UbuntuUpdates.org

Package "linux-riscv-6.5-headers-6.5.0-45"

Name: linux-riscv-6.5-headers-6.5.0-45

Description:

Header files related to Linux kernel version 6.5.0

Latest version: 6.5.0-45.45.1~22.04.1
Release: jammy (22.04)
Level: updates
Repository: main
Head package: linux-riscv-6.5

Links


Download "linux-riscv-6.5-headers-6.5.0-45"


Other versions of "linux-riscv-6.5-headers-6.5.0-45" in Jammy

No other version of this package is available in the Jammy release.

Changelog

Version: 6.5.0-45.45.1~22.04.1 2024-07-29 15:07:18 UTC

  linux-riscv-6.5 (6.5.0-45.45.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-45.45.1~22.04.1 -proposed tracker
    (LP: #2071997)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.riscv-6.5/dkms-versions -- update from kernel-versions
      (main/s2024.06.10)

  [ Ubuntu: 6.5.0-45.45.1 ]

  * mantic/linux-riscv: 6.5.0-45.45.1 -proposed tracker (LP: #2071998)
  * mantic/linux: 6.5.0-45.45 -proposed tracker (LP: #2072006)
  * CVE-2024-25739
    - ubi: Check for too small LEB size in VTBL code
  * CVE-2024-24857 // CVE-2024-24858
    - Bluetooth: Fix TOCTOU in HCI debugfs implementation

  [ Ubuntu: 6.5.0-44.44.1 ]

  * mantic/linux-riscv: 6.5.0-44.44.1 -proposed tracker (LP: #2068333)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.riscv/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * Miscellaneous Ubuntu changes
    - Revert "riscv: Fix set_huge_pte_at() for NAPOT mapping"
  * mantic/linux: 6.5.0-44.44 -proposed tracker (LP: #2068341)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * Some DUTs can't boot up after installing the proposed kernel on Mantic
    (LP: #2061940)
    - SAUCE: Revert "x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat
      section"
    - SAUCE: Revert "x86/boot: Increase section and file alignment to 4k/512"
    - SAUCE: Revert "x86/boot: Split off PE/COFF .data section"
    - SAUCE: Revert "x86/boot: Drop PE/COFF .reloc section"
    - SAUCE: Revert "x86/boot: Construct PE/COFF .text section from assembler"
    - SAUCE: Revert "x86/boot: Derive file size from _edata symbol"
    - SAUCE: Revert "x86/boot: Define setup size in linker script"
    - SAUCE: Revert "x86/boot: Set EFI handover offset directly in header asm"
    - SAUCE: Revert "x86/boot: Grab kernel_info offset from zoffset header
      directly"
    - SAUCE: Revert "x86/boot: Drop redundant code setting the root device"
    - SAUCE: Revert "x86/boot: Drop references to startup_64"
    - SAUCE: Revert "x86/boot: Omit compression buffer from PE/COFF image memory
      footprint"
    - SAUCE: Revert "x86/boot: Remove the 'bugger off' message"
    - SAUCE: Revert "x86/efi: Drop alignment flags from PE section headers"
    - SAUCE: Revert "x86/efi: Drop EFI stub .bss from .data section"
  * CVE-2023-52880
    - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  * i915 cannot probe successfully on HP ZBook Power 16 G11 (LP: #2067883)
    - drm/i915/mtl: Remove the 'force_probe' requirement for Meteor Lake
  * CVE-2024-26838
    - RDMA/irdma: Fix KASAN issue with tasklet
  * mtk_t7xx WWAN module fails to probe with: Invalid device status 0x1
    (LP: #2049358)
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: PCIe reset rescan"
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: Add AP CLDMA"
    - net: wwan: t7xx: Add AP CLDMA
    - wwan: core: Add WWAN fastboot port type
    - net: wwan: t7xx: Add sysfs attribute for device state machine
    - net: wwan: t7xx: Infrastructure for early port configuration
    - net: wwan: t7xx: Add fastboot WWAN port
  * TCP memory leak, slow network (arm64) (LP: #2045560)
    - net: make SK_MEMORY_PCPU_RESERV tunable
    - net: fix sk_memory_allocated_{add|sub} vs softirqs
  * CVE-2024-26923
    - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
    - af_unix: Fix garbage collector racing against connect()
  * Add support for Quectel EM160R-GL modem [1eac:100d] (LP: #2063399)
    - Add support for Quectel EM160R-GL modem
  * Add support for Quectel RM520N-GL modem [1eac:1007] (LP: #2063529)
    - Add support for Quectel RM520N-GL modem
    - Add support for Quectel RM520N-GL modem
  * [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes (LP: #2046722)
    - scsi: megaraid_sas: Log message when controller reset is requested but not
      issued
    - scsi: megaraid_sas: Driver version update to 07.727.03.00-rc1
  * Fix the RTL8852CE BT FW Crash based on SER false alarm (LP: #2060904)
    - wifi: rtw89: disable txptctrl IMR to avoid flase alarm
    - wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of
      firmware command
  * CVE-2024-23307
    - md/raid5: fix atomicity violation in raid5_cache_count
  * CVE-2024-26889
    - Bluetooth: hci_core: Fix possible buffer overflow
  * CVE-2024-24861
    - media: xc4000: Fix atomicity violation in xc4000_get_frequency
  * CVE-2023-6270
    - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  * CVE-2024-26642
    - netfilter: nf_tables: disallow anonymous set with timeout flag
  * CVE-2024-26926
    - binder: check offset alignment in binder_get_object()
  * CVE-2024-26922
    - drm/amdgpu: validate the parameters of bo mapping operations more clearly
  * CVE-2024-26803
    - net: veth: clear GRO when clearing XDP even when down
  * CVE-2024-26790
    - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
  * CVE-2024-26890
    - Bluetooth: hci_h5: Add ability to allocate memory for private data
    - Bluetooth: btrtl: fix out of bounds memory access
  * CVE-2024-26802
    - stmmac: Clear variable when destroying workqueue
  * CVE-2024-26798
    - fbcon: always restore the old font data in fbcon_do_set_font()
  * RTL8852BE fw security fail then lost WIFI function during suspend/resume
    cycle (LP: #2063096)
    - wifi: rtw89: download firmware with five times retry
  * Fix bluetooth connections with 3.0 device (LP: #2063067)
    - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown
  * CVE-2024-26733
    - arp: Prevent overflow in arp_req_get().
  * CVE-2024-26736
    - afs: Increase buffer size in afs_update_volume_status()
  * CVE-2024-26792
    - btrfs: fix double free of anonymous device after snapshot creation failure
  * CVE-2024-26782
    - mptcp: fix double-free on socket dismantle
  * CVE-2024-26748
    -

