UbuntuUpdates.org

Package "linux-tools-5.15.0-1065-ibm"

Name: linux-tools-5.15.0-1065-ibm

Description:

Linux kernel version specific tools for version 5.15.0-1065

Latest version: 5.15.0-1065.68~20.04.1
Release: focal (20.04)
Level: proposed
Repository: main
Head package: linux-ibm-5.15

Links


Download "linux-tools-5.15.0-1065-ibm"


Other versions of "linux-tools-5.15.0-1065-ibm" in Focal

Repository Area Version
PPA: Canonical Kernel Team 5.15.0-1065.68~20.04.1

Changelog

Version: 5.15.0-1065.68~20.04.1 2024-10-26 01:06:53 UTC

  linux-ibm-5.15 (5.15.0-1065.68~20.04.1) focal; urgency=medium

  * focal/linux-ibm-5.15: 5.15.0-1065.68~20.04.1 -proposed tracker
    (LP: #2082970)

  [ Ubuntu: 5.15.0-1065.68 ]

  * jammy/linux-ibm: 5.15.0-1065.68 -proposed tracker (LP: #2082971)
  * jammy/linux: 5.15.0-125.135 -proposed tracker (LP: #2083001)
  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Jammy update: v5.15.167 upstream stable release (LP: #2081279)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
    - ALSA: hda/conexant: Mute speakers at suspend / shutdown
    - i2c: Fix conditional for substituting empty ACPI functions
    - dma-debug: avoid deadlock between dma debug vs printk and netconsole
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amd/display: Assign linear_pitch_alignment even for VM
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
    - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
    - drm/amd/pm: fix warning using uninitialized value of max_vid_step
    - drm/amd/pm: fix the Out-of-bounds read warning
    - drm/amdgpu: fix uninitialized scalar variable warning
    - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
    - drm/amdgpu: avoid reading vf2pf info size from FB
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Add array index check for hdcp ddc access
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Check msg_id before processing transcation
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amd/amdgpu: Check tbo resource pointer
    - drm/amdgpu/pm: Fix uninitialized variable warning for smu10
    - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
    - drm/amdgpu: Fix out-of-bounds write warning
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
      SOCs
    - drm/amdgpu: fix the waring dereferencing hive
    - drm/amd/pm: check specific index for aldebaran
    - drm/amdgpu: the warning dereferencing obj for nbio_v7_4
    - drm/amd/pm: check negtive return for table entries
    - drm/amdgpu: update type of buf size to u32 for eeprom functions
    - wifi: iwlwifi: remove fw_running op
    - cpufreq: scmi: Avoid overflow of target_freq in fast switch
    - PCI: al: Check IORESOURCE_BUS existence during probe
    - hwspinlock: Introduce hwspin_lock_bust()
    - RDMA/efa: Properly handle unexpected AQ completions
    - ionic: fix potential irq name truncation
    - rcu/nocb: Remove buggy bypass lock contention mitigation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - fsnotify: clear PARENT_WATCHED flags lazily
    - smack: tcp: ipv4, fix incorrect labeling
    - drm/meson: plane: Add error handling
    - drm/bridge: tc358767: Check if fully initialized before signalling HPD event
      via IRQ
    - wifi: cfg80211: make hash table duplicates more survivable
    - block: remove the blk_flush_integrity call in blk_integrity_unregister
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
    - virtio_net: Fix napi_skb_cache_put warning
    - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
    - ext4: reject casefold inode flag without casefold feature
    - udf: Limit file size to 4TB
    - ext4: handle redirtying in ext4_bio_write_page()
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
    - KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ALSA: hda/realtek: add patch for internal mic in Lenovo V145
    - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - rtmutex: Drop rt_mutex::wait_lock before scheduling
    - nvme-pci: Add sleep quirk for Samsung 990 Evo
    - Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
    - Bluetooth: MGMT: Ignore keys being loaded with invalid type
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - mmc: cqhci: Fix checking of CQHCI_HALT state
    - fuse: update stats for pages in dropped aux writeback list
    - fuse: use unsigned type for getxattr/listxattr size truncation
    - clk: qcom: clk-alpha-pll: Fix the pll post div mask
    - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
    - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
    - tracing: Avoid possible softlock

Source diff to previous version
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1062.65~20.04.1 2024-08-21 17:07:04 UTC

  linux-ibm-5.15 (5.15.0-1062.65~20.04.1) focal; urgency=medium

  * focal/linux-ibm-5.15: 5.15.0-1062.65~20.04.1 -proposed tracker
    (LP: #2075873)

  [ Ubuntu: 5.15.0-1062.65 ]

