Package "linux-headers-6.5.0-1022-aws"
Name: |
linux-headers-6.5.0-1022-aws
|
Description: |
Linux kernel headers for version 6.5.0 on 64 bit x86 SMP
|
Latest version: |
6.5.0-1022.22~22.04.1 |
Release: |
jammy (22.04) |
Level: |
security |
Repository: |
main |
Head package: |
linux-aws-6.5 |
Links
Download "linux-headers-6.5.0-1022-aws"
Other versions of "linux-headers-6.5.0-1022-aws" in Jammy
Changelog
linux-aws-6.5 (6.5.0-1022.22~22.04.1) jammy; urgency=medium
* jammy/linux-aws-6.5: 6.5.0-1022.22~22.04.1 -proposed tracker (LP: #2068166)
* Packaging resync (LP: #1786013)
- [Packaging] update variants
[ Ubuntu: 6.5.0-1022.22 ]
* mantic/linux-aws: 6.5.0-1022.22 -proposed tracker (LP: #2068167)
* mantic/linux: 6.5.0-42.42 -proposed tracker (LP: #2068188)
* CVE-2024-26925
- netfilter: nf_tables: release batch on table validation from abort path
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26809
- netfilter: nft_set_pipapo: release elements in clone only from destroy path
* Mantic update: upstream stable patchset 2024-04-02 (LP: #2059991) //
CVE-2024-26809
- netfilter: nft_set_pipapo: store index in scratch maps
- netfilter: nft_set_pipapo: add helper to release pcpu scratch area
- netfilter: nft_set_pipapo: remove scratch_aligned pointer
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
* mantic/linux: 6.5.0-41.41 -proposed tracker (LP: #2065893)
* CVE-2024-21823
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- dmaengine: idxd: add a new security check to deal with a hardware erratum
- dmaengine: idxd: add a write() method for applications to submit work
-- Philip Cox <email address hidden> Fri, 14 Jun 2024 10:54:56 -0400
|
Source diff to previous version |
1786013 |
Packaging resync |
2059991 |
Mantic update: upstream stable patchset 2024-04-02 |
CVE-2024-26925 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co |
CVE-2024-26924 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with |
CVE-2024-26809 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo |
CVE-2024-26643 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
CVE-2024-21823 |
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow |
|
linux-aws-6.5 (6.5.0-1021.21~22.04.1) jammy; urgency=medium
* jammy/linux-aws-6.5: 6.5.0-1021.21~22.04.1 -proposed tracker (LP: #2063690)
[ Ubuntu: 6.5.0-1021.21 ]
* mantic/linux-aws: 6.5.0-1021.21 -proposed tracker (LP: #2063691)
* aws: Support hibernation on Graviton (LP: #2060992)
- SAUCE: firmware/psci: Add definitions for PSCI v1.3 specification (ALPHA)
- SAUCE: KVM: arm64: Add PSCI v1.3 SYSTEM_OFF2 function for hibernation
- SAUCE: KVM: arm64: Add support for PSCI v1.2 and v1.3
- SAUCE: KVM: selftests: Add test for PSCI SYSTEM_OFF2
- SAUCE: KVM: arm64: nvhe: Pass through PSCI v1.3 SYSTEM_OFF2 call
- SAUCE: arm64: Use SYSTEM_OFF2 PSCI call to power off for hibernate
- SAUCE: ACPICA: Detect FACS even for hardware reduced platforms
- SAUCE: arm64: acpi: Honour firmware_signature field of FACS, if it exists
- [Config]: Enable hibernate on arm64
- [Config]: Enable hibernate on arm64
* mantic/linux: 6.5.0-40.40 -proposed tracker (LP: #2063709)
* [Mantic] Compile broken on armhf (cc1 out of memory) (LP: #2060446)
- Revert "minmax: relax check to allow comparison between unsigned arguments
and signed constants"
- Revert "minmax: allow comparisons of 'int' against 'unsigned char/short'"
- Revert "minmax: allow min()/max()/clamp() if the arguments have the same
signedness."
