UbuntuUpdates.org

Package "linux-image-unsigned-6.2.0-1018-lowlatency"

Name: linux-image-unsigned-6.2.0-1018-lowlatency

Description:

Linux kernel image for version 6.2.0 on 64 bit x86 SMP

Latest version: 6.2.0-1018.18~22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux-lowlatency-hwe-6.2

Links


Download "linux-image-unsigned-6.2.0-1018-lowlatency"


Other versions of "linux-image-unsigned-6.2.0-1018-lowlatency" in Jammy

Repository Area Version
updates main 6.2.0-1018.18~22.04.1
PPA: Canonical Kernel Team 6.2.0-1018.18~22.04.1

Changelog

Version: 6.2.0-1013.13~22.04.1 2023-09-19 13:09:17 UTC

  linux-lowlatency-hwe-6.2 (6.2.0-1013.13~22.04.1) jammy; urgency=medium

  * jammy/linux-lowlatency-hwe-6.2: 6.2.0-1013.13~22.04.1 -proposed tracker
    (LP: #2034150)

  [ Ubuntu: 6.2.0-1013.13 ]

  * lunar/linux-lowlatency: 6.2.0-1013.13 -proposed tracker (LP: #2034151)
  * lunar/linux: 6.2.0-33.33 -proposed tracker (LP: #2034158)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * CVE-2023-21264
    - KVM: arm64: Prevent unconditional donation of unmapped regions from the host
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

 -- Stefan Bader <email address hidden> Thu, 07 Sep 2023 11:47:15 +0200

Source diff to previous version
1786013 Packaging resync
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a

Version: 6.2.0-1012.12~22.04.1 2023-09-05 11:10:46 UTC

  linux-lowlatency-hwe-6.2 (6.2.0-1012.12~22.04.1) jammy; urgency=medium

  * jammy/linux-lowlatency-hwe-6.2: 6.2.0-1012.12~22.04.1 -proposed tracker
    (LP: #2030373)

  [ Ubuntu: 6.2.0-1012.12 ]

  * lunar/linux-lowlatency: 6.2.0-1012.12 -proposed tracker (LP: #2030374)
  * lunar/linux: 6.2.0-32.32 -proposed tracker (LP: #2031134)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
  * lunar/linux: 6.2.0-30.30 -proposed tracker (LP: #2030381)
  * CVE-2022-40982
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - ia64/cpu: Switch to arch_cpu_finalize_init()
    - m68k/cpu: Switch to arch_cpu_finalize_init()
    - mips/cpu: Switch to arch_cpu_finalize_init()
    - sh/cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow
  * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
    - ASoC: cs35l41: Refactor error release code
    - ALSA: cs35l41: Add shared boost feature
    - ASoC: dt-bindings: cirrus, cs35l41: Document CS35l41 shared boost
    - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
    - ALSA: hda: cs35l41: Enable Amp High Pass Filter
    - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
    - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
    - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
      load
    - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
      suspending.
    - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
    - ALSA: hda: cs35l41: Move Play and Pause into separate functions
    - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
    - ALSA: hda: cs35l41: Use pre and post playback hooks
    - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
    - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
    - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
  * Reboot command powers off the system (LP: #2029332)
    - x86/smp: Make stop_other_cpus() more robust
    - x86/smp: Dont access non-existing CPUID leaf
  * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
    (LP: #2015400)
    - loop: deprecate autoloading callback loop_probe()
    - loop: do not enforce max_loop hard limit by (new) default
  * Fix UBSAN in Intel EDAC driver (LP: #2028746)
    - EDAC/skx_common: Enable EDAC support for the "near" memory
    - EDAC/skx_common: Delete duplicated and unreachable code
    - EDAC/i10nm: Add Intel Emerald Rapids server support
    - EDAC/i10nm: Make more configurations CPU model specific
    - EDAC/i10nm: Add Intel Granite Rapids server support
    - EDAC/i10nm: Skip the absent memory controllers
  * Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
    - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
    - video/aperture: use generic code to figure out the vga default device
    - drm/aperture: Remove primary argument
    - video/aperture: Only kick vgacon when the pdev is decoding vga
    - video/aperture: Move vga handling to pci function
    - video/aperture: Drop primary argument
    - video/aperture: Only remove sysfb on the default vga pci device
    - fbdev: Simplify fb_is_primary_device for x86
    - video/aperture: Provide a VGA helper for gma500 and internal use
  * Fix AMD gpu hang when screen off/on (LP: #2028740)
    - drm/amd/display: Keep PHY active for dp config
  * Various backlight issues with the 6.0/6.1 kernel (LP: #2023638)
    - ACPI: video: Stop trying to use vendor backlight control on laptops from
      after ~2012
  * FM350(mtk_t7xx) failed to suspend, or early wake while suspending
    (LP: #2020743)
    - net: wwan: t7xx: Ensure init is completed before system sleep
  * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
    - r8152: add USB device driver for config selection
  * CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix
  * CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal
  * CVE-2023-3611
    - net/sched: sch_qfq: refactor parsing of netlink parameters
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
  * CVE-2023-3610
    - netfilter: nf_

