Package "linux-azure-4.15"

Name: linux-azure-4.15


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0
  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1138.151
Release: bionic (18.04)
Level: security
Repository: main


Other versions of "linux-azure-4.15" in Bionic

Repository Area Version
updates main 4.15.0-1138.151
proposed main 4.15.0-1139.152
PPA: Canonical Kernel Team 4.15.0-1138.151

Packages in group

Deleted packages are displayed in grey.


Version: 4.15.0-1138.151 2022-05-12 11:06:21 UTC

  linux-azure-4.15 (4.15.0-1138.151) bionic; urgency=medium

  * bionic/linux-azure-4.15: 4.15.0-1138.151 -proposed tracker (LP: #1969066)

  [ Ubuntu: 4.15.0-177.186 ]

  * bionic/linux: 4.15.0-177.186 -proposed tracker (LP: #1969083)
  * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932)
    - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
    - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
    - parisc/unaligned: Fix fldd and fstd unaligned handlers on 32-bit kernel
    - parisc/unaligned: Fix ldw() and stw() unalignment handlers
    - sr9700: sanity check for packet length
    - USB: zaurus: support another broken Zaurus
    - ping: remove pr_err from ping_lookup
    - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
    - gso: do not skip outer ip header in case of ipip and net_failover
    - openvswitch: Fix setting ipv6 fields causing hw csum failure
    - drm/edid: Always set RGB444
    - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
    - configfs: fix a race in configfs_{,un}register_subsystem()
    - RDMA/ib_srp: Fix a deadlock
    - iio: adc: men_z188_adc: Fix a resource leak in an error handling path
    - ata: pata_hpt37x: disable primary channel on HPT371
    - Revert "USB: serial: ch341: add new Product ID for CH341A"
    - usb: gadget: rndis: add spinlock for rndis response list
    - tracefs: Set the group ownership in apply_options() not parse_options()
    - USB: serial: option: add support for DW5829e
    - USB: serial: option: add Telit LE910R1 compositions
    - usb: dwc3: gadget: Let the interrupt handler disable bottom halves.
    - xhci: re-initialize the HC during resume if HCE was set
    - xhci: Prevent futile URB re-submissions due to incorrect return value.
    - tty: n_gsm: fix encoding of control signal octet bit DV
    - tty: n_gsm: fix proper link termination after failed open
    - Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of
    - memblock: use kfree() to release kmalloced memblock regions
    - fget: clarify and improve __fget_files() implementation
    - gpio: tegra186: Fix chip_data type confusion
    - tracing: Have traceon and traceoff trigger honor the instance
    - mac80211_hwsim: report NOACK frames in tx_status
    - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
    - i2c: bcm2835: Avoid clock stretching timeouts
    - Input: clear BTN_RIGHT/MIDDLE on buttonpads
    - cifs: fix double free race when mount fails in cifs_get_root()
    - dmaengine: shdma: Fix runtime PM imbalance on error
    - i2c: cadence: allow COMPILE_TEST
    - i2c: qup: allow COMPILE_TEST
    - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
    - usb: gadget: don't release an existing dev->buf
    - usb: gadget: clear related members when goto fail
    - ata: pata_hpt37x: fix PCI clock detection
    - ALSA: intel_hdmi: Fix reference to PCM buffer address
    - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
    - xfrm: fix MTU regression
    - netfilter: fix use-after-free in __nf_register_net_hook()
    - xfrm: enforce validity of offload input flags
    - netfilter: nf_queue: don't assume sk is full socket
    - netfilter: nf_queue: fix possible use-after-free
    - batman-adv: Request iflink once in batadv-on-batadv check
    - batman-adv: Request iflink once in batadv_get_real_netdevice
    - batman-adv: Don't expect inter-netns unique iflink indices
    - net: dcb: flush lingering app table entries for unregistered devices
    - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
    - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
    - mac80211: fix forwarded mesh frames AC & queue selection
    - net: stmmac: fix return value of __setup handler
    - net: sxgbe: fix return value of __setup handler
    - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
    - efivars: Respect "block" flag in efivar_entry_set_safe()
    - can: gs_usb: change active_channels's type from atomic_t to u8
    - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions
    - soc: fsl: qe: Check of ioremap return value
    - net: chelsio: cxgb3: check the return value of pci_find_capability()
    - nl80211: Handle nla_memdup failures in handle_nan_filter
    - Input: elan_i2c - move regulator_[en|dis]able() out of
    - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume
    - HID: add mapping for KEY_ALL_APPLICATIONS
    - memfd: fix F_SEAL_WRITE after shmem huge page allocated
    - net: dcb: disable softirqs in dcbnl_flush_dev()
    - hamradio: fix macro redefine warning
    - arm/arm64: Provide a wrapper for SMCCC 1.1 calls
    - arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit()
    - ARM: report Spectre v2 status through sysfs
    - ARM: early traps initialisation
    - ARM: use LOADADDR() to get load address of sections
    - [Config] updateconfigs for HARDEN_BRANCH_HISTORY
    - ARM: Spectre-BHB workaround
    - ARM: include unprivileged BPF status in Spectre V2 reporting
    - ARM: fix build error when BPF_SYSCALL is disabled
    - ARM: fix co-processor register typo
    - ARM: Do not use NOCROSSREFS directive with ld.lld
    - ARM: fix build warning in proc-v7-bugs.c
    - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
    - xen/grant-table: add gnttab_try_end_foreign_access()
    - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
    - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
    - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
    - xen/gntalloc: don't use gnttab_query_foreign_access()
    - xen: remove gnttab_query_foreign_access()
    - xen/9p: use alloc/free_pages_exact()
    - xen/gnttab: fix gnttab_end_foreign_access() without page specified
    - x

