UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
Latest version: 5.15.0-164.174
Release: jammy (22.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux" in Jammy

Repository Area Version
base main 5.15.0-25.25
updates main 5.15.0-164.174
proposed main 5.15.0-165.175
PPA: Canonical Kernel Team 5.15.0-166.176

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-164.174 2025-12-11 14:07:47 UTC

  linux (5.15.0-164.174) jammy; urgency=medium

  * jammy/linux: 5.15.0-164.174 -proposed tracker (LP: #2131429)

  * CVE-2024-53218
    - f2fs: fix race in concurrent f2fs_stop_gc_thread

  * CVE-2024-47691
    - f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()

  * CVE-2025-39993
    - media: rc: fix races with imon_disconnect()

  * i40e driver is triggering VF resets on every link state change
    (LP: #2130552)
    - i40e: avoid redundant VF link state updates

  * CVE-2025-40018
    - ipvs: Defer ip_vs_ftp unregister during netns cleanup

  * CVE-2025-21855
    - ibmvnic: Don't reference skb after sending to VIOS

  * CVE-2024-50067
    - uprobes: encapsulate preparation of uprobe args buffer
    - uprobe: avoid out-of-bounds memory access of fetching args

  * CVE-2024-53090
    - afs: Fix lock recursion

  * CVE-2025-39964
    - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg
    - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx

  * CVE-2022-49390
    - macsec: fix UAF bug for real_dev

 -- Manuel Diewald <email address hidden> Fri, 14 Nov 2025 17:49:39 +0100
Source diff to previous version
2130552 i40e driver is triggering VF resets on every link state change
CVE-2024-53218 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix race in concurrent f2fs_stop_gc_thread In my test case, concurrent ca
CVE-2024-47691 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() syzbot reports a f2f
CVE-2025-39993 In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as bel
CVE-2025-40018 In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path
CVE-2025-21855 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successful
CVE-2024-50067 In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetc
CVE-2024-53090 In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The
CVE-2025-39964 In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two write
CVE-2022-49390 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get referen

Version: 5.15.0-163.173 2025-12-03 12:07:51 UTC

  linux (5.15.0-163.173) jammy; urgency=medium

  * jammy/linux: 5.15.0-163.173 -proposed tracker (LP: #2127867)

  * Add pvpanic kernel modules to linux-modules (LP: #2126659)
    - [Packaging] Add pvpanic kernel modules to linux-modules

  * Ubuntu 24.04.2: error in audit_log_object_context keep printing in the
    kernel and console (LP: #2123815)
    - SAUCE: fix: apparmor4.0.0 [26/90]: LSM stacking v39: Audit: Add record
      for multiple object contexts

  * Hung task when heavily accessing kernfs files (LP: #2125142)
    - kernfs: switch global kernfs_rwsem lock to per-fs lock
    - kernfs: dont take i_lock on inode attr read
    - kernfs: move struct kernfs_root out of the public view.
    - kernfs: Introduce separate rwsem to protect inode attributes.
    - kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info.
    - kernfs: change kernfs_rename_lock into a read-write lock.
    - kernfs: prevent early freeing of root node
    - kernfs: remove redundant kernfs_rwsem declaration.
    - kernfs: fix NULL dereferencing in kernfs_remove
    - kernfs: fix potential NULL dereference in __kernfs_remove
    - kernfs: fix missing kernfs_iattr_rwsem locking

  * ensure mptcp keepalives are honored when set (LP: #2125444)
    - mptcp: sockopt: make sync_socket_options propagate SOCK_KEEPOPEN

  * UBUNTU: fan: fail to check kmalloc() return could cause a NULL pointer
    dereference (LP: #2125053)
    - SAUCE: fan: vxlan: check memory allocation for map

  * Jammy update: v5.15.193 upstream stable release (LP: #2127112)
    - [Config] enable CONFIG_MITIGATION_VMSCAPE
    - Linux 5.15.193

