UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
Latest version: 5.4.0-211.231
Release: focal (20.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux" in Focal

Repository Area Version
base main 5.4.0-26.30
security main 5.4.0-211.231
proposed main 5.4.0-214.234
PPA: Canonical Kernel Team 5.4.0-214.234

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-211.231 2025-03-24 18:07:12 UTC

  linux (5.4.0-211.231) focal; urgency=medium

  * focal/linux: 5.4.0-211.231 -proposed tracker (LP: #2101996)

  * cve-2018-5803 kernel panic (LP: #2101091)
    - SAUCE: sctp: sysctl: pass right argument to container_of
Source diff to previous version
2101091 cve-2018-5803 kernel panic

Version: 5.4.0-208.228 2025-02-24 20:07:04 UTC

  linux (5.4.0-208.228) focal; urgency=medium

  * CVE-2025-0927
    - SAUCE: fs: hfs/hfsplus: add key_len boundary check to hfs_bnode_read_key
Source diff to previous version

Version: 5.4.0-205.225 2025-01-27 21:07:11 UTC

  linux (5.4.0-205.225) focal; urgency=medium

  * focal/linux: 5.4.0-205.225 -proposed tracker (LP: #2093621)

  * Hold IOPOLL locks when triggering io_uring's deferred work (LP: #2078659) //
    CVE-2023-21400
    - io_uring: remove extra check in __io_commit_cqring
    - io_uring: dont kill fasync under completion_lock
    - io_uring: ensure IOPOLL locks around deferred work

  * CVE-2024-40967
    - iopoll: introduce read_poll_timeout macro
    - iopoll: Introduce read_poll_timeout_atomic macro
    - serial: imx: Introduce timeout when waiting on transmitter empty

  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment

  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt

  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- Manuel Diewald <email address hidden> Fri, 10 Jan 2025 22:28:21 +0100
Source diff to previous version
2078659 Hold IOPOLL locks when triggering io_uring's deferred work
CVE-2023-21400 In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of pr
CVE-2024-40967 In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at
CVE-2024-53164 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc
CVE-2024-53141 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_
CVE-2024-53103 In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs

Version: 5.4.0-204.224 2024-12-16 16:06:58 UTC

  linux (5.4.0-204.224) focal; urgency=medium

  * focal/linux: 5.4.0-204.224 -proposed tracker (LP: #2091090)

  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT

  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

  * CVE-2024-43892
    - memcg: protect concurrent access to mem_cgroup_idr

  * CVE-2024-38553
    - net: fec: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2024-38597
    - eth: sungem: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2023-52821
    - drm/panel: fix a possible null pointer dereference

  * CVE-2024-36952
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

  * CVE-2024-40910
    - ax25: Fix refcount imbalance on inbound connections

  * CVE-2024-35963
    - Bluetooth: hci_sock: Fix not validating setsockopt user input

  * CVE-2024-35965
    - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
    - Bluetooth: L2CAP: Fix not validating setsockopt user input

  * CVE-2024-35966
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input

  * CVE-2024-35967
    - Bluetooth: SCO: Fix not validating setsockopt user input

  * CVE-2021-47101
    - net: asix: fix uninit value bugs
    - asix: fix wrong return value in asix_check_host_enable()
    - asix: fix uninit-value in asix_mdio_read()

  * CVE-2022-38096
    - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts

  * CVE-2021-47001
    - xprtrdma: Fix cwnd update ordering

 -- Manuel Diewald <email address hidden> Thu, 05 Dec 2024 12:35:34 +0100
Source diff to previous version
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1
CVE-2024-43892 In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: me
CVE-2024-38553 In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock is
CVE-2024-38597 In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netp
CVE-2023-52821 In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes
CVE-2024-36952 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up The
CVE-2024-40910 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in
CVE-2024-35963 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input
CVE-2024-35965 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input len
CVE-2024-35966 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfc
CVE-2024-35967 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_so
CVE-2021-47101 In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than s
CVE-2022-38096 A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with devi
CVE-2021-47001 In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is open

Version: 5.4.0-202.222 2024-12-12 13:06:56 UTC

  linux (5.4.0-202.222) focal; urgency=medium

  * focal/linux: 5.4.0-202.222 -proposed tracker (LP: #2086451)
    - [Packaging] resync git-ubuntu-log

  * CVE-2021-47501
    - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

  * CVE-2024-46724
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

  * CVE-2024-42240
    - x86/bhi: Avoid warning in #DB handler due to BHI mitigation

  * CVE-2024-42077
    - ocfs2: fix DIO failure due to insufficient transaction credits

  * CVE-2024-42068
    - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()

  * CVE-2024-36968
    - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

  * CVE-2024-35904
    - selinux: avoid dereference of garbage after mount failure

  * CVE-2023-52498
    - PM: sleep: Avoid calling put_device() under dpm_list_mtx
    - PM: sleep: Fix error handling in dpm_prepare()
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - PM: sleep: Fix possible deadlocks in core system-wide PM code

  * CVE-2023-52488
    - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO

  * CVE-2022-48938
    - CDC-NCM: avoid overflow in sanity checking

  * CVE-2024-42156
    - s390/pkey: Wipe copies of clear-key structures on failure

  * CVE-2024-44942
    - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC

  * CVE-2024-38538
    - net: bridge: xmit: make sure we have at least eth header len bytes

  * CVE-2021-47076
    - RDMA/rxe: Return CQE error if invalid lkey was supplied

  * CVE-2024-36938
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

  * CVE-2024-44940
    - fou: remove warn in gue_gro_receive on unsupported protocol

  * CVE-2024-35951
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()

  * CVE-2023-52497
    - erofs: fix lz4 inplace decompression

  * CVE-2024-36953
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

  * CVE-2022-48943
    - KVM: x86/mmu: make apf token non-zero to fix bug

  * CVE-2024-26947
    - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

  * CVE-2022-48733
    - btrfs: fix use-after-free after failure to create a snapshot

  * CVE-2023-52639
    - KVM: s390: vsie: fix race during shadow creation

 -- Stefan Bader <email address hidden> Fri, 08 Nov 2024 15:14:23 +0100
CVE-2021-47501 In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VF
CVE-2024-46724 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_chann
CVE-2024-42240 In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation
CVE-2024-42077 In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs
CVE-2024-42068 In the Linux kernel, the following vulnerability has been resolved: bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() set_
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2023-52498 In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported th
CVE-2023-52488 In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The
CVE-2022-48938 In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update o
CVE-2024-36938 In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NU
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52497 In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed
CVE-2024-36953 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_pa
CVE-2022-48943 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault log
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2022-48733 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:create_
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se


About   -   Send Feedback to @ubuntu_updates