Source diff to previous version
1786013 Packaging resync
2061940 Some DUTs can't boot up after installing the proposed kernel on Mantic
2067883 i915 cannot probe successfully on HP ZBook Power 16 G11
2045560 TCP memory leak, slow network (arm64)
2063399 Add support for Quectel EM160R-GL modem [1eac:100d]
2063529 Add support for Quectel RM520N-GL modem [1eac:1007]
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2063067 Fix bluetooth connections with 3.0 device
2060727 The keyboard does not work after latest kernel update
2057734 proc_sched_rt01 from ubuntu_ltp failed
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2059263 Fix acpi_power_meter accessing IPMI region before it's ready
2042546 Include cifs.ko in linux-modules package
2061814 Mantic update: upstream stable patchset 2024-04-16
2059991 Mantic update: upstream stable patchset 2024-04-02
2059068 Mantic update: upstream stable patchset 2024-03-26
CVE-2024-25739 create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing che
CVE-2024-24857 A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity
CVE-2024-24858 A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection o
CVE-2023-52880 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged us
CVE-2024-26838 In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following i
CVE-2024-26923 In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26889 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fix
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2023-6270 A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct n
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2024-26803 In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO aut
CVE-2024-26790 In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (
CVE-2024-26890 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KA
CVE-2024-26802 In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driv
CVE-2024-26798 In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26789 In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced i
CVE-2024-26734 In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The per
CVE-2024-26694 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data was
CVE-2024-26710 In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increa
CVE-2024-26712 In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, wh
CVE-2024-26593 In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheet
CVE-2024-26925 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 6.5.0-42.42.1~22.04.1 2024-07-01 11:07:13 UTC

  linux-riscv-6.5 (6.5.0-42.42.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-42.42.1~22.04.1 -proposed tracker
    (LP: #2068178)

  [ Ubuntu: 6.5.0-42.42.1 ]

  * mantic/linux-riscv: 6.5.0-42.42.1 -proposed tracker (LP: #2068180)
  * mantic/linux: 6.5.0-42.42 -proposed tracker (LP: #2068188)
  * CVE-2024-26925
    - netfilter: nf_tables: release batch on table validation from abort path
    - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element
  * CVE-2024-26809
    - netfilter: nft_set_pipapo: release elements in clone only from destroy path
  * Mantic update: upstream stable patchset 2024-04-02 (LP: #2059991) //
    CVE-2024-26809
    - netfilter: nft_set_pipapo: store index in scratch maps
    - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
    - netfilter: nft_set_pipapo: remove scratch_aligned pointer
  * CVE-2024-26643
    - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
      timeout
  * mantic/linux: 6.5.0-41.41 -proposed tracker (LP: #2065893)
  * CVE-2024-21823
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

