UbuntuUpdates.org

Package "linux-azure-nvidia"

Name: linux-azure-nvidia

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 6.8.0
  • Header files related to Linux kernel version 6.8.0
  • Header files related to Linux kernel version 6.8.0
  • Header files related to Linux kernel version 6.8.0

Latest version: 6.8.0-1039.42
Release: noble (24.04)
Level: updates
Repository: main

Links



Other versions of "linux-azure-nvidia" in Noble

Repository Area Version
security main 6.8.0-1029.32
proposed main 6.8.0-1042.45
PPA: Canonical Kernel Team 6.8.0-1042.45

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.8.0-1039.42 2026-07-17 23:08:09 UTC

  linux-azure-nvidia (6.8.0-1039.42) noble; urgency=medium

  * noble/linux-azure-nvidia: 6.8.0-1039.42 -proposed tracker (LP: #2151906)

  [ Ubuntu-azure: 6.8.0-1060.66 ]

  * noble/linux-azure: 6.8.0-1060.66 -proposed tracker (LP: #2151908)
  [ Ubuntu: 6.8.0-130.130 ]
  * noble/linux: 6.8.0-130.130 -proposed tracker (LP: #2154560)
  * Noble update: upstream stable patchset 2026-03-26 (LP: #2146465)
    - Revert "UBUNTU: SAUCE: Fix skb_vlan_inet_prepare() usage"
  * Kernel regression (6.8.0-117.generic) (LP: #2153556)
    - net: bonding: update the slave array for broadcast mode
    - bonding: do not set usable_slaves for broadcast mode
  * perf_cpu_map__merge fails to compile on ppc46el, s390x on noble linux
    (LP: #2152194)
    - SAUCE: temporary fix attempt for size eceed
  * Some powerpc test from ubuntu_kernel_selftests timeout with 45 seconds
    (LP: #2141536)
    - selftests/powerpc: Lower run time of count_stcx_fail test
    - selftests/powerpc: Give all tests 2 minutes timeout
  * Noble update: upstream stable patchset 2026-05-01 (LP: #2150809)
    - auxdisplay: arm-charlcd: fix release_mem_region() size
    - hfsplus: return error when node already exists in hfs_bnode_create
    - rcu: s/boost_kthread_mutex/kthread_mutex
    - rcu/exp: Move expedited kthread worker creation functions above
      rcutree_prepare_cpu()
    - rcu: Refactor expedited handling check in rcu_read_unlock_special()
    - rcu: Remove local_irq_save/restore() in
      rcu_preempt_deferred_qs_handler()
    - rcu: Fix rcu_read_unlock() deadloop due to softirq
    - audit: move the compat_xxx_class[] extern declarations to audit_arch.h
    - i3c: Move device name assignment after i3c_bus_init
    - fs: add <linux/init_task.h> for 'init_fs'
    - i3c: master: Update hot-join flag only on success
    - gfs2: Retries missing in gfs2_{rename,exchange}
    - gfs2: Fix use-after-free in iomap inline data write path
    - i3c: dw: Initialize spinlock to avoid upsetting lockdep
    - tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure
    - tpm: st33zp24: Fix missing cleanup on get_burstcount() error
    - btrfs: qgroup: return correct error when deleting qgroup relation item
    - btrfs: fix block_group_tree dirty_list corruption
    - smb: client: fix potential UAF and double free in smb2_open_file()
    - xen/virtio: Don't use grant-dma-ops when running as Dom0
    - ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()
    - io_uring/sync: validate passed in offset
    - cpuidle: menu: Cleanup after loadavg removal
    - cpuidle: governors: menu: Always check timers with tick stopped