Source diff to previous version
1968932 Bionic update: upstream stable patchset 2022-04-13
1968340 ip6gre driver does not hold device reference
1968774 LRMv6: add multi-architecture support
1967013 Bionic update: upstream stable patchset 2022-03-29
CVE-2022-27223 In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host f
CVE-2022-26490 st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of
CVE-2021-26401 LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
CVE-2022-0001 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable

Version: 4.15.0-1137.150 2022-04-19 22:06:21 UTC

  linux-azure-4.15 (4.15.0-1137.150) bionic; urgency=medium

  * bionic/linux-azure-4.15: 4.15.0-1137.150 -proposed tracker (LP: #1967407)

  [ Ubuntu: 4.15.0-176.185 ]

  * bionic/linux: 4.15.0-176.185 -proposed tracker (LP: #1966771)
  * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717)
    - can: bcm: fix UAF of bcm op
    - net: bridge: clear bridge's private skb space on xmit
    - s390/hypfs: include z/VM guests with access control group set
    - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP
    - udf: Restore i_lenAlloc when inode expansion fails
    - udf: Fix NULL ptr deref when converting from inline format
    - PM: wakeup: simplify the output logic of pm_show_wakelocks()
    - netfilter: nft_payload: do not update layer 4 checksum when mangling
    - serial: stm32: fix software flow control transfer
    - tty: n_gsm: fix SW flow control encoding/handling
    - tty: Add support for Brainboxes UC cards.
    - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
    - usb: common: ulpi: Fix crash in ulpi_match()
    - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
    - USB: core: Fix hang in usb_kill_urb by adding memory barriers
    - usb: typec: tcpm: Do not disconnect while receiving VBUS off
    - net: sfp: ignore disabled SFP node
    - powerpc/32: Fix boot failure with GCC latent entropy plugin
    - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing()
    - i40e: Increase delay to 1 s after global EMP reset
    - i40e: fix unsigned stat widths
    - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
    - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
    - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
    - ipv6_tunnel: Rate limit warning messages
    - net: fix information leakage in /proc/net/ptype
    - ping: fix the sk_bound_dev_if match in ping_lookup
    - ipv4: avoid using shared IP generator for connected sockets
    - hwmon: (lm90) Reduce maximum conversion rate for G781
    - NFSv4: Handle case where the lookup of a directory fails
    - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
    - net-procfs: show net devices bound packet types
    - drm/msm: Fix wrong size calculation
    - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
    - ibmvnic: don't spin in tasklet
    - yam: fix a memory leak in yam_siocdevprivate()
    - ipv4: raw: lock the socket in raw_bind()
    - ipv4: tcp: send zero IPID in SYNACK messages
    - netfilter: nat: remove l4 protocol port rovers
    - netfilter: nat: limit port clash resolution attempts
    - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
    - net: amd-xgbe: ensure to reset the tx_timer_active flag
    - net: amd-xgbe: Fix skb data length underflow
    - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
    - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
    - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
    - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
    - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
    - drm/nouveau: fix off by one in BIOS boundary checking
    - block: bio-integrity: Advance seed correctly for larger interval sizes
    - RDMA/mlx4: Don't continue event handler after memory allocation failure
    - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
    - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
    - spi: bcm-qspi: check for valid cs before applying chip select
    - spi: mediatek: Avoid NULL pointer crash in interrupt
    - spi: meson-spicc: add IRQ check in meson_spicc_probe
    - net: ieee802154: ca8210: Stop leaking skb's
    - net: ieee802154: Return meaningful error codes from the netlink helpers
    - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
    - drm/i915/overlay: Prevent divide by zero bugs in scaling
    - ASoC: fsl: Add missing error handling in pcm030_fabric_probe
    - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
    - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
    - selftests: futex: Use variable MAKE instead of make
    - rtc: cmos: Evaluate century appropriate
    - EDAC/altera: Fix deferred probing
    - EDAC/xgene: Fix deferred probing
    - ext4: fix error handling in ext4_restore_inline_data()
    - serial: 8250: of: Fix mapped region size when using reg-offset property
    - i40e: Fix issue when maximum queues is exceeded
    - i40e: Fix queues reservation for XDP
    - ipv6: annotate accesses to fn->fn_sernum
    - ibmvnic: init ->running_cap_crqs early
  * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // audit:
    improve audit queue handling when "audit=1" on cmdline (LP: #1965723)
    - audit: improve audit queue handling when "audit=1" on cmdline
  * CVE-2021-43975
    - atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
  * Packaging resync (LP: #1786013)
    - [Packaging] resync dkms-build{,--nvidia-N} from LRMv5

