UbuntuUpdates.org

Package "linux-xilinx-zynqmp"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-xilinx-zynqmp

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1028.32
Release: jammy (22.04)
Level: base
Repository: main

Links



Other versions of "linux-xilinx-zynqmp" in Jammy

Repository Area Version
security universe 5.15.0-1027.31
updates universe 5.15.0-1027.31
proposed universe 5.15.0-1024.28

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1028.32 2024-04-12 15:08:42 UTC

 linux-xilinx-zynqmp (5.15.0-1028.32) jammy; urgency=medium
 .
   * jammy/linux-xilinx-zynqmp: 5.15.0-1028.32 -proposed tracker (LP: #2059494)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop getabis data
     - [Packaging] drop ABI data
     - [Packaging] debian.zynqmp/dkms-versions -- update from kernel-versions
       (main/2024.04.01)
 .
   * Jammy update: v5.15.148 upstream stable release (LP: #2055145)
     - [Config] update annotations for CONFIG_MMC_SDHCI_AM654
 .
   * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
     - [Config] updateconfigs for MFD_TI_AM335X_TSCADC
 .
   * Backport AXI 1-wire host driver (LP: #2058707)
     - dt-bindings: w1: Add AMD AXI w1 host and MAINTAINERS entry
     - w1: Add AXI 1-wire host driver for AMD programmable logic IP core
     - w1: amd_axi_w1: Explicitly include correct DT includes
     - [Config] Enable CONFIG_W1_MASTER_AMD_AXI
 .
   * Unsupported platform 'ZynqMP KV260 revB (LP: #2058321)
     - [Packaging] Add breaks on flash-kernel older than 3.104ubuntu20
 .
   * Update on-chip oscillator clock nodes for Kria (LP: #2055241)
     - arm64: zynqmp: Sync clock labels with kr260 revB
     - arm64: zynqmp: Describe 25MHz fixed clock for PL GEMs
     - arm64: zynqmp: Fix kr260 clock wiring
 .
   [ Ubuntu: 5.15.0-104.114 ]
 .
   * jammy/linux: 5.15.0-104.114 -proposed tracker (LP: #2059497)
   * Drop fips-checks script from trees (LP: #2055083)
     - [Packaging] Remove fips-checks script
   * alsa/realtek: adjust max output valume for headphone on 2 LG machines
     (LP: #2058573)
     - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
   * A general-proteciton exception during guest migration to unsupported PKRU
     machine (LP: #2032164)
     - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
     - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
   * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
     counter (LP: #2058485)
     - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
     - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
     - ipc: Store mqueue sysctls in the ipc namespace
     - ipc: Store ipc sysctls in the ipc namespace
     - ipc: Use the same namespace to modify and validate
     - ipc: Remove extra1 field abuse to pass ipc namespace
     - ipc: Check permissions for checkpoint_restart sysctls at open time
     - percpu: add percpu_counter_add_local and percpu_counter_sub_local
     - ipc/msg: mitigate the lock contention with percpu counter
   * Remove getabis scripts (LP: #2059143)
     - [Packaging] Remove getabis
   * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
     - ksmbd: free ppace array on error in parse_dacl
     - ksmbd: don't allow O_TRUNC open on read-only share
     - ksmbd: validate mech token in session setup
     - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
     - ksmbd: only v2 leases handle the directory
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - scsi: ufs: core: Simplify power management during async scan
     - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - btrfs: sysfs: validate scrub_speed_max value
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - crypto: s390/aes - Fix buffer overread in CTR mode
     - media: imx355: Enable runtime PM before registering async sub-device
     - rpmsg: virtio: Free driver_override when rpmsg_remove()
     - media: ov9734: Enable runtime PM before registering async sub-device
     - mips: Fix max_mapnr being uninitialized on early stages
     - bus: mhi: host: Drop chan lock before queuing buffers
     - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
     - parisc/firmware: Fix F-extend for PDC addresses
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
     - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - ksmbd: set v2 lease version on lease upgrade
     - ksmbd: fix potential circular locking issue in smb2_set_ea()
     - ksmbd: don't increment epoch if current state and request state are same
     - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
     - ksmbd: Add missing set_freezable() for freezable kthread
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
     - tracing: Ensure visibility when inserting an element into tracin

