UbuntuUpdates.org

Package "linux-cloud-tools-common"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-cloud-tools-common

Description:

Linux kernel version specific cloud tools for version 5.4.0

Latest version: 5.4.0-181.201
Release: focal (20.04)
Level: base
Repository: main
Head package: linux

Links


Download "linux-cloud-tools-common"


Other versions of "linux-cloud-tools-common" in Focal

Repository Area Version
base main 5.4.0-26.30
security main 5.4.0-174.193
updates main 5.4.0-174.193
proposed main 5.4.0-176.196

Changelog

Version: 5.4.0-181.201 2024-03-28 19:08:44 UTC

 linux (5.4.0-181.201) focal; urgency=medium
 .
   * focal/linux: 5.4.0-181.201 -proposed tracker (LP: #2059549)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop getabis data
 .
   * Drop fips-checks script from trees (LP: #2055083)
     - [Packaging] Remove fips-checks script
 .
   * Remove getabis scripts (LP: #2059143)
     - [Packaging] Remove getabis
 .
   * Focal update: v5.4.269 upstream stable release (LP: #2058948)
     - PCI: mediatek: Clear interrupt status before dispatching handler
     - include/linux/units.h: add helpers for kelvin to/from Celsius conversion
     - units: Add Watt units
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - serial: sc16is7xx: set safe default SPI clock frequency
     - spi: introduce SPI_MODE_X_MASK macro
     - serial: sc16is7xx: add check for unsupported SPI modes during probe
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - rpmsg: virtio: Free driver_override when rpmsg_remove()
     - parisc/firmware: Fix F-extend for PDC addresses
     - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
     - mmc: core: Use mrq.sbc in close-ended ffu
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mtd: spinand: macronix: Fix MX35LFxGE4AD page size
     - fs: add mode_strip_sgid() helper
     - fs: move S_ISGID stripping into the vfs_*() helpers
     - powerpc: Use always instead of always-y in for crtsavres.o
     - x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5: Use kfree(ft->g) in arfs_create_groups()
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - rbd: don't move requests to the running list on errors
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - x86/entry/ia32: Ensure s32 is sign extended to s64
     - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
     - powerpc: Fix build error due to is_valid_bugaddr()
     - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
     - powerpc: pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - powerpc/lib: Validate size for vector operations
     - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - s390/ptrace: handle setting of fpc register correctly
     - KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - selftests/bpf: satisfy compiler by having explicit return in btf test
     - selftests/bpf: Fix pyperf180 compilation failure with clang18
    

Source diff to previous version
1786013 Packaging resync
2055083 Drop fips-checks script from trees
2059143 Remove getabis scripts
2058948 Focal update: v5.4.269 upstream stable release
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2024-26589 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check

Version: 5.4.0-176.196 2024-03-22 20:08:53 UTC

 linux (5.4.0-176.196) focal; urgency=medium
 .
   * focal/linux: 5.4.0-176.196 -proposed tracker (LP: #2058756)
 .
   * Problems with HVCS and hotplugging (LP: #2056373)
     - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry
     - powerpc/pseries: Fix of_read_drc_info_cell() to point at next record
     - hvcs: Fix hvcs port reference counting
     - hvcs: Use dev_groups to manage hvcs device attributes
     - hvcs: Use driver groups to manage driver attributes
     - hvcs: Get reference to tty in remove
     - hvcs: Use vhangup in hotplug remove
     - hvcs: Synchronize hotplug remove with port free
 .

