UbuntuUpdates.org

Package "linux-modules-extra-5.15.0-1072-azure"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-modules-extra-5.15.0-1072-azure

Description:

Linux kernel extra modules for version 5.15.0 on 64 bit x86 SMP

Latest version: 5.15.0-1072.81~20.04.1
Release: focal (20.04)
Level: base
Repository: main
Head package: linux-azure-5.15

Links


Download "linux-modules-extra-5.15.0-1072-azure"


Other versions of "linux-modules-extra-5.15.0-1072-azure" in Focal

Repository Area Version
security main 5.15.0-1072.81~20.04.1
updates main 5.15.0-1072.81~20.04.1

Changelog

Version: 5.15.0-1072.81~20.04.1 2024-08-20 06:12:09 UTC

 linux-azure-5.15 (5.15.0-1072.81~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1072.81~20.04.1 -proposed tracker
     (LP: #2075857)
 .
   [ Ubuntu: 5.15.0-1072.81 ]
 .
   * jammy/linux-azure: 5.15.0-1072.81 -proposed tracker (LP: #2075858)
   * kernel panic was caused by a fatal exception due to a null pointer
     dereference in the iptable_nat module (LP: #2076291)
     - netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
   * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
   * jammy:linux bpf selftest do not build (LP: #2076334)
     - SAUCE: Revert "bpf: Allow reads from uninit stack"
   * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.08.05)
   * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
     - Compiler Attributes: Add __uninitialized macro
     - locking/mutex: Introduce devm_mutex_init()
     - drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - wifi: mt76: replace skb_put with skb_put_zero
     - net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - igc: fix a log entry using uninitialized netdev
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - s390/pkey: Wipe sensitive data on failure
     - tools/power turbostat: Remember global max_die_id
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - KVM: s390: fix LPSWEY handling
     - e1000e: Fix S0ix residency on corporate systems
     - net: allow skb_datagram_iter to be called from any context
     - wifi: wilc1000: fix ies_len type in connect path
     - riscv: kexec: Avoid deadlock in kexec crash path
     - netfilter: nf_tables: unconditionally flush pending work before notifier
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
     - selftests: fix OOM in msg_zerocopy selftest
     - selftests: make order checking verbose in msg_zerocopy selftest
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - gpiolib: of: factor out code overriding gpio line polarity
     - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
     - gpiolib: of: add polarity quirk for TSC2005
     - Revert "igc: fix a log entry using uninitialized netdev"
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - btrfs: fix adding block group to a reclaim list and the unused list during
       reclaim
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Ensure ECC configuration is propagated to upper layers
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - mtd: rawnand: rockchip: ensure NVDDR timings are rejected
     - ima: Avoid blocking in RCU read-side critical section
     - media: dw2102: fix a potential buffer overflow
     - clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - fs/ntfs3: Mark volume as dirty if xattr is broken
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - dma-mapping: benchmark: avoid needless copy_to_user if benchmark fails
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - regmap-i2c: Subtract reg size from max_write
     - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
       tablet
     - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nfc/nci: Add the inconsistency check between the input data length and count
     - null_blk: Do not allow runt zone with zone capacity smaller then zone size
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NU

Source diff to previous version
2076291 kernel panic was caused by a fatal exception due to a null pointer dereference in the iptable_nat module
2076334 jammy:linux bpf selftest do not build
1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori

