UbuntuUpdates.org

Package "linux-nvidia-tegra-5.15-headers-5.15.0-1030"

Name: linux-nvidia-tegra-5.15-headers-5.15.0-1030

Description:

Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1030.30~20.04.1
Release: focal (20.04)
Level: proposed
Repository: universe
Head package: linux-nvidia-tegra-5.15

Links


Download "linux-nvidia-tegra-5.15-headers-5.15.0-1030"


Other versions of "linux-nvidia-tegra-5.15-headers-5.15.0-1030" in Focal

No other version of this package is available in the Focal release.

Changelog

Version: 5.15.0-1030.30~20.04.1 2024-11-11 17:06:52 UTC

  linux-nvidia-tegra-5.15 (5.15.0-1030.30~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1030.30~20.04.1 -proposed tracker
    (LP: #2086946)

  * Don't produce linux-*-cloud-tools-common, linux-*-tools-common and
    linux-*-tools-host binary packages (LP: #2048183)
    - [Packaging] nvidia-tegra-5.15: Remove tools-common and tools-host packages

  [ Ubuntu: 5.15.0-1030.30 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1030.30 -proposed tracker (LP: #2084600)
  * apply NVIDIA patches Sep 20 - Oct 3, 2024 (LP: #2083643)
    - NVIDIA: SAUCE: Revert "regulator: core: Only increment use_count when
      enable_count changes"
  * apply NVIDIA patches Sep 6-19, 2024 (LP: #2081215)
    - NVIDIA: SAUCE: driver: cpufreq: Group cpu policy by clusterid
    - NVIDIA: SAUCE: drivers: clocksource: timer-tegra186: adjust WDT timing
  * jammy/linux-realtime: 5.15.0-1072.80 -proposed tracker (LP: #2082152)
  * jammy/linux: 5.15.0-124.134 -proposed tracker (LP: #2082176)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails
  * CVE-2024-38630
    - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
  * CVE-2024-27397
    - netfilter: nf_tables: use timestamp to check for set element timeout

  [ Ubuntu: 5.15.0-1029.29 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1029.29 -proposed tracker (LP: #2080287)
  * apply NVIDIA patches Aug 17 - Sep 5, 2024 (LP: #2079358)
    - NVIDIA: SAUCE: arm64: configs: Enable platform keyring configs
    - NVIDIA: SAUCE: arm64: configs: Enable CFG80211_WEXT
    - NVIDIA: SAUCE: tty/serial: serial-tegra: DMA improvements
    - dmaengine: tegra186: Fix residual calculation
    - NVIDIA: SAUCE: arm64: configs: Enable UHID
    - iommu/io-pgtable-arm: Optimise non-coherent unmap
  * Tegra234 SD card corruption after rebooting some number of times
    (LP: #2058706)
    - NVIDIA: SAUCE: Revert "UBUNTU: SAUCE: iommu: arm-smmu: io-pgtable: Add
      dma_sync API"
  * jammy/linux-realtime: 5.15.0-1071.79 -proposed tracker (LP: #2078132)
  * jammy/linux: 5.15.0-122.132 -proposed tracker (LP: #2078154)
  * isolcpus are ignored when using cgroups V2, causing processes to have wrong
    affinity (LP: #2076957)
    - cgroup/cpuset: Optimize cpuset_attach() on v2
  * Jammy update: v5.15.164 upstream stable release (LP: #2076100) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-39494
    - ima: Fix use-after-free on a dentry's dname.name
  * CVE-2024-39496
    - btrfs: zoned: fix use-after-free due to race with dev replace
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * CVE-2024-38570
    - gfs2: Rename sd_{ glock => kill }_wait
    - gfs2: Fix potential glock use-after-free on unmount
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-27012
    - netfilter: nf_tables: restore set elements when delete set fails
  * CVE-2024-26677
    - rxrpc: Fix delayed ACKs to not set the reference serial number