    - md/raid10: fix any_working flag handling in raid10_sync_request
    - iomap: fix submission side handling of completion side errors
    - ublk: Validate SQE128 flag before accessing the cmd
    - x86/xen: make some functions static
    - Partial revert "x86/xen: fix balloon target initialization for PVH dom0"
    - PM: wakeup: Handle empty list in wakeup_sources_walk_start()
    - perf: arm_spe: Properly set hw.state on failures
    - PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races
    - s390/cio: Fix device lifecycle handling in css_alloc_subchannel()
    - crypto: qat - fix warning on adf_pfvf_pf_proto.c
    - selftests/bpf: veristat: fix printing order in output_stats()
    - libbpf: Fix OOB read in btf_dump_get_bitfield_value
    - ARM: VDSO: Patch out __vdso_clock_getres() if unavailable
    - crypto: cavium - fix dma_free_coherent() size
    - crypto: octeontx - fix dma_free_coherent() size
    - crypto: hisilicon/zip - adjust the way to obtain the req in the callback
      function
    - crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware
      queue unavailable
    - hrtimer: Fix trace oddity
    - bpf, sockmap: Fix incorrect copied_seq calculation
    - bpf, sockmap: Fix FIONREAD for sockmap
    - crypto: hisilicon/trng - modifying the order of header files
    - crypto: hisilicon/trng - support tfms sharing the device
    - bpf: Fix bpf_xdp_store_bytes proto for read-only arg
    - scsi: efct: Use IRQF_ONESHOT and default primary handler
    - EDAC/altera: Remove IRQF_ONESHOT
    - mfd: wm8350-core: Use IRQF_ONESHOT
    - sched/rt: Skip currently executing CPU in rto_next_cpu()
    - pstore/ram: fix buffer overflow in persistent_ram_save_old()
    - soc: qcom: smem: handle ENOMEM error during probe
    - EDAC/i5000: Fix snprintf() size calculation in calculate_dimm_size()
    - EDAC/i5400: Fix snprintf() limit calculation in calculate_dimm_size()
    - arm64: dts: tqma8mpql-mba8mpxl: Fix HDMI CEC pad control settings
    - clk: qcom: Return correct error code in qcom_cc_probe_by_index()
    - arm64: dts: qcom: sdm630: fix gpu_speed_bin size
    - arm64: dts: qcom: sdm845-oneplus: Don't mark ts supply boot-on
    - ARM: dts: allwinner: sun5i-a13-utoo-p66: delete "power-gpios" property
    - powerpc/uaccess: Move barrier_nospec() out of
      allow_read_{from/write}_user()
    - soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in
      cmd_db_dev_probe
    - soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()
    - powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event
      handling
    - ARM: dts: lpc32xx: Set motor PWM #pwm-cells property value to 3 cells
    - arm: dts: lpc32xx: add clocks property to Motor Control PWM device tree
      node
    - arm64: dts: amlogic: axg: assign the MMC signal clocks
    - arm64: dts: amlogic: gx: assign the MMC signal clocks
    - arm64: dts: amlogic: g12: assign the MMC B and C signal clocks
    - arm64: dts: amlogic: g12: assign the MMC A signal clock
    - arm64: dts: qcom: sdm845-db845c: drop CS from SPIO0
    - arm64: dts: qcom: sdm845-db845c: specify power for WiFi CH1
    - arm64: dts: qcom: sm6115: Add CX_MEM/DBGC GPU regions
    - workqueue: Factor out assign_rescuer_work()
    - workqueue: Only assign rescuer work when really needed
    - workqueue: Proce

