UbuntuUpdates.org

Package "linux-xilinx-zynqmp-tools-host"

Name: linux-xilinx-zynqmp-tools-host

Description:

Linux kernel VM host tools

Latest version: 5.15.0-1038.42
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: linux-xilinx-zynqmp

Links


Download "linux-xilinx-zynqmp-tools-host"


Other versions of "linux-xilinx-zynqmp-tools-host" in Jammy

Repository Area Version
security universe 5.15.0-1038.42
proposed universe 5.15.0-1034.38
PPA: Canonical Kernel Team 5.15.0-1038.42

Changelog

Version: 5.15.0-1030.34 2024-06-03 16:07:12 UTC

  linux-xilinx-zynqmp (5.15.0-1030.34) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1030.34 -proposed tracker (LP: #2063760)

  * Revert "crypto: api - Disallow identical driver names" (LP: #2064724)
    - Revert "crypto: api - Disallow identical driver names"

  [ Ubuntu: 5.15.0-112.122 ]

  * jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)
  * CVE-2024-21823
    - dmanegine: idxd: reformat opcap output to match bitmap_parse() input
    - dmaengine: idxd: add WQ operation cap restriction support
    - dmaengine: idxd: add knob for enqcmds retries
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

  [ Ubuntu: 5.15.0-111.121 ]

  * jammy/linux: 5.15.0-111.121 -proposed tracker (LP: #2063763)
  * RTL8852BE fw security fail then lost WIFI function during suspend/resume
    cycle (LP: #2063096)
    - wifi: rtw89: download firmware with five times retry
  * Mount CIFS fails with Permission denied (LP: #2061986)
    - cifs: fix ntlmssp auth when there is no key exchange
  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown
  * Jammy update: v5.15.153 upstream stable release (LP: #2063290)
    - io_uring/unix: drop usage of io_uring socket
    - io_uring: drop any code related to SCM_RIGHTS
    - selftests: tls: use exact comparison in recv_partial
    - ASoC: rt5645: Make LattePanda board DMI match more precise
    - x86/xen: Add some null pointer checking to smp.c
    - MIPS: Clear Cause.BD in instruction_pointer_set
    - HID: multitouch: Add required quirk for Synaptics 0xcddc device
    - gen_compile_commands: fix invalid escape sequence warning
    - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
    - RDMA/mlx5: Relax DEVX access upon modify commands
    - riscv: dts: sifive: add missing #interrupt-cells to pmic
    - x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
    - x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
    - net/iucv: fix the allocation size of iucv_path_table array
    - parisc/ftrace: add missing CONFIG_DYNAMIC_FTRACE check
    - block: sed-opal: handle empty atoms when parsing response
    - dm-verity, dm-crypt: align "struct bvec_iter" correctly
    - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
    - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
    - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
    - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
    - firewire: core: use long bus reset on gap count error
    - ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
    - Input: gpio_keys_polled - suppress deferred probe error for gpio
    - ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
    - ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
    - ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
    - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
    - s390/dasd: put block allocation in separate function
    - s390/dasd: add query PPRC function
    - s390/dasd: add copy pair setup
    - s390/dasd: add autoquiesce feature
    - s390/dasd: Use dev_*() for device log messages
    - s390/dasd: fix double module refcount decrement
    - fs/select: rework stack allocation hack for clang
    - md: Don't clear MD_CLOSING when the raid is about to stop
    - lib/cmdline: Fix an invalid format specifier in an assertion msg
    - time: test: Fix incorrect format specifier
    - rtc: test: Fix invalid format specifier.
    - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
    - timekeeping: Fix cross-timestamp interpolation on counter wrap
    - timekeeping: Fix cross-timestamp interpolation corner case decision
    - timekeeping: Fix cross-timestamp interpolation for non-x86
    - sched/fair: Take the scheduling domain into account in select_idle_core()
    - wifi: ath10k: fix NULL pointer dereference in
      ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()
    - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
    - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
    - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
    - wifi: b43: Disable QoS for bcm4331
    - wifi: wilc1000: fix declarations ordering
    - wifi: wilc1000: fix RCU usage in connect path
    - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
    - wifi: wilc1000: fix multi-vif management when deleting a vif
    - wifi: mwifiex: debugfs: Drop unnecessary error check for
      debugfs_create_dir()
    - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
    - cpufreq: Explicitly include correct DT includes
    - cpufreq: mediatek-hw: Wait for CPU supplies before probing
    - sock_diag: annotate data-races around sock_diag_handlers[family]
    - inet_diag: annotate data-races around inet_diag_table[]
    - bpftool: Silence build warning about calloc()
    - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
    - cpufreq: mediatek-hw: Don't error out if supply is not found
    - arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL i.MX8MM
    - arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals on BL
      board
    - arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on SD
      card
    - arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card IO
      voltage
    - arm64: dts: imx8mm-kontron: Disable pull resistors for SD card signals on BL
      board
    - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
    - wifi: iwlwifi: mvm: report beacon protection failures
    - wifi: iwlwifi: dbg-tlv: ensure NUL termination
    - wifi: iwlwifi: fix EWRD table validity check
    - arm64:

Source diff to previous version
2064724 Revert \
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(

Version: 5.15.0-1027.31 2024-03-13 04:07:10 UTC

  linux-xilinx-zynqmp (5.15.0-1027.31) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1027.31 -proposed tracker (LP: #2054500)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2024.02.07)

  * Fix backported kria device tree changes (LP: #2054366)
    - SAUCE: zynqmp.dtsi fix incorrectly backported changes

  [ Ubuntu: 5.15.0-94.104 ]

  * jammy/linux: 5.15.0-94.104 -proposed tracker (LP: #2048777)
  * [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
    (LP: #2028158)
    - device-dax: Fix duplicate 'hmem' device registration
  * Add ODM driver f81604 usb-can (LP: #2045387)
    - can: usb: f81604: add Fintek F81604 support
    - [Config] updateconfigs for ODM drivers CONFIG_CAN_F81604
  * Add ODM driver gpio-m058ssan (LP: #2045386)
    - SAUCE: ODM: gpio: add M058SSAN gpio driver
    - [Config] updateconfigs for ODM drivers CONFIG_GPIO_M058SSAN
  * Add ODM driver rtc-pcf85263 (LP: #2045385)
    - SAUCE: ODM: rtc: add PCF85263 RTC driver
    - [Config] updateconfigs for ODM drivers CONFIG_RTC_DRV_PCF85263
  * AppArmor patch for mq-posix interface is missing in jammy (LP: #2045384)
    - SAUCE: (no-up) apparmor: reserve mediation classes
    - SAUCE: (no-up) apparmor: Add fine grained mediation of posix mqueues
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts

  [ Ubuntu: 5.15.0-93.103 ]

