UbuntuUpdates.org

Package "linux-image-unsigned-6.2.0-1017-oracle"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-image-unsigned-6.2.0-1017-oracle

Description:

Oracle Linux kernel image for version 6.2.0 on 64 bit x86 SMP

Latest version: 6.2.0-1017.18~22.04.1
Release: jammy (22.04)
Level: base
Repository: main
Head package: linux-oracle-6.2

Links


Download "linux-image-unsigned-6.2.0-1017-oracle"


Other versions of "linux-image-unsigned-6.2.0-1017-oracle" in Jammy

No other version of this package is available in the Jammy release.

Changelog

Version: 6.2.0-1017.18~22.04.1 2023-11-16 14:10:56 UTC

 linux-oracle-6.2 (6.2.0-1017.18~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-oracle-6.2: 6.2.0-1017.18~22.04.1 -proposed tracker
     (LP: #2041548)
 .
   [ Ubuntu: 6.2.0-1017.18 ]
 .
   * lunar/linux-oracle: 6.2.0-1017.18 -proposed tracker (LP: #2041549)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
   * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451)
   * USB bus error after upgrading to proposed kernel on lunar and jammy
     (LP: #2043197)
     - USB: core: Fix oversight in SuperSpeed initialization
   * Include cifs.ko in linux-modules package (LP: #2042546)
     - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list
   * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557)
   * CVE-2023-25775
     - RDMA/irdma: Prevent zero-length STAG registration
   * CVE-2023-5345
     - fs/smb/client: Reset password pointer to NULL
   * CVE-2023-39189
     - netfilter: nfnetlink_osf: avoid OOB read
   * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
     (LP: #2039575)
     - net/smc: Fix pos miscalculation in statistics
   * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
     (LP: #2033406)
     - [Packaging] Make WWAN driver loadable modules
   * CVE-2023-45871
     - igb: set max size RX buffer when store bad packet is enabled
   * CVE-2023-39193
     - netfilter: xt_sctp: validate the flag_info count
   * CVE-2023-39192
     - netfilter: xt_u32: validate user space input
   * CVE-2023-31085
     - ubi: Refuse attaching if mtd's erasesize is 0
   * CVE-2023-5717
     - perf: Disallow mis-matched inherited group reads
   * CVE-2023-5178
     - nvmet-tcp: Fix a possible UAF in queue intialization setup
   * CVE-2023-5158
     - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
   * CVE-2023-5090
     - x86: KVM: SVM: always update the x2avic msr interception
   * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
     - [Packaging] Make linux-tools-common depend on hwdata
   * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
     - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
       probe
   * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884)
     - ACPI: thermal: Drop nocrt parameter
     - module: Expose module_init_layout_section()
     - arm64: module-plts: inline linux/moduleloader.h
     - arm64: module: Use module_init_layout_section() to spot init sections
     - ARM: module: Use module_init_layout_section() to spot init sections
     - lockdep: fix static memory detection even more
     - parisc: Cleanup mmap implementation regarding color alignment
     - parisc: sys_parisc: parisc_personality() is called from asm code
     - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc
     - kallsyms: Fix kallsyms_selftest failure
     - module/decompress: use vmalloc() for zstd decompression workspace
     - Upstream stable to v6.1.51, v6.4.14
     - erofs: ensure that the post-EOF tails are all zeroed
     - ksmbd: fix wrong DataOffset validation of create context
     - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
     - ksmbd: replace one-element array with flex-array member in struct
       smb2_ea_info
     - ksmbd: reduce descriptor size if remaining bytes is less than request size
     - ARM: pxa: remove use of symbol_get()
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - ALSA: usb-audio: Fix init call orders for UAC1
     - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
     - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition
     - wifi: mt76: mt7921: do not support one stream on secondary antenna only
     - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - tcpm: Avoid soft reset when partner does not support get_status
     - dt-bindings: sc16is7xx: Add property to change GPIO function
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - usb: typec: tcpci: clear the fault status bit
     - pinctrl: amd: Don't show `Invalid config param` errors
     - wifi: rtw88: usb: kill and free rx urbs on probe failure
     - Upstream stable to v6.1.52, v6.4.15
   * Lunar update: upstream stable patchset 2023-10-18 (LP: #2039742)
     - NFSv4.2: fix error handling in nfs42_proc_getxattr
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - drm/ast: Use drm_aperture_remove_conflicting_pci_framebuffers
     - fbdev/radeon: use pci aperture helpers
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - MIPS: cpu-features: Enable octeon_cache by cpu_type
     - MIPS: cpu-features: Use boot_cpu_type for CPU type based features
     - jbd2: remove t_checkpoint_io_list
     - jbd2: remove journal_clean_one_cp_list()
     - jbd2: fix a race when checking checkpoint buffer busy
     - can: raw: fix receiver memory leak
     - can: raw: fix lockdep issue in

