UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Headers for BPF development
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP

Latest version: 6.8.0-56.58
Release: noble (24.04)
Level: security
Repository: main

Links



Other versions of "linux" in Noble

Repository Area Version
base main 6.8.0-31.31
updates main 6.8.0-56.58
proposed main 6.8.0-58.60
PPA: Canonical Kernel Team 6.8.0-58.60

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.8.0-56.58 2025-03-26 18:07:40 UTC

  linux (6.8.0-56.58) noble; urgency=medium

  * noble/linux: 6.8.0-56.58 -proposed tracker (LP: #2098244)

  * Noble update: upstream stable patchset 2024-07-19 (LP: #2073603)
    - Revert "drm: Make drivers depends on DRM_DW_HDMI"
    - Revert "UBUNTU: [Config] Drivers now depend on DRM_DW_HDMI"

  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (LP: #2098080)
    - drm/amd/display: Add check for granularity in dml ceil/floor helpers

  * optimized default EPP for GNR family (LP: #2097554)
    - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids

  * Incorrect LAPIC/x2APIC parsing order (LP: #2097455)
    - x86/acpi: Fix LAPIC/x2APIC parsing order

  * MGLRU: page allocation failure on NUMA-enabled systems (LP: #2097214)
    - mm/vmscan: wake up flushers conditionally to avoid cgroup OOM

  * Upstream commit 65357e2c164a: "RDMA/mana_ib: set node_guid" applied
    incorrectly (LP: #2096885)
    - Revert "RDMA/mana_ib: set node_guid"

  * AppArmor early policy load not funcitoning (LP: #2095370)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [67/90]: userns - add the
      ability to reference a global variable for a feature value"

  * apparmor unconfined profile blocks pivot_root (LP: #2067900)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy
      uses of unconfined() to label_mediates()"

  * CVE-2024-50117
    - drm/amd: Guard against bad data for ATIF ACPI method

  * CVE-2024-56582
    - btrfs: fix use-after-free in btrfs_encoded_read_endio()

  * CVE-2024-53165
    - sh: intc: Fix use-after-free bug in register_intc_controller()

  * CVE-2024-53156
    - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()

  * CVE-2024-56663
    - wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one

  * CVE-2024-56614
    - xsk: fix OOB map writes when deleting elements

  * VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
    (LP: #2097389)
    - PCI: Batch BAR sizing operations

  * Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
    - Revert "PCI/MSI: Provide stubs for IMS functions"
    - gfs2: Revert "introduce qd_bh_get_or_undo"
    - gfs2: qd_check_sync cleanups
    - gfs2: Revert "ignore negated quota changes"
    - Revert "powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2"
    - tracing: Have saved_cmdlines arrays all in one allocation
    - spi: spi-fsl-lpspi: remove redundant spi_controller_put call
    - ata: ahci: Add mask_port_map module parameter
    - ASoC: tas2781: mark dvc_tlv with __maybe_unused
    - scsi: sd: Do not repeat the starting disk message
    - bootconfig: Fix the kerneldoc of _xbc_exit()
    - perf sched: Move start_work_mutex and work_done_wait_mutex initialization to
      perf_sched__replay()
    - perf sched: Fix memory leak in perf_sched__map()
    - perf sched: Move curr_thread initialization to perf_sched__map()
    - perf sched: Move curr_pid and cpu_last_switched initialization to
      perf_sched__{lat|map|replay}()
    - libsubcmd: Don't free the usage string
    - selftests: Introduce Makefile variable to list shared bash scripts
    - jbd2: fix kernel-doc for j_transaction_overhead_buffers
    - lib/build_OID_registry: avoid non-destructive substitution for Perl < 5.13.2
      compat
    - drm/amd/display: Remove a redundant check in authenticated_dp
    - drm/amd/display: Revert "Check HDCP returned status"
    - zram: don't free statically defined names
    - x86/amd_nb: Add new PCI IDs for AMD family 0x1a
    - rtnetlink: change nlk->cb_mutex role
    - rtnetlink: add RTNL_FLAG_DUMP_UNLOCKED flag
    - mpls: no longer hold RTNL in mpls_netconf_dump_devconf()
    - phonet: no longer hold RTNL in route_dumpit()
    - rcu/nocb: Make IRQs disablement symmetric
    - HID: asus: add ROG Ally N-Key ID and keycodes
    - HID: asus: add ROG Z13 lightbar
    - hid-asus: add ROG Ally X prod ID to quirk list
    - scsi: Revert "scsi: sd: Do not repeat the starting disk message"
    - btrfs: fix uninitialized pointer free in add_inode_ref()
    - btrfs: fix uninitialized pointer free on read_alloc_one_name() error
    - ksmbd: fix user-after-free from session log off
    - ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
    - mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
    - net: enetc: remove xdp_drops statistic from enetc_xdp_drop()
    - net: enetc: block concurrent XDP transmissions during ring reconfiguration
    - net: enetc: disable Tx BD rings after they are empty
    - net: enetc: disable NAPI after all rings are disabled
    - net: enetc: add missing static descriptor and inline keyword
    - posix-clock: Fix missing timespec64 check in pc_clock_settime()
    - udp: Compute L4 checksum as usual when not segmenting the skb
    - arm64: probes: Remove broken LDR (literal) uprobe support
    - arm64: probes: Fix simulate_ldr*_literal()
    - arm64: probes: Fix uprobes for big-endian kernels
    - net: macb: Avoid 20s boot delay by skipping MDIO bus registration for fixed-
      link PHY
    - net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
    - maple_tree: correct tree corruption on spanning store
    - nilfs2: propagate directory read errors from nilfs_find_entry()
    - fat: fix uninitialized variable
    - mm/mremap: fix move_normal_pmd/retract_page_tables race
    - mm/swapfile: skip HugeTLB pages for unuse_vma
    - mm/damon/tests/sysfs-kunit.h: fix memory leak in
      damon_sysfs_test_add_targets()
    - tcp: fix mptcp DSS corruption due to large pmtu xmit
    - net: fec: Move `fec_ptp_read()` to the top of the file
    - net: fec: Remove duplicated code
    - mptcp: prevent MPC handshake on port-based signal endpoints
    - iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices
    - s390/sclp: Deactivate sclp after all its users
    - s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
    - KVM: s390: ga

Source diff to previous version
2073603 Noble update: upstream stable patchset 2024-07-19
2098080 drm/amd/display: Add check for granularity in dml ceil/floor helpers
2097554 optimized default EPP for GNR family
2097455 Incorrect LAPIC/x2APIC parsing order
2097214 MGLRU: page allocation failure on NUMA-enabled systems
2096885 Upstream commit 65357e2c164a: \
2095370 AppArmor early policy load not funcitoning
2067900 apparmor unconfined profile blocks pivot_root
2097389 VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
2097393 Noble update: upstream stable patchset 2025-02-04
2097301 Noble update: upstream stable patchset 2025-02-03
2070339 [Lenovo Ubuntu 24.04 Bug] dmesg show \
2089411 python perf module missing in realtime kernel
CVE-2024-50117 In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad dat
CVE-2024-56582 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the
CVE-2024-53165 In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error han
CVE-2024-53156 In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found
CVE-2024-56663 In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attrib
CVE-2024-56614 In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_de
CVE-2024-50182 In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS
CVE-2024-50019 In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditiona
CVE-2024-50096 In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_
CVE-2024-50020 In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() This p
CVE-2024-50021 In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() This patch
CVE-2024-50022 In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned us
CVE-2024-50185 In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send c
CVE-2024-50023 In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb ("n
CVE-2024-50024 In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetl
CVE-2024-50186 In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails We have recently no
CVE-2024-50025 In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58c
CVE-2024-50026 In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced w
CVE-2024-50027 In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone The object pointed to
CVE-2024-50028 In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id() There are p
CVE-2024-50029 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL
CVE-2024-50030 In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in send_recv() Ensure we serialize with completion side
CVE-2024-50187 In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file d
CVE-2024-50031 In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube`
CVE-2024-50189 In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-m
CVE-2024-50033 In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found t
CVE-2024-50035 In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_asyn
CVE-2024-50036 In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per
CVE-2024-50038 In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt
CVE-2024-50039 In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backl
CVE-2024-50040 In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb
CVE-2024-50041 In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch ad
CVE-2024-50042 In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid
CVE-2024-50093 In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The proces
CVE-2024-50044 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_st
CVE-2024-50045 In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in
CVE-2024-50188 In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring t
CVE-2024-50046 In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node
CVE-2024-50180 In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yr
CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read)
CVE-2024-50048 In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a N
CVE-2024-50049 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is
CVE-2024-50090 In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xe_bb_create_job() append
CVE-2024-50183 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance D
CVE-2024-50055 In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register
CVE-2024-50056 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferen
CVE-2024-50184 In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: Check device status before requesting flush If a pmem device is in
CVE-2024-50057 In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if
CVE-2024-50058 In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29
CVE-2024-50181 In the Linux kernel, the following vulnerability has been resolved: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D For i.MX7D DRAM re
CVE-2024-50059 In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove
CVE-2024-50060 In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of norm
CVE-2024-50061 In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Du
CVE-2024-50062 In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path
CVE-2024-50095 In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handle
CVE-2024-50063 In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can
CVE-2024-50191 In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounte
CVE-2024-50064 In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms n
CVE-2024-49865 In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the
CVE-2024-49968 In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When
CVE-2024-49893 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_ge
CVE-2024-49972 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails [Why] When DC state
CVE-2024-49914 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe
CVE-2024-49920 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before multiple uses [WHAT & HOW] Poniters
CVE-2024-49921 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before used [WHAT & HOW] Poniters, such as
CVE-2024-50009 In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_g
CVE-2024-47726 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs befo
CVE-2024-47711 In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't return OOB skb in manage_oob(). syzbot reported use-after-free i
CVE-2024-53170 In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping(
CVE-2024-50148 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as fo
CVE-2024-50134 In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA
CVE-2024-50171 In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_syspor
CVE-2024-50229 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that
CVE-2024-50233 In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()
CVE-2024-53104 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_forma

