UbuntuUpdates.org

Package "linux-tools-5.15.0-1072-oracle"

Name: linux-tools-5.15.0-1072-oracle

Description:

Oracle Linux kernel version specific tools for version 5.15.0-1072

Latest version: 5.15.0-1072.78~20.04.1
Release: focal (20.04)
Level: updates
Repository: main
Head package: linux-oracle-5.15

Links


Download "linux-tools-5.15.0-1072-oracle"


Other versions of "linux-tools-5.15.0-1072-oracle" in Focal

Repository Area Version
security main 5.15.0-1072.78~20.04.1

Changelog

Version: 5.15.0-1072.78~20.04.1 2024-12-18 00:06:59 UTC

  linux-oracle-5.15 (5.15.0-1072.78~20.04.1) focal; urgency=medium

  * focal/linux-oracle-5.15: 5.15.0-1072.78~20.04.1 -proposed tracker
    (LP: #2090151)

  [ Ubuntu: 5.15.0-1072.78 ]

  * jammy/linux-oracle: 5.15.0-1072.78 -proposed tracker (LP: #2090152)
  * jammy/linux: 5.15.0-128.138 -proposed tracker (LP: #2090163)
  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
  * CVE-2024-43904
    - drm/amd/display: Add null checks for 'stream' and 'plane' before
      dereferencing
  * CVE-2024-40973
    - media: mtk-vcodec: potential null pointer deference in SCP
  * CVE-2024-38553
    - net: fec: remove .ndo_poll_controller to avoid deadlocks
  * CVE-2024-26822
    - smb: client: set correct id, uid and cruid for multiuser automounts
  * CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
    - [Config] Disable BlueZ highspeed support
  * CVE-2024-40910
    - ax25: Fix refcount imbalance on inbound connections
  * CVE-2024-35963
    - Bluetooth: hci_sock: Fix not validating setsockopt user input
  * CVE-2024-35965
    - Bluetooth: L2CAP: Fix not validating setsockopt user input
  * CVE-2024-35966
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input
  * CVE-2024-35967
    - Bluetooth: SCO: Fix not validating setsockopt user input

 -- Philip Cox <email address hidden> Mon, 09 Dec 2024 11:06:06 -0500

Source diff to previous version
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-43904 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
CVE-2024-40973 In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of
CVE-2024-38553 In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock is
CVE-2024-26822 In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, g
CVE-2020-12351 Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-12352 Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2020-24490 Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all
CVE-2024-40910 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in
CVE-2024-35963 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input
CVE-2024-35965 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input len
CVE-2024-35966 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfc
CVE-2024-35967 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_so

Version: 5.15.0-1071.77~20.04.1 2024-12-16 19:06:51 UTC

  linux-oracle-5.15 (5.15.0-1071.77~20.04.1) focal; urgency=medium

  * focal/linux-oracle-5.15: 5.15.0-1071.77~20.04.1 -proposed tracker
    (LP: #2086347)

  [ Ubuntu: 5.15.0-1071.77 ]