Source diff to previous version
1786013 Packaging resync
2043197 USB bus error after upgrading to proposed kernel on lunar and jammy
2042546 Include cifs.ko in linux-modules package
2039575 SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
2033406 [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
2039439 usbip: error: failed to open /usr/share/hwdata//usb.ids
2040157 Unable to use nvme drive to install Ubuntu 23.10
2039884 Lunar update: upstream stable patchset 2023-10-19
2039742 Lunar update: upstream stable patchset 2023-10-18
2039542 Remove duplication of devm_pwmchip_add function definition
2039110 Lunar update: upstream stable patchset 2023-10-11
2038969 Lunar update: upstream stable patchset 2023-10-10
2038236 Lunar update: upstream stable patchset 2023-10-02
CVE-2023-25775 Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentia
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-5178 A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...
CVE-2023-5158 A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a d
CVE-2023-5090 x86: KVM: SVM: always update the x2avic msr interception
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 6.2.0-1015.15~22.04.1 2023-10-09 18:08:45 UTC

 linux-oracle-6.2 (6.2.0-1015.15~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-oracle-6.2: 6.2.0-1015.15~22.04.1 -proposed tracker
     (LP: #2038068)
 .
   [ Ubuntu: 6.2.0-1015.15 ]
 .
   * lunar/linux-oracle: 6.2.0-1015.15 -proposed tracker (LP: #2038069)
   * lunar/linux: 6.2.0-36.37 -proposed tracker (LP: #2038076)
   * Regression for ubuntu_bpf test build caused by upstream bdeeed3498c7
     (LP: #2035181)
     - selftests/bpf: fix static assert compilation issue for test_cls_*.c
   * CVE-2023-4244
     - netfilter: nf_tables: don't skip expired elements during walk
     - netfilter: nf_tables: adapt set backend to use GC transaction API
     - netfilter: nft_set_hash: mark set element as dead when deleting from packet
       path
     - netfilter: nf_tables: GC transaction API to avoid race with control plane
     - netfilter: nf_tables: don't fail inserts if duplicate has expired
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nf_tables: fix GC transaction races with netns and netlink event
       exit path
     - netfilter: nf_tables: GC transaction race with netns dismantle
     - netfilter: nf_tables: GC transaction race with abort path
     - netfilter: nf_tables: use correct lock to protect gc_list
     - netfilter: nf_tables: defer gc run if previous batch is still pending
     - netfilter: nft_dynset: disallow object maps
     - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * CVE-2023-4563
     - netfilter: nf_tables: remove busy mark and gc batch API
   * CVE-2023-42756
     - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
   * CVE-2023-4623
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve
   * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
     - ALSA: hda/realtek - ALC287 I2S speaker platform support
   * Lunar update: upstream stable patchset 2023-09-21 (LP: #2037005)
     - Upstream stable to v6.1.41, v6.4.6
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Add quirk for Clevo NS70AU
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - maple_tree: set the node limit when creating a new root node
     - maple_tree: fix node allocation testing on 32 bit
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after abort
     - fuse: revalidate: don't invalidate if interrupted
     - fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT
     - btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
     - btrfs: zoned: fix memory leak after finding block group with super blocks
     - fuse: ioctl: translate ENOSYS in outarg
     - btrfs: fix race between balance and cancel/pause
     - selftests: tc: set timeout to 15 minutes
     - selftests: tc: add 'ct' action kconfig dep
     - regmap: Drop initial version of maximum transfer length fixes
     - of: Preserve "of-display" device name for compatibility
     - regmap: Account for register length in SMBus I/O limits
     - arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
     - can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout
     - can: bcm: Fix UAF in bcm_proc_show()
     - can: gs_usb: gs_can_open(): improve error handling
     - selftests: tc: add ConnTrack procfs kconfig
     - dma-buf/dma-resv: Stop leaking on krealloc() failure
     - drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
     - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
     - drm/amdgpu/pm: make mclk consistent for smu 13.0.7
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - drm/amd/display: only accept async flips for fast updates
     - drm/amd/display: Disable MPC split by default on special asic
     - drm/amd/display: check TG is non-null before checking if enabled
     - drm/amd/display: Keep PHY active for DP displays on DCN31
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master
       mode"
     - ASoC: tegra: Fix ADX byte map
     - ASoC: rt5640: Fix sleep in atomic context
     - ASoC: cs42l51: fix driver to properly autoload with automatic module loading
     - ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
     - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
     - ASoC: qdsp6: audioreach: fix topology probe deferral
     - ASoC: tegra: Fix AMX byte map
     - ASoC: codecs: wcd938x: fix resource leaks on component remove
     - ASoC: codecs: wcd938x: fix missing mbhc init error handling
     - ASoC: codecs: wcd934x: fix resource leaks on component remove
     - ASoC: codecs: wcd938x: fix codec initialisation race
     - ASoC: codecs: wcd938x: fix soundwire initialisation race
     - ext4: correct inline offset when handling xattrs in inode body
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - MIPS: dec: prom: Address -Warray-bounds warning
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569
     - rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()