Version: 5.15.0-1070.79~20.04.1 2024-07-30 18:11:26 UTC

 linux-azure-5.15 (5.15.0-1070.79~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1070.79~20.04.1 -proposed tracker
     (LP: #2072208)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure-5.15/dkms-versions -- update from kernel-versions
       (main/2024.07.08)
 .
   [ Ubuntu: 5.15.0-1070.79 ]
 .
   * jammy/linux-azure: 5.15.0-1070.79 -proposed tracker (LP: #2072209)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
       (main/2024.07.08)
   * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
   * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
     - drm/amd/display: Fix division by zero in setup_dsc_config
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - nfsd: don't allow nfsd threads to be signalled.
     - KEYS: trusted: Fix memory leak in tpm2_key_encode()
     - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
     - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - net: bcmgenet: synchronize UMAC_CMD access
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - netlink: annotate data-races around sk->sk_err
     - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper()
     - binder: fix max_thread type inconsistency
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
     - KEYS: trusted: Do not use WARN when encode fails
     - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
     - docs: kernel_include.py: Cope with docutils 0.21
     - Linux 5.15.160
   * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
     - dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
     - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
     - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition
     - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
     - pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
     - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
     - pinctrl: mediatek: paris: Rework support for
       PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - power: rt9455: hide unused rt9455_boost_voltage_values
     - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - regulator: mt6360: De-capitalize devicetree regulator subnodes
     - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
     - bpf: Fix a verifier verbose message
     - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
     - s390/mm: Fix storage key clearing for guest huge pages
     - s390/mm: Fix clearing storage keys for huge pages
     - xdp: Move conversion to xdp_frame out of map functions
     - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
     - xdp: use flags field to disambiguate broadcast redirect
     - bna: ensure the copied buf is NUL terminated
     - octeontx2-af: avoid off-by-one read from userspace
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - s390/vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - ASoC: meson: axg-fifo: use FIELD helpers
     - ASoC: meson: axg-fifo: use threaded irq to check periods
     - ASoC: meson: axg-card: make links nonatomic
     - ASoC: meson: axg-tdm-interface: manage formatters in trigger
     - ASoC: meson: cards: select SND_DYNAMIC_MINORS
     - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
     - s390/cio: Ensure the copied buf is NUL terminated
     - cxgb4: Properly lock TX queue for the selftest.
     - net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - tipc: fix a possible memleak in tipc_buf_append
     - s390/qeth: don't keep track of Input Queue count
     - s390/qeth: Fix kernel panic after setting hsuid
     - drm/panel: ili9341: Respect deferred probe
     - drm/panel: ili9341: Use predefined error codes
     - net: gro: add flush check in udp_gro_receive_segment
     - clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
     - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
     - scsi: lpf

Source diff to previous version
1786013 Packaging resync
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following

Version: 5.15.0-1068.77~20.04.1 2024-06-22 00:11:29 UTC

 linux-azure-5.15 (5.15.0-1068.77~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1068.77~20.04.1 -proposed tracker
     (LP: #2068349)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure-5.15/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
 .
   [ Ubuntu: 5.15.0-1068.77 ]
 .
   * jammy/linux-azure: 5.15.0-1068.77 -proposed tracker (LP: #2068350)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * Backport request for Ubuntu 5.15 kernels - CIFS Issue (LP: #2070076)
     - keys: Fix overwrite of key expiration on instantiation
   * Azure: Fix hibernation failure (LP: #2069749)
     - drm: Check output polling initialized before disabling
     - drm: Check polling initialized before enabling in
       drm_helper_probe_single_connector_modes
   * Hairpinning Issue on AKS with Latest Linux Stable Kernels (LP: #2070072)
     - SAUCE: Revert "netfilter: br_netfilter: skip conntrack input hook for
       promisc packets"
   * Azure: net: mana: Fix Rx DMA datasize and skb_over_panic (LP: #2066992)
     - net: mana: Fix Rx DMA datasize and skb_over_panic
   * Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
     (LP: #2066982)
     - net: mana: Enable MANA driver on ARM64 with 4K page size
   * jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * Jammy update: v5.15.158 upstream stable release (LP: #2067974)
     - smb: client: fix rename(2) regression against samba
     - cifs: reinstate original behavior again for forceuid/forcegid
     - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
     - HID: logitech-dj: allow mice to use all types of reports
     - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
     - arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
     - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
     - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
     - arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
     - arm64: dts: mediatek: mt7622: add support for coherent DMA
     - arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
     - arm64: dts: mediatek: mt7622: fix clock controllers
     - arm64: dts: mediatek: mt7622: fix IR nodename
     - arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
     - arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
     - arm64: dts: mediatek: mt2712: fix validation errors
     - ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
     - vxlan: drop packets from invalid src-address
     - mlxsw: core: Unregister EMAD trap using FORWARD action
     - icmp: prevent possible NULL dereferences from icmp_build_probe()
     - bridge/br_netlink.c: no need to return void function
     - NFC: trf7970a: disable all regulators on removal
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
     - mlxsw: spectrum_acl_tcam: Rate limit error message
     - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
     - mlxsw: spectrum_acl_tcam: Fix warning during rehash
     - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
     - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - serial: mxs-auart: add spinlock around changing cts state
     - drm-print: add drm_dbg_driver to improve namespace symmetry
     - drm/vmwgfx: Fix crtc's atomic check conditional
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - x86/cpu: Fix check for RDPKRU in __show_regs()
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - Bluetooth: qca: fix NULL-deref on non-serdev suspend
     - mmc: sdhci-msm: pervent access to suspended controller
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - [Configs] Update CPU mitigation configs
     - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: res

