UbuntuUpdates.org

Package "linux-aws"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-aws

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.15.0

Latest version: 4.15.0-1144.156
Release: bionic (18.04)
Level: base
Repository: main

Links



Other versions of "linux-aws" in Bionic

Repository Area Version
base main 4.15.0-1007.7
security main 4.15.0-1146.158
updates main 4.15.0-1146.158

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1144.156 2022-11-17 22:08:27 UTC

 linux-aws (4.15.0-1144.156) bionic; urgency=medium
 .
   * bionic/linux-aws: 4.15.0-1144.156 -proposed tracker (LP: #1996392)
 .
   [ Ubuntu: 4.15.0-198.209 ]
 .
   * bionic/linux: 4.15.0-198.209 -proposed tracker (LP: #1996417)
   * CVE-2022-42073
     - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
   * CVE-2022-42703
     - mm/rmap.c: don't reuse anon_vma if we just want a copy
     - mm: rmap: explicitly reset vma->anon_vma in unlink_anon_vmas()
   * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434)
     - s390/archrandom: prevent CPACF trng invocations in interrupt context
   * BUG: scheduling while atomic: ip/1210/0x00000200 on xenial/hwe rumford
     (LP: #1995870)
     - tg3: prevent scheduling while atomic splat
   * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349)
     - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
     - selftests/bpf: Fix test_align verifier log patterns
     - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
     - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
     - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
     - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler
     - kcm: fix strp_init() order and cleanup
     - serial: fsl_lpuart: RS485 RTS polariy is inverse
     - staging: rtl8712: fix use after free bugs
     - vt: Clear selection before changing the font
     - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
     - binder: fix UAF of ref->proc caused by race condition
     - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
     - Input: rk805-pwrkey - fix module autoloading
     - hwmon: (gpio-fan) Fix array out of bounds access
     - thunderbolt: Use the actual buffer in tb_async_error()
     - xhci: Add grace period after xHC start to prevent premature runtime suspend.
     - USB: serial: cp210x: add Decagon UCA device id
     - USB: serial: option: add support for OPPO R11 diag port
     - USB: serial: option: add Quectel EM060K modem
     - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
     - usb: dwc2: fix wrong order of phy_power_on and phy_init
     - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
     - usb-storage: Add ignore-residue quirk for NXP PN7462AU
     - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
     - s390: fix nospec table alignments
     - USB: core: Prevent nested device-reset calls
     - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
     - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
     - net: mac802154: Fix a condition in the receive path
     - ALSA: seq: oss: Fix data-race for max_midi_devs access
     - ALSA: seq: Fix data-race at module auto-loading
     - efi: capsule-loader: Fix use-after-free in efi_capsule_write
     - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - fs: only do a memory barrier for the first set_buffer_uptodate()
     - Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
     - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
     - drm/radeon: add a force flush to delay work when radeon
     - parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources()
     - parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines
     - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
     - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
     - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
     - ALSA: usb-audio: Fix an out-of-bounds bug in
       __snd_usb_parse_audio_interface()
     - kprobes: Prohibit probes in gate area
     - scsi: mpt3sas: Fix use-after-free warning
     - driver core: Don't probe devices after bus_type.match() probe deferral
     - netfilter: br_netfilter: Drop dst references before setting.
     - sch_sfb: Don't assume the skb is still around after enqueueing to child
     - tipc: fix shift wrapping bug in map_get()
     - ipv6: sr: fix out-of-bounds read when setting HMAC data.
     - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
     - sch_sfb: Also store skb len before calling child enqueue
     - usb: dwc3: fix PHY disable sequence
     - USB: serial: ch341: fix lost character on LCR updates
     - USB: serial: ch341: fix disabled rx timer on older devices
     - MIPS: loongson32: ls1c: Fix hang during startup
     - SUNRPC: use _bh spinlocking on ->transport_lock
     - net: dp83822: disable false carrier interrupt
     - tcp: annotate data-race around challenge_timestamp
     - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
     - clk: core: Fix runtime PM sequence in clk_core_unprepare()
     - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
     - i40e: Fix kernel crash during module removal
     - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
     - drm/msm/rd: Fix FIFO-full deadlock
     - HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
     - tg3: Disable tg3 device on system reboot to avoid triggering AER
     - ieee802154: cc2520: add rc code in cc2520_tx()
     - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes
     - tracefs: Only clobber mode/uid/gid on remount if asked
     - net: dp83822: disable rx error interrupt
   * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112)
     - audit: fix potential double free on error path from fsnotify_add_inode_mark
     - parisc: Fix exception handler for fldw and fstw instructions
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - rose: check NULL rose_loopback_neigh->loopback
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to

