UbuntuUpdates.org

Package "linux-cloud-tools-5.15.0-1076-azure"

Name: linux-cloud-tools-5.15.0-1076-azure

Description:

Linux kernel version specific cloud tools for version 5.15.0-1076

Latest version: 5.15.0-1076.85~20.04.1
Release: focal (20.04)
Level: proposed
Repository: main
Head package: linux-azure-5.15

Links


Download "linux-cloud-tools-5.15.0-1076-azure"


Other versions of "linux-cloud-tools-5.15.0-1076-azure" in Focal

Repository Area Version
PPA: Canonical Kernel Team 5.15.0-1076.85~20.04.1

Changelog

Version: 5.15.0-1065.74~20.04.1 2024-05-25 02:07:14 UTC

  linux-azure-5.15 (5.15.0-1065.74~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1065.74~20.04.1 -proposed tracker
    (LP: #2063716)

  [ Ubuntu: 5.15.0-1065.74 ]

  * jammy/linux-azure: 5.15.0-1065.74 -proposed tracker (LP: #2063717)
  * Azure: Update CIFS to 5.15-backport-1-24-24 (LP: #2064514)
    - SAUCE: cifs: correcting entry
    - cifs: is_network_name_deleted should return a bool
    - cifs: fix charset issue in reconnection
    - cifs: update the ctime on a partial page write
    - smb: client: introduce DFS_CACHE_TGT_LIST()
    - smb: client: ensure to try all targets when finding nested links
    - smb: client: move some params to cifs_open_info_data
    - smb: client: make smb2_compound_op() return resp buffer on success
    - smb: client: rename cifs_dfs_ref.c to namespace.c
    - smb: client: get rid of dfs naming in automount code
    - smb: client: get rid of dfs code dep in namespace.c
    - smb: client: parse reparse point flag in create response
    - smb: client: do not query reparse points twice on symlinks
    - smb: client: query reparse points in older dialects
    - smb: cilent: set reparse mount points as automounts
    - smb: client: reduce stack usage in cifs_try_adding_channels()
    - smb: client: reduce stack usage in cifs_demultiplex_thread()
    - smb: client: reduce stack usage in smb_send_rqst()
    - smb: client: reduce stack usage in smb2_set_ea()
    - smb: client: reduce stack usage in smb2_query_info_compound()
    - smb: client: reduce stack usage in smb2_query_reparse_point()
    - cifs: update desired access while requesting for directory lease
    - send channel sequence number in SMB3 requests after reconnects
    - SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion
    - cifs: Add a laundromat thread for cached directories
    - smb3: allow controlling length of time directory entries are cached with dir
      leases
    - smb3: add trace point for queryfs (statfs)
    - smb3: allow controlling maximum number of cached directories
    - cifs: update internal module version number for cifs.ko
    - smb3: fix minor typo in SMB2_GLOBAL_CAP_LARGE_MTU
    - smb3: move server check earlier when setting channel sequence number
    - smb3: correct places where ENOTSUPP is used instead of preferred EOPNOTSUPP
    - smb3: fix some minor typos and repeated words
    - smb3: Add dynamic trace points for RDMA (smbdirect) reconnect
    - smb3: do not start laundromat thread when dir leases disabled
    - cifs: Fix UAF in cifs_demultiplex_thread()
    - smb3: remove duplicate error mapping
    - smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
    - smb3: fix confusing debug message
    - fs/smb/client: Reset password pointer to NULL
    - smb: client: do not start laundromat thread on nohandlecache
    - smb: client: make laundromat a delayed worker
    - smb: client: prevent new fids from being removed by laundromat
    - smb3: fix touch -h of symlink
    - cifs: Add client version details to NTLM authenticate message
    - SMB3: clarify some of the unused CreateOption flags
    - Add definition for new smb3.1.1 command type
    - smb3: fix creating FIFOs when mounting with "sfu" mount option
    - smb: client: fix potential deadlock when releasing mids
    - smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
    - smb: use crypto_shash_digest() in symlink_hash()
    - cifs: print server capabilities in DebugData
    - cifs: add xid to query server interface call
    - smb: client: remove extra @chan_count check in __cifs_put_smb_ses()
    - smb: client: fix use-after-free in smb2_query_info_compound()
    - cifs: reconnect helper should set reconnect for the right channel
    - cifs: do not reset chan_max if multichannel is not supported at mount
    - cifs: force interface update before a fresh session setup
    - smb3: minor RDMA cleanup
    - smb3: more minor cleanups for session handling routines
    - cifs: handle cases where a channel is closed
    - cifs: distribute channels across interfaces based on speed
    - cifs: account for primary channel in the interface list
    - cifs: do not pass cifs_sb when trying to add channels
    - cifs: reconnect work should have reference on server struct
    - smb3: minor cleanup of session handling code
    - smb3: fix caching of ctime on setxattr
    - smb: client: fix mount when dns_resolver key is not available
    - smb3: allow dumping session and tcon id to improve stats analysis and
      debugging
    - Missing field not being returned in ioctl CIFS_IOC_GET_MNT_INFO
    - cifs: handle when server starts supporting multichannel
    - cifs: handle when server stops supporting multichannel
    - cifs: update internal module version number for cifs.ko
    - cifs: spnego: add ';' in HOST_KEY_LEN
    - cifs: fix check of rc in function generate_smb3signingkey
    - cifs: fix leak of iface for primary channel
    - cifs: fix lock ordering while disabling multichannel
    - cifs: fix use after free for iface while disabling secondary channels
    - smb: client: implement ->query_reparse_point() for SMB1
    - smb: client: introduce ->parse_reparse_point()
    - smb: client: set correct file type from NFS reparse points
    - smb: client: introduce cifs_sfu_make_node()
    - smb: client: fix missing mode bits for SMB symlinks
    - smb: client: report correct st_size for SMB and NFS symlinks
    - cifs: Fix FALLOC_FL_ZERO_RANGE by setting i_size if EOF moved
    - cifs: Fix FALLOC_FL_INSERT_RANGE by setting i_size after EOF moved
    - smb: client, common: fix fortify warnings
    - smb: client: fix potential NULL deref in parse_dfs_referrals()
    - cifs: Fix non-availability of dedup breaking generic/304
    - Revert "cifs: reconnect work should have reference on server struct"
    - cifs: reconnect worker should take reference on server struct
      unconditionally
    - smb3: add missing define
    - ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE

Source diff to previous version
2064514 Azure: Update CIFS to 5.15-backport-1-24-24
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(

Version: 5.15.0-1063.72~20.04.1 2024-04-23 00:06:58 UTC

  linux-azure-5.15 (5.15.0-1063.72~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1063.72~20.04.1 -proposed tracker
    (LP: #2061766)

  [ Ubuntu: 5.15.0-1063.72 ]

  * jammy/linux-azure: 5.15.0-1063.72 -proposed tracker (LP: #2061767)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Azure: Network doesn't get configured after triggering kdump (LP: #2054855)
    - Drivers: hv: Always reserve framebuffer region for Gen1 VMs
  * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
  * CVE-2024-2201
    - x86/bugs: Use sysfs_emit()
    - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
    - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
    - KVM: x86: Use a switch statement and macros in __feature_translate()
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)
  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script
  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
    - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
  * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
    counter (LP: #2058485)
    - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
    - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
    - ipc: Store mqueue sysctls in the ipc namespace
    - ipc: Store ipc sysctls in the ipc namespace
    - ipc: Use the same namespace to modify and validate
    - ipc: Remove extra1 field abuse to pass ipc namespace
    - ipc: Check permissions for checkpoint_restart sysctls at open time
    - percpu: add percpu_counter_add_local and percpu_counter_sub_local
    - ipc/msg: mitigate the lock contention with percpu counter
  * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
    - ksmbd: free ppace array on error in parse_dacl
    - ksmbd: don't allow O_TRUNC open on read-only share
    - ksmbd: validate mech token in session setup
    - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
    - ksmbd: only v2 leases handle the directory
    - iio: adc: ad7091r: Set alert bit in config register
    - iio: adc: ad7091r: Allow users to configure device events
    - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
    - dmaengine: fix NULL pointer in channel unregistration function
    - scsi: ufs: core: Simplify power management during async scan
    - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
    - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
    - ext4: allow for the last group to be marked as trimmed
    - btrfs: sysfs: validate scrub_speed_max value
    - crypto: api - Disallow identical driver names
    - PM: hibernate: Enforce ordering during image compression/decompression
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
    - crypto: s390/aes - Fix buffer overread in CTR mode
    - media: imx355: Enable runtime PM before registering async sub-device
    - rpmsg: virtio: Free driver_override when rpmsg_remove()
    - media: ov9734: Enable runtime PM before registering async sub-device
    - mips: Fix max_mapnr being uninitialized on early stages
    - bus: mhi: host: Drop chan lock before queuing buffers
    - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
    - parisc/firmware: Fix F-extend for PDC addresses
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
    - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
    - lsm: new security_file_ioctl_compat() hook
    - scripts/get_abi: fix source path leak
    - mmc: core: Use mrq.sbc in close-ended ffu
    - mmc: mmc_spi: remove custom DMA mapped buffers
    - rtc: Adjust failure return code for cmos_set_alarm()
    - nouveau/vmm: don't set addr on the fail path to avoid warning
    - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
    - rename(): fix the locking of subdirectories
    - ksmbd: set v2 lease version on lease upgrade
    - ksmbd: fix potential circular locking issue in smb2_set_ea()
    - ksmbd: don't increment epoch if current state and request state are same
    - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
    - ksmbd: Add missing set_freezable() for freezable kthread
    - net/smc: fix illegal rmb_desc access in SMC-D connection dump
    - tcp: make sure init the accept_queue's spinlocks once
    - bnxt_en: Wait for FLR to complete during probe
    - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
    - llc: make llc_ui_sendmsg() more robust against bonding changes
    - llc: Drop support for ETH_P_TR_802_2.
    - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
    - tracing: Ensure visibility when inserting an element into tracing_map
    - afs: Hide silly-rename files from userspace
    - tcp: Add memory barrier to tcp_push()
    - netlink: fix potential sleeping issue in mqueue_flush_file
    - ipv6: init the accept_queue's spinlocks in inet6_create
    - net/mlx5: DR, Use the ri