Source diff to previous version
1786013 Packaging resync
2055145 Jammy update: v5.15.148 upstream stable release
2059014 Jammy update: v5.15.149 upstream stable release
2058707 Backport AXI 1-wire host driver
2058321 Unsupported platform 'ZynqMP KV260 revB
2055241 Update on-chip oscillator clock nodes for Kria
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059143 Remove getabis scripts
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
2055686 Drop ABI checks from kernel build
2056143 block/loop: No longer allows to create partitions
2055685 Cranky update-dkms-versions rollout
2054809 linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-modules-extra to linux-modules
2054094 linux-tools-common: man page of usbip[d] is misplaced
2054699 x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
2045561 linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from linux-modules-extra to linux-modules
2054567 Fix bpf selftests build failure after v5.15.139 update
2053251 performance: Scheduler: ratelimit updating of load_avg
2054411 Jammy update: v5.15.147 upstream stable release
2053152 performance: mm/percpu-internal.h: Re-layout pcpu_chunk to mitigate false sharing
2053069 performance: address_space: add padding for i_map and i_mmap_rwsem to mitigate a false sharing
2052817 cpufreq: intel_pstate: Enable HWP IO boost for all servers
2052827 performance: mm/memcontrol.c: remove the redundant updating of stats_flush_threshold
2053212 Jammy update: v5.15.146 upstream stable release
1971699 disable Intel DMA remapping by default
2052005 Validate connection interval to pass Bluetooth Test Suite
2052406 Jammy update: v5.15.145 upstream stable release
2052404 Jammy update: v5.15.144 upstream stable release
2049689 partproke is broken on empty loopback device
2050858 Jammy update: v5.15.143 upstream stable release
2036239 Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
2048404 Don't WARN_ON_ONCE() for a broken discovery table
2047634 Reject connection when malformed L2CAP signal packet is received
2050849 Jammy update: v5.15.142 upstream stable release
2050044 Jammy update: v5.15.141 upstream stable release
2050038 Jammy update: v5.15.140 upstream stable release
2049432 Jammy update: v5.15.139 upstream stable release
2049417 Jammy update: v5.15.138 upstream stable release
2049350 Jammy update: v5.15.137 upstream stable release
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-32247 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_S
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_
CVE-2023-0340 The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contribu
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race conditio
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-46862 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2023-22995 In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and
CVE-2023-4134 Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()