Source diff to previous version
2035181 Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95
2037077 Fix unstable audio at low levels on Thinkpad P1G4
2037005 Lunar update: upstream stable patchset 2023-09-21
2035313 Fix non-working I219 after system sleep
2035163 Avoid address overwrite in kernel_connect
2031537 Ethernet not stable 23.04 (RTL8168/8169)
2034479 Fix suspend hang on Lenovo workstation
2034491 Fix blank display when Thunderbolt monitor is plugged second time
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2036075 Lunar update: upstream stable patchset 2023-09-14
2031352 Nouveau driver crash - Ubuntu 22.04.3 LTS stuck on power-off/reboot screen
2034469 Lunar update: upstream stable patchset 2023-09-05
2033931 Lunar update: upstream stable patchset 2023-09-01
1786013 Packaging resync
CVE-2023-4563 ** REJECT ** This was assigned as a duplicate of CVE-2023-4244.
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM

Version: 6.2.0-1013.13~22.04.1 2023-09-15 17:08:48 UTC

 linux-oracle-6.2 (6.2.0-1013.13~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-oracle-6.2: 6.2.0-1013.13~22.04.1 -proposed tracker
     (LP: #2033773)
 .
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2023.09.04)
     - [Packaging] update variants
 .
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] oracle-6.2: Mark sh-sci as built-in
 .
   [ Ubuntu: 6.2.0-1013.13 ]
 .
   * lunar/linux-oracle: 6.2.0-1013.13 -proposed tracker (LP: #2033774)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] oracle: Mark sh-sci as built-in
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * lunar/linux: 6.2.0-34.34 -proposed tracker (LP: #2033779)
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - tools headers x86 cpufeatures: Sync with the kernel sources
     - x86/alternative: Optimize returns patching
     - x86/retbleed: Add __x86_return_thunk alignment checks
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Add a forgotten NOENDBR annotation
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - Documentation/hw-vuln: Unify filename specification in index
     - Documentation/srso: Document IBPB aspect and fix formatting
     - x86/srso: Fix build breakage with the LLVM linker
     - x86: Move gds_ucode_mitigated() declaration to header
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with
       retpolines and IBT
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - objtool/x86: Fix SRSO mess
     - x86/alternative: Make custom return thunk unconditional
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/static_call: Fix __static_call_fixup()
     - x86/srso: Correct the mitigation status when SMT is disabled
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * dGPU cannot resume because system firmware stuck in IPCS method
     (LP: #2021572)
     - drm/i915/tc: Abort DP AUX transfer on a disconnected TC port
     - drm/i915/tc: switch to intel_de_* register accessors in display code
     - drm/i915: Enable a PIPEDMC whenever its corresponding pipe is enabled
     - drm/i915/tc: Fix TC port link ref init for DP MST during HW readout
     - drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks
     - drm/i915/tc: Wait for IOM/FW PHY initialization of legacy TC ports
     - drm/i915/tc: Factor out helpers converting HPD mask to TC mode
     - drm/i915/tc: Fix target TC mode for a disconnected legacy port
     - drm/i915/tc: Fix TC mode for a legacy port if the PHY is not ready
     - drm/i915/tc: Fix initial TC mode on disabled legacy ports
     - drm/i915/tc: Make the TC mode readout consistent in all PHY states
     - drm/i915: Add encoder hook to get the PLL type used by TC ports
     - drm/i915/tc: Assume a TC port is legacy if VBT says the port has HDMI
     - drm/i915/tc: Factor out a function querying active links on a TC port
