020319 Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest
2023601 Focal update: v5.4.240 upstream stable release
2023600 Focal update: v5.4.239 upstream stable release
2023427 Focal update: v5.4.238 upstream stable release
2023420 Focal update: v5.4.237 upstream stable release
2020390 Focal update: v5.4.236 upstream stable release
1786013 Packaging resync
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2023-3111 A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be trig
CVE-2023-1611 A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the syste
CVE-2022-0168 A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (
CVE-2022-27672 When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch po
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2020-36691 An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested
CVE-2022-1184 A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacke
CVE-2022-4269 A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress

Version: 5.4.0-1065.71 2023-05-30 18:08:41 UTC

 linux-bluefield (5.4.0-1065.71) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1065.71 -proposed tracker (LP: #2019350)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
 .
   [ Ubuntu: 5.4.0-151.168 ]
 .
   * focal/linux: 5.4.0-151.168 -proposed tracker (LP: #2019375)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706)
     - HID: asus: Remove check for same LED brightness on set
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers
     - ARM: OMAP2+: Fix memory leak in realtime_counter_init()
     - arm64: dts: qcom: qcs404: use symbol names for PCIe resets
     - ARM: zynq: Fix refcount leak in zynq_early_slcr_init
     - arm64: dts: meson-gx: Fix Ethernet MAC address unit name
     - arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
     - arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
     - arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
     - ARM: OMAP1: call platform_device_put() in error case in
       omap1_dm_timer_init()
     - ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
     - ARM: imx: Call ida_simple_remove() for ida_simple_get
     - arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
     - arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
     - arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
     - arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
     - arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node
       name
     - arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
     - ARM: dts: imx7s: correct iomuxc gpr mux controller cells
     - arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
     - Revert "scsi: core: run queue if SCSI device queue isn't ready and queue is
       idle"
     - block: Limit number of items taken from the I/O scheduler in one go
     - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
     - blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait
     - blk-mq: correct stale comment of .get_budget
     - s390/dasd: Prepare for additional path event handling
     - s390/dasd: Fix potential memleak in dasd_eckd_init()
     - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
     - sched/rt: pick_next_rt_entity(): check list_entry
     - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
     - wifi: rsi: Fix memory leak in rsi_coex_attach()
     - net/wireless: Delete unnecessary checks before the macro call
       “dev_kfree_skb”
     - wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: fix memory leak in lbs_init_adapter()
     - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
     - rtlwifi: fix -Wpointer-sign warning
     - wifi: rtlwifi: Fix global-out-of-bounds bug in
       _rtl8812ae_phy_set_txpower_limit()
     - ipw2x00: switch from 'pci_' to 'dma_' API
     - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: ipw2200: fix memory leak in ipw_wdev_init()
     - wilc1000: let wilc_mac_xmit() return NETDEV_TX_OK
     - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
     - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
     - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
     - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
     - crypto: x86/ghash - fix unaligned access in ghash_setkey()
     - ACPICA: Drop port I/O validation for some regions
     - genirq: Fix the return type of kstat_cpu_irqs_sum()
     - lib/mpi: Fix buffer overrun when SG is too long
     - ACPICA: nsrepair: handle cases without a return value correctly
     - wifi: orinoco: check return value of hermes_write_wordrec()
     - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback
       function
     - ath9k: hif_usb: simplify if-if to if-else
     - ath9k: htc: clean up statistics macros
     - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
     - wifi: ath9k: Fix potential stack-out-of-bounds write in
       ath9k_wmi_rsp_callback()
     - ACPI: battery: Fix missing NUL-termination with large strings
     - crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
     - crypto: essiv - remove redundant null pointer check before kfree
     - crypto: essiv - Handle EBUSY correctly
     - crypto: seqiv - Handle EBUSY correctly
     - powercap: fix possible name leak in powercap_register_zone()
     - net/mlx5: Enhance debug print in page allocation failure
     - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
     - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
     - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
     - mptcp: add sk_stop_timer_sync helper
     - net: add sock_init_data_uid()

Source diff to previous version
1786013 Packaging resync
2017706 Focal update: Focal update: v5.4.235 upstream stable release
2017691 Focal update: v5.4.234 upstream stable release
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-0461 RESERVED
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.
CVE-2023-1859 A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow
CVE-2023-1670 A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the syst

