UbuntuUpdates.org

Package "linux-image-unsigned-6.8.0-1018-oracle"

Name: linux-image-unsigned-6.8.0-1018-oracle

Description:

Linux kernel image for version 6.8.0 on 64 bit x86 SMP

Latest version: 6.8.0-1018.19~22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux-oracle-6.8

Links


Download "linux-image-unsigned-6.8.0-1018-oracle"


Other versions of "linux-image-unsigned-6.8.0-1018-oracle" in Jammy

Repository Area Version
updates main 6.8.0-1018.19~22.04.1

Changelog

Version: 6.8.0-1018.19~22.04.1 2024-12-17 01:07:15 UTC

  linux-oracle-6.8 (6.8.0-1018.19~22.04.1) jammy; urgency=medium

  * jammy/linux-oracle-6.8: 6.8.0-1018.19~22.04.1 -proposed tracker
    (LP: #2090353)

  [ Ubuntu: 6.8.0-1018.19 ]

  * noble/linux-oracle: 6.8.0-1018.19 -proposed tracker (LP: #2090354)
  [ Ubuntu: 6.8.0-51.52 ]
  * noble/linux: 6.8.0-51.52 -proposed tracker (LP: #2090369)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update variants
  * MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
    (LP: #2087886)
    - mm/mglru: only clear kswapd_failures if reclaimable
  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

 -- Philip Cox <email address hidden> Mon, 09 Dec 2024 15:56:54 -0500

Source diff to previous version
1786013 Packaging resync
2087886 MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1

Version: 6.8.0-1017.18~22.04.1 2024-12-12 16:06:53 UTC

  linux-oracle-6.8 (6.8.0-1017.18~22.04.1) jammy; urgency=medium

  * jammy/linux-oracle-6.8: 6.8.0-1017.18~22.04.1 -proposed tracker
    (LP: #2086289)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.oracle-6.8/dkms-versions -- update from kernel-versions
      (main/2024.10.28)

  [ Ubuntu: 6.8.0-1017.18 ]