  * jammy/linux-ibm: 5.15.0-1062.65 -proposed tracker (LP: #2075874)
  * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
  * jammy:linux bpf selftest do not build (LP: #2076334)
    - SAUCE: Revert "bpf: Allow reads from uninit stack"
  * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.08.05)
  * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
    - Compiler Attributes: Add __uninitialized macro
    - locking/mutex: Introduce devm_mutex_init()
    - drm/lima: fix shared irq handling on driver remove
    - media: dvb: as102-fe: Fix as10x_register_addr packing
    - media: dvb-usb: dib0700_devices: Add missing release_firmware()
    - IB/core: Implement a limit on UMAD receive List
    - scsi: qedf: Make qedf_execute_tmf() non-preemptible
    - crypto: aead,cipher - zeroize key buffer after use
    - drm/amdgpu: Initialize timestamp for some legacy SOCs
    - drm/amd/display: Check index msg_id before read or write
    - drm/amd/display: Check pipe offset before setting vblank
    - drm/amd/display: Skip finding free audio for unknown engine_id
    - media: dw2102: Don't translate i2c read into write
    - sctp: prefer struct_size over open coded arithmetic
    - firmware: dmi: Stop decoding on broken entry
    - Input: ff-core - prefer struct_size over open coded arithmetic
    - wifi: mt76: replace skb_put with skb_put_zero
    - net: dsa: mv88e6xxx: Correct check for empty list
    - media: dvb-frontends: tda18271c2dd: Remove casting during div
    - media: s2255: Use refcount_t instead of atomic_t for num_channels
    - media: dvb-frontends: tda10048: Fix integer overflow
    - i2c: i801: Annotate apanel_addr as __ro_after_init
    - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
    - orangefs: fix out-of-bounds fsid access
    - kunit: Fix timeout message
    - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
    - igc: fix a log entry using uninitialized netdev
    - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
    - jffs2: Fix potential illegal address access in jffs2_free_inode
    - s390/pkey: Wipe sensitive data on failure
    - tools/power turbostat: Remember global max_die_id
    - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
    - tcp_metrics: validate source addr length
    - KVM: s390: fix LPSWEY handling
    - e1000e: Fix S0ix residency on corporate systems
    - net: allow skb_datagram_iter to be called from any context
    - wifi: wilc1000: fix ies_len type in connect path
    - riscv: kexec: Avoid deadlock in kexec crash path
    - netfilter: nf_tables: unconditionally flush pending work before notifier
    - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
    - selftests: fix OOM in msg_zerocopy selftest
    - selftests: make order checking verbose in msg_zerocopy selftest
    - inet_diag: Initialize pad field in struct inet_diag_req_v2
    - gpiolib: of: factor out code overriding gpio line polarity
    - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
    - gpiolib: of: add polarity quirk for TSC2005
    - Revert "igc: fix a log entry using uninitialized netdev"
    - nilfs2: fix inode number range checks
    - nilfs2: add missing check for inode numbers on directory entries
    - mm: optimize the redundant loop of mm_update_owner_next()
    - mm: avoid overflows in dirty throttling logic
    - btrfs: fix adding block group to a reclaim list and the unused list during
      reclaim
    - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
    - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
    - fsnotify: Do not generate events for O_PATH file descriptors
    - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
      again"
    - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
    - drm/amdgpu/atomfirmware: silence UBSAN warning
    - mtd: rawnand: Ensure ECC configuration is propagated to upper layers
    - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
    - mtd: rawnand: rockchip: ensure NVDDR timings are rejected
    - ima: Avoid blocking in RCU read-side critical section
    - media: dw2102: fix a potential buffer overflow
    - clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents
    - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
    - fs/ntfs3: Mark volume as dirty if xattr is broken
    - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
    - nvme-multipath: find NUMA path only for online numa-node
    - dma-mapping: benchmark: avoid needless copy_to_user if benchmark fails
    - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
    - regmap-i2c: Subtract reg size from max_write
    - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
      tablet
    - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
    - nvmet: fix a possible leak when destroy a ctrl during qp establishment
    - kbuild: fix short log for AS in link-vmlinux.sh
    - nfc/nci: Add the inconsistency check between the input data length and count
    - null_blk: Do not allow runt zone with zone capacity smaller then zone size
    - nilfs2: fix incorrect inode allocation from reserved inodes
    - mm: prevent derefencing NULL ptr in pfn_section_valid()
    - filelock: fix potential use-after-free in posix_lock_inode
    - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
    - vfs: don't mod negative dentry count when on shrinker list
    - tcp: fix incorrect undo caused by DSACK of TLP retransmit
    -

