UbuntuUpdates.org

Package "linux-hwe-6.5-cloud-tools-common"

Name: linux-hwe-6.5-cloud-tools-common

Description:

Linux kernel version specific cloud tools for version 6.5.0

Latest version: 6.5.0-44.44~22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux-hwe-6.5

Links


Download "linux-hwe-6.5-cloud-tools-common"


Other versions of "linux-hwe-6.5-cloud-tools-common" in Jammy

Repository Area Version
updates main 6.5.0-45.45~22.04.1
proposed main 6.5.0-41.41~22.04.2
PPA: Canonical Kernel Team 6.5.0-44.44~22.04.1

Changelog

Version: 6.5.0-44.44~22.04.1 2024-07-16 23:07:13 UTC

  linux-hwe-6.5 (6.5.0-44.44~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.5: 6.5.0-44.44~22.04.1 -proposed tracker (LP: #2068337)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.hwe-6.5/dkms-versions -- update from kernel-versions
      (main/2024.06.10)

  [ Ubuntu: 6.5.0-44.44 ]

  * mantic/linux: 6.5.0-44.44 -proposed tracker (LP: #2068341)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * Some DUTs can't boot up after installing the proposed kernel on Mantic
    (LP: #2061940)
    - SAUCE: Revert "x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat
      section"
    - SAUCE: Revert "x86/boot: Increase section and file alignment to 4k/512"
    - SAUCE: Revert "x86/boot: Split off PE/COFF .data section"
    - SAUCE: Revert "x86/boot: Drop PE/COFF .reloc section"
    - SAUCE: Revert "x86/boot: Construct PE/COFF .text section from assembler"
    - SAUCE: Revert "x86/boot: Derive file size from _edata symbol"
    - SAUCE: Revert "x86/boot: Define setup size in linker script"
    - SAUCE: Revert "x86/boot: Set EFI handover offset directly in header asm"
    - SAUCE: Revert "x86/boot: Grab kernel_info offset from zoffset header
      directly"
    - SAUCE: Revert "x86/boot: Drop redundant code setting the root device"
    - SAUCE: Revert "x86/boot: Drop references to startup_64"
    - SAUCE: Revert "x86/boot: Omit compression buffer from PE/COFF image memory
      footprint"
    - SAUCE: Revert "x86/boot: Remove the 'bugger off' message"
    - SAUCE: Revert "x86/efi: Drop alignment flags from PE section headers"
    - SAUCE: Revert "x86/efi: Drop EFI stub .bss from .data section"
  * CVE-2023-52880
    - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  * i915 cannot probe successfully on HP ZBook Power 16 G11 (LP: #2067883)
    - drm/i915/mtl: Remove the 'force_probe' requirement for Meteor Lake
  * CVE-2024-26838
    - RDMA/irdma: Fix KASAN issue with tasklet
  * mtk_t7xx WWAN module fails to probe with: Invalid device status 0x1
    (LP: #2049358)
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: PCIe reset rescan"
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: Add AP CLDMA"
    - net: wwan: t7xx: Add AP CLDMA
    - wwan: core: Add WWAN fastboot port type
    - net: wwan: t7xx: Add sysfs attribute for device state machine
    - net: wwan: t7xx: Infrastructure for early port configuration
    - net: wwan: t7xx: Add fastboot WWAN port
  * TCP memory leak, slow network (arm64) (LP: #2045560)
    - net: make SK_MEMORY_PCPU_RESERV tunable
    - net: fix sk_memory_allocated_{add|sub} vs softirqs
  * CVE-2024-26923
    - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
    - af_unix: Fix garbage collector racing against connect()
  * Add support for Quectel EM160R-GL modem [1eac:100d] (LP: #2063399)
    - Add support for Quectel EM160R-GL modem
  * Add support for Quectel RM520N-GL modem [1eac:1007] (LP: #2063529)
    - Add support for Quectel RM520N-GL modem
    - Add support for Quectel RM520N-GL modem
  * [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes (LP: #2046722)
    - scsi: megaraid_sas: Log message when controller reset is requested but not
      issued
    - scsi: megaraid_sas: Driver version update to 07.727.03.00-rc1
  * Fix the RTL8852CE BT FW Crash based on SER false alarm (LP: #2060904)
    - wifi: rtw89: disable txptctrl IMR to avoid flase alarm
    - wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of
      firmware command
  * CVE-2024-23307
    - md/raid5: fix atomicity violation in raid5_cache_count
  * CVE-2024-26889
    - Bluetooth: hci_core: Fix possible buffer overflow
  * CVE-2024-24861
    - media: xc4000: Fix atomicity violation in xc4000_get_frequency
  * CVE-2023-6270
    - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  * CVE-2024-26642
    - netfilter: nf_tables: disallow anonymous set with timeout flag
  * CVE-2024-26926
    - binder: check offset alignment in binder_get_object()
  * CVE-2024-26922
    - drm/amdgpu: validate the parameters of bo mapping operations more clearly
  * CVE-2024-26803
    - net: veth: clear GRO when clearing XDP even when down
  * CVE-2024-26790
    - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
  * CVE-2024-26890
    - Bluetooth: hci_h5: Add ability to allocate memory for private data
    - Bluetooth: btrtl: fix out of bounds memory access
  * CVE-2024-26802
    - stmmac: Clear variable when destroying workqueue
  * CVE-2024-26798
    - fbcon: always restore the old font data in fbcon_do_set_font()
  * RTL8852BE fw security fail then lost WIFI function during suspend/resume
    cycle (LP: #2063096)
    - wifi: rtw89: download firmware with five times retry
  * Fix bluetooth connections with 3.0 device (LP: #2063067)
    - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown
  * CVE-2024-26733
    - arp: Prevent overflow in arp_req_get().
  * CVE-2024-26736
    - afs: Increase buffer size in afs_update_volume_status()
  * CVE-2024-26792
    - btrfs: fix double free of anonymous device after snapshot creation failure
  * CVE-2024-26782
    - mptcp: fix double-free on socket dismantle
  * CVE-2024-26748
    - usb: cdns3: fix memory double free when handle zero packet
  * CVE-2024-26735
    - ipv6: sr: fix possible use-after-free and null-ptr-deref
  * CVE-2024-26789
    - crypto: arm64/neonbs - fix out-of-bounds access on short input
  * CVE-2024-26734
    - devlink: fix possible use-after-free and memory leaks in devlink_init()
  * The keyboard does not work after latest kernel update (LP: #2060727)
    - Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID
  * proc_sched_rt01 from ubuntu_ltp failed (LP: #2057734)
    - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
    - sched/rt: Disallow writing i

