UbuntuUpdates.org

Package "linux-tools-5.15.0-125-generic"

Name: linux-tools-5.15.0-125-generic

Description:

Linux kernel version specific tools for version 5.15.0-125

Latest version: 5.15.0-125.135
Release: jammy (22.04)
Level: proposed
Repository: main
Head package: linux

Links


Download "linux-tools-5.15.0-125-generic"


Other versions of "linux-tools-5.15.0-125-generic" in Jammy

Repository Area Version
PPA: Canonical Kernel Team 5.15.0-125.135

Changelog

Version: 5.15.0-115.125 2024-06-10 19:07:11 UTC

  linux (5.15.0-115.125) jammy; urgency=medium

  * jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.06.10)

  * Jammy update: v5.15.158 upstream stable release (LP: #2067974)
    - smb: client: fix rename(2) regression against samba
    - cifs: reinstate original behavior again for forceuid/forcegid
    - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
    - HID: logitech-dj: allow mice to use all types of reports
    - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
    - arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
    - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
    - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
    - arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
    - arm64: dts: mediatek: mt7622: add support for coherent DMA
    - arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
    - arm64: dts: mediatek: mt7622: fix clock controllers
    - arm64: dts: mediatek: mt7622: fix IR nodename
    - arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
    - arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
    - arm64: dts: mediatek: mt2712: fix validation errors
    - ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
    - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
    - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
    - vxlan: drop packets from invalid src-address
    - mlxsw: core: Unregister EMAD trap using FORWARD action
    - icmp: prevent possible NULL dereferences from icmp_build_probe()
    - bridge/br_netlink.c: no need to return void function
    - NFC: trf7970a: disable all regulators on removal
    - ipv4: check for NULL idev in ip_route_use_hint()
    - net: usb: ax88179_178a: stop lying about skb->truesize
    - net: gtp: Fix Use-After-Free in gtp_dellink
    - ipvs: Fix checksumming on GSO of SCTP packets
    - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
    - mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
    - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
    - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
    - mlxsw: spectrum_acl_tcam: Rate limit error message
    - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
    - mlxsw: spectrum_acl_tcam: Fix warning during rehash
    - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
    - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
    - netfilter: nf_tables: honor table dormant flag from netdev release event
      path
    - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
    - i40e: Report MFS in decimal base instead of hex
    - iavf: Fix TC config comparison with existing adapter TC config
    - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
    - af_unix: Suppress false-positive lockdep splat for spin_lock() in
      __unix_gc().
    - serial: core: Provide port lock wrappers
    - serial: mxs-auart: add spinlock around changing cts state
    - drm-print: add drm_dbg_driver to improve namespace symmetry
    - drm/vmwgfx: Fix crtc's atomic check conditional
    - Revert "crypto: api - Disallow identical driver names"
    - net/mlx5e: Fix a race in command alloc flow
    - tracing: Show size of requested perf buffer
    - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
      together
    - x86/cpu: Fix check for RDPKRU in __show_regs()
    - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
    - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
    - Bluetooth: qca: fix NULL-deref on non-serdev suspend
    - mmc: sdhci-msm: pervent access to suspended controller
    - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
    - cpu: Re-enable CPU mitigations by default for !X86 architectures
    - [Configs] Update CPU mitigation configs
    - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
    - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
    - drm/amdgpu: Fix leak when GPU memory allocation fails
    - irqchip/gic-v3-its: Prevent double free on error
    - ethernet: Add helper for assigning packet type when dest address does not
      match device address
    - net: b44: set pause params only when interface is up
    - stackdepot: respect __GFP_NOLOCKDEP allocation flag
    - mtd: diskonchip: work around ubsan link failure
    - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
    - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
    - dmaengine: owl: fix register access functions
    - idma64: Don't try to serve interrupts when device is powered off
    - dma: xilinx_dpdma: Fix locking
    - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
    - riscv: fix VMALLOC_START definition
    - riscv: Fix TASK_SIZE on 64-bit NOMMU
    - i2c: smbus: fix NULL function pointer dereference
    - fbdev: fix incorrect address computation in deferred IO
    - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
    - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
    - udp: preserve the connected status if only UDP cmsg
    - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
    - Linux 5.15.158

  * Jammy update: v5.15.157 upstream stable release (LP: #2067959)
    - ksmbd: don't send oplock break if rename fails
    - ksmbd: validate payload size in ipc response
    - ksmbd: do not set SMB2_GLOBAL_CAP_ENCRYPTION for SMB 3.1.1
    - btrfs: record delayed inode root in transaction
    - SUNRPC: Fix rpcgss_context trace event acceptor field
    - selftests/ftrace: Limit length in subsystem-enable tests
    - bpf: Extend kfunc with PTR_TO_CTX,

