UbuntuUpdates.org

Package "linux-doc"

Name: linux-doc

Description:

Linux kernel specific documentation for version 5.4.0

Latest version: 5.4.0-176.196
Release: focal (20.04)
Level: proposed
Repository: main
Head package: linux

Links


Download "linux-doc"


Other versions of "linux-doc" in Focal

Repository Area Version
base main 5.4.0-26.30
security main 5.4.0-174.193
updates main 5.4.0-174.193
PPA: Canonical Kernel Team 5.4.0-181.201

Changelog

Version: 5.4.0-168.186 2023-11-02 14:10:08 UTC

  linux (5.4.0-168.186) focal; urgency=medium

  * focal/linux: 5.4.0-168.186 -proposed tracker (LP: #2041652)

  * Focal update: v5.4.257 upstream stable release (LP: #2040284)
    - erofs: ensure that the post-EOF tails are all zeroed
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - HID: wacom: remove the battery when the EKR is off
    - staging: rtl8712: fix race condition
    - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
      condition
    - serial: sc16is7xx: fix bug when first setting GPIO direction
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
    - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
    - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
    - pinctrl: amd: Don't show `Invalid config param` errors
    - 9p: virtio: make sure 'offs' is initialized in zc_request
    - ASoC: da7219: Flush pending AAD IRQ when suspending
    - ASoC: da7219: Check for failure reading AAD IRQ events
    - ethernet: atheros: fix return value check in atl1c_tso_csum()
    - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
    - m68k: Fix invalid .section syntax
    - s390/dasd: use correct number of retries for ERP requests
    - s390/dasd: fix hanging device after request requeue
    - fs/nls: make load_nls() take a const parameter
    - ASoc: codecs: ES8316: Fix DMIC config
    - ASoC: atmel: Fix the 8K sample parameter in I2SC master
    - platform/x86: intel: hid: Always call BTNL ACPI method
    - platform/x86: huawei-wmi: Silence ambient light sensor
    - security: keys: perform capable check only on privileged operations
    - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
    - net: usb: qmi_wwan: add Quectel EM05GV2
    - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
    - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
    - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
    - bnx2x: fix page fault following EEH recovery
    - sctp: handle invalid error codes without calling BUG()
    - cifs: add a warning when the in-flight count goes negative
    - scsi: storvsc: Always set no_report_opcodes
    - ALSA: seq: oss: Fix racy open/close of MIDI devices
    - platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE
      notifications
    - powerpc/32s: Fix assembler warning about r0
    - udf: Check consistency of Space Bitmap Descriptor
    - udf: Handle error when adding extent to a file
    - Revert "net: macsec: preserve ingress frame ordering"
    - reiserfs: Check the return value from __getblk()
    - eventfd: Export eventfd_ctx_do_read()
    - eventfd: prevent underflow for eventfd semaphores
    - new helper: lookup_positive_unlocked()
    - fs: Fix error checking for d_hash_and_lookup()
    - tmpfs: verify {g,u}id mount options correctly
    - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
    - x86/asm: Make more symbols local
    - x86/boot: Annotate local functions
    - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved
    - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
    - cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
    - bpf: Clear the probe_addr for uprobe
    - tcp: tcp_enter_quickack_mode() should be static
    - regmap: rbtree: Use alloc_flags for memory allocations
    - spi: tegra20-sflash: fix to check return value of platform_get_irq() in
      tegra_sflash_probe()
    - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
      in case of OOM
    - wifi: mwifiex: Fix OOB and integer underflow when rx packets
    - mwifiex: switch from 'pci_' to 'dma_' API
    - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
    - crypto: stm32 - Properly handle pm_runtime_get failing
    - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
    - crypto: caam - fix unchecked return value error
    - hwrng: iproc-rng200 - use semicolons rather than commas to separate
      statements
    - hwrng: iproc-rng200 - Implement suspend and resume calls
    - lwt: Fix return values of BPF xmit ops
    - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
    - fs: ocfs2: namei: check return value of ocfs2_add_entry()
    - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
    - wifi: mwifiex: Fix missed return in oob checks failed path
    - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
    - wifi: ath9k: protect WMI command response buffer replacement with a lock
    - wifi: mwifiex: avoid possible NULL skb pointer dereference
    - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
    - net: arcnet: Do not call kfree_skb() under local_irq_disable()
    - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
    - mlxsw: i2c: Limit single transaction buffer size
    - netrom: Deny concurrent connect().
    - drm/bridge: tc358764: Fix debug print parameter order
    - quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list
    - quota: factor out dquot_write_dquot()
    - quota: rename dquot_active() to inode_quota_active()
    - quota: add new helper dquot_active()
    - quota: fix dqput() to follow the guarantees dquot_srcu should provide
    - drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
    - ARM: dts: BCM53573: Drop nonexistent "default-off" LED trigger
    - ARM: dts: BCM53573: Add cells sizes to PCIe node
    - ARM: dts: BCM53573: Use updated "