Version: 5.15.0-1027.31 2024-02-21 08:08:50 UTC

 linux-xilinx-zynqmp (5.15.0-1027.31) jammy; urgency=medium
 .
   * jammy/linux-xilinx-zynqmp: 5.15.0-1027.31 -proposed tracker (LP: #2054500)
 .
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/d2024.02.07)
 .
   * Fix backported kria device tree changes (LP: #2054366)
     - SAUCE: zynqmp.dtsi fix incorrectly backported changes
 .
   [ Ubuntu: 5.15.0-94.104 ]
 .
   * jammy/linux: 5.15.0-94.104 -proposed tracker (LP: #2048777)
   * [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
     (LP: #2028158)
     - device-dax: Fix duplicate 'hmem' device registration
   * Add ODM driver f81604 usb-can (LP: #2045387)
     - can: usb: f81604: add Fintek F81604 support
     - [Config] updateconfigs for ODM drivers CONFIG_CAN_F81604
   * Add ODM driver gpio-m058ssan (LP: #2045386)
     - SAUCE: ODM: gpio: add M058SSAN gpio driver
     - [Config] updateconfigs for ODM drivers CONFIG_GPIO_M058SSAN
   * Add ODM driver rtc-pcf85263 (LP: #2045385)
     - SAUCE: ODM: rtc: add PCF85263 RTC driver
     - [Config] updateconfigs for ODM drivers CONFIG_RTC_DRV_PCF85263
   * AppArmor patch for mq-posix interface is missing in jammy (LP: #2045384)
     - SAUCE: (no-up) apparmor: reserve mediation classes
     - SAUCE: (no-up) apparmor: Add fine grained mediation of posix mqueues
   * Packaging resync (LP: #1786013)
     - [Packaging] update annotations scripts
 .
   [ Ubuntu: 5.15.0-93.103 ]
 .
   * jammy/linux: 5.15.0-93.103 -proposed tracker (LP: #2048330)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] remove helper scripts
     - [Packaging] update annotations scripts
     - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)
   * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
   * CVE-2023-6622
     - netfilter: nf_tables: bail out on mismatching dynset and set expressions
   * CVE-2024-0193
     - netfilter: nf_tables: skip set commit for deleted/destroyed sets
   * CVE-2023-6040
     - netfilter: nf_tables: Reject tables of unsupported family
   * Patches needed for AmpereOne (arm64) (LP: #2044192)
     - clocksource/arm_arch_timer: Add build-time guards for unhandled register
       accesses
     - clocksource/drivers/arm_arch_timer: Drop CNT*_TVAL read accessors
     - clocksource/drivers/arm_arch_timer: Extend write side of timer register
       accessors to u64
     - clocksource/drivers/arm_arch_timer: Move system register timer programming
       over to CVAL
     - clocksource/drivers/arm_arch_timer: Move drop _tval from erratum function
       names
     - clocksource/drivers/arm_arch_timer: Fix MMIO base address vs callback
       ordering issue
     - clocksource/drivers/arm_arch_timer: Move MMIO timer programming over to CVAL
     - clocksource/drivers/arm_arch_timer: Advertise 56bit timer to the core code
     - clocksource/drivers/arm_arch_timer: Work around broken CVAL implementations
     - clocksource/drivers/arm_arch_timer: Remove any trace of the TVAL programming
       interface
     - clocksource/drivers/arm_arch_timer: Drop unnecessary ISB on CVAL programming
     - clocksource/drivers/arm_arch_timer: Fix masking for high freq counters
     - clocksource/drivers/arch_arm_timer: Move workaround synchronisation around
   * Add quirk to disable i915 fastboot on B&R PC (LP: #2047630)
     - SAUCE: i915: force disable fastboot quirk
   * Some machines can't pass the pm-graph test (LP: #2046217)
     - wifi: iwlwifi: pcie: rescan bus if no parent
   * Sound: Add rtl quirk of M90-Gen5 (LP: #2046105)
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
   * linux tools packages for derived kernels refuse to install simultaneously
     due to libcpupower name collision (LP: #2035971)
     - [Packaging] Statically link libcpupower into cpupower tool
   * [Debian] autoreconstruct - Do not generate chmod -x for deleted files
     (LP: #2045562)
     - [Debian] autoreconstruct - Do not generate chmod -x for deleted files
   * CVE-2023-6931
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size()
     - perf: Fix perf_event_validate_size() lockdep splat
   * CVE-2023-6932
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
   * CVE-2023-6606
     - smb: client: fix OOB in smbCalcSize()
   * CVE-2023-6817
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
   * Jammy update: v5.15.136 upstream stable release (LP: #2046008)
     - iommu/vt-d: Avoid memory allocation in iommu_suspend()
     - scsi: core: Use a structure member to track the SCSI command submitter
     - scsi: core: Rename scsi_mq_done() into scsi_done() and export it
     - scsi: ib_srp: Call scsi_done() directly
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - of: overlay: Reorder struct fragment fields kerneldoc
     - platform/x86: think-lmi: Fix reference leak
     - platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section
       mismatch warning
     - lib/test_meminit: fix off-by-one error in test_pages()
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset
     - KEYS: trusted: allow use of kernel RNG for key material
     - KEYS: trusted: Remove redundant static calls usage
     - drm/msm/dp: do not reinitialize phy unless retry during link training
     - drm/msm/dsi: skip the wait for video mode done if not applicable
     - drm/msm/dsi: fix irq_of_parse_and_map() error checking
     - drm/msm/dpu: change _dpu_plane_

