Package "linux-headers-5.15.0-124-generic"
Name: |
linux-headers-5.15.0-124-generic
|
Description: |
Linux kernel headers for version 5.15.0 on 64 bit x86 SMP
|
Latest version: |
5.15.0-124.134~20.04.1 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
main |
Head package: |
linux-hwe-5.15 |
Links
Download "linux-headers-5.15.0-124-generic"
Other versions of "linux-headers-5.15.0-124-generic" in Focal
Changelog
linux-hwe-5.15 (5.15.0-117.127~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-117.127~20.04.1 -proposed tracker
(LP: #2072057)
[ Ubuntu: 5.15.0-117.127 ]
* jammy/linux: 5.15.0-117.127 -proposed tracker (LP: #2072059)
* CVE-2024-27017
- netfilter: nft_set_pipapo: constify lookup fn args where possible
- netfilter: nft_set_pipapo: walk over current view on netlink dump
- netfilter: nf_tables: missing iterator type in lookup walk
* CVE-2024-26952
- ksmbd: fix potencial out-of-bounds when buffer offset is invalid
* CVE-2024-26886
- Bluetooth: af_bluetooth: Fix deadlock
* CVE-2023-52752
- smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
* CVE-2024-25742
- x86/sev: Harden #VC instruction emulation somewhat
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler
* CVE-2024-36016
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
-- Stefan Bader <email address hidden> Thu, 11 Jul 2024 16:28:05 +0200
|
Source diff to previous version |
CVE-2024-27017 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio |
CVE-2024-26952 |
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc |
CVE-2024-26886 |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may |
CVE-2023-52752 |
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses |
CVE-2024-25742 |
In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This |
CVE-2024-36016 |
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following |
|
linux-hwe-5.15 (5.15.0-116.126~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-116.126~20.04.1 -proposed tracker
(LP: #2071602)
* Packaging resync (LP: #1786013)
- [Packaging] debian.hwe-5.15/dkms-versions -- update from kernel-versions
(main/2024.06.10)
[ Ubuntu: 5.15.0-116.126 ]
* jammy/linux: 5.15.0-116.126 -proposed tracker (LP: #2071603)
* idxd: NULL pointer dereference reading wq op_config attribute (LP: #2069081)
- SAUCE: dmaengine: idxd: set is_visible member of idxd_wq_attribute_group
* AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to
black screen (LP: #2068738)
- SAUCE: Revert "drm/amdgpu: init iommu after amdkfd device init"
[ Ubuntu: 5.15.0-115.125 ]
* jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)
* Packaging resync (LP: #1786013)
- [Packaging] debian.master/dkms-versions -- update from kernel-versions
(main/2024.06.10)
* Jammy update: v5.15.158 upstream stable release (LP: #2067974)
- smb: client: fix rename(2) regression against samba
- cifs: reinstate original behavior again for forceuid/forcegid
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
- HID: logitech-dj: allow mice to use all types of reports
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
- arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
- arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
- arm64: dts: mediatek: mt7622: add support for coherent DMA
- arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
- arm64: dts: mediatek: mt7622: fix clock controllers
- arm64: dts: mediatek: mt7622: fix IR nodename
- arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
- arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
- arm64: dts: mediatek: mt2712: fix validation errors
- ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
- vxlan: drop packets from invalid src-address
- mlxsw: core: Unregister EMAD trap using FORWARD action
- icmp: prevent possible NULL dereferences from icmp_build_probe()
- bridge/br_netlink.c: no need to return void function
- NFC: trf7970a: disable all regulators on removal
- ipv4: check for NULL idev in ip_route_use_hint()
