UbuntuUpdates.org

Package "linux-nvidia-tegra-igx"

Name: linux-nvidia-tegra-igx

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1028.28
Release: jammy (22.04)
Level: security
Repository: main

Links



Other versions of "linux-nvidia-tegra-igx" in Jammy

Repository Area Version
security universe 5.15.0-1008.8
updates main 5.15.0-1028.28
updates universe 5.15.0-1008.8
proposed main 5.15.0-1028.28

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1028.28 2025-06-20 00:07:08 UTC

  linux-nvidia-tegra-igx (5.15.0-1028.28) jammy; urgency=medium

  * jammy/linux-nvidia-tegra-igx: 5.15.0-1028.28 -proposed tracker
    (LP: #2110798)

  [ Ubuntu: 5.15.0-1039.39 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1039.39 -proposed tracker (LP: #2110800)
  * jammy/linux-realtime: 5.15.0-1086.95 -proposed tracker (LP: #2110804)
  * Jammy real-time patch set update: v5.15.183-rt85 (LP: #2111843)
    - rcu/tree: Protect rcu_rdp_is_offloaded() invocations on RT
    - sched: Introduce migratable()
    - arm64: mm: Make arch_faults_on_old_pte() check for migratability
    - printk: rename printk cpulock API and always disable interrupts
    - console: add write_atomic interface
    - kdb: only use atomic consoles for output mirroring
    - serial: 8250: implement write_atomic
    - printk: relocate printk_delay()
    - printk: call boot_delay_msec() in printk_delay()
    - printk: use seqcount_latch for console_seq
    - printk: introduce kernel sync mode
    - printk: move console printing to kthreads
    - printk: add console handover
    - printk: add pr_flush()
    - printk: Enhance the condition check of msleep in pr_flush()
    - sched: Switch wait_task_inactive to HRTIMER_MODE_REL_HARD
    - kthread: Move prio/affinite change into the newly created thread
    - genirq: Move prio assignment into the newly created thread
    - genirq: Disable irqfixup/poll on PREEMPT_RT.
    - efi: Allow efi=runtime
    - mm: Disable zsmalloc on PREEMPT_RT
    - net/core: disable NET_RX_BUSY_POLL on PREEMPT_RT
    - samples/kfifo: Rename read_lock/write_lock
    - crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()
    - mm: Allow only SLUB on PREEMPT_RT
    - mm: page_alloc: Use migrate_disable() in drain_local_pages_wq()
    - mm/scatterlist: Replace the !preemptible warning in sg_miter_stop()
    - mm: Disable NUMA_BALANCING_DEFAULT_ENABLED and TRANSPARENT_HUGEPAGE on
      PREEMPT_RT
    - x86/softirq: Disable softirq stacks on PREEMPT_RT
    - Documentation/kcov: Include types.h in the example.
    - Documentation/kcov: Define `ip' in the example.
    - kcov: Allocate per-CPU memory on the relevant node.
    - kcov: Avoid enable+disable interrupts if !in_task().
    - kcov: Replace local_irq_save() with a local_lock_t.
    - net/sched: sch_ets: properly init all active DRR list handles
    - gen_stats: Add instead Set the value in __gnet_stats_copy_basic().
    - gen_stats: Add gnet_stats_add_queue().
    - mq, mqprio: Use gnet_stats_add_queue().
    - gen_stats: Move remaining users to gnet_stats_add_queue().
    - u64_stats: Introduce u64_stats_set()
    - net: sched: Protect Qdisc::bstats with u64_stats
    - net: sched: Use _bstats_update/set() instead of raw writes
    - net: sched: Merge Qdisc::bstats and Qdisc::cpu_bstats data types
    - net: sched: Remove Qdisc::running sequence counter
    - net: sched: Allow statistics reads from softirq.
    - net: sched: fix logic error in qdisc_run_begin()
    - net: sched: remove one pair of atomic operations
    - net: stats: Read the statistics in ___gnet_stats_copy_basic() instead of
      adding.
    - net: sched: gred: dynamically allocate tc_gred_qopt_offload
    - sched/rt: Annotate the RT balancing logic irqwork as IRQ_WORK_HARD_IRQ
    - irq_work: Allow irq_work_sync() to sleep if irq_work() no IRQ support.
    - irq_work: Handle some irq_work in a per-CPU thread on PREEMPT_RT
    - irq_work: Also rcuwait for !IRQ_WORK_HARD_IRQ on PREEMPT_RT
    - irq_poll: Use raise_softirq_irqoff() in cpu_dead notifier
    - smp: Wake ksoftirqd on PREEMPT_RT instead do_softirq().
    - fs/namespace: Boost the mount_lock.lock owner instead of spinning on
      PREEMPT_RT.
    - fscache: Use only one fscache_object_cong_wait.
    - sched: Clean up the might_sleep() underscore zoo
    - sched: Make cond_resched_*lock() variants consistent vs. might_sleep()
    - sched: Remove preempt_offset argument from __might_sleep()
    - sched: Cleanup might_sleep() printks
    - sched: Make might_sleep() output less confusing
    - sched: Make RCU nest depth distinct in __might_resched()
    - sched: Make cond_resched_lock() variants RT aware
    - locking/rt: Take RCU nesting into account for __might_resched()
    - sched: Limit the number of task migrations per batch on RT
    - sched: Disable TTWU_QUEUE on RT
    - sched: Move kprobes cleanup out of finish_task_switch()
    - sched: Delay task stack freeing on RT
    - sched: Move mmdrop to RCU on RT
    - cgroup: use irqsave in cgroup_rstat_flush_locked()
    - mm: workingset: replace IRQ-off check with a lockdep assert.
    - jump-label: disable if stop_machine() is used
    - locking: Remove rt_rwlock_is_contended()
    - lockdep/selftests: Avoid using local_lock_{acquire|release}().
    - sched: Trigger warning if ->migration_disabled counter underflows.
    - rtmutex: Add a special case for ww-mutex handling.
    - rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable().
    - lockdep: Make it RT aware
    - lockdep/selftests: Add rtmutex to the last column
    - lockdep/selftests: Unbalanced migrate_disable() & rcu_read_lock()
    - lockdep/selftests: Skip the softirq related tests on PREEMPT_RT
    - lockdep/selftests: Adapt ww-tests for PREEMPT_RT
    - locking: Allow to include asm/spinlock_types.h from
      linux/spinlock_types_raw.h
    - sched: Make preempt_enable_no_resched() behave like preempt_enable() on
      PREEMPT_RT
    - kernel/sched: add {put|get}_cpu_light()
    - block/mq: do not invoke preempt_disable()
    - md: raid5: Make raid5_percpu handling RT aware
    - scsi/fcoe: Make RT aware.
    - mm/vmalloc: Another preempt disable region which sucks
    - net: Remove preemption disabling in netif_rx()
    - sunrpc: Make svc_xprt_do_enqueue() use get_cpu_light()
    - softirq: Check preemption after reenabling interrupts
    - mm/memcontrol: Disable on PREEMPT_RT
    - signal: Revert ptrace preempt magic
    - ptrace: fix ptrace vs tasklist_lock race

