UbuntuUpdates.org

Package "linux-aws-5.4"

Name: linux-aws-5.4

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0

Latest version: 5.4.0-1092.100~18.04.2
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "linux-aws-5.4" in Bionic

Repository Area Version
updates main 5.4.0-1103.111~18.04.1
proposed main 5.4.0-1104.112~18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-1103.111~18.04.1 2023-06-01 15:07:06 UTC

  linux-aws-5.4 (5.4.0-1103.111~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1103.111~18.04.1 -proposed tracker
    (LP: #2019652)

  [ Ubuntu: 5.4.0-1103.111 ]

  * focal/linux-aws: 5.4.0-1103.111 -proposed tracker (LP: #2019653)
  * focal/linux: 5.4.0-150.167 -proposed tracker (LP: #2019682)
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

Source diff to previous version
1786013 Packaging resync
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-2612 Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ...
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

Version: 5.4.0-1101.109~18.04.1 2023-04-27 13:13:42 UTC

  linux-aws-5.4 (5.4.0-1101.109~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1101.109~18.04.1 -proposed tracker
    (LP: #2016746)

  * CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

  [ Ubuntu: 5.4.0-1101.109 ]

  * focal/linux-aws: 5.4.0-1101.109 -proposed tracker (LP: #2016747)
  * CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * focal/linux: 5.4.0-148.165 -proposed tracker (LP: #2016777)
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

 -- Thadeu Lima de Souza Cascardo <email address hidden> Mon, 24 Apr 2023 16:15:00 -0300

Source diff to previous version

Version: 5.4.0-1100.108~18.04.1 2023-04-18 23:07:02 UTC

  linux-aws-5.4 (5.4.0-1100.108~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1100.108~18.04.1 -proposed tracker
    (LP: #2011929)

  [ Ubuntu: 5.4.0-1100.108 ]

  * focal/linux-aws: 5.4.0-1100.108 -proposed tracker (LP: #2011930)
  * focal/linux: 5.4.0-147.164 -proposed tracker (LP: #2011959)
  * CVE-2023-26545
    - net: mpls: fix stale pointer if allocation fails during device rename
  * CVE-2023-1281
    - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
    - net/sched: tcindex: update imperfect hash filters respecting rcu
  * Focal update: v5.4.231 upstream stable release (LP: #2011226)
    - clk: generalize devm_clk_get() a bit
    - clk: Provide new devm_clk helpers for prepared and enabled clocks
    - memory: atmel-sdramc: Fix missing clk_disable_unprepare in
      atmel_ramc_probe()
    - memory: mvebu-devbus: Fix missing clk_disable_unprepare in
      mvebu_devbus_probe()
    - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
    - ARM: imx27: Retrieve the SYSCTRL base address from devicetree
    - ARM: imx31: Retrieve the IIM base address from devicetree
    - ARM: imx35: Retrieve the IIM base address from devicetree
    - ARM: imx: add missing of_node_put()
    - HID: intel_ish-hid: Add check for ishtp_dma_tx_map
    - EDAC/highbank: Fix memory leak in highbank_mc_probe()
    - tomoyo: fix broken dependency on *.conf.default
    - RDMA/core: Fix ib block iterator counter overflow
    - IB/hfi1: Reject a zero-length user expected buffer
    - IB/hfi1: Reserve user expected TIDs
    - IB/hfi1: Fix expected receive setup error exit issues
    - affs: initialize fsdata in affs_truncate()
    - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
    - amd-xgbe: Delay AN timeout during KR training
    - bpf: Fix pointer-leak due to insufficient speculative store bypass
      mitigation
    - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
      rockchip_usb2phy_power_on()
    - net: nfc: Fix use-after-free in local_cleanup()