  [ Ubuntu: 5.15.0-1028.28 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1028.28 -proposed tracker (LP: #2077667)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.nvidia-tegra/dkms-versions -- update from kernel-versions
      (main/d2024.08.12)
  * apply NVIDIA patches Aug 1-16, 2024 (LP: #2077186)
    - NVIDIA: SAUCE: arm64: configs: Enable BT configs
    - [Config] nvidia-tegra: Set BT configs to builtin
  * jammy/linux-realtime: 5.15.0-1070.78 -proposed tracker (LP: #2075881)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.realtime/dkms-versions -- update from kernel-versions
      (main/2024.08.05)
  * Jammy real-time patch set update: v5.15.163-rt78 (LP: #2076922)
    - rcu/tree: Protect rcu_rdp_is_offloaded() invocations on RT
    - sched: Introduce migratable()
    - arm64: mm: Make arch_faults_on_old_pte() check for migratability
    - printk: rename printk cpulock API and always disable interrupts
    - console: add write_atomic interface
    - kdb: only use atomic consoles for output mirroring
    - serial: 8250: implement write_atomic
    - printk: relocate printk_delay()
    - printk: call boot_delay_msec() in printk_delay()
    - printk: use seqcount_latch for console_seq
    - printk: introduce kernel sync mode
    - printk: move console printing to kthreads
    - printk: add console handover
    - printk: add pr_flush()
    - printk: Enhance the condition check of msleep in pr_flush()
    - sched: Switch wait_task_inactive to HRTIMER_MODE_REL_HARD
    - kthread: Move prio/affinite change into the newly created thread
    - genirq: Move prio assignment into the newly created thread
    - genirq: Disable irqfixup/poll on PREEMPT_RT.
    - efi: Allow efi=runtime
    - mm: Disable zsmalloc on PREEMPT_RT
    - net/core: disable NET_RX_BUSY_POLL on PREEMPT_RT
    - samples/kfifo: Rename read_lock/write_lock
    - crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()
    - mm: Allow only SLUB on PREEMPT_RT
    - mm: page_alloc: Use migrate_disable() in drain_local_pages_wq()
    - mm/scatterlist: Replace the !preemptible warning in sg_miter_stop()
    - mm: Disable NUMA_BALANCING_DEFAULT_ENABLED and TRANSPARENT_HUGEPAGE on
      PREEMPT_RT
    - x86/softirq: Disable softirq stacks on PREEMPT_RT
    - Documentation/kcov: Include types.h in the example.
    - Documentation/kcov: Define `ip' in the example.
    - kcov: Allocate per-CPU memory on the relevant node.
    - kcov: Avoid enable+disable interrupts if !in_task().
    - kcov: Replace local_irq_save() with a local_lock_t.
    - net/sched: sch_ets: properly init all active DRR list handles
    - gen_stats: Add instead Set the value in __gnet_stats_copy_basic().
    - gen_stats: Add gnet_stats_add_queue().
    - mq, mqprio: Use gnet_stats_add_queue().
    - gen_stats: Move remaining users to gnet_stats_add_queue().
    - u64_stats: Introduc

Source diff to previous version
2048183 Don't produce linux-*-cloud-tools-common, linux-*-tools-common and linux-*-tools-host binary packages
2083643 apply NVIDIA patches Sep 20 - Oct 3, 2024
2081215 apply NVIDIA patches Sep 6-19, 2024
2079358 apply NVIDIA patches Aug 17 - Sep 5, 2024
2058706 Tegra234 SD card corruption after rebooting some number of times
2076957 isolcpus are ignored when using cgroups V2, causing processes to have wrong affinity
2076100 Jammy update: v5.15.164 upstream stable release
1786013 Packaging resync
2077186 apply NVIDIA patches Aug 1-16, 2024
2076922 Jammy real-time patch set update: v5.15.163-rt78
2076334 jammy:linux bpf selftest do not build
2075170 Jammy update: v5.15.163 upstream stable release
2074215 [SRU] UBSAN warnings in bnx2x kernel driver
2073765 Jammy update: v5.15.162 upstream stable release
2072858 Fix L2CAP/LE/CPU/BI-02-C bluetooth certification failure
2073092 net/sched: Fix conntrack use-after-free
2072617 Jammy update: v5.15.161 upstream stable release
2073267 Virtualbox Guru meditation on VM start caused by kernel commit in v6.9-rc4
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu
CVE-2024-38630 In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the
CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a time
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on re
CVE-2024-39496 In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to race with dev replace While loading a z
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is rel
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort pat
CVE-2024-26677 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construc
CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and oth
CVE-2024-39484 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit f
CVE-2024-39292 In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winc
CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a
CVE-2024-26830 In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently wh
CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aq_ring_hwts_rx_alloc
CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether w
CVE-2023-52629 In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The ori