Source diff to previous version
2040284 Focal update: v5.4.257 upstream stable release
2039446 Focal update: v5.4.256 upstream stable release
2039440 Focal update: v5.4.255 upstream stable release
2039291 Focal update: v5.4.254 upstream stable release
2038652 Focal update: v5.4.253 upstream stable release
1786013 Packaging resync
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-5178 A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 5.4.0-166.183 2023-10-05 18:08:27 UTC

  linux (5.4.0-166.183) focal; urgency=medium

  * focal/linux: 5.4.0-166.183 -proposed tracker (LP: #2038010)

  * Use new annotations model (LP: #2019000)
    - [Packaging] new annotations model infrastructure
    - [Packaging] config-check: Handle new annotations format 4
    - [Packaging] rules: Use old-kernelconfig for old configs
    - [Config] sanitize annotations
    - [Config] import generated configs into annotation file
    - [Packaging] kernelconfig: add i386 as supported arch
    - [Config] Remove all old configs files

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update annotations scripts

  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo when calling the old config-check
    - [Packaging] fix typo in 4-checks.mk

  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts

  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP

  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve

  * Focal update: v5.4.252 upstream stable release (LP: #2036240)
    - ia64/cpu: Switch to arch_cpu_finalize_init()
    - m68k/cpu: Switch to arch_cpu_finalize_init()
    - mips/cpu: Switch to arch_cpu_finalize_init()
    - sh/cpu: Switch to arch_cpu_finalize_init()
    - x86/cpufeatures: Add SEV-ES CPU feature
    - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
    - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
    - tools headers cpufeatures: Sync with the kernel sources
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - Linux 5.4.252
    - Upstream stable to v5.4.252

  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c

  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet

  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()

  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU

  * Avoid address overwrite in kernel_connect (LP: #2035163)
    - net: Avoid address overwrite in kernel_connect

  * [regression] Unable to initialize SGX enclaves with XFRM other than 3
    (LP: #2034745)
    - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4

  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write

  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().

  * Focal update: v5.4.251 upstream stable release (LP: #2034918)
    - x86/smp: Use dedicated cache-line for mwait_play_dead()
    - video: imsttfb: check for ioremap() failures
    - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
    - HID: wacom: Use ktime_t rather than int when dealing with timestamps
    - drm/i915: Initialise outparam for error return from wait_for_register
    - scripts/tags.sh: Resolve gtags empty index generation
    - drm/amdgpu: Validate VM ioctl flags.
    - bgmac: fix *initial* chip reset to support BCM5358
    - x86/resctrl: Use is_closid_match() in more places
    - x86/resctrl: Only show tasks' pid in current pid namespace
    - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
    - md/raid10: fix overflow of md/safe_mode_delay
    - md/raid10: fix wrong setting of max_corr_read_errors
    - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
    - md/raid10: fix io loss while replacement replace rdev
    - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
    - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
    - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
    - clocksource/drivers/cadence-ttc: Use ttc driver as platform driver
    - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
    - PM: domains: fix integer overflow issues in genpd_parse_state()
    - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
    - ARM: 9303/1: kprobes: avoid missing-declaration warnings
    - evm: Complete description of evm_inode_setattr()
    - pstore/ram: Add check for kstrdup
    - ima: Fix build warnings
    - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
    - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
    - samples/bpf: Fix buffer overflow in tcp_basertt
    - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
    - wifi: mwifiex: Fix the size of a memory allocation in
      mwifiex_ret_802_11_scan()
    - nfc: constify several pointers to u8, char and sk_buff
    - nfc: llcp: fix possible use of uninitialized variable in
      nfc_llcp_send_connect()
    - regulator: core: Fix more error checking for debugfs_create_dir()
    - regulator: core: Streamline debugfs operations
    - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
    - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
    - wifi: atmel: Fix an error handling path in atmel_probe()
    - wl3501_cs: Fix a bunch of formatting issues related to function docs
    - wl3501_cs: Remove unnecessary NULL check
    - wl3501_cs: Fix misspelling and provide missing documentation
    - net: create netdev->dev_addr assignment helpers
    - wl3501_cs: use eth_hw_addr_set()
    - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
    - wifi: ray_cs: Utilize strnlen() in parse_addr()
    - wifi: ray_cs: Drop useless status variable in parse_addr()
    - wifi: ray_cs: Fix an error handling path in ray_probe()
    - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
    - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
    - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
      config
    - watchdog/perf: more properly prevent false positives wi