 -- Marcelo Henrique Cerri <email address hidden> Wed, 06 Apr 2022 16:49:17 -0300

Source diff to previous version
1963717 Bionic update: upstream stable patchset 2022-03-04
1965723 audit: improve audit queue handling when \
1786013 Packaging resync
CVE-2021-43975 In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who

Version: 4.15.0-1136.149 2022-03-30 11:06:25 UTC

  linux-azure-4.15 (4.15.0-1136.149) bionic; urgency=medium

  * bionic/linux-azure-4.15: 4.15.0-1136.149 -proposed tracker (LP: #1966287)

  [ Ubuntu: 4.15.0-175.184 ]

  * bionic/linux: 4.15.0-175.184 -proposed tracker (LP: #1966304)
  * CVE-2022-27666
    - esp: Fix possible buffer overflow in ESP transformation

  [ Ubuntu: 4.15.0-173.182 ]

  * bionic/linux: 4.15.0-173.182 -proposed tracker (LP: #1965552)
  * Pick fixup from upstream stable patchset 2022-03-04 to address cert
    failure with clock jitter test on NUC7i3DNHE (LP: #1964213)
    - Bluetooth: refactor malicious adv data check

 -- Krzysztof Kozlowski <email address hidden> Fri, 25 Mar 2022 12:31:13 +0100

Source diff to previous version
1964213 bionic/linux: 4.15.0-172.181 snap-debs snap:pc-kernel
CVE-2022-27666 In the Linux kernel before 5.16.15, there is a buffer overflow in ESP transformation in net/ipv4/esp4.c and net/ipv6/esp6.c via a large message.

Version: 4.15.0-1134.147 2022-03-22 09:06:24 UTC

  linux-azure-4.15 (4.15.0-1134.147) bionic; urgency=medium

  * bionic/linux-azure-4.15: 4.15.0-1134.147 -proposed tracker (LP: #1964222)

  * linux-azure: CONFIG_FB_EFI=y (LP: #1959216)
    - [Config] azure-4.15: CONFIG_FB_EFI=y

  [ Ubuntu: 4.15.0-172.181 ]