Source diff to previous version
1786013 Packaging resync
2070076 Backport request for Ubuntu 5.15 kernels - CIFS Issue
2069749 Azure: Fix hibernation failure
2070072 Hairpinning Issue on AKS with Latest Linux Stable Kernels
2066992 Azure: net: mana: Fix Rx DMA datasize and skb_over_panic
2066982 Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-1065.74~20.04.1 2024-05-20 14:08:55 UTC

 linux-azure-5.15 (5.15.0-1065.74~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1065.74~20.04.1 -proposed tracker
     (LP: #2063716)
 .
   [ Ubuntu: 5.15.0-1065.74 ]
 .
   * jammy/linux-azure: 5.15.0-1065.74 -proposed tracker (LP: #2063717)
   * Azure: Update CIFS to 5.15-backport-1-24-24 (LP: #2064514)
     - SAUCE: cifs: correcting entry
     - cifs: is_network_name_deleted should return a bool
     - cifs: fix charset issue in reconnection
     - cifs: update the ctime on a partial page write
     - smb: client: introduce DFS_CACHE_TGT_LIST()
     - smb: client: ensure to try all targets when finding nested links
     - smb: client: move some params to cifs_open_info_data
     - smb: client: make smb2_compound_op() return resp buffer on success
     - smb: client: rename cifs_dfs_ref.c to namespace.c
     - smb: client: get rid of dfs naming in automount code
     - smb: client: get rid of dfs code dep in namespace.c
     - smb: client: parse reparse point flag in create response
     - smb: client: do not query reparse points twice on symlinks
     - smb: client: query reparse points in older dialects
     - smb: cilent: set reparse mount points as automounts
     - smb: client: reduce stack usage in cifs_try_adding_channels()
     - smb: client: reduce stack usage in cifs_demultiplex_thread()
     - smb: client: reduce stack usage in smb_send_rqst()
     - smb: client: reduce stack usage in smb2_set_ea()
     - smb: client: reduce stack usage in smb2_query_info_compound()
     - smb: client: reduce stack usage in smb2_query_reparse_point()
     - cifs: update desired access while requesting for directory lease
     - send channel sequence number in SMB3 requests after reconnects
     - SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion
     - cifs: Add a laundromat thread for cached directories
     - smb3: allow controlling length of time directory entries are cached with dir
       leases
     - smb3: add trace point for queryfs (statfs)
     - smb3: allow controlling maximum number of cached directories
     - cifs: update internal module version number for cifs.ko
     - smb3: fix minor typo in SMB2_GLOBAL_CAP_LARGE_MTU
     - smb3: move server check earlier when setting channel sequence number
     - smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP
     - smb3: fix some minor typos and repeated words
     - smb3: Add dynamic trace points for RDMA (smbdirect) reconnect
     - smb3: do not start laundromat thread when dir leases disabled
     - cifs: Fix UAF in cifs_demultiplex_thread()
     - smb3: remove duplicate error mapping
     - smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
     - smb3: fix confusing debug message
     - fs/smb/client: Reset password pointer to NULL
     - smb: client: do not start laundromat thread on nohandlecache
     - smb: client: make laundromat a delayed worker
     - smb: client: prevent new fids from being removed by laundromat
     - smb3: fix touch -h of symlink
     - cifs: Add client version details to NTLM authenticate message
     - SMB3: clarify some of the unused CreateOption flags
     - Add definition for new smb3.1.1 command type
     - smb3: fix creating FIFOs when mounting with "sfu" mount option
     - smb: client: fix potential deadlock when releasing mids
     - smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
     - smb: use crypto_shash_digest() in symlink_hash()
     - cifs: print server capabilities in DebugData
     - cifs: add xid to query server interface call
     - smb: client: remove extra @chan_count check in __cifs_put_smb_ses()
     - smb: client: fix use-after-free in smb2_query_info_compound()
     - cifs: reconnect helper should set reconnect for the right channel
     - cifs: do not reset chan_max if multichannel is not supported at mount
     - cifs: force interface update before a fresh session setup
     - smb3: minor RDMA cleanup
     - smb3: more minor cleanups for session handling routines
     - cifs: handle cases where a channel is closed
     - cifs: distribute channels across interfaces based on speed
     - cifs: account for primary channel in the interface list
     - cifs: do not pass cifs_sb when trying to add channels
     - cifs: reconnect work should have reference on server struct
     - smb3: minor cleanup of session handling code
     - smb3: fix caching of ctime on setxattr
     - smb: client: fix mount when dns_resolver key is not available
     - smb3: allow dumping session and tcon id to improve stats analysis and
       debugging
     - Missing field not being returned in ioctl CIFS_IOC_GET_MNT_INFO
     - cifs: handle when server starts supporting multichannel
     - cifs: handle when server stops supporting multichannel
     - cifs: update internal module version number for cifs.ko
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - cifs: fix leak of iface for primary channel
     - cifs: fix lock ordering while disabling multichannel
     - cifs: fix use after free for iface while disabling secondary channels
     - smb: client: implement ->query_reparse_point() for SMB1
     - smb: client: introduce ->parse_reparse_point()
     - smb: client: set correct file type from NFS reparse points
     - smb: client: introduce cifs_sfu_make_node()
     - smb: client: fix missing mode bits for SMB symlinks
     - smb: client: report correct st_size for SMB and NFS symlinks
     - cifs: Fix FALLOC_FL_ZERO_RANGE by setting i_size if EOF moved
     - cifs: Fix FALLOC_FL_INSERT_RANGE by setting i_size after EOF moved
     - smb: client, common: fix fortify warnings
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
     - cifs: Fix non-availability of dedup breaking generic/304
     - Revert "cifs: reconnect work should have reference on server struct"
     - cifs: reconnect worker should take reference on server struct
       u