- Revert "minmax: add umin(a, b) and umax(a, b)"
* Drop fips-checks script from trees (LP: #2055083)
- [Packaging] Remove fips-checks script
* alsa/realtek: adjust max output valume for headphone on 2 LG machines
(LP: #2058573)
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines
* Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284)
- asm-generic: make sparse happy with odd-sized put_unaligned_*()
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
- arm64: irq: set the correct node for VMAP stack
- drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
- powerpc: Fix build error due to is_valid_bugaddr()
- powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
- powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping()
- x86/boot: Ignore NMIs during very early boot
- powerpc: pmd_move_must_withdraw() is only needed for
CONFIG_TRANSPARENT_HUGEPAGE
- powerpc/lib: Validate size for vector operations
- x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
- perf/core: Fix narrow startup race when creating the perf nr_addr_filters
sysfs file
- debugobjects: Stop accessing objects after releasing hash bucket lock
- regulator: core: Only increment use_count when enable_count changes
- audit: Send netlink ACK before setting connection in auditd_set
- ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
- PNP: ACPI: fix fortify warning
- ACPI: extlog: fix NULL pointer dereference check
- ACPI: NUMA: Fix the logic of getting the fake_pxm value
- PM / devfreq: Synchronize devfreq_monitor_[start/stop]
- ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
events
- FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
- jfs: fix array-index-out-of-bounds in dbAdjTree
- pstore/ram: Fix crash when setting number of cpus to an odd number
- crypto: octeontx2 - Fix cptvf driver cleanup
- erofs: fix ztailpacking for subpage compressed blocks
- crypto: stm32/crc32 - fix parsing list of devices
- afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
- afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
- rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
- jfs: fix array-index-out-of-bounds in diNewExt
- arch: consolidate arch_irq_work_raise prototypes
- s390/vfio-ap: fix sysfs status attribute for AP queue devices
- s390/ptrace: handle setting of fpc register correctly
- KVM: s390: fix setting of fpc register
- SUNRPC: Fix a suspicious RCU usage warning
- ecryptfs: Reject casefold directory inodes
- ext4: fix inconsistent between segment fstrim and full fstrim
- ext4: unify the type of flexbg_size to unsigned int
- ext4: remove unnecessary check from alloc_flex_gd()
- ext4: avoid online resizing failures due to oversized flex bg
- wifi: rt2x00: restart beacon queue when hardware reset
- selftests/bpf: satisfy compiler by having explicit return in btf test
- selftests/bpf: Fix pyperf180 compilation failure with clang18
- wifi: rt2x00: correct wrong BBP register in RxDCOC calibration
- selftests/bpf: Fix issues in setup_classid_environment()
- soc: xilinx: Fix for call trace due to the usage of smp_processor_id()
- soc: xilinx: fix unhandled SGI warning message
- scsi: lpfc: Fix possible file string name overflow when updating firmware
- PCI: Add no PM reset quirk for NVIDIA Spectrum devices
- bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
- net: usb: ax88179_178a: avoid two consecutive device resets
- scsi: arcmsr: Support new PCI device IDs 1883 and 1886
- ARM: dts: imx7d: Fix coresight funnel ports
- ARM: dts: imx7s: Fix lcdif compatible
- ARM: dts: imx7s: Fix nand-controller #size-cells
- wifi: ath9k: Fix potential array-index-out-of-bounds read in
ath9k_htc_txstatus()
- wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early
- bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
- scsi: libfc: Don't schedule abort twice
- scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
- bpf: Set uattr->batch.count as zero before batched update or deletion
- wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
- ARM: dts: rockchip: fix rk3036 hdmi ports node
- ARM: dts: imx25/27-eukrea: Fix RTC node name
- ARM: dts: imx: Use flash@
|
Source diff to previous version |
2060992 |
aws: Support hibernation on Graviton |
2060446 |
[Mantic] Compile broken on armhf (cc1 out of memory) |
2055083 |
Drop fips-checks script from trees |
2058573 |
alsa/realtek: adjust max output valume for headphone on 2 LG machines |
2059284 |
Mantic update: upstream stable patchset 2024-03-27 |
2059068 |
Mantic update: upstream stable patchset 2024-03-26 |
2056418 |
Fix headphone mic detection issue on ALC897 |
2057430 |
The screen brightness is unable to adjust on BOE panel DPN#R6FD8 |
2049733 |
Dynamically determine acpi_handle_list size |
2056403 |
Mantic update: upstream stable patchset 2024-03-07 |
CVE-2024-26582 |
In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_s |
CVE-2024-26584 |
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_ |
CVE-2024-26585 |
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous |
CVE-2024-26583 |
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one |
|
linux-aws-6.5 (6.5.0-1020.20~22.04.1) jammy; urgency=medium
* jammy/linux-aws-6.5: 6.5.0-1020.20~22.04.1 -proposed tracker (LP: #2063559)
[ Ubuntu: 6.5.0-1020.20 ]
* mantic/linux-aws: 6.5.0-1020.20 -proposed tracker (LP: #2063560)
* Packaging resync (LP: #1786013)
- [Packaging] Replace fs/cifs with fs/smb in inclusion list
* mantic/linux: 6.5.0-35.35 -proposed tracker (LP: #2063581)
* cifs: Copying file to same directory results in page fault (LP: #2060919)
- SAUCE: Revert "cifs: fix flushing folio regression for 6.1 backport"
* CVE-2024-26805
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
* CVE-2024-26801
- Bluetooth: Avoid potential use-after-free in hci_error_reset
* CVE-2024-26704
- ext4: fix double-free of blocks due to wrong extents moved_len
* CVE-2023-52601
- jfs: fix array-index-out-of-bounds in dbAdjTree
* CVE-2024-26635
- llc: Drop support for ETH_P_TR_802_2.
