UbuntuUpdates.org

Package "linux-riscv"

Name: linux-riscv

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1014.16
Release: jammy (22.04)
Level: security
Repository: main

Links



Other versions of "linux-riscv" in Jammy

Repository Area Version
base main 5.15.0-1007.7
updates main 5.15.0-1014.16
proposed main 5.15.0-1012.13
PPA: Canonical Kernel Team 5.15.0-1015.17

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1014.16 2022-06-08 11:06:36 UTC

  linux-riscv (5.15.0-1014.16) jammy; urgency=medium

  [ Ubuntu: 5.15.0-37.39 ]

  * netfilter newset OOB write (LP: #1976363)
    - netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
  * CVE-2022-1966
    - netfilter: nf_tables: disallow non-stateful expression in sets earlier

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 01 Jun 2022 19:56:09 -0300

Source diff to previous version
1976363 upcoming update - nf oob
CVE-2022-1966 A use-after-free vulnerability was found in the Linux kernel's Netfilt ...

Version: 5.15.0-1011.12 2022-05-24 11:06:26 UTC

  linux-riscv (5.15.0-1011.12) jammy; urgency=medium

  * jammy/linux-riscv: 5.15.0-1011.12 -proposed tracker (LP: #1973917)

  [ Ubuntu: 5.15.0-33.34 ]

  * jammy/linux: 5.15.0-33.34 -proposed tracker (LP: #1973924)
  * CVE-2022-29581
    - net/sched: cls_u32: fix netns refcount changes in u32_change()
  * ext4: limit length to bitmap_maxbytes (LP: #1972281)
    - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
  * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP
    option (LP: #1972740)
    - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE

  [ Ubuntu: 5.15.0-30.31 ]

  * jammy/linux: 5.15.0-30.31 -proposed tracker (LP: #1971685)
  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - debian/dkms-versions -- update from kernel-versions (main/2022.04.18)
  * Intel: enable x86 AMX (LP: #1967750)
    - x86/extable: Tidy up redundant handler functions
    - x86/extable: Get rid of redundant macros
    - x86/mce: Deduplicate exception handling
    - x86/mce: Get rid of stray semicolons
    - x86/extable: Rework the exception table mechanics
    - x86/extable: Provide EX_TYPE_DEFAULT_MCE_SAFE and EX_TYPE_FAULT_MCE_SAFE
    - x86/copy_mc: Use EX_TYPE_DEFAULT_MCE_SAFE for exception fixups
    - x86/fpu: Use EX_TYPE_FAULT_MCE_SAFE for exception fixups
    - x86/extable: Remove EX_TYPE_FAULT from MCE safe fixups
    - x86/fpu/signal: Clarify exception handling in restore_fpregs_from_user()
    - x86/fpu/signal: Move header zeroing out of xsave_to_user_sigframe()
    - x86/fpu/signal: Move xstate clearing out of copy_fpregs_to_sigframe()
    - x86/fpu/signal: Change return type of copy_fpstate_to_sigframe() to boolean
    - x86/fpu/signal: Change return type of copy_fpregs_to_sigframe() helpers to
      boolean
    - x86/signal: Change return type of restore_sigcontext() to boolean
    - x86/fpu/signal: Change return type of fpu__restore_sig() to boolean
    - x86/fpu/signal: Change return type of __fpu_restore_sig() to boolean
    - x86/fpu/signal: Change return code of check_xstate_in_sigframe() to boolean
    - x86/fpu/signal: Change return code of restore_fpregs_from_user() to boolean
    - x86/fpu/signal: Fix missed conversion to correct boolean retval in
      save_xstate_epilog()
    - x86/fpu: Remove pointless argument from switch_fpu_finish()
    - x86/fpu: Update stale comments
    - x86/pkru: Remove useless include
    - x86/fpu: Restrict xsaves()/xrstors() to independent states
    - x86/fpu: Cleanup the on_boot_cpu clutter
    - x86/fpu: Remove pointless memset in fpu_clone()
    - x86/process: Clone FPU in copy_thread()
    - x86/fpu: Do not inherit FPU context for kernel and IO worker threads
    - x86/fpu: Cleanup xstate xcomp_bv initialization
    - x86/fpu/xstate: Provide and use for_each_xfeature()
    - x86/fpu/xstate: Mark all init only functions __init
    - x86/fpu: Move KVMs FPU swapping to FPU core
    - x86/fpu: Replace KVMs home brewed FPU copy from user
    - x86/fpu: Rework copy_xstate_to_uabi_buf()
    - x86/fpu: Mark fpu__init_prepare_fx_sw_frame() as __init
    - x86/fpu: Move context switch and exit to user inlines into sched.h
    - x86/fpu: Clean up CPU feature tests
    - x86/fpu: Make os_xrstor_booting() private
    - x86/fpu: Move os_xsave() and os_xrstor() to core
    - x86/fpu: Move legacy ASM wrappers to core
    - x86/fpu: Make WARN_ON_FPU() private
    - x86/fpu: Move fpregs_restore_userregs() to core
    - x86/fpu: Move mxcsr related code to core
    - x86/fpu: Move fpstate functions to api.h
    - x86/fpu: Remove internal.h dependency from fpu/signal.h
    - x86/sev: Include fpu/xcr.h
    - x86/fpu: Mop up the internal.h leftovers
    - x86/fpu: Replace the includes of fpu/internal.h
    - x86/fpu: Provide a proper function for ex_handler_fprestore()
    - x86/fpu: Replace KVMs home brewed FPU copy to user
    - x86/fpu: Provide struct fpstate
    - x86/fpu: Convert fpstate_init() to struct fpstate
    - x86/fpu: Convert restore_fpregs_from_fpstate() to struct fpstate
    - x86/fpu: Replace KVMs xstate component clearing
    - x86/KVM: Convert to fpstate
    - x86/fpu: Convert tracing to fpstate
    - x86/fpu/regset: Convert to fpstate
    - x86/fpu/signal: Convert to fpstate
    - x86/fpu/core: Convert to fpstate
    - x86/math-emu: Convert to fpstate
    - x86/fpu: Remove fpu::state
    - x86/fpu: Do not leak fpstate pointer on fork
    - x86/process: Move arch_thread_struct_whitelist() out of line
    - x86/fpu: Add size and mask information to fpstate
    - x86/fpu: Use fpstate::size
    - x86/fpu/xstate: Use fpstate for os_xsave()
    - x86/fpu/xstate: Use fpstate for xsave_to_user_sigframe()
    - x86/fpu: Use fpstate in fpu_copy_kvm_uabi_to_fpstate()
    - x86/fpu: Use fpstate in __copy_xstate_to_uabi_buf()
    - x86/fpu/xstate: Use fpstate for copy_uabi_to_xstate()
    - x86/fpu/signal: Use fpstate for size and features
    - x86/fpu: Provide struct fpu_config
    - x86/fpu: Cleanup fpu__init_system_xstate_size_legacy()
    - x86/fpu/xstate: Cleanup size calculations
    - x86/fpu: Move xstate size to fpu_*_cfg
    - x86/fpu: Move xstate feature masks to fpu_*_cfg
    - x86/fpu: Mop up xfeatures_mask_uabi()
    - x86/fpu: Rework restore_regs_from_fpstate()
    - x86/fpu/xstate: Move remaining xfeature helpers to core
    - x86/fpu: Prepare for sanitizing KVM FPU code
    - x86/fpu: Provide infrastructure for KVM FPU cleanup
    - x86/kvm: Convert FPU handling to a single swap buffer
    - x86/fpu: Remove old KVM FPU interface
    - signal: Add an optional check for altstack size
    - x86/signal: Implement sigaltstack size validation
    - x86/fpu/xstate: Provide xstate_calculate_size()
    - x86/fpu: Add members to struct fpu to cache permission information
    - x86/fpu: Add fpu_state_config::legacy_features
    - x86/arch_prctl: Add controls for dynamic XSTATE components
    - x86/fpu: Add basic helpers for dynamically enabled features
    - x86/signal: Use fpu::__