Version: 5.15.0-1027.27~20.04.1 2024-08-14 03:07:06 UTC

  linux-nvidia-tegra-5.15 (5.15.0-1027.27~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1027.27~20.04.1 -proposed tracker
    (LP: #2076710)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.nvidia-tegra-5.15/dkms-versions -- update from kernel-
      versions (main/d2024.07.08)

  [ Ubuntu: 5.15.0-1027.27 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1027.27 -proposed tracker (LP: #2075537)
  * Disable DEBUG_PREEMPT in jammy and noble realtime kernels (LP: #2071853)
    - [Config] nvidia-tegra: Disable CONFIG_DEBUG_PREEMPT
  * apply NVIDIA patches July 11-31, 2024 (LP: #2075392)
    - NVIDIA: SAUCE: xhci: tegra: Improve remote wakeup
    - of: also handle dma-noncoherent in of_dma_is_coherent()
    - NVIDIA: SAUCE: ASoC: dapm: Fix UAF of snd_soc_pcm_runtime in system suspend
    - Revert "UBUNTU: SAUCE: mmc: host: Add prod framework changes"
    - NVIDIA: SAUCE: kernel: arm64: Add "model name" for 64bit tasks
  * Enable CONFIG_KVM for nvidia-tegra(-igx) kernels (LP: #2074228)
    - arm64: Select POSIX_CPU_TIMERS_TASK_WORK
    - arm64: Allow selecting KVM and PREEMPT_RT
    - [Config] nvidia-tegra: Enable CONFIG_KVM
  * jammy/linux-realtime: 5.15.0-1068.76 -proposed tracker (LP: #2072232)
  * Disable DEBUG_PREEMPT in jammy and noble realtime kernels (LP: #2071853)
    - [Config] realtime: Disable CONFIG_DEBUG_PREEMPT
  * jammy/linux: 5.15.0-118.128 -proposed tracker (LP: #2072255)
  * Jammy update: v5.15.160 upstream stable release (LP: #2070292)
    - drm/amd/display: Fix division by zero in setup_dsc_config
    - pinctrl: core: handle radix_tree_insert() errors in
      pinctrl_register_one_pin()
    - nfsd: don't allow nfsd threads to be signalled.
    - KEYS: trusted: Fix memory leak in tpm2_key_encode()
    - Revert "selftests: mm: fix map_hugetlb failure on 64K page size systems"
    - net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
    - net: bcmgenet: synchronize UMAC_CMD access
    - netlink: annotate lockless accesses to nlk->max_recvmsg_len
    - netlink: annotate data-races around sk->sk_err
    - KVM: x86: Clear "has_error_code", not "error_code", for RM exception
      injection
    - drm/amdgpu: Fix possible NULL dereference in
      amdgpu_ras_query_error_status_helper()
    - binder: fix max_thread type inconsistency
    - usb: typec: ucsi: displayport: Fix potential deadlock
    - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
    - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
    - KEYS: trusted: Do not use WARN when encode fails
    - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
    - docs: kernel_include.py: Cope with docutils 0.21
    - Linux 5.15.160
  * Jammy update: v5.15.159 upstream stable release (LP: #2070028)
    - dmaengine: pl330: issue_pending waits until WFP state
    - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
    - wifi: nl80211: don't free NULL coalescing rule
    - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf
    - ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
    - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename
    - eeprom: at24: Use dev_err_probe for nvmem register failure
    - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
    - eeprom: at24: fix memory corruption race condition
    - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T
    - pinctrl/meson: fix typo in PDM's pin name
    - pinctrl: core: delete incorrect free in pinctrl_enable()
    - pinctrl: mediatek: paris: Rework mtk_pinconf_{get,set} switch/case logic
    - pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback
    - pinctrl: mediatek: paris: Rework support for
      PIN_CONFIG_{INPUT,OUTPUT}_ENABLE
    - sunrpc: add a struct rpc_stats arg to rpc_create_args
    - nfs: expose /proc/net/sunrpc/nfs in net namespaces
    - nfs: make the rpc_stat per net namespace
    - nfs: Handle error of rpc_proc_register() in nfs_net_init().
    - power: rt9455: hide unused rt9455_boost_voltage_values
    - power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator
    - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
    - regulator: mt6360: De-capitalize devicetree regulator subnodes
    - bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
    - bpf: Fix a verifier verbose message
    - spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
    - s390/mm: Fix storage key clearing for guest huge pages
    - s390/mm: Fix clearing storage keys for huge pages
    - xdp: Move conversion to xdp_frame out of map functions
    - xdp: Add xdp_do_redirect_frame() for pre-computed xdp_frames
    - xdp: use flags field to disambiguate broadcast redirect
    - bna: ensure the copied buf is NUL terminated
    - octeontx2-af: avoid off-by-one read from userspace
    - nsh: Restore skb->{protocol,data,mac_header} for outer header in
      nsh_gso_segment().
    - net l2tp: drop flow hash on forward
    - s390/vdso: Add CFI for RA register to asm macro vdso_func
    - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
    - net: qede: use return from qede_parse_flow_attr() for flower
    - net: qede: use return from qede_parse_flow_attr() for flow_spec
    - net: qede: use return from qede_parse_actions()
    - ASoC: meson: axg-fifo: use FIELD helpers
    - ASoC: meson: axg-fifo: use threaded irq to check periods
    - ASoC: meson: axg-card: make links nonatomic
    - ASoC: meson: axg-tdm-interface: manage formatters in trigger
    - ASoC: meson: cards: select SND_DYNAMIC_MINORS
    - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
    - s390/cio: Ensure the copied buf is NUL terminated
    - cxgb4: Properly lock TX queue for the selftest.
    - net: dsa: mv88e6xxx: Fix number of databases for 88E6141 / 88E6341
    - net: bridge: fi