 -- Hannah Peuckmann <email address hidden> Thu, 20 Jun 2024 09:51:22 +0200

Source diff to previous version
2059991 Mantic update: upstream stable patchset 2024-04-02
CVE-2024-26925 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow

Version: 6.5.0-40.40.1~22.04.1 2024-06-06 12:07:11 UTC

  linux-riscv-6.5 (6.5.0-40.40.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-40.40.1~22.04.1 -proposed tracker
    (LP: #2063702)

  [ Ubuntu: 6.5.0-40.40.1 ]

  * mantic/linux-riscv: 6.5.0-40.40.1 -proposed tracker (LP: #2063703)
  * mantic/linux: 6.5.0-40.40 -proposed tracker (LP: #2063709)
  * [Mantic] Compile broken on armhf (cc1 out of memory) (LP: #2060446)
    - Revert "minmax: relax check to allow comparison between unsigned arguments
      and signed constants"
    - Revert "minmax: allow comparisons of 'int' against 'unsigned char/short'"
    - Revert "minmax: allow min()/max()/clamp() if the arguments have the same
      signedness."
    - Revert "minmax: add umin(a, b) and umax(a, b)"
  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script
  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284)
    - asm-generic: make sparse happy with odd-sized put_unaligned_*()
    - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
    - arm64: irq: set the correct node for VMAP stack
    - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
    - powerpc: Fix build error due to is_valid_bugaddr()
    - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
    - powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping()
    - x86/boot: Ignore NMIs during very early boot
    - powerpc: pmd_move_must_withdraw() is only needed for
      CONFIG_TRANSPARENT_HUGEPAGE
    - powerpc/lib: Validate size for vector operations
    - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
    - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
      sysfs file
    - debugobjects: Stop accessing objects after releasing hash bucket lock
    - regulator: core: Only increment use_count when enable_count changes
    - audit: Send netlink ACK before setting connection in auditd_set
    - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
    - PNP: ACPI: fix fortify warning
    - ACPI: extlog: fix NULL pointer dereference check
    - ACPI: NUMA: Fix the logic of getting the fake_pxm value
    - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
    - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
      events
    - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
    - jfs: fix array-index-out-of-bounds in dbAdjTree
    - pstore/ram: Fix crash when setting number of cpus to an odd number
    - crypto: octeontx2 - Fix cptvf driver cleanup
    - erofs: fix ztailpacking for subpage compressed blocks
    - crypto: stm32/crc32 - fix parsing list of devices
    - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
    - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
    - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
    - jfs: fix array-index-out-of-bounds in diNewExt
    - arch: consolidate arch_irq_work_raise prototypes
    - s390/vfio-ap: fix sysfs status attribute for AP queue devices
    - s390/ptrace: handle setting of fpc register correctly
    - KVM: s390: fix setting of fpc register
    - SUNRPC: Fix a suspicious RCU usage warning
    - ecryptfs: Reject casefold directory inodes
    - ext4: fix inconsistent between segment fstrim and full fstrim
    - ext4: unify the type of flexbg_size to unsigned int
    - ext4: remove unnecessary check from alloc_flex_gd()
    - ext4: avoid online resizing failures due to oversized flex bg
    - wifi: rt2x00: restart beacon queue when hardware reset
    - selftests/bpf: satisfy compiler by having explicit return in btf test
    - selftests/bpf: Fix pyperf180 compilation failure with clang18
    - wifi: rt2x00: correct wrong BBP register in RxDCOC calibration
    - selftests/bpf: Fix issues in setup_classid_environment()
    - soc: xilinx: Fix for call trace due to the usage of smp_processor_id()
    - soc: xilinx: fix unhandled SGI warning message
    - scsi: lpfc: Fix possible file string name overflow when updating firmware
    - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
    - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
    - net: usb: ax88179_178a: avoid two consecutive device resets
    - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
    - ARM: dts: imx7d: Fix coresight funnel ports
    - ARM: dts: imx7s: Fix lcdif compatible
    - ARM: dts: imx7s: Fix nand-controller #size-cells
    - wifi: ath9k: Fix potential array-index-out-of-bounds read in
      ath9k_htc_txstatus()
    - wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early
    - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
    - scsi: libfc: Don't schedule abort twice
    - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
    - bpf: Set uattr->batch.count as zero before batched update or deletion
    - wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
    - ARM: dts: rockchip: fix rk3036 hdmi ports node
    - ARM: dts: imx25/27-eukrea: Fix RTC node name
    - ARM: dts: imx: Use flash@0,0 pattern
    - ARM: dts: imx27: Fix sram node
    - ARM: dts: imx1: Fix sram node
    - net: phy: at803x: fix passing the wrong reference for config_intr
    - ionic: pass opcode to devcmd_wait
    - ionic: bypass firmware cmds when stuck in reset
    - block/rnbd-srv: Check for unlikely string overflow
    - ARM: dts: imx25: Fix the iim compatible string
    - ARM: dts: imx25/27: Pass timing0
    - ARM: dts: imx27-apf27dev: Fix LED name
    - ARM: dts: imx23-sansa: Use preferred i2c-gpios properties
    - ARM: dts: imx23/28: Fix the DMA controller node name
    - scsi: hisi_sas: Set .phy_attached before notifing phyup event
      HISI_PHYE_PHY_UP_PM
    - ice: fix ICE_AQ_VSI_Q_OPT_RSS_