Version: 6.8.0-55.57 2025-03-05 01:07:25 UTC

  linux (6.8.0-55.57) noble; urgency=medium

  * noble/linux: 6.8.0-55.57 -proposed tracker (LP: #2097981)

  * python perf module missing in realtime kernel (LP: #2089411)
    - [Packaging] linux-tools: Add missing python perf symlink
    - [Packaging] linux-tools: Fix python perf library packaging
    - [Packaging] linux-tools: Fall back to old python perf path

  * CVE-2024-53104
    - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
      uvc_parse_format

 -- Manuel Diewald <email address hidden> Wed, 12 Feb 2025 20:54:42 +0100

Source diff to previous version
2089411 python perf module missing in realtime kernel
CVE-2024-53104 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_forma

Version: 6.8.0-54.56 2025-02-25 15:07:02 UTC

  linux (6.8.0-54.56) noble; urgency=medium

  * CVE-2025-0927
    - SAUCE: fs: hfs/hfsplus: add key_len boundary check to hfs_bnode_read_key

Source diff to previous version

Version: 6.8.0-52.53 2025-01-28 01:07:20 UTC

  linux (6.8.0-52.53) noble; urgency=medium

  * noble/linux: 6.8.0-52.53 -proposed tracker (LP: #2093521)

  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment

  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt

  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- Manuel Diewald <email address hidden> Fri, 10 Jan 2025 18:18:33 +0100

Source diff to previous version
CVE-2024-53164 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc
CVE-2024-53141 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_
CVE-2024-53103 In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs

Version: 6.8.0-51.52 2024-12-17 01:07:32 UTC

  linux (6.8.0-51.52) noble; urgency=medium

  * noble/linux: 6.8.0-51.52 -proposed tracker (LP: #2090369)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update variants

  * MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
    (LP: #2087886)
    - mm/mglru: only clear kswapd_failures if reclaimable

  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT

  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

 -- Manuel Diewald <email address hidden> Sat, 30 Nov 2024 19:21:46 +0100

1786013 Packaging resync
2087886 MGLRU: kswapd uses 100% CPU when MGLRU is enabled and under memory pressure
CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans Du
CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_bac
CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1



About   -   Send Feedback to @ubuntu_updates