UbuntuUpdates.org

Package "linux-hwe-6.8"

Name: linux-hwe-6.8

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP

Latest version: 6.8.0-48.48~22.04.1
Release: jammy (22.04)
Level: security
Repository: main

Links



Other versions of "linux-hwe-6.8" in Jammy

Repository Area Version
updates main 6.8.0-48.48~22.04.1
proposed main 6.8.0-48.48~22.04.1
PPA: Canonical Kernel Team 6.8.0-48.48~22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.8.0-48.48~22.04.1 2024-10-31 02:07:15 UTC

  linux-hwe-6.8 (6.8.0-48.48~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-48.48~22.04.1 -proposed tracker (LP: #2082436)

  [ Ubuntu: 6.8.0-48.48 ]

  * noble/linux: 6.8.0-48.48 -proposed tracker (LP: #2082437)
  * [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel
    CPUs (LP: #2077470)
    - x86/cpu/vfm: Update arch/x86/include/asm/intel-family.h
    - cpufreq: intel_pstate: Allow model specific EPPs
    - cpufreq: intel_pstate: Update default EPPs for Meteor Lake
    - cpufreq: intel_pstate: Switch to new Intel CPU model defines
    - cpufreq: intel_pstate: Update Meteor Lake EPPs
    - cpufreq: intel_pstate: Use Meteor Lake EPPs for Arrow Lake
    - cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids
  * power: Enable intel_rapl driver (LP: #2078834)
    - powercap: intel_rapl: Add support for ArrowLake-H platform
  * x86/vmware: Add TDX hypercall support (LP: #2077729)
    - x86/vmware: Introduce VMware hypercall API
    - x86/vmware: Add TDX hypercall support
  * Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
    (LP: #2076866)
    - mm/mempolicy: use numa_node_id() instead of cpu_to_node()
    - mm/numa_balancing: allow migrate on protnone reference with
      MPOL_PREFERRED_MANY policy
    - mm: convert folio_estimated_sharers() to folio_likely_mapped_shared()
    - mm: factor out the numa mapping rebuilding into a new helper
    - mm: support multi-size THP numa balancing
    - mm/migrate: make migrate_misplaced_folio() return 0 on success
    - mm/migrate: move NUMA hinting fault folio isolation + checks under PTL
    - mm: fix possible OOB in numa_rebuild_large_mapping()
  * Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix
    L2 Guest hang during LTP Test (LP: #2076147)
    - mm: hold PTL from the first PTE while reclaiming a large folio
  * KOP L2 guest fails to boot with 1 core - SMT8 topology (LP: #2070329)
    - KVM: PPC: Book3S HV nestedv2: Add DPDES support in helper library for Guest
      state buffer
    - KVM: PPC: Book3S HV nestedv2: Fix doorbell emulation
  * L2 Guest migration: continuously dumping while running NFS guest migration
    (LP: #2076406)
    - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3
    - KVM: PPC: Book3S HV: Fix the get_one_reg of SDAR
    - KVM: PPC: Book3S HV: Add one-reg interface for DEXCR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest DEXCR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHKEYR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHPKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHPKEYR in sync
  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] perf: reenable libtraceevent
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Fix alsa scarlett2 driver in 6.8 (LP: #2076402)
    - ALSA: scarlett2: Move initialisation code lower in the source
    - ALSA: scarlett2: Implement handling of the ACK notification
  * rtw89: reset IDMEM mode to prevent download firmware failure (LP: #2077396)
    - wifi: rtw89: 885xb: reset IDMEM mode to prevent download firmware failure
  * CVE-2024-43858
    - jfs: Fix array-index-out-of-bounds in diFree
  * CVE-2024-42280
    - mISDN: Fix a use after free in hfcmulti_tx()
  * CVE-2024-42271
    - net/iucv: fix use after free in iucv_sock_close()
  * [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
    (LP: #2060039)
    - powerpc/64s/radix/kfence: map __kfence_pool at page granularity
  * Noble update: upstream stable patchset 2024-09-09 (LP: #2079945)
    - ocfs2: add bounds checking to ocfs2_check_dir_entry()
    - jfs: don't walk off the end of ealist
    - fs/ntfs3: Add a check for attr_names and oatbl
    - fs/ntfs3: Validate ff offset
    - usb: gadget: midi2: Fix incorrect default MIDI2 protocol setup
    - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    - arm64: dts: qcom: qrb4210-rb2: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sm6350: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB
    - ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused
    - ALSA: seq: ump: Skip useless ports for static blocks
    - filelock: Fix fcntl/close race recovery compat path
    - tun: add missing verification for short frame
    - tap: add missing verification for short frame
    - s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()
    - ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop
    - arm64: dts: qcom: sc7180: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: sc7280: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: qrb2210-rb1: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8998: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq8074: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm845: Disable SS instance in Parkmode for USB
    - Upstream stable to v6.6.43, v6.9.12
  * Noble update: upstream stable patchset 2024-09-02 (LP: #2078304)
    - filelock: Remove locks reliably when fcntl/close race is detected
    - scsi: core: alua: I/O errors for ALUA state transitions
    - scsi: sr: Fix unintentional arithmetic wraparound
    - scsi: qedf: Don't process stag work during unload and recovery
    - scsi: qedf: Wait for stag work during unload
    - scsi: qedf: Set qed_slowpath_params to zero before use
    - efi/libstub: zboot.lds: Discard .discard sections
    - ACPI: EC: Abort address space acces

