UbuntuUpdates.org

Package "linux-image-unsigned-5.15.0-1073-aws"

Name: linux-image-unsigned-5.15.0-1073-aws

Description:

Linux kernel image for version 5.15.0 on 64 bit x86 SMP

Latest version: 5.15.0-1073.79~20.04.1
Release: focal (20.04)
Level: updates
Repository: main
Head package: linux-aws-5.15

Links


Download "linux-image-unsigned-5.15.0-1073-aws"


Other versions of "linux-image-unsigned-5.15.0-1073-aws" in Focal

Repository Area Version
security main 5.15.0-1073.79~20.04.1
PPA: Canonical Kernel Team 5.15.0-1073.79~20.04.1

Changelog

Version: 5.15.0-1073.79~20.04.1 2024-12-17 01:07:02 UTC

  linux-aws-5.15 (5.15.0-1073.79~20.04.1) focal; urgency=medium

  * focal/linux-aws-5.15: 5.15.0-1073.79~20.04.1 -proposed tracker
    (LP: #2086307)

  [ Ubuntu: 5.15.0-1073.79 ]

  * jammy/linux-aws: 5.15.0-1073.79 -proposed tracker (LP: #2086308)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * [AWS] Fix interrupt mappings which are set to a bad default after certain
    ENI operations (LP: #2085159)
    - genirq: Provide new interfaces for affinity hints
    - UBUNTU SAUCE: (no-up) linux/ena: Add NUMA aware interrupt allocation
  * jammy/linux: 5.15.0-127.137 -proposed tracker (LP: #2086357)
  * Jammy update: v5.15.168 upstream stable release (LP: #2086242)
    - parisc: Fix 64-bit userspace syscall path
    - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
    - of/irq: Support #msi-cells=<0> in of_msi_get_domain
    - drm: omapdrm: Add missing check for alloc_ordered_workqueue
    - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
    - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
    - mm: krealloc: consider spare memory for __GFP_ZERO
    - ocfs2: fix the la space leak when unmounting an ocfs2 volume
    - ocfs2: fix uninit-value in ocfs2_get_block()
    - ocfs2: reserve space for inline xattr before attaching reflink tree
    - ocfs2: cancel dqi_sync_work before freeing oinfo
    - ocfs2: remove unreasonable unlock in ocfs2_read_blocks
    - ocfs2: fix null-ptr-deref when journal load failed.
    - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
    - usbnet: ipheth: fix carrier detection in modes 1 and 4
    - net: ethernet: use ip_hdrlen() instead of bit shift
    - net: phy: vitesse: repair vsc73xx autonegotiation
    - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
    - btrfs: update target inode's ctime on unlink
    - Input: ads7846 - ratelimit the spi_sync error message
    - Input: synaptics - enable SMBus for HP Elitebook 840 G2
    - HID: multitouch: Add support for GT7868Q
    - scripts: kconfig: merge_config: config files: add a trailing newline
    - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
    - drm/msm/adreno: Fix error return if missing firmware-name
    - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
    - NFSv4: Fix clearing of layout segments in layoutreturn
    - NFS: Avoid unnecessary rescanning of the per-server delegation list
    - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
    - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
    - mptcp: pm: Fix uaf in __timer_delete_sync
    - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
      Puma
    - minmax: reduce min/max macro expansion in atomisp driver
    - net: tighten bad gso csum offset check in virtio_net_hdr
    - mm: avoid leaving partial pfn mappings around in error case
    - fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
    - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
    - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
    - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
    - hwmon: (pmbus) Introduce and use write_byte_data callback
    - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
      1.2
    - ice: fix accounting for filters shared by multiple VSIs
    - igb: Always call igb_xdp_ring_update_tail() under Tx lock
    - net/mlx5e: Add missing link modes to ptys2ethtool_map
    - net/mlx5: Explicitly set scheduling element and TSAR type
    - net/mlx5: Add support to create match definer
    - net/mlx5: Add IFC bits and enums for flow meter
    - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
    - fou: fix initialization of grc
    - octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush
    - octeontx2-af: Modify SMQ flush sequence to drop packets
    - net: ftgmac100: Enable TX interrupt to avoid TX timeout
    - netfilter: nft_socket: fix sk refcount leaks
    - net: dpaa: Pad packets to ETH_ZLEN
    - spi: nxp-fspi: fix the KASAN report out-of-bounds bug
    - dma-buf: heaps: Fix off-by-one in CMA heap fault handler
    - ASoC: meson: axg-card: fix 'use-after-free'
    - ASoC: allow module autoloading for table db1200_pids
    - ALSA: hda/realtek - Fixed ALC256 headphone no sound
    - ALSA: hda/realtek - FIxed ALC285 headphone no sound
    - scsi: lpfc: Fix overflow build issue
    - pinctrl: at91: make it work with current gpiolib
    - microblaze: don't treat zero reserved memory regions as error
    - net: ftgmac100: Ensure tx descriptor updates are visible
    - wifi: iwlwifi: lower message level for FW buffer destination
    - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation
    - wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
    - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
    - wifi: iwlwifi: clear trans->state earlier upon error
    - ASoC: intel: fix module autoloading
    - ASoC: tda7419: fix module autoloading
    - spi: spidev: Add an entry for elgin,jg10309-01
    - drm: komeda: Fix an issue related to normalized zpos
    - spi: bcm63xx: Enable module autoloading
    - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
    - spi: spidev: Add missing spi_device_id for jg10309-01
    - ocfs2: add bounds checking to ocfs2_xattr_find_entry()
    - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
    - cgroup: Make operations on the cgroup root_list RCU safe
    - Revert "wifi: cfg80211: check wiphy mutex is held for wdev mutex"
    - gpio: prevent potential speculation leaks in gpio_device_get_desc()
    - gpiolib: cdev: Ignore reconfiguration without direction
    - cgroup: Move rcu_head up near the top of cgroup_root
    - USB: serial: pl2303: add device id for Macrosilicon MS3020
    -