Source diff to previous version
2056373 Problems with HVCS and hotplugging

Version: 5.4.0-175.195 2024-03-07 21:08:47 UTC

 linux (5.4.0-175.195) focal; urgency=medium
 .
   * focal/linux: 5.4.0-175.195 -proposed tracker (LP: #2055684)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
     - [Packaging] update annotations scripts
     - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
 .
   * Drop ABI checks from kernel build (LP: #2055686)
     - [Packaging] Remove in-tree abi checks
     - [Packaging] Bring back install- prerequisite for checks-
     - [Packaging] Remove abi-check from final-checks
 .
   * Cranky update-dkms-versions rollout (LP: #2055685)
     - [Packaging] remove update-dkms-versions
     - Move debian/dkms-versions to debian.master/dkms-versions
     - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
     - [Packaging] remove update-version-dkms
 .
   * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
     - [Packaging] rules: Put usbip manpages in the correct directory
 .
   * CVE-2024-23851
     - dm ioctl: log an error if the ioctl structure is corrupted
     - dm: limit the number of targets and parameter size area
 .
   * Focal update: v5.4.268 upstream stable release (LP: #2055075)
     - f2fs: explicitly null-terminate the xattr list
     - pinctrl: lochnagar: Don't build on MIPS
     - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
     - ASoC: Intel: Skylake: Fix mem leak in few functions
     - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
       __be16
     - ASoC: Intel: Skylake: mem leak in skl register function
     - ASoC: cs43130: Fix the position of const qualifier
     - ASoC: cs43130: Fix incorrect frame delay configuration
     - ASoC: rt5650: add mutex to avoid the jack detection failure
     - nouveau/tu102: flush all pdbs on vmm flush
     - net/tg3: fix race condition in tg3_reset_task()
     - ASoC: da7219: Support low DC impedance headset
     - nvme: introduce helper function to get ctrl state
     - drm/exynos: fix a potential error pointer dereference
     - drm/exynos: fix a wrong error checking
     - clk: rockchip: rk3128: Fix HCLK_OTG gate register
     - jbd2: correct the printing of write_flags in jbd2_write_superblock()
     - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
     - neighbour: Don't let neigh_forced_gc() disable preemption for long
     - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
     - tracing: Add size check when printing trace_marker output
     - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
       NMI
     - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
     - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
     - Input: i8042 - add nomux quirk for Acer P459-G2-M
     - s390/scm: fix virtual vs physical address confusion
     - ARC: fix spare error
     - Input: xpad - add Razer Wolverine V2 support
     - ARM: sun9i: smp: fix return code check of of_property_match_string
     - drm/crtc: fix uninitialized variable use
     - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
     - binder: use EPOLLERR from eventpoll.h
     - binder: fix trivial typo of binder_free_buf_locked()
     - binder: fix comment on binder_alloc_new_buf() return value
     - uio: Fix use-after-free in uio_open
     - parport: parport_serial: Add Brainboxes BAR details
     - parport: parport_serial: Add Brainboxes device IDs and geometry
     - coresight: etm4x: Fix width of CCITMIN field
     - x86/lib: Fix overflow when counting digits
     - EDAC/thunderx: Fix possible out-of-bounds string access
     - powerpc: add crtsavres.o to always-y instead of extra-y
     - powerpc/44x: select I2C for CURRITUCK
     - powerpc/pseries/memhotplug: Quieten some DLPAR operations
     - powerpc/pseries/memhp: Fix access beyond end of drmem array
     - selftests/powerpc: Fix error handling in FPU/VMX preemption tests
     - powerpc/powernv: Add a null pointer check to scom_debug_init_one()
     - powerpc/powernv: Add a null pointer check in opal_event_init()
     - powerpc/powernv: Add a null pointer check in opal_powercap_init()
     - powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
     - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response
     - ACPI: video: check for error while searching for backlight device parent
     - ACPI: LPIT: Avoid u32 multiplication overflow
     - net: netlabel: Fix kerneldoc warnings
     - netlabel: remove unused parameter in netlbl_netlink_auditinfo()
     - calipso: fix memory leak in netlbl_calipso_add_pass()
     - spi: sh-msiof: Enforce fixed DTDL for R-Car H3
     - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
     - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
     - crypto: virtio - Handle dataq logic with tasklet
     - crypto: virtio - don't use 'default m'
     - virtio_crypto: Introduce VIRTIO_CRYPTO_NOSPC
     - crypto: ccp - fix memleak in ccp_init_dm_workarea
     - crypto: af_alg - Disallow multiple in-flight AIO requests
     - crypto: sahara - remove FLAGS_NEW_KEY logic
     - crypto: sahara - fix ahash selftest failure
     - crypto: sahara - fix processing requests with cryptlen < sg->length
     - crypto: sahara - fix error handling in sahara_hw_descriptor_create()
     - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
     - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
     - crypto: virtio - Wait for tasklet to complete on device remove
     - crypto: sahara - fix ahash reqsize
     - crypto: sahara - fix wait_for_completion_timeout() error handling
     - crypto: sahara - improve error handling in sahara_sha_process()
     - crypto: sahara - fix processing hash requests with req->nbytes < sg->length
     - crypto: sahara - do not resize req->src when doing hash operations
     - crypto: scomp - fix req->dst buffer overflow
     

