UbuntuUpdates.org

Package "linux-image-unsigned-6.5.0-1024-aws"

Name: linux-image-unsigned-6.5.0-1024-aws

Description:

Linux kernel image for version 6.5.0 on 64 bit x86 SMP

Latest version: 6.5.0-1024.24~22.04.1
Release: jammy (22.04)
Level: updates
Repository: main
Head package: linux-aws-6.5

Links


Download "linux-image-unsigned-6.5.0-1024-aws"


Other versions of "linux-image-unsigned-6.5.0-1024-aws" in Jammy

No other version of this package is available in the Jammy release.

Changelog

Version: 6.5.0-1018.18~22.04.1 2024-04-19 00:07:10 UTC

  linux-aws-6.5 (6.5.0-1018.18~22.04.1) jammy; urgency=medium

  * jammy/linux-aws-6.5: 6.5.0-1018.18~22.04.1 -proposed tracker (LP: #2059685)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  [ Ubuntu: 6.5.0-1018.18 ]

  * mantic/linux-aws: 6.5.0-1018.18 -proposed tracker (LP: #2059686)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26591
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  * iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
    - wifi: iwlwifi: pcie: fix RB status reading

 -- Philip Cox <email address hidden> Fri, 05 Apr 2024 09:24:14 -0400

Source diff to previous version
1786013 Packaging resync
2059143 Remove getabis scripts
2059284 Mantic update: upstream stable patchset 2024-03-27
2056403 Mantic update: upstream stable patchset 2024-03-07
2058808 iwlwifi disconnect and crash - intel wifi7
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2024-26589 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check
CVE-2024-26591 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can

Version: 6.5.0-1017.17~22.04.2 2024-04-10 23:06:56 UTC

  linux-aws-6.5 (6.5.0-1017.17~22.04.2) jammy; urgency=medium

  * Packaging resync (LP: #1786013)
    - debian.aws-6.5/dkms-versions -- update from kernel-versions
      (main/2024.03.04)

 -- Philip Cox <email address hidden> Mon, 25 Mar 2024 13:52:21 -0400

Source diff to previous version
1786013 Packaging resync

Version: 6.5.0-1016.16~22.04.1 2024-03-25 13:07:05 UTC

  linux-aws-6.5 (6.5.0-1016.16~22.04.1) jammy; urgency=medium

  * jammy/linux-aws-6.5: 6.5.0-1016.16~22.04.1 -proposed tracker (LP: #2056029)

  [ Ubuntu: 6.5.0-1016.16 ]

  * mantic/linux-aws: 6.5.0-1016.16 -proposed tracker (LP: #2056030)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/s2024.02.05)
  * mantic/linux: 6.5.0-26.26 -proposed tracker (LP: #2056049)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
    - debian/dkms-versions -- update from kernel-versions (main/s2024.02.05)
  * CVE-2024-26599
    - pwm: Fix out-of-bounds access in of_pwm_single_xlate()
  * CVE-2024-26597
    - net: qualcomm: rmnet: fix global oob in rmnet_policy
  * CVE-2024-1086
    - netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  * CVE-2024-1085
    - netfilter: nf_tables: check if catch-all set element is active in next
      generation

 -- Philip Cox <email address hidden> Wed, 13 Mar 2024 12:06:51 -0400

Source diff to previous version
1786013 Packaging resync
CVE-2024-26599 In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count ==
CVE-2024-26597 In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_op
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_

Version: 6.5.0-1015.15~22.04.1 2024-03-18 14:06:54 UTC

  linux-aws-6.5 (6.5.0-1015.15~22.04.1) jammy; urgency=medium

  * jammy/linux-aws-6.5: 6.5.0-1015.15~22.04.1 -proposed tracker (LP: #2052020)

  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md

  [ Ubuntu: 6.5.0-1015.15 ]