- net: usb: ax88179_178a: stop lying about skb->truesize
- net: gtp: Fix Use-After-Free in gtp_dellink
- ipvs: Fix checksumming on GSO of SCTP packets
- net: openvswitch: Fix Use-After-Free in ovs_ct_exit
- mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
- mlxsw: spectrum_acl_tcam: Rate limit error message
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
- mlxsw: spectrum_acl_tcam: Fix warning during rehash
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
- netfilter: nf_tables: honor table dormant flag from netdev release event
path
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
- i40e: Report MFS in decimal base instead of hex
- iavf: Fix TC config comparison with existing adapter TC config
- net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
- af_unix: Suppress false-positive lockdep splat for spin_lock() in
__unix_gc().
- serial: core: Provide port lock wrappers
- serial: mxs-auart: add spinlock around changing cts state
- drm-print: add drm_dbg_driver to improve namespace symmetry
- drm/vmwgfx: Fix crtc's atomic check conditional
- Revert "crypto: api - Disallow identical driver names"
- net/mlx5e: Fix a race in command alloc flow
- tracing: Show size of requested perf buffer
- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
together
- x86/cpu: Fix check for RDPKRU in __show_regs()
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
- Bluetooth: qca: fix NULL-deref on non-serdev suspend
- mmc: sdhci-msm: pervent access to suspended controller
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
- cpu: Re-enable CPU mitigations by default for !X86 architectures
- [Configs] Update CPU mitigation configs
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
- drm/amdgpu: Fix leak when GPU memory allocation fails
- irqchip/gic-v3-its: Prevent double free on error
- ethernet: Add helper for assigning packet type when dest address does not
match device address
- net: b44: set pause params only when interface is up
- stackdepot: respect __GFP_NOLOCKDEP allocation flag
- mtd: diskonchip: work around ubsan link failure
- tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
- dmaengine: owl: fix register access functions
- idma64: Don't try to serve interrupts when device is powered off
- dma: xilinx_dpdma: Fix locking
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
- riscv: fix VMALLOC_START definition
- riscv: Fix TASK_SIZE on 64-bit NOMMU
- i2c: smbus: fix NULL function pointer dereference
- fbdev: fix incorrect address computation in deferred IO
- HID: i2c-hid: remove I2C_HID_READ_P
|
Source diff to previous version |
1786013 |
Packaging resync |
2069081 |
idxd: NULL pointer dereference reading wq op_config attribute |
2068738 |
AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to black screen |
2067974 |
Jammy update: v5.15.158 upstream stable release |
2067959 |
Jammy update: v5.15.157 upstream stable release |
2046722 |
[SRU][22.04.4]: megaraid_sas: Critical Bug Fixes |
2065857 |
Jammy update: v5.15.156 upstream stable release |
2065805 |
Jammy update: v5.15.155 upstream stable release |
2065435 |
Jammy update: v5.15.154 upstream stable release |
CVE-2024-23307 |
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow |
CVE-2024-26828 |
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through |
CVE-2024-24861 |
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu |
CVE-2024-26642 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a |
CVE-2024-26926 |
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin |
CVE-2024-26922 |
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif |
CVE-2023-6039 |
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. |
CVE-2024-26924 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with |
CVE-2024-26643 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
|
linux-hwe-5.15 (5.15.0-113.123~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-113.123~20.04.1 -proposed tracker
(LP: #2068240)
[ Ubuntu: 5.15.0-113.123 ]
* jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
-- Stefan Bader <email address hidden> Wed, 12 Jun 2024 19:16:50 +0200
|
Source diff to previous version |
CVE-2024-26924 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with |
CVE-2024-26643 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
|
linux-hwe-5.15 (5.15.0-107.117~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-107.117~20.04.1 -proposed tracker
(LP: #2063633)
[ Ubuntu: 5.15.0-107.117 ]
* jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)
* CVE-2023-52530
- wifi: mac80211: fix potential key use-after-free
* CVE-2024-26622
- tomoyo: fix UAF write bug in tomoyo_write_control()
* CVE-2023-47233
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
-- Stefan Bader <email address hidden> Tue, 30 Apr 2024 12:11:28 +0200
|
Source diff to previous version |
CVE-2023-52530 |
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c |
CVE-2024-26622 |
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control( |
CVE-2023-47233 |
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by |
|
linux-hwe-5.15 (5.15.0-106.116~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-106.116~20.04.1 -proposed tracker
(LP: #2061810)
[ Ubuntu: 5.15.0-106.116 ]
* jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
* CVE-2024-2201
- x86/bugs: Use sysfs_emit()
- KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
- KVM: x86: Use a switch statement and macros in __feature_translate()
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- x86/syscall: Don't force use of indirect calls for system calls
