Package "linux"

  linux (5.13.0-52.59) impish; urgency=medium

  * impish/linux: 5.13.0-52.59 -proposed tracker (LP: #1978628)

  * CVE-2022-28388
    - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
      path

  * test_vxlan_under_vrf.sh in net from ubuntu_kernel_selftests failed (Check VM
    connectivity through VXLAN (underlay in the default VRF) [FAIL])
    (LP: #1871015)
    - selftests: net: test_vxlan_under_vrf: fix HV connectivity test
    - selftests: test_vxlan_under_vrf: Fix broken test case

  * [UBUNTU 20.04] CPU-MF: add extended counter set definitions for new IBM z16
    (LP: #1974433)
    - s390/cpumf: add new extended counter set for IBM z16

  * [UBUNTU 20.04] KVM nesting support leaks too much memory, might result in
    stalls during cleanup (LP: #1974017)
    - KVM: s390: vsie/gmap: reduce gmap_rmap overhead

  * [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
    (LP: #1968096)
    - NFS: Fix up nfs_ctx_key_to_expire()

  * prevent kernel panic with overlayfs + shiftfs (LP: #1973620)
    - SAUCE: overlayfs: prevent dereferencing struct file in ovl_vm_prfile_set()

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.05.30)

 -- Luke Nowakowski-Krijger <email address hidden> Wed, 15 Jun 2022 12:56:23 -0700

  linux (5.13.0-51.58) impish; urgency=medium

  * CVE-2022-21123 // CVE-2022-21125 // CVE-2022-21166
    - Documentation: Add documentation for Processor MMIO Stale Data
    - x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
    - x86/speculation: Add a common function for MD_CLEAR mitigation update
    - x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
    - x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
    - x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
    - x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
    - x86/speculation/srbds: Update SRBDS mitigation selection
    - x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
    - KVM: x86/speculation: Disable Fill buffer clear within guests
    - x86/speculation/mmio: Print SMT warning

 -- Thadeu Lima de Souza Cascardo <email address hidden> Mon, 13 Jun 2022 10:18:56 -0300

  linux (5.13.0-48.54) impish; urgency=medium

  * CVE-2022-1972
    - netfilter: nf_tables: sanitize nft_set_desc_concat_parse()

  * CVE-2022-1966
    - netfilter: nf_tables: disallow non-stateful expression in sets earlier

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 01 Jun 2022 16:14:14 -0300

  linux (5.13.0-46.51) impish; urgency=medium

  * CVE-2022-21499
    - SAUCE: debug: Lock down kgdb

  linux (5.13.0-44.49) impish; urgency=medium

  * impish/linux: 5.13.0-44.49 -proposed tracker (LP: #1973941)

  * CVE-2022-29581
    - net/sched: cls_u32: fix netns refcount changes in u32_change()

  * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP
    option (LP: #1972740)
    - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE

  * ext4: limit length to bitmap_maxbytes (LP: #1972281)
    - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole

 -- Kleber Sacilotto de Souza <email address hidden> Wed, 18 May 2022 14:56:02 +0200