UbuntuUpdates.org

Package "linux-headers-5.15.0-127"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-headers-5.15.0-127

Description:

Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-127.137
Release: jammy (22.04)
Level: base
Repository: main
Head package: linux

Links


Download "linux-headers-5.15.0-127"


Other versions of "linux-headers-5.15.0-127" in Jammy

Repository Area Version
proposed main 5.15.0-127.137

Changelog

Version: 5.15.0-127.137 2024-11-08 19:08:30 UTC

 linux (5.15.0-127.137) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-127.137 -proposed tracker (LP: #2086357)
 .
   * Jammy update: v5.15.168 upstream stable release (LP: #2086242)
     - parisc: Fix 64-bit userspace syscall path
     - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
     - of/irq: Support #msi-cells=<0> in of_msi_get_domain
     - drm: omapdrm: Add missing check for alloc_ordered_workqueue
     - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
     - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
     - mm: krealloc: consider spare memory for __GFP_ZERO
     - ocfs2: fix the la space leak when unmounting an ocfs2 volume
     - ocfs2: fix uninit-value in ocfs2_get_block()
     - ocfs2: reserve space for inline xattr before attaching reflink tree
     - ocfs2: cancel dqi_sync_work before freeing oinfo
     - ocfs2: remove unreasonable unlock in ocfs2_read_blocks
     - ocfs2: fix null-ptr-deref when journal load failed.
     - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
     - usbnet: ipheth: fix carrier detection in modes 1 and 4
     - net: ethernet: use ip_hdrlen() instead of bit shift
     - net: phy: vitesse: repair vsc73xx autonegotiation
     - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
     - btrfs: update target inode's ctime on unlink
     - Input: ads7846 - ratelimit the spi_sync error message
     - Input: synaptics - enable SMBus for HP Elitebook 840 G2
     - HID: multitouch: Add support for GT7868Q
     - scripts: kconfig: merge_config: config files: add a trailing newline
     - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
     - drm/msm/adreno: Fix error return if missing firmware-name
     - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
     - NFSv4: Fix clearing of layout segments in layoutreturn
     - NFS: Avoid unnecessary rescanning of the per-server delegation list
     - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
     - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
     - mptcp: pm: Fix uaf in __timer_delete_sync
     - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
       Puma
     - minmax: reduce min/max macro expansion in atomisp driver
     - net: tighten bad gso csum offset check in virtio_net_hdr
     - mm: avoid leaving partial pfn mappings around in error case
     - fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
     - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
     - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
     - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
     - hwmon: (pmbus) Introduce and use write_byte_data callback
     - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
       1.2
     - ice: fix accounting for filters shared by multiple VSIs
     - igb: Always call igb_xdp_ring_update_tail() under Tx lock
     - net/mlx5e: Add missing link modes to ptys2ethtool_map
     - net/mlx5: Explicitly set scheduling element and TSAR type
     - net/mlx5: Add support to create match definer
     - net/mlx5: Add IFC bits and enums for flow meter
     - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
     - fou: fix initialization of grc
     - octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush
     - octeontx2-af: Modify SMQ flush sequence to drop packets
     - net: ftgmac100: Enable TX interrupt to avoid TX timeout
     - netfilter: nft_socket: fix sk refcount leaks
     - net: dpaa: Pad packets to ETH_ZLEN
     - spi: nxp-fspi: fix the KASAN report out-of-bounds bug
     - dma-buf: heaps: Fix off-by-one in CMA heap fault handler
     - ASoC: meson: axg-card: fix 'use-after-free'
     - ASoC: allow module autoloading for table db1200_pids
     - ALSA: hda/realtek - Fixed ALC256 headphone no sound
     - ALSA: hda/realtek - FIxed ALC285 headphone no sound
     - scsi: lpfc: Fix overflow build issue
     - pinctrl: at91: make it work with current gpiolib
     - microblaze: don't treat zero reserved memory regions as error
     - net: ftgmac100: Ensure tx descriptor updates are visible
     - wifi: iwlwifi: lower message level for FW buffer destination
     - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation
     - wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
     - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
     - wifi: iwlwifi: clear trans->state earlier upon error
     - ASoC: intel: fix module autoloading
     - ASoC: tda7419: fix module autoloading
     - spi: spidev: Add an entry for elgin,jg10309-01
     - drm: komeda: Fix an issue related to normalized zpos
     - spi: bcm63xx: Enable module autoloading
     - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
     - spi: spidev: Add missing spi_device_id for jg10309-01
     - ocfs2: add bounds checking to ocfs2_xattr_find_entry()
     - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
     - cgroup: Make operations on the cgroup root_list RCU safe
     - Revert "wifi: cfg80211: check wiphy mutex is held for wdev mutex"
     - gpio: prevent potential speculation leaks in gpio_device_get_desc()
     - gpiolib: cdev: Ignore reconfiguration without direction
     - cgroup: Move rcu_head up near the top of cgroup_root
     - USB: serial: pl2303: add device id for Macrosilicon MS3020
     - USB: usbtmc: prevent kernel-usb-infoleak
     - EDAC/synopsys: Add support for version 3 of the Synopsys EDAC DDR
     - EDAC/synopsys: Use the correct register to disable the error interrupt on v3
       hw
     - EDAC/synopsys: Re-enable the error interrupts on v3 hw
     - EDAC/synopsys: Fix ECC status and IRQ control race condition
     - EDAC/synopsys: Fix error injection on Zynq UltraScale+
     - wifi: rtw88: always wa