* CVE-2024-26622
- tomoyo: fix UAF write bug in tomoyo_write_control()
* CVE-2024-26614
- tcp: make sure init the accept_queue's spinlocks once
- ipv6: init the accept_queue's spinlocks in inet6_create
* CVE-2024-52615
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng
* CVE-2024-52602
- jfs: fix slab-out-of-bounds Read in dtSearch
* CVE-2023-47233
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
* CVE-2024-2201
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- x86/syscall: Don't force use of indirect calls for system calls
- x86/bhi: Add support for clearing branch history at syscall entry
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S
- x86/bhi: Enumerate Branch History Injection (BHI) bug
- x86/bhi: Add BHI mitigation knob
- x86/bhi: Mitigate KVM by default
- KVM: x86: Add BHI_NO
- [Config] Set CONFIG_BHI to enabled (auto)
-- Philip Cox <email address hidden> Wed, 01 May 2024 10:46:12 -0400
|
Source diff to previous version |
1786013 |
Packaging resync |
2060919 |
cifs: Copying file to same directory results in page fault |
CVE-2024-26805 |
In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported |
CVE-2024-26801 |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the |
CVE-2024-26704 |
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_ext |
CVE-2023-52601 |
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound chec |
CVE-2024-26635 |
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below |
CVE-2024-26622 |
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control( |
CVE-2024-26614 |
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc |
CVE-2023-47233 |
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by |
CVE-2024-2201 |
Native Branch History Injection |
|
linux-aws-6.5 (6.5.0-1018.18~22.04.1) jammy; urgency=medium
* jammy/linux-aws-6.5: 6.5.0-1018.18~22.04.1 -proposed tracker (LP: #2059685)
* Packaging resync (LP: #1786013)
- [Packaging] drop getabis data
[ Ubuntu: 6.5.0-1018.18 ]
* mantic/linux-aws: 6.5.0-1018.18 -proposed tracker (LP: #2059686)
* Packaging resync (LP: #1786013)
- [Packaging] drop getabis data
* mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
* Packaging resync (LP: #1786013)
- [Packaging] drop getabis data
* Remove getabis scripts (LP: #2059143)
- [Packaging] Remove getabis
* CVE-2023-52600
- jfs: fix uaf in jfs_evict_inode
* Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
CVE-2023-52603
- UBSAN: array-index-out-of-bounds in dtSplitRoot
* CVE-2024-26581
- netfilter: nft_set_rbtree: skip end interval element from gc
* Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
CVE-2024-26589
- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
* Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
CVE-2024-26591
- bpf: Fix re-attachment branch in bpf_tracing_prog_attach
* iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
- wifi: iwlwifi: pcie: fix RB status reading
-- Philip Cox <email address hidden> Fri, 05 Apr 2024 09:24:14 -0400
|
Source diff to previous version |
1786013 |
Packaging resync |
2059143 |
Remove getabis scripts |
2059284 |
Mantic update: upstream stable patchset 2024-03-27 |
2056403 |
Mantic update: upstream stable patchset 2024-03-07 |
2058808 |
iwlwifi disconnect and crash - intel wifi7 |
CVE-2023-52600 |
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th |
CVE-2023-52603 |
In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin |
CVE-2024-26581 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on |
CVE-2024-26589 |
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check |
CVE-2024-26591 |
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can |
|
linux-aws-6.5 (6.5.0-1017.17~22.04.2) jammy; urgency=medium
* Packaging resync (LP: #1786013)
- debian.aws-6.5/dkms-versions -- update from kernel-versions
(main/2024.03.04)
-- Philip Cox <email address hidden> Mon, 25 Mar 2024 13:52:21 -0400
|
|
About
-
Send Feedback to @ubuntu_updates