UbuntuUpdates.org

Package "linux-buildinfo-5.4.0-204-generic"

Name: linux-buildinfo-5.4.0-204-generic

Description:

Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

Latest version: 5.4.0-204.224
Release: focal (20.04)
Level: security
Repository: main
Head package: linux

Links


Download "linux-buildinfo-5.4.0-204-generic"


Other versions of "linux-buildinfo-5.4.0-204-generic" in Focal

Repository Area Version
updates main 5.4.0-204.224

Changelog

Version: 5.4.0-204.224 2024-12-17 01:06:59 UTC

  linux (5.4.0-204.224) focal; urgency=medium

  * focal/linux: 5.4.0-204.224 -proposed tracker (LP: #2091090)

  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT

  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

  * CVE-2024-43892
    - memcg: protect concurrent access to mem_cgroup_idr

  * CVE-2024-38553
    - net: fec: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2024-38597
    - eth: sungem: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2023-52821
    - drm/panel: fix a possible null pointer dereference

  * CVE-2024-36952
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

  * CVE-2024-40910
    - ax25: Fix refcount imbalance on inbound connections

  * CVE-2024-35963
    - Bluetooth: hci_sock: Fix not validating setsockopt user input

  * CVE-2024-35965
    - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
    - Bluetooth: L2CAP: Fix not validating setsockopt user input

  * CVE-2024-35966
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input

  * CVE-2024-35967
    - Bluetooth: SCO: Fix not validating setsockopt user input

  * CVE-2021-47101
    - net: asix: fix uninit value bugs
    - asix: fix wrong return value in asix_check_host_enable()
    - asix: fix uninit-value in asix_mdio_read()

  * CVE-2022-38096
    - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts

  * CVE-2021-47001
    - xprtrdma: Fix cwnd update ordering

 -- Manuel Diewald <email address hidden> Thu, 05 Dec 2024 12:35:34 +0100

Source diff to previous version
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1
CVE-2024-43892 In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: me
CVE-2024-38553 In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock is
CVE-2024-38597 In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netp
CVE-2023-52821 In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes
CVE-2024-36952 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up The
CVE-2024-40910 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in
CVE-2024-35963 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input
CVE-2024-35965 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input len
CVE-2024-35966 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfc
CVE-2024-35967 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_so
CVE-2021-47101 In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than s
CVE-2022-38096 A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with devi
CVE-2021-47001 In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is open

Version: 5.4.0-202.222 2024-12-12 23:06:54 UTC

  linux (5.4.0-202.222) focal; urgency=medium

  * focal/linux: 5.4.0-202.222 -proposed tracker (LP: #2086451)
    - [Packaging] resync git-ubuntu-log

  * CVE-2021-47501
    - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

  * CVE-2024-46724
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

  * CVE-2024-42240
    - x86/bhi: Avoid warning in #DB handler due to BHI mitigation

  * CVE-2024-42077
    - ocfs2: fix DIO failure due to insufficient transaction credits

  * CVE-2024-42068
    - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()

  * CVE-2024-36968
    - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

  * CVE-2024-35904
    - selinux: avoid dereference of garbage after mount failure

  * CVE-2023-52498
    - PM: sleep: Avoid calling put_device() under dpm_list_mtx
    - PM: sleep: Fix error handling in dpm_prepare()
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - PM: sleep: Fix possible deadlocks in core system-wide PM code

  * CVE-2023-52488
    - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO

  * CVE-2022-48938
    - CDC-NCM: avoid overflow in sanity checking

  * CVE-2024-42156
    - s390/pkey: Wipe copies of clear-key structures on failure

  * CVE-2024-44942
    - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC

  * CVE-2024-38538
    - net: bridge: xmit: make sure we have at least eth header len bytes

  * CVE-2021-47076
    - RDMA/rxe: Return CQE error if invalid lkey was supplied

  * CVE-2024-36938
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

  * CVE-2024-44940
    - fou: remove warn in gue_gro_receive on unsupported protocol

  * CVE-2024-35951
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()