Source diff to previous version
2086242 Jammy update: v5.15.168 upstream stable release
2080378 IOMMU warnings on AMD systems after booting into kdump kernel
2064176 LXD fan bridge causes blocked tasks
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2024-42158 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_exp
CVE-2024-38667 In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52532 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably
CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These thre
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se

Version: 5.15.0-125.135 2024-09-27 16:08:42 UTC

 linux (5.15.0-125.135) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-125.135 -proposed tracker (LP: #2083001)
 .
   * CVE-2024-26800
     - tls: rx: coalesce exit paths in tls_decrypt_sg()
     - tls: separate no-async decryption request handling from async
     - tls: fix use-after-free on failed backlog decryption
 .
   * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
     (LP: #2077321)
     - x86/CPU/AMD: Improve the erratum 1386 workaround
 .
   * Jammy update: v5.15.167 upstream stable release (LP: #2081279)
     - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
     - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
     - ALSA: hda/conexant: Mute speakers at suspend / shutdown
     - i2c: Fix conditional for substituting empty ACPI functions
     - dma-debug: avoid deadlock between dma debug vs printk and netconsole
     - net: usb: qmi_wwan: add MeiG Smart SRM825L
     - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
     - drm/amd/display: Assign linear_pitch_alignment even for VM
     - drm/amdgpu: fix overflowed array index read warning
     - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
     - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
     - drm/amd/pm: fix warning using uninitialized value of max_vid_step
     - drm/amd/pm: fix the Out-of-bounds read warning
     - drm/amdgpu: fix uninitialized scalar variable warning
     - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
     - drm/amdgpu: avoid reading vf2pf info size from FB
     - drm/amd/display: Check gpio_id before used as array index
     - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
     - drm/amd/display: Add array index check for hdcp ddc access
     - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
     - drm/amd/display: Check msg_id before processing transcation
     - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
       dal_gpio_service_create
     - drm/amd/amdgpu: Check tbo resource pointer
     - drm/amdgpu/pm: Fix uninitialized variable warning for smu10
     - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
     - drm/amdgpu: Fix out-of-bounds write warning
     - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
     - drm/amdgpu: fix ucode out-of-bounds read warning
     - drm/amdgpu: fix mc_data out-of-bounds read warning
     - drm/amdkfd: Reconcile the definition and use of oem_id in struct
       kfd_topology_device
     - apparmor: fix possible NULL pointer dereference
     - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
       SOCs
     - drm/amdgpu: fix the waring dereferencing hive
     - drm/amd/pm: check specific index for aldebaran
     - drm/amdgpu: the warning dereferencing obj for nbio_v7_4
     - drm/amd/pm: check negtive return for table entries
     - drm/amdgpu: update type of buf size to u32 for eeprom functions
     - wifi: iwlwifi: remove fw_running op
     - cpufreq: scmi: Avoid overflow of target_freq in fast switch
     - PCI: al: Check IORESOURCE_BUS existence during probe
     - hwspinlock: Introduce hwspin_lock_bust()
     - RDMA/efa: Properly handle unexpected AQ completions
     - ionic: fix potential irq name truncation
     - rcu/nocb: Remove buggy bypass lock contention mitigation
     - usbip: Don't submit special requests twice
     - usb: typec: ucsi: Fix null pointer dereference in trace
     - fsnotify: clear PARENT_WATCHED flags lazily
     - smack: tcp: ipv4, fix incorrect labeling
     - drm/meson: plane: Add error handling
     - drm/bridge: tc358767: Check if fully initialized before signalling HPD event
       via IRQ
     - wifi: cfg80211: make hash table duplicates more survivable
     - block: remove the blk_flush_integrity call in blk_integrity_unregister
     - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
     - media: uvcvideo: Enforce alignment of frame and interval
     - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
     - virtio_net: Fix napi_skb_cache_put warning
     - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
     - ext4: reject casefold inode flag without casefold feature
     - udf: Limit file size to 4TB
     - ext4: handle redirtying in ext4_bio_write_page()
     - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
     - sch/netem: fix use after free in netem_dequeue
     - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
     - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
     - KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
     - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
       devices
     - ALSA: hda/realtek: add patch for internal mic in Lenovo V145
     - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
     - ata: libata: Fix memory leak for error path in ata_host_alloc()
     - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
     - rtmutex: Drop rt_mutex::wait_lock before scheduling
     - nvme-pci: Add sleep quirk for Samsung 990 Evo
     - Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
     - Bluetooth: MGMT: Ignore keys being loaded with invalid type
     - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
     - mmc: sdhci-of-aspeed: fix module autoloading
     - mmc: cqhci: Fix checking of CQHCI_HALT state
     - fuse: update stats for pages in dropped aux writeback list
     - fuse: use unsigned type for getxattr/listxattr size truncation
     - clk: qcom: clk-alpha-pll: Fix the pll post div mask
     - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
     - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
     - tracing: Avoid possible softlockup in tracing_iter_reset()
     - ila: call nf_unregister_net_hooks() sooner
     - sched: sch_c