Source diff to previous version
1786013 Packaging resync
2071853 Disable DEBUG_PREEMPT in jammy and noble realtime kernels
2075392 apply NVIDIA patches July 11-31, 2024
2074228 Enable CONFIG_KVM for nvidia-tegra(-igx) kernels
2070292 Jammy update: v5.15.160 upstream stable release
2070028 Jammy update: v5.15.159 upstream stable release
2061091 Freezing user space processes failed after 20.008 seconds (1 tasks refusing to freeze, wq_busy=0)
2069081 idxd: NULL pointer dereference reading wq op_config attribute
2068738 AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to black screen
2072662 apply NVIDIA patches June 1 - July 10, 2024
2067781 apply NVIDIA patches April 17 - May 31, 2024
2069426 Jammy real-time patch set update: v5.15.158-rt76
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
2065655 Jammy real-time patch set update: v5.15.153-rt75
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(
CVE-2024-2201 Native Branch History Injection

Version: 5.15.0-1025.25~20.04.1 2024-05-06 19:07:22 UTC

  linux-nvidia-tegra-5.15 (5.15.0-1025.25~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1025.25~20.04.1 -proposed tracker
    (LP: #2063266)

  [ Ubuntu: 5.15.0-1025.25 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1025.25 -proposed tracker (LP: #2063258)
  * apply NVIDIA patches April 6-16, 2024 (LP: #2061900)
    - NVIDIA: SAUCE: phy: xusb: Disable USB2 tracking for T234
    - NVIDIA: SAUCE: enable handling of macronix block protection
    - PCI: dwc: Restore MSI Receiver mask during resume
  * apply NVIDIA patches Mar 22 - April 5, 2024 (LP: #2060337)
    - NVIDIA: SAUCE: arm64: configs: enable hidraw
    - NVIDIA: SAUCE: PCI: tegra194: Fix probe path for Endpoint mode
    - NVIDIA: SAUCE: arm64: defconfig: Enable DMATEST
    - NVIDIA: SAUCE: arm64: configs: Enable CONFIG_CRYPTO_USER_API_* as module
    - NVIDIA: SAUCE: soc/tegra: fuse: Update Tegra234 nvmem keepout list
    - NVIDIA: SAUCE: soc/tegra: fuse: Remove security_mode fuse from keepout list
    - [Config] Enable DMATEST

 -- Noah Wager <email address hidden> Wed, 24 Apr 2024 11:56:01 -0700

Source diff to previous version
2061900 apply NVIDIA patches April 6-16, 2024
2060337 apply NVIDIA patches Mar 22 - April 5, 2024