Source diff to previous version
2146465 Noble update: upstream stable patchset 2026-03-26
2153556 Kernel regression (6.8.0-117.generic)
2152194 perf_cpu_map__merge fails to compile on ppc46el, s390x on noble linux
2141536 Some powerpc test from ubuntu_kernel_selftests timeout with 45 seconds
2150809 Noble update: upstream stable patchset 2026-05-01
2148714 Noble update: upstream stable patchset 2026-04-17
2148260 Noble update: upstream stable patchset 2026-04-13
2154172 GRO managed-frag use-after-free leading to local privilege escalation
2151747 AppArmor Vulnerabilities
2148809 apparmor: LLVM/clang build failure due to uninitialized variable in notify.c
2153962 net/rds: reset op_nents when zerocopy page pin fails
CVE-2026-23249 In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and
CVE-2025-71267 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infi
CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata W
CVE-2025-71266 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an i
CVE-2026-23241 In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and li
CVE-2025-71239 In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in ve
CVE-2026-31411 In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer av
CVE-2026-23243 In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes dat
CVE-2026-23242 In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_ge
CVE-2025-71233 In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creati
CVE-2025-71231 In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The lo
CVE-2026-23169 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() syzbot and Eulgyu Kim reporte
CVE-2025-40005 In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver su
CVE-2025-71232 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen duri
CVE-2025-71235 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash s
CVE-2025-71236 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with t
CVE-2025-71229 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() rtw_core_enable_be
CVE-2025-71237 In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential block overflow that cause system hang When a user execute
CVE-2026-23229 In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM bo
CVE-2026-23222 In the Linux kernel, the following vulnerability has been resolved: crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly The exist
CVE-2026-23228 In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() On kthre
CVE-2026-23220 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths T
CVE-2026-23230 In the Linux kernel, the following vulnerability has been resolved: smb: client: split cached_fid bitfields to avoid shared-byte RMW races is_open,
CVE-2026-23272 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case
CVE-2026-31418 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts
CVE-2026-23392 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call sy
CVE-2026-23278 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transact
CVE-2026-47337 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47336 Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an unin ...
CVE-2026-47335 Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer d ...
CVE-2026-47334 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47333 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47332 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47331 Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire ...
CVE-2026-47330 Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47329 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to val ...
CVE-2026-47327 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47328 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47326 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory lea ...
CVE-2026-46300 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() c
CVE-2026-46333 In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fu
CVE-2026-43500 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA
CVE-2026-31676 In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE pack
CVE-2026-43284 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can atta
CVE-2026-31419 In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast()
CVE-2026-31431 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commi
CVE-2026-31533 In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUS
CVE-2026-31504 In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` h

Version: 6.8.0-1029.32 2026-01-08 14:08:02 UTC

  linux-azure-nvidia (6.8.0-1029.32) noble; urgency=medium

  * noble/linux-azure-nvidia: 6.8.0-1029.32 -proposed tracker (LP: #2131744)

  [ Ubuntu-azure: 6.8.0-1044.50 ]

  * noble/linux-azure: 6.8.0-1044.50 -proposed tracker (LP: #2131747)
  * Silent data corruption bug in CIFS module for write operations affecting
    kernel ~[6.3-6.9] (LP: #2131951)
    - SAUCE: cifs: stop writeback extension when change of size is detected
    - SAUCE: cifs: Fix uncached read into ITER_KVEC iterator
  [ Ubuntu: 6.8.0-90.91 ]
  * noble/linux: 6.8.0-90.91 -proposed tracker (LP: #2131785)
  * cifs: Fix memory leak of a folio every call to cifs_writepages_begin()
    (LP: #2131213)
    - cifs: fix pagecache leak when do writepages
  [ Ubuntu: 6.8.0-89.90 ]
  * noble/linux: 6.8.0-89.90 -proposed tracker (LP: #2131481)
  * CVE-2025-39993
    - media: rc: fix races with imon_disconnect()
  * Audio output fails on internal speakers when using kernel 6.8.0-84 and
    newer. (LP: #2130212)
    - Revert "ASoC: cs35l56: Prevent races when soft-resetting using SPI
      control"
  * i40e driver is triggering VF resets on every link state change
    (LP: #2130552)
    - i40e: avoid redundant VF link state updates
  * CVE-2025-40018
    - ipvs: Defer ip_vs_ftp unregister during netns cleanup
  * CVE-2025-39964
    - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg
    - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx
  * CVE-2025-37958
    - mm/huge_memory: fix dereferencing invalid pmd migration entry
  * CVE-2025-38666
    - net: appletalk: Fix use-after-free in AARP proxy probe