  * jammy/linux: 5.15.0-93.103 -proposed tracker (LP: #2048330)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] remove helper scripts
    - [Packaging] update annotations scripts
    - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)
  * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
    - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
  * CVE-2023-6622
    - netfilter: nf_tables: bail out on mismatching dynset and set expressions
  * CVE-2024-0193
    - netfilter: nf_tables: skip set commit for deleted/destroyed sets
  * CVE-2023-6040
    - netfilter: nf_tables: Reject tables of unsupported family
  * Patches needed for AmpereOne (arm64) (LP: #2044192)
    - clocksource/arm_arch_timer: Add build-time guards for unhandled register
      accesses
    - clocksource/drivers/arm_arch_timer: Drop CNT*_TVAL read accessors
    - clocksource/drivers/arm_arch_timer: Extend write side of timer register
      accessors to u64
    - clocksource/drivers/arm_arch_timer: Move system register timer programming
      over to CVAL
    - clocksource/drivers/arm_arch_timer: Move drop _tval from erratum function
      names
    - clocksource/drivers/arm_arch_timer: Fix MMIO base address vs callback
      ordering issue
    - clocksource/drivers/arm_arch_timer: Move MMIO timer programming over to CVAL
    - clocksource/drivers/arm_arch_timer: Advertise 56bit timer to the core code
    - clocksource/drivers/arm_arch_timer: Work around broken CVAL implementations
    - clocksource/drivers/arm_arch_timer: Remove any trace of the TVAL programming
      interface
    - clocksource/drivers/arm_arch_timer: Drop unnecessary ISB on CVAL programming
    - clocksource/drivers/arm_arch_timer: Fix masking for high freq counters
    - clocksource/drivers/arch_arm_timer: Move workaround synchronisation around
  * Add quirk to disable i915 fastboot on B&R PC (LP: #2047630)
    - SAUCE: i915: force disable fastboot quirk
  * Some machines can't pass the pm-graph test (LP: #2046217)
    - wifi: iwlwifi: pcie: rescan bus if no parent
  * Sound: Add rtl quirk of M90-Gen5 (LP: #2046105)
    - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
  * linux tools packages for derived kernels refuse to install simultaneously
    due to libcpupower name collision (LP: #2035971)
    - [Packaging] Statically link libcpupower into cpupower tool
  * [Debian] autoreconstruct - Do not generate chmod -x for deleted files
    (LP: #2045562)
    - [Debian] autoreconstruct - Do not generate chmod -x for deleted files
  * CVE-2023-6931
    - perf/core: Add a new read format to get a number of lost samples
    - perf: Fix perf_event_validate_size()
    - perf: Fix perf_event_validate_size() lockdep splat
  * CVE-2023-6932
    - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
  * CVE-2023-6606
    - smb: client: fix OOB in smbCalcSize()
  * CVE-2023-6817
    - netfilter: nft_set_pipapo: skip inactive elements during set walk
  * Jammy update: v5.15.136 upstream stable release (LP: #2046008)
    - iommu/vt-d: Avoid memory allocation in iommu_suspend()
    - scsi: core: Use a structure member to track the SCSI command submitter
    - scsi: core: Rename scsi_mq_done() into scsi_done() and export it
    - scsi: ib_srp: Call scsi_done() directly
    - RDMA/srp: Do not call scsi_done() from srp_abort()
    - RDMA/cxgb4: Check skb value for failure to allocate
    - perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
    - of: overlay: Reorder struct fragment fields kerneldoc
    - platform/x86: think-lmi: Fix reference leak
    - platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section
      mismatch warning
    - lib/test_meminit: fix off-by-one error in test_pages()
    - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
    - quota: Fix slow quotaoff
    - net: prevent address rewrite in kernel_bind()
    - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset
    - KEYS: trusted: allow use of kernel RNG for key material
    - KEYS: trusted: Remove redundant static calls usage
    - drm/msm/dp: do not reinitialize phy unless retry during link training
    - drm/msm/dsi: skip the wait for video mode done if not applicable
    - drm/msm/dsi: fix irq_of_parse_and_map() error checking
    - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow
    - ravb: Fix up dma_free_coherent() call in ravb_remove()
    - ravb: Fix us