Source diff to previous version
1786013 Packaging resync
2054366 Fix backported kria device tree changes
2028158 [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
2045387 Add ODM driver f81604 usb-can
2045386 Add ODM driver gpio-m058ssan
2045385 Add ODM driver rtc-pcf85263
2045384 AppArmor patch for mq-posix interface is missing in jammy
2047382 Hotplugging SCSI disk in QEMU VM fails
2044192 Patches needed for AmpereOne (arm64)
2047630 Add quirk to disable i915 fastboot on B\u0026R PC
2035971 linux tools packages for derived kernels refuse to install simultaneously due to libcpupower name collision
2045562 [Debian] autoreconstruct - Do not generate chmod -x for deleted files
2046008 Jammy update: v5.15.136 upstream stable release
2045809 Jammy update: v5.15.135 upstream stable release
2029405 Change in trace file leads to test timeout in ftrace tests on 5.15 ARM64
2041842 Kernel doesn't compile with CONFIG_IMA
2044023 Jammy update: v5.15.134 upstream stable release
2043422 Jammy update: v5.15.133 upstream stable release
2041702 Jammy update: v5.15.132 upstream stable release
CVE-2023-6622 A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue ma
CVE-2024-0193 A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is r
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-6817 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-46813 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checki
CVE-2023-6111 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-32252 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF co
CVE-2023-6176 A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.