Version: 5.15.0-1024.24~20.04.1 2024-04-22 15:07:52 UTC

  linux-nvidia-tegra-5.15 (5.15.0-1024.24~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1024.24~20.04.1 -proposed tracker
    (LP: #2061844)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  [ Ubuntu: 5.15.0-1024.24 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1024.24 -proposed tracker (LP: #2061683)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * jammy/linux-realtime: 5.15.0-1061.69 -proposed tracker (LP: #2061497)
  * jammy/linux: 5.15.0-105.115 -proposed tracker (LP: #2061372)
  * Jammy update: v5.15.149 upstream stable release (LP: #2059014) // CIFS
    stopped working/is unstable with kernel update to 5.15.0-102.112
    (LP: #2060780)
    - smb3: Replace smb2pdu 1-element arrays with flex-arrays
  * jammy/linux-realtime: 5.15.0-1059.67 -proposed tracker (LP: #2059663)
  * Packaging resync (LP: #1786013)
    - [Packaging]: realtime: drop getabis data
  * jammy/linux: 5.15.0-103.113 -proposed tracker (LP: #2059683)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-24023
    - Bluetooth: Add more enc key size check
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Jammy update: v5.15.149 upstream stable release (LP: #2059014) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc

 -- Jacob Martin <email address hidden> Tue, 16 Apr 2024 09:21:36 -0500

Source diff to previous version
1786013 Packaging resync
2059014 Jammy update: v5.15.149 upstream stable release
2060780 CIFS stopped working/is unstable with kernel update to 5.15.0-102.112
2059143 Remove getabis scripts
CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on

Version: 5.15.0-1023.23~20.04.1 2024-04-02 21:06:50 UTC

  linux-nvidia-tegra-5.15 (5.15.0-1023.23~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1023.23~20.04.1 -proposed tracker
    (LP: #2059812)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] debian.nvidia-tegra-5.15/dkms-versions -- update from kernel-
      versions (main/2024.03.04)

  [ Ubuntu: 5.15.0-1023.23 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1023.23 -proposed tracker (LP: #2059811)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] debian.nvidia-tegra/dkms-versions -- update from kernel-versions
      (main/2024.03.04)
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - [Packaging]: nvidia-tegra: Include erofs in linux-modules instead of linux-
      modules-extra
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging]: nvidia-tegra: Move dmi-sysfs.ko into linux-modules
  * apply nvidia-tegra patches 2024 Mar 9-20 (LP: #2058550)
    - drm: Call drm_atomic_helper_shutdown() at shutdown time for misc drivers
    - NVIDIA: SAUCE: drm: Call drm_dev_unregister() at shutdown for AST
    - NVIDIA: SAUCE: arch: arm64: Update CONFIG_LSM in defconfig
    - NVIDIA: SAUCE: pinctrl: tegra: Add config property GPIO mode
  * apply nvidia-tegra patches 2024 Mar 8 (LP: #2056594)
    - NVIDIA: SAUCE: phy: tegra194-p2u: Fix device-tree backward compatibility
  * apply nvidia-tegra patches 2024 Mar 1-7 (LP: #2056486)
    - docs: tegra194-hte.rst: don't include gpiolib.c twice
    - tegra194-hte.rst: fix reference to its binding
    - gpiolib: cdev: fix null pointer dereference in linereq_free()
    - gpiolib: cdev: simplify linereq_free
    - gpiolib: cdev: simplify parameter in call to hte_edge_setup
    - gpiolib: cdev: replace if-else chains with switches
    - gpiolib: cdev: simplify line event identification
    - gpiolib: cdev: consolidate edge detector configuration flags
    - gpiolib: cdev: compile out HTE unless CONFIG_HTE selected
    - gpiolib: cdev: Fix typo in kernel doc for struct line
    - MAINTAINERS: Add HTE/timestamp subsystem details
    - dt-bindings: timestamp: Add Tegra234 support
    - dt-bindings: timestamp: Deprecate nvidia,slices property
    - arm64: tegra: Add Tegra234 GTE nodes
    - hte: Re-phrase tegra API document
    - hte: Add Tegra234 provider
    - hte: Deprecate nvidia,slices property
    - hte: handle nvidia,gpio-controller property
    - gpio: tegra186: Add Tegra234 hte support
    - hte: tegra: fix 'struct of_device_id' build error
    - hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
    - hte: Use device_match_of_node()
    - hte: tegra-194: Use proper includes
    - NVIDIA: SAUCE: hte: modify gpio controller match function
    - NVIDIA: SAUCE: WAR: tee: optee: Fix race condition
    - kbuild: Modify default INSTALL_MOD_DIR from extra to updates
  * apply nvidia-tegra patches 2024 Feb 6-29 (LP: #2055468)
    - NVIDIA: SAUCE: mmc: host: program SPARE0 register field even if supplies are
      not populated
    - NVIDIA: SAUCE: arm64: configs: enable joystick driver
    - NVIDIA: SAUCE: arm64: configs: Enable aQuantia driver in rel-36.
    - NVIDIA: SAUCE: spi: Remove compatible string for T234
    - NVIDIA: SAUCE: arm64: configs: enable Android configs
  * jammy/linux-realtime: 5.15.0-1058.66 -proposed tracker (LP: #2055612)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - debian.realtime/dkms-versions -- update from kernel-versions
      (main/2024.03.04)
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - [Packaging]: realtime: Include erofs in linux-modules instead of linux-
      modules-extra
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging]: realtime: Move dmi-sysfs.ko into linux-modules
  * jammy/linux: 5.15.0-102.112 -proposed tracker (LP: #2055632)
  * Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
    - [Packaging] Drop abi checks from final-checks
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
  * block/loop: No longer allows to create partitions (LP: #2056143)
    - block, loop: support partitions without scanning
  * Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
    - [Packaging] remove update-version-dkms
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra
  * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
    - [Packaging] rules: Put usbip manpages in the correct directory
  * CVE-2024-23851
    - dm ioctl: log an error if the ioctl structure is corrupted
    - dm: limit the number of targets and parameter size area
  * CVE-2024-23850
    - btrfs: do not ASSERT() if the newly created subvolume already got read
  * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules
  * Fix bpf selftests build failure after v5.15.139 update (LP: #2054567)
    - Revert "selftests/bpf: Test tail call counti