    - net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
    - gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
    - net/sched: sch_taprio: fix possible use-after-free
    - net: fix a concurrency bug in l2tp_tunnel_register()
    - l2tp: Serialize access to sk_user_data with sk_callback_lock
    - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
    - net: usb: sr9700: Handle negative len
    - net: mdio: validate parameter addr in mdiobus_get_phy()
    - HID: check empty report_list in hid_validate_values()
    - HID: check empty report_list in bigben_probe()
    - net: stmmac: fix invalid call to mdiobus_get_phy()
    - HID: revert CHERRY_MOUSE_000C quirk
    - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
    - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
    - net: mlx5: eliminate anonymous module_init & module_exit
    - drm/panfrost: fix GENERIC_ATOMIC64 dependency
    - dmaengine: Fix double increment of client_count in dma_chan_get()
    - net: macb: fix PTP TX timestamp failure due to packet padding
    - HID: betop: check shape of output reports
    - dmaengine: xilinx_dma: use devm_platform_ioremap_resource()
    - dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
    - dmaengine: xilinx_dma: call of_node_put() when breaking out of
      for_each_child_of_node()
    - tcp: avoid the lookup process failing to get sk in ehash table
    - w1: fix deadloop in __w1_remove_master_device()
    - w1: fix WARNING after calling w1_process()
    - driver core: Fix test_async_probe_init saves device in wrong array
    - net: dsa: microchip: ksz9477: port map correction in ALU table entry
      register
    - tcp: fix rate_app_limited to default to 1
    - cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
    - ASoC: fsl_micfil: Correct the number of steps on SX controls
    - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
    - s390/debug: add _ASM_S390_ prefix to header guard
    - cpufreq: armada-37xx: stop using 0 as NULL pointer
    - ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
    - ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
    - spi: spidev: remove debug messages that access spidev->spi without locking
    - KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
    - scsi: hisi_sas: Set a port invalid only if there are no devices attached
      when refreshing port id
    - platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
    - platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
    - lockref: stop doing cpu_relax in the cmpxchg loop
    - mmc: sdhci-esdhc-imx: clear pending interrupt and halt cqhci
    - mmc: sdhci-esdhc-imx: disable the CMD CRC check for standard tuning
    - mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
    - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
    - fs: reiserfs: remove useless new_opts in reiserfs_remount
    - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
    - scsi: hpsa: Fix allocation size for scsi_host_alloc()
    - module: Don't wait for GOING modules
    - tracing: Make sure trace_printk() can output as soon as it can be used
    - trace_events_hist: add check for return value of 'create_hist_field'
    - ftrace/scripts: Update the instructions for ftrace-bisect.sh
    - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
    - KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
    - thermal: intel: int340x: Protect trip temperature from concurrent updates
    - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
    - EDAC/device: Respect any driver-supplied workqueue polling value
    - EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
    - netlink: prevent potential spectre v1 gadgets
    - net: fix UaF in netns