 -- John Cabaj <email address hidden> Fri, 21 Nov 2025 16:45:01 -0600

Source diff to previous version
2131951 Silent data corruption bug in CIFS module for write operations affecting kernel ~[6.3-6.9]
2131213 cifs: Fix memory leak of a folio every call to cifs_writepages_begin()
2130212 Audio output fails on internal speakers when using kernel 6.8.0-84 and newer.
2130552 i40e driver is triggering VF resets on every link state change
CVE-2025-39993 In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as bel
CVE-2025-40018 In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path
CVE-2025-39964 In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two write
CVE-2025-37958 In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a
CVE-2025-38666 In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe rou

Version: 6.8.0-1027.30 2025-11-03 21:07:21 UTC

  linux-azure-nvidia (6.8.0-1027.30) noble; urgency=medium

  * noble/linux-azure-nvidia: 6.8.0-1027.30 -proposed tracker (LP: #2127397)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu-azure: 6.8.0-1042.48 ]

  * noble/linux-azure: 6.8.0-1042.48 -proposed tracker (LP: #2127400)
  * azure: backport "cifs: reset iface weights when we cannot find a
    candidate" (LP: #2127706)
    - cifs: reset iface weights when we cannot find a candidate
  * azure: backport "hv_netvsc: fix loss of early receive events from host
    during channel open" (LP: #2127705)
    - net: hv_netvsc: fix loss of early receive events from host during
      channel open.
  * Backport fix for Linux SMB directory contents caching (LP: #2125686)
    - smb: improve directory cache reuse for readdir operations
  [ Ubuntu: 6.8.0-87.88 ]
  * noble/linux: 6.8.0-87.88 -proposed tracker (LP: #2127436)
  * CVE-2025-37838
    - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol
      Driver Due to Race Condition
  * VMSCAPE CVE-2025-40300 (LP: #2124105) // CVE-2025-40300
    - Documentation/hw-vuln: Add VMSCAPE documentation
    - x86/vmscape: Enumerate VMSCAPE bug
    - x86/vmscape: Add conditional IBPB mitigation
    - x86/vmscape: Enable the mitigation
    - x86/bugs: Move cpu_bugs_smt_update() down
    - x86/vmscape: Warn when STIBP is disabled with SMT
    - x86/vmscape: Add old Intel CPUs to affected list
  * VMSCAPE CVE-2025-40300 (LP: #2124105)
    - [Config] Enable MITIGATION_VMSCAPE config
  * CVE-2025-38352
    - posix-cpu-timers: fix race between handle_posix_cpu_timers() and
      posix_cpu_timer_del()
  * CVE-2025-38118
    - Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
    - Bluetooth: MGMT: Fix sparse errors

 -- John Cabaj <email address hidden> Wed, 15 Oct 2025 16:15:55 -0500

Source diff to previous version
1786013 Packaging resync
2127706 azure: backport \
2127705 azure: backport \
2125686 Backport fix for Linux SMB directory contents caching
2124105 VMSCAPE CVE-2025-40300
CVE-2025-37838 In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due t
CVE-2025-40300 In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that ex
CVE-2025-38352 In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer
CVE-2025-38118 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_

Version: 6.8.0-1025.27 2025-10-06 19:07:43 UTC

  linux-azure-nvidia (6.8.0-1025.27) noble; urgency=medium

  * noble/linux-azure-nvidia: 6.8.0-1025.27 -proposed tracker (LP: #2125071)

  [ Ubuntu-nvidia: 6.8.0-1040.43 ]

  * noble/linux-nvidia: 6.8.0-1040.43 -proposed tracker (LP: #2125093)

  [ Ubuntu-azure: 6.8.0-1040.46 ]