Source diff to previous version
1972281 ext4: limit length to bitmap_maxbytes
1972740 Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
1786013 Packaging resync
1967750 Intel: enable x86 AMX
CVE-2022-29581 Improper Update of Reference Count vulnerability in net/sched of Linux ...

Version: 5.15.0-1008.8 2022-04-26 09:06:22 UTC

  linux-riscv (5.15.0-1008.8) jammy; urgency=medium

  * jammy/linux-riscv: 5.15.0-1008.8 -proposed tracker (LP: #1969506)

  [ Ubuntu: 5.15.0-27.28 ]

  * jammy/linux: 5.15.0-27.28 -proposed tracker (LP: #1968954)

  [ Ubuntu: 5.15.0-26.27 ]

  * jammy/linux: 5.15.0-26.27 -proposed tracker (LP: #1968850)
  * CVE-2022-1016
    - netfilter: nf_tables: initialize registers in nft_do_chain()
  * CVE-2022-1015
    - netfilter: nf_tables: validate registers coming from userspace.
  * CVE-2022-26490
    - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
  * harden indirect calls against BHI attacks (LP: #1967579)
    - objtool: Classify symbols
    - objtool: Explicitly avoid self modifying code in .altinstr_replacement
    - objtool: Shrink struct instruction
    - objtool,x86: Replace alternatives with .retpoline_sites
    - x86/retpoline: Remove unused replacement symbols
    - x86/asm: Fix register order
    - x86/asm: Fixup odd GEN-for-each-reg.h usage
    - x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
    - x86/retpoline: Create a retpoline thunk array
    - x86/alternative: Implement .retpoline_sites support
    - x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
    - x86/alternative: Try inline spectre_v2=retpoline,amd
    - x86/alternative: Add debug prints to apply_retpolines()
    - bpf,x86: Simplify computing label offsets
    - bpf,x86: Respect X86_FEATURE_RETPOLINE*

 -- Andrea Righi <email address hidden> Wed, 20 Apr 2022 07:40:45 +0200

1967579 harden indirect calls against BHI attacks
CVE-2022-26490 st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of



About   -   Send Feedback to @ubuntu_updates