UbuntuUpdates.org

Package "linux-mtk"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-mtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1036.42
Release: jammy (22.04)
Level: base
Repository: main

Links



Other versions of "linux-mtk" in Jammy

Repository Area Version
security universe 5.15.0-1034.40
updates universe 5.15.0-1034.40
proposed universe 5.15.0-1035.41

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1036.42 2024-12-26 11:08:28 UTC

 linux-mtk (5.15.0-1036.42) jammy; urgency=medium
 .
   * jammy/linux-mtk: 5.15.0-1036.42 -proposed tracker (LP: #2088406)
 .
   * mtk-fsource: ubuntu kernel integration (LP: #2092506)
     - SAUCE: (no-up) ubuntu: mtk-fsource-driver: add mediatek fsource driver
 .
   * [g1200-evk] Call trace appeared when reload mtk_mdp3 module (LP: #2090981)
     - SAUCE: (no-up) GENIO: media: mediatek: mdp3: fix unload module flow
 .
   * [g510] mt8188-mdla-devfreq probe failed message found in dmesg
     (LP: #2090978)
     - SAUCE: (no-up) power: Ignore duplicate OPP entry to fix probe fail
 .
   * Fail to detect card after unplugging DPoC cable and reboot (LP: #2090979)
     - SAUCE: (no-up) GENIO: drm/mediatek: dp: Remove DP enabled check
 .
   * Miscellaneous Ubuntu changes
     - SAUCE: (no-up) drm/mediatek: fix build error for DRM_MODE_ROTATE_0
       declaration
 .
   [ Ubuntu: 5.15.0-130.140 ]
 .
   * jammy/linux: 5.15.0-130.140 -proposed tracker (LP: #2092132)
   * ovs/linuxbridge jobs running on ubuntu jammy broken with latest kernel
     5.15.0-127.137 (LP: #2091990)
     - netfilter: xtables: fix typo causing some targets not to load on IPv6
 .
   [ Ubuntu: 5.15.0-128.138 ]
 .
   * jammy/linux: 5.15.0-128.138 -proposed tracker (LP: #2090163)
   * CVE-2024-50264
     - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
   * CVE-2024-53057
     - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
   * CVE-2024-43904
     - drm/amd/display: Add null checks for 'stream' and 'plane' before
       dereferencing
   * CVE-2024-40973
     - media: mtk-vcodec: potential null pointer deference in SCP
   * CVE-2024-38553
     - net: fec: remove .ndo_poll_controller to avoid deadlocks
   * CVE-2024-26822
     - smb: client: set correct id, uid and cruid for multiuser automounts
   * CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
     - [Config] Disable BlueZ highspeed support
   * CVE-2024-40910
     - ax25: Fix refcount imbalance on inbound connections
   * CVE-2024-35963
     - Bluetooth: hci_sock: Fix not validating setsockopt user input
   * CVE-2024-35965
     - Bluetooth: L2CAP: Fix not validating setsockopt user input
   * CVE-2024-35966
     - Bluetooth: RFCOMM: Fix not validating setsockopt user input
   * CVE-2024-35967
     - Bluetooth: SCO: Fix not validating setsockopt user input
 .
   [ Ubuntu: 5.15.0-127.137 ]
 .
   * jammy/linux: 5.15.0-127.137 -proposed tracker (LP: #2086357)
   * Jammy update: v5.15.168 upstream stable release (LP: #2086242)
     - parisc: Fix 64-bit userspace syscall path
     - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
     - of/irq: Support #msi-cells=<0> in of_msi_get_domain
     - drm: omapdrm: Add missing check for alloc_ordered_workqueue
     - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
     - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
     - mm: krealloc: consider spare memory for __GFP_ZERO
     - ocfs2: fix the la space leak when unmounting an ocfs2 volume
     - ocfs2: fix uninit-value in ocfs2_get_block()
     - ocfs2: reserve space for inline xattr before attaching reflink tree
     - ocfs2: cancel dqi_sync_work before freeing oinfo
     - ocfs2: remove unreasonable unlock in ocfs2_read_blocks
     - ocfs2: fix null-ptr-deref when journal load failed.
     - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
     - usbnet: ipheth: fix carrier detection in modes 1 and 4
     - net: ethernet: use ip_hdrlen() instead of bit shift
     - net: phy: vitesse: repair vsc73xx autonegotiation
     - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
     - btrfs: update target inode's ctime on unlink
     - Input: ads7846 - ratelimit the spi_sync error message
     - Input: synaptics - enable SMBus for HP Elitebook 840 G2
     - HID: multitouch: Add support for GT7868Q
     - scripts: kconfig: merge_config: config files: add a trailing newline
     - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
     - drm/msm/adreno: Fix error return if missing firmware-name
     - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
     - NFSv4: Fix clearing of layout segments in layoutreturn
     - NFS: Avoid unnecessary rescanning of the per-server delegation list
     - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
     - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
     - mptcp: pm: Fix uaf in __timer_delete_sync
     - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
       Puma
     - minmax: reduce min/max macro expansion in atomisp driver
     - net: tighten bad gso csum offset check in virtio_net_hdr
     - mm: avoid leaving partial pfn mappings around in error case
     - fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
     - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
     - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
     - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
     - hwmon: (pmbus) Introduce and use write_byte_data callback
     - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
       1.2
     - ice: fix accounting for filters shared by multiple VSIs
     - igb: Always call igb_xdp_ring_update_tail() under Tx lock
     - net/mlx5e: Add missing link modes to ptys2ethtool_map
     - net/mlx5: Explicitly set scheduling element and TSAR type
     - net/mlx5: Add support to create match definer
     - net/mlx5: Add IFC bits and enums for flow meter
     - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
     - fou: fix initialization of grc
     - octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush
     - octeontx2-af: Modify SMQ flush sequence to drop packets
     - net: ftgmac100: Enable TX interrupt to avoid TX timeout
     - netfilter: nft_socket: fix sk r