  * CVE-2022-0847
    - lib/iov_iter: initialize "flags" in new pipe_buffer
  * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681)
    - Bluetooth: bfusb: fix division by zero in send path
    - USB: core: Fix bug in resuming hub's handling of wakeup requests
    - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
    - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
    - can: gs_usb: fix use of uninitialized variable, detach device on reception
      of invalid USB data
    - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
    - random: fix data race on crng_node_pool
    - random: fix data race on crng init time
    - staging: wlan-ng: Avoid bitwise vs logical OR warning in
    - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()
    - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
    - media: uvcvideo: fix division by zero at stream start
    - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
      interrupts enabled
    - Bluetooth: schedule SCO timeouts with delayed_work
    - Bluetooth: fix init and cleanup of sco_conn.timeout_work
    - HID: uhid: Fix worker destroying device without any protection
    - HID: wacom: Ignore the confidence flag when a touch is removed
    - HID: wacom: Avoid using stale array indicies to read contact count
    - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
    - rtc: cmos: take rtc_lock while reading from CMOS
    - media: flexcop-usb: fix control-message timeouts
    - media: mceusb: fix control-message timeouts
    - media: em28xx: fix control-message timeouts
    - media: cpia2: fix control-message timeouts
    - media: s2255: fix control-message timeouts
    - media: dib0700: fix undefined behavior in tuner shutdown
    - media: redrat3: fix control-message timeouts
    - media: pvrusb2: fix control-message timeouts
    - media: stk1160: fix control-message timeouts
    - can: softing_cs: softingcs_probe(): fix memleak on registration failure
    - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
    - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
    - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
    - clk: bcm-2835: Pick the closest clock rate
    - clk: bcm-2835: Remove rounding up the dividers
    - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
    - media: em28xx: fix memory leak in em28xx_init_dev
    - Bluetooth: stop proccessing malicious adv data
    - media: dmxdev: fix UAF when dvb_register_device() fails
    - crypto: qce - fix uaf on qce_ahash_register_one
    - tty: serial: atmel: Check return code of dmaengine_submit()
    - tty: serial: atmel: Call dma_async_issue_pending()
    - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released
    - netfilter: bridge: add support for pppoe filtering
    - arm64: dts: qcom: msm8916: fix MMC controller aliases
    - drm/amdgpu: Fix a NULL pointer dereference in
    - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
    - serial: amba-pl011: do not request memory region twice
    - floppy: Fix hang in watchdog when disk is ejected
    - media: dib8000: Fix a memleak in dib8000_init()
    - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
    - media: si2157: Fix "warm" tuner state detection
    - sched/rt: Try to restart rt period timer when rt runtime exceeded
    - media: dw2102: Fix use after free
    - media: msi001: fix possible null-ptr-deref in msi001_probe()
    - usb: ftdi-elan: fix memory leak on device disconnect
    - x86/mce/inject: Avoid out-of-bounds write when setting flags
    - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
    - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
    - ppp: ensure minimum packet size in ppp_write()
    - fsl/fman: Check for null pointer after calling devm_ioremap
    - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe
    - tpm: add request_locality before write TPM_INT_ENABLE
    - can: softing: softing_startstop(): fix set but not used variable warning
    - can: xilinx_can: xcan_probe(): check for error irq
    - pcmcia: fix setting of kthread task states
    - net: mcs7830: handle usb read errors properly
    - ext4: avoid trim error on fs with small groups
    - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
    - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
    - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
    - RDMA/hns: Validate the pkey index
    - powerpc/prom_init: Fix improper check of prom_getprop()
    - ALSA: oss: fix compile error when OSS_DEBUG is enabled
    - char/mwave: Adjust io port register size
    - scsi: ufs: Fix race conditions related to driver data
    - RDMA/core: Let ib_find_gid() continue search even after empty entry
    - dmaengine: pxa/mmp: stop referencing config->slave_id
    - iommu/iova: Fix race between FQ timeout and teardown
    - ASoC: samsung: idma: Check of ioremap return value
    - misc: lattice-ecp3-config: Fix task hung when firmware load failed
    - mips: lantiq: add support for clk_set_parent()
    - mips: bcm63xx: add support for clk_set_parent()
    - RDMA/cxgb4: Set queue pair state when being queried
    - Bluetooth: Fix debugfs entry leak in hci_register_dev()
    - fs: dlm: filter user dlm messages for kernel locks
    - ar5523: Fix null-ptr-deref wit

Source diff to previous version
1960681 Bionic update: upstream stable patchset 2022-02-11
1959709 Bionic update: upstream stable patchset 2022-02-01
1959335 Bionic update: upstream stable patchset 2022-01-27
1959762 HID_ASUS should depend on USB_HID in stable v4.15 backports
1786013 Packaging resync
CVE-2022-0847 A flaw was found in the way the "flags" member of the new pipe buffer ...
CVE-2022-0492 cgroup-v1: Require capabilities to set release_agent
CVE-2021-3506 An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds

Version: 4.15.0-1133.146 2022-03-08 23:06:56 UTC

  linux-azure-4.15 (4.15.0-1133.146) bionic; urgency=medium

  * Disable unprivileged BPF by default (LP: #1961338)
    - [Config] azure-4.15: Enable ONFIG_BPF_UNPRIV_DEFAULT_OFF

  [ Ubuntu: 4.15.0-171.180 ]

  * CVE-2022-0001
    - cpu/SMT: create and export cpu_smt_possible()
    - x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
    - x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
    - SAUCE: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
    - SAUCE: x86/speculation: Add eIBRS + Retpoline options
    - SAUCE: Documentation/hw-vuln: Update spectre doc
  * Disable unprivileged BPF by default (LP: #1961338)
    - bpf: Add kconfig knob for disabling unpriv bpf by default

  [ Ubuntu: 4.15.0-169.177 ]

  * bionic/linux: 4.15.0-169.177 -proposed tracker (LP: #1959877)
  * ubuntu_kernel_selftests.ftrace:ftracetest fails with bionic:linux
    4.15.0-168.176 on s390x (LP: #1959752)
    - recordmcount.pl: fix typo in s390 mcount regex

 -- Stefan Bader <email address hidden> Thu, 03 Mar 2022 09:44:37 +0100

1959752 ubuntu_kernel_selftests.ftrace:ftracetest fails with bionic:linux 4.15.0-168.176 on s390x

About   -   Send Feedback to @ubuntu_updates