Source diff to previous version
1786013 Packaging resync
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-112.122 2024-05-25 03:07:08 UTC

  linux (5.15.0-112.122) jammy; urgency=medium

  * jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)

  * CVE-2024-21823
    - dmanegine: idxd: reformat opcap output to match bitmap_parse() input
    - dmaengine: idxd: add WQ operation cap restriction support
    - dmaengine: idxd: add knob for enqcmds retries
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

Source diff to previous version
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow

Version: 5.15.0-111.121 2024-05-07 17:07:16 UTC

  linux (5.15.0-111.121) jammy; urgency=medium

  * jammy/linux: 5.15.0-111.121 -proposed tracker (LP: #2063763)

  * RTL8852BE fw security fail then lost WIFI function during suspend/resume
    cycle (LP: #2063096)
    - wifi: rtw89: download firmware with five times retry

  * Mount CIFS fails with Permission denied (LP: #2061986)
    - cifs: fix ntlmssp auth when there is no key exchange

  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown

  * Jammy update: v5.15.153 upstream stable release (LP: #2063290)
    - io_uring/unix: drop usage of io_uring socket
    - io_uring: drop any code related to SCM_RIGHTS
    - selftests: tls: use exact comparison in recv_partial
    - ASoC: rt5645: Make LattePanda board DMI match more precise
    - x86/xen: Add some null pointer checking to smp.c
    - MIPS: Clear Cause.BD in instruction_pointer_set
    - HID: multitouch: Add required quirk for Synaptics 0xcddc device
    - gen_compile_commands: fix invalid escape sequence warning
    - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
    - RDMA/mlx5: Relax DEVX access upon modify commands
    - riscv: dts: sifive: add missing #interrupt-cells to pmic
    - x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
    - x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
    - net/iucv: fix the allocation size of iucv_path_table array
    - parisc/ftrace: add missing CONFIG_DYNAMIC_FTRACE check
    - block: sed-opal: handle empty atoms when parsing response
    - dm-verity, dm-crypt: align "struct bvec_iter" correctly
    - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
    - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
    - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
    - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
    - firewire: core: use long bus reset on gap count error
    - ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
    - Input: gpio_keys_polled - suppress deferred probe error for gpio
    - ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
    - ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
    - ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
    - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
    - s390/dasd: put block allocation in separate function
    - s390/dasd: add query PPRC function
    - s390/dasd: add copy pair setup
    - s390/dasd: add autoquiesce feature
    - s390/dasd: Use dev_*() for device log messages
    - s390/dasd: fix double module refcount decrement
    - fs/select: rework stack allocation hack for clang
    - md: Don't clear MD_CLOSING when the raid is about to stop
    - lib/cmdline: Fix an invalid format specifier in an assertion msg
    - time: test: Fix incorrect format specifier
    - rtc: test: Fix invalid format specifier.
    - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
    - timekeeping: Fix cross-timestamp interpolation on counter wrap
    - timekeeping: Fix cross-timestamp interpolation corner case decision
    - timekeeping: Fix cross-timestamp interpolation for non-x86
    - sched/fair: Take the scheduling domain into account in select_idle_core()
    - wifi: ath10k: fix NULL pointer dereference in
      ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()
    - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
    - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
    - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
    - wifi: b43: Disable QoS for bcm4331
    - wifi: wilc1000: fix declarations ordering
    - wifi: wilc1000: fix RCU usage in connect path
    - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
    - wifi: wilc1000: fix multi-vif management when deleting a vif
    - wifi: mwifiex: debugfs: Drop unnecessary error check for
      debugfs_create_dir()
    - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
    - cpufreq: Explicitly include correct DT includes
    - cpufreq: mediatek-hw: Wait for CPU supplies before probing
    - sock_diag: annotate data-races around sock_diag_handlers[family]
    - inet_diag: annotate data-races around inet_diag_table[]
    - bpftool: Silence build warning about calloc()
    - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
    - cpufreq: mediatek-hw: Don't error out if supply is not found
    - arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL i.MX8MM
    - arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals on BL
      board
    - arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on SD
      card
    - arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card IO
      voltage
    - arm64: dts: imx8mm-kontron: Disable pull resistors for SD card signals on BL
      board
    - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
    - wifi: iwlwifi: mvm: report beacon protection failures
    - wifi: iwlwifi: dbg-tlv: ensure NUL termination
    - wifi: iwlwifi: fix EWRD table validity check
    - arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS
    - pwm: atmel-hlcdc: Convert to platform remove callback returning void
    - pwm: atmel-hlcdc: Use consistent variable naming
    - pwm: atmel-hlcdc: Fix clock imbalance related to suspend support
    - net: blackhole_dev: fix build warning for ethh set but not used
    - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
    - pwm: sti: Implement .apply() callback
    - pwm: sti: Fix capture for st,pwm-num-chan < st,capture-num-chan
    - wifi: iwlwifi: mvm: don't set replay counters to 0xff
    - s390/vdso: drop '-fPIC' from LDFLAGS
    - ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()
    - arm64: dts: mt8183: kukui: Add Type C node
    - arm64: dts: mt8183: kukui: Split out keyboard nod