  * jammy/linux-oracle: 5.15.0-1071.77 -proposed tracker (LP: #2086348)
  * jammy/linux: 5.15.0-127.137 -proposed tracker (LP: #2086357)
  * Jammy update: v5.15.168 upstream stable release (LP: #2086242)
    - parisc: Fix 64-bit userspace syscall path
    - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
    - of/irq: Support #msi-cells=<0> in of_msi_get_domain
    - drm: omapdrm: Add missing check for alloc_ordered_workqueue
    - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
    - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
    - mm: krealloc: consider spare memory for __GFP_ZERO
    - ocfs2: fix the la space leak when unmounting an ocfs2 volume
    - ocfs2: fix uninit-value in ocfs2_get_block()
    - ocfs2: reserve space for inline xattr before attaching reflink tree
    - ocfs2: cancel dqi_sync_work before freeing oinfo
    - ocfs2: remove unreasonable unlock in ocfs2_read_blocks
    - ocfs2: fix null-ptr-deref when journal load failed.
    - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
    - usbnet: ipheth: fix carrier detection in modes 1 and 4
    - net: ethernet: use ip_hdrlen() instead of bit shift
    - net: phy: vitesse: repair vsc73xx autonegotiation
    - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
    - btrfs: update target inode's ctime on unlink
    - Input: ads7846 - ratelimit the spi_sync error message
    - Input: synaptics - enable SMBus for HP Elitebook 840 G2
    - HID: multitouch: Add support for GT7868Q
    - scripts: kconfig: merge_config: config files: add a trailing newline
    - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
    - drm/msm/adreno: Fix error return if missing firmware-name
    - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
    - NFSv4: Fix clearing of layout segments in layoutreturn
    - NFS: Avoid unnecessary rescanning of the per-server delegation list
    - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
    - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
    - mptcp: pm: Fix uaf in __timer_delete_sync
    - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
      Puma
    - minmax: reduce min/max macro expansion in atomisp driver
    - net: tighten bad gso csum offset check in virtio_net_hdr
    - mm: avoid leaving partial pfn mappings around in error case
    - fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
    - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
    - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
    - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
    - hwmon: (pmbus) Introduce and use write_byte_data callback
    - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
      1.2
    - ice: fix accounting for filters shared by multiple VSIs
    - igb: Always call igb_xdp_ring_update_tail() under Tx lock
    - net/mlx5e: Add missing link modes to ptys2ethtool_map
    - net/mlx5: Explicitly set scheduling element and TSAR type
    - net/mlx5: Add support to create match definer
    - net/mlx5: Add IFC bits and enums for flow meter
    - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
    - fou: fix initialization of grc
    - octeontx2-af: Set XOFF on other child transmit schedulers during SMQ flush
    - octeontx2-af: Modify SMQ flush sequence to drop packets
    - net: ftgmac100: Enable TX interrupt to avoid TX timeout
    - netfilter: nft_socket: fix sk refcount leaks
    - net: dpaa: Pad packets to ETH_ZLEN
    - spi: nxp-fspi: fix the KASAN report out-of-bounds bug
    - dma-buf: heaps: Fix off-by-one in CMA heap fault handler
    - ASoC: meson: axg-card: fix 'use-after-free'
    - ASoC: allow module autoloading for table db1200_pids
    - ALSA: hda/realtek - Fixed ALC256 headphone no sound
    - ALSA: hda/realtek - FIxed ALC285 headphone no sound
    - scsi: lpfc: Fix overflow build issue
    - pinctrl: at91: make it work with current gpiolib
    - microblaze: don't treat zero reserved memory regions as error
    - net: ftgmac100: Ensure tx descriptor updates are visible
    - wifi: iwlwifi: lower message level for FW buffer destination
    - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation
    - wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
    - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
    - wifi: iwlwifi: clear trans->state earlier upon error
    - ASoC: intel: fix module autoloading
    - ASoC: tda7419: fix module autoloading
    - spi: spidev: Add an entry for elgin,jg10309-01
    - drm: komeda: Fix an issue related to normalized zpos
    - spi: bcm63xx: Enable module autoloading
    - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
    - spi: spidev: Add missing spi_device_id for jg10309-01
    - ocfs2: add bounds checking to ocfs2_xattr_find_entry()
    - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
    - cgroup: Make operations on the cgroup root_list RCU safe
    - Revert "wifi: cfg80211: check wiphy mutex is held for wdev mutex"
    - gpio: prevent potential speculation leaks in gpio_device_get_desc()
    - gpiolib: cdev: Ignore reconfiguration without direction
    - cgroup: Move rcu_head up near the top of cgroup_root
    - USB: serial: pl2303: add device id for Macrosilicon MS3020
    - USB: usbtmc: prevent kernel-usb-infoleak
    - EDAC/synopsys: Add support for version 3 of the Synopsys EDAC DDR
    - EDAC/synopsys: Use the correct register to disable the error interrupt on v3
      hw
    - EDAC/synopsys: Re-enable the error interrupts on v3 hw
    - EDAC/synopsys: Fix ECC status and IRQ