Source diff to previous version
2064514 Azure: Update CIFS to 5.15-backport-1-24-24
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(

Version: 5.15.0-1063.72~20.04.1 2024-04-17 18:08:54 UTC

 linux-azure-5.15 (5.15.0-1063.72~20.04.1) focal; urgency=medium
 .
   * focal/linux-azure-5.15: 5.15.0-1063.72~20.04.1 -proposed tracker
     (LP: #2061766)
 .
   [ Ubuntu: 5.15.0-1063.72 ]
 .
   * jammy/linux-azure: 5.15.0-1063.72 -proposed tracker (LP: #2061767)
   * Packaging resync (LP: #1786013)
     - [Packaging] drop getabis data
   * Azure: Network doesn't get configured after triggering kdump (LP: #2054855)
     - Drivers: hv: Always reserve framebuffer region for Gen1 VMs
   * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
   * CVE-2024-2201
     - x86/bugs: Use sysfs_emit()
     - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
     - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
     - KVM: x86: Use a switch statement and macros in __feature_translate()
     - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
     - x86/syscall: Don't force use of indirect calls for system calls
     - x86/bhi: Add support for clearing branch history at syscall entry
     - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
     - x86/bhi: Enumerate Branch History Injection (BHI) bug
     - x86/bhi: Add BHI mitigation knob
     - x86/bhi: Mitigate KVM by default
     - KVM: x86: Add BHI_NO
     - [Config] Set CONFIG_BHI to enabled (auto)
   * Drop fips-checks script from trees (LP: #2055083)
     - [Packaging] Remove fips-checks script
   * alsa/realtek: adjust max output valume for headphone on 2 LG machines
     (LP: #2058573)
     - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
   * A general-proteciton exception during guest migration to unsupported PKRU
     machine (LP: #2032164)
     - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
     - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
   * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
     counter (LP: #2058485)
     - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
     - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
     - ipc: Store mqueue sysctls in the ipc namespace
     - ipc: Store ipc sysctls in the ipc namespace
     - ipc: Use the same namespace to modify and validate
     - ipc: Remove extra1 field abuse to pass ipc namespace
     - ipc: Check permissions for checkpoint_restart sysctls at open time
     - percpu: add percpu_counter_add_local and percpu_counter_sub_local
     - ipc/msg: mitigate the lock contention with percpu counter
   * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
     - ksmbd: free ppace array on error in parse_dacl
     - ksmbd: don't allow O_TRUNC open on read-only share
     - ksmbd: validate mech token in session setup
     - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
     - ksmbd: only v2 leases handle the directory
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - scsi: ufs: core: Simplify power management during async scan
     - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - btrfs: sysfs: validate scrub_speed_max value
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - crypto: s390/aes - Fix buffer overread in CTR mode
     - media: imx355: Enable runtime PM before registering async sub-device
     - rpmsg: virtio: Free driver_override when rpmsg_remove()
     - media: ov9734: Enable runtime PM before registering async sub-device
     - mips: Fix max_mapnr being uninitialized on early stages
     - bus: mhi: host: Drop chan lock before queuing buffers
     - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
     - parisc/firmware: Fix F-extend for PDC addresses
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
     - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - ksmbd: set v2 lease version on lease upgrade
     - ksmbd: fix potential circular locking issue in smb2_set_ea()
     - ksmbd: don't increment epoch if current state and request state are same
     - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
     - ksmbd: Add missing set_freezable() for freezable kthread
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue

1786013 Packaging resync
2054855 Azure: Network doesn't get configured after triggering kdump
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
2060780 CIFS stopped working/is unstable with kernel update to 5.15.0-102.112
CVE-2024-2201 Native Branch History Injection
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.



About   -   Send Feedback to @ubuntu_updates