Source diff to previous version
1786013 Packaging resync
2055686 Drop ABI checks from kernel build
2055685 Cranky update-dkms-versions rollout
2054094 linux-tools-common: man page of usbip[d] is misplaced
2055075 Focal update: v5.4.268 upstream stable release
2054406 Focal update: v5.4.267 upstream stable release
2051655 Focal update: v5.4.266 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-23004 In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a

Version: 5.4.0-175.194 2024-03-06 13:09:41 UTC

 linux (5.4.0-175.194) focal; urgency=medium
 .
   * focal/linux: 5.4.0-175.194 -proposed tracker (LP: #2055684)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
     - [Packaging] update annotations scripts
     - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
 .
   * Drop ABI checks from kernel build (LP: #2055686)
     - [Packaging] Remove in-tree abi checks
     - [Packaging] Bring back install- prerequisite for checks-
     - [Packaging] Remove abi-check from final-checks
 .
   * Cranky update-dkms-versions rollout (LP: #2055685)
     - [Packaging] remove update-dkms-versions
     - Move debian/dkms-versions to debian.master/dkms-versions
     - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
     - [Packaging] remove update-version-dkms
 .
   * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
     - [Packaging] rules: Put usbip manpages in the correct directory
 .
   * CVE-2024-23851
     - dm ioctl: log an error if the ioctl structure is corrupted
     - dm: limit the number of targets and parameter size area
 .
   * CVE-2023-39198
     - drm/qxl: remove _unlocked suffix in drm_gem_object_put_unlocked
     - drm/qxl: allocate dumb buffers in ram
     - drm/qxl: fix UAF on handle creation
 .
   * Focal update: v5.4.268 upstream stable release (LP: #2055075)
     - f2fs: explicitly null-terminate the xattr list
     - pinctrl: lochnagar: Don't build on MIPS
     - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
     - ASoC: Intel: Skylake: Fix mem leak in few functions
     - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
       __be16
     - ASoC: Intel: Skylake: mem leak in skl register function
     - ASoC: cs43130: Fix the position of const qualifier
     - ASoC: cs43130: Fix incorrect frame delay configuration
     - ASoC: rt5650: add mutex to avoid the jack detection failure
     - nouveau/tu102: flush all pdbs on vmm flush
     - net/tg3: fix race condition in tg3_reset_task()
     - ASoC: da7219: Support low DC impedance headset
     - nvme: introduce helper function to get ctrl state
     - drm/exynos: fix a potential error pointer dereference
     - drm/exynos: fix a wrong error checking
     - clk: rockchip: rk3128: Fix HCLK_OTG gate register
     - jbd2: correct the printing of write_flags in jbd2_write_superblock()
     - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
     - neighbour: Don't let neigh_forced_gc() disable preemption for long
     - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
     - tracing: Add size check when printing trace_marker output
     - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
       NMI
     - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
     - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
     - Input: i8042 - add nomux quirk for Acer P459-G2-M
     - s390/scm: fix virtual vs physical address confusion
     - ARC: fix spare error
     - Input: xpad - add Razer Wolverine V2 support
     - ARM: sun9i: smp: fix return code check of of_property_match_string
     - drm/crtc: fix uninitialized variable use
     - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
     - binder: use EPOLLERR from eventpoll.h
     - binder: fix trivial typo of binder_free_buf_locked()
     - binder: fix comment on binder_alloc_new_buf() return value
     - uio: Fix use-after-free in uio_open
     - parport: parport_serial: Add Brainboxes BAR details
     - parport: parport_serial: Add Brainboxes device IDs and geometry
     - coresight: etm4x: Fix width of CCITMIN field
     - x86/lib: Fix overflow when counting digits
     - EDAC/thunderx: Fix possible out-of-bounds string access
     - powerpc: add crtsavres.o to always-y instead of extra-y
     - powerpc/44x: select I2C for CURRITUCK
     - powerpc/pseries/memhotplug: Quieten some DLPAR operations
     - powerpc/pseries/memhp: Fix access beyond end of drmem array
     - selftests/powerpc: Fix error handling in FPU/VMX preemption tests
     - powerpc/powernv: Add a null pointer check to scom_debug_init_one()
     - powerpc/powernv: Add a null pointer check in opal_event_init()
     - powerpc/powernv: Add a null pointer check in opal_powercap_init()
     - powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
     - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response
     - ACPI: video: check for error while searching for backlight device parent
     - ACPI: LPIT: Avoid u32 multiplication overflow
     - net: netlabel: Fix kerneldoc warnings
     - netlabel: remove unused parameter in netlbl_netlink_auditinfo()
     - calipso: fix memory leak in netlbl_calipso_add_pass()
     - spi: sh-msiof: Enforce fixed DTDL for R-Car H3
     - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
     - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
     - crypto: virtio - Handle dataq logic with tasklet
     - crypto: virtio - don't use 'default m'
     - virtio_crypto: Introduce VIRTIO_CRYPTO_NOSPC
     - crypto: ccp - fix memleak in ccp_init_dm_workarea
     - crypto: af_alg - Disallow multiple in-flight AIO requests
     - crypto: sahara - remove FLAGS_NEW_KEY logic
     - crypto: sahara - fix ahash selftest failure
     - crypto: sahara - fix processing requests with cryptlen < sg->length
     - crypto: sahara - fix error handling in sahara_hw_descriptor_create()
     - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
     - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
     - crypto: virtio - Wait for tasklet to complete on device remove
     - crypto: sahara - fix ahash reqsize
     - crypto: sahara - fix wait_for_completion_timeout() error handling
     - crypto: sahara - improve error handling in sahara_sha_process()
     - crypto: sahara - fix processing hash req