Source diff to previous version
2031093 libgnutls report \
2029199 NULL pointer dereference on CS35L41 HDA AMP
2029332 Reboot command powers off the system
2015400 losetup with mknod fails on jammy with kernel 5.15.0-69-generic
2028746 Fix UBSAN in Intel EDAC driver
2028749 Make TTY switching possible for NVIDIA when it's boot VGA
2028740 Fix AMD gpu hang when screen off/on
2023197 Fix speaker volume too low on HP G10 laptops
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026776 arm64+ast2600: No Output from BMC's VGA port
2024273 Fix eDP only displays 3/4 area after switching to mirror mode with external HDMI 4K monitor
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028979 Lunar update: upstream stable patchset 2023-07-28
2022354 sysfs msi_irqs directory empty with kernel-5.19 when being a xen guest
2028808 Lunar update: upstream stable patchset 2023-07-26
2028580 Lunar update: v6.2.16 upstream stable release
1786013 Packaging resync
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI

Version: 6.2.0-1011.11~22.04.1 2023-08-29 11:07:41 UTC

  linux-lowlatency-hwe-6.2 (6.2.0-1011.11~22.04.1) jammy; urgency=medium

  * jammy/linux-lowlatency-hwe-6.2: 6.2.0-1011.11~22.04.1 -proposed tracker
    (LP: #2030539)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 6.2.0-1011.11 ]

  * lunar/linux-lowlatency: 6.2.0-1011.11 -proposed tracker (LP: #2030540)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] resync getabis
  * lunar/linux: 6.2.0-31.31 -proposed tracker (LP: #2031146)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
  * lunar/linux: 6.2.0-28.29 -proposed tracker (LP: #2030547)
  * CVE-2022-40982
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - ia64/cpu: Switch to arch_cpu_finalize_init()
    - m68k/cpu: Switch to arch_cpu_finalize_init()
    - mips/cpu: Switch to arch_cpu_finalize_init()
    - sh/cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix
  * CVE-2023-3776
    - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
  * CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal
  * CVE-2023-3611
    - net/sched: sch_qfq: refactor parsing of netlink parameters
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
  * CVE-2023-3610
    - netfilter: nf_tables: fix chain binding transaction logic
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow

  [ Ubuntu: 6.2.0-1010.10 ]