Source diff to previous version
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-123.133 2024-09-13 17:08:36 UTC

 linux (5.15.0-123.133) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-123.133 -proposed tracker (LP: #2080614)
 .
   * Jammy update: v5.15.166 upstream stable release (LP: #2080594)
     - fuse: Initialize beyond-EOF page contents before setting uptodate
     - char: xillybus: Don't destroy workqueue from work item running on it
     - char: xillybus: Refine workqueue handling
     - char: xillybus: Check USB endpoints when probing device
     - ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET
     - ALSA: usb-audio: Support Yamaha P-125 quirk entry
     - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration
     - thunderbolt: Mark XDomain as unplugged when router is removed
     - s390/dasd: fix error recovery leading to data corruption on ESE devices
     - arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to
       NUMA_NO_NODE
     - dm resume: don't return EINVAL when signalled
     - dm persistent data: fix memory allocation failure
     - vfs: Don't evict inode under the inode lru traversing context
     - fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64()
     - s390/cio: rename bitmap_size() -> idset_bitmap_size()
     - btrfs: rename bitmap_set_bits() -> btrfs_bitmap_set_bits()
     - bitmap: introduce generic optimized bitmap_size()
     - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE
     - selinux: fix potential counting error in avc_add_xperms_decision()
     - btrfs: tree-checker: add dev extent item checks
     - drm/amdgpu: Actually check flags for all context ops.
     - memcg_write_event_control(): fix a user-triggerable oops
     - drm/amdgpu/jpeg2: properly set atomics vmid field
     - s390/uv: Panic for set and remove shared access UVC errors
     - igc: Correct the launchtime offset
     - igc: remove I226 Qbv BaseTime restriction
     - igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer
     - net/mlx5e: Correctly report errors for ethtool rx flows
     - atm: idt77252: prevent use after free in dequeue_rx()
     - net: axienet: Fix register defines comment description
     - net: dsa: vsc73xx: pass value in phy_write operation
     - net: dsa: vsc73xx: use read_poll_timeout instead delay loop
     - net: dsa: vsc73xx: check busy flag in MDIO operations
     - mlxbf_gige: Remove two unused function declarations
     - mlxbf_gige: disable RX filters until RX path initialized
     - mptcp: correct MPTCP_SUBFLOW_ATTR_SSN_OFFSET reserved size
     - netfilter: allow ipv6 fragments to arrive on different devices
     - netfilter: flowtable: initialise extack before use
     - netfilter: nf_queue: drop packets with cloned unconfirmed conntracks
     - net: hns3: fix wrong use of semaphore up
     - net: hns3: fix a deadlock problem when config TC during resetting
     - ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7
     - ssb: Fix division by zero issue in ssb_calc_clock_rate
     - wifi: cfg80211: check wiphy mutex is held for wdev mutex
     - wifi: mac80211: fix BA session teardown race
     - wifi: cw1200: Avoid processing an invalid TIM IE
     - i2c: riic: avoid potential division by zero
     - RDMA/rtrs: Fix the problem of variable not initialized fully
     - s390/smp,mcck: fix early IPI handling
     - i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out
     - i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer
     - media: radio-isa: use dev_name to fill in bus_info
     - staging: iio: resolver: ad2s1210: fix use before initialization
     - drm/amd/display: Validate hw_points_num before using it
     - staging: ks7010: disable bh on tx_dev_lock
     - binfmt_misc: cleanup on filesystem umount
     - media: qcom: venus: fix incorrect return value
     - scsi: spi: Fix sshdr use
     - gfs2: setattr_chown: Add missing initialization
     - wifi: iwlwifi: abort scan when rfkill on but device enabled
     - wifi: iwlwifi: fw: Fix debugfs command sending
     - IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock
     - hwmon: (ltc2992) Avoid division by zero
     - arm64: Fix KASAN random tag seed initialization
     - memory: tegra: Skip SID programming if SID registers aren't set
     - powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu
     - nvmet-trace: avoid dereferencing pointer too early
     - ext4: do not trim the group with corrupted block bitmap
     - afs: fix __afs_break_callback() / afs_drop_open_mmap() race
     - fuse: fix UAF in rcu pathwalks
     - quota: Remove BUG_ON from dqget()
     - media: pci: cx23885: check cx23885_vdev_init() return
     - fs: binfmt_elf_efpic: don't use missing interpreter's properties
     - scsi: lpfc: Initialize status local variable in lpfc_sli4_repost_sgl_list()
     - media: drivers/media/dvb-core: copy user arrays safely
     - net/sun3_82586: Avoid reading past buffer in debug output
     - drm/lima: set gp bus_stop bit before hard reset
     - virtiofs: forbid newlines in tags
     - clocksource/drivers/arm_global_timer: Guard against division by zero
     - netlink: hold nlk->cb_mutex longer in __netlink_dump_start()
     - md: clean up invalid BUG_ON in md_ioctl
     - x86: Increase brk randomness entropy for 64-bit systems
     - memory: stm32-fmc2-ebi: check regmap_read return value
     - parisc: Use irq_enter_rcu() to fix warning at kernel/context_tracking.c:367
     - powerpc/boot: Handle allocation failure in simple_realloc()
     - powerpc/boot: Only free if realloc() succeeds
     - btrfs: change BUG_ON to assertion when checking for delayed_node root
     - btrfs: handle invalid root reference found in may_destroy_subvol()
     - btrfs: send: handle unexpected data in header buffer in begin_cmd()
     - btrfs: change BUG_ON to assertion in tree_move_down()
     - btrfs: delete pointless BUG_ON check on quota root in
       btrfs_qgroup_account_extent()
     - f2fs: fix to do sanity check i