Source diff to previous version
2111843 Jammy real-time patch set update: v5.15.183-rt85
2111244 Rotate the Canonical Livepatch key
2109537 Jammy generic-64k fails to initialize gVNIC devices
2109601 [UBUNTU 22.04] net/smc: fix neighbour and rtable leak in smc_ib_find_route()
2109355 Jammy update: v5.15.180 upstream stable release
2097389 VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
2075575 kexec fails in LPAR when some cpus are disabled
1786013 Packaging resync
CVE-2025-2312 A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to th
CVE-2024-36945 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route() In smc_ib_find_ro
CVE-2025-22025 In the Linux kernel, the following vulnerability has been resolved: nfsd: put dl_stid if fail to queue dl_recall Before calling nfsd4_run_cb to que
CVE-2025-39735 In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in ea_get() During the "size_check" label in e
CVE-2025-37785 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem wit
CVE-2025-22035 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix use-after-free in print_graph_function_flags during tracer switchin
CVE-2025-22044 In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a
CVE-2025-22045 In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the followin
CVE-2024-46753 In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(
CVE-2025-22050 In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical P
CVE-2024-46812 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration
CVE-2024-46821 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for c
CVE-2025-22054 In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pci_probe() devm_kasprintf() returns NULL whe
CVE-2025-22055 In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length
CVE-2025-22056 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling mul
CVE-2025-22060 In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM
CVE-2025-38637 In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implem
CVE-2025-22063 In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When cal
CVE-2025-22066 In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NUL
CVE-2023-53034 In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There i
CVE-2025-22071 In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufs_create_context() Leak fixes back in 2008 missed one
CVE-2025-22073 In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir()
CVE-2025-21994 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for num_aces field of smb_acl parse_dcal() vali
CVE-2025-38575 In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free(
CVE-2025-22075 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0
CVE-2025-22079 In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate l_tree_depth to avoid out-of-bounds access The l_tree_depth fie
CVE-2025-22081 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the
CVE-2025-22086 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in or
CVE-2025-22089 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f43
CVE-2025-39728 In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsung_clk_init() With UBSAN_ARRAY_BOUNDS=y,
CVE-2025-38152 In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear table_sz when rproc_shutdown There is case as below cou
CVE-2024-58093 In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 45
CVE-2025-22097 In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initia
CVE-2025-23136 In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companio
CVE-2025-23138 In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() mod
CVE-2025-22020 In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This f
CVE-2025-22021 In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does th
CVE-2025-22018 In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg
CVE-2024-56664 In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (wit
CVE-2024-53144 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/ED
CVE-2024-8805 BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to exec
CVE-2025-21996 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() On the off ch
CVE-2025-22014 In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdr_
CVE-2025-21999 In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode
CVE-2025-22008 In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to as
CVE-2025-22004 In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so
CVE-2025-22005 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_
CVE-2025-22007 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() functi
CVE-2025-22010 In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allo
CVE-2025-21941 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scal
CVE-2025-21962 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provid
CVE-2025-21963 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided
CVE-2025-21964 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided
CVE-2025-21968 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-fr
CVE-2025-21956 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign normalized_pix_clk when color depth = 14 [WHY & HOW] A
CVE-2025-21991 In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Curren
CVE-2025-21992 In the Linux kernel, the following vulnerability has been resolved: HID: ignore non-functional sensor in HP 5MP Camera The HP 5MP Camera (USB ID 04
CVE-2025-21957 In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops
CVE-2025-21970 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG dev
CVE-2025-21959 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tr
CVE-2025-21975 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_tab
CVE-2025-21981 In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS (accelerated Receive Flow Ste
CVE-2022-49728 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data Resurrect ubsan overflow
CVE-2022-49636 In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlan_newlink() Blamed commit added back a bug I fixed
CVE-2024-56608 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An iss
CVE-2024-53168 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-u
CVE-2024-56551 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-