Source diff to previous version
1786013 Packaging resync
2054366 Fix backported kria device tree changes
2028158 [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
2045387 Add ODM driver f81604 usb-can
2045386 Add ODM driver gpio-m058ssan
2045385 Add ODM driver rtc-pcf85263
2045384 AppArmor patch for mq-posix interface is missing in jammy
2047382 Hotplugging SCSI disk in QEMU VM fails
2044192 Patches needed for AmpereOne (arm64)
2047630 Add quirk to disable i915 fastboot on B\u0026R PC
2035971 linux tools packages for derived kernels refuse to install simultaneously due to libcpupower name collision
2045562 [Debian] autoreconstruct - Do not generate chmod -x for deleted files
2046008 Jammy update: v5.15.136 upstream stable release
2045809 Jammy update: v5.15.135 upstream stable release
2029405 Change in trace file leads to test timeout in ftrace tests on 5.15 ARM64
2041842 Kernel doesn't compile with CONFIG_IMA
2044023 Jammy update: v5.15.134 upstream stable release
2043422 Jammy update: v5.15.133 upstream stable release
2041702 Jammy update: v5.15.132 upstream stable release
CVE-2023-6622 A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue ma
CVE-2024-0193 A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is r
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-6817 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-46813 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checki
CVE-2023-6111 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-32252 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF co
CVE-2023-6176 A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.

Version: 5.15.0-1025.29 2023-12-04 15:07:00 UTC

  linux-xilinx-zynqmp (5.15.0-1025.29) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1025.29 -proposed tracker (LP: #2036376)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/d2023.10.10)

  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8

  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET

  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] Mark sh-sci as built-in

  * Jammy update: v5.15.107 upstream stable release (LP: #2023320)
    - [Config] updateconfigs for ns module merger

  * Jammy update: v5.15.105 upstream stable release (LP: #2023230)
    - [Config] updateconfigs for SERIAL_8250_ASPEED_VUART

  * Add K24 device tree (LP: #2040354)
    - SAUCE: arm64: zynqmp: Add K24 device trees
    - SAUCE: arm64: dts: Build dtbs for k24 carrier board

  * K26 QSPI MTD Definition Correction (LP: #2032972)
    - arm64: zynqmp: Fix User MTD partition size

  * Move experimental ubuntu drivers to staging (LP: #2036370)
    - ubuntu/staging: Move out of tree Xilinx drivers into staging directory
    - modpost: Add staging flag to drivers in ubuntu/staging

  * [kr260] Kernel snap does not boot (LP: #2028505)
    - Fix kernel snap to support KR260

  [ Ubuntu: 5.15.0-88.98 ]

  * jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
  * CVE-2023-4244
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * PCI BARs larger than 128GB are disabled (LP: #2037403)
    - PCI: Support BAR sizes up to 8TB
  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Jammy update: v5.15.126 upstream stable release (LP: #2037593)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - arm64: errata: Add workaround for TSB flush failures
    - arm64: errata: Add detection for TRBE write to out-of-range
    - [Config] updateconfigs for ARM64_ERRATUM_ and
      ARM64_WORKAROUND_TSB_FLUSH_FAILURE
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix kernel-doc warnings
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: Switch to use dev_err_probe() helper
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp

Source diff to previous version
1786013 Packaging resync
2030107 Jammy update: v5.15.117 upstream stable release
2030239 Jammy update: v5.15.118 upstream stable release
2022361 Please enable Renesas RZ platform serial installer
2023320 Jammy update: v5.15.107 upstream stable release
2023230 Jammy update: v5.15.105 upstream stable release
2040354 Add K24 device tree
2037403 PCI BARs larger than 128GB are disabled
2037077 Fix unstable audio at low levels on Thinkpad P1G4
1945989 Check for changes relevant for security certifications
2037593 Jammy update: v5.15.126 upstream stable release
2036843 Jammy update: v5.15.125 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2035166 NULL Pointer Dereference During KVM MMU Page Invalidation
2034479 Fix suspend hang on Lenovo workstation
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2035400 Jammy update: v5.15.124 upstream stable release
2034612 Jammy update: v5.15.123 upstream stable release
2036675 5.15.0-85 live migration regression
2035181 Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95
2034447 `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
2033122 Request backport of xen timekeeping performance improvements
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2019880 ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on jammy/fips
2019868 ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
2028122 Fix unreliable ethernet cable detection on I219 NIC
2031333 Need to get fine-grained control for FAN(TFN) Participant.
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2032176 Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel 5.19.0-46.47-22.04.1
2032690 Jammy update: v5.15.122 upstream stable release
2032689 Jammy update: v5.15.121 upstream stable release
2032688 Jammy update: v5.15.120 upstream stable release
2032683 Jammy update: v5.15.119 upstream stable release
2031093 libgnutls report \
2015400 losetup with mknod fails on jammy with kernel 5.15.0-69-generic
2029401 Jammy update: v5.15.116 upstream stable release
2028550 Backport support to tolerate ZSTD compressed firmware files
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026028 usbrtl sometimes doesn't reload firmware
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028799 Jammy update: v5.15.115 upstream stable release
2028701 Jammy update: v5.15.114 upstream stable release
2028408 Jammy update: v5.15.113 upstream stable release
2026607 Jammy update: v5.15.112 upstream stable release
2025095 Jammy update: v5.15.111 upstream stable release
2025090 Jammy update: v5.15.110 upstream stable release
2024265 Jammy update: v5.15.109 upstream stable release
2024900 Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present
2008745 [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
1853306 [22.04 FEAT] Enhanced Interpretation for PCI Functions on s390x - kernel part
2003374 Undefined Behavior Sanitizer (UBSAN) causes failure to match symbols
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2023311 Resolve synchronous exception on arm64
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2003053 NFS: client permission error after adding user to permissible group
2022098 Severe NFS performance degradation after LP #2003053
2020319 Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest
2023328 Jammy update: v5.15.108 upstream stable release
2023233 Jammy update: v5.15.106 upstream stable release
2023225 Jammy update: v5.15.104 upstream stable release
2023224 Jammy update: v5.15.103 upstream stable release
2020393 Jammy update: v5.15.102 upstream stable release
2020391 Jammy update: v5.15.101 upstream stable release
2020387 Jammy update: v5.15.100 upstream stable release
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-4155 A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in t ...
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-4015 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-3995 ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147.
CVE-2023-3777 netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3439 A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard deta
CVE-2023-3141 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker
CVE-2022-48502 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

Version: 5.15.0-1023.27 2023-07-26 12:07:05 UTC

  linux-xilinx-zynqmp (5.15.0-1023.27) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1023.27 -proposed tracker (LP: #2025252)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

  * Miscellaneous upstream changes
    - drivers:media Ar1335: Add MODULE DEVICE TABLE entry

  [ Ubuntu: 5.15.0-76.83 ]

  * jammy/linux: 5.15.0-76.83 -proposed tracker (LP: #2023905)
  * cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
    - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
  * Some INVLPG implementations can leave Global translations unflushed when
    PCIDs are enabled (LP: #2023220)
    - x86/mm: Avoid incomplete Global INVLPG flushes

  [ Ubuntu: 5.15.0-75.82 ]

  * jammy/linux: 5.15.0-75.82 -proposed tracker (LP: #2023065)
  * Jammy update: v5.15.102 upstream stable release (LP: #2020393)
    - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo when calling the old config-check
    - [Packaging] fix typo in 4-checks.mk
  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts

 -- Wen-chien Jesse Sung <email address hidden> Wed, 28 Jun 2023 23:01:40 +0800

Source diff to previous version
1786013 Packaging resync
2023577 cls_flower: off-by-one in fl_set_geneve_opt
2020393 Jammy update: v5.15.102 upstream stable release
2020413 fix typo in config-checks invocation
2020531 support python \u003c 3.9 with annotations

Version: 5.15.0-1022.26 2023-06-16 00:07:39 UTC

  linux-xilinx-zynqmp (5.15.0-1022.26) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1022.26 -proposed tracker (LP: #2019520)

  * Use new annotations model (LP: #2019000)
    - [Config] migrate zynqmp config into annotations

  * Update k26 Linux device tree to pull in qspi partition layout changes
    - arm64: zynqmp: Add mtd partition for secure OS storage area

