UbuntuUpdates.org

Package "linux-azure-6.8-headers-6.8.0-1021"

Name: linux-azure-6.8-headers-6.8.0-1021

Description:

Header files related to Linux kernel version 6.8.0
Latest version: 6.8.0-1021.25~22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux-azure-6.8

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "linux-azure-6.8-headers-6.8.0-1021"

All arch deb package
APT INSTALL

Other versions of "linux-azure-6.8-headers-6.8.0-1021" in Jammy

Repository Area Version
updates main 6.8.0-1021.25~22.04.1

Changelog

Version: 6.8.0-1021.25~22.04.1 2025-02-12 19:07:05 UTC

  linux-azure-6.8 (6.8.0-1021.25~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.8: 6.8.0-1021.25~22.04.1 -proposed tracker
    (LP: #2093489)

  [ Ubuntu: 6.8.0-1021.25 ]

  * noble/linux-azure: 6.8.0-1021.25 -proposed tracker (LP: #2093490)
  [ Ubuntu: 6.8.0-52.53 ]
  * noble/linux: 6.8.0-52.53 -proposed tracker (LP: #2093521)
  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment
  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt
  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- John Cabaj <email address hidden> Thu, 16 Jan 2025 13:20:17 -0600
Source diff to previous version
CVE-2024-53164 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc
CVE-2024-53141 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_
CVE-2024-53103 In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs

Version: 6.8.0-1020.23~22.04.1 2025-01-08 23:06:56 UTC

  linux-azure-6.8 (6.8.0-1020.23~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.8: 6.8.0-1020.23~22.04.1 -proposed tracker
    (LP: #2090333)

  [ Ubuntu: 6.8.0-1020.23 ]

  * noble/linux-azure: 6.8.0-1020.23 -proposed tracker (LP: #2090334)
  [ Ubuntu: 6.8.0-51.52 ]
  * noble/linux: 6.8.0-51.52 -proposed tracker (LP: #2090369)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update variants
  * MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
    (LP: #2087886)
    - mm/mglru: only clear kswapd_failures if reclaimable
  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

 -- John Cabaj <email address hidden> Mon, 09 Dec 2024 10:41:43 -0600
Source diff to previous version
1786013 Packaging resync
2087886 MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1

Version: 6.8.0-1018.21~22.04.1 2024-11-20 14:06:51 UTC

  linux-azure-6.8 (6.8.0-1018.21~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.8: 6.8.0-1018.21~22.04.1 -proposed tracker
    (LP: #2085914)

  [ Ubuntu: 6.8.0-1018.21 ]

  * noble/linux-azure: 6.8.0-1018.21 -proposed tracker (LP: #2085915)
  [ Ubuntu: 6.8.0-49.49 ]
  * noble/linux: 6.8.0-49.49 -proposed tracker (LP: #2085942)
  * CVE-2024-46800
    - sch/netem: fix use after free in netem_dequeue
  * mm/folios: xfs hangs with hung task timeouts with corrupted folio pointer
    lists (LP: #2085495)
    - lib/xarray: introduce a new helper xas_get_order
    - mm/filemap: return early if failed to allocate memory for split
    - mm/filemap: optimize filemap folio adding
  * CVE-2024-43882
    - exec: Fix ToCToU between perm check and set-uid/gid usage

 -- John Cabaj <email address hidden> Thu, 07 Nov 2024 16:27:43 -0600
Source diff to previous version
2085495 mm/folios: xfs hangs with hung task timeouts with corrupted folio pointer lists
CVE-2024-46800 In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues pack
CVE-2024-43882 In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file f

Version: 6.8.0-1017.20~22.04.1 2024-10-31 02:07:15 UTC

  linux-azure-6.8 (6.8.0-1017.20~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.8: 6.8.0-1017.20~22.04.1 -proposed tracker
    (LP: #2082404)

  [ Ubuntu: 6.8.0-1017.20 ]