Source diff to previous version
1786013 Packaging resync
2085159 [AWS] Fix interrupt mappings which are set to a bad default after certain ENI operations
2086242 Jammy update: v5.15.168 upstream stable release
2080378 IOMMU warnings on AMD systems after booting into kdump kernel
2064176 LXD fan bridge causes blocked tasks
2085082 Cannot detect audio sinks and sources in proposed kernel
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2024-42158 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_exp
CVE-2024-38667 In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52532 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably
CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These thre
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se

Version: 5.15.0-1072.78~20.04.1 2024-11-08 03:06:54 UTC

  linux-aws-5.15 (5.15.0-1072.78~20.04.1) focal; urgency=medium

  * focal/linux-aws-5.15: 5.15.0-1072.78~20.04.1 -proposed tracker
    (LP: #2082951)

  [ Ubuntu: 5.15.0-1072.78 ]

  * jammy/linux-aws: 5.15.0-1072.78 -proposed tracker (LP: #2082952)
  * jammy/linux: 5.15.0-125.135 -proposed tracker (LP: #2083001)
  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Jammy update: v5.15.167 upstream stable release (LP: #2081279)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
    - ALSA: hda/conexant: Mute speakers at suspend / shutdown
    - i2c: Fix conditional for substituting empty ACPI functions
    - dma-debug: avoid deadlock between dma debug vs printk and netconsole
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amd/display: Assign linear_pitch_alignment even for VM
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
    - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
    - drm/amd/pm: fix warning using uninitialized value of max_vid_step
    - drm/amd/pm: fix the Out-of-bounds read warning
    - drm/amdgpu: fix uninitialized scalar variable warning
    - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
    - drm/amdgpu: avoid reading vf2pf info size from FB
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Add array index check for hdcp ddc access
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Check msg_id before processing transcation
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amd/amdgpu: Check tbo resource pointer
    - drm/amdgpu/pm: Fix uninitialized variable warning for smu10
    - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
    - drm/amdgpu: Fix out-of-bounds write warning
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
      SOCs
    - drm/amdgpu: fix the waring dereferencing hive
    - drm/amd/pm: check specific index for aldebaran
    - drm/amdgpu: the warning dereferencing obj for nbio_v7_4
    - drm/amd/pm: check negtive return for table entries
    - drm/amdgpu: update type of buf size to u32 for eeprom functions
    - wifi: iwlwifi: remove fw_running op
    - cpufreq: scmi: Avoid overflow of target_freq in fast switch
    - PCI: al: Check IORESOURCE_BUS existence during probe
    - hwspinlock: Introduce hwspin_lock_bust()
    - RDMA/efa: Properly handle unexpected AQ completions
    - ionic: fix potential irq name truncation
    - rcu/nocb: Remove buggy bypass lock contention mitigation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - fsnotify: clear PARENT_WATCHED flags lazily
    - smack: tcp: ipv4, fix incorrect labeling
    - drm/meson: plane: Add error handling
    - drm/bridge: tc358767: Check if fully initialized before signalling HPD event
      via IRQ
    - wifi: cfg80211: make hash table duplicates more survivable
    - block: remove the blk_flush_integrity call in blk_integrity_unregister
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
    - virtio_net: Fix napi_skb_cache_put warning
    - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
    - ext4: reject casefold inode flag without casefold feature
    - udf: Limit file size to 4TB
    - ext4: handle redirtying in ext4_bio_write_page()
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
    - KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ALSA: hda/realtek: add patch for internal mic in Lenovo V145
    - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - rtmutex: Drop rt_mutex::wait_lock before scheduling
    - nvme-pci: Add sleep quirk for Samsung 990 Evo
    - Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
    - Bluetooth: MGMT: Ignore keys being loaded with invalid type
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - mmc: cqhci: Fix checking of CQHCI_HALT state
    - fuse: update stats for pages in dropped aux writeback list
    - fuse: use unsigned type for getxattr/listxattr size truncation
    - clk: qcom: clk-alpha-pll: Fix the pll post div mask
    - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
    - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
    - tracing: Avoid possible softlock