Source diff to previous version
1786013 Packaging resync
2061940 Some DUTs can't boot up after installing the proposed kernel on Mantic
2067883 i915 cannot probe successfully on HP ZBook Power 16 G11
2045560 TCP memory leak, slow network (arm64)
2063399 Add support for Quectel EM160R-GL modem [1eac:100d]
2063529 Add support for Quectel RM520N-GL modem [1eac:1007]
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2063067 Fix bluetooth connections with 3.0 device
2060727 The keyboard does not work after latest kernel update
2057734 proc_sched_rt01 from ubuntu_ltp failed
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2059263 Fix acpi_power_meter accessing IPMI region before it's ready
2042546 Include cifs.ko in linux-modules package
2061814 Mantic update: upstream stable patchset 2024-04-16
2059991 Mantic update: upstream stable patchset 2024-04-02
2059068 Mantic update: upstream stable patchset 2024-03-26
CVE-2023-52880 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged us
CVE-2024-26838 In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following i
CVE-2024-26923 In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26889 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fix
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2023-6270 A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct n
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2024-26803 In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO aut
CVE-2024-26790 In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (
CVE-2024-26890 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KA
CVE-2024-26802 In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driv
CVE-2024-26798 In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26789 In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced i
CVE-2024-26734 In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The per
CVE-2024-26694 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data was
CVE-2024-26710 In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increa
CVE-2024-26712 In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, wh
CVE-2024-26593 In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheet
CVE-2024-26925 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 6.5.0-41.41~22.04.2 2024-06-18 16:07:06 UTC

  linux-hwe-6.5 (6.5.0-41.41~22.04.2) jammy; urgency=medium

  * jammy/linux-hwe-6.5: 6.5.0-41.41~22.04.2 -proposed tracker (LP: #2065891)

  [ Ubuntu: 6.5.0-41.41 ]

  * mantic/linux: 6.5.0-41.41 -proposed tracker (LP: #2065893)
  * CVE-2024-21823
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

  [ Ubuntu: 6.5.0-40.40 ]