Source diff to previous version
2092506 mtk-fsource: ubuntu kernel integration
2090981 [g1200-evk] Call trace appeared when reload mtk_mdp3 module
2090978 [g510] mt8188-mdla-devfreq probe failed message found in dmesg
2090979 Fail to detect card after unplugging DPoC cable and reboot
2091990 ovs/linuxbridge jobs running on ubuntu jammy broken with latest kernel 5.15.0-127.137
2086242 Jammy update: v5.15.168 upstream stable release
2080378 IOMMU warnings on AMD systems after booting into kdump kernel
2064176 LXD fan bridge causes blocked tasks
2085082 Cannot detect audio sinks and sources in proposed kernel
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-43904 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
CVE-2024-40973 In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of
CVE-2024-38553 In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock is
CVE-2024-26822 In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, g
CVE-2020-12351 Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-12352 Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-24490 Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all
CVE-2024-40910 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in
CVE-2024-35963 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input
CVE-2024-35965 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input len
CVE-2024-35966 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfc
CVE-2024-35967 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_so
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2024-42158 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_exp
CVE-2024-38667 In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52532 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably
CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These thre
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1035.41 2024-10-21 06:08:30 UTC

 linux-mtk (5.15.0-1035.41) jammy; urgency=medium
 .
   * jammy/linux-mtk: 5.15.0-1035.41 -proposed tracker (LP: #2081792)
 .
   * [g510] ddc failed message when the monitor does not support SCDC
     (LP: #2084626)
     - SAUCE: (no-up) GENIO: drm: mediatek: hdmi: fix ddc failed message when the
       monitor does not support SCDC
 .
   * [g700] support p1v4 hardware (LP: #2081699)
     - SAUCE: (no-up) GENIO: arm64: dts: mediatek: genio-700-evk: modify gpio 111
       to be regulator-gpio
     - SAUCE: (no-up) GENIO: panel: startek-kd070fhfid015: change enable gpio to be
       optional
     - SAUCE: (no-up) arm: dts: mt8188: add disp_pwm1 node
     - SAUCE: (no-up) dtbo: genio-700-evk: add display-dsi-p1v4.dts for G700 EVK
       p1v4
     - SAUCE: (no-up) arm64: dts: mediatek: genio-700-evk: add p1v4 device tree
       overlay
 .
   * [g1200] Call trace appeared when reload mtk_rng module (LP: #2081696)
     - hwrng: mtk - Use devm_pm_runtime_enable
 .
   * [g1200] possible kernel memory leak through CONFIG_DEBUG_KMEMLEAK
     (LP: #2081686)
     - drm/mediatek: Correctly free sg_table in gem prime vmap
 .
   [ Ubuntu: 5.15.0-124.134 ]
 .
   * jammy/linux: 5.15.0-124.134 -proposed tracker (LP: #2082176)
   * CVE-2024-45016
     - netem: fix return value if duplicate enqueue fails
   * CVE-2024-38630
     - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
   * CVE-2024-27397
     - netfilter: nf_tables: use timestamp to check for set element timeout
 .
   [ Ubuntu: 5.15.0-122.132 ]
 .