  * ap1302: add support for test pattern mode
    - media: i2c: ap1302: Add test pattern control

  * KR260 Device Tree Patch
    - Added GEM TSU clock properties to KR260 PS GEMs

  * KR260 PL eth ports causing kernel panic with kr07 image
    - net: axienet: Remove repeated MDIO setup
    - net: axienet: Remove repeated RX skb handling
    - net: xilinx: Correct skb passed in error handling path

  * mv-camera-sensor-module: Add support for Y10/Y12 formats
    - mv-camera-sensor-module: Add support for Y10/Y12 formats

  * Submit kernel patches for AR1335 driver
    - media:i2c AR1335 Camera sensor driver support
    - media: dt-bindings: media: i2c: Add bindings for AR1335
    - [Config] Enable AR1335 driver as a kernel module

  * Update AMD TSN Preemption and minor bug fixes
    - lib: add reference counting tracking infrastructure
    - net: add net device refcount tracker infrastructure
    - netlink: add net device refcount tracker to struct ethnl_req_info
    - ethtool: use ethnl_parse_header_dev_put()
    - net: ethtool: netlink: introduce ethnl_update_bool()
    - net: ethtool: add support for MAC Merge layer
    - docs: ethtool-netlink: document interface for MAC Merge layer
    - net: ethtool: netlink: retrieve stats from multiple sources (eMAC, pMAC)
    - docs: ethtool: document ETHTOOL_A_STATS_SRC and ETHTOOL_A_PAUSE_STATS_SRC
    - net: ethtool: add helpers for aggregate statistics
    - net: ethtool: add helpers for MM fragment size translation
    - net: dsa: add plumbing for changing and getting MAC merge layer state
    - net: ethtool: fix NULL pointer dereference in stats_prepare_data()
    - net: ethtool: fix NULL pointer dereference in pause_prepare_data()
    - net: ethtool: provide shims for stats aggregation helpers when
      CONFIG_ETHTOOL_NETLINK=n
    - ethtool: mm: fix get_mm() return code not propagating to user space
    - net: ethtool: fix __ethtool_dev_mm_supported() implementation
    - staging: xilinx-tsn: Add support to configure MAC merge parameters via
      ethtool
    - staging: xilinx-tsn: defer temac and switch probe when ep is not probed.
    - staging: xilinx-tsn: don't exit probe when ep mac address is not found
    - staging: xilinx-tsn: warn user when temac and ep mac address dont match

  [ Ubuntu: 5.15.0-74.81 ]