  * mantic/linux-aws: 6.5.0-1015.15 -proposed tracker (LP: #2052021)
  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md
    - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)
  * mantic/linux: 6.5.0-25.25 -proposed tracker (LP: #2052615)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)
  * [SRU][22.04.04]: mpi3mr driver update (LP: #2045233)
    - scsi: mpi3mr: Invoke soft reset upon TSU or event ack time out
    - scsi: mpi3mr: Update MPI Headers to version 3.00.28
    - scsi: mpi3mr: Add support for more than 1MB I/O
    - scsi: mpi3mr: WRITE SAME implementation
    - scsi: mpi3mr: Enhance handling of devices removed after controller reset
    - scsi: mpi3mr: Update driver version to 8.5.0.0.0
    - scsi: mpi3mr: Split off bus_reset function from host_reset
    - scsi: mpi3mr: Add support for SAS5116 PCI IDs
    - scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116
    - scsi: mpi3mr: Increase maximum number of PHYs to 64 from 32
    - scsi: mpi3mr: Add support for status reply descriptor
    - scsi: mpi3mr: driver version upgrade to 8.5.0.0.50
    - scsi: mpi3mr: Refresh sdev queue depth after controller reset
    - scsi: mpi3mr: Clean up block devices post controller reset
    - scsi: mpi3mr: Block PEL Enable Command on Controller Reset and Unrecoverable
      State
    - scsi: mpi3mr: Fetch correct device dev handle for status reply descriptor
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-1
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-2
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-3
    - scsi: mpi3mr: Update driver version to 8.5.1.0.0
  * The display becomes frozen after some time when a HDMI device is connected.
    (LP: #2049027)
    - drm/i915/dmc: Don't enable any pipe DMC events
  * Audio balancing setting doesn't work with the cirrus codec (LP: #2051050)
    - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
  * partproke is broken on empty loopback device (LP: #2049689)
    - block: Move checking GENHD_FL_NO_PART to bdev_add_partition()
  * CVE-2023-51780
    - atm: Fix Use-After-Free in do_vcc_ioctl
  * CVE-2023-6915
    - ida: Fix crash in ida_free when the bitmap is empty
  * Update Ubuntu.md (LP: #2051176)
    - [Packaging] update Ubuntu.md
  * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 /
    J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357)
    - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum
  * Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
    (LP: #2036239)
    - ice: Add driver support for firmware changes for LAG
    - ice: alter feature support check for SRIOV and LAG
  * Mantic update: upstream stable patchset 2024-01-29 (LP: #2051584)
    - Upstream stable to v6.1.67, v6.6.6
    - vdpa/mlx5: preserve CVQ vringh index
    - hrtimers: Push pending hrtimers away from outgoing CPU earlier
    - i2c: designware: Fix corrupted memory seen in the ISR
    - netfilter: ipset: fix race condition between swap/destroy and kernel side
      add/del/test
    - zstd: Fix array-index-out-of-bounds UBSAN warning
    - tg3: Move the [rt]x_dropped counters to tg3_napi
    - tg3: Increment tx_dropped in tg3_tso_bug()
    - kconfig: fix memory leak from range properties
    - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
    - x86: Introduce ia32_enabled()
    - x86/coco: Disable 32-bit emulation by default on TDX and SEV
    - x86/entry: Convert INT 0x80 emulation to IDTENTRY
    - x86/entry: Do not allow external 0x80 interrupts
    - x86/tdx: Allow 32-bit emulation by default
    - dt: dt-extract-compatibles: Handle cfile arguments in generator function
    - dt: dt-extract-compatibles: Don't follow symlinks when walking tree
    - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code
    - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
    - platform/x86: wmi: Skip blocks with zero instances
    - ipv6: fix potential NULL deref in fib6_add()
    - octeontx2-pf: Add missing mutex lock in otx2_get_pauseparam
    - octeontx2-af: Check return value of nix_get_nixlf before using nixlf
    - hv_netvsc: rndis_filter needs to select NLS
    - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
    - r8152: Add RTL8152_INACCESSIBLE checks to more loops
    - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en()
    - mlxbf-bootctl: correctly identify secure boot with development keys
    - platform/mellanox: Add null pointer checks for devm_kasprintf()
    - platform/mellanox: Check devm_hwmon_device_register_with_groups() return
      value
    - arcnet: restoring support for multiple Sohard Arcnet cards
    - octeontx2-pf: consider both Rx and Tx packet stats for adaptive interrupt
      coalescing
    - net: stmmac: fix FPE events losing
    - xsk: Skip polling event check for unbound socket
    - octeontx2-af: fix a use-after-free in rvu_npa_register_reporters
    - i40e: Fix unexpected MFS warning message
    - iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero
    - tcp: fix mid stream window clamp.
    - ionic: fix snprintf format length warning
    - ionic: Fix dim work handling in split interrupt mode
    - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
    - net: atlantic: Fix NULL dereference of skb pointer in
    - net: hns: fix wrong head when modify the tx feature when sending packets
    - net: hns: fix fake link up on xge port
    - octeontx2-af: Adjust Tx