  * mantic/linux: 6.5.0-40.40 -proposed tracker (LP: #2063709)
  * [Mantic] Compile broken on armhf (cc1 out of memory) (LP: #2060446)
    - Revert "minmax: relax check to allow comparison between unsigned arguments
      and signed constants"
    - Revert "minmax: allow comparisons of 'int' against 'unsigned char/short'"
    - Revert "minmax: allow min()/max()/clamp() if the arguments have the same
      signedness."
    - Revert "minmax: add umin(a, b) and umax(a, b)"
  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script
  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284)
    - asm-generic: make sparse happy with odd-sized put_unaligned_*()
    - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
    - arm64: irq: set the correct node for VMAP stack
    - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
    - powerpc: Fix build error due to is_valid_bugaddr()
    - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
    - powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping()
    - x86/boot: Ignore NMIs during very early boot
    - powerpc: pmd_move_must_withdraw() is only needed for
      CONFIG_TRANSPARENT_HUGEPAGE
    - powerpc/lib: Validate size for vector operations
    - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
    - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
      sysfs file
    - debugobjects: Stop accessing objects after releasing hash bucket lock
    - regulator: core: Only increment use_count when enable_count changes
    - audit: Send netlink ACK before setting connection in auditd_set
    - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
    - PNP: ACPI: fix fortify warning
    - ACPI: extlog: fix NULL pointer dereference check
    - ACPI: NUMA: Fix the logic of getting the fake_pxm value
    - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
    - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
      events
    - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
    - jfs: fix array-index-out-of-bounds in dbAdjTree
    - pstore/ram: Fix crash when setting number of cpus to an odd number
    - crypto: octeontx2 - Fix cptvf driver cleanup
    - erofs: fix ztailpacking for subpage compressed blocks
    - crypto: stm32/crc32 - fix parsing list of devices
    - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
    - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
    - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
    - jfs: fix array-index-out-of-bounds in diNewExt
    - arch: consolidate arch_irq_work_raise prototypes
    - s390/vfio-ap: fix sysfs status attribute for AP queue devices
    - s390/ptrace: handle setting of fpc register correctly
    - KVM: s390: fix setting of fpc register
    - SUNRPC: Fix a suspicious RCU usage warning
    - ecryptfs: Reject casefold directory inodes
    - ext4: fix inconsistent between segment fstrim and full fstrim
    - ext4: unify the type of flexbg_size to unsigned int
    - ext4: remove unnecessary check from alloc_flex_gd()
    - ext4: avoid online resizing failures due to oversized flex bg
    - wifi: rt2x00: restart beacon queue when hardware reset
    - selftests/bpf: satisfy compiler by having explicit return in btf test
    - selftests/bpf: Fix pyperf180 compilation failure with clang18
    - wifi: rt2x00: correct wrong BBP register in RxDCOC calibration
    - selftests/bpf: Fix issues in setup_classid_environment()
    - soc: xilinx: Fix for call trace due to the usage of smp_processor_id()
    - soc: xilinx: fix unhandled SGI warning message
    - scsi: lpfc: Fix possible file string name overflow when updating firmware
    - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
    - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
    - net: usb: ax88179_178a: avoid two consecutive device resets
    - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
    - ARM: dts: imx7d: Fix coresight funnel ports
    - ARM: dts: imx7s: Fix lcdif compatible
    - ARM: dts: imx7s: Fix nand-controller #size-cells
    - wifi: ath9k: Fix potential array-index-out-of-bounds read in
      ath9k_htc_txstatus()
    - wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early
    - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
    - scsi: libfc: Don't schedule abort twice
    - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
    - bpf: Set uattr->batch.count as zero before batched update or deletion
    - wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
    - ARM: dts: rockchip: fix rk3036 hdmi ports node
    - ARM: dts: imx25/27-eukrea: Fix RTC node name
    - ARM: dts: imx: Use flash@0,0 pattern
    - ARM: dts: imx27: Fix sram node
    - ARM: dts: imx1: Fix sram node
    - net: phy: at803x: fix passing the wrong reference for config_intr
    - ionic: pass opcode to devcmd_wait
    - ionic: bypass firmware cmds when stuck in reset
    - block/rnbd-srv: Check for unlikely string overflow
    - ARM: dts: imx25: Fix the iim compatible string
    - ARM: dts: imx25/27: Pass timing0
    - ARM: dts: imx27-apf27dev: Fix LED name
    - AR

Source diff to previous version
2060446 [Mantic] Compile broken on armhf (cc1 out of memory)
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2059284 Mantic update: upstream stable patchset 2024-03-27
2059068 Mantic update: upstream stable patchset 2024-03-26
2056418 Fix headphone mic detection issue on ALC897
2057430 The screen brightness is unable to adjust on BOE panel DPN#R6FD8
2049733 Dynamically determine acpi_handle_list size
2056403 Mantic update: upstream stable patchset 2024-03-07
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow
CVE-2024-26582 In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_s
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one

