UbuntuUpdates.org

Package "linux-oem-5.10-tools-host"

Name: linux-oem-5.10-tools-host

Description:

Linux kernel VM host tools

Latest version: 5.10.0-1057.61
Release: focal (20.04)
Level: updates
Repository: main
Head package: linux-oem-5.10

Links


Download "linux-oem-5.10-tools-host"


Other versions of "linux-oem-5.10-tools-host" in Focal

Repository Area Version
security main 5.10.0-1057.61
updates universe 5.10.0-1008.9
PPA: Canonical Kernel Team 5.10.0-1058.62

Changelog

Version: 5.10.0-1057.61 2022-01-18 20:06:56 UTC

  linux-oem-5.10 (5.10.0-1057.61) focal; urgency=medium

  * CVE-2022-0185
    - SAUCE: vfs: Out-of-bounds write of heap buffer in fs_context.c
    - SAUCE: vfs: test that one given mount param is not larger than PAGE_SIZE

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 13 Jan 2022 11:04:33 -0300

Source diff to previous version
CVE-2022-0185 vfs: fs_context: fix up param length parsing in legacy_parse_param

Version: 5.10.0-1055.58 2022-01-10 20:06:28 UTC

  linux-oem-5.10 (5.10.0-1055.58) focal; urgency=medium

  * OOB write on BPF_RINGBUF (LP: #1956585)
    - SAUCE: bpf: prevent helper argument PTR_TO_ALLOC_MEM to have offset other
      than 0

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 06 Jan 2022 13:45:49 -0300

Source diff to previous version

Version: 5.10.0-1053.55 2022-01-04 16:06:38 UTC

  linux-oem-5.10 (5.10.0-1053.55) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1053.55 -proposed tracker (LP: #1952317)

  * Focal update: 5.10.83 upstream stable release (LP: #1954557)
    - bpf: Fix toctou on read-only map's constant scalar tracking
    - ACPI: Get acpi_device's parent from the parent field
    - USB: serial: option: add Telit LE910S1 0x9200 composition
    - USB: serial: option: add Fibocom FM101-GL variants
    - usb: dwc2: gadget: Fix ISOC flow for elapsed frames
    - usb: dwc2: hcd_queue: Fix use of floating point literal
    - usb: dwc3: gadget: Ignore NoStream after End Transfer
    - usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
    - usb: dwc3: gadget: Fix null pointer exception
    - net: nexthop: fix null pointer dereference when IPv6 is not enabled
    - usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in probe
    - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
    - usb: hub: Fix usb enumeration issue due to address0 race
    - usb: hub: Fix locking issues with address0_mutex
    - binder: fix test regression due to sender_euid change
    - ALSA: ctxfi: Fix out-of-range access
    - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
    - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
    - media: cec: copy sequence field for the reply
    - Revert "parisc: Fix backtrace to always include init funtion names"
    - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
    - staging/fbtft: Fix backlight
    - staging: greybus: Add missing rwsem around snd_ctl_remove() calls
    - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
    - fuse: release pipe buf after last use
    - xen: don't continue xenstore initialization in case of errors
    - xen: detect uninitialized xenbus in xenbus_init
    - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
    - tracing/uprobe: Fix uprobe_perf_open probes iteration
    - tracing: Fix pid filtering when triggers are attached
    - mmc: sdhci-esdhc-imx: disable CMDQ support
    - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
    - mdio: aspeed: Fix "Link is Down" issue
    - powerpc/32: Fix hardlockup on vmap stack overflow
    - PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
    - PCI: aardvark: Update comment about disabling link training
    - PCI: aardvark: Implement re-issuing config requests on CRS response
    - PCI: aardvark: Simplify initialization of rootcap on virtual bridge
    - PCI: aardvark: Fix link training
    - proc/vmcore: fix clearing user buffer by properly using clear_user()
    - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
    - netfilter: ctnetlink: do not erase error code with EINVAL
    - netfilter: ipvs: Fix reuse connection if RS weight is 0
    - netfilter: flowtable: fix IPv6 tunnel addr match
    - ARM: dts: BCM5301X: Fix I2C controller interrupt
    - ARM: dts: BCM5301X: Add interrupt properties to GPIO node
    - ARM: dts: bcm2711: Fix PCIe interrupts
    - ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
    - ASoC: qdsp6: q6asm: fix q6asm_dai_prepare error handling
    - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
    - ASoC: codecs: wcd934x: return error code correctly from hw_params
    - net: ieee802154: handle iftypes as u32
    - firmware: arm_scmi: pm: Propagate return value to caller
    - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
    - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
    - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
    - scsi: mpt3sas: Fix kernel panic during drive powercycle test
    - drm/vc4: fix error code in vc4_create_object()
    - net: marvell: prestera: fix double free issue on err path
    - iavf: Prevent changing static ITR values if adaptive moderation is on
    - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
    - mptcp: fix delack timer
    - firmware: smccc: Fix check for ARCH_SOC_ID not implemented
    - ipv6: fix typos in __ip6_finish_output()
    - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
    - net: stmmac: fix system hang caused by eee_ctrl_timer during suspend/resume
    - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
    - net: ipv6: add fib6_nh_release_dsts stub
    - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
    - ice: fix vsi->txq_map sizing
    - ice: avoid bpf_prog refcount underflow
    - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
    - scsi: scsi_debug: Zero clear zones at reset write pointer
    - erofs: fix deadlock when shrink erofs slab
    - net/smc: Ensure the active closing peer first closes clcsock
    - mlxsw: Verify the accessed index doesn't exceed the array length
    - mlxsw: spectrum: Protect driver from buggy firmware
    - net: marvell: mvpp2: increase MTU limit when XDP enabled
    - nvmet-tcp: fix incomplete data digest send
    - net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
    - PM: hibernate: use correct mode for swsusp_close()
    - drm/amd/display: Set plane update flags for all planes in reset
    - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
      flows
    - lan743x: fix deadlock in lan743x_phy_link_status_change()
    - net: phylink: Force link down and retrigger resolve on interface change
    - net: phylink: Force retrigger in case of latched link-fail indicator
    - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
    - net/smc: Fix loop in smc_listen
    - nvmet: use IOCB_NOWAIT only if the filesystem supports it
    - igb: fix netpoll exit with traffic
    - MIPS: loongson64: fix FTLB configuration
    - MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
    - tls: splice_read: fix record type check
    - tls: fix replacing proto_ops
    - net/sched: sch_ets: don't peek at classes beyond 'nbands'
    - net: vlan:

Source diff to previous version
1954557 Focal update: 5.10.83 upstream stable release
1954556 Focal update: 5.10.82 upstream stable release
1954555 Focal update: 5.10.81 upstream stable release
1954552 Focal update: 5.10.80 upstream stable release
1954551 Focal update: 5.10.79 upstream stable release
1954550 Focal update: 5.10.78 upstream stable release
1954549 Focal update: 5.10.77 upstream stable release
1786013 Packaging resync
CVE-2021-4002 hugetlbfs: flush TLBs correctly after huge_pmd_unshare
CVE-2021-43267 An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality all

Version: 5.10.0-1052.54 2021-11-30 21:06:28 UTC

  linux-oem-5.10 (5.10.0-1052.54) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1052.54 -proposed tracker (LP: #1949843)

  * creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
    failed with XFS (LP: #1950239)
    - xfs: fix up non-directory creation in SGID directories

  * Let NVMe with HMB use native power control again (LP: #1950042)
    - nvme-pci: use attribute group for cmb sysfs
    - nvme-pci: cmb sysfs: one file, one value
    - nvme-pci: disable hmb on idle suspend
    - nvme: allow user toggling hmb usage

  * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516)
    - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc

 -- Chia-Lin Kao (AceLan) <email address hidden> Tue, 23 Nov 2021 15:29:37 +0800

Source diff to previous version
1949516 require CAP_NET_ADMIN to attach N_HCI ldisc

Version: 5.10.0-1051.53 2021-11-09 13:06:22 UTC

  linux-oem-5.10 (5.10.0-1051.53) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1051.53 -proposed tracker (LP: #1947263)

  * Intel I225-IT ethernet controller: igc: probe of 0000:02:00.0 failed with
    error -1 (LP: #1945576)
    - igc: Remove _I_PHY_ID checking
    - igc: Remove phy->type checking

  * rtw89 kernel module for Realtek 8852 wifi is missing (LP: #1945967)
    - rtw89: add Realtek 802.11ax driver
    - rtw89: Remove redundant check of ret after call to rtw89_mac_enable_bb_rf
    - rtw89: fix return value check in rtw89_cam_send_sec_key_cmd()
    - rtw89: remove unneeded semicolon
    - [Config] RTW89=m