Source diff to previous version
2019000 Use new annotations model
1786013 Packaging resync
2020413 fix typo in config-checks invocation
2020531 support python \u003c 3.9 with annotations
2036240 Focal update: v5.4.252 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2034918 Focal update: v5.4.251 upstream stable release
2033297 Focal update: v5.4.250 upstream stable release
2033278 Focal update: v5.4.249 upstream stable release
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

Version: 5.4.0-164.181 2023-09-07 11:07:07 UTC

  linux (5.4.0-164.181) focal; urgency=medium

  * focal/linux: 5.4.0-164.181 -proposed tracker (LP: #2033867)

  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console

  * Azure: hv_netvsc: add support for vlans in AF_PACKET mode (LP: #2030872)
    - hv_netvsc: add support for vlans in AF_PACKET mode

  * systemd mount units fail during boot, while file system is correctly mounted
    (LP: #1837227)
    - list: introduce list_for_each_continue()
    - proc/mounts: add cursor

  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb

  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt

  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()

  * CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().

  * CVE-2021-4001
    - bpf: Fix toctou on read-only map's constant scalar tracking

  * Focal update: v5.4.248 upstream stable release (LP: #2031121)
    - test_firmware: fix a memory leak with reqs buffer
    - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
    - dasd: refactor dasd_ioctl_information
    - s390/dasd: Use correct lock while counting channel queue length
    - power: supply: ab8500: Fix external_power_changed race
    - power: supply: sc27xx: Fix external_power_changed race
    - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
      schedule()
    - ARM: dts: vexpress: add missing cache properties
    - power: supply: Ratelimit no data debug output
    - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
    - regulator: Fix error checking for debugfs_create_dir
    - irqchip/meson-gpio: Mark OF related data as maybe unused
    - power: supply: Fix logic checking if system is running from battery
    - btrfs: handle memory allocation failure in btrfs_csum_one_bio
    - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
    - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
    - MIPS: Alchemy: fix dbdma2
    - mips: Move initrd_start check after initrd address sanitisation.
    - xen/blkfront: Only check REQ_FUA for writes
    - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
    - ocfs2: fix use-after-free when unmounting read-only filesystem
    - ocfs2: check new file size on fallocate call
    - nios2: dts: Fix tse_mac "max-frame-size" property
    - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
    - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
    - kexec: support purgatories with .text.hot sections
    - powerpc/purgatory: remove PGO flags
    - nouveau: fix client work fence deletion race
    - RDMA/uverbs: Restrict usage of privileged QKEYs
    - net: usb: qmi_wwan: add support for Compal RXM-G1
    - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
    - Remove DECnet support from kernel
    - [Config] updateconfigs for DECNET
    - USB: serial: option: add Quectel EM061KGL series
    - serial: lantiq: add missing interrupt ack
    - usb: dwc3: gadget: Reset num TRBs before giving back the request
    - spi: spi-fsl-dspi: Remove unused chip->void_write_data
    - spi: fsl-dspi: avoid SCK glitches with continuous transfers
    - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
    - ping6: Fix send to link-local addresses with VRF.
    - RDMA/rxe: Remove the unused variable obj
    - RDMA/rxe: Removed unused name from rxe_task struct
    - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
    - iavf: remove mask from iavf_irq_enable_queues()
    - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
    - IB/isert: Fix dead lock in ib_isert
    - IB/isert: Fix possible list corruption in CMA handler
    - IB/isert: Fix incorrect release of isert connection
    - ipvlan: fix bound dev checking for IPv6 l3s mode
    - sctp: fix an error code in sctp_sf_eat_auth()
    - igb: fix nvm.ops.read() error handling
    - drm/nouveau/dp: check for NULL nv_connector->native_mode
    - drm/nouveau/kms: Don't change EDID when it hasn't actually changed
    - drm/nouveau: add nv_encoder pointer check for NULL
    - net/sched: cls_api: Fix lockup on flushing explicitly created chain
    - net: lapbether: only support ethernet devices
    - net: tipc: resize nlattr array to correct size
    - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
    - afs: Fix vlserver probe RTT handling
    - neighbour: Remove unused inline function neigh_key_eq16()
    - net: Remove unused inline function dst_hold_and_use()
    - neighbour: delete neigh_lookup_nodev as not used
    - drm/nouveau/kms: Fix NULL pointer dereference in
      nouveau_connector_detect_depth
    - mmc: block: ensure error propagation for non-blk
    - Linux 5.4.248

