UbuntuUpdates.org

Package "linux-oem-6.0-tools-host"

Name: linux-oem-6.0-tools-host

Description:

Linux kernel VM host tools
Latest version: 6.0.0-1021.21
Release: jammy (22.04)
Level: security
Repository: main
Head package: linux-oem-6.0

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "linux-oem-6.0-tools-host"

All arch deb package
APT INSTALL

Other versions of "linux-oem-6.0-tools-host" in Jammy

Repository Area Version
updates main 6.0.0-1021.21
PPA: Canonical Kernel Team 6.0.0-1018.18

Changelog

Version: 6.0.0-1015.15 2023-05-10 14:07:26 UTC

  linux-oem-6.0 (6.0.0-1015.15) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1015.15 -proposed tracker (LP: #2016822)

  * CVE-2023-23455
    - net: sched: atm: dont intepret cls results when asked to drop

  * CVE-2023-26545
    - net: mpls: fix stale pointer if allocation fails during device rename

  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

  * CVE-2023-1859
    - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
      condition

  * CVE-2023-0468
    - io_uring: update res mask in io_poll_check_events
    - io_uring: fix tw losing poll events
    - io_uring: cmpxchg for poll arm refs release
    - io_uring: make poll refs more robust
    - io_uring/poll: fix poll_refs race with cancelation

  * CVE-2023-0386
    - ovl: fail on invalid uid/gid mapping at copy up

  * Miscellaneous Ubuntu changes
    - [Config] Update gcc version

 -- Timo Aaltonen <email address hidden> Tue, 18 Apr 2023 16:01:23 +0300
Source diff to previous version
CVE-2023-23455 atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-
CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a
CVE-2023-0468 A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition o
CVE-2023-0386 A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s

Version: 6.0.0-1014.14 2023-04-18 23:07:30 UTC

  linux-oem-6.0 (6.0.0-1014.14) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1014.14 -proposed tracker (LP: #2011920)

  * CVE-2022-4382
    - USB: gadgetfs: Fix race between mounting and unmounting

  * CVE-2023-23559
    - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid

  * CVE-2023-1118
    - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()

  * CVE-2023-26605
    - fs: do not update freeing inode i_io_list

  * CVE-2023-26607
    - ntfs: fix out-of-bounds read in ntfs_attr_find()

  * CVE-2022-36280
    - drm/vmwgfx: Validate the box size for the snooped cursor

  * CVE-2023-1074
    - sctp: fail if no bound addresses can be used for a given scope

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update Ubuntu.md
    - [Packaging] update update.conf

 -- Manuel Diewald <email address hidden> Fri, 31 Mar 2023 17:29:02 +0200
Source diff to previous version
1786013 Packaging resync
CVE-2022-4382 A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a
CVE-2023-23559 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user
CVE-2023-26605 In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.
CVE-2023-26607 In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel
CVE-2023-1074 A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networki

Version: 6.0.0-1013.13 2023-03-27 23:07:19 UTC

  linux-oem-6.0 (6.0.0-1013.13) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1013.13 -proposed tracker (LP: #2008351)

  * CVE-2023-1281
    - net/sched: tcindex: update imperfect hash filters respecting rcu

  * CVE-2023-1032
    - net: avoid double iput when sock_alloc_file fails

  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest

  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS

  * Fix HFP mSBC support on Realtek Bluetooth USB controller (LP: #2007331)
    - Bluetooth: btrtl: Add btrealtek data struct
    - Bluetooth: btusb: Ignore zero length of USB packets on ALT 6 for specific
      chip

 -- Timo Aaltonen <email address hidden> Thu, 16 Mar 2023 17:59:47 +0200
Source diff to previous version
1814234 rtcpie in timers from ubuntu_kernel_selftests randomly failing
CVE-2023-1281 RESERVED
CVE-2023-1032 RESERVED
CVE-2022-2196 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 du

Version: 6.0.0-1012.12 2023-03-02 12:06:59 UTC

  linux-oem-6.0 (6.0.0-1012.12) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1012.12 -proposed tracker (LP: #2004348)

  * CVE-2023-0469
    - io_uring/filetable: fix file reference underflow

  * LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot (LP: #1987998)
    - SAUCE: LSM: Change Landlock from LSMBLOB_NEEDED to LSMBLOB_NOT_NEEDED

  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()

  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets

  * CVE-2022-3567
    - ipv6: Fix data races around sk->sk_prot.

  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow

  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

  * CVE-2022-43945
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()

  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP

  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates

 -- Timo Aaltonen <email address hidden> Fri, 10 Feb 2023 12:37:27 +0200
Source diff to previous version
1987998 LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot
1996892 Expose built-in trusted and revoked certificates
CVE-2023-0469 A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e
CVE-2022-20369 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation
CVE-2023-0461 RESERVED

Version: 6.0.0-1011.11 2023-02-08 23:07:05 UTC

  linux-oem-6.0 (6.0.0-1011.11) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1011.11 -proposed tracker (LP: #2001806)

  * jammy/linux-oem-6.0: 6.0.0-1011.11 -proposed tracker (LP: #2003453)

  * Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.02)

  * Fix speaker mute hotkey doesn't work on Dell G16 series (LP: #2003161)
    - SAUCE: platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010
      table

  * CVE-2023-0179
    - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits

  * Fix headset mic not working issue on Dell Latitude 5340 (LP: #2002013)
    - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254

  * Mediatek FM350-GL wwan module failed to init: Invalid device status 0x1
    (LP: #2002089)
    - SAUCE: Revert "net: wwan: t7xx: Add AP CLDMA"
    - net: devlink: extend info_get() version put to indicate a flash component
    - SAUCE: net: wwan: t7xx: Add AP CLDMA
    - SAUCE: net: wwan: t7xx: Infrastructure for early port configuration
    - SAUCE: net: wwan: t7xx: PCIe reset rescan
    - SAUCE: net: wwan: t7xx: Enable devlink based fw flashing and coredump
      collection
    - SAUCE: net: wwan: t7xx: Devlink documentation

  * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
    - drm/i915/psr: Add continuous full frame bit together with single

 -- Timo Aaltonen <email address hidden> Mon, 23 Jan 2023 20:30:00 +0200
2002812 Revoke \u0026 rotate to new signing key
1786013 Packaging resync
2003161 Fix speaker mute hotkey doesn't work on Dell G16 series
2002013 Fix headset mic not working issue on Dell Latitude 5340
CVE-2023-0179 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits


About   -   Send Feedback to @ubuntu_updates