UbuntuUpdates.org

Package "linux-oem-5.6"

Name: linux-oem-5.6

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.6.0 on 64 bit x86 SMP
  • Linux kernel headers for version 5.6.0 on 64 bit x86 SMP
  • Linux kernel image for version 5.6.0 on 64 bit x86 SMP
  • Linux kernel extra modules for version 5.6.0 on 64 bit x86 SMP

Latest version: 5.6.0-1053.57
Release: focal (20.04)
Level: proposed
Repository: main

Links



Other versions of "linux-oem-5.6" in Focal

Repository Area Version
base main 5.6.0-1007.7
security main 5.6.0-1052.56
updates main 5.6.0-1052.56
PPA: Canonical Kernel Team 5.6.0-1053.57

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.6.0-1053.57 2021-04-10 00:06:26 UTC

  linux-oem-5.6 (5.6.0-1053.57) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker (LP: #1921042)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] sync dkms-build et al from LRMv4

  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

  * xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-
    cases (LP: #1909647)
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255
    on F-oem-5.6 (LP: #1919147)
    - selftests: net: ip_defrag: modprobe missing nf_defrag_ipv6 support

  * l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with
    "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on
    F-OEM-5.6 (LP: #1919277)
    - l2tp: remove skb_dst_set() from l2tp_xmit_skb()

  * CVE-2020-0466
    - epoll: Keep a reference on files added to the check list
    - do_epoll_ctl(): clean the failure exits up a bit
    - fix regression in "epoll: Keep a reference on files added to the check list"

  * CVE-2021-3178
    - nfsd4: readdirplus shouldn't return parent of export

  * CVE-2020-25285
    - mm/hugetlb: fix a race between hugetlb sysctl handlers

  * CVE-020-10781
    - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * CVE-2020-25669
    - Input: sunkbd - avoid use-after-free in teardown paths

  * CVE-2020-14390
    - fbcon: remove soft scrollback code

  * CVE-2021-3411
    - x86/kprobes: Fix optprobe to detect INT3 padding correctly

  * CVE-2020-0423
    - binder: fix UAF when releasing todo list

  * CVE-2020-27830
    - speakup: Reject setting the speakup line discipline outside of speakup

  * CVE-2020-0465
    - HID: core: Correctly handle ReportSize being zero
    - HID: core: Sanitize event code and type when mapping input

  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

  * CVE-2021-20194
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check

  * CVE-2020-36158
    - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

 -- Stefan Bader <email address hidden> Fri, 09 Apr 2021 16:43:44 +0200

1786013 Packaging resync
1918134 LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
1919147 ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6
1919277 l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with \
CVE-2021-29154 BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ...
CVE-2020-0466 In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation o
CVE-2021-3178 ** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote att
CVE-2020-25285 A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory,
CVE-2020-14351 perf: Fix race in perf_mmap_close function
CVE-2020-14390 A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory
CVE-2021-3411 A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linki
CVE-2020-0423 In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in t
CVE-2020-27830 Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2
CVE-2020-0465 In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of
CVE-2020-25645 A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to
CVE-2021-20194 heap overflow in __cgroup_bpf_run_filter_getsockopt()
CVE-2020-36158 mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to exe

Version: *DELETED* 2021-03-25 16:07:17 UTC
No changelog for deleted or moved packages.

Version: 5.6.0-1050.54 2021-03-12 18:07:00 UTC

  linux-oem-5.6 (5.6.0-1050.54) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1050.54 -proposed tracker (LP: #1918665)

  * Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
    - [Config] enable CONFIG_MODVERSIONS=y
    - [Packaging] build canonical-certs.pem from branch/arch certs
    - [Config] add Canonical Livepatch Service key to SYSTEM_TRUSTED_KEYS
    - [Config] add ubuntu-drivers key to SYSTEM_TRUSTED_KEYS
    - [Config] Allow ASM_MODVERSIONS and MODULE_REL_CRCS

 -- Timo Aaltonen <email address hidden> Thu, 11 Mar 2021 20:32:01 +0200

Source diff to previous version
1898716 Please trust Canonical Livepatch Service kmod signing key

Version: 5.6.0-1049.53 2021-02-26 14:07:09 UTC

  linux-oem-5.6 (5.6.0-1049.53) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1049.53 -proposed tracker (LP: #1916171)

  * CVE-2020-25668
    - tty: make FONTX ioctl use the tty pointer they were actually passed