  * noble/linux-oracle: 6.8.0-1017.18 -proposed tracker (LP: #2086290)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] debian.oracle/dkms-versions -- update from kernel-versions
      (main/2024.10.28)
  [ Ubuntu: 6.8.0-50.51 ]
  * noble/linux: 6.8.0-50.51 -proposed tracker (LP: #2086301)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.10.28)
  * Noble update: upstream stable patchset 2024-10-31 (LP: #2086138)
    - device property: Add cleanup.h based fwnode_handle_put() scope based
      cleanup.
    - device property: Introduce device_for_each_child_node_scoped()
    - iio: adc: ad7124: Switch from of specific to fwnode based property handling
    - ksmbd: override fsids for share path check
    - ksmbd: override fsids for smb2_query_info()
    - usbnet: ipheth: remove extraneous rx URB length check
    - usbnet: ipheth: drop RX URBs with no payload
    - usbnet: ipheth: do not stop RX on failing RX callback
    - usbnet: ipheth: fix carrier detection in modes 1 and 4
    - net: ethernet: use ip_hdrlen() instead of bit shift
    - drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero
    - drm: panel-orientation-quirks: Add quirk for Ayn Loki Max
    - net: phy: vitesse: repair vsc73xx autonegotiation
    - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL
    - wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change
    - net: hns3: use correct release function during uninitialization
    - btrfs: update target inode's ctime on unlink
    - Input: ads7846 - ratelimit the spi_sync error message
    - Input: synaptics - enable SMBus for HP Elitebook 840 G2
    - HID: multitouch: Add support for GT7868Q
    - scripts: kconfig: merge_config: config files: add a trailing newline
    - platform/surface: aggregator_registry: Add Support for Surface Pro 10
    - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
    - drm/msm/adreno: Fix error return if missing firmware-name
    - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
    - smb/server: fix return value of smb2_open()
    - NFSv4: Fix clearing of layout segments in layoutreturn
    - NFS: Avoid unnecessary rescanning of the per-server delegation list
    - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
    - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
    - mptcp: pm: Fix uaf in __timer_delete_sync
    - arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on
      RK3399 Puma
    - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
      Puma
    - minmax: reduce min/max macro expansion in atomisp driver
    - net: tighten bad gso csum offset check in virtio_net_hdr
    - dm-integrity: fix a race condition when accessing recalc_sector
    - x86/hyperv: fix kexec crash due to VP assist page corruption
    - mm: avoid leaving partial pfn mappings around in error case
    - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E
    - drm/amd/display: Disable error correction if it's not supported
    - drm/amd/display: Fix FEC_READY write on DP LT
    - eeprom: digsy_mtc: Fix 93xx46 driver probe failure
    - cxl/core: Fix incorrect vendor debug UUID define
    - selftests/bpf: Support SOCK_STREAM in unix_inet_redir_to_connected()
    - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
      1.2
    - ice: Fix lldp packets dropping after changing the number of channels
    - ice: fix accounting for filters shared by multiple VSIs
    - ice: fix VSI lists confusion when adding VLANs
    - igb: Always call igb_xdp_ring_update_tail() under Tx lock
    - net/mlx5: Update the list of the PCI supported devices
    - net/mlx5e: Add missing link modes to ptys2ethtool_map
    - net/mlx5e: Add missing link mode to ptys2ext_ethtool_map
    - net/mlx5: Explicitly set scheduling element and TSAR type
    - net/mlx5: Add missing masks and QoS bit masks for scheduling elements
    - net/mlx5: Correct TASR typo into TSAR
    - net/mlx5: Verify support for scheduling element and TSAR type
    - net/mlx5: Fix bridge mode operations when there are no VFs
    - fou: fix initialization of grc
    - octeontx2-af: Modify SMQ flush sequence to drop packets
    - net: ftgmac100: Enable TX interrupt to avoid TX timeout
    - selftests: net: csum: Fix checksums for packets with non-zero padding
    - netfilter: nft_socket: fix sk refcount leaks
    - net: dsa: felix: ignore pending status of TAS module when it's disabled
    - net: dpaa: Pad packets to ETH_ZLEN
    - tracing/osnoise: Fix build when timerlat is not enabled
    - spi: nxp-fspi: fix the KASAN report out-of-bounds bug
    - drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl
    - dma-buf: heaps: Fix off-by-one in CMA heap fault handler
    - drm/nouveau/fb: restore init() for ramgp102
    - drm/amdgpu/atomfirmware: Silence UBSAN warning
    - drm/amd/amdgpu: apply command submission parser for JPEG v1
    - spi: geni-qcom: Undo runtime PM changes at driver exit time
    - spi: geni-qcom: Fix incorrect free_irq() sequence
    - drm/i915/guc: prevent a possible int overflow in wq offsets
    - ASoC: codecs: avoid possible garbage value in peb2466_reg_read()
    - cifs: Fix signature miscalculation
    - pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID
    - ASoC: meson: axg-card: fix 'use-after-free'
    - drm/mediatek: Set sensible cursor width/height values to fix crash
    - Input: edt-ft5x06 - add support for FocalTech FT5452 and FT8719