Version: 5.15.0-1026.30 2024-01-19 13:08:45 UTC

 linux-xilinx-zynqmp (5.15.0-1026.30) jammy; urgency=medium
 .
   * jammy/linux-xilinx-zynqmp: 5.15.0-1026.30 -proposed tracker (LP: #2049802)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] remove helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02)
 .
   * Enable symbols for all Xilinx device trees (LP: #2049442)
     - SAUCE: arm64: dts: Enable symbols for all Xilinx device trees
 .
   * Turn off non-zynqmp arch support (LP: #2044554)
     - [Config] Turn off non-zynqmp arch support
     - [Packaging] Update new baseline abi checks
 .
   * Add support for KD240 platform (LP: #2046280)
     - Sync KD240 DTS from xlnx_rebase_v6.1_LTS
     - can: xilinx_can: Add support for controller reset
 .
   [ Ubuntu: 5.15.0-92.102 ]
 .
   * jammy/linux: 5.15.0-92.102 -proposed tracker (LP: #2048614)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
   * CVE-2024-0193
     - netfilter: nf_tables: skip set commit for deleted/destroyed sets
   * CVE-2023-6040
     - netfilter: nf_tables: Reject tables of unsupported family
   * CVE-2023-6606
     - smb: client: fix OOB in smbCalcSize()
   * CVE-2023-6817
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
   * CVE-2023-6932
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
   * CVE-2023-6931
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size()
     - perf: Fix perf_event_validate_size() lockdep splat
 .
   [ Ubuntu: 5.15.0-91.101 ]
 .
   * jammy/linux: 5.15.0-91.101 -proposed tracker (LP: #2043452)
   * USB bus error after upgrading to proposed kernel on lunar and jammy
     (LP: #2043197)
     - USB: core: Fix oversight in SuperSpeed initialization
 .
   [ Ubuntu: 5.15.0-90.100 ]
 .
   * jammy/linux: 5.15.0-90.100 -proposed tracker (LP: #2041603)
   * CVE-2023-25775
     - RDMA/irdma: Remove irdma_uk_mw_bind()
     - RDMA/irdma: Remove irdma_sc_send_lsmm_nostag()
     - RDMA/irdma: Remove irdma_cqp_up_map_cmd()
     - RDMA/irdma: Remove irdma_get_hw_addr()
     - RDMA/irdma: Make irdma_uk_cq_init() return a void
     - RDMA/irdma: optimize rx path by removing unnecessary copy
     - RDMA/irdma: Remove enum irdma_status_code
     - RDMA/irdma: Remove excess error variables
     - RDMA/irdma: Prevent zero-length STAG registration
   * CVE-2023-39189
     - netfilter: nfnetlink_osf: avoid OOB read
   * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
     (LP: #2039575)
     - net/smc: Fix pos miscalculation in statistics
   * CVE-2023-45871
     - igb: set max size RX buffer when store bad packet is enabled
   * CVE-2023-39193
     - netfilter: xt_sctp: validate the flag_info count
   * CVE-2023-39192
     - netfilter: xt_u32: validate user space input
   * CVE-2023-31085
     - ubi: Refuse attaching if mtd's erasesize is 0
   * CVE-2023-5717
     - perf: Disallow mis-matched inherited group reads
   * CVE-2023-5178
     - nvmet-tcp: Fix a possible UAF in queue intialization setup
   * CVE-2023-5158
     - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
   * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
     (LP: #2033406)
     - [Packaging] Make WWAN driver loadable modules
   * HP ProBook 450 G8 Notebook fail to wifi test (LP: #2037513)
     - iwlwifi: mvm: Don't fail if PPAG isn't supported
     - wifi: iwlwifi: fw: skip PPAG for JF
   * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
     - [Packaging] Make linux-tools-common depend on hwdata
   * scripts/pahole-flags.sh change return to exit 0 (LP: #2035123)
     - SAUCE: scripts/pahole-flags.sh change return to exit 0
   * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
     - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
       probe
   * Jammy update: v5.15.131 upstream stable release (LP: #2039610)
     - erofs: ensure that the post-EOF tails are all zeroed
     - ksmbd: fix wrong DataOffset validation of create context
     - ksmbd: replace one-element array with flex-array member in struct
       smb2_ea_info
     - ARM: pxa: remove use of symbol_get()
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - ALSA: usb-audio: Fix init call orders for UAC1
     - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
     - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition
     - wifi: mt76: mt7921: do not support one stream on secondary antenna only
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - tcpm: Avoid soft reset when partner does not support get_status
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - usb: typec: tcpci: move tcpci.h to include/linux/usb/
     - usb: typec: tcpci: clear the fault status bit
     - Linux 5.15.131
   * Jammy update: v5.15.130 upstream stable release (LP: #2039608)
     - ACPI: thermal: Drop nocrt parameter
   

Source diff to previous version
1786013 Packaging resync
2049442 Enable symbols for all Xilinx device trees
2044554 Turn off non-zynqmp arch support
2046280 Add support for KD240 platform
2043197 USB bus error after upgrading to proposed kernel on lunar and jammy
2039575 SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
2033406 [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
2037513 HP ProBook 450 G8 Notebook fail to wifi test
2039439 usbip: error: failed to open /usr/share/hwdata//usb.ids
2035123 scripts/pahole-flags.sh change return to exit 0
2040157 Unable to use nvme drive to install Ubuntu 23.10
2039610 Jammy update: v5.15.131 upstream stable release
2039608 Jammy update: v5.15.130 upstream stable release
2039227 Jammy update: v5.15.129 upstream stable release
2038486 Jammy update: v5.15.128 upstream stable release
2038382 Jammy update: v5.15.127 upstream stable release
CVE-2024-0193 A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is r
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-6817 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-25775 Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentia
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-5717 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local pri
CVE-2023-5178 A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...
CVE-2023-5158 A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a d
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 5.15.0-1025.29 2023-10-31 07:16:04 UTC