  * lunar/linux-lowlatency: 6.2.0-1010.10 -proposed tracker (LP: #2026482)
  * lunar/linux: 6.2.0-27.28 -proposed tracker (LP: #2026488)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] update annotations scripts
  * CVE-2023-2640 // CVE-2023-32629
    - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
      ovl_do_(set|remove)xattr"
    - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
      trusted.overlayfs.* xattrs"
    - SAUCE: overlayfs: default to userxattr when mounted from non initial user
      namespace
  * UNII-4 5.9G Band support request on 8852BE (LP: #2023952)
    - wifi: rtw89: 8851b: add 8851B basic chip_info
    - wifi: rtw89: introduce realtek ACPI DSM method
    - wifi: rtw89: regd: judge UNII-4 according to BIOS and chip
    - wifi: rtw89: support U-NII-4 channels on 5GHz band
  * Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present (LP: #2024900)
    - [Packaging] disable hv-kvp-daemon if needed
  * A deadlock issue in scsi rescan task while resuming from S3 (LP: #2018566)
    - ata: libata-scsi: Avoid deadlock on rescan after device resume
  * [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU (LP: #2008745)
    - [Config] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
  * Lunar update: v6.2.15 upstream stable release (LP: #2025067)
    - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
    - ASoC: Intel: soc-acpi: add table for Intel 'Rooks County' NUC M15
    - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx
      (8A22)
    - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
    - ASoC: da7213.c: add missing pm_runtime_disable()
    - net: wwan: t7xx: do not compile with -Werror
    - wifi: mt76: mt7921: Fix use-after-free in fw features query.
    - selftests mount: Fix mount_setattr_test builds failed
    - scsi: mpi3mr: Handle soft reset in progress fault code (0xF002)
    - net: sfp: add quirk enabling 2500Base-x for HG MXPD-483II
    - platform/x86: thinkpad_acpi: Add missing T14s Gen1 type to s2idle quirk list
    - wifi: ath11k: reduce the MHI timeout to 20s
    - tracing: Error if a trace event has an array for a __field()
    - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    - asm-generic/io.h: suppress endianness warnings for relaxed accessors
    - x86/cpu: Add model number for Intel Arrow Lake processor
    - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
    - ASoC: amd: ps: update the acp clock source.

Source diff to previous version
1786013 Packaging resync
2031093 libgnutls report \
2023952 UNII-4 5.9G Band support request on 8852BE
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2008745 [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
2025067 Lunar update: v6.2.15 upstream stable release
2025066 Lunar update: v6.2.14 upstream stable release
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2640 On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overl ...
CVE-2023-32629 Local privilege escalation vulnerability in Ubuntu Kernels overlayfs o ...
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3269 A vulnerability exists in the memory management subsystem of the Linux ...
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker

Version: 6.2.0-1009.9~22.04.1 2023-07-24 22:07:32 UTC

  linux-lowlatency-hwe-6.2 (6.2.0-1009.9~22.04.1) jammy; urgency=medium

  * jammy/linux-lowlatency-hwe-6.2: 6.2.0-1009.9~22.04.1 -proposed tracker
    (LP: #2026746)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/s2023.06.12)

  [ Ubuntu: 6.2.0-1009.9 ]

  * lunar/linux-lowlatency: 6.2.0-1009.9 -proposed tracker (LP: #2026747)
  * lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
  * CVE-2023-2640 // CVE-2023-32629
    - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
      ovl_do_(set|remove)xattr"
    - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
      trusted.overlayfs.* xattrs"
    - SAUCE: overlayfs: default to userxattr when mounted from non initial user
      namespace
  * CVE-2023-35001
    - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
  * CVE-2023-31248
    - netfilter: nf_tables: do not ignore genmask when looking up chain by id
  * CVE-2023-3389
    - io_uring/poll: serialize poll linked timer start with poll removal
  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
  * CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb
  * CVE-2023-3269
    - mm: introduce new 'lock_mm_and_find_vma()' page fault helper
    - mm: make the page fault mmap locking killable
    - arm64/mm: Convert to using lock_mm_and_find_vma()
    - powerpc/mm: Convert to using lock_mm_and_find_vma()
    - mips/mm: Convert to using lock_mm_and_find_vma()
    - riscv/mm: Convert to using lock_mm_and_find_vma()
    - arm/mm: Convert to using lock_mm_and_find_vma()
    - mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
    - powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
    - mm: make find_extend_vma() fail if write lock not held
    - execve: expand new process stack manually ahead of time
    - mm: always expand the stack with the mmap write lock held
    - [CONFIG]: Set CONFIG_LOCK_MM_AND_FIND_VMA

 -- Stefan Bader <email address hidden> Fri, 14 Jul 2023 09:59:51 +0200

Source diff to previous version
1786013 Packaging resync
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3269 A vulnerability exists in the memory management subsystem of the Linux ...