     - drm/i915/tc: Check the PLL type used by an enabled TC port
     - drm/i915/tc: Group the TC PHY setup/query functions per platform
     - drm/i915/tc: Use the adlp prefix for ADLP TC PHY functions
     - drm/i915/tc: Rename tc_phy_status_complete() to tc_phy_is_ready()
     - drm/i915/tc: Use the tc_phy prefix for all TC PHY functions
     - drm/i915/tc: Move TC port fields to a new intel_tc_port struct
     - drm/i915/tc: Check for TC PHY explicitly in
       intel_tc_port_fia_max_lane_count()
     - drm/i915/tc: Move the intel_tc_port struct declaration to intel_tc.c
     - drm/i915/tc: Add TC PHY hook to get the PHY HPD live status
     - drm/i915/tc: Add TC PHY hooks to get the PHY ready/owned state
     - drm/i915/tc: Add TC PHY hook to read out the PHY HW state
     - drm/i915/tc: Add generic TC PHY connect/disconnect handlers
     - drm/i915/tc: Factor out tc_phy_verify_legacy_or_dp_alt_mode()
     - drm/i915/tc: Add TC PHY hooks to connect/disconnect the PHY
     - drm/i915/tc: Fix up the legacy VBT flag only in disconnected mode
     - drm/i915/tc: Check TC mode instead of the VBT legacy flag
     - drm/i915/tc: Block/unblock TC-cold in the PHY connect/disconnect hooks
     - drm/i915/tc: Remove redundant wakeref=0 check from unblock_tc_cold()
     - drm/i915/tc: Drop tc_cold_block()/unblock()'s power domain parameter
     - drm/i915/tc: Add TC PHY hook to get the TC-cold blocking power domain
     - drm/i915/tc: Add asserts in TC PHY hooks that the required power is on
     - drm/i915/tc: Add TC PHY hook to init the PHY
     - drm/i915/adlp/tc: Use the DE HPD ISR register for hotplug detection
     - drm/i915/tc: Get power ref for reading the HPD live status register
     - drm/i915/tc: Don't connect the PHY in intel_tc_port_connected()
     - drm/i915/adlp/tc: Align the connect/disconnect PHY sequence with bspec
     - drm/i915: Move shared DPLL disabling into CRTC disable hook
     - drm/i915: Disable DPLLs before disconnecting the TC PHY
     - drm/i915: Remove TC

Source diff to previous version
1786013 Packaging resync
2022361 Please enable Renesas RZ platform serial installer
2021572 dGPU cannot resume because system firmware stuck in IPCS method
2033654 amdgpu: Fixes for S0i3 resume on Phoenix
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2033122 Request backport of xen timekeeping performance improvements
2033452 Enable D3cold at s2idle for Intel DG2 GPU
2026322 Fix non-working MT7921e when pre-boot WiFi is enabled
2028122 Fix unreliable ethernet cable detection on I219 NIC
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2029808 Lunar update: upstream stable patchset 2023-08-03
2031093 libgnutls report \
2029199 NULL pointer dereference on CS35L41 HDA AMP
2029332 Reboot command powers off the system
2015400 losetup with mknod fails on jammy with kernel 5.15.0-69-generic
2028746 Fix UBSAN in Intel EDAC driver
2028749 Make TTY switching possible for NVIDIA when it's boot VGA
2028740 Fix AMD gpu hang when screen off/on
2023197 Fix speaker volume too low on HP G10 laptops
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026776 arm64+ast2600: No Output from BMC's VGA port
2024273 Fix eDP only displays 3/4 area after switching to mirror mode with external HDMI 4K monitor
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028979 Lunar update: upstream stable patchset 2023-07-28
2022354 sysfs msi_irqs directory empty with kernel-5.19 when being a xen guest
2028808 Lunar update: upstream stable patchset 2023-07-26
2028580 Lunar update: v6.2.16 upstream stable release
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-4155 A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in t ...
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-3995 ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147.
CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI

Version: 6.2.0-1010.10~22.04.1 2023-08-31 04:08:55 UTC

 linux-oracle-6.2 (6.2.0-1010.10~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-oracle-6.2: 6.2.0-1010.10~22.04.1 -proposed tracker
     (LP: #2030541)
 .
   [ Ubuntu: 6.2.0-1010.10 ]
 .
   * lunar/linux-oracle: 6.2.0-1010.10 -proposed tracker (LP: #2030542)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
   * arm64 support: Enable ARM_SMMU and ARM_SMMU_V3 for oracle (LP: #2002381)
     - [packaging] Enable ARM_SMMU and ARM_SMMU_V3
   * Miscellaneous Ubuntu changes
     - [packaging] Fix annotations for Oracle
     - [packaging] Split oracle configs into dedicated file
     - [packaging] update configs for updated chroot
   * lunar/linux: 6.2.0-31.31 -proposed tracker (LP: #2031146)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
   * lunar/linux: 6.2.0-28.29 -proposed tracker (LP: #2030547)
   * CVE-2022-40982
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID
   * CVE-2023-20593
     - x86/cpu/amd: Move the errata checking functionality up
     - x86/cpu/amd: Add a Zenbleed fix
   * CVE-2023-3776
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
   * CVE-2023-4004
     - netfilter: nft_set_pipapo: fix improper element removal
   * CVE-2023-3611
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
   * CVE-2023-3610
     - netfilter: nf_tables: fix chain binding transaction logic
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow

Source diff to previous version
1786013 Packaging resync
2002381 arm64 support: Enable ARM_SMMU and ARM_SMMU_V3 for oracle
2031093 libgnutls report \
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a

Version: 6.2.0-1009.9~22.04.6 2023-08-28 07:08:38 UTC

 linux-oracle-6.2 (6.2.0-1009.9~22.04.6) jammy; urgency=medium
 .
   * jammy/linux-oracle-6.2: 6.2.0-1009.9~22.04.6 -proposed tracker
     (LP: #2028856)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update variants
     - [Packaging] update update.conf
     - [Packaging] update Ubuntu.md
 .
   * Miscellaneous Ubuntu changes
     - [packaging] Initial bring-up of jammy/gcp-6.2
     - [packaging] Update annotations
 .
   [ Ubuntu: 6.2.0-1009.9 ]
 .
   * lunar/linux-oracle: 6.2.0-1009.9 -proposed tracker (LP: #2026483)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] resync getabis
   * lunar/linux: 6.2.0-27.28 -proposed tracker (LP: #2026488)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] update annotations scripts
   * CVE-2023-2640 // CVE-2023-32629
     - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
       ovl_do_(set|remove)xattr"
     - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
       trusted.overlayfs.* xattrs"
     - SAUCE: overlayfs: default to userxattr when mounted from non initial user
       namespace
   * UNII-4 5.9G Band support request on 8852BE (LP: #2023952)
     - wifi: rtw89: 8851b: add 8851B basic chip_info
     - wifi: rtw89: introduce realtek ACPI DSM method
     - wifi: rtw89: regd: judge UNII-4 according to BIOS and chip
     - wifi: rtw89: support U-NII-4 channels on 5GHz band
   * Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present (LP: #2024900)
     - [Packaging] disable hv-kvp-daemon if needed
   * A deadlock issue in scsi rescan task while resuming from S3 (LP: #2018566)
     - ata: libata-scsi: Avoid deadlock on rescan after device resume
   * [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU (LP: #2008745)
     - [Config] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
   * Lunar update: v6.2.15 upstream stable release (LP: #2025067)
     - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
     - ASoC: Intel: soc-acpi: add table for Intel 'Rooks County' NUC M15
     - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
     - x86/hyperv: Block root partition functionality in a Confidential VM
     - ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx
       (8A22)
     - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
     - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
     - ASoC: da7213.c: add missing pm_runtime_disable()
     - net: wwan: t7xx: do not compile with -Werror
     - wifi: mt76: mt7921: Fix use-after-free in fw features query.
     - selftests mount: Fix mount_setattr_test builds failed
     - scsi: mpi3mr: Handle soft reset in progress fault code (0xF002)
     - net: sfp: add quirk enabling 2500Base-x for HG MXPD-483II
     - platform/x86: thinkpad_acpi: Add missing T14s Gen1 type to s2idle quirk list
     - wifi: ath11k: reduce the MHI timeout to 20s
     - tracing: Error if a trace event has an array for a __field()
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - asm-generic/io.h: suppress endianness warnings for relaxed accessors
     - x86/cpu: Add model number for Intel Arrow Lake processor
     - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
     - ASoC: amd: ps: update the acp clock source.
     - arm64: Always load shadow stack pointer directly from the task struct
     - arm64: Stash shadow stack pointer in the task struct on interrupt
     - powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
     - PCI: kirin: Select REGMAP_MMIO
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - bus: mhi: host: pci_generic: Revert "Add a secondary AT port to Telit FN990"
     - phy: qcom-qmp-pcie: sc8180x PCIe PHY has 2 lanes
     - IMA: allow/fix UML builds
     - wifi: rtw88: usb: fix priority queue to endpoint mapping
     - usb: gadget: udc: core: Invoke usb_gadget_connect only when started
     - usb: gadget: udc: core: Prevent redundant calls to pullup
     - usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive
     - USB: dwc3: fix runtime pm imbalance on probe errors
     - USB: dwc3: fix runtime pm imbalance on unbind
     - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - media: ov8856: Do not check for for module version
     - drm/vmwgfx: Fix Legacy Display Unit atomic drm support
     - blk-stat: fix QUEUE_FLAG_STATS clear
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - staging: iio: resolver: ads1210: fix config mode
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - xhci: fix debugfs register accesses while suspended
     - serial: fix TIOCSRS485 locking
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - serial: max310x: fix IO data corruption in batched operations
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - fs: fix sysctls.c built
     - MIPS: fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - iio: addac: stx104: Fix race condition when converting analog-to-digital
     - iio: addac: stx104: Fix race condition for stx104_write_raw()
     - kheaders: Use array declaration instead of char
     - wifi: mt76: add missing locking to protect against concurrent rx/status
       calls
     - wifi: rtw8