 linux-xilinx-zynqmp (5.15.0-1025.29) jammy; urgency=medium
 .
   * jammy/linux-xilinx-zynqmp: 5.15.0-1025.29 -proposed tracker (LP: #2036376)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/d2023.10.10)
 .
   * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
     - [Config] updateconfigs for BLK_DEV_SX8
 .
   * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
     - [Config] updateconfigs for DECNET
 .
   * CVE-2023-42755
     - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
 .
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] Mark sh-sci as built-in
 .
   * Jammy update: v5.15.107 upstream stable release (LP: #2023320)
     - [Config] updateconfigs for ns module merger
 .
   * Jammy update: v5.15.105 upstream stable release (LP: #2023230)
     - [Config] updateconfigs for SERIAL_8250_ASPEED_VUART
 .
   * Add K24 device tree (LP: #2040354)
     - SAUCE: arm64: zynqmp: Add K24 device trees
     - SAUCE: arm64: dts: Build dtbs for k24 carrier board
 .
   * K26 QSPI MTD Definition Correction (LP: #2032972)
     - arm64: zynqmp: Fix User MTD partition size
 .
   * Move experimental ubuntu drivers to staging (LP: #2036370)
     - ubuntu/staging: Move out of tree Xilinx drivers into staging directory
     - modpost: Add staging flag to drivers in ubuntu/staging
 .
   * [kr260] Kernel snap does not boot (LP: #2028505)
     - Fix kernel snap to support KR260
 .
   [ Ubuntu: 5.15.0-88.98 ]
 .
   * jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
   * CVE-2023-4244
     - netfilter: nf_tables: don't skip expired elements during walk
     - netfilter: nf_tables: adapt set backend to use GC transaction API
     - netfilter: nft_set_hash: mark set element as dead when deleting from packet
       path
     - netfilter: nf_tables: GC transaction API to avoid race with control plane
     - netfilter: nf_tables: remove busy mark and gc batch API
     - netfilter: nf_tables: don't fail inserts if duplicate has expired
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nf_tables: fix GC transaction races with netns and netlink event
       exit path
     - netfilter: nf_tables: GC transaction race with netns dismantle
     - netfilter: nf_tables: GC transaction race with abort path
     - netfilter: nf_tables: use correct lock to protect gc_list
     - netfilter: nf_tables: defer gc run if previous batch is still pending
     - netfilter: nft_dynset: disallow object maps
     - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * CVE-2023-42756
     - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
   * CVE-2023-4623
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve
   * PCI BARs larger than 128GB are disabled (LP: #2037403)
     - PCI: Support BAR sizes up to 8TB
   * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
     - ALSA: hda/realtek - ALC287 I2S speaker platform support
   * Check for changes relevant for security certifications (LP: #1945989)
     - [Packaging] Add a new fips-checks script
   * Jammy update: v5.15.126 upstream stable release (LP: #2037593)
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - net/mlx5: Free irqs only on shutdown callback
     - arm64: errata: Add workaround for TSB flush failures
     - arm64: errata: Add detection for TRBE write to out-of-range
     - [Config] updateconfigs for ARM64_ERRATUM_ and
       ARM64_WORKAROUND_TSB_FLUSH_FAILURE
     - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
     - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
     - iommu/arm-smmu-v3: Add explicit feature for nesting
     - iommu/arm-smmu-v3: Document nesting-related errata
     - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - net: dsa: fix value check in bcm_sf2_sw_probe()
     - perf test uprobe_from_different_cu: Skip if there is no gcc
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - qed: Fix kernel-doc warnings
     - qed: Fix scheduling in a tasklet while getting stats
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
     - bpf, cpumap: Handle skb as well when clean up ptr_ring
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: ll_temac: Switch to use dev_err_probe() helper
     - net: ll_temac: fix error checking of irq_of_parse_and_map()
     - net: korina: handle clk prepare error in korina_probe()
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs

Source diff to previous version
1786013 Packaging resync
2030107 Jammy update: v5.15.117 upstream stable release
2030239 Jammy update: v5.15.118 upstream stable release
2022361 Please enable Renesas RZ platform serial installer
2023320 Jammy update: v5.15.107 upstream stable release
2023230 Jammy update: v5.15.105 upstream stable release
2040354 Add K24 device tree
2037403 PCI BARs larger than 128GB are disabled
2037077 Fix unstable audio at low levels on Thinkpad P1G4
1945989 Check for changes relevant for security certifications
2037593 Jammy update: v5.15.126 upstream stable release
2036843 Jammy update: v5.15.125 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2035166 NULL Pointer Dereference During KVM MMU Page Invalidation
2034479 Fix suspend hang on Lenovo workstation
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2035400 Jammy update: v5.15.124 upstream stable release
2034612 Jammy update: v5.15.123 upstream stable release
2036675 5.15.0-85 live migration regression
2035181 Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95
2034447 `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
2033122 Request backport of xen timekeeping performance improvements
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2019880 ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on jammy/fips
2019868 ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
2028122 Fix unreliable ethernet cable detection on I219 NIC
2031333 Need to get fine-grained control for FAN(TFN) Participant.
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2032176 Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel 5.19.0-46.47-22.04.1
2032690 Jammy update: v5.15.122 upstream stable release
2032689 Jammy update: v5.15.121 upstream stable release
2032688 Jammy update: v5.15.120 upstream stable release
2032683 Jammy update: v5.15.119 upstream stable release
2031093 libgnutls report \
2015400 losetup with mknod fails on jammy with kernel 5.15.0-69-generic
2029401 Jammy update: v5.15.116 upstream stable release
2028550 Backport support to tolerate ZSTD compressed firmware files
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026028 usbrtl sometimes doesn't reload firmware
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028799 Jammy update: v5.15.115 upstream stable release
2028701 Jammy update: v5.15.114 upstream stable release
2028408 Jammy update: v5.15.113 upstream stable release
2026607 Jammy update: v5.15.112 upstream stable release
2025095 Jammy update: v5.15.111 upstream stable release
2025090 Jammy update: v5.15.110 upstream stable release
2024265 Jammy update: v5.15.109 upstream stable release
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2008745 [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
1853306 [22.04 FEAT] Enhanced Interpretation for PCI Functions on s390x - kernel part
2003374 Undefined Behavior Sanitizer (UBSAN) causes failure to match symbols
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2023311 Resolve synchronous exception on arm64
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2003053 NFS: client permission error after adding user to permissible group
2022098 Severe NFS performance degradation after LP #2003053
2020319 Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest
2023328 Jammy update: v5.15.108 upstream stable release
2023233 Jammy update: v5.15.106 upstream stable release
2023225 Jammy update: v5.15.104 upstream stable release
2023224 Jammy update: v5.15.103 upstream stable release
2020393 Jammy update: v5.15.102 upstream stable release
2020391 Jammy update: v5.15.101 upstream stable release
2020387 Jammy update: v5.15.100 upstream stable release
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-4155 A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in t ...
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-3995 ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147.
CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3439 A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard deta
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2022-48502 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