  * Focal update: v5.4.247 upstream stable release (LP: #2030818)
    - blk-iocost: avoid 64-bit division in ioc_timer_fn
    - block/blk-iocost (gcc13): keep large values in a new enum
    - i40iw: fix build warning in i40iw_manage_apbvt()
    - i40e: fix build warnings in i40e_alloc.h
    - spi: qup: Request DMA before enabling clocks
    - neighbour: Replace zero-length array with flexible-array member
    - neighbour: fix unaligned access to pneigh_entry
    - net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
    - Bluetooth: Fix l2cap_disconnect_req deadlock
    - Bluetooth: L2CAP: Add missing checks for invalid DCID
    - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
    - netfilter: ipset: Add schedule point in call_ad().
    - rfs: annotate lockless accesses to sk->sk_rxhash
    - rfs: annotate lockless accesses to RFS sock flow table
    - net

Source diff to previous version
2022361 Please enable Renesas RZ platform serial installer
2030872 Azure: hv_netvsc: add support for vlans in AF_PACKET mode
1837227 systemd mount units fail during boot, while file system is correctly mounted
2031121 Focal update: v5.4.248 upstream stable release
2030818 Focal update: v5.4.247 upstream stable release
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2021-4001 A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/sys
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr

Version: 5.4.0-162.179 2023-08-16 10:06:52 UTC

  linux (5.4.0-162.179) focal; urgency=medium

  * focal/linux: 5.4.0-162.179 -proposed tracker (LP: #2031128)

  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

Source diff to previous version
2031093 libgnutls report \

Version: 5.4.0-156.173 2023-07-13 13:07:14 UTC

  linux (5.4.0-156.173) focal; urgency=medium

  * focal/linux: 5.4.0-156.173 -proposed tracker (LP: #2026585)