Source diff to previous version
2011226 Focal update: v5.4.231 upstream stable release
2008946 Focal update: v5.4.230 upstream stable release
CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a
CVE-2023-1281 RESERVED
CVE-2022-3903 An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicio
CVE-2022-3108 An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the re

Version: 5.4.0-1099.107~18.04.1 2023-03-28 22:06:59 UTC

  linux-aws-5.4 (5.4.0-1099.107~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1099.107~18.04.1 -proposed tracker
    (LP: #2012004)

  [ Ubuntu: 5.4.0-1099.107 ]

  * focal/linux-aws: 5.4.0-1099.107 -proposed tracker (LP: #2012000)
  * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
    - NFS: Correct timing for assigning access cache timestamp

Source diff to previous version

Version: 5.4.0-1097.105~18.04.1 2023-03-02 22:06:50 UTC

  linux-aws-5.4 (5.4.0-1097.105~18.04.1) bionic; urgency=medium

  * bionic/linux-aws-5.4: 5.4.0-1097.105~18.04.1 -proposed tracker
    (LP: #2004354)

  [ Ubuntu: 5.4.0-1097.105 ]

  * focal/linux-aws: 5.4.0-1097.105 -proposed tracker (LP: #2004355)
  * Focal update: v5.4.226 upstream stable release (LP: #2003896)
    - [Config] aws: updateconfigs for INET_TABLE_PERTURB_ORDER
  * RDMA Back port DMA buffer fix (LP: #2004807)
    - RDMA/core: Fix ib block iterator counter overflow
  * focal/linux: 5.4.0-144.161 -proposed tracker (LP: #2004653)
  * CVE-2023-0461
    - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461
  * focal/linux: 5.4.0-143.160 -proposed tracker (LP: #2004385)
  * NFS: client permission error after adding user to permissible group
    (LP: #2003053)
    - NFS: Clear the file access cache upon login
    - NFS: Judge the file access cache's timestamp in rcu path
    - NFS: Fix up a sparse warning
  * Focal update: v5.4.229 upstream stable release (LP: #2003914)
    - tracing/ring-buffer: Only do full wait when cpu != RING_BUFFER_ALL_CPUS
    - udf: Discard preallocation before extending file with a hole
    - udf: Fix preallocation discarding at indirect extent boundary
    - udf: Do not bother looking for prealloc extents if i_lenExtents matches
      i_size
    - udf: Fix extending file within last block
    - usb: gadget: uvc: Prevent buffer overflow in setup handler
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
    - USB: serial: f81232: fix division by zero on line-speed change
    - USB: serial: f81534: fix division by zero on line-speed change
    - igb: Initialize mailbox message for VF reset
    - xen-netback: move removal of "hotplug-status" to the right place
    - HID: ite: Add support for Acer S1002 keyboard-dock
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
    - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
    - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
    - usb: musb: remove extra check in musb_gadget_vbus_draw
    - ARM: dts: qcom: apq8064: fix coresight compatible
    - arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias
    - drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static
    - arm: dts: spear600: Fix clcd interrupt
    - soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of
      pm_runtime_get_sync
    - soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe
    - soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe
    - perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()
    - perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
    - arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators
    - arm64: dts: mt2712e: Fix unit address for pinctrl node
    - arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names
    - arm64: dts: mt2712-evb: Fix usb vbus regulators unit names
    - arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name
    - ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: turris-omnia: Add ethernet aliases
    - ARM: dts: turris-omnia: Add switch port 6 node
    - arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC
    - pstore/ram: Fix error return code in ramoops_probe()
    - ARM: mmp: fix timer_read delay
    - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
    - tpm/tpm_crb: Fix error message in __crb_relinquish_locality()
    - cpuidle: dt: Return the correct numbers of parsed idle states
    - alpha: fix syscall entry in !AUDUT_SYSCALL case
    - PM: hibernate: Fix mistake in kerneldoc comment
    - fs: don't audit the capability check in simple_xattr_list()
    - selftests/ftrace: event_triggers: wait longer for test_event_enable
    - perf: Fix possible memleak in pmu_dev_alloc()
    - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
    - proc: fixup uptime selftest
    - lib/fonts: fix undefined behavior in bit shift for get_default_font
    - ocfs2: fix memory leak in ocfs2_stack_glue_init()
    - MIPS: vpe-mt: fix possible memory leak while module exiting
    - MIPS: vpe-cmp: fix possible memory leak while module exiting
    - selftests/efivarfs: Add checking of the test return value
    - PNP: fix name memory leak in pnp_alloc_dev()
    - perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()
    - irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
    - EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
    - nfsd: don't call nfsd_file_put from client states seqfile display
    - genirq/irqdesc: Don't try to remove non-existing sysfs files
    - cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
    - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
    - lib/notifier-error-inject: fix error when writing -errno to debugfs file
    - docs: fault-injection: fix non-working usage of negative values
    - debugfs: fix error when writing negative value to atomic_t debugfs file
    - ocfs2: ocfs2_mount_volume does cleanup job before return error
    - ocfs2: rewrite error handling of ocfs2_fill_super
    - ocfs2: fix memory leak in ocfs2_mount_volume()
    - rapidio: fix possible name leaks when rio_add_device() fails
    - rapidio: rio: fix possible name leak in rio_register_mport()
    - clocksource/drivers/sh_cmt: Make sure channel clock supply is enabled
    - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
    

2003896 Focal update: v5.4.226 upstream stable release
2004807 RDMA Back port DMA buffer fix
2003053 NFS: client permission error after adding user to permissible group
2003914 Focal update: v5.4.229 upstream stable release
2003904 Focal update: v5.4.228 upstream stable release
2003901 Focal update: v5.4.227 upstream stable release
2002889 5.15.0-58.64 breaks xen bridge networking (pvh domU)
2002347 Focal update: v5.4.225 upstream stable release
CVE-2023-0461 RESERVED
CVE-2023-0266 A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be u
CVE-2022-41218 In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open
CVE-2022-4139 An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. T
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-3545 A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file



About   -   Send Feedback to @ubuntu_updates