Version: 6.2.0-1008.8~22.04.1 2023-07-12 10:07:08 UTC

  linux-lowlatency-hwe-6.2 (6.2.0-1008.8~22.04.1) jammy; urgency=medium

  * jammy/linux-lowlatency-hwe-6.2: 6.2.0-1008.8~22.04.1 -proposed tracker
    (LP: #2024536)

  [ Ubuntu: 6.2.0-1008.8 ]

  * lunar/linux-lowlatency: 6.2.0-1008.8 -proposed tracker (LP: #2024537)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
  * lunar/linux: 6.2.0-25.25 -proposed tracker (LP: #2024167)
  * ftrace in ubuntu_kernel_selftests failed with "check if duplicate events are
    caught" on J-5.15 P9 / J-kvm / L-kvm (LP: #1977827)
    - SAUCE: selftests/ftrace: Add test dependency
  * Add microphone support of the front headphone port on P3 Tower
    (LP: #2023650)
    - ALSA: hda/realtek: Add Lenovo P3 Tower platform
  * Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2 (LP: #2023539)
    - ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
  * Fix Disable thunderbolt clx make edp-monitor garbage while moving the
    touchpad (LP: #2023004)
    - drm/i915: Use 18 fast wake AUX sync len
  * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C
    dongle (LP: #2021949)
    - thunderbolt: Increase timeout of DP OUT adapter handshake
    - thunderbolt: Do not touch CL state configuration during discovery
    - thunderbolt: Increase DisplayPort Connection Manager handshake timeout
  * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591)
    - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs
  * Fix only reach PC3 when ethernet is plugged r8169 (LP: #1946433)
    - r8169: use spinlock to protect mac ocp register access
    - r8169: use spinlock to protect access to registers Config2 and Config5
    - r8169: enable cfg9346 config register access in atomic context
    - r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
    - r8169: disable ASPM during NAPI poll
    - r8169: remove ASPM restrictions now that ASPM is disabled during NAPI poll
  * introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
    (LP: #2021605)
    - [Packaging] introduce do_lib_rust and enable it only on generic amd64
  * System either hang with black screen or rebooted on entering suspend on AMD
    Ryzen 9 PRO 7940HS w/ Radeon 780M Graphics (LP: #2020685)
    - drm/amdgpu: refine get gpu clock counter method
    - drm/amdgpu/gfx11: update gpu_clock_counter logic
  * generate linux-lib-rust only on amd64 (LP: #2020356)
    - [Packaging] generate linux-lib-rust only on amd64
  * No HDMI/DP audio output on dock(Nvidia GPU) (LP: #2020062)
    - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
  * Add support for mdev_set_iommu_device() kABI in Ubuntu 22.10 kernel
    (LP: #1988806)
    - SAUCE: Add mdev_set_iommu_device() kABI.
  * Enable audio LEDs on HP laptops (LP: #2019915)
    - ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop
    - ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop
  * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
    images (LP: #2019040)
    - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
  * Lunar update: v6.2.13 upstream stable release (LP: #2023929)
    - ARM: dts: rockchip: fix a typo error for rk3288 spdif node
    - arm64: dts: rockchip: Lower sd speed on rk3566-soquartz
    - arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
    - arm64: dts: qcom: ipq8074-hk10: enable QMP device, not the PHY node
    - arm64: dts: meson-g12-common: specify full DMC range
    - arm64: dts: meson-g12-common: resolve conflict between canvas & pmu
    - perf/amlogic: adjust register offsets
    - arm64: dts: qcom: sc8280xp-pmics: fix pon compatible and registers
    - arm64: dts: imx8mm-evk: correct pmic clock source
    - arm64: dts: imx8mm-verdin: correct off-on-delay
    - arm64: dts: imx8mp-verdin: correct off-on-delay
    - netfilter: br_netfilter: fix recent physdev match breakage
    - netfilter: nf_tables: Modify nla_memdup's flag to GFP_KERNEL_ACCOUNT
    - rust: str: fix requierments->requirements typo
    - regulator: fan53555: Explicitly include bits header
    - regulator: fan53555: Fix wrong TCS_SLEW_MASK
    - virtio_net: bugfix overflow inside xdp_linearize_page()
    - sfc: Fix use-after-free due to selftest_work
    - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
    - i40e: fix accessing vsi->active_filters without holding lock
    - i40e: fix i40e_setup_misc_vector() error handling
    - netfilter: nf_tables: validate catch-all set elements
    - cxgb4: fix use after free bugs caused by circular dependency problem
    - netfilter: nf_tables: tighten netlink attribute requirements for catch-all
      elements
    - bnxt_en: Do not initialize PTP on older P3/P4 chips
    - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
    - LoongArch: Fix build error if CONFIG_SUSPEND is not set
    - bonding: Fix memory leak when changing bond type to Ethernet
    - net: rpl: fix rpl header size calculation
    - mlxsw: pci: Fix possible crash during initialization
    - spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
    - bpf: Fix incorrect verifier pruning due to missing register precision taints
    - net: dsa: microchip: ksz8795: Correctly handle huge frame configuration
    - bnxt_en: fix free-runnig PHC mode
    - e1000e: Disable TSO on i219-LM card to increase speed
    - net: bridge: switchdev: don't notify FDB entries with "master dynamic"
    - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
    - platform/x86/intel: vsec: Fix a memory leak in intel_vsec_add_aux
    - platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
    - selftests: sigaltstack: fix -Wuninitialized
    - scsi: megaraid_sas: Fix fw_crash_buffer_show()
    - scsi: core: Improve scsi_vpd_inquiry() checks
    - net: dsa: b53: mmap: add phy ops
    - platform/x86: gigabyte-wmi: add support for B650 AORUS ELITE AX
    - s390/ptrace: fix PTRACE_GET_LAST_BREAK error hand

