UbuntuUpdates.org

Package "linux-headers-5.15.0-124"

Name: linux-headers-5.15.0-124

Description:

Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-124.134
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux

Links


Download "linux-headers-5.15.0-124"


Other versions of "linux-headers-5.15.0-124" in Jammy

Repository Area Version
updates main 5.15.0-124.134

Changelog

Version: 5.15.0-117.127 2024-07-25 02:07:26 UTC

  linux (5.15.0-117.127) jammy; urgency=medium

  * jammy/linux: 5.15.0-117.127 -proposed tracker (LP: #2072059)

  * CVE-2024-27017
    - netfilter: nft_set_pipapo: constify lookup fn args where possible
    - netfilter: nft_set_pipapo: walk over current view on netlink dump
    - netfilter: nf_tables: missing iterator type in lookup walk

  * CVE-2024-26952
    - ksmbd: fix potencial out-of-bounds when buffer offset is invalid

  * CVE-2024-26886
    - Bluetooth: af_bluetooth: Fix deadlock

  * CVE-2023-52752
    - smb: client: fix use-after-free bug in cifs_debug_data_proc_show()

  * CVE-2024-25742
    - x86/sev: Harden #VC instruction emulation somewhat
    - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler

  * CVE-2024-36016
    - tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

 -- Manuel Diewald <email address hidden> Fri, 05 Jul 2024 17:04:46 +0200

Source diff to previous version
CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generatio
CVE-2024-26952 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potenc
CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may
CVE-2023-52752 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB ses
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following

Version: 5.15.0-116.126 2024-07-15 15:07:26 UTC

  linux (5.15.0-116.126) jammy; urgency=medium

  * jammy/linux: 5.15.0-116.126 -proposed tracker (LP: #2071603)

  * idxd: NULL pointer dereference reading wq op_config attribute (LP: #2069081)
    - SAUCE: dmaengine: idxd: set is_visible member of idxd_wq_attribute_group

  * AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to
    black screen (LP: #2068738)
    - SAUCE: Revert "drm/amdgpu: init iommu after amdkfd device init"

Source diff to previous version
2069081 idxd: NULL pointer dereference reading wq op_config attribute
2068738 AMD GPUs fail with null pointer dereference when IOMMU enabled, leading to black screen

Version: 5.15.0-113.123 2024-06-26 21:07:26 UTC

  linux (5.15.0-113.123) jammy; urgency=medium

  * jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)

  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element

  * CVE-2024-26643
    - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
      timeout

 -- Roxana Nicolescu <email address hidden> Mon, 10 Jun 2024 09:55:36 +0200

Source diff to previous version
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-112.122 2024-06-06 18:07:35 UTC

  linux (5.15.0-112.122) jammy; urgency=medium

  * jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)

  * CVE-2024-21823
    - dmanegine: idxd: reformat opcap output to match bitmap_parse() input
    - dmaengine: idxd: add WQ operation cap restriction support
    - dmaengine: idxd: add knob for enqcmds retries
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

Source diff to previous version
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow

Version: 5.15.0-107.117 2024-05-14 10:19:11 UTC

  linux (5.15.0-107.117) jammy; urgency=medium

  * jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)

  * CVE-2023-52530
    - wifi: mac80211: fix potential key use-after-free

  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()

  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach

 -- Stefan Bader <email address hidden> Fri, 26 Apr 2024 13:35:57 +0200

CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by



About   -   Send Feedback to @ubuntu_updates