Source diff to previous version
2076334 jammy:linux bpf selftest do not build
1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori

Version: 5.15.0-1039.42~20.04.1 2024-08-13 00:07:15 UTC

  linux-ibm-5.15 (5.15.0-1039.42~20.04.1) focal; urgency=medium

  * focal/linux-ibm-5.15: 5.15.0-1039.42~20.04.1 -proposed tracker
    (LP: #2033794)

  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET

  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8

  [ Ubuntu: 5.15.0-1039.42 ]

  * jammy/linux-ibm: 5.15.0-1039.42 -proposed tracker (LP: #2033795)
  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET
  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
    - [Config] Mark sh-sci as built-in
  * Request backport of xen timekeeping performance improvements (LP: #2033122)
    - x86/xen/time: prefer tsc as clocksource when it is invariant
  * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
    ARM64 (LP: #2033007)
    - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
    - kexec, KEYS: make the code in bzImage64_verify_sig generic
    - arm64: kexec_file: use more system keyrings to verify kernel image signature
  * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
    jammy/fips (LP: #2019880)
    - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
  * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
    (LP: #2019868)
    - selftests/harness: allow tests to be skipped during setup
    - selftests: net: tls: check if FIPS mode is enabled
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
    - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-20569
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - x86/srso: Add a Speculative RAS Overflow mitigation
    - x86/srso: Add IBPB_BRTYPE support
    - x86/srso: Add SRSO_NO support
    - x86/srso: Add IBPB
    - x86/srso: Add IBPB on VMEXIT
    - x86/srso: Fix return thunks in generated code
    - x86/srso: Tie SBPB bit setting to microcode patch detection
    - x86: fix backwards merge of GDS/SRSO bit
    - x86/srso: Fix build breakage with the LLVM linker
    - x86/cpu: Fix __x86_return_thunk symbol type
    - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
    - x86/alternative: Make custom return thunk unconditional
    - objtool: Add frame-pointer-specific function ignore
    - x86/ibt: Add ANNOTATE_NOENDBR
    - x86/cpu: Clean up SRSO return thunk mess
    - x86/cpu: Rename original retbleed methods
    - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
    - x86/cpu: Cleanup the untrain mess
    - x86/srso: Explain the untraining sequences a bit more
    - x86/static_call: Fix __static_call_fixup()
    - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
    - x86/srso: Disable the mitigation on unaffected configurations
    - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
    - objtool/x86: Fixup frame-pointer vs rethunk
    - x86/srso: Correct the mitigation status when SMT is disabled
    - objtool/x86: Fix SRSO mess
    - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
  * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122)
    - e1000e: Use PME poll to circumvent unreliable ACPI wake
  * Need to get fine-grained control for FAN(TFN) Participant. (LP: #2031333)
    - ACPI: fan: Separate file for attributes creation
    - ACPI: fan: Optimize struct acpi_fan_fif
    - ACPI: fan: Properly handle fine grain control
    - ACPI: fan: Add additional attributes for fine grain control
  * [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in
    cpuinfo_min_freq and cpuino_max_freq sysfs files. (LP: #2030924)
    - cpufreq: intel_pstate: Fix scaling for hybrid-capable
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
  * CVE-2023-4155
    - KVM: SEV: Refactor out sev_es_state struct
    - KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary
    - KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
    - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
  * CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().
  * Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel
    5.19.0-46.47-22.04.1 (LP: #2032176)
    - Revert "KVM: x86: enable TDP MMU by default"
  * Jammy update: v5.15.122 upstream stable release (LP: #2032690)
    - Linux 5.15.122
    - Upstream stable to v5.15.122
  * Jammy update: v5.15.121 upstream stable release (LP: #2032689)
    - netfilter: nf_tables: drop map element references from preparation phase
    - fs: pipe: reveal missing function protoypes
    - x86/resctrl: Only show tasks' pid in current pid namespace
    - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
    - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
    - md/raid10: fix overflow of md/safe_mode_delay
    - md/raid10: fix wrong setting of max_corr_read_errors
    - md/raid10: fix null-pt

Source diff to previous version
2030239 Jammy update: v5.15.118 upstream stable release
2030107 Jammy update: v5.15.117 upstream stable release
1786013 Packaging resync
2022361 Please enable Renesas RZ platform serial installer
2033122 Request backport of xen timekeeping performance improvements
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2019880 ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on jammy/fips
2019868 ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2028122 Fix unreliable ethernet cable detection on I219 NIC
2031333 Need to get fine-grained control for FAN(TFN) Participant.
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2032176 Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel 5.19.0-46.47-22.04.1
2032690 Jammy update: v5.15.122 upstream stable release
2032689 Jammy update: v5.15.121 upstream stable release
2032688 Jammy update: v5.15.120 upstream stable release
2032683 Jammy update: v5.15.119 upstream stable release
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-20569 A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-20588 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-4155 A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in t ...
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special