Source diff to previous version
1786013 Packaging resync
2045233 [SRU][22.04.04]: mpi3mr driver update
2049027 The display becomes frozen after some time when a HDMI device is connected.
2049689 partproke is broken on empty loopback device
2051176 Update Ubuntu.md
2036239 Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
2051584 Mantic update: upstream stable patchset 2024-01-29
2051366 Mantic update: upstream stable patchset 2024-01-26
2051231 Mantic update: upstream stable patchset 2024-01-25
2051142 Mantic update: v6.5.13 upstream stable release
2051129 Mantic update: v6.5.12 upstream stable release
2051117 Mantic update: v6.5.11 upstream stable release
2051341 black screen when wake up from s3 with AMD W7600 gfx
2047634 Reject connection when malformed L2CAP signal packet is received
2049412 Mantic update: v6.5.10 upstream stable release
2049202 Mantic update: v6.5.9 upstream stable release
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race conditio
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0582 A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap(
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-6560 An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to c
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.

Version: 6.5.0-1014.14~22.04.1 2024-02-22 23:07:10 UTC

  linux-aws-6.5 (6.5.0-1014.14~22.04.1) jammy; urgency=medium

  * jammy/linux-aws-6.5: 6.5.0-1014.14~22.04.1 -proposed tracker (LP: #2052270)

  [ Ubuntu: 6.5.0-1014.14 ]

  * mantic/linux-aws: 6.5.0-1014.14 -proposed tracker (LP: #2052271)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/s2024.01.08)
  * mantic/linux: 6.5.0-21.21 -proposed tracker (LP: #2052603)
  * The display becomes frozen after some time when a HDMI device is connected.
    (LP: #2049027)
    - drm/i915/dmc: Don't enable any pipe DMC events
  * partproke is broken on empty loopback device (LP: #2049689)
    - block: Move checking GENHD_FL_NO_PART to bdev_add_partition()
  * CVE-2023-51781
    - appletalk: Fix Use-After-Free in atalk_ioctl
  * CVE-2023-51780
    - atm: Fix Use-After-Free in do_vcc_ioctl
  * CVE-2023-6915
    - ida: Fix crash in ida_free when the bitmap is empty
  * CVE-2024-0565
    - smb: client: fix OOB in receive_encrypted_standard()
  * CVE-2024-0582
    - io_uring: enable io_mem_alloc/free to be used in other parts
    - io_uring/kbuf: defer release of mapped buffer rings
  * CVE-2024-0646
    - net: tls, update curr on splice as well

1786013 Packaging resync
2049027 The display becomes frozen after some time when a HDMI device is connected.
2049689 partproke is broken on empty loopback device
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race conditio
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2024-0582 A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap(
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with



About   -   Send Feedback to @ubuntu_updates