Version: 5.15.0-1027.27 2025-06-12 21:09:14 UTC

  linux-nvidia-tegra-igx (5.15.0-1027.27) jammy; urgency=medium

  * jammy/linux-nvidia-tegra-igx: 5.15.0-1027.27 -proposed tracker
    (LP: #2111020)

  [ Ubuntu: 5.15.0-1038.38 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1038.38 -proposed tracker (LP: #2111023)
  * jammy/linux-realtime: 5.15.0-1085.94 -proposed tracker (LP: #2111027)
  * jammy/linux: 5.15.0-141.151 -proposed tracker (LP: #2111052)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2024-56608
    - drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
  * CVE-2024-53168
    - net: make sock_inuse_add() available
    - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket
  * CVE-2024-56551
    - drm/amdgpu: fix usage slab after free

 -- Abdur Rahman <email address hidden> Wed, 28 May 2025 10:28:32 -0400

Source diff to previous version
1786013 Packaging resync
CVE-2024-56608 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An iss
CVE-2024-53168 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-u
CVE-2024-56551 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-

Version: 5.15.0-1026.26 2025-05-27 17:07:36 UTC

  linux-nvidia-tegra-igx (5.15.0-1026.26) jammy; urgency=medium

  * jammy/linux-nvidia-tegra-igx: 5.15.0-1026.26 -proposed tracker
    (LP: #2110316)

  * NVIDIA internal test shows kernel warning during suspend/resume
    (LP: #2110309)
    - SAUCE: Revert "genirq: Make handle_enforce_irqctx() unconditionally
      available"

Source diff to previous version
2110309 NVIDIA internal test shows kernel warning during suspend/resume

Version: 5.15.0-1024.24 2025-05-05 18:07:50 UTC

  linux-nvidia-tegra-igx (5.15.0-1024.24) jammy; urgency=medium

  * jammy/linux-nvidia-tegra-igx: 5.15.0-1024.24 -proposed tracker
    (LP: #2107009)

  [ Ubuntu: 5.15.0-1036.36 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1036.36 -proposed tracker (LP: #2107010)
  * jammy/linux-realtime: 5.15.0-1083.92 -proposed tracker (LP: #2107013)
  * jammy/linux: 5.15.0-139.149 -proposed tracker (LP: #2107038)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2023-52664
    - net: atlantic: eliminate double free in error handling logic
  * CVE-2023-52927
    - netfilter: allow exp not to be removed in nf_ct_find_expectation