Source diff to previous version
2086242 Jammy update: v5.15.168 upstream stable release
2080378 IOMMU warnings on AMD systems after booting into kdump kernel
2064176 LXD fan bridge causes blocked tasks
2085082 Cannot detect audio sinks and sources in proposed kernel
CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_i
CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount()
CVE-2024-42156 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive da
CVE-2024-44942 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot
CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot trigg
CVE-2024-42158 In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_exp
CVE-2024-38667 In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of the kernel
CVE-2024-44940 In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ON
CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set
CVE-2024-35951 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PAT
CVE-2023-52532 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably
CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These thre
CVE-2024-26947 In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Sin
CVE-2023-52639 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to se

Version: 5.15.0-1070.76~20.04.1 2024-11-08 03:06:54 UTC

  linux-oracle-5.15 (5.15.0-1070.76~20.04.1) focal; urgency=medium

  * focal/linux-oracle-5.15: 5.15.0-1070.76~20.04.1 -proposed tracker
    (LP: #2082991)

  [ Ubuntu: 5.15.0-1070.76 ]

  * jammy/linux-oracle: 5.15.0-1070.76 -proposed tracker (LP: #2082992)
  * jammy/linux: 5.15.0-125.135 -proposed tracker (LP: #2083001)
  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Jammy update: v5.15.167 upstream stable release (LP: #2081279)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
    - ALSA: hda/conexant: Mute speakers at suspend / shutdown
    - i2c: Fix conditional for substituting empty ACPI functions
    - dma-debug: avoid deadlock between dma debug vs printk and netconsole
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amd/display: Assign linear_pitch_alignment even for VM
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
    - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
    - drm/amd/pm: fix warning using uninitialized value of max_vid_step
    - drm/amd/pm: fix the Out-of-bounds read warning
    - drm/amdgpu: fix uninitialized scalar variable warning
    - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
    - drm/amdgpu: avoid reading vf2pf info size from FB
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Add array index check for hdcp ddc access
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Check msg_id before processing transcation
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amd/amdgpu: Check tbo resource pointer
    - drm/amdgpu/pm: Fix uninitialized variable warning for smu10
    - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
    - drm/amdgpu: Fix out-of-bounds write warning
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
      SOCs
    - drm/amdgpu: fix the waring dereferencing hive
    - drm/amd/pm: check specific index for aldebaran
    - drm/amdgpu: the warning dereferencing obj for nbio_v7_4
    - drm/amd/pm: check negtive return for table entries
    - drm/amdgpu: update type of buf size to u32 for eeprom functions
    - wifi: iwlwifi: remove fw_running op
    - cpufreq: scmi: Avoid overflow of target_freq in fast switch
    - PCI: al: Check IORESOURCE_BUS existence during probe
    - hwspinlock: Introduce hwspin_lock_bust()
    - RDMA/efa: Properly handle unexpected AQ completions
    - ionic: fix potential irq name truncation
    - rcu/nocb: Remove buggy bypass lock contention mitigation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - fsnotify: clear PARENT_WATCHED flags lazily
    - smack: tcp: ipv4, fix incorrect labeling
    - drm/meson: plane: Add error handling
    - drm/bridge: tc358767: Check if fully initialized before signalling HPD event
      via IRQ
    - wifi: cfg80211: make hash table duplicates more survivable
    - block: remove the blk_flush_integrity call in blk_integrity_unregister
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
    - virtio_net: Fix napi_skb_cache_put warning
    - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
    - ext4: reject casefold inode flag without casefold feature
    - udf: Limit file size to 4TB
    - ext4: handle redirtying in ext4_bio_write_page()
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
    - KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ALSA: hda/realtek: add patch for internal mic in Lenovo V145
    - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - rtmutex: Drop rt_mutex::wait_lock before scheduling
    - nvme-pci: Add sleep quirk for Samsung 990 Evo
    - Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
    - Bluetooth: MGMT: Ignore keys being loaded with invalid type
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - mmc: cqhci: Fix checking of CQHCI_HALT state
    - fuse: update stats for pages in dropped aux writeback list
    - fuse: use unsigned type for getxattr/listxattr size truncation
    - clk: qcom: clk-alpha-pll: Fix the pll post div mask
    - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
    - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
    - tracing: Avoid possible