Version: 5.15.0-1024.28 2023-09-29 18:08:43 UTC

 linux-xilinx-zynqmp (5.15.0-1024.28) jammy; urgency=medium
 .
   * jammy/linux-xilinx-zynqmp: 5.15.0-1024.28 -proposed tracker (LP: #2036376)
 .
   * K26 QSPI MTD Definition Correction (LP: #2032972)
     - arm64: zynqmp: Fix User MTD partition size
 .
   * Move experimental ubuntu drivers to staging (LP: #2036370)
     - ubuntu/staging: Move out of tree Xilinx drivers into staging directory
     - modpost: Add staging flag to drivers in ubuntu/staging
 .
   * [kr260] Kernel snap does not boot (LP: #2028505)
     - Fix kernel snap to support KR260
 .
   [ Ubuntu: 5.15.0-84.93 ]
 .
   * jammy/linux: 5.15.0-84.93 -proposed tracker (LP: #2034202)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * CVE-2023-4569
     - netfilter: nf_tables: deactivate catchall elements in next generation
   * CVE-2023-40283
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   * CVE-2023-20588
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/CPU/AMD: Do not leak quotient data after a division by 0
     - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
   * CVE-2023-4128
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
       free
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
       free
     - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
       after-free
 .
   [ Ubuntu: 5.15.0-83.92 ]
 .
   * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
 .
   [ Ubuntu: 5.15.0-81.90 ]
 .
   * jammy/linux: 5.15.0-81.90 -proposed tracker (LP: #2030422)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] resync getabis
     - debian/dkms-versions -- update from kernel-versions (main/2023.08.07)
   * CVE-2022-40982
     - x86/mm: Initialize text poking earlier
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * CVE-2023-21400
     - io_uring: ensure IOPOLL locks around deferred work
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
     (LP: #2015400)
     - loop: do not enforce max_loop hard limit by (new) default
   * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
     - r8152: add USB device driver for config selection
   * Jammy update: v5.15.116 upstream stable release (LP: #2029401)
     - RDMA/bnxt_re: Fix the page_size used during the MR creation
     - RDMA/efa: Fix unsupported page sizes in device
     - RDMA/hns: Fix base address table allocation
     - RDMA/hns: Modify the value of long message loopback slice
     - dmaengine: at_xdmac: Move the free desc to the tail of the desc list
     - dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved()
     - RDMA/bnxt_re: Fix a possible memory leak
     - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
     - iommu/rockchip: Fix unwind goto issue
     - iommu/amd: Don't block updates to GATag if guest mode is on
     - dmaengine: pl330: rename _start to prevent build error
     - riscv: Fix unused variable warning when BUILTIN_DTB is set
     - net/mlx5: fw_tracer, Fix event handling
     - net/mlx5e: Don't attach netdev profile while handling internal error
     - net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - amd-xgbe: fix the false linkup in xgbe_phy_status
     - mtd: rawnand: ingenic: fix empty stub helper definitions
     - RDMA/irdma: Add SW mechanism to generate completions on error
     - RDMA/irdma: Prevent QP use after free
     - RDMA/irdma: Fix Local Invalidate fencing
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress

1786013 Packaging resync
2031093 libgnutls report \
2015400 losetup with mknod fails on jammy with kernel 5.15.0-69-generic
2029401 Jammy update: v5.15.116 upstream stable release
2028550 Backport support to tolerate ZSTD compressed firmware files
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026028 usbrtl sometimes doesn't reload firmware
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028799 Jammy update: v5.15.115 upstream stable release
2028701 Jammy update: v5.15.114 upstream stable release
2028408 Jammy update: v5.15.113 upstream stable release
2026607 Jammy update: v5.15.112 upstream stable release
2025095 Jammy update: v5.15.111 upstream stable release
2025090 Jammy update: v5.15.110 upstream stable release
2024265 Jammy update: v5.15.109 upstream stable release
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2008745 [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
1853306 [22.04 FEAT] Enhanced Interpretation for PCI Functions on s390x - kernel part
2003374 Undefined Behavior Sanitizer (UBSAN) causes failure to match symbols
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2023311 Resolve synchronous exception on arm64
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2003053 NFS: client permission error after adding user to permissible group
2022098 Severe NFS performance degradation after LP #2003053
2020319 Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest
2023328 Jammy update: v5.15.108 upstream stable release
2023320 Jammy update: v5.15.107 upstream stable release
2023233 Jammy update: v5.15.106 upstream stable release
2023230 Jammy update: v5.15.105 upstream stable release
2023225 Jammy update: v5.15.104 upstream stable release
2023224 Jammy update: v5.15.103 upstream stable release
2020393 Jammy update: v5.15.102 upstream stable release
2020391 Jammy update: v5.15.101 upstream stable release
2020387 Jammy update: v5.15.100 upstream stable release
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-3995 ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147.
CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3439 A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard deta
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2022-48502 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o



About   -   Send Feedback to @ubuntu_updates