 -- Abdur Rahman <email address hidden> Thu, 24 Apr 2025 14:43:39 -0400

Source diff to previous version
1786013 Packaging resync
CVE-2023-52664 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic
CVE-2023-52927 In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_c

Version: 5.15.0-1023.23 2025-04-22 16:07:34 UTC

  linux-nvidia-tegra-igx (5.15.0-1023.23) jammy; urgency=medium

  * jammy/linux-nvidia-tegra-igx: 5.15.0-1023.23 -proposed tracker
    (LP: #2102557)

  * Miscellaneous tegra kernel packaging changes (LP: #2097735)
    - [Packaging] modprobe.d: blacklist upstream imx274

  [ Ubuntu: 5.15.0-1035.35 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1035.35 -proposed tracker (LP: #2102558)
  * apply NVIDIA patches March 31, 2025 (LP: #2105645)
    - NVIDIA: SAUCE: arm64: defconfig: Sanitize defconfig
    - NVIDIA: SAUCE: arm64: defconfig: Enable IP set support
    - NVIDIA: SAUCE: arm64: defconfig: Enable IP raw table support
    - [Config] nvidia-tegra: Explicitly enable IP set support
    - [Config] nvidia-tegra: Explicitly enable IP raw table support
  * jammy/linux-realtime: 5.15.0-1082.91 -proposed tracker (LP: #2102561)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.realtime/dkms-versions -- update from kernel-versions
      (main/2025.03.17)
  * jammy/linux: 5.15.0-138.148 -proposed tracker (LP: #2102587)
  * ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J
    (LP: #2096976)
    - SAUCE: selftest: netfilter: fix null IP field in kci_test_ipsec_offload
  * CVE-2025-21756
    - vsock: Keep the binding until socket destruction
    - vsock: Orphan socket after transport release
  * CVE-2024-50256
    - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
  * CVE-2025-21702
    - pfifo_tail_enqueue: Drop new packet when sch->limit == 0
  * CVE-2025-21703
    - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
  * CVE-2025-21700
    - net: sched: Disallow replacing of child qdisc from one parent to another
  * CVE-2024-46826
    - ELF: fix kernel.randomize_va_space double read
  * CVE-2024-56651
    - can: hi311x: hi3110_can_ist(): fix potential use-after-free
  * iBFT iSCSI out-of-bounds shift UBSAN warning (LP: #2097824)
    - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
  * CVE-2024-50248
    - ntfs3: Add bounds checking to mi_enum_attr()
    - fs/ntfs3: Sequential field availability check in mi_enum_attr()
  * CVE-2022-0995
    - watch_queue: Use the bitmap API when applicable
  * CVE-2024-26837
    - net: bridge: switchdev: Skip MDB replays of deferred events on offload
  * CVE-2025-21701
    - net: avoid race between device unregistration and ethnl ops
  * CVE-2024-57798
    - drm/dp_mst: Skip CSN if topology probing is not done yet
    - drm/dp_mst: Ensure mst_primary pointer is valid in
      drm_dp_mst_handle_up_req()
  * CVE-2024-56658
    - net: defer final 'struct net' free in netns dismantle
  * CVE-2024-35864
    - smb: client: fix potential UAF in smb2_is_valid_lease_break()
  * CVE-2024-35864/CVE-2024-26928
    - smb: client: fix potential UAF in cifs_debug_files_proc_show()

 -- Abdur Rahman <email address hidden> Thu, 03 Apr 2025 18:07:49 -0400

2097735 Miscellaneous tegra kernel packaging changes
2105645 apply NVIDIA patches March 31, 2025
1786013 Packaging resync
2096976 ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J
2097824 iBFT iSCSI out-of-bounds shift UBSAN warning
CVE-2025-21756 In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; thi
CVE-2024-50256 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzb
CVE-2025-21702 In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In
CVE-2025-21703 In the Linux kernel, the following vulnerability has been resolved: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() qdisc_tree_reduce_
CVE-2025-21700 In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion A
CVE-2024-46826 In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_sp
CVE-2024-56651 In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110_can_ist(): fix potential use-after-free The commit a22bd630
CVE-2024-50248 In the Linux kernel, the following vulnerability has been resolved: ntfs3: Add bounds checking to mi_enum_attr() Added bounds checking to make sure
CVE-2022-0995 An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of t
CVE-2024-26837 In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before t
CVE-2025-21701 In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace
CVE-2024-57798 In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() W
CVE-2024-56658 In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-
CVE-2024-35864 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions tha
CVE-2024-26928 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions th



About   -   Send Feedback to @ubuntu_updates