  * Jammy update: v5.15.192 upstream stable release (LP: #2126782)
    - bpf: Add cookie object to bpf maps
    - bpf: Move cgroup iterator helpers to bpf.h
    - bpf: Move bpf map owner out of common struct
    - bpf: Fix oob access in cgroup local storage
    - drm/amd/display: Don't warn when missing DCE encoder caps
    - fs: writeback: fix use-after-free in __mark_inode_dirty()
    - tee: fix NULL pointer dereference in tee_shm_put
    - arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3399-pinebook-pro
    - wifi: cfg80211: fix use-after-free in cmp_bss()
    - netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in()
      after confirm
    - netfilter: conntrack: helper: Replace -EEXIST by -EBUSY
    - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
    - xirc2ps_cs: fix register access when enabling FullDuplex
    - mISDN: Fix memory leak in dsp_hwec_enable()
    - icmp: fix icmp_ndo_send address translation for reply direction
    - i40e: Fix potential invalid access when MAC list is empty
    - net: ethernet: mtk_eth_soc: fix tx vlan tag for llc packets
    - wifi: cw1200: cap SSID length in cw1200_do_join()
    - wifi: libertas: cap SSID len in lbs_associate()
    - net: thunder_bgx: add a missing of_node_put
    - net: thunder_bgx: decrement cleanup index before use
    - ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init()
    - ax25: properly unshare skbs in ax25_kiss_rcv()
    - net: atm: fix memory leak in atm_register_sysfs when device_register
      fail
    - ppp: fix memory leak in pad_compress_skb
    - ptp: Add generic PTP is_sync() function
    - net: phy: mscc: Fix memory leak when using one step timestamping
    - phy: mscc: Stop taking ts_lock for tx_queue and use its own lock
    - ALSA: usb-audio: Add mute TLV for playback volumes on some devices
    - pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()
    - x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and
      arch_sync_kernel_mappings()
    - mm: move page table sync declarations to linux/pgtable.h
    - wifi: mwifiex: Initialize the chan_stats array to zero
    - drm/amdgpu: drop hw access in non-DC audio fini
    - scsi: lpfc: Fix buffer free/clear order in deferred receive path
    - batman-adv: fix OOB read/write in network-coding decode
    - e1000e: fix heap overflow in e1000_set_eeprom
    - mm/khugepaged: fix ->anon_vma race
    - cpufreq/sched: Explicitly synchronize limits_changed flag handling
    - KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer
    - spi: tegra114: Remove unnecessary NULL-pointer checks
    - spi: tegra114: Don't fail set_cs_timing when delays are zero
    - iio: chemical: pms7003: use aligned_s64 for timestamp
    - iio: light: opt3001: fix deadlock due to concurrent flag access
    - gpio: pca953x: fix IRQ storm on system wake up
    - dma-buf: insert memory barrier before updating num_fences
    - dmaengine: mediatek: Fix a possible deadlock error in
      mtk_cqdma_tx_status()
    - net: dsa: microchip: update tag_ksz masks for KSZ9477 family
    - net: dsa: microchip: linearize skb for tail-tagging switches
    - vmxnet3: update MTU after device quiesce
    - arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs
    - randstruct: gcc-plugin: Remove bogus void member
    - randstruct: gcc-plugin: Fix attribute addition
    - mm/slub: avoid accessing metadata when pointer is invalid in
      object_err()
    - ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model
    - pcmcia: Add error handling for add_interval() in do_validate_mem()
    - spi: spi-fsl-lpspi: Fix transmissions when using CONT
    - spi: spi-fsl-lpspi: Set correct chip-select polarity bit
    - spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort
    - drm/bridge: ti-sn65dsi86: fix REFCLK setting
    - perf bpf-event: Fix use-after-free in synthesis
    - clk: qcom: gdsc: Set retain_ff before moving to HW CTRL
    - spi: tegra114: Use value to check for invalid delays
    - dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status()
    - Linux 5.15.192

  * Jammy update: v5.15.191 upstream stable release (LP: #2125626)
    - pinctrl: STMFX: add missing HAS_IOMEM dependency
    - ftrace: Fix potential warning in trace_printk_seq during ftrace_dump
    - scsi: core: sysfs: Correct sy
Source diff to previous version
2126659 Add pvpanic kernel modules to linux-modules
2123815 Ubuntu 24.04.2: error in audit_log_object_context keep printing in the kernel and console
2125142 Hung task when heavily accessing kernfs files
2125444 ensure mptcp keepalives are honored when set
2125053 UBUNTU: fan: fail to check kmalloc() return could cause a NULL pointer dereference
2127112 Jammy update: v5.15.193 upstream stable release
2126782 Jammy update: v5.15.192 upstream stable release
2125626 Jammy update: v5.15.191 upstream stable release
2122364 Jammy update: v5.15.190 upstream stable release
2127864 UBUNTU: SAUCE: Revert \
2124105 VMSCAPE CVE-2025-40300
CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read)
CVE-2024-50061 In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Du
CVE-2023-53074 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini The call trace occurs w
CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable upda
CVE-2024-53068 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev
CVE-2025-40300 In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that ex

Version: 5.15.0-161.171 2025-11-03 18:07:30 UTC

  linux (5.15.0-161.171) jammy; urgency=medium

  * jammy/linux: 5.15.0-161.171 -proposed tracker (LP: #2127389)

  * VMSCAPE CVE-2025-40300 (LP: #2124105) // CVE-2025-40300
    - Documentation/hw-vuln: Add VMSCAPE documentation
    - x86/vmscape: Enumerate VMSCAPE bug
    - x86/vmscape: Add conditional IBPB mitigation
    - x86/vmscape: Enable the mitigation
    - x86/bugs: Move cpu_bugs_smt_update() down
    - x86/vmscape: Warn when STIBP is disabled with SMT
    - x86/vmscape: Add old Intel CPUs to affected list

  * VMSCAPE CVE-2025-40300 (LP: #2124105)
    - [Config] Enable MITIGATION_VMSCAPE config

 -- Manuel Diewald <email address hidden> Fri, 10 Oct 2025 20:13:58 +0200
Source diff to previous version
2124105 VMSCAPE CVE-2025-40300
CVE-2025-40300 In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that ex

Version: 5.15.0-160.170 2025-10-20 14:07:45 UTC

  linux (5.15.0-160.170) jammy; urgency=medium

  * jammy/linux: 5.15.0-160.170 -proposed tracker (LP: #2126548)

  * [Regression Updates] System hangs when loading audit rules
    (5.15.0-156.166) (LP: #2126434)
    - netlink: avoid infinite retry looping in netlink_unicast()
Source diff to previous version
2126434 [Regression Updates] System hangs when loading audit rules (5.15.0-156.166)

Version: 5.15.0-157.167 2025-10-01 20:07:11 UTC

  linux (5.15.0-157.167) jammy; urgency=medium

  * jammy/linux: 5.15.0-157.167 -proposed tracker (LP: #2124010)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  * CVE-2025-38477
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class

  * CVE-2025-38617
    - net/packet: fix a race in packet_set_ring() and packet_notifier()

  * CVE-2025-38618
    - vsock: Do not allow binding to VMADDR_PORT_ANY

 -- Manuel Diewald <email address hidden> Wed, 17 Sep 2025 21:47:09 +0200
1786013 Packaging resync
CVE-2025-38477 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can oc
CVE-2025-38617 In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_s
CVE-2025-38618 In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to au


About   -   Send Feedback to @ubuntu_updates