Source diff to previous version
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1071.77~20.04.1 2024-10-15 14:10:57 UTC

  linux-aws-5.15 (5.15.0-1071.77~20.04.1) focal; urgency=medium

  * focal/linux-aws-5.15: 5.15.0-1071.77~20.04.1 -proposed tracker
    (LP: #2082123)

  [ Ubuntu: 5.15.0-1071.77 ]

  * jammy/linux-aws: 5.15.0-1071.77 -proposed tracker (LP: #2082124)
  * jammy/linux: 5.15.0-124.134 -proposed tracker (LP: #2082176)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails
  * CVE-2024-38630
    - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
  * CVE-2024-27397
    - netfilter: nf_tables: use timestamp to check for set element timeout

 -- Philip Cox <email address hidden> Thu, 03 Oct 2024 14:50:24 -0400

Source diff to previous version
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1070.76~20.04.1 2024-09-16 23:07:00 UTC

  linux-aws-5.15 (5.15.0-1070.76~20.04.1) focal; urgency=medium

  * focal/linux-aws-5.15: 5.15.0-1070.76~20.04.1 -proposed tracker
    (LP: #2078103)

  [ Ubuntu: 5.15.0-1070.76 ]

  * jammy/linux-aws: 5.15.0-1070.76 -proposed tracker (LP: #2078104)
  * jammy/linux: 5.15.0-122.132 -proposed tracker (LP: #2078154)
  * isolcpus are ignored when using cgroups V2, causing processes to have wrong
    affinity (LP: #2076957)
    - cgroup/cpuset: Optimize cpuset_attach() on v2
  * Jammy update: v5.15.164 upstream stable release (LP: #2076100) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-39494
    - ima: Fix use-after-free on a dentry's dname.name
  * CVE-2024-39496
    - btrfs: zoned: fix use-after-free due to race with dev replace
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * CVE-2024-38570
    - gfs2: Rename sd_{ glock => kill }_wait
    - gfs2: Fix potential glock use-after-free on unmount
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-27012
    - netfilter: nf_tables: restore set elements when delete set fails
  * CVE-2024-26677
    - rxrpc: Fix delayed ACKs to not set the reference serial number

 -- Roxana Nicolescu <email address hidden> Mon, 02 Sep 2024 14:06:41 +0200

Source diff to previous version
2076957 isolcpus are ignored when using cgroups V2, causing processes to have wrong affinity
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-39496 In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to race with dev replace While loading a z
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc

Version: 5.15.0-1069.75~20.04.1 2024-09-12 23:06:59 UTC

  linux-aws-5.15 (5.15.0-1069.75~20.04.1) focal; urgency=medium

  * focal/linux-aws-5.15: 5.15.0-1069.75~20.04.1 -proposed tracker
    (LP: #2075852)

  [ Ubuntu: 5.15.0-1069.75 ]