1786013 Packaging resync
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2021605 introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
2020356 generate linux-lib-rust only on amd64
2019915 Enable audio LEDs on HP laptops
2023929 Lunar update: v6.2.13 upstream stable release
2023577 cls_flower: off-by-one in fl_set_geneve_opt
2020531 support python \u003c 3.9 with annotations
2017444 Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
2015867 Kernel 6.1 bumped the disk consumption on default images by 15%
2018655 Update I915 PSR calculation on Linux 6.2
2016908 udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)
2016186 5.19 not reporting cgroups v1 blkio.throttle.io_serviced
2017903 LSM stacking and AppArmor for 6.2: additional fixes
2017219 Lunar update: v6.2.12 upstream stable release
1685291 RFC: virtio and virtio-scsi should be built in
2015498 Debian autoreconstruct Fix restoration of execute permissions
2007745 [SRU][Jammy] CONFIG_PCI_MESON is not enabled
2008824 sched: cpumask: improve on cpumask_local_spread() locality
2012019 Fix E-star testing failure with RTK 8852BE
2016879 Lunar update: v6.2.11 upstream stable release
2016878 Lunar update: v6.2.10 upstream stable release
2016877 Lunar update: v6.2.9 upstream stable release
2016876 Lunar update: v6.2.8 upstream stable release
2016875 Lunar update: v6.2.7 upstream stable release
2015741 efivarfs:efivarfs.sh in ubuntu_kernel_selftests crash L-6.2 ARM64 node dazzle (rcu_preempt detected stalls)
2015361 FTBFS with different dkms or when makeflags are set
2013209 expoline.o is packaged unconditionally for s390x
2013014 net:l2tp.sh failure with lunar:linux 6.2
2012776 Neuter signing tarballs
2012136 LSM stacking and AppArmor refresh for 6.2 kernel
1989983 kinetic: apply new apparmor and LSM stacking patch set
1937133 devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute (KeyError: 'flavour')
2007654 enable Rust support in the kernel
1989334 remove circular dep between linux-image and modules
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-2176 A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-2612 Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ...
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.



About   -   Send Feedback to @ubuntu_updates