  * Focal update: v5.4.73 upstream stable release (LP: #1902115) //
    CVE-2020-25705
    - icmp: randomize the global rate limiter

  * CVE-2020-27675
    - xen/events: avoid removing an event channel while handling it

  * CVE-2020-25656
    - vt: keyboard, simplify vt_kdgkbsent
    - vt: keyboard, extend func_buf_lock to readers

  * CVE-2021-20239
    - net, sctp, filter: remap copy_from_user failure error

 -- Chia-Lin Kao (AceLan) <email address hidden> Fri, 26 Feb 2021 10:56:08 +0800

Source diff to previous version
1902115 Focal update: v5.4.73 upstream stable release
CVE-2020-25668 concurrency use-after-free in vt
CVE-2020-25705 A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw al
CVE-2020-27675 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel rem
CVE-2020-25656 A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local u
CVE-2021-20239 Untrusted Pointer Dereference in setsockopt system call

Version: 5.6.0-1048.52 2021-02-19 15:06:56 UTC

  linux-oem-5.6 (5.6.0-1048.52) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker (LP: #1913153)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test
    result (LP: #1908499)
    - selftests: fix the return value for UDP GRO test

  * CVE-2020-27815
    - jfs: Fix array index bounds check in dbAdjTree

  * CVE-2020-25704
    - perf/core: Fix a memory leak in perf_event_parse_addr_filter()

  * CVE-2020-25643
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()

  * CVE-2020-25641
    - block: allow for_each_bvec to support zero len bvec

  * CVE-2020-25284
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping

  * CVE-2020-25212
    - nfs: Fix getxattr kernel panic and memory overflow

  * CVE-2020-28588
    - lib/syscall: fix syscall registers retrieval on 32-bit platforms

  * CVE-2020-29371
    - romfs: fix uninitialized memory leak in romfs_dev_read()

  * CVE-2020-29369
    - mm/mmap.c: close race between munmap() and expand_upwards()/downwards()

  * CVE-2020-29368
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()

  * CVE-2020-29660
    - tty: Fix ->session locking

  * CVE-2020-29661
    - tty: Fix ->pgrp locking in tiocspgrp()

  * CVE-2020-35508
    - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent

  * CVE-2020-24490
    - Bluetooth: fix kernel oops in store_pending_adv_report

  * CVE-2020-14314
    - ext4: fix potential negative array index in do_split()

  * CVE-2020-10135
    - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
    - Bluetooth: Disconnect if E0 is used for Level 4

  * CVE-2020-27152
    - KVM: ioapic: break infinite recursion on lazy EOI

  * CVE-2020-28915
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts

  * CVE-2020-15437
    - serial: 8250: fix null-ptr-deref in serial8250_start_tx()

  * CVE-2020-15436
    - block: Fix use-after-free in blkdev_get()

  * switch to an autogenerated nvidia series based core via dkms-versions
    (LP: #1912803)
    - [Config] dkms-versions -- add transitional/skip information for nvidia
      packages
    - [Packaging] nvidia -- use dkms-versions to define versions built
    - [Packaging] update-version-dkms -- maintain flags fields

  * S3 stress test fails with amdgpu errors (LP: #1909453)
    - drm/amdgpu: asd function needs to be unloaded in suspend phase
    - drm/amdgpu: add TMR destory function for psp

 -- Timo Aaltonen <email address hidden> Thu, 18 Feb 2021 13:11:14 +0200

1786013 Packaging resync
1908499 udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result
1912803 switch to an autogenerated nvidia series based core via dkms-versions
1909453 S3 stress test fails with amdgpu errors
CVE-2020-25704 A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could u
CVE-2020-25643 A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper i
CVE-2020-25641 A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsyst
CVE-2020-25284 The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, w
CVE-2020-25212 A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspeci
CVE-2020-28588 lib/syscall: fix syscall registers retrieval on 32-bit platforms
CVE-2020-29371 An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bc
CVE-2020-29369 An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards
CVE-2020-29368 An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintend
CVE-2020-29660 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctr
CVE-2020-29661 A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack agai
CVE-2020-24490 Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all
CVE-2020-14314 A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with
CVE-2020-10135 Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated use
CVE-2020-27152 An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to impro
CVE-2020-28915 A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel mem
CVE-2020-15437 The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() th
CVE-2020-15436 Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by l



About   -   Send Feedback to @ubuntu_updates