Source diff to previous version
2060446 [Mantic] Compile broken on armhf (cc1 out of memory)
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2059284 Mantic update: upstream stable patchset 2024-03-27
2059068 Mantic update: upstream stable patchset 2024-03-26
2056418 Fix headphone mic detection issue on ALC897
2057430 The screen brightness is unable to adjust on BOE panel DPN#R6FD8
2049733 Dynamically determine acpi_handle_list size
2056403 Mantic update: upstream stable patchset 2024-03-07
CVE-2024-26582 In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_s
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one

Version: 6.5.0-35.35.1~22.04.1 2024-05-13 18:07:25 UTC

  linux-riscv-6.5 (6.5.0-35.35.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-35.35.1~22.04.1 -proposed tracker
    (LP: #2063571)

  [ Ubuntu: 6.5.0-35.35.1 ]

  * mantic/linux-riscv: 6.5.0-35.35.1 -proposed tracker (LP: #2063572)
  * mantic/linux: 6.5.0-35.35 -proposed tracker (LP: #2063581)
  * cifs: Copying file to same directory results in page fault (LP: #2060919)
    - SAUCE: Revert "cifs: fix flushing folio regression for 6.1 backport"
  * CVE-2024-26805
    - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
  * CVE-2024-26801
    - Bluetooth: Avoid potential use-after-free in hci_error_reset
  * CVE-2024-26704
    - ext4: fix double-free of blocks due to wrong extents moved_len
  * CVE-2023-52601
    - jfs: fix array-index-out-of-bounds in dbAdjTree
  * CVE-2024-26635
    - llc: Drop support for ETH_P_TR_802_2.
  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()
  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create
  * CVE-2024-52615
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
  * CVE-2024-52602
    - jfs: fix slab-out-of-bounds Read in dtSearch
  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  * CVE-2024-2201
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)

 -- Emil Renner Berthing <email address hidden> Wed, 01 May 2024 12:51:50 +0200

Source diff to previous version
2060919 cifs: Copying file to same directory results in page fault
CVE-2024-26805 In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported
CVE-2024-26801 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the
CVE-2024-26704 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_ext
CVE-2023-52601 In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound chec
CVE-2024-26635 In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(
CVE-2024-26614 In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-2201 Native Branch History Injection

Version: 6.5.0-28.29.1~22.04.1 2024-04-19 00:07:10 UTC

  linux-riscv-6.5 (6.5.0-28.29.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-28.29.1~22.04.1 -proposed tracker
    (LP: #2059697)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  [ Ubuntu: 6.5.0-28.29.1 ]

  * mantic/linux-riscv: 6.5.0-28.29.1 -proposed tracker (LP: #2059698)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26591
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  * iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
    - wifi: iwlwifi: pcie: fix RB status reading

 -- Hannah Peuckmann <email address hidden> Mon, 08 Apr 2024 08:49:19 +0200

1786013 Packaging resync
2059143 Remove getabis scripts
2059284 Mantic update: upstream stable patchset 2024-03-27
2056403 Mantic update: upstream stable patchset 2024-03-07
2058808 iwlwifi disconnect and crash - intel wifi7
CVE-2023-52600 In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, th
CVE-2023-52603 In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the followin
CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on
CVE-2024-26589 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check
CVE-2024-26591 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can



About   -   Send Feedback to @ubuntu_updates