Source diff to previous version
1786013 Packaging resync
2086138 Noble update: upstream stable patchset 2024-10-31
2085849 Noble update: upstream stable patchset 2024-10-29
2084513 Navi24 RX6300 light up issue on 6.8 kernel
2084941 Noble update: upstream stable patchset 2024-10-18
2083022 [SRU] Fix AST DP output after resume
2078038 UBSAN array-index-out-of-bounds reported with N-6.8 on P9 node baltar
2084526 r8169: transmit queue 0 timed out error when re-plugging the Ethernet cable
2084834 [SRU] cpufreq: intel_pstate: Support Emerald Rapids OOB mode
2081079 [SRU] Ubuntu 24.04 - GPU cannot be installed with DL380a Gen12 (2P, SRF-SP)
2084225 Noble update: upstream stable patchset 2024-10-11
2081786 Fix blank screen on external display after reconnecting the USB type-C
2084005 Noble update: upstream stable patchset 2024-10-09
2082423 Unable to list directories using CIFS on 6.8 kernel
2064176 LXD fan bridge causes blocked tasks
2081863 x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range
2083182 The system hangs after resume with thunderbolt monitor(AMD GPU [1002:1900])
2083701 [SRU] GPU: support additional device ids for DG2 driver
2077861 [SRU]Intel Arrow Lake IBECC feature backport request for ubuntu 22.04.5 and 24.04.1 server
2083794 Noble update: upstream stable patchset 2024-10-07
2083656 Noble update: upstream stable patchset 2024-10-04
2083488 Noble update: upstream stable patchset 2024-10-02
2077287 [SRU]Fail to locate the LED of NVME disk behind Intel VMD
2083196 Noble update: upstream stable patchset 2024-09-30
CVE-2024-46823 In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array does
CVE-2024-46834 In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Com
CVE-2024-46751 In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Inst
CVE-2024-46753 In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(
CVE-2024-46841 In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc(
CVE-2024-46754 In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the l
CVE-2024-46824 In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cache_invalidate_user ops If drivers don
CVE-2024-46842 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info The MBX_TIMEOUT return
CVE-2024-46766 In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queu
CVE-2024-46772 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denomin
CVE-2024-46774 In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns
CVE-2024-46775 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values
CVE-2024-46778 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConf
CVE-2024-46779 In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory
CVE-2024-46792 In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_use
CVE-2024-46793 In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder Since comm
CVE-2024-46735 In the Linux kernel, the following vulnerability has been resolved: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() When two U
CVE-2024-46737 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands alloca
CVE-2024-46822 In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review
CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is s
CVE-2024-46739 In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For prima
CVE-2024-46740 In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and co
CVE-2024-46741 In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix double free of 'buf' in error path smatch warning: drivers/m
CVE-2024-47663 In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_w
CVE-2024-46832 In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed This av
CVE-2024-47668 In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to
CVE-2024-46744 In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-va
CVE-2024-46745 In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercis
CVE-2024-46746 In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks
CVE-2024-47664 In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmwa
CVE-2024-47665 In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely co
CVE-2024-46749 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() This ad
CVE-2024-46750 In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that t
CVE-2024-46752 In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of
CVE-2024-46840 In the Linux kernel, the following vulnerability has been resolved: btrfs: clean up our handling of refs == 0 in snapshot delete In reada we BUG_ON
CVE-2024-46755 In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_ge
CVE-2024-47666 In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_co
CVE-2024-46843 In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd
CVE-2024-46760 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's po
CVE-2024-46761 In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for
CVE-2024-46844 In the Linux kernel, the following vulnerability has been resolved: um: line: always fill *error_out in setup_one_line() The pointer isn't initiali
CVE-2024-46762 In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents s
CVE-2024-46763 In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive
CVE-2024-46765 In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency
CVE-2024-46767 In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing of_node_put() for leds The call of of_get_child_by_name()
CVE-2024-46768 In the Linux kernel, the following vulnerability has been resolved: hwmon: (hp-wmi-sensors) Check if WMI event data exists The BIOS can choose to r
CVE-2024-46770 In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be
CVE-2024-46771 In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warn
CVE-2024-46773 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominat
CVE-2024-47667 In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) Errata #i2037 in
CVE-2024-46835 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix smatch static checker warning adev->gfx.imu.funcs could be NULL
CVE-2024-46776 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Run DC_LOG_DC after checking link->link_enc [WHAT] The DC_LOG_
CVE-2024-46836 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify t
CVE-2024-46777 In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the par
CVE-2024-46825 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_
CVE-2024-46826 In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_sp
CVE-2024-46827 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if the acce
CVE-2024-47669 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit
CVE-2024-46780 In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superb
CVE-2024-46781 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection
CVE-2024-46828 In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness In sch_cake,
CVE-2024-46782 In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read
CVE-2024-46783 In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->
CVE-2024-46784 In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup Currently n
CVE-2024-46785 In the Linux kernel, the following vulnerability has been resolved: eventfs: Use list_del_rcu() for SRCU protected list variable Chi Zhiling report
CVE-2024-46786 In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fs
CVE-2024-46787 In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races arou
CVE-2024-46838 In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUG_ON() if khugepaged yanks our page table Since khugepaged
CVE-2024-46845 In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can
CVE-2024-46788 In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthr
CVE-2024-46846 In the Linux kernel, the following vulnerability has been resolved: spi: rockchip: Resolve unbalanced runtime PM / system PM handling Commit e88257
CVE-2024-46847 In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: ensure vmap_block is initialised before adding to queue Commit 8c6
CVE-2024-46791 In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp25
CVE-2024-46829 In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock()
CVE-2024-46848 In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290
CVE-2024-46794 In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL
CVE-2024-46795 In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null
CVE-2024-46797 In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_s
CVE-2024-46830 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS Grab kvm->srcu wh
CVE-2024-46798 In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the f
CVE-2024-46831 In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear us
CVE-2024-46747 In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup fo
CVE-2024-46725 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix th
CVE-2024-46724 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_chann
CVE-2024-46723 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[
CVE-2024-46743 In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of
CVE-2024-46757 In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix underflows seen when writing limit attributes DIV_ROU
CVE-2024-46759 In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND
CVE-2024-46758 In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CL
CVE-2024-46756 In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes DIV_ROUND_
CVE-2024-46738 In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When
CVE-2024-46722 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that read mc_d
CVE-2024-42284 In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str
CVE-2024-44987 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1
CVE-2024-42301 In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues
CVE-2024-44998 In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't dereference "skb