  * jammy/linux: 5.15.0-74.81 -proposed tracker (LP: #2019420)
  * smartpqi: Update 22.04 driver to include recent bug fixes and support
    current generation devices (LP: #1998643)
    - scsi: smartpqi: Switch to attribute groups
    - scsi: smartpqi: Fix rmmod stack trace
    - scsi: smartpqi: Add PCI IDs
    - scsi: smartpqi: Enable SATA NCQ priority in sysfs
    - scsi: smartpqi: Eliminate drive spin down on warm boot
    - scsi: smartpqi: Quickly propagate path failures to SCSI midlayer
    - scsi: smartpqi: Fix a name typo and cleanup code
    - scsi: smartpqi: Fix a typo in func pqi_aio_submit_io()
    - scsi: smartpqi: Resolve delay issue with PQI_HZ value
    - scsi: smartpqi: Avoid drive spin-down during suspend
    - scsi: smartpqi: Update volume size after expansion
    - scsi: smartpqi: Speed up RAID 10 sequential reads
    - scsi: smartpqi: Expose SAS address for SATA drives
    - scsi: smartpqi: Fix NUMA node not updated during init
    - scsi: smartpqi: Fix BUILD_BUG_ON() statements
    - scsi: smartpqi: Fix hibernate and suspend
    - scsi: smartpqi: Fix lsscsi -t SAS addresses
    - scsi: smartpqi: Update version to 2.1.14-035
    - scsi: smartpqi: Fix unused variable pqi_pm_ops for clang
    - scsi: smartpqi: Stop using the SCSI pointer
    - scsi: smartpqi: Fix typo in comment
    - scsi: smartpqi: Shorten drive visibility after removal
    - scsi: smartpqi: Add controller fw version to console log
    - scsi: smartpqi: Add PCI IDs for ramaxel controllers
    - scsi: smartpqi: Close write read holes
    - scsi: smartpqi: Add driver support for multi-LUN devices
    - scsi: smartpqi: Fix PCI control linkdown system hang
    - scsi: smartpqi: Add PCI ID for Adaptec SmartHBA 2100-8i
    - scsi: smartpqi: Add PCI IDs for Lenovo controllers
    - scsi: smartpqi: Stop logging spurious PQI reset failures
    - scsi: smartpqi: Fix RAID map race condition
    - scsi: smartpqi: Add module param to disable managed ints
    - scsi: smartpqi: Update deleting a LUN via sysfs
    - scsi: smartpqi: Add ctrl ready timeout module parameter
    - scsi: smartpqi: Update copyright to current year
    - scsi: smartpqi: Update version to 2.1.18-045
    - scsi: smartpqi: Convert to host_tagset
    - scsi: smartpqi: Add new controller PCI IDs
    - scsi: smartpqi: Correct max LUN number
    - scsi: smartpqi: Change sysfs raid_level attribute to N/A for controllers
    - scsi: smartpqi: Correct device removal for multi-actuator devices
    - scsi: smartpqi: Add controller cache flush during rmmod
    - scsi: smartpqi: Initialize feature section info
    - scsi: smartpqi: Change version to 2.1.20-035
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * Add PPIN support for Intel EMR cpu (LP: #2019131)
    - x86/cpu: Merge Intel and AMD ppin_init() functions
    - x86/cpu: Add Xeon Emerald Rapids to list of CPUs that support PPIN
  * conntrack mark is not advertised via netlink (LP: #2016269)
    - netfilter: ctnetlink: revert to dumping mark re

2019000 Use new annotations model
1998643 smartpqi: Update 22.04 driver to include recent bug fixes and support current generation devices
2019131 Add PPIN support for Intel EMR cpu
2016269 conntrack mark is not advertised via netlink
2008751 [SRU] Backport request for hpwdt from upstream 6.1 to Jammy
2012335 Ubuntu 22.04 raise abnormal NIC MSI-X requests with larger CPU cores (256)
2008527 [SRU]With \
2007745 [SRU][Jammy] CONFIG_PCI_MESON is not enabled
2018438 Jammy update: v5.15.99 upstream stable release
1786013 Packaging resync
2015855 Add split lock detection for EMR
2015372 Add support for intel EMR cpu
2013603 Kernel livepatch ftrace graph fix
2015600 Jammy update: v5.15.98 upstream stable release
2015599 Jammy update: v5.15.97 upstream stable release
2015595 Jammy update: v5.15.96 upstream stable release
2015498 Debian autoreconstruct Fix restoration of execute permissions
2013088 kernel: fix __clear_user() inline assembly constraints
2015097 Kernel crash during Mellanox performance testing
2013209 expoline.o is packaged unconditionally for s390x
2004262 Intel E810 NICs driver in causing hangs when booting and bonds configured
2013118 Jammy update: v5.15.95 upstream stable release
1937133 devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute (KeyError: 'flavour')
2011616 Connection timeout due to conntrack limits
2012673 Jammy update: v5.15.94 upstream stable release
2012665 Jammy update: v5.15.93 upstream stable release
2008157 [SRU][Ubuntu 22.04.1]: Observed \
2011926 Revert \
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-2612 Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ...
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.
CVE-2023-1859 A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow
CVE-2023-1670 A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the syst
CVE-2023-1075 A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user



About   -   Send Feedback to @ubuntu_updates