Source diff to previous version
1990434 Bionic update: upstream stable patchset 2022-09-21
1995870 BUG: scheduling while atomic: ip/1210/0x00000200 on xenial/hwe rumford
1993349 Bionic update: upstream stable patchset 2022-10-18
1992112 Bionic update: upstream stable patchset 2022-10-06
1991774 Memory leak while using NFQUEUE to delegate the decision on TCP packets to userspace processes
1990698 Bionic update: upstream stable patchset 2022-09-23
1989144 unprivileged users may trigger page cache invalidation WARN
1990690 Users belonging to video group may trigger a deadlock WARN
1990985 ACPI: processor idle: Practically limit \
1994601 [UBUNTU 18.04] Ubuntu 18.04 kernel 4.15.0-194 crashes on IPL
CVE-2022-42073 Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editclient.php?id=.
CVE-2022-42703 mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-3239 A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 4.15.0-1143.155 2022-10-29 16:08:13 UTC

 linux-aws (4.15.0-1143.155) bionic; urgency=medium
 .
   * bionic/linux-aws: 4.15.0-1143.155 -proposed tracker (LP: #1992072)
 .
   [ Ubuntu: 4.15.0-195.206 ]
 .
   * bionic/linux: 4.15.0-195.206 -proposed tracker (LP: #1992097)
   * Memory leak while using NFQUEUE to delegate the decision on TCP packets to
     userspace processes (LP: #1991774)
     - SAUCE: netfilter: nf_queue: Fix memory leak in nf_queue_entry_get_refs
   * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698)
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
     - ntfs: fix use-after-free in ntfs_ucsncmp()
     - ARM: crypto: comment out gcc warning that breaks clang builds
     - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
     - ACPI: video: Force backlight native for some TongFang devices
     - macintosh/adb: fix oob read in do_adb_query() function
     - Makefile: link with -z noexecstack --no-warn-rwx-segments
     - x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
     - ALSA: bcd2000: Fix a UAF bug on the error path of probing
     - add barriers to buffer_uptodate and set_buffer_uptodate
     - HID: wacom: Don't register pad_input for touch switch
     - KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
     - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
     - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP
     - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     - ALSA: hda/cirrus - support for iMac 12,1 model
     - vfs: Check the truncate maximum size in inode_newsize_ok()
     - fs: Add missing umask strip in vfs_tmpfile
     - usbnet: Fix linkwatch use-after-free on disconnect
     - parisc: Fix device names in /proc/iomem
     - drm/nouveau: fix another off-by-one in nvbios_addr
     - drm/amdgpu: Check BO's requested pinning domains against its
       preferred_domains
     - iio: light: isl29028: Fix the warning in isl29028_remove()
     - fuse: limit nsec
     - md-raid10: fix KASAN warning
     - ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
     - PCI: Add defines for normal and subtractive PCI bridges
     - powerpc/fsl-pci: Fix Class Code of PCIe Root Port
     - powerpc/powernv: Avoid crashing if rng is NULL
     - MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
     - USB: HCD: Fix URB giveback issue in tasklet function
     - netfilter: nf_tables: fix null deref due to zeroed list head
     - arm64: Do not forget syscall when starting a new thread.
     - arm64: fix oops in concurrently setting insn_emulation sysctls
     - ext2: Add more validity checks for inode counts
     - ARM: dts: imx6ul: add missing properties for sram
     - ARM: dts: imx6ul: fix qspi node compatible
     - ARM: OMAP2+: display: Fix refcount leak bug
     - ACPI: PM: save NVS memory for Lenovo G40-45
     - ACPI: LPSS: Fix missing check in register_device_clock()
     - PM: hibernate: defer device probing when resuming from hibernation
     - selinux: Add boundary check in put_entry()
     - ARM: findbit: fix overflowing offset
     - ARM: bcm: Fix refcount leak in bcm_kona_smc_init
     - x86/pmem: Fix platform-device leak in error path
     - ARM: dts: ast2500-evb: fix board compatible
     - soc: fsl: guts: machine variable might be unset
     - cpufreq: zynq: Fix refcount leak in zynq_get_revision
     - ARM: dts: qcom: pm8841: add required thermal-sensor-cells
     - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node
     - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
     - thermal/tools/tmon: Include pthread and time headers in tmon.h
     - dm: return early from dm_pr_call() if DM device is suspended
     - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
     - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function
     - i2c: Fix a potential use after free
     - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - drm: bridge: adv7511: Add check for mipi_dsi_driver_register
     - media: hdpvr: fix error value returns in hdpvr_read
     - drm/vc4: dsi: Correct DSI divider calculations
     - drm/rockchip: vop: Don't crash for