Version: 5.4.0-1063.69 2023-05-16 11:10:43 UTC

 linux-bluefield (5.4.0-1063.69) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1063.69 -proposed tracker (LP: #2016564)
 .
   * Completely support vxlan and erspan for flower (LP: #2016829)
     - net: sched: add vxlan option support to act_tunnel_key
     - net: sched: add erspan option support to act_tunnel_key
     - net: sched: initialize with 0 before setting erspan md->u
     - cls_flower: call nla_ok() before nla_next()
 .
   [ Ubuntu: 5.4.0-149.166 ]
 .
   * focal/linux: 5.4.0-149.166 -proposed tracker (LP: #2016591)
   * Focal update: v5.4.233 upstream stable release (LP: #2015909)
     - dma-mapping: add generic helpers for mapping sgtable objects
     - scatterlist: add generic wrappers for iterating over sgtable objects
     - drm: etnaviv: fix common struct sg_table related issues
     - drm/etnaviv: don't truncate physical page address
     - wifi: rtl8xxxu: gen2: Turn on the rate control
     - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
     - random: always mix cycle counter in add_latent_entropy()
     - KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
     - can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
     - powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
     - alarmtimer: Prevent starvation by small intervals and SIG_IGN
     - drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
     - mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
     - uaccess: Add speculation barrier to copy_from_user()
     - wifi: mwifiex: Add missing compatible string for SD8787
     - ext4: Fix function prototype mismatch for ext4_feat_ktype
     - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
       child qdiscs"
     - bpf: add missing header file include
     - Linux 5.4.233
   * selftest: fib_tests: Always cleanup before exit (LP: #2015956)
     - selftest: fib_tests: Always cleanup before exit
   * fib_tests.sh in ubuntu_kernel_selftests was skipped silently on Focal
     (LP: #2015440)
     - selftests: Fix the executable permissions for fib_tests.sh
   * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
     - [Debian] autoreconstruct - fix restoration of execute permissions
   * kernel: fix __clear_user() inline assembly constraints (LP: #2013088)
     - s390/uaccess: add missing earlyclobber annotations to __clear_user()
   * i/o error if next unused loop device is queried (LP: #1856871)
     - loop: fix I/O error on fsync() in detached loop devices
   * CVE-2023-1075
     - net/tls: tls_is_tx_ready() checked list_entry
   * Focal update: v5.4.232 upstream stable release (LP: #2011625)
     - firewire: fix memory leak for payload of request subaction to IEC 61883-1
       FCP region
     - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
     - ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
     - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
     - arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
     - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
       SCSI_SCAN_TARGET_PRESENT"
     - WRITE is "data source", not destination...
     - fix iov_iter_bvec() "direction" argument
     - fix "direction" argument of iov_iter_kvec()
     - netrom: Fix use-after-free caused by accept on already connected socket
     - netfilter: br_netfilter: disable sabotage_in hook after first suppression
     - squashfs: harden sanity check in squashfs_read_xattr_id_table
     - net: phy: meson-gxl: Add generic dummy stubs for MMD register access
     - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     - selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
     - selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
     - selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
       benchmarking
     - virtio-net: Keep stop() to follow mirror sequence of open()
     - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
     - efi: fix potential NULL deref in efi_mem_reserve_persistent
     - scsi: target: core: Fix warning on RT kernels
     - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
     - i2c: rk3x: fix a bunch of kernel-doc warnings
     - net/x25: Fix to not accept on connected socket
     - iio: adc: stm32-dfsdm: fill module aliases
     - usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
     - usb: dwc3: qcom: enable vbus override when in OTG dr-mode
     - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
     - Input: i8042 - move __initconst to fix code styling warning
     - Input: i8042 - merge quirk tables
     - Input: i8042 - add TUXEDO devices to i8042 quirk tables
     - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
     - fbcon: Check font dimension limits
     - watchdog: diag288_wdt: do not use stack buffers for hardware data
     - watchdog: diag288_wdt: fix __diag288() inline assembly
     - efi: Accept version 2 of memory attributes table
     - iio: hid: fix the retval in accel_3d_capture_sample
     - iio: adc: berlin2-adc: Add missing of_node_put() in error path
     - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
     - parisc: Fix return code of pdc_iodc_print()
     - parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case
     - riscv: disable generation of unwind tables
     - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
     - fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
     - mm/swapfile: add cond_resched() in get_swap_pages()
     - Squashfs: fix handling and sanity checking of xattr_ids count
     - nvmem: core: fix cell removal on error
     - mm: swap: properly update readahead statistics

2016829 Completely support vxlan and erspan for flower
2015909 Focal update: v5.4.233 upstream stable release
2015440 fib_tests.sh in ubuntu_kernel_selftests was skipped silently on Focal
2015498 Debian autoreconstruct Fix restoration of execute permissions
2013088 kernel: fix __clear_user() inline assembly constraints
1856871 i/o error if next unused loop device is queried
2011625 Focal update: v5.4.232 upstream stable release
CVE-2023-1075 A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user



About   -   Send Feedback to @ubuntu_updates