Source diff to previous version
1786013 Packaging resync
2054855 Azure: Network doesn't get configured after triggering kdump
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
2060780 CIFS stopped working/is unstable with kernel update to 5.15.0-102.112
CVE-2024-2201 Native Branch History Injection
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.

Version: 5.15.0-1060.69~20.04.1 2024-03-21 20:06:54 UTC

  linux-azure-5.15 (5.15.0-1060.69~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1060.69~20.04.1 -proposed tracker
    (LP: #2055591)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - debian.azure-5.15/dkms-versions -- update from kernel-versions
      (main/2024.03.04)

  [ Ubuntu: 5.15.0-1060.69 ]

  * jammy/linux-azure: 5.15.0-1060.69 -proposed tracker (LP: #2055592)
  * Packaging resync (LP: #1786013)
    - debian.azure/dkms-versions -- update from kernel-versions (main/s2024.02.05)
  * jammy/linux: 5.15.0-102.112 -proposed tracker (LP: #2055632)
  * Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
    - [Packaging] Drop abi checks from final-checks
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
  * block/loop: No longer allows to create partitions (LP: #2056143)
    - block, loop: support partitions without scanning
  * Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
    - [Packaging] remove update-version-dkms
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra
  * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
    - [Packaging] rules: Put usbip manpages in the correct directory
  * CVE-2024-23851
    - dm ioctl: log an error if the ioctl structure is corrupted
    - dm: limit the number of targets and parameter size area
  * CVE-2024-23850
    - btrfs: do not ASSERT() if the newly created subvolume already got read
  * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules
  * Fix bpf selftests build failure after v5.15.139 update (LP: #2054567)
    - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on
      stack"
  * Jammy update: v5.15.148 upstream stable release (LP: #2055145)
    - f2fs: explicitly null-terminate the xattr list
    - pinctrl: lochnagar: Don't build on MIPS
    - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
    - mptcp: fix uninit-value in mptcp_incoming_options
    - wifi: cfg80211: lock wiphy mutex for rfkill poll
    - debugfs: fix automount d_fsdata usage
    - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
    - nvme-core: check for too small lba shift
    - ASoC: wm8974: Correct boost mixer inputs
    - ASoC: Intel: Skylake: Fix mem leak in few functions
    - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
      __be16
    - ASoC: Intel: Skylake: mem leak in skl register function
    - ASoC: cs43130: Fix the position of const qualifier
    - ASoC: cs43130: Fix incorrect frame delay configuration
    - ASoC: rt5650: add mutex to avoid the jack detection failure
    - nouveau/tu102: flush all pdbs on vmm flush
    - net/tg3: fix race condition in tg3_reset_task()
    - ASoC: da7219: Support low DC impedance headset
    - ASoC: ops: add correct range check for limiting volume
    - nvme: introduce helper function to get ctrl state
    - drm/amdgpu: Add NULL checks for function pointers
    - drm/exynos: fix a potential error pointer dereference
    - drm/exynos: fix a wrong error checking
    - hwmon: (corsair-psu) Fix probe when built-in
    - clk: rockchip: rk3128: Fix HCLK_OTG gate register
    - jbd2: correct the printing of write_flags in jbd2_write_superblock()
    - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
    - neighbour: Don't let neigh_forced_gc() disable preemption for long
    - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events
    - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
    - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
    - tracing: Add size check when printing trace_marker output
    - stmmac: dwmac-loongson: drop useless check for compatible fallback
    - MIPS: dts: loongson: drop incorrect dwmac fallback compatible
    - tracing: Fix uaf issue when open the hist or hist_debug file
    - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
      NMI
    - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
    - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
    - Input: i8042 - add nomux quirk for Acer P459-G2-M
    - s390/scm: fix virtual vs physical address confusion
    - ARC: fix spare error
    - wifi: iwlwifi: pcie: avoid a NULL pointer dereference
    - Input: xpad - add Razer Wolverine V2 support
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346
    - i2c: rk3x: fix potential spinlock recursion on poll
    - net: qrtr: ns: Return 0 if server port is not present
    - ARM: sun9i: smp: fix return code check of of_property_match_string
    - drm/crtc: fix uninitialized variable use
    - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
    - Revert "ASoC: atmel: Remove system clock tree configuration for
      at91sam9g20ek"
    - bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to
      pahole flags for v1.25
    - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list
    - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
    - binder: use EPOLLERR from eventpoll.h
    - binder: fix use-after-free in shinker's callback
    - binder: fix tr