Source diff to previous version
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
2076957 isolcpus are ignored when using cgroups V2, causing processes to have wrong affinity
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-39496 In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to race with dev replace While loading a z
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc

Version: 5.15.0-121.131 2024-08-09 12:09:10 UTC

 linux (5.15.0-121.131) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
 .
   * jammy:linux bpf selftest do not build (LP: #2076334)
     - SAUCE: Revert "bpf: Allow reads from uninit stack"
 .

Source diff to previous version
2076334 jammy:linux bpf selftest do not build

Version: 5.15.0-120.130 2024-08-02 21:08:58 UTC

 linux (5.15.0-120.130) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.08.05)
 .
   * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
     - Compiler Attributes: Add __uninitialized macro
     - locking/mutex: Introduce devm_mutex_init()
     - drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - wifi: mt76: replace skb_put with skb_put_zero
     - net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - igc: fix a log entry using uninitialized netdev
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - s390/pkey: Wipe sensitive data on failure
     - tools/power turbostat: Remember global max_die_id
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - KVM: s390: fix LPSWEY handling
     - e1000e: Fix S0ix residency on corporate systems
     - net: allow skb_datagram_iter to be called from any context
     - wifi: wilc1000: fix ies_len type in connect path
     - riscv: kexec: Avoid deadlock in kexec crash path
     - netfilter: nf_tables: unconditionally flush pending work before notifier
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
     - selftests: fix OOM in msg_zerocopy selftest
     - selftests: make order checking verbose in msg_zerocopy selftest
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - gpiolib: of: factor out code overriding gpio line polarity
     - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
     - gpiolib: of: add polarity quirk for TSC2005
     - Revert "igc: fix a log entry using uninitialized netdev"
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - btrfs: fix adding block group to a reclaim list and the unused list during
       reclaim
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Ensure ECC configuration is propagated to upper layers
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - mtd: rawnand: rockchip: ensure NVDDR timings are rejected
     - ima: Avoid blocking in RCU read-side critical section
     - media: dw2102: fix a potential buffer overflow
     - clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - fs/ntfs3: Mark volume as dirty if xattr is broken
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - dma-mapping: benchmark: avoid needless copy_to_user if benchmark fails
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - regmap-i2c: Subtract reg size from max_write
     - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
       tablet
     - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nfc/nci: Add the inconsistency check between the input data length and count
     - null_blk: Do not allow runt zone with zone capacity smaller then zone size
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NULL ptr in pfn_section_valid()
     - filelock: fix potential use-after-free in posix_lock_inode
     - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
     - vfs: don't mod negative dentry count when on shrinker list
     - tcp: fix incorrect undo caused by DSACK of TLP retransmit
     - skmsg: Skip zero length skb in sk_msg_recvmsg
     - octeontx2-af: Fix incorrect value output on error path in
       rvu_check_rsrc_availability()
     - net: fix rc7's __skb_datagram_iter()
     - i40e: Fix XDP program unloading while removing the driver
     - net: lantiq_etop: a

1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori



About   -   Send Feedback to @ubuntu_updates