Version: 6.8.0-1016.17~22.04.1 2024-11-20 14:06:51 UTC

  linux-oracle-6.8 (6.8.0-1016.17~22.04.1) jammy; urgency=medium

  * jammy/linux-oracle-6.8: 6.8.0-1016.17~22.04.1 -proposed tracker
    (LP: #2085930)

  [ Ubuntu: 6.8.0-1016.17 ]

  * noble/linux-oracle: 6.8.0-1016.17 -proposed tracker (LP: #2085931)
  [ Ubuntu: 6.8.0-49.49 ]
  * noble/linux: 6.8.0-49.49 -proposed tracker (LP: #2085942)
  * CVE-2024-46800
    - sch/netem: fix use after free in netem_dequeue
  * mm/folios: xfs hangs with hung task timeouts with corrupted folio pointer
    lists (LP: #2085495)
    - lib/xarray: introduce a new helper xas_get_order
    - mm/filemap: return early if failed to allocate memory for split
    - mm/filemap: optimize filemap folio adding
  * CVE-2024-43882
    - exec: Fix ToCToU between perm check and set-uid/gid usage

  [ Ubuntu: 6.8.0-1015.16 ]

  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] update dependencies to add libtraceevent

 -- Philip Cox <email address hidden> Thu, 07 Nov 2024 12:35:51 -0500

Source diff to previous version
2085495 mm/folios: xfs hangs with hung task timeouts with corrupted folio pointer lists
2076190 perf build disables tracepoint support
CVE-2024-46800 In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues pack
CVE-2024-43882 In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file f

Version: 6.8.0-1015.15~22.04.1 2024-11-06 19:07:06 UTC

  linux-oracle-6.8 (6.8.0-1015.15~22.04.1) jammy; urgency=medium

  * jammy/linux-oracle-6.8: 6.8.0-1015.15~22.04.1 -proposed tracker
    (LP: #2082425)

  [ Ubuntu: 6.8.0-1015.15 ]