Source diff to previous version
1786013 Packaging resync
2055686 Drop ABI checks from kernel build
2056143 block/loop: No longer allows to create partitions
2055685 Cranky update-dkms-versions rollout
2054809 linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-modules-extra to linux-modules
2054094 linux-tools-common: man page of usbip[d] is misplaced
2054699 x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
2045561 linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from linux-modules-extra to linux-modules
2054567 Fix bpf selftests build failure after v5.15.139 update
2055145 Jammy update: v5.15.148 upstream stable release
2053251 performance: Scheduler: ratelimit updating of load_avg
2054411 Jammy update: v5.15.147 upstream stable release
2053152 performance: mm/percpu-internal.h: Re-layout pcpu_chunk to mitigate false sharing
2053069 performance: address_space: add padding for i_map and i_mmap_rwsem to mitigate a false sharing
2052817 cpufreq: intel_pstate: Enable HWP IO boost for all servers
2052827 performance: mm/memcontrol.c: remove the redundant updating of stats_flush_threshold
2053212 Jammy update: v5.15.146 upstream stable release
1971699 disable Intel DMA remapping by default
2052005 Validate connection interval to pass Bluetooth Test Suite
2052406 Jammy update: v5.15.145 upstream stable release
2052404 Jammy update: v5.15.144 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-32247 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_S
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_

Version: 5.15.0-1058.66~20.04.2 2024-02-29 19:06:53 UTC

  linux-azure-5.15 (5.15.0-1058.66~20.04.2) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1058.66~20.04.2 -proposed tracker
    (LP: #2052048)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)

  [ Ubuntu: 5.15.0-1058.66 ]