  * jammy/linux-aws: 5.15.0-1069.75 -proposed tracker (LP: #2075853)
  * jammy/linux: 5.15.0-121.131 -proposed tracker (LP: #2076347)
  * jammy:linux bpf selftest do not build (LP: #2076334)
    - SAUCE: Revert "bpf: Allow reads from uninit stack"
  * jammy/linux: 5.15.0-120.130 -proposed tracker (LP: #2075903)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.08.05)
  * Jammy update: v5.15.163 upstream stable release (LP: #2075170)
    - Compiler Attributes: Add __uninitialized macro
    - locking/mutex: Introduce devm_mutex_init()
    - drm/lima: fix shared irq handling on driver remove
    - media: dvb: as102-fe: Fix as10x_register_addr packing
    - media: dvb-usb: dib0700_devices: Add missing release_firmware()
    - IB/core: Implement a limit on UMAD receive List
    - scsi: qedf: Make qedf_execute_tmf() non-preemptible
    - crypto: aead,cipher - zeroize key buffer after use
    - drm/amdgpu: Initialize timestamp for some legacy SOCs
    - drm/amd/display: Check index msg_id before read or write
    - drm/amd/display: Check pipe offset before setting vblank
    - drm/amd/display: Skip finding free audio for unknown engine_id
    - media: dw2102: Don't translate i2c read into write
    - sctp: prefer struct_size over open coded arithmetic
    - firmware: dmi: Stop decoding on broken entry
    - Input: ff-core - prefer struct_size over open coded arithmetic
    - wifi: mt76: replace skb_put with skb_put_zero
    - net: dsa: mv88e6xxx: Correct check for empty list
    - media: dvb-frontends: tda18271c2dd: Remove casting during div
    - media: s2255: Use refcount_t instead of atomic_t for num_channels
    - media: dvb-frontends: tda10048: Fix integer overflow
    - i2c: i801: Annotate apanel_addr as __ro_after_init
    - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
    - orangefs: fix out-of-bounds fsid access
    - kunit: Fix timeout message
    - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#"
    - igc: fix a log entry using uninitialized netdev
    - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
    - jffs2: Fix potential illegal address access in jffs2_free_inode
    - s390/pkey: Wipe sensitive data on failure
    - tools/power turbostat: Remember global max_die_id
    - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
    - tcp_metrics: validate source addr length
    - KVM: s390: fix LPSWEY handling
    - e1000e: Fix S0ix residency on corporate systems
    - net: allow skb_datagram_iter to be called from any context
    - wifi: wilc1000: fix ies_len type in connect path
    - riscv: kexec: Avoid deadlock in kexec crash path
    - netfilter: nf_tables: unconditionally flush pending work before notifier
    - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
    - selftests: fix OOM in msg_zerocopy selftest
    - selftests: make order checking verbose in msg_zerocopy selftest
    - inet_diag: Initialize pad field in struct inet_diag_req_v2
    - gpiolib: of: factor out code overriding gpio line polarity
    - gpiolib: of: add a quirk for reset line polarity for Himax LCDs
    - gpiolib: of: add polarity quirk for TSC2005
    - Revert "igc: fix a log entry using uninitialized netdev"
    - nilfs2: fix inode number range checks
    - nilfs2: add missing check for inode numbers on directory entries
    - mm: optimize the redundant loop of mm_update_owner_next()
    - mm: avoid overflows in dirty throttling logic
    - btrfs: fix adding block group to a reclaim list and the unused list during
      reclaim
    - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
    - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
    - fsnotify: Do not generate events for O_PATH file descriptors
    - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
      again"
    - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
    - drm/amdgpu/atomfirmware: silence UBSAN warning
    - mtd: rawnand: Ensure ECC configuration is propagated to upper layers
    - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
    - mtd: rawnand: rockchip: ensure NVDDR timings are rejected
    - ima: Avoid blocking in RCU read-side critical section
    - media: dw2102: fix a potential buffer overflow
    - clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents
    - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
    - fs/ntfs3: Mark volume as dirty if xattr is broken
    - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
    - nvme-multipath: find NUMA path only for online numa-node
    - dma-mapping: benchmark: avoid needless copy_to_user if benchmark fails
    - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
    - regmap-i2c: Subtract reg size from max_write
    - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
      tablet
    - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
    - nvmet: fix a possible leak when destroy a ctrl during qp establishment
    - kbuild: fix short log for AS in link-vmlinux.sh
    - nfc/nci: Add the inconsistency check between the input data length and count
    - null_blk: Do not allow runt zone with zone capacity smaller then zone size
    - nilfs2: fix incorrect inode allocation from reserved inodes
    - mm: prevent derefencing NULL ptr in pfn_section_valid()
    - filelock: fix potential use-after-free in posix_lock_inode
    - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
    - vfs: don't mod negative dentry count when on shrinker list
    - tcp: fix incorrect undo caused by DSACK of TLP retransmit
    -

2076334 jammy:linux bpf selftest do not build
1786013 Packaging resync
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori



About   -   Send Feedback to @ubuntu_updates