  * noble/linux-oracle: 6.8.0-1015.15 -proposed tracker (LP: #2082426)
  [ Ubuntu: 6.8.0-48.48 ]
  * noble/linux: 6.8.0-48.48 -proposed tracker (LP: #2082437)
  * [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel
    CPUs (LP: #2077470)
    - x86/cpu/vfm: Update arch/x86/include/asm/intel-family.h
    - cpufreq: intel_pstate: Allow model specific EPPs
    - cpufreq: intel_pstate: Update default EPPs for Meteor Lake
    - cpufreq: intel_pstate: Switch to new Intel CPU model defines
    - cpufreq: intel_pstate: Update Meteor Lake EPPs
    - cpufreq: intel_pstate: Use Meteor Lake EPPs for Arrow Lake
    - cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids
  * power: Enable intel_rapl driver (LP: #2078834)
    - powercap: intel_rapl: Add support for ArrowLake-H platform
  * x86/vmware: Add TDX hypercall support (LP: #2077729)
    - x86/vmware: Introduce VMware hypercall API
    - x86/vmware: Add TDX hypercall support
  * Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
    (LP: #2076866)
    - mm/mempolicy: use numa_node_id() instead of cpu_to_node()
    - mm/numa_balancing: allow migrate on protnone reference with
      MPOL_PREFERRED_MANY policy
    - mm: convert folio_estimated_sharers() to folio_likely_mapped_shared()
    - mm: factor out the numa mapping rebuilding into a new helper
    - mm: support multi-size THP numa balancing
    - mm/migrate: make migrate_misplaced_folio() return 0 on success
    - mm/migrate: move NUMA hinting fault folio isolation + checks under PTL
    - mm: fix possible OOB in numa_rebuild_large_mapping()
  * Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix
    L2 Guest hang during LTP Test (LP: #2076147)
    - mm: hold PTL from the first PTE while reclaiming a large folio
  * KOP L2 guest fails to boot with 1 core - SMT8 topology (LP: #2070329)
    - KVM: PPC: Book3S HV nestedv2: Add DPDES support in helper library for Guest
      state buffer
    - KVM: PPC: Book3S HV nestedv2: Fix doorbell emulation
  * L2 Guest migration: continuously dumping while running NFS guest migration
    (LP: #2076406)
    - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3
    - KVM: PPC: Book3S HV: Fix the get_one_reg of SDAR
    - KVM: PPC: Book3S HV: Add one-reg interface for DEXCR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest DEXCR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHKEYR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHPKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHPKEYR in sync
  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] perf: reenable libtraceevent
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Fix alsa scarlett2 driver in 6.8 (LP: #2076402)
    - ALSA: scarlett2: Move initialisation code lower in the source
    - ALSA: scarlett2: Implement handling of the ACK notification
  * rtw89: reset IDMEM mode to prevent download firmware failure (LP: #2077396)
    - wifi: rtw89: 885xb: reset IDMEM mode to prevent download firmware failure
  * CVE-2024-43858
    - jfs: Fix array-index-out-of-bounds in diFree
  * CVE-2024-42280
    - mISDN: Fix a use after free in hfcmulti_tx()
  * CVE-2024-42271
    - net/iucv: fix use after free in iucv_sock_close()
  * [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
    (LP: #2060039)
    - powerpc/64s/radix/kfence: map __kfence_pool at page granularity
  * Noble update: upstream stable patchset 2024-09-09 (LP: #2079945)
    - ocfs2: add bounds checking to ocfs2_check_dir_entry()
    - jfs: don't walk off the end of ealist
    - fs/ntfs3: Add a check for attr_names and oatbl
    - fs/ntfs3: Validate ff offset
    - usb: gadget: midi2: Fix incorrect default MIDI2 protocol setup
    - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    - arm64: dts: qcom: qrb4210-rb2: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8996: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sm6350: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq6018: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm630: Disable SS instance in Parkmode for USB
    - ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is paused
    - ALSA: seq: ump: Skip useless ports for static blocks
    - filelock: Fix fcntl/close race recovery compat path
    - tun: add missing verification for short frame
    - tap: add missing verification for short frame
    - s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()
    - ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop
    - arm64: dts: qcom: sc7180: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: sc7280: Disable SuperSpeed instances in park mode
    - arm64: dts: qcom: qrb2210-rb1: switch I2C2 to i2c-gpio
    - arm64: dts: qcom: msm8998: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: ipq8074: Disable SS instance in Parkmode for USB
    - arm64: dts: qcom: sdm845: Disable SS instance in Parkmode for USB
    - Upstream stable to v6.6.43, v6.9.12
  * Noble update: upstream stable patchset 2024-09-02 (LP: #2078304)
    - filelock: Remove locks reliably when fcntl/close race is detected
    - scsi: core: alua: I/O errors for ALUA state transitions
    - scsi: sr: Fix unintentional arithmetic wraparound
    - scsi: qedf: Don't process stag work during unload and recovery
    - scsi: qedf: Wait for stag work during unload
    - scsi: qedf: Set qed_slowpath_params to