Source diff to previous version
2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs
2078834 power: Enable intel_rapl driver
2077729 x86/vmware: Add TDX hypercall support
2076866 Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
2076147 Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix L2 Guest hang during LTP Test
2070329 KOP L2 guest fails to boot with 1 core - SMT8 topology
2076406 L2 Guest migration: continuously dumping while running NFS guest migration
2076190 perf build disables tracepoint support
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2076402 Fix alsa scarlett2 driver in 6.8
2060039 [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
2079945 Noble update: upstream stable patchset 2024-09-09
2078304 Noble update: upstream stable patchset 2024-09-02
2078041 UBSAN: array-index-out-of-bounds in /build/linux-Z1RxaK/linux-6.8.0/drivers/gpu/drm/amd/amdgpu/../pm/powerplay/hwmgr/processpptables.c:1249:61
2077690 alsa: Headphone and Speaker couldn't output sound intermittently
2077858 Fix ethernet performance on JSL and EHL
2078289 Noble update: upstream stable patchset 2024-08-29
2076675 [SRU][HPE 24.04] Intel FVL NIC FW flash fails with inbox driver, causing driver not detected
2073695 Deadlock occurs while suspending md raid
2076361 Lenovo X12 Detachable Gen 2 unresponsive under light load
2072679 Regression: unable to reach low idle states on Tiger Lake
2077600 Noble update: upstream stable patchset 2024-08-22
2069993 Panels show garbage or flickering when i915.psr2 enabled
2062951 Random flickering with Intel i915 (Gen9 GPUs in 6th-8th gen CPUs) on Linux 6.8
2073583 [SRU][22.04.5]: mpi3mr driver update
2076435 Noble update: upstream stable patchset 2024-08-09
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
CVE-2024-43858 In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree
CVE-2024-42280 In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after callin
CVE-2024-42271 In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called f
CVE-2024-27022 In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a
CVE-2024-41022 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" v
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu

Version: 6.8.0-47.47~22.04.1 2024-10-16 14:09:52 UTC

  linux-hwe-6.8 (6.8.0-47.47~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-47.47~22.04.1 -proposed tracker (LP: #2082117)

  [ Ubuntu: 6.8.0-47.47 ]

  * noble/linux: 6.8.0-47.47 -proposed tracker (LP: #2082118)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails

 -- Stefan Bader <email address hidden> Wed, 02 Oct 2024 16:39:24 +0200

Source diff to previous version
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu

Version: 6.8.0-45.45~22.04.1 2024-09-23 13:07:03 UTC

  linux-hwe-6.8 (6.8.0-45.45~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-45.45~22.04.1 -proposed tracker (LP: #2078099)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.hwe-6.8/dkms-versions -- update from kernel-versions
      (main/s2024.08.05)