Source diff to previous version
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2081279 Jammy update: v5.15.167 upstream stable release
2080594 Jammy update: v5.15.166 upstream stable release
1959940 [22.10 FEAT] KVM: Secure Execution guest dump encryption with customer keys - kernel part
2069961 turbostat fails with too many open files on large systems
2078428 Jammy update: v5.15.165 upstream stable release
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-26800 In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request g
CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing req
CVE-2024-40915 In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel
CVE-2024-38611 In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __
CVE-2024-38602 In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and a
CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a ne
CVE-2024-26607 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash ha
CVE-2024-26893 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in SMC transport cleanup path When the gene
CVE-2024-26661 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In
CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1069.75~20.04.1 2024-10-15 14:10:57 UTC

  linux-oracle-5.15 (5.15.0-1069.75~20.04.1) focal; urgency=medium

  * focal/linux-oracle-5.15: 5.15.0-1069.75~20.04.1 -proposed tracker
    (LP: #2082166)

  [ Ubuntu: 5.15.0-1069.75 ]

  * jammy/linux-oracle: 5.15.0-1069.75 -proposed tracker (LP: #2082167)
  * jammy/linux: 5.15.0-124.134 -proposed tracker (LP: #2082176)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails
  * CVE-2024-38630
    - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
  * CVE-2024-27397
    - netfilter: nf_tables: use timestamp to check for set element timeout

 -- Philip Cox <email address hidden> Thu, 03 Oct 2024 15:31:00 -0400

Source diff to previous version
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time

Version: 5.15.0-1068.74~20.04.1 2024-09-19 13:06:53 UTC

  linux-oracle-5.15 (5.15.0-1068.74~20.04.1) focal; urgency=medium

  * focal/linux-oracle-5.15: 5.15.0-1068.74~20.04.1 -proposed tracker
    (LP: #2078144)

  [ Ubuntu: 5.15.0-1068.74 ]

  * jammy/linux-oracle: 5.15.0-1068.74 -proposed tracker (LP: #2078145)
  * jammy/linux: 5.15.0-122.132 -proposed tracker (LP: #2078154)
  * isolcpus are ignored when using cgroups V2, causing processes to have wrong
    affinity (LP: #2076957)
    - cgroup/cpuset: Optimize cpuset_attach() on v2
  * Jammy update: v5.15.164 upstream stable release (LP: #2076100) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-39494
    - ima: Fix use-after-free on a dentry's dname.name
  * CVE-2024-39496
    - btrfs: zoned: fix use-after-free due to race with dev replace
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * CVE-2024-38570
    - gfs2: Rename sd_{ glock => kill }_wait
    - gfs2: Fix potential glock use-after-free on unmount
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-27012
    - netfilter: nf_tables: restore set elements when delete set fails
  * CVE-2024-26677
    - rxrpc: Fix delayed ACKs to not set the reference serial number

 -- Mehmet Basaran <email address hidden> Mon, 02 Sep 2024 14:53:20 +0300

2076957 isolcpus are ignored when using cgroups V2, causing processes to have wrong affinity
2076100 Jammy update: v5.15.164 upstream stable release
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-39496 In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to race with dev replace While loading a z
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc



About   -   Send Feedback to @ubuntu_updates