Source diff to previous version
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(

Version: 5.15.0-106.116 2024-04-22 13:07:25 UTC

  linux (5.15.0-106.116) jammy; urgency=medium

  * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)

  * CVE-2024-2201
    - x86/bugs: Use sysfs_emit()
    - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
    - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
    - KVM: x86: Use a switch statement and macros in __feature_translate()
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)

  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script

  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines

  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
    - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}

  * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
    counter (LP: #2058485)
    - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
    - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
    - ipc: Store mqueue sysctls in the ipc namespace
    - ipc: Store ipc sysctls in the ipc namespace
    - ipc: Use the same namespace to modify and validate
    - ipc: Remove extra1 field abuse to pass ipc namespace
    - ipc: Check permissions for checkpoint_restart sysctls at open time
    - percpu: add percpu_counter_add_local and percpu_counter_sub_local
    - ipc/msg: mitigate the lock contention with percpu counter

  * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
    - ksmbd: free ppace array on error in parse_dacl
    - ksmbd: don't allow O_TRUNC open on read-only share
    - ksmbd: validate mech token in session setup
    - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
    - ksmbd: only v2 leases handle the directory
    - iio: adc: ad7091r: Set alert bit in config register
    - iio: adc: ad7091r: Allow users to configure device events
    - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
    - dmaengine: fix NULL pointer in channel unregistration function
    - scsi: ufs: core: Simplify power management during async scan
    - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
    - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
    - ext4: allow for the last group to be marked as trimmed
    - btrfs: sysfs: validate scrub_speed_max value
    - crypto: api - Disallow identical driver names
    - PM: hibernate: Enforce ordering during image compression/decompression
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
    - crypto: s390/aes - Fix buffer overread in CTR mode
    - media: imx355: Enable runtime PM before registering async sub-device
    - rpmsg: virtio: Free driver_override when rpmsg_remove()
    - media: ov9734: Enable runtime PM before registering async sub-device
    - mips: Fix max_mapnr being uninitialized on early stages
    - bus: mhi: host: Drop chan lock before queuing buffers
    - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
    - parisc/firmware: Fix F-extend for PDC addresses
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
    - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
    - lsm: new security_file_ioctl_compat() hook
    - scripts/get_abi: fix source path leak
    - mmc: core: Use mrq.sbc in close-ended ffu
    - mmc: mmc_spi: remove custom DMA mapped buffers
    - rtc: Adjust failure return code for cmos_set_alarm()
    - nouveau/vmm: don't set addr on the fail path to avoid warning
    - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
    - rename(): fix the locking of subdirectories
    - ksmbd: set v2 lease version on lease upgrade
    - ksmbd: fix potential circular locking issue in smb2_set_ea()
    - ksmbd: don't increment epoch if current state and request state are same
    - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
    - ksmbd: Add missing set_freezable() for freezable kthread
    - net/smc: fix illegal rmb_desc access in SMC-D connection dump
    - tcp: make sure init the accept_queue's spinlocks once
    - bnxt_en: Wait for FLR to complete during probe
    - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
    - llc: make llc_ui_sendmsg() more robust against bonding changes
    - llc: Drop support for ETH_P_TR_802_2.
    - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
    - tracing: Ensure visibility when inserting an element into tracing_map
    - afs: Hide silly-rename files from userspace
    - tcp: Add memory barrier to tcp_push()
    - netlink: fix potential sleeping issue in mqueue_flush_file
    - ipv6: init the accept_queue's spinlocks in inet6_create
    - net/mlx5: DR, Use the right GVMI number for drop action
    - net/mlx5: DR, Align mlx5dv_dr API vport action with FW behavior
    - net/mlx5: DR, Can't go to uplink vport on RX rule
    - net/mlx5e: fix a double-free in arfs_create_groups
    - net/mlx5e: fix a potential double-free in fs_any_create_groups
    - overflow: Allow mixed type arguments
    - netfilter: nft_limit: reject configurations that cause integer overflow
    - netfilter:

Source diff to previous version
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
CVE-2024-2201 Native Branch History Injection
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.