  [ Ubuntu: 6.8.0-45.45 ]

  * noble/linux: 6.8.0-45.45 -proposed tracker (LP: #2078100)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/s2024.08.05)
  * Noble update: upstream stable patchset 2024-08-09 (LP: #2076435) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * Noble update: upstream stable patchset 2024-08-22 (LP: #2077600) //
    CVE-2024-42224
    - net: dsa: mv88e6xxx: Correct check for empty list
  * Noble update: upstream stable patchset 2024-08-22 (LP: #2077600) //
    CVE-2024-42154
    - tcp_metrics: validate source addr length
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-42159
    - scsi: mpi3mr: Sanitise num_phys

 -- Stefan Bader <email address hidden> Wed, 11 Sep 2024 15:33:32 +0200

Source diff to previous version
1786013 Packaging resync
2076435 Noble update: upstream stable patchset 2024-08-09
2077600 Noble update: upstream stable patchset 2024-08-22
CVE-2024-41009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is
CVE-2024-42160 In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to
CVE-2024-42224 In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("n
CVE-2024-42154 In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP
CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc In
CVE-2024-42159 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask,

Version: 6.8.0-40.40~22.04.3 2024-08-14 11:07:05 UTC

  linux-hwe-6.8 (6.8.0-40.40~22.04.3) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-40.40~22.04.3 -proposed tracker (LP: #2075181)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.hwe-6.8/dkms-versions -- update from kernel-versions
      (main/2024.07.08)

  * Linux 6.8 fails to boot on ARM64 if any param is more than 146 chars
    (LP: #2069534)
    - SAUCE: arm64: v6.8: cmdline param >= 146 chars kills kernel

  * revert support for arbitrary symbol length in modversion in hwe kernels
    (LP: #2039010)
    - Revert "UBUNTU: SAUCE: modpost: Replace 0-length array with flex-array
      member"
    - Revert "UBUNTU: SAUCE: allows to enable Rust with modversions"
    - Revert "UBUNTU: SAUCE: modpost: support arbitrary symbol length in
      modversion"

Source diff to previous version
1786013 Packaging resync
2069534 Linux 6.8 fails to boot on ARM64 if any param is more than 146 chars
2039010 revert support for arbitrary symbol length in modversion in hwe kernels

Version: 6.8.0-39.39~22.04.1 2024-07-29 23:07:07 UTC

  linux-hwe-6.8 (6.8.0-39.39~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-39.39~22.04.1 -proposed tracker (LP: #2071982)

  [ Ubuntu: 6.8.0-39.39 ]

  * noble/linux: 6.8.0-39.39 -proposed tracker (LP: #2071983)
  * CVE-2024-25742
    - x86/sev: Harden #VC instruction emulation somewhat
    - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler
  * Noble update: v6.8.9 upstream stable release (LP: #2070337) //
    CVE-2024-35984
    - i2c: smbus: fix NULL function pointer dereference
  * Noble update: v6.8.9 upstream stable release (LP: #2070337) //
    CVE-2024-35990
    - dma: xilinx_dpdma: Fix locking
  * Noble update: v6.8.9 upstream stable release (LP: #2070337) //
    CVE-2024-35997
    - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
  * CVE-2024-36016
    - tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
  * CVE-2024-36008
    - ipv4: check for NULL idev in ip_route_use_hint()
  * CVE-2024-35992
    - phy: marvell: a3700-comphy: Fix out of bounds read

 -- Stefan Bader <email address hidden> Wed, 10 Jul 2024 15:42:33 +0200

2070337 Noble update: v6.8.9 upstream stable release
CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This
CVE-2024-35984 In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when
CVE-2024-35990 In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock
CVE-2024-35997 In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_
CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following
CVE-2024-36008 In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in ip_route_use_hint() syzbot was able to trigger a N
CVE-2024-35992 In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds re



About   -   Send Feedback to @ubuntu_updates