  * noble/linux-azure: 6.8.0-1040.46 -proposed tracker (LP: #2125522)
  * azure: backport "cifs: fix pagecache leak when do writepages"
    (LP: #2122719)
    - cifs: fix pagecache leak when do writepages
  * azure: backport "hv_netvsc: Fix panic during namespace deletion with VF"
    (LP: #2120803)
    - hv_netvsc: Fix panic during namespace deletion with VF
  * azure: backport various SMB multichannel fixes (LP: #2118807)
    - cifs: reset connections for all channels when reconnect requested
    - cifs: update dstaddr whenever channel iface is updated
    - cifs: dns resolution is needed only for primary channel
    - cifs: deal with the channel loading lag while picking channels
    - cifs: serialize other channels when query server interfaces is pending
    - cifs: do not disable interface polling on failure
    - smb: client: fix potential deadlock when reconnecting channels
    - smb: client: fix warning when reconnecting channel
  * net: mana: Use page pool fragments for RX buffers instead of full pages to
    improve memory efficiency (LP: #2121570)
    - net: mana: Use page pool fragments for RX buffers instead of full pages
      to improve memory efficiency.

  [ Ubuntu-azure: 6.8.0-1039.45 ]

  * noble/linux-azure: 6.8.0-1039.45 -proposed tracker (LP: #2125074)
  [ Ubuntu: 6.8.0-85.85 ]
  * noble/linux: 6.8.0-85.85 -proposed tracker (LP: #2125109)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * CVE-2025-38500
    - xfrm: interface: fix use-after-free after changing collect_md xfrm
      interface
  * TLS socket disconnection causes various issues (LP: #2120516) //
    CVE-2025-37756
    - net: tls: explicitly disallow disconnect
  * CVE-2025-38477
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class
  * CVE-2025-38618
    - vsock: Do not allow binding to VMADDR_PORT_ANY
  * CVE-2025-38617
    - net/packet: fix a race in packet_set_ring() and packet_notifier()
  * CVE-2025-37785
    - ext4: fix OOB read when checking dotdot dir

  [ Ubuntu-azure: 6.8.0-1038.44 ]

  [ Ubuntu: 6.8.0-84.84 ]
  * Linux refcount imbalance in af_unix subsystem (LP: #2121515)
    - SAUCE: af_unix: Fix GC compatibility with upstream OOB refcount changes

 -- John Cabaj <email address hidden> Tue, 23 Sep 2025 16:07:09 -0500

Source diff to previous version
2122719 azure: backport \
2120803 azure: backport \
2118807 azure: backport various SMB multichannel fixes
2121570 net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency
1786013 Packaging resync
2120516 TLS socket disconnection causes various issues
2121515 Linux refcount imbalance in af_unix subsystem
CVE-2025-38500 In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface co
CVE-2025-37756 In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconne
CVE-2025-38477 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can oc
CVE-2025-38618 In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to au
CVE-2025-38617 In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_s
CVE-2025-37785 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem wit

Version: 6.8.0-1022.23 2025-09-02 13:08:40 UTC

  linux-azure-nvidia (6.8.0-1022.23) noble; urgency=medium

  * noble/linux-azure-nvidia: 6.8.0-1022.23 -proposed tracker (LP: #2120371)

  [ Ubuntu-azure: 6.8.0-1034.39 ]

  * noble/linux-azure: 6.8.0-1034.39 -proposed tracker (LP: #2120374)
  [ Ubuntu: 6.8.0-78.78 ]
  * noble/linux: 6.8.0-78.78 -proposed tracker (LP: #2120405)
  * Incorrect backport for CVE-2025-21861 causes kernel hangs
    (LP: #2120330) // CVE-2025-21861
    - mm/migrate_device: don't add folio to be freed to LRU in
      migrate_device_finalize()
  * Incorrect backport for CVE-2025-21861 causes kernel hangs (LP: #2120330)
    - SAUCE: Revert "mm/migrate_device: don't add folio to be freed to LRU in
      migrate_device_finalize()"
    - mm: migrate_device: use more folio in migrate_device_finalize()

2120330 Incorrect backport for CVE-2025-21861 causes kernel hangs
CVE-2025-21861 In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize



About   -   Send Feedback to @ubuntu_updates