Source diff to previous version
1786013 Packaging resync
2055686 Drop ABI checks from kernel build
2055685 Cranky update-dkms-versions rollout
2054094 linux-tools-common: man page of usbip[d] is misplaced
2055075 Focal update: v5.4.268 upstream stable release
2054406 Focal update: v5.4.267 upstream stable release
2051655 Focal update: v5.4.266 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2023-39198 A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_o
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-23004 In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a

Version: 5.4.0-175.193 2024-03-05 20:08:50 UTC

 linux (5.4.0-175.193) focal; urgency=medium
 .
   * focal/linux: 5.4.0-175.193 -proposed tracker (LP: #2055684)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
     - [Packaging] update annotations scripts
     - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
 .
   * Drop ABI checks from kernel build (LP: #2055686)
     - [Packaging] Remove in-tree abi checks
     - [Packaging] Bring back install- prerequisite for checks-
     - [Packaging] Remove abi-check from final-checks
 .
   * Cranky update-dkms-versions rollout (LP: #2055685)
     - [Packaging] remove update-dkms-versions
     - Move debian/dkms-versions to debian.master/dkms-versions
     - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
     - [Packaging] remove update-version-dkms
 .
   * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
     - [Packaging] rules: Put usbip manpages in the correct directory
 .
   * CVE-2024-23851
     - dm ioctl: log an error if the ioctl structure is corrupted
     - dm: limit the number of targets and parameter size area
 .
   * CVE-2023-39198
     - drm/qxl: remove _unlocked suffix in drm_gem_object_put_unlocked
     - drm/qxl: fix UAF on handle creation
 .
   * CVE-2023-39891
     - drm/qxl: allocate dumb buffers in ram
 .
   * Focal update: v5.4.268 upstream stable release (LP: #2055075)
     - f2fs: explicitly null-terminate the xattr list
     - pinctrl: lochnagar: Don't build on MIPS
     - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
     - ASoC: Intel: Skylake: Fix mem leak in few functions
     - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
       __be16
     - ASoC: Intel: Skylake: mem leak in skl register function
     - ASoC: cs43130: Fix the position of const qualifier
     - ASoC: cs43130: Fix incorrect frame delay configuration
     - ASoC: rt5650: add mutex to avoid the jack detection failure
     - nouveau/tu102: flush all pdbs on vmm flush
     - net/tg3: fix race condition in tg3_reset_task()
     - ASoC: da7219: Support low DC impedance headset
     - nvme: introduce helper function to get ctrl state
     - drm/exynos: fix a potential error pointer dereference
     - drm/exynos: fix a wrong error checking
     - clk: rockchip: rk3128: Fix HCLK_OTG gate register
     - jbd2: correct the printing of write_flags in jbd2_write_superblock()
     - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
     - neighbour: Don't let neigh_forced_gc() disable preemption for long
     - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
     - tracing: Add size check when printing trace_marker output
     - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
       NMI
     - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
     - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
     - Input: i8042 - add nomux quirk for Acer P459-G2-M
     - s390/scm: fix virtual vs physical address confusion