Version: 6.5.0-35.35~22.04.1 2024-05-14 10:19:11 UTC

  linux-hwe-6.5 (6.5.0-35.35~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.5: 6.5.0-35.35~22.04.1 -proposed tracker (LP: #2063577)

  [ Ubuntu: 6.5.0-35.35 ]

  * mantic/linux: 6.5.0-35.35 -proposed tracker (LP: #2063581)
  * cifs: Copying file to same directory results in page fault (LP: #2060919)
    - SAUCE: Revert "cifs: fix flushing folio regression for 6.1 backport"
  * CVE-2024-26805
    - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
  * CVE-2024-26801
    - Bluetooth: Avoid potential use-after-free in hci_error_reset
  * CVE-2024-26704
    - ext4: fix double-free of blocks due to wrong extents moved_len
  * CVE-2023-52601
    - jfs: fix array-index-out-of-bounds in dbAdjTree
  * CVE-2024-26635
    - llc: Drop support for ETH_P_TR_802_2.
  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()
  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create
  * CVE-2024-52615
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
  * CVE-2024-52602
    - jfs: fix slab-out-of-bounds Read in dtSearch
  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  * CVE-2024-2201
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)

 -- Roxana Nicolescu <email address hidden> Mon, 06 May 2024 17:02:09 +0200

Source diff to previous version
2060919 cifs: Copying file to same directory results in page fault
CVE-2024-26805 In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported
CVE-2024-26801 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the
CVE-2024-26704 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_ext
CVE-2023-52601 In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound chec
CVE-2024-26635 In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(
CVE-2024-26614 In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-2201 Native Branch History Injection

Version: 6.5.0-28.29~22.04.1 2024-04-19 07:33:21 UTC

  linux-hwe-6.5 (6.5.0-28.29~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.5: 6.5.0-28.29~22.04.1 -proposed tracker (LP: #2059702)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  [ Ubuntu: 6.5.0-28.29 ]

  * mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26591
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  * iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
    - wifi: iwlwifi: pcie: fix RB status reading

 -- Roxana Nicolescu <email address hidden> Thu, 04 Apr 2024 15:18:57 +0200

Source diff to previous version
1786013 Packaging resync
2059143 Remove getabis scripts
2059284 Mantic update: upstream stable patchset 2024-03-27
2056403 Mantic update: upstream stable patchset 2024-03-07
2058808 iwlwifi disconnect and crash - intel wifi7
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2024-26589 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check
CVE-2024-26591 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can

Version: 6.5.0-27.28~22.04.1 2024-04-08 22:07:14 UTC

  linux-hwe-6.5 (6.5.0-27.28~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.5: 6.5.0-27.28~22.04.1 -proposed tracker (LP: #2055580)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - debian.hwe-6.5/dkms-versions -- update from kernel-versions
      (main/2024.03.04)

  [ Ubuntu: 6.5.0-27.28 ]