Version: 5.15.0-104.114 2024-04-11 12:06:53 UTC

  linux (5.15.0-104.114) jammy; urgency=medium

  * jammy/linux: 5.15.0-104.114 -proposed tracker (LP: #2059497)

  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script

  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines

  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
    - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}

  * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
    counter (LP: #2058485)
    - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
    - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
    - ipc: Store mqueue sysctls in the ipc namespace
    - ipc: Store ipc sysctls in the ipc namespace
    - ipc: Use the same namespace to modify and validate
    - ipc: Remove extra1 field abuse to pass ipc namespace
    - ipc: Check permissions for checkpoint_restart sysctls at open time
    - percpu: add percpu_counter_add_local and percpu_counter_sub_local
    - ipc/msg: mitigate the lock contention with percpu counter

  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis

  * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
    - ksmbd: free ppace array on error in parse_dacl
    - ksmbd: don't allow O_TRUNC open on read-only share
    - ksmbd: validate mech token in session setup
    - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
    - ksmbd: only v2 leases handle the directory
    - iio: adc: ad7091r: Set alert bit in config register
    - iio: adc: ad7091r: Allow users to configure device events
    - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
    - dmaengine: fix NULL pointer in channel unregistration function
    - scsi: ufs: core: Simplify power management during async scan
    - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
    - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
    - ext4: allow for the last group to be marked as trimmed
    - btrfs: sysfs: validate scrub_speed_max value
    - crypto: api - Disallow identical driver names
    - PM: hibernate: Enforce ordering during image compression/decompression
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
    - crypto: s390/aes - Fix buffer overread in CTR mode
    - media: imx355: Enable runtime PM before registering async sub-device
    - rpmsg: virtio: Free driver_override when rpmsg_remove()
    - media: ov9734: Enable runtime PM before registering async sub-device
    - mips: Fix max_mapnr being uninitialized on early stages
    - bus: mhi: host: Drop chan lock before queuing buffers
    - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
    - parisc/firmware: Fix F-extend for PDC addresses
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
    - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
    - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
    - lsm: new security_file_ioctl_compat() hook
    - scripts/get_abi: fix source path leak
    - mmc: core: Use mrq.sbc in close-ended ffu
    - mmc: mmc_spi: remove custom DMA mapped buffers
    - rtc: Adjust failure return code for cmos_set_alarm()
    - nouveau/vmm: don't set addr on the fail path to avoid warning
    - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
    - rename(): fix the locking of subdirectories
    - ksmbd: set v2 lease version on lease upgrade
    - ksmbd: fix potential circular locking issue in smb2_set_ea()
    - ksmbd: don't increment epoch if current state and request state are same
    - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
    - ksmbd: Add missing set_freezable() for freezable kthread
    - net/smc: fix illegal rmb_desc access in SMC-D connection dump
    - tcp: make sure init the accept_queue's spinlocks once
    - bnxt_en: Wait for FLR to complete during probe
    - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
    - llc: make llc_ui_sendmsg() more robust against bonding changes
    - llc: Drop support for ETH_P_TR_802_2.
    - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
    - tracing: Ensure visibility when inserting an element into tracing_map
    - afs: Hide silly-rename files from userspace
    - tcp: Add memory barrier to tcp_push()
    - netlink: fix potential sleeping issue in mqueue_flush_file
    - ipv6: init the accept_queue's spinlocks in inet6_create
    - net/mlx5: DR, Use the right GVMI number for drop action
    - net/mlx5: DR, Align mlx5dv_dr API vport action with FW behavior
    - net/mlx5: DR, Can't go to uplink vport on RX rule
    - net/mlx5e: fix a double-free in arfs_create_groups
    - net/mlx5e: fix a potential double-free in fs_any_create_groups
    - overflow: Allow mixed type arguments
    - netfilter: nft_limit: reject configurations that cause integer overflow
    - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
    - netfilter: nf_tables: validate NFPROTO_* family
    - net: stmmac: Wait a bit for the reset to take effect
    - net: mvpp2: clear BM pool before initialization
    - selftests: netdevsim: fix the udp_tunnel_nic test
    - fjes: fix memleaks in fjes_hw_setup
    - net: fec: fix the unhandled context fault from smmu
    - btrfs: fix infinite directory reads
    - btrfs: set last dir index to the current last index when opening dir
    - btrfs: refresh dir last index during a rewinddir(3) call
    - btrfs: fix race between reading a directory and adding entries to it
    - btrfs: avoid copying

2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059143 Remove getabis scripts
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.



About   -   Send Feedback to @ubuntu_updates