UbuntuUpdates.org

Package "linux-modules-ipu6-6.2.0-39-generic"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-modules-ipu6-6.2.0-39-generic

Description:

Linux kernel ipu6 modules for version 6.2.0-39

Latest version: 6.2.0-39.40~22.04.1
Release: jammy (22.04)
Level: base
Repository: main
Head package: linux-hwe-6.2

Links


Download "linux-modules-ipu6-6.2.0-39-generic"


Other versions of "linux-modules-ipu6-6.2.0-39-generic" in Jammy

Repository Area Version
security main 6.2.0-39.40~22.04.1
updates main 6.2.0-39.40~22.04.1

Changelog

Version: 6.2.0-39.40~22.04.1 2023-11-16 12:11:11 UTC

 linux-hwe-6.2 (6.2.0-39.40~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.2: 6.2.0-39.40~22.04.1 -proposed tracker (LP: #2041556)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] update variants
 .
   [ Ubuntu: 6.2.0-39.40 ]
 .
   * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451)
   * USB bus error after upgrading to proposed kernel on lunar and jammy
     (LP: #2043197)
     - USB: core: Fix oversight in SuperSpeed initialization
   * Include cifs.ko in linux-modules package (LP: #2042546)
     - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list
 .
   [ Ubuntu: 6.2.0-38.39 ]
 .
   * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557)
   * CVE-2023-25775
     - RDMA/irdma: Prevent zero-length STAG registration
   * CVE-2023-5345
     - fs/smb/client: Reset password pointer to NULL
   * CVE-2023-39189
     - netfilter: nfnetlink_osf: avoid OOB read
   * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
     (LP: #2039575)
     - net/smc: Fix pos miscalculation in statistics
   * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
     (LP: #2033406)
     - [Packaging] Make WWAN driver loadable modules
   * CVE-2023-45871
     - igb: set max size RX buffer when store bad packet is enabled
   * CVE-2023-39193
     - netfilter: xt_sctp: validate the flag_info count
   * CVE-2023-39192
     - netfilter: xt_u32: validate user space input
   * CVE-2023-31085
     - ubi: Refuse attaching if mtd's erasesize is 0
   * CVE-2023-5717
     - perf: Disallow mis-matched inherited group reads
   * CVE-2023-5178
     - nvmet-tcp: Fix a possible UAF in queue intialization setup
   * CVE-2023-5158
     - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
   * CVE-2023-5090
     - x86: KVM: SVM: always update the x2avic msr interception
   * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
     - [Packaging] Make linux-tools-common depend on hwdata
   * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
     - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
       probe
   * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884)
     - ACPI: thermal: Drop nocrt parameter
     - module: Expose module_init_layout_section()
     - arm64: module-plts: inline linux/moduleloader.h
     - arm64: module: Use module_init_layout_section() to spot init sections
     - ARM: module: Use module_init_layout_section() to spot init sections
     - lockdep: fix static memory detection even more
     - parisc: Cleanup mmap implementation regarding color alignment
     - parisc: sys_parisc: parisc_personality() is called from asm code
     - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc
     - kallsyms: Fix kallsyms_selftest failure
     - module/decompress: use vmalloc() for zstd decompression workspace
     - Upstream stable to v6.1.51, v6.4.14
     - erofs: ensure that the post-EOF tails are all zeroed
     - ksmbd: fix wrong DataOffset validation of create context
     - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
     - ksmbd: replace one-element array with flex-array member in struct
       smb2_ea_info
     - ksmbd: reduce descriptor size if remaining bytes is less than request size
     - ARM: pxa: remove use of symbol_get()
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - ALSA: usb-audio: Fix init call orders for UAC1
     - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
     - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition
     - wifi: mt76: mt7921: do not support one stream on secondary antenna only
     - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - tcpm: Avoid soft reset when partner does not support get_status
     - dt-bindings: sc16is7xx: Add property to change GPIO function
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - usb: typec: tcpci: clear the fault status bit
     - pinctrl: amd: Don't show `Invalid config param` errors
     - wifi: rtw88: usb: kill and free rx urbs on probe failure
     - Upstream stable to v6.1.52, v6.4.15
   * Lunar update: upstream stable patchset 2023-10-18 (LP: #2039742)
     - NFSv4.2: fix error handling in nfs42_proc_getxattr
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - drm/ast: Use drm_aperture_remove_conflicting_pci_framebuffers
     - fbdev/radeon: use pci aperture helpers
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - MIPS: cpu-features: Enable octeon_cache by cpu_type
     - MIPS: cpu-features: Use boot_cpu_type for CPU type based features
     - jbd2: remove t_checkpoint_io_list
     - jbd2: remove journal_clean_one_cp_list()
     - jbd2: fix a race when checking checkpoint buffer busy
     - can: raw: fix receiver memory leak
     - can: raw: fix lockdep issue in raw_release()
   