Version: 5.15.0-1060.63~20.04.1 2024-07-25 04:09:04 UTC

  linux-ibm-5.15 (5.15.0-1060.63~20.04.1) focal; urgency=medium

  * focal/linux-ibm-5.15: 5.15.0-1060.63~20.04.1 -proposed tracker
    (LP: #2072224)

  [ Ubuntu: 5.15.0-1060.63 ]

  * jammy/linux-ibm: 5.15.0-1060.63 -proposed tracker (LP: #2072225)
  * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
  * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
    - drm/amd/display: Fix division by zero in setup_dsc_config
    - pinctrl: core: handle radix_tree_insert() errors in
      pinctrl_register_one_pin()
    - nfsd: don't allow nfsd threads to be signalled.
    - KEYS: trusted: Fix memory leak in tpm2_key_encode()
    - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
    - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
    - net: bcmgenet: synchronize UMAC_CMD access
    - netlink: annotate lockless accesses to nlk->max_recvmsg_len
    - netlink: annotate data-races around sk->sk_err
    - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
      injection
    - drm/amdgpu: Fix possible NULL dereference in
      amdgpu_ras_query_error_status_helper()
    - binder: fix max_thread type inconsistency
    - usb: typec: ucsi: displayport: Fix potential deadlock
    - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
    - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
    - KEYS: trusted: Do not use WARN when encode fails
    - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
    - docs: kernel_include.py: Cope with docutils 0.21
    - Linux 5.15.160
  * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
    - dmaengine: pl330: issue_pending waits until WFP state
    - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
    - wifi: nl80211: don't free NULL coalescing rule
    - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
    - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
    - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
    - eeprom: at24: Use dev_err_probe for nvmem register failure
    - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
    - eeprom: at24: fix memory corruption race condition
    - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
    - pinctrl/meson: fix typo in PDM's pin name
    - pinctrl: core: delete incorrect free in pinctrl_enable()
    - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
    - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
    - pinctrl: mediatek: paris: Rework support for
      PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
    - sunrpc: add a struct rpc_stats arg to rpc_create_args
    - nfs: expose /proc/net/sunrpc/nfs in net namespaces
    - nfs: make the rpc_stat per net namespace
    - nfs: Handle error of rpc_proc_register() in nfs_net_init().
    - power: rt9455: hide unused rt9455_boost_voltage_values
    - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
    - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
    - regulator: mt6360: De-capitalize devicetree regulator subnodes
    - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
    - bpf: Fix a verifier verbose message
    - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
    - s390/mm: Fix storage key clearing for guest huge pages
    - s390/mm: Fix clearing storage keys for huge pages
    - xdp: Move conversion to xdp_frame out of map functions
    - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
    - xdp: use flags field to disambiguate broadcast redirect
    - bna: ensure the copied buf is NUL terminated
    - octeontx2-af: avoid off-by-one read from userspace
    - nsh: Restore skb->{protocol,data,mac_header} for outer header in
      nsh_gso_segment().
    - net l2tp: drop flow hash on forward
    - s390/vdso: Add CFI for RA register to asm macro vdso_func
    - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
    - net: qede: use return from qede_parse_flow_attr() for flower
    - net: qede: use return from qede_parse_flow_attr() for flow_spec
    - net: qede: use return from qede_parse_actions()
    - ASoC: meson: axg-fifo: use FIELD helpers
    - ASoC: meson: axg-fifo: use threaded irq to check periods
    - ASoC: meson: axg-card: make links nonatomic
    - ASoC: meson: axg-tdm-interface: manage formatters in trigger
    - ASoC: meson: cards: select SND_DYNAMIC_MINORS
    - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
    - s390/cio: Ensure the copied buf is NUL terminated
    - cxgb4: Properly lock TX queue for the selftest.
    - net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
    - net: bridge: fix multicast-to-unicast with fraglist GSO
    - net: core: reject skb_copy(_expand) for fraglist GSO skbs
    - tipc: fix a possible memleak in tipc_buf_append
    - s390/qeth: don't keep track of Input Queue count
    - s390/qeth: Fix kernel panic after setting hsuid
    - drm/panel: ili9341: Respect deferred probe
    - drm/panel: ili9341: Use predefined error codes
    - net: gro: add flush check in udp_gro_receive_segment
    - clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
    - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
    - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
    - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
    - gfs2: Fix invalid metadata access in punch_hole
    - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
    - wifi: cfg80211: fix rdev_dump_mpp() arguments order
    - net: mark racy access on sk->sk_rcvbuf
    - scsi: bnx2fc: Remove spin_lock_bh while