1786013 Packaging resync
2023952 UNII-4 5.9G Band support request on 8852BE
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2008745 [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
2025067 Lunar update: v6.2.15 upstream stable release
2025066 Lunar update: v6.2.14 upstream stable release
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2021605 introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
2020356 generate linux-lib-rust only on amd64
2019915 Enable audio LEDs on HP laptops
2023929 Lunar update: v6.2.13 upstream stable release
2023577 cls_flower: off-by-one in fl_set_geneve_opt
2020531 support python \u003c 3.9 with annotations
2017444 Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
2015867 Kernel 6.1 bumped the disk consumption on default images by 15%
2018655 Update I915 PSR calculation on Linux 6.2
2016908 udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)
2016186 5.19 not reporting cgroups v1 blkio.throttle.io_serviced
2017903 LSM stacking and AppArmor for 6.2: additional fixes
2017219 Lunar update: v6.2.12 upstream stable release
1685291 RFC: virtio and virtio-scsi should be built in
2015498 Debian autoreconstruct Fix restoration of execute permissions
2007745 [SRU][Jammy] CONFIG_PCI_MESON is not enabled
2008824 sched: cpumask: improve on cpumask_local_spread() locality
2012019 Fix E-star testing failure with RTK 8852BE
2016879 Lunar update: v6.2.11 upstream stable release
2016878 Lunar update: v6.2.10 upstream stable release
2016877 Lunar update: v6.2.9 upstream stable release
2016876 Lunar update: v6.2.8 upstream stable release
2016875 Lunar update: v6.2.7 upstream stable release
2015741 efivarfs:efivarfs.sh in ubuntu_kernel_selftests crash L-6.2 ARM64 node dazzle (rcu_preempt detected stalls)
2015361 FTBFS with different dkms or when makeflags are set
2013209 expoline.o is packaged unconditionally for s390x
2013014 net:l2tp.sh failure with lunar:linux 6.2
2012776 Neuter signing tarballs
2012136 LSM stacking and AppArmor refresh for 6.2 kernel
1989983 kinetic: apply new apparmor and LSM stacking patch set
1937133 devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute (KeyError: 'flavour')
2011748 lunar/linux 6.2 fails to boot on arm64
2011413 lunar/linux 6.2 fails to boot on ppc64el
2011379 Speaker / Audio/Mic mute LED don't work on a HP platform
2009014 Some QHD panels fail to refresh when PSR2 enabled
2011431 Lunar update: v6.2.6 upstream stable release
2011430 Lunar update: v6.2.5 upstream stable release
2011428 Lunar update: v6.2.4 upstream stable release
2011425 Lunar update: v6.2.3 upstream stable release
2007654 enable Rust support in the kernel
1989334 remove circular dep between linux-image and modules
CVE-2023-2640 On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overl ...
CVE-2023-32629 Local privilege escalation vulnerability in Ubuntu Kernels overlayfs o ...
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3269 A vulnerability exists in the memory management subsystem of the Linux ...
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-2176 A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-2612 Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ...
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.



About   -   Send Feedback to @ubuntu_updates