   * jammy/linux: 5.15.0-122.132 -proposed tracker (LP: #2078154)
   * isolcpus are ignored when using cgroups V2, causing processes to have wrong
     affinity (LP: #2076957)
     - cgroup/cpuset: Optimize cpuset_attach() on v2
   * Jammy update: v5.15.164 upstream stable release (LP: #2076100) //
     CVE-2024-41009
     - bpf: Fix overrunning reservations in ringbuf
   * CVE-2024-39494
     - ima: Fix use-after-free on a dentry's dname.name
   * CVE-2024-39496
     - btrfs: zoned: fix use-after-free due to race with dev replace
   * CVE-2024-42160
     - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
     - f2fs: Add inline to f2fs_build_fault_attr() stub
   * CVE-2024-38570
     - gfs2: Rename sd_{ glock => kill }_wait
     - gfs2: Fix potential glock use-after-free on unmount
   * CVE-2024-42228
     - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
   * CVE-2024-27012
     - netfilter: nf_tables: restore set elements when delete set fails
   * CVE-2024-26677
     - rxrpc: Fix delayed ACKs to not set the reference serial number
 .
   [ Ubuntu: 5.15.0-121.131 ]
 .
   * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
   * jammy:linux bpf selftest do not build (LP: #2076334)
     - SAUCE: Revert "bpf: Allow reads from uninit stack"
 .
   [ Ubuntu: 5.15.0-120.130 ]
 .
   * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.08.05)
   * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
     - Compiler Attributes: Add __uninitialized macro
     - locking/mutex: Introduce devm_mutex_init()
     - drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - wifi: mt76: replace skb_put with skb_put_zero
     - net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - igc: fix a log entry using uninitialized netdev
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - s390/pkey: Wipe sensitive data on failure
     - tools/power turbostat: Remember global max_die_id
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - KVM: s390: fix LPSWEY handling
     - e1000e: Fix S0ix residency on corporate systems
     - net: allow skb_datagram_iter to be called from any context
     - wifi: wilc1000: fix ies_len type in connect path
     - riscv: kexec: Avoid deadlock in kexec crash path
     - netfilter: nf_tables: unconditionally flush pending work before notifier
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
     - selftests: fix OOM in msg_zerocopy selftest
     - selftests: make order checking verbose in msg_zerocopy selftest
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - gpiolib: of: factor out code overriding gpio line polarity
     - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
     - gpiolib: of: add polarity quirk for TSC2005
     - Revert "igc: fix a log entry using uninit

Source diff to previous version
2084626 [g510] ddc failed message when the monitor does not support SCDC
2081699 [g700] support p1v4 hardware
2081696 [g1200] Call trace appeared when reload mtk_rng module
2081686 [g1200] possible kernel memory leak through CONFIG_DEBUG_KMEMLEAK
2076957 isolcpus are ignored when using cgroups V2, causing processes to have wrong affinity
2076100 Jammy update: v5.15.164 upstream stable release
2076334 jammy:linux bpf selftest do not build
1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-39496 In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to race with dev replace While loading a z
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori

Version: 5.15.0-1034.40 2024-10-02 10:08:41 UTC

 linux-mtk (5.15.0-1034.40) jammy; urgency=medium
 .
   * jammy/linux-mtk: 5.15.0-1034.40 -proposed tracker (LP: #2082876)
 .
   * [g1200] regulators not enabled after sru d2024.08.12 (LP: #2082868)
     - SAUCE: (no-up) regulator: mt6360: fix compatibility issue for downstream
       device tree
     - SAUCE: (no-up) power: supply: mt6360_charger: fix compatibility issue for
       downstream device tree
 .
   * [uc22][g700] systemd-backlight@backlight:1c008000.dsi0.0.service loaded
     failed during cold boot stress test (LP: #2078763)
     - [Config] CONFIG_DRM_MEDIATEK_HDMI=y and CONFIG_PHY_MTK_HDMI=y
 .
   * [g510][g700] add fsource device tree node (LP: #2078762)
     - SAUCE: (no-up) GENIO: arm64: dts: mediatek: genio-700-evk/genio-510-evk: add
       fsource device tree node
 .
   [ Ubuntu: 5.15.0-119.129 ]
 .
   * jammy/linux: 5.15.0-119.129 -proposed tracker (LP: #2075665)
   * Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
     (LP: #2073267)
     - SAUCE: Revert "randomize_kstack: Improve entropy diffusion"
   * CVE-2024-26921
     - inet: inet_defrag: prevent sk release while still in use
   * Jammy update: v5.15.162 upstream stable release (LP: #2073765) //
     CVE-2024-39484
     - mmc: davinci: Don't strip remove function when driver is builtin
   * Jammy update: v5.15.162 upstream stable release (LP: #2073765)
     - mmc: davinci_mmc: Convert to platform remove callback returning void
   * CVE-2024-39292
     - um: Add winch to winch_handlers before registering winch IRQ
   * CVE-2024-36901
     - ipv6: prevent NULL dereference in ip6_output()
   * CVE-2024-26830
     - i40e: Do not allow untrusted VF to remove administratively set MAC
   * CVE-2024-26680
     - net: atlantic: Fix DMA mapping for PTP hwts ring
   * CVE-2023-52760
     - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
   * CVE-2023-52629
     - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
 .
   [ Ubuntu: 5.15.0-118.128 ]
 .
   * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
   * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
     - drm/amd/display: Fix division by zero in setup_dsc_config
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - nfsd: don't allow nfsd threads to be signalled.
     - KEYS: trusted: Fix memory leak in tpm2_key_encode()
     - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
     - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - net: bcmgenet: synchronize UMAC_CMD access
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - netlink: annotate data-races around sk->sk_err
     - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper()
     - binder: fix max_thread type inconsistency
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
     - KEYS: trusted: Do not use WARN when encode fails
     - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
     - docs: kernel_include.py: Cope with docutils 0.21
     - Linux 5.15.160
   * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
     - dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
     - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
     - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition
     - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
     - pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
     - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
     - pinctrl: mediatek: paris: Rework support for
       PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - power: rt9455: hide unused rt9455_boost_voltage_values
     - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - regulator: mt6360: De-capitalize devicetree regulator subnodes
     - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
     - bpf: Fix a verifier verbose message
     - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
     - s390/mm: Fix storage key clearing for guest huge pages
     - s390/mm: Fix clearing storage keys for huge pages
     - xdp: Move conversion to xdp_frame out of map functions
     - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
     - xdp: use flags field to disambiguate broadcast redirect
     - bna: ensure the copied buf is NUL terminated
     - octeontx2-af: avoid off-by-one read from userspace
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - s390/vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr

Source diff to previous version
2082868 [g1200] regulators not enabled after sru d2024.08.12\t
2078763 [uc22][g700] systemd-backlight@backlight:1c008000.dsi0.0.service loaded failed during cold boot stress test
2078762 [g510][g700] add fsource device tree node
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
2073765 Jammy update: v5.15.162 upstream stable release
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
2069081 idxd: NULL pointer dereference reading wq op_config attribute
2068738 AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to black screen
1786013 Packaging resync
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-1034.39 2024-09-04 17:19:58 UTC