  * jammy/linux-azure: 5.15.0-1058.66 -proposed tracker (LP: #2052049)
  * Azure: Enable CONFIG_TEST_LOCKUP (LP: #2052723)
    - [Config] CONFIG_TEST_LOCKUP=m
  * jammy/linux: 5.15.0-100.110 -proposed tracker (LP: #2052616)
  * i915 regression introduced with 5.5 kernel (LP: #2044131)
    - drm/i915: Skip some timing checks on BXT/GLK DSI transcoders
  * Audio balancing setting doesn't work with the cirrus codec (LP: #2051050)
    - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
  * partproke is broken on empty loopback device (LP: #2049689)
    - block: Move checking GENHD_FL_NO_PART to bdev_add_partition()
  * CVE-2023-0340
    - vhost: use kzalloc() instead of kmalloc() followed by memset()
  * CVE-2023-51780
    - atm: Fix Use-After-Free in do_vcc_ioctl
  * CVE-2023-6915
    - ida: Fix crash in ida_free when the bitmap is empty
  * CVE-2024-0646
    - net: tls, update curr on splice as well
  * CVE-2024-0565
    - smb: client: fix OOB in receive_encrypted_standard()
  * CVE-2023-51781
    - appletalk: Fix Use-After-Free in atalk_ioctl
  * Jammy update: v5.15.143 upstream stable release (LP: #2050858)
    - vdpa/mlx5: preserve CVQ vringh index
    - hrtimers: Push pending hrtimers away from outgoing CPU earlier
    - i2c: designware: Fix corrupted memory seen in the ISR
    - netfilter: ipset: fix race condition between swap/destroy and kernel side
      add/del/test
    - tg3: Move the [rt]x_dropped counters to tg3_napi
    - tg3: Increment tx_dropped in tg3_tso_bug()
    - kconfig: fix memory leak from range properties
    - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
    - platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
    - platform/x86: asus-wmi: Add support for ROG X13 tablet mode
    - platform/x86: asus-wmi: Simplify tablet-mode-switch probing
    - platform/x86: asus-wmi: Simplify tablet-mode-switch handling
    - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code
    - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
    - platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct
      wmi_driver
    - platform/x86: wmi: Skip blocks with zero instances
    - ipv6: fix potential NULL deref in fib6_add()
    - octeontx2-pf: Add missing mutex lock in otx2_get_pauseparam
    - octeontx2-af: Check return value of nix_get_nixlf before using nixlf
    - hv_netvsc: rndis_filter needs to select NLS
    - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
    - r8152: Add RTL8152_INACCESSIBLE checks to more loops
    - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en()
    - mlxbf-bootctl: correctly identify secure boot with development keys
    - platform/mellanox: Add null pointer checks for devm_kasprintf()
    - platform/mellanox: Check devm_hwmon_device_register_with_groups() return
      value
    - arcnet: restoring support for multiple Sohard Arcnet cards
    - net: stmmac: fix FPE events losing
    - octeontx2-af: fix a use-after-free in rvu_npa_register_reporters
    - i40e: Fix unexpected MFS warning message
    - net: bnxt: fix a potential use-after-free in bnxt_init_tc
    - ionic: fix snprintf format length warning
    - ionic: Fix dim work handling in split interrupt mode
    - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
    - net: hns: fix fake link up on xge port
    - octeontx2-af: Update Tx link register range
    - netfilter: nf_tables: validate family when identifying table via handle
    - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
    - tcp: do not accept ACK of bytes we never sent
    - bpf: sockmap, updating the sg structure should also update curr
    - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
    - net: add missing kdoc for struct genl_multicast_group::flags
    - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
    - tee: optee: Fix supplicant based device enumeration
    - RDMA/hns: Fix unnecessary err return when using invalid congest control
      algorithm
    - RDMA/irdma: Do not modify to SQD on error
    - RDMA/irdma: Add wait for suspend on SQD
    - arm64: dts: rockchip: Expand reg size of vdec node for RK3399
    - RDMA/rtrs-srv: Do not unconditionally enable irq
    - RDMA/rtrs-clt: Start hb after path_up
    - RDMA/rtrs-srv: Check return values while processing info request
    - RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true
    - RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight
    - RDMA/rtrs-clt: Fix the max_send_wr setting
    - RDMA/rtrs-clt: Remove the warnings for req in_use check
    - RDMA/bnxt_re: Correct module description string
    - hwmon: (acpi_power_meter) Fix 4.29 MW bug
    - hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe()
    - ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
    - RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz
    - RDMA/irdma: Avoid free the non-cqp_request scratch
    - arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb
    - arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3
    - ARM: dts: imx6ul-pico: Describe the Ethernet PHY clock
    - tracing: Fix a warning when allocating buffered events fails
    - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
    - ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
    - ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt
    - ARM: dts: imx28-xea: Pass the 'model' property
    - riscv: fix misaligned access handling of C.S

Source diff to previous version
1786013 Packaging resync
2052723 Azure: Enable CONFIG_TEST_LOCKUP
2049689 partproke is broken on empty loopback device
2050858 Jammy update: v5.15.143 upstream stable release
2036239 Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
2048404 Don't WARN_ON_ONCE() for a broken discovery table
2047634 Reject connection when malformed L2CAP signal packet is received
2050849 Jammy update: v5.15.142 upstream stable release
2050044 Jammy update: v5.15.141 upstream stable release
2050038 Jammy update: v5.15.140 upstream stable release
2049432 Jammy update: v5.15.139 upstream stable release
2049417 Jammy update: v5.15.138 upstream stable release
2049350 Jammy update: v5.15.137 upstream stable release
CVE-2023-0340 The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contribu
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race conditio
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-46862 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2023-22995 In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and
CVE-2023-4134 Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()

Version: 5.15.0-1056.64~20.04.1 2024-02-08 02:06:56 UTC

  linux-azure-5.15 (5.15.0-1056.64~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1056.64~20.04.1 -proposed tracker
    (LP: #2052544)

  [ Ubuntu: 5.15.0-1056.64 ]

  * jammy/linux-azure: 5.15.0-1056.64 -proposed tracker (LP: #2052545)
  * Azure: Fix regression introduced in LP: #2045069 (LP: #2052453)
    - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
    - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed

2045069 Azure: Deprecate Netvsc and implement MANA direct
2052453 Azure: Fix regression introduced in LP: #2045069



About   -   Send Feedback to @ubuntu_updates