Source diff to previous version
2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs
2078834 power: Enable intel_rapl driver
2077729 x86/vmware: Add TDX hypercall support
2076866 Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
2076147 Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix L2 Guest hang during LTP Test
2070329 KOP L2 guest fails to boot with 1 core - SMT8 topology
2076406 L2 Guest migration: continuously dumping while running NFS guest migration
2076190 perf build disables tracepoint support
2077321 Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
2076402 Fix alsa scarlett2 driver in 6.8
2060039 [Ubuntu-24.04] FADump with recommended crash size is making the L1 hang
2079945 Noble update: upstream stable patchset 2024-09-09
2078304 Noble update: upstream stable patchset 2024-09-02
2078041 UBSAN: array-index-out-of-bounds in /build/linux-Z1RxaK/linux-6.8.0/drivers/gpu/drm/amd/amdgpu/../pm/powerplay/hwmgr/processpptables.c:1249:61
2077690 alsa: Headphone and Speaker couldn't output sound intermittently
2077858 Fix ethernet performance on JSL and EHL
2078289 Noble update: upstream stable patchset 2024-08-29
2076675 [SRU][HPE 24.04] Intel FVL NIC FW flash fails with inbox driver, causing driver not detected
2073695 Deadlock occurs while suspending md raid
2076361 Lenovo X12 Detachable Gen 2 unresponsive under light load
2072679 Regression: unable to reach low idle states on Tiger Lake
2077600 Noble update: upstream stable patchset 2024-08-22
2069993 Panels show garbage or flickering when i915.psr2 enabled
2062951 Random flickering with Intel i915 (Gen9 GPUs in 6th-8th gen CPUs) on Linux 6.8
2073583 [SRU][22.04.5]: mpi3mr driver update
2076435 Noble update: upstream stable patchset 2024-08-09
2074380 [UBUNTU 22.04] s390/cpum_cf: make crypto counters upward compatible
CVE-2024-43858 In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree
CVE-2024-42280 In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after callin
CVE-2024-42271 In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called f
CVE-2024-27022 In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a
CVE-2024-41022 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" v
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu

Version: 6.8.0-1014.14~22.04.1 2024-10-16 14:09:52 UTC

  linux-oracle-6.8 (6.8.0-1014.14~22.04.1) jammy; urgency=medium

  * jammy/linux-oracle-6.8: 6.8.0-1014.14~22.04.1 -proposed tracker
    (LP: #2082106)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 6.8.0-1014.14 ]

  * noble/linux-oracle: 6.8.0-1014.14 -proposed tracker (LP: #2082107)
  [ Ubuntu: 6.8.0-47.47 ]
  * noble/linux: 6.8.0-47.47 -proposed tracker (LP: #2082118)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails

 -- Philip Cox <email address hidden> Thu, 03 Oct 2024 15:11:15 -0400

1786013 Packaging resync
CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqu



About   -   Send Feedback to @ubuntu_updates