 linux-mtk (5.15.0-1034.39) jammy; urgency=medium
 .
   * jammy/linux-mtk: 5.15.0-1034.39 -proposed tracker (LP: #2078880)
 .
   * [uc22][g700] systemd-backlight@backlight:1c008000.dsi0.0.service loaded
     failed during cold boot stress test (LP: #2078763)
     - [Config] CONFIG_DRM_MEDIATEK_HDMI=y and CONFIG_PHY_MTK_HDMI=y
 .
   * [g510][g700] add fsource device tree node (LP: #2078762)
     - SAUCE: (no-up) GENIO: arm64: dts: mediatek: genio-700-evk/genio-510-evk: add
       fsource device tree node
 .
   [ Ubuntu: 5.15.0-119.129 ]
 .
   * jammy/linux: 5.15.0-119.129 -proposed tracker (LP: #2075665)
   * Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
     (LP: #2073267)
     - SAUCE: Revert "randomize_kstack: Improve entropy diffusion"
   * CVE-2024-26921
     - inet: inet_defrag: prevent sk release while still in use
   * Jammy update: v5.15.162 upstream stable release (LP: #2073765) //
     CVE-2024-39484
     - mmc: davinci: Don't strip remove function when driver is builtin
   * Jammy update: v5.15.162 upstream stable release (LP: #2073765)
     - mmc: davinci_mmc: Convert to platform remove callback returning void
   * CVE-2024-39292
     - um: Add winch to winch_handlers before registering winch IRQ
   * CVE-2024-36901
     - ipv6: prevent NULL dereference in ip6_output()
   * CVE-2024-26830
     - i40e: Do not allow untrusted VF to remove administratively set MAC
   * CVE-2024-26680
     - net: atlantic: Fix DMA mapping for PTP hwts ring
   * CVE-2023-52760
     - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
   * CVE-2023-52629
     - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
 .
   [ Ubuntu: 5.15.0-118.128 ]
 .
   * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
   * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
     - drm/amd/display: Fix division by zero in setup_dsc_config
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - nfsd: don't allow nfsd threads to be signalled.
     - KEYS: trusted: Fix memory leak in tpm2_key_encode()
     - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
     - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - net: bcmgenet: synchronize UMAC_CMD access
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - netlink: annotate data-races around sk->sk_err
     - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper()
     - binder: fix max_thread type inconsistency
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
     - KEYS: trusted: Do not use WARN when encode fails
     - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
     - docs: kernel_include.py: Cope with docutils 0.21
     - Linux 5.15.160
   * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
     - dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
     - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
     - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition
     - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
     - pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
     - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
     - pinctrl: mediatek: paris: Rework support for
       PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - power: rt9455: hide unused rt9455_boost_voltage_values
     - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - regulator: mt6360: De-capitalize devicetree regulator subnodes
     - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
     - bpf: Fix a verifier verbose message
     - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
     - s390/mm: Fix storage key clearing for guest huge pages
     - s390/mm: Fix clearing storage keys for huge pages
     - xdp: Move conversion to xdp_frame out of map functions
     - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
     - xdp: use flags field to disambiguate broadcast redirect
     - bna: ensure the copied buf is NUL terminated
     - octeontx2-af: avoid off-by-one read from userspace
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - s390/vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - ASoC: meson: axg-fifo: use FIELD helpers
     - ASoC: meson: axg-fifo: use threaded irq to check periods
     - ASoC: meson: axg-card: make lin

Source diff to previous version
2078763 [uc22][g700] systemd-backlight@backlight:1c008000.dsi0.0.service loaded failed during cold boot stress test
2078762 [g510][g700] add fsource device tree node
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
2073765 Jammy update: v5.15.162 upstream stable release
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
2069081 idxd: NULL pointer dereference reading wq op_config attribute
2068738 AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to black screen
1786013 Packaging resync
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-1033.38 2024-07-15 10:11:44 UTC

 linux-mtk (5.15.0-1033.38) jammy; urgency=medium
 .
   * jammy/linux-mtk: 5.15.0-1033.38 -proposed tracker (LP: #2072455)
 .
   * [g350] No video output on HDMI (LP: #2072531)
     - SAUCE: (no-up) drm/mediatek: dpi: fix hdmi output for g350(mt8365)
 .
   * [UC22][g350] systemd-backlight@backlight:14014000.dsi0.0.service: Failed to
     write system 'brightness' attribute: Invalid argument during warm-boot /
     cold-boot stress test (LP: #2069787)
     - [Config] CONFIG_DRM_PANEL_STARTEK_KD070FHFID015=m
 .
   * [SRU] UBSAN: shift-out-of-bounds in mt6359-regulator.c:281 (LP: #2059227)
     - SAUCE: (no-up) regulator: mt6359: fix regulator mode setting
 .
   [ Ubuntu: 5.15.0-113.123 ]
 .
   * jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
   * CVE-2024-26924
     - netfilter: nft_set_pipapo: do not free live element
   * CVE-2024-26643
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout

CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout



About   -   Send Feedback to @ubuntu_updates