  * CVE-2023-52497
    - erofs: fix lz4 inplace decompression

  * CVE-2024-36953
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

  * CVE-2022-48943
    - KVM: x86/mmu: make apf token non-zero to fix bug

  * CVE-2024-26947
    - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

  * CVE-2022-48733
    - btrfs: fix use-after-free after failure to create a snapshot

  * CVE-2023-52639
    - KVM: s390: vsie: fix race during shadow creation

 -- Stefan Bader <email address hidden> Fri, 08 Nov 2024 15:14:23 +0100

Source diff to previous version
CVE-2021-47501 In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VF
CVE-2024-46724 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_chann
CVE-2024-42240 In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation
CVE-2024-42077 In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs
CVE-2024-42068 In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() set_
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2023-52498 In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported th
CVE-2023-52488 In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The
CVE-2022-48938 In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update o
CVE-2024-36938 In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NU
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52497 In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed
CVE-2024-36953 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_pa
CVE-2022-48943 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault log
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2022-48733 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:create_
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se

Version: 5.4.0-200.220 2024-10-31 02:07:05 UTC

  linux (5.4.0-200.220) focal; urgency=medium

  * focal/linux: 5.4.0-200.220 -proposed tracker (LP: #2082937)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.09.30)

  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption

  * CVE-2024-26641
    - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()

  * CVE-2021-47212
    - net/mlx5: Update error handler for UCTX and UMEM

  * wbt:wbt_* trace event NULL pointer dereference with GENHD_FL_HIDDEN disks
    (LP: #2081085)
    - bdi: use bdi_dev_name() to get device name

  * Focal update: v5.4.284 upstream stable release (LP: #2081278)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - i2c: Fix conditional for substituting empty ACPI functions
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - ionic: fix potential irq name truncation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - smack: tcp: ipv4, fix incorrect labeling
    - wifi: cfg80211: make hash table duplicates more survivable
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - block: initialize integrity buffer to zero before writing it to media
    - net: set SOCK_RCU_FREE before inserting socket into hashtable
    - virtio_net: Fix napi_skb_cache_put warning
    - udf: Limit file size to 4TB
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - fuse: update stats for pages in dropped aux writeback list
    - fuse: use unsigned type for getxattr/listxattr size truncation
    - reset: hi6220: Add support for AO reset controller
    - clk: hi6220: use CLK_OF_DECLARE_DRIVER
    - clk: qcom: clk-alpha-pll: Fix the pll post div mask
    - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
    - ila: call nf_unregister_net_hooks() sooner
    - sched: sch_cake: fix bulk flow accounting logic for host fairness
    - nilfs2: fix missing cleanup on rollforward recovery error
    - nilfs2: fix state management in error path of log writing function
    - ALSA: hda: Add input value sanity checks to HDMI channel map controls
    - smack: unix sockets: fix accept()ed socket label
    - irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1
    - af_unix: Remove put_pid()/put_cred() in copy_peercred().
    - netfilter: nf_conncount: fix wrong variable type
    - udf: Avoid excessive partition lengths
    - wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3
    - usb: uas: set host status byte on data completion error
    - PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
    - media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse
    - pcmcia: Use resource_size function on resource object
    - can: bcm: Remove proc entry when dev is unregistered.
    - igb: Fix not clearing TimeSync interrupts for 82580
    - platform/x86: dell-smbios: Fix error path in dell_smbios_init()
    - tcp_bpf: fix return value of tcp_bpf_sendmsg()
    - cx82310_eth: re-enable ethernet mode after router reboot
    - drivers/net/usb: Remove all strcpy() uses
    - net: usb: don't write directly to netdev->dev_addr
    - usbnet: modern method to get random MAC
    - net: bridge: fdb: convert is_local to bitops
    - net: bridge: fdb: convert is_static to bitops
    - net: bridge: fdb: convert is_sticky to bitops
    - net: bridge: fdb: convert added_by_user to bitops
    - net: bridge: fdb: convert added_by_external_learn to use bitops
    - net: bridge: br_fdb_external_learn_add(): always set EXT_LEARN
    - net: dsa: vsc73xx: fix possible subblocks range of CAPT block
    - ASoC: topology: Properly initialize soc_enum values
    - dm init: Handle minors larger than 255
    - iommu/vt-d: Handle volatile descriptor status read
    - cgroup: Protect css->cgroup write under css_set_lock
    - um: line: always fill *error_out in setup_one_line()
    - devres: Initialize an uninitialized struct member
    - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
    - hwmon: (adc128d818) Fix underflows seen when writing limit attributes
    - hwmon: (lm95234) Fix underflows seen when writing limit attributes
    - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
    - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
    - libbpf: Add NULL checks to bpf_object__{prev_map,next_map}
    - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
    - smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu()
    - btrfs: replace BUG_ON with ASSERT in walk_down_pro