     - ARC: fix spare error
     - Input: xpad - add Razer Wolverine V2 support
     - ARM: sun9i: smp: fix return code check of of_property_match_string
     - drm/crtc: fix uninitialized variable use
     - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
     - binder: use EPOLLERR from eventpoll.h
     - binder: fix trivial typo of binder_free_buf_locked()
     - binder: fix comment on binder_alloc_new_buf() return value
     - uio: Fix use-after-free in uio_open
     - parport: parport_serial: Add Brainboxes BAR details
     - parport: parport_serial: Add Brainboxes device IDs and geometry
     - coresight: etm4x: Fix width of CCITMIN field
     - x86/lib: Fix overflow when counting digits
     - EDAC/thunderx: Fix possible out-of-bounds string access
     - powerpc: add crtsavres.o to always-y instead of extra-y
     - powerpc/44x: select I2C for CURRITUCK
     - powerpc/pseries/memhotplug: Quieten some DLPAR operations
     - powerpc/pseries/memhp: Fix access beyond end of drmem array
     - selftests/powerpc: Fix error handling in FPU/VMX preemption tests
     - powerpc/powernv: Add a null pointer check to scom_debug_init_one()
     - powerpc/powernv: Add a null pointer check in opal_event_init()
     - powerpc/powernv: Add a null pointer check in opal_powercap_init()
     - powerpc/imc-pmu: Add a null pointer check in update_events_in_group()
     - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response
     - ACPI: video: check for error while searching for backlight device parent
     - ACPI: LPIT: Avoid u32 multiplication overflow
     - net: netlabel: Fix kerneldoc warnings
     - netlabel: remove unused parameter in netlbl_netlink_auditinfo()
     - calipso: fix memory leak in netlbl_calipso_add_pass()
     - spi: sh-msiof: Enforce fixed DTDL for R-Car H3
     - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
     - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
     - crypto: virtio - Handle dataq logic with tasklet
     - crypto: virtio - don't use 'default m'
     - virtio_crypto: Introduce VIRTIO_CRYPTO_NOSPC
     - crypto: ccp - fix memleak in ccp_init_dm_workarea
     - crypto: af_alg - Disallow multiple in-flight AIO requests
     - crypto: sahara - remove FLAGS_NEW_KEY logic
     - crypto: sahara - fix ahash selftest failure
     - crypto: sahara - fix processing requests with cryptlen < sg->length
     - crypto: sahara - fix error handling in sahara_hw_descriptor_create()
     - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
     - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
     - crypto: virtio - Wait for tasklet to complete on device remove
     - crypto: sahara - fix ahash reqsize
     - crypto: sahara - fix wait_for_completion_timeout() error handling
     - crypto: sahara - improve error handling in sahara_sha_process()
     - crypto: sahara -

1786013 Packaging resync
2055686 Drop ABI checks from kernel build
2055685 Cranky update-dkms-versions rollout
2054094 linux-tools-common: man page of usbip[d] is misplaced
2055075 Focal update: v5.4.268 upstream stable release
2054406 Focal update: v5.4.267 upstream stable release
2051655 Focal update: v5.4.266 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2023-39198 A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_o
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-23004 In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2024-0607 A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a



About   -   Send Feedback to @ubuntu_updates