- x86/bhi: Add support for clearing branch history at syscall entry
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S
- x86/bhi: Enumerate Branch History Injection (BHI) bug
- x86/bhi: Add BHI mitigation knob
- x86/bhi: Mitigate KVM by default
- KVM: x86: Add BHI_NO
- [Config] Set CONFIG_BHI to enabled (auto)
* Drop fips-checks script from trees (LP: #2055083)
- [Packaging] Remove fips-checks script
* alsa/realtek: adjust max output valume for headphone on 2 LG machines
(LP: #2058573)
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines
* A general-proteciton exception during guest migration to unsupported PKRU
machine (LP: #2032164)
- x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
- KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
* [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
counter (LP: #2058485)
- ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
- ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
- ipc: Store mqueue sysctls in the ipc namespace
- ipc: Store ipc sysctls in the ipc namespace
- ipc: Use the same namespace to modify and validate
- ipc: Remove extra1 field abuse to pass ipc namespace
- ipc: Check permissions for checkpoint_restart sysctls at open time
- percpu: add percpu_counter_add_local and percpu_counter_sub_local
- ipc/msg: mitigate the lock contention with percpu counter
* Jammy update: v5.15.149 upstream stable release (LP: #2059014)
- ksmbd: free ppace array on error in parse_dacl
- ksmbd: don't allow O_TRUNC open on read-only share
- ksmbd: validate mech token in session setup
- ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
- ksmbd: only v2 leases handle the directory
- iio: adc: ad7091r: Set alert bit in config register
- iio: adc: ad7091r: Allow users to configure device events
- iio: adc: ad7091r: Enable internal vref if external vref is not supplied
- dmaengine: fix NULL pointer in channel unregistration function
- scsi: ufs: core: Simplify power management during async scan
- scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
- iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
- ext4: allow for the last group to be marked as trimmed
- btrfs: sysfs: validate scrub_speed_max value
- crypto: api - Disallow identical driver names
- PM: hibernate: Enforce ordering during image compression/decompression
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng
- crypto: s390/aes - Fix buffer overread in CTR mode
- media: imx355: Enable runtime PM before registering async sub-device
- rpmsg: virtio: Free driver_override when rpmsg_remove()
- media: ov9734: Enable runtime PM before registering async sub-device
- mips: Fix max_mapnr being uninitialized on early stages
- bus: mhi: host: Drop chan lock before queuing buffers
- bus: mhi: host: Add spinlock to protect WP access when queueing TREs
- parisc/firmware: Fix F-extend for PDC addresses
- async: Split async_schedule_node_domain()
- async: Introduce async_schedule_dev_nocall()
- arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
- arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
- arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
- arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
- lsm: new security_file_ioctl_compat() hook
- scripts/get_abi: fix source path leak
- mmc: core: Use mrq.sbc in close-ended ffu
- mmc: mmc_spi: remove custom DMA mapped buffers
- rtc: Adjust failure return code for cmos_set_alarm()
- nouveau/vmm: don't set addr on the fail path to avoid warning
- ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
- rename(): fix the locking of subdirectories
- ksmbd: set v2 lease version on lease upgrade
- ksmbd: fix potential circular locking issue in smb2_set_ea()
- ksmbd: don't increment epoch if current state and request state are same
- ksmbd: send lease break notification on FILE_RENAME_INFORMATION
- ksmbd: Add missing set_freezable() for freezable kthread
- net/smc: fix illegal rmb_desc access in SMC-D connection dump
- tcp: make sure init the accept_queue's spinlocks once
- bnxt_en: Wait for FLR to complete during probe
- vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
- llc: make llc_ui_sendmsg() more robust against bonding changes
- llc: Drop support for ETH_P_TR_802_2.
- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
- tracing: Ensure visibility when inserting an element into tracing_map
- afs: Hide silly-rename files from userspace
- tcp: Add memory barrier to tcp_push()
- netlink: fix potential sleeping issue in mqueue_flush_file
- ipv6: init the accept_queue's spinlocks in inet6_create
- net/mlx5: DR, Use the right GVMI number for drop action
- net/mlx5: DR, Align mlx5dv_dr API vport action with FW behavior
- net/mlx5: DR, Can't go to uplink vport on RX rule
- net/mlx5e: fix a double-free in arfs_create_groups
- net/mlx5e: fix a potential double-free in fs_any_create_groups
- ove
|
2055083 |
Drop fips-checks script from trees |
2058573 |
alsa/realtek: adjust max output valume for headphone on 2 LG machines |
2032164 |
A general-proteciton exception during guest migration to unsupported PKRU machine |
2058485 |
[ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter |
2059014 |
Jammy update: v5.15.149 upstream stable release |
2056418 |
Fix headphone mic detection issue on ALC897 |
2056373 |
Problems with HVCS and hotplugging |
2056227 |
KVM: arm64: softlockups in stage2_apply_range |
CVE-2024-2201 |
Native Branch History Injection |
CVE-2023-6039 |
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. |
|
About
-
Send Feedback to @ubuntu_updates