Source diff to previous version
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following

Version: 5.15.0-1058.61~20.04.1 2024-07-09 18:07:18 UTC

  linux-ibm-5.15 (5.15.0-1058.61~20.04.1) focal; urgency=medium

  * focal/linux-ibm-5.15: 5.15.0-1058.61~20.04.1 -proposed tracker
    (LP: #2068365)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.ibm-5.15/dkms-versions -- update from kernel-versions
      (main/2024.06.10)

  [ Ubuntu: 5.15.0-1058.61 ]

  * jammy/linux-ibm: 5.15.0-1058.61 -proposed tracker (LP: #2068366)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.ibm/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * Jammy update: v5.15.158 upstream stable release (LP: #2067974)
    - smb: client: fix rename(2) regression against samba
    - cifs: reinstate original behavior again for forceuid/forcegid
    - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
    - HID: logitech-dj: allow mice to use all types of reports
    - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
    - arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
    - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
    - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
    - arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
    - arm64: dts: mediatek: mt7622: add support for coherent DMA
    - arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
    - arm64: dts: mediatek: mt7622: fix clock controllers
    - arm64: dts: mediatek: mt7622: fix IR nodename
    - arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
    - arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
    - arm64: dts: mediatek: mt2712: fix validation errors
    - ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
    - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
    - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
    - vxlan: drop packets from invalid src-address
    - mlxsw: core: Unregister EMAD trap using FORWARD action
    - icmp: prevent possible NULL dereferences from icmp_build_probe()
    - bridge/br_netlink.c: no need to return void function
    - NFC: trf7970a: disable all regulators on removal
    - ipv4: check for NULL idev in ip_route_use_hint()
    - net: usb: ax88179_178a: stop lying about skb->truesize
    - net: gtp: Fix Use-After-Free in gtp_dellink
    - ipvs: Fix checksumming on GSO of SCTP packets
    - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
    - mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
    - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
    - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
    - mlxsw: spectrum_acl_tcam: Rate limit error message
    - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
    - mlxsw: spectrum_acl_tcam: Fix warning during rehash
    - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
    - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
    - netfilter: nf_tables: honor table dormant flag from netdev release event
      path
    - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
    - i40e: Report MFS in decimal base instead of hex
    - iavf: Fix TC config comparison with existing adapter TC config
    - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
    - af_unix: Suppress false-positive lockdep splat for spin_lock() in
      __unix_gc().
    - serial: core: Provide port lock wrappers
    - serial: mxs-auart: add spinlock around changing cts state
    - drm-print: add drm_dbg_driver to improve namespace symmetry
    - drm/vmwgfx: Fix crtc's atomic check conditional
    - Revert "crypto: api - Disallow identical driver names"
    - net/mlx5e: Fix a race in command alloc flow
    - tracing: Show size of requested perf buffer
    - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
      together
    - x86/cpu: Fix check for RDPKRU in __show_regs()
    - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
    - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
    - Bluetooth: qca: fix NULL-deref on non-serdev suspend
    - mmc: sdhci-msm: pervent access to suspended controller
    - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
    - cpu: Re-enable CPU mitigations by default for !X86 architectures
    - [Configs] Update CPU mitigation configs
    - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
    - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
    - drm/amdgpu: Fix leak when GPU memory allocation fails
    - irqchip/gic-v3-its: Prevent double free on error
    - ethernet: Add helper for assigning packet type when dest address does not
      match device address
    - net: b44: set pause params only when interface is up
    - stackdepot: respect __GFP_NOLOCKDEP allocation flag
    - mtd: diskonchip: work around ubsan link failure
    - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
    - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
    - dmaengine: owl: fix register access functions
    - idma64: Don't try to serve interrupts when device is powered off
    - dma: xilinx_dpdma: Fix locking
    - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
    - riscv: fix VMALLOC_START definition
    - riscv: Fix TASK_SIZE on 64-bit NOMMU
    - i2c: smbus: fix NULL function pointer dereference
    - fbdev: fix incorrect address computation in deferred IO
    - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
    - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
    - udp: preserve the connected status if only UDP cmsg
    - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 

1786013 Packaging resync
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout



About   -   Send Feedback to @ubuntu_updates