  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

  * Focal update: v5.4.241 upstream stable release (LP: #2023930)
    - scsi: ses: Handle enclosure with just a primary component gracefully
    - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    - treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
    - smb3: fix problem with null cifs super block with previous patch
    - pinctrl: amd: Use irqchip template
    - pinctrl: amd: disable and mask interrupts on probe
    - pinctrl: amd: Disable and mask interrupts on resume
    - pwm: cros-ec: Explicitly set .polarity in .get_state()
    - pwm: sprd: Explicitly set .polarity in .get_state()
    - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
      sta
    - icmp: guard against too small mtu
    - net: don't let netpoll invoke NAPI if in xmit context
    - sctp: check send stream number after wait_for_sndbuf
    - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    - gpio: davinci: Add irq chip flag to skip set wake
    - sunrpc: only free unix grouplist after RCU settles
    - NFSD: callback request does not use correct credential for AUTH_SYS
    - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    - usb: typec: altmodes/displayport: Fix configure initial pin assignment
    - USB: serial: option: add Telit FE990 compositions
    - USB: serial: option: add Quectel RM500U-CN modem
    - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    - tty: serial: sh-sci: Fix transmit end interrupt handler
    - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    - tty: serial: fsl_lpuart: avoid checking for transfer complete when
      UARTCTRL_SBK is asserted in lpuart32_tx_empty
    - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    - nilfs2: fix sysfs interface lifetime
    - ALSA: hda/realtek: Add quirk for Clevo X370SNW
    - perf/core: Fix the same task check in perf_event_set_output
    - ftrace: Mark get_lock_parent_ip() __always_inline
    - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    - tracing: Free error logs of tracing instances
    - net_sched: prevent NULL dereference if default qdisc setup failed
    - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    - ring-buffer: Fix race while reader and writer are on the same page
    - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    - irqdomain: Look for existing mapping only once
    - irqdomain: Refactor __irq_domain_alloc_irqs()
    - irqdomain: Fix mapping-creation race
    - Revert "pinctrl: amd: Disable and mask interrupts on resume"
    - ALSA: emu10k1: fix capture interrupt handler unlinking
    - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
    - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
    - ALSA: firewire-tascam: add missing unwind goto in
      snd_tscm_stream_start_duplex()
    - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
    - Bluetooth: Fix race condition in hidp_session_thread
    - btrfs: print checksum type and implementation at mount time
    - btrfs: fix fast csum implementation detection
    - mtdblock: tolerate corrected bit-flips
    - mtd: rawnand: meson: fix bitmask for length in command word
    - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
    - niu: Fix missing unwind goto in niu_alloc_channels()
    - qlcnic: check pci_reset_function result
    - sctp: fix a potential overflow in sctp_ifwdtsn_skip
    - RDMA/core: Fix GID entry ref leak when create_ah fails
    - udp6: fix potential access to stale information
    - net: macb: fix a memory corruption in extended buffer descriptor mode
    - power: supply: cros_usbpd: reclassify "default case!" as debug
    - i2c: imx-lpi2c: clean rx/tx buffers upon new message
    - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
    - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
    - verify_pefile: relax wrapper length check
    - asymmetric_keys: log on fatal failures in PE/pkcs7
    - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
    - mtd: ubi: wl: Fix a couple of kernel-doc issues
    - ubi: Fix deadlock caused by recursively holding work_sem
    - i2c: ocores: generate stop condition after timeout in polling mode
    - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
    - coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
    - xfs: show the proper user quota options
    - xfs: remove the kuid/kgid conversion wrappers
    - xfs: add a new xfs_sb_version_has_v3inode helper
    - xfs: only check the superblock version for dinode size calculation
    - xfs: simplify di_flags2 inheritance in xfs_ialloc
    - xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize
    - xfs: remove the di_version field from struct icdinode
    - xfs: set inode size after creating symlink
    - xfs: report corruption only as a regular error
    - xfs: shut down the filesystem if we screw up quota reservation
    - xfs: consider shutdown in bmapbt cursor delete assert
    - xfs: don't reuse busy extents on extent trim
    - xfs: force log and push AIL to clear pinned inodes when aborting mount
    - Linux 5.4.241

  * [UBUNTU 20.04] [HPS] Kernel panic with "refcount_t: underflow" in mlx5
    driver (LP: #2019011)
    - net/mlx5: cmdif, Avoid skipping reclaim pages if FW is not accessible
    - net/mlx5: Fix handling of entry refcount when command i

2023930 Focal update: v5.4.241 upstream stable release
2019011 [UBUNTU 20.04] [HPS] Kernel panic with \
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2003053 NFS: client permission error after adding user to permissible group
2022098 Severe NFS performance degradation after LP #2003053
2020319 Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest
2023601 Focal update: v5.4.240 upstream stable release
2023600 Focal update: v5.4.239 upstream stable release
2023427 Focal update: v5.4.238 upstream stable release
2023420 Focal update: v5.4.237 upstream stable release
2020390 Focal update: v5.4.236 upstream stable release
1786013 Packaging resync
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2023-3111 A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be trig
CVE-2023-1611 A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the syste
CVE-2022-0168 A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (
CVE-2022-27672 When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch po
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2020-36691 An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested
CVE-2022-1184 A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacke
CVE-2022-4269 A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress



About   -   Send Feedback to @ubuntu_updates