  * Focal update: 5.10.76 upstream stable release (LP: #1949019)
    - parisc: math-emu: Fix fall-through warnings
    - xhci: add quirk for host controllers that don't update endpoint DCS
    - io_uring: fix splice_fd_in checks backport typo
    - arm: dts: vexpress-v2p-ca9: Fix the SMB unit-address
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
    - xen/x86: prevent PVH type from getting clobbered
    - drm/amdgpu/display: fix dependencies for DRM_AMD_DC_SI
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
      value
    - dma-debug: fix sg checks in debug_dma_map_sg()
    - ASoC: wm8960: Fix clock configuration on slave mode
    - ice: fix getting UDP tunnel entry
    - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - lan78xx: select CRC32
    - tcp: md5: Fix overlap between vrf and non-vrf keys
    - ipv6: When forwarding count rx stats on the orig netdev
    - net: dsa: lantiq_gswip: fix register definition
    - NIOS2: irqflags: rename a redefined register name
    - powerpc/smp: do not decrement idle task preempt count in CPU offline
    - net: hns3: reset DWRR of unused tc to zero
    - net: hns3: add limit ets dwrr bandwidth cannot be 0
    - net: hns3: schedule the polling again when allocation fails
    - net: hns3: fix vf reset workqueue cannot exit
    - net: hns3: disable sriov before unload hclge layer
    - net: stmmac: Fix E2E delay mechanism
    - ice: Add missing E810 device ids
    - drm/panel: ilitek-ili9881c: Fix sync for Feixin K101-IM2BYL02 panel
    - net: enetc: fix ethtool counter name for PM0_TERR
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
    - can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()
    - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
    - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
    - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
      error length
    - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
    - ceph: skip existing superblocks that are blocklisted or shut down when
      mounting
    - ceph: fix handling of "meta" errors
    - ocfs2: fix data corruption after conversion from inline format
    - ocfs2: mount fails with buffer overflow in strlen
    - userfaultfd: fix a race between writeprotect and exit_mmap()
    - elfcore: correct reference to CONFIG_UML
    - vfs: check fd has read access in kernel_read_file_from_fd()
    - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
    - ALSA: hda/realtek: Add quirk for Clevo PC50HS
    - ASoC: DAPM: Fix missing kctl change notifications
    - audit: fix possible null-pointer dereference in audit_filter_rules
    - net: dsa: mt7530: correct ds->num_ports
    - powerpc64/idle: Fix SP offsets when saving GPRs
    - KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
    - KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to
      guest
    - powerpc/idle: Don't corrupt back chain when going idle
    - mm, slub: fix mismatch between reconstructed freelist depth and cnt
    - mm, slub: fix potential memoryleak in kmem_cache_open()
    - mm, slub: fix incorrect memcg slab count for bulk free
    - KVM: nVMX: promptly process interrupts delivered while in guest mode
    - nfc: nci: fix the UAF of rf_conn_info object
    - isdn: cpai: check ctr->cnr to avoid array index out of bound
    - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
    - selftests: netfilter: remove stray bash debug line
    - net: bridge: mcast: use multicast_membership_interval for IGMPv3
    - drm: mxsfb: Fix NULL pointer dereference crash on unload
    - net: hns3: fix the max tx size according to user manual
    - gcc-plugins/structleak: add makefile var for disabling structleak
    - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
    - btrfs: deal with errors when checking if a dir entry exists during log
      replay
    - net: stmmac: add support for dwmac 3.40a
    - ARM: dts: spear3xx: Fix gmac node
    - isdn: mISDN: Fix sleeping function called from invalid context
    - platform/x86: intel_scu_ipc: Update timeout value in comment
    - ALSA: hda: avoid write to STATESTS if controller is in reset
    - libperf tests: Fix test_stat_cpu
    - perf/x86/msr: Add Sapphire Rapids CPU support
    - Input: snvs_pwrkey - add clk handling
    - scsi: iscsi: Fix set_param() handling
    - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
    - sched/scs: Reset the shadow stack when idle_task_exit
    - net: hns3: fix for miscalculation of rx unused desc
    - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
    - can: isotp: isotp_sendm

1949019 Focal update: 5.10.76 upstream stable release
1949018 Focal update: 5.10.75 upstream stable release
1949017 Focal update: 5.10.74 upstream stable release
1949016 Focal update: 5.10.73 upstream stable release
1949015 Focal update: 5.10.72 upstream stable release
1949009 Focal update: 5.10.71 upstream stable release
1949007 Focal update: 5.10.70 upstream stable release
1949006 Focal update: 5.10.69 upstream stable release



About   -   Send Feedback to @ubuntu_updates