Source diff to previous version
1786013 Packaging resync
2081085 wbt:wbt_* trace event NULL pointer dereference with GENHD_FL_HIDDEN disks
2081278 Focal update: v5.4.284 upstream stable release
2080595 Focal update: v5.4.283 upstream stable release
2078388 Focal update: v5.4.282 upstream stable release
2076097 Focal update: v5.4.281 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-26641 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip
CVE-2021-47212 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the d
CVE-2024-42244 In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: seri
CVE-2024-40929 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions o
CVE-2024-41073 In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retrie
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-42229 In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 spe
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-35848 In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessi
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26668 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject
CVE-2024-26640 In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages in
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2023-52614 In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in tra
CVE-2023-52531 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is k
CVE-2022-36402 An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file
CVE-2024-27051 In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpuf
CVE-2024-26891 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected Fo
CVE-2024-26885 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time
CVE-2024-26960 In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previo

Version: 5.4.0-198.218 2024-10-16 14:09:45 UTC

  linux (5.4.0-198.218) focal; urgency=medium

  * focal/linux: 5.4.0-198.218 -proposed tracker (LP: #2082232)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/s2024.09.02)

  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails

  * CVE-2024-38630
    - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger

  * CVE-2024-27397
    - netfilter: nf_tables: use timestamp to check for set element timeout

  * CVE-2024-26960
    - mm: swap: fix race between free_swap_and_cache() and swapoff()

 -- Manuel Diewald <email address hidden> Fri, 27 Sep 2024 18:59:47 +0200

Source diff to previous version
1786013 Packaging resync
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time
CVE-2024-26960 In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previo

Version: 5.4.0-196.216 2024-09-17 15:07:03 UTC

  linux (5.4.0-196.216) focal; urgency=medium

  * focal/linux: 5.4.0-196.216 -proposed tracker (LP: #2078205)

  * CVE-2024-39494
    - ima: Fix use-after-free on a dentry's dname.name

  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub

  * CVE-2024-38570
    - gfs2: Rename sd_{ glock => kill }_wait
    - gfs2: Fix potential glock use-after-free on unmount

  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

  * CVE-2022-48791
    - scsi: pm80xx: Fix TMF task completion race condition
    - scsi: pm8001: Fix use-after-free for aborted TMF sas_task

  * CVE-2024-26787
    - mmc: mmci_sdmmc: Rename sdmmc_priv struct to sdmmc_idma
    - mmc: mmci: stm32: use a buffer for unaligned DMA requests
    - mmc: mmci: stm32: fix DMA API overlapping mappings warning

  * CVE-2024-27012
    - netfilter: nf_tables: restore set elements when delete set fails

  * CVE-2022-48863
    - mISDN: Fix memory leak in dsp_pipeline_build()

  * CVE-2021-47188
    - scsi: ufs: core: Improve SCSI abort handling

  * CVE-2024-26677
    - rxrpc: Fix delayed ACKs to not set the reference serial number

 -- Manuel Diewald <email address hidden> Thu, 29 Aug 2024 14:06:16 +0200

CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2022-48791 In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after
CVE-2024-26787 In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DM
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2022-48863 In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix memory leak in dsp_pipeline_build() dsp_pipeline_build() allocates d
CVE-2021-47188 In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc



About   -   Send Feedback to @ubuntu_updates