Source diff to previous version
1786013 Packaging resync
2043197 USB bus error after upgrading to proposed kernel on lunar and jammy
2042546 Include cifs.ko in linux-modules package
2039575 SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
2033406 [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
2039439 usbip: error: failed to open /usr/share/hwdata//usb.ids
2040157 Unable to use nvme drive to install Ubuntu 23.10
2039884 Lunar update: upstream stable patchset 2023-10-19
2039742 Lunar update: upstream stable patchset 2023-10-18
2039542 Remove duplication of devm_pwmchip_add function definition
2039110 Lunar update: upstream stable patchset 2023-10-11
2038969 Lunar update: upstream stable patchset 2023-10-10
2038236 Lunar update: upstream stable patchset 2023-10-02
CVE-2023-25775 Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentia
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-5178 A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...
CVE-2023-5158 A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a d
CVE-2023-5090 x86: KVM: SVM: always update the x2avic msr interception
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 6.2.0-36.37~22.04.1 2023-10-09 18:08:45 UTC

 linux-hwe-6.2 (6.2.0-36.37~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.2: 6.2.0-36.37~22.04.1 -proposed tracker (LP: #2038075)
 .
   [ Ubuntu: 6.2.0-36.37 ]
 .
   * lunar/linux: 6.2.0-36.37 -proposed tracker (LP: #2038076)
   * Regression for ubuntu_bpf test build caused by upstream bdeeed3498c7
     (LP: #2035181)
     - selftests/bpf: fix static assert compilation issue for test_cls_*.c
   * CVE-2023-4244
     - netfilter: nf_tables: don't skip expired elements during walk
     - netfilter: nf_tables: adapt set backend to use GC transaction API
     - netfilter: nft_set_hash: mark set element as dead when deleting from packet
       path
     - netfilter: nf_tables: GC transaction API to avoid race with control plane
     - netfilter: nf_tables: don't fail inserts if duplicate has expired
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nf_tables: fix GC transaction races with netns and netlink event
       exit path
     - netfilter: nf_tables: GC transaction race with netns dismantle
     - netfilter: nf_tables: GC transaction race with abort path
     - netfilter: nf_tables: use correct lock to protect gc_list
     - netfilter: nf_tables: defer gc run if previous batch is still pending
     - netfilter: nft_dynset: disallow object maps
     - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * CVE-2023-4563
     - netfilter: nf_tables: remove busy mark and gc batch API
   * CVE-2023-42756
     - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
   * CVE-2023-4623
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve
   * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
     - ALSA: hda/realtek - ALC287 I2S speaker platform support
   * Lunar update: upstream stable patchset 2023-09-21 (LP: #2037005)
     - Upstream stable to v6.1.41, v6.4.6
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Add quirk for Clevo NS70AU
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - maple_tree: set the node limit when creating a new root node
     - maple_tree: fix node allocation testing on 32 bit
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after abort
     - fuse: revalidate: don't invalidate if interrupted
     - fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT
     - btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
     - btrfs: zoned: fix memory leak after finding block group with super blocks
     - fuse: ioctl: translate ENOSYS in outarg
     - btrfs: fix race between balance and cancel/pause
     - selftests: tc: set timeout to 15 minutes
     - selftests: tc: add 'ct' action kconfig dep
     - regmap: Drop initial version of maximum transfer length fixes
     - of: Preserve "of-display" device name for compatibility
     - regmap: Account for register length in SMBus I/O limits
     - arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
     - can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout
     - can: bcm: Fix UAF in bcm_proc_show()
     - can: gs_usb: gs_can_open(): improve error handling
     - selftests: tc: add ConnTrack procfs kconfig
     - dma-buf/dma-resv: Stop leaking on krealloc() failure
     - drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
     - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
     - drm/amdgpu/pm: make mclk consistent for smu 13.0.7
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - drm/amd/display: only accept async flips for fast updates
     - drm/amd/display: Disable MPC split by default on special asic
     - drm/amd/display: check TG is non-null before checking if enabled
     - drm/amd/display: Keep PHY active for DP displays on DCN31
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master
       mode"
     - ASoC: tegra: Fix ADX byte map
     - ASoC: rt5640: Fix sleep in atomic context
     - ASoC: cs42l51: fix driver to properly autoload with automatic module loading
     - ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
     - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
     - ASoC: qdsp6: audioreach: fix topology probe deferral
     - ASoC: tegra: Fix AMX byte map
     - ASoC: codecs: wcd938x: fix resource leaks on component remove
     - ASoC: codecs: wcd938x: fix missing mbhc init error handling
     - ASoC: codecs: wcd934x: fix resource leaks on component remove
     - ASoC: codecs: wcd938x: fix codec initialisation race
     - ASoC: codecs: wcd938x: fix soundwire initialisation race
     - ext4: correct inline offset when handling xattrs in inode body
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - MIPS: dec: prom: Address -Warray-bounds warning
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569
     - rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
     - rcu: Mark additional concurrent load from ->cpu_no_qs.b.exp
     - sched/fair:

Source diff to previous version
2035181 Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95
2037077 Fix unstable audio at low levels on Thinkpad P1G4
2037005 Lunar update: upstream stable patchset 2023-09-21
2035313 Fix non-working I219 after system sleep
2035163 Avoid address overwrite in kernel_connect
2031537 Ethernet not stable 23.04 (RTL8168/8169)
2034479 Fix suspend hang on Lenovo workstation
2034491 Fix blank display when Thunderbolt monitor is plugged second time
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2036075 Lunar update: upstream stable patchset 2023-09-14
2031352 Nouveau driver crash - Ubuntu 22.04.3 LTS stuck on power-off/reboot screen
2034469 Lunar update: upstream stable patchset 2023-09-05
2033931 Lunar update: upstream stable patchset 2023-09-01
1786013 Packaging resync
CVE-2023-4563 ** REJECT ** This was assigned as a duplicate of CVE-2023-4244.
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM

Version: 6.2.0-34.34~22.04.1 2023-09-07 15:08:45 UTC

 linux-hwe-6.2 (6.2.0-34.34~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.2: 6.2.0-34.34~22.04.1 -proposed tracker (LP: #2033778)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   [ Ubuntu: 6.2.0-34.34 ]
 .
   * lunar/linux: 6.2.0-34.34 -proposed tracker (LP: #2033779)
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - tools headers x86 cpufeatures: Sync with the kernel sources
     - x86/alternative: Optimize returns patching
     - x86/retbleed: Add __x86_return_thunk alignment checks
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Add a forgotten NOENDBR annotation
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - Documentation/hw-vuln: Unify filename specification in index
     - Documentation/srso: Document IBPB aspect and fix formatting
     - x86/srso: Fix build breakage with the LLVM linker
     - x86: Move gds_ucode_mitigated() declaration to header
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with
       retpolines and IBT
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - objtool/x86: Fix SRSO mess
     - x86/alternative: Make custom return thunk unconditional
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/static_call: Fix __static_call_fixup()
     - x86/srso: Correct the mitigation status when SMT is disabled
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * dGPU cannot resume because system firmware stuck in IPCS method
     (LP: #2021572)
     - drm/i915/tc: Abort DP AUX transfer on a disconnected TC port
     - drm/i915/tc: switch to intel_de_* register accessors in display code
     - drm/i915: Enable a PIPEDMC whenever its corresponding pipe is enabled
     - drm/i915/tc: Fix TC port link ref init for DP MST during HW readout
     - drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks
     - drm/i915/tc: Wait for IOM/FW PHY initialization of legacy TC ports
     - drm/i915/tc: Factor out helpers converting HPD mask to TC mode
     - drm/i915/tc: Fix target TC mode for a disconnected legacy port
     - drm/i915/tc: Fix TC mode for a legacy port if the PHY is not ready
     - drm/i915/tc: Fix initial TC mode on disabled legacy ports
     - drm/i915/tc: Make the TC mode readout consistent in all PHY states
     - drm/i915: Add encoder hook to get the PLL type used by TC ports
     - drm/i915/tc: Assume a TC port is legacy if VBT says the port has HDMI
     - drm/i915/tc: Factor out a function querying active links on a TC port
     - drm/i915/tc: Check the PLL type used by an enabled TC port
     - drm/i915/tc: Group the TC PHY setup/query functions per platform
     - drm/i915/tc: Use the adlp prefix for ADLP TC PHY functions
     - drm/i915/tc: Rename tc_phy_status_complete() to tc_phy_is_ready()
     - drm/i915/tc: Use the tc_phy prefix for all TC PHY functions
     - drm/i915/tc: Move TC port fields to a new intel_tc_port struct
     - drm/i915/tc: Check for TC PHY explicitly in
       intel_tc_port_fia_max_lane_count()
     - drm/i915/tc: Move the intel_tc_port struct declaration to intel_tc.c
     - drm/i915/tc: Add TC PHY hook to get the PHY HPD live status
     - drm/i915/tc: Add TC PHY hooks to get the PHY ready/owned state
     - drm/i915/tc: Add TC PHY hook to read out the PHY HW state
     - drm/i915/tc: Add generic TC PHY connect/disconnect handlers
     - drm/i915/tc: Factor out tc_phy_verify_legacy_or_dp_alt_mode()
     - drm/i915/tc: Add TC PHY hooks to connect/disconnect the PHY
     - drm/i915/tc: Fix up the legacy VBT flag only in disconnected mode
     - drm/i915/tc: Check TC mode instead of the VBT legacy flag
     - drm/i915/tc: Block/unblock TC-cold in the PHY connect/disconnect hooks
     - drm/i915/tc: Remove redundant wakeref=0 check from unblock_tc_cold()
     - drm/i915/tc: Drop tc_cold_block()/unblock()'s power domain parameter
     - drm/i915/tc: Add TC PHY hook to get the TC-cold blocking power domain
     - drm/i915/tc: Add asserts in TC PHY hooks that the required power is on
     - drm/i915/tc: Add TC PHY hook to init the PHY
     - drm/i915/adlp/tc: Use the DE HPD ISR register for hotplug detection
     - drm/i915/tc: Get power ref for reading the HPD live status register
     - drm/i915/tc: Don't connect the PHY in intel_tc_port_connected()
     - drm/i915/adlp/tc: Align the connect/disconnect PHY sequence with bspec
     - drm/i915: Move shared DPLL disabling into CRTC disable hook
     - drm/i915: Disable DPLLs before disconnecting the TC PHY
     - drm/i915: Remove TC PHY disconnect workaround
     - drm/i915: Remove the encoder update_prepare()/complete() hooks
     - drm/i915/dp_mst: Fix active port PLL selection for secondary MST streams
     - drm/i915: Fix PIPEDMC disabling for a bigjoiner configuration
     - drm/i915: Add helpers to reference/unreference a DPLL for a CRTC
     - drm/i915: Make the CRTC state consistent during sanitize-disabling
     - drm/i915: Update connector atomic state before crtc sanitize-disabling
     - drm/i9