  * mantic/linux: 6.5.0-27.28 -proposed tracker (LP: #2055584)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
  * CVE-2024-26597
    - net: qualcomm: rmnet: fix global oob in rmnet_policy
  * CVE-2024-26599
    - pwm: Fix out-of-bounds access in of_pwm_single_xlate()
  * Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
  * Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra
  * performance: Scheduler: ratelimit updating of load_avg (LP: #2053251)
    - sched/fair: Ratelimit update to tg->load_avg
  * IB peer memory feature regressed in 6.5 (LP: #2055082)
    - SAUCE: RDMA/core: Introduce peer memory interface
  * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
    - [Packaging] rules: Put usbip manpages in the correct directory
  * CVE-2024-23851
    - dm: limit the number of targets and parameter size area
  * CVE-2024-23850
    - btrfs: do not ASSERT() if the newly created subvolume already got read
  * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules
  * Fix AMD brightness issue on AUO panel (LP: #2054773)
    - drm/amdgpu: make damage clips support configurable
  * Mantic update: upstream stable patchset 2024-02-28 (LP: #2055199)
    - f2fs: explicitly null-terminate the xattr list
    - pinctrl: lochnagar: Don't build on MIPS
    - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
    - mptcp: fix uninit-value in mptcp_incoming_options
    - wifi: cfg80211: lock wiphy mutex for rfkill poll
    - wifi: avoid offset calculation on NULL pointer
    - wifi: mac80211: handle 320 MHz in ieee80211_ht_cap_ie_to_sta_ht_cap
    - debugfs: fix automount d_fsdata usage
    - nvme-core: fix a memory leak in nvme_ns_info_from_identify()
    - drm/amd/display: update dcn315 lpddr pstate latency
    - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
    - smb: client, common: fix fortify warnings
    - blk-mq: don't count completed flush data request as inflight in case of
      quiesce
    - nvme-core: check for too small lba shift
    - hwtracing: hisi_ptt: Handle the interrupt in hardirq context
    - hwtracing: hisi_ptt: Don't try to attach a task
    - ASoC: wm8974: Correct boost mixer inputs
    - arm64: dts: rockchip: fix rk356x pcie msg interrupt name
    - ASoC: Intel: Skylake: Fix mem leak in few functions
    - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
      __be16
    - ASoC: Intel: Skylake: mem leak in skl register function
    - ASoC: cs43130: Fix the position of const qualifier
    - ASoC: cs43130: Fix incorrect frame delay configuration
    - ASoC: rt5650: add mutex to avoid the jack detection failure
    - ASoC: Intel: skl_hda_dsp_generic: Drop HDMI routes when HDMI is not
      available
    - nouveau/tu102: flush all pdbs on vmm flush
    - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13
    - ASoC: hdac_hda: Conditionally register dais for HDMI and Analog
    - net/tg3: fix race condition in tg3_reset_task()
    - ASoC: da7219: Support low DC impedance headset
    - nvme: introduce helper function to get ctrl state
    - nvme: prevent potential spectre v1 gadget
    - arm64: dts: rockchip: Fix PCI node addresses on rk3399-gru
    - drm/amdgpu: Add NULL checks for function pointers
    - drm/exynos: fix a potential error pointer dereference
    - drm/exynos: fix a wrong error checking
    - hwmon: (corsair-psu) Fix probe when built-in
    - LoongArch: Preserve syscall nr across execve()
    - clk: rockchip: rk3568: Add PLL rate for 292.5MHz
    - clk: rockchip: rk3128: Fix HCLK_OTG gate register
    - jbd2: correct the printing of write_flags in jbd2_write_superblock()
    - jbd2: increase the journal IO's priority
    - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
    - neighbour: Don't let neigh_forced_gc() disable preemption for long
    - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events
    - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
    - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
    - tracing: Add size check when printing trace_marker output
    - stmmac: dwmac-loongson: drop useless check for compatible fallback
    - MIPS: dts: loongson: drop incorrect dwmac fallback compatible
    - tracing: Fix uaf issue when open the hist or hist_debug file
    - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
      NMI
    - Input: psmouse - enable Synaptics InterTouch for ThinkPad L14 G1
    - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
    - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
    - Input: i8042 - add nomux quirk for Acer P459-G2-M
    - s390/scm: fix virtual vs physical address confusion
    - ARC: fix spare error
    - wifi: i

1786013 Packaging resync
2055686 Drop ABI checks from kernel build
2055685 Cranky update-dkms-versions rollout
2054809 linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-modules-extra to linux-modules
2053251 performance: Scheduler: ratelimit updating of load_avg
2055082 IB peer memory feature regressed in 6.5
2054094 linux-tools-common: man page of usbip[d] is misplaced
2054699 x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
2045561 linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from linux-modules-extra to linux-modules
2054773 Fix AMD brightness issue on AUO panel
2055199 Mantic update: upstream stable patchset 2024-02-28
2055002 Mantic update: upstream stable patchset 2024-02-27
2054779 Mantic update: upstream stable patchset 2024-02-26
2054218 kvm: Running perf against qemu processes results in page fault inside guest
2049634 smb: wsize blocks of bytes followed with binary zeros on copy, destroying data
2052662 move_mount mediation does not detect if source is detached
2052005 Validate connection interval to pass Bluetooth Test Suite
2051947 Sound: Add rtl quirk of M70-Gen5
2051896 Fix spurious wakeup caused by Cirque touchpad
2052792 Mantic update: upstream stable patchset 2024-02-09
2052499 Mantic update: upstream stable patchset 2024-02-06
2051924 Mantic update: upstream stable patchset 2024-02-01
CVE-2024-26597 In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_op
CVE-2024-26599 In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count ==
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-50431 sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space beca
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_



About   -   Send Feedback to @ubuntu_updates