UbuntuUpdates.org

Package "linux-oem-5.14"


Moved to focal:main:updates


Name: linux-oem-5.14

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

Latest version: *DELETED*
Release: focal (20.04)
Level: proposed
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux-oem-5.14" in Focal

Repository Area Version
security main 5.14.0-1059.67
updates main 5.14.0-1059.67
PPA: Canonical Kernel Team 5.14.0-1059.67

Changelog

Version: *DELETED* 2023-03-28 18:07:34 UTC
Moved to focal:main:updates
No changelog for deleted or moved packages.

Version: 5.14.0-1059.67 2023-03-14 04:06:52 UTC

  linux-oem-5.14 (5.14.0-1059.67) focal; urgency=medium

  * focal/linux-oem-5.14: 5.14.0-1059.67 -proposed tracker (LP: #2008390)

  * CVE-2023-0461
    - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461

  * CVE-2023-0394
    - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames

  * CVE-2022-36280
    - drm/vmwgfx: Validate the box size for the snooped cursor

  * CVE-2022-41850
    - HID: roccat: Fix use-after-free in roccat_read()

  * CVE-2022-3061
    - video: fbdev: i740fb: Error out if 'pixclock' equals zero

  * CVE-2022-3628
    - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()

  * CVE-2022-3646
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure

  * CVE-2022-3649
    - nilfs2: fix use-after-free bug of struct nilfs_root

  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest

  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS

 -- Timo Aaltonen <email address hidden> Mon, 13 Mar 2023 16:07:08 +0200
1814234 rtcpie in timers from ubuntu_kernel_selftests randomly failing
CVE-2023-0461 RESERVED
CVE-2023-0394 A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw c
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel
CVE-2022-41850 roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situ
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c
CVE-2022-3628 A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device
CVE-2022-3646 A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the
CVE-2022-3649 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inod
CVE-2022-2196 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 du

Version: *DELETED* 2023-03-03 05:06:53 UTC
Moved to focal:main:updates
No changelog for deleted or moved packages.

Version: 5.14.0-1058.66 2023-02-13 14:07:11 UTC

  linux-oem-5.14 (5.14.0-1058.66) focal; urgency=medium

  * focal/linux-oem-5.14: 5.14.0-1058.66 -proposed tracker (LP: #2004386)

  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates

  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.30)

  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets

  * CVE-2022-43750
    - usb: mon: make mmapped memory read only

  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP

  * CVE-2022-3565
    - mISDN: fix use-after-free bugs in l1oip timer handlers

  * CVE-2022-36879
    - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
      xfrm_bundle_lookup()

  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()

  * CVE-2022-20566
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put

 -- Timo Aaltonen <email address hidden> Fri, 10 Feb 2023 11:38:13 +0200
1996892 Expose built-in trusted and revoked certificates
1786013 Packaging resync
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-43750 drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's inter
CVE-2023-0461 RESERVED
CVE-2022-3565 A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drive
CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
CVE-2022-20369 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation
CVE-2022-20566 In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no

Version: *DELETED* 2023-02-08 17:06:58 UTC
Moved to focal:main:updates
No changelog for deleted or moved packages.


About   -   Send Feedback to @ubuntu_updates