Source diff to previous version
1786013 Packaging resync
2022361 Please enable Renesas RZ platform serial installer
2021572 dGPU cannot resume because system firmware stuck in IPCS method
2033654 amdgpu: Fixes for S0i3 resume on Phoenix
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2033122 Request backport of xen timekeeping performance improvements
2033452 Enable D3cold at s2idle for Intel DG2 GPU
2026322 Fix non-working MT7921e when pre-boot WiFi is enabled
2028122 Fix unreliable ethernet cable detection on I219 NIC
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2029808 Lunar update: upstream stable patchset 2023-08-03
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr

Version: 6.2.0-32.32~22.04.1 2023-08-18 12:08:39 UTC

 linux-hwe-6.2 (6.2.0-32.32~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.2: 6.2.0-32.32~22.04.1 -proposed tracker (LP: #2030380)
 .
   [ Ubuntu: 6.2.0-32.32 ]
 .
   * lunar/linux: 6.2.0-32.32 -proposed tracker (LP: #2031134)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
 .
   [ Ubuntu: 6.2.0-30.30 ]
 .
   * lunar/linux: 6.2.0-30.30 -proposed tracker (LP: #2030381)
   * CVE-2022-40982
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
     - ASoC: cs35l41: Refactor error release code
     - ALSA: cs35l41: Add shared boost feature
     - ASoC: dt-bindings: cirrus, cs35l41: Document CS35l41 shared boost
     - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
     - ALSA: hda: cs35l41: Enable Amp High Pass Filter
     - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
     - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
     - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
       load
     - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
       suspending.
     - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
     - ALSA: hda: cs35l41: Move Play and Pause into separate functions
     - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
     - ALSA: hda: cs35l41: Use pre and post playback hooks
     - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
     - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
     - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
   * Reboot command powers off the system (LP: #2029332)
     - x86/smp: Make stop_other_cpus() more robust
     - x86/smp: Dont access non-existing CPUID leaf
   * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
     (LP: #2015400)
     - loop: deprecate autoloading callback loop_probe()
     - loop: do not enforce max_loop hard limit by (new) default
   * Fix UBSAN in Intel EDAC driver (LP: #2028746)
     - EDAC/skx_common: Enable EDAC support for the "near" memory
     - EDAC/skx_common: Delete duplicated and unreachable code
     - EDAC/i10nm: Add Intel Emerald Rapids server support
     - EDAC/i10nm: Make more configurations CPU model specific
     - EDAC/i10nm: Add Intel Granite Rapids server support
     - EDAC/i10nm: Skip the absent memory controllers
   * Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
     - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
     - video/aperture: use generic code to figure out the vga default device
     - drm/aperture: Remove primary argument
     - video/aperture: Only kick vgacon when the pdev is decoding vga
     - video/aperture: Move vga handling to pci function
     - video/aperture: Drop primary argument
     - video/aperture: Only remove sysfb on the default vga pci device
     - fbdev: Simplify fb_is_primary_device for x86
     - video/aperture: Provide a VGA helper for gma500 and internal use
   * Fix AMD gpu hang when screen off/on (LP: #2028740)
     - drm/amd/display: Keep PHY active for dp config
   * Various backlight issues with the 6.0/6.1 kernel (LP: #2023638)