1786013 Packaging resync
2054809 linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-modules-extra to linux-modules
2045561 linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from linux-modules-extra to linux-modules
2058550 apply nvidia-tegra patches 2024 Mar 9-20
2056594 apply nvidia-tegra patches 2024 Mar 8
2056486 apply nvidia-tegra patches 2024 Mar 1-7
2055468 apply nvidia-tegra patches 2024 Feb 6-29
2055686 Drop ABI checks from kernel build
2056143 block/loop: No longer allows to create partitions
2055685 Cranky update-dkms-versions rollout
2054094 linux-tools-common: man page of usbip[d] is misplaced
2054699 x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
2054567 Fix bpf selftests build failure after v5.15.139 update
2055145 Jammy update: v5.15.148 upstream stable release
2053251 performance: Scheduler: ratelimit updating of load_avg
2054411 Jammy update: v5.15.147 upstream stable release
2053152 performance: mm/percpu-internal.h: Re-layout pcpu_chunk to mitigate false sharing
2053069 performance: address_space: add padding for i_map and i_mmap_rwsem to mitigate a false sharing
2052817 cpufreq: intel_pstate: Enable HWP IO boost for all servers
2052827 performance: mm/memcontrol.c: remove the redundant updating of stats_flush_threshold
2053212 Jammy update: v5.15.146 upstream stable release
1971699 disable Intel DMA remapping by default
2052005 Validate connection interval to pass Bluetooth Test Suite
2052406 Jammy update: v5.15.145 upstream stable release
2052404 Jammy update: v5.15.144 upstream stable release
2049689 partproke is broken on empty loopback device
2050858 Jammy update: v5.15.143 upstream stable release
2036239 Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
2048404 Don't WARN_ON_ONCE() for a broken discovery table
2047634 Reject connection when malformed L2CAP signal packet is received
2050849 Jammy update: v5.15.142 upstream stable release
2050044 Jammy update: v5.15.141 upstream stable release
2050038 Jammy update: v5.15.140 upstream stable release
2049432 Jammy update: v5.15.139 upstream stable release
2049417 Jammy update: v5.15.138 upstream stable release
2049350 Jammy update: v5.15.137 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-32247 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_S
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_
CVE-2023-0340 The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contribu
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race conditio
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-46862 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2023-22995 In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and
CVE-2023-4134 Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()



About   -   Send Feedback to @ubuntu_updates