  * noble/linux-azure: 6.8.0-1017.20 -proposed tracker (LP: #2082405)
  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] azure: update dependencies for perf
  * Noble update: upstream stable patchset 2024-09-02 (LP: #2078304)
    - [Config] azure: Update CONFIG_SERIAL_MULTI_INSTANTIATE
  * RDMA/mana_ib patches (LP: #2084052)
    - RDMA/mana_ib: use the correct page table index based on hardware page size
    - RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page
  [ Ubuntu: 6.8.0-48.48 ]
  * noble/linux: 6.8.0-48.48 -proposed tracker (LP: #2082437)
  * [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel
    CPUs (LP: #2077470)
    - x86/cpu/vfm: Update arch/x86/include/asm/intel-family.h
    - cpufreq: intel_pstate: Allow model specific EPPs
    - cpufreq: intel_pstate: Update default EPPs for Meteor Lake
    - cpufreq: intel_pstate: Switch to new Intel CPU model defines
    - cpufreq: intel_pstate: Update Meteor Lake EPPs
    - cpufreq: intel_pstate: Use Meteor Lake EPPs for Arrow Lake
    - cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids
  * power: Enable intel_rapl driver (LP: #2078834)
    - powercap: intel_rapl: Add support for ArrowLake-H platform
  * x86/vmware: Add TDX hypercall support (LP: #2077729)
    - x86/vmware: Introduce VMware hypercall API
    - x86/vmware: Add TDX hypercall support
  * Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
    (LP: #2076866)
    - mm/mempolicy: use numa_node_id() instead of cpu_to_node()
    - mm/numa_balancing: allow migrate on protnone reference with
      MPOL_PREFERRED_MANY policy
    - mm: convert folio_estimated_sharers() to folio_likely_mapped_shared()
    - mm: factor out the numa mapping rebuilding into a new helper
    - mm: support multi-size THP numa balancing
    - mm/migrate: make migrate_misplaced_folio() return 0 on success
    - mm/migrate: move NUMA hinting fault folio isolation + checks under PTL
    - mm: fix possible OOB in numa_rebuild_large_mapping()
  * Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix
    L2 Guest hang during LTP Test (LP: #2076147)
    - mm: hold PTL from the first PTE while reclaiming a large folio
  * KOP L2 guest fails to boot with 1 core - SMT8 topology (LP: #2070329)
    - KVM: PPC: Book3S HV nestedv2: Add DPDES support in helper library for Guest
      state buffer
    - KVM: PPC: Book3S HV nestedv2: Fix doorbell emulation
  * L2 Guest migration: continuously dumping while running NFS guest migration
    (LP: #2076406)
    - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3
    - KVM: PPC: Book3S HV: Fix the get_one_reg of SDAR
    - KVM: PPC: Book3S HV: Add one-reg interface for DEXCR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest DEXCR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHKEYR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHPKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHPKEYR in sync
  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] perf: reenable libtraceevent
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Fix alsa scarlett2 driver in 6.8 (LP: #2076402)
    - ALSA: scarlett2: Move initialisation code lower in the source
    - ALSA: scarlett2: Implement handling of the ACK notification
  * rtw89: reset IDMEM mode to prevent download firmware failure (LP: #2077396)
    - wifi: rtw89: 885xb: reset IDMEM mode to prevent download firmware failure
  * CVE-2024-43858
    - jfs: Fix array-index-out-of-bounds in diFree
  * CVE-2024-42280
    - mISDN: Fix a use after free in hfcmulti_tx()
  * CVE-2024-42271
    - net/iucv: fix use after free in iucv_sock_close()
  * [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
    (LP: #2060039)
    - powerpc/64s/radix/kfence: map __kfence_pool at page granularity
  * Noble update: upstream stable patchset 2024-09-09 (LP: #2079945)
    - ocfs2: add bounds checking to ocfs2_check_dir_entry()
    - jfs: don't walk off the end of ealist
    - fs/ntfs3: Add a check for attr_names and oatbl
    - fs/ntfs3: Validate ff offset
    - usb: gadget: midi2: Fix incorrect default MIDI2 protocol setup
    - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    - arm64: dts: qcom: qrb4210-rb2: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sm6350: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB
    - ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused
    - ALSA: seq: ump: Skip useless ports for static blocks
    - filelock: Fix fcntl/close race recovery compat path
    - tun: add missing verification for short frame
    - tap: add missing verification for short frame
    - s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()
    - ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop
    - arm64: dts: qcom: sc7180: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: sc7280: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: qrb2210-rb1: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8998: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq8074: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm845: Disable SS instance in Parkmode for USB
    - Upstream stable to
Source diff to previous version
2076190 perf build disables tracepoint support
2078304 Noble update: upstream stable patchset 2024-09-02
2084052 RDMA/mana_ib patches
2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs
2078834 power: Enable intel_rapl driver
2077729 x86/vmware: Add TDX hypercall support
2076866 Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
2076147 Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix L2 Guest hang during LTP Test
2070329 KOP L2 guest fails to boot with 1 core - SMT8 topology
2076406 L2 Guest migration: continuously dumping while running NFS guest migration
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2076402 Fix alsa scarlett2 driver in 6.8
2060039 [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
2079945 Noble update: upstream stable patchset 2024-09-09
2078041 UBSAN: array-index-out-of-bounds in /build/linux-Z1RxaK/linux-6.8.0/drivers/gpu/drm/amd/amdgpu/../pm/powerplay/hwmgr/processpptables.c:1249:61
2077690 alsa: Headphone and Speaker couldn't output sound intermittently
2077858 Fix ethernet performance on JSL and EHL
2078289 Noble update: upstream stable patchset 2024-08-29
2076675 [SRU][HPE 24.04] Intel FVL NIC FW flash fails with inbox driver, causing driver not detected
2073695 Deadlock occurs while suspending md raid
2076361 Lenovo X12 Detachable Gen 2 unresponsive under light load
2072679 Regression: unable to reach low idle states on Tiger Lake
2077600 Noble update: upstream stable patchset 2024-08-22
2069993 Panels show garbage or flickering when i915.psr2 enabled
2062951 Random flickering with Intel i915 (Gen9 GPUs in 6th-8th gen CPUs) on Linux 6.8
2073583 [SRU][22.04.5]: mpi3mr driver update
2076435 Noble update: upstream stable patchset 2024-08-09
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
CVE-2024-43858 In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree
CVE-2024-42280 In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after callin
CVE-2024-42271 In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called f
CVE-2024-27022 In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a
CVE-2024-41022 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" v
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu

Version: 6.8.0-1015.17~22.04.2 2024-10-23 13:06:48 UTC

  linux-azure-6.8 (6.8.0-1015.17~22.04.2) jammy; urgency=medium

  * jammy/linux-azure-6.8: 6.8.0-1015.17~22.04.2 -proposed tracker
    (LP: #2078073)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 6.8.0-1015.17 ]

  * noble/linux-azure: 6.8.0-1015.17 -proposed tracker (LP: #2078074)
  [ Ubuntu: 6.8.0-45.45 ]
  * noble/linux: 6.8.0-45.45 -proposed tracker (LP: #2078100)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/s2024.08.05)
  * Noble update: upstream stable patchset 2024-08-09 (LP: #2076435) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * Noble update: upstream stable patchset 2024-08-22 (LP: #2077600) //
    CVE-2024-42224
    - net: dsa: mv88e6xxx: Correct check for empty list
  * Noble update: upstream stable patchset 2024-08-22 (LP: #2077600) //
    CVE-2024-42154
    - tcp_metrics: validate source addr length
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-42159
    - scsi: mpi3mr: Sanitise num_phys

 -- John Cabaj <email address hidden> Tue, 01 Oct 2024 13:33:35 -0500
1786013 Packaging resync
2076435 Noble update: upstream stable patchset 2024-08-09
2077600 Noble update: upstream stable patchset 2024-08-22
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-42224 In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("n
CVE-2024-42154 In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-42159 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask,


About   -   Send Feedback to @ubuntu_updates