     - ACPI: video: Stop trying to use vendor backlight control on laptops from
       after ~2012
   * FM350(mtk_t7xx) failed to suspend, or early wake while suspending
     (LP: #2020743)
     - net: wwan: t7xx: Ensure init is completed before system sleep
   * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
     - r8152: add USB device driver for config selection
   * CVE-2023-20593
     - x86/cpu/amd: Move the errata checking functionality up
     - x86/cpu/amd: Add a Zenbleed fix
   * CVE-2023-4004
     - netfilter: nft_set_pipapo: fix improper element removal
   * CVE-2023-3611
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
 

Source diff to previous version
2031093 libgnutls report \
2029199 NULL pointer dereference on CS35L41 HDA AMP
2029332 Reboot command powers off the system
2028746 Fix UBSAN in Intel EDAC driver
2028749 Make TTY switching possible for NVIDIA when it's boot VGA
2028740 Fix AMD gpu hang when screen off/on
2023197 Fix speaker volume too low on HP G10 laptops
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026776 arm64+ast2600: No Output from BMC's VGA port
2024273 Fix eDP only displays 3/4 area after switching to mirror mode with external HDMI 4K monitor
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028979 Lunar update: upstream stable patchset 2023-07-28
2022354 sysfs msi_irqs directory empty with kernel-5.19 when being a xen guest
2028808 Lunar update: upstream stable patchset 2023-07-26
2028580 Lunar update: v6.2.16 upstream stable release
1786013 Packaging resync
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI

Version: 6.2.0-26.26~22.04.1 2023-07-26 16:09:21 UTC

 linux-hwe-6.2 (6.2.0-26.26~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.2: 6.2.0-26.26~22.04.1 -proposed tracker (LP: #2026752)
 .
   [ Ubuntu: 6.2.0-26.26 ]
 .
   * lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
   * CVE-2023-2640 // CVE-2023-32629
     - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
       ovl_do_(set|remove)xattr"
     - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
       trusted.overlayfs.* xattrs"
     - SAUCE: overlayfs: default to userxattr when mounted from non initial user
       namespace
   * CVE-2023-35001
     - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
   * CVE-2023-31248
     - netfilter: nf_tables: do not ignore genmask when looking up chain by id
   * CVE-2023-3389
     - io_uring/poll: serialize poll linked timer start with poll removal
   * CVE-2023-3390
     - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
   * CVE-2023-3090
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb
   * CVE-2023-3269
     - mm: introduce new 'lock_mm_and_find_vma()' page fault helper
     - mm: make the page fault mmap locking killable
     - arm64/mm: Convert to using lock_mm_and_find_vma()
     - powerpc/mm: Convert to using lock_mm_and_find_vma()
     - mips/mm: Convert to using lock_mm_and_find_vma()
     - riscv/mm: Convert to using lock_mm_and_find_vma()
     - arm/mm: Convert to using lock_mm_and_find_vma()
     - mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
     - powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
     - mm: make find_extend_vma() fail if write lock not held
     - execve: expand new process stack manually ahead of time
     - mm: always expand the stack with the mmap write lock held
     - [CONFIG]: Set CONFIG_LOCK_MM_AND_FIND_VMA

CVE-2023-2640 On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overl ...
CVE-2023-32629 Local privilege escalation vulnerability in Ubuntu Kernels overlayfs o ...
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3269 A vulnerability exists in the memory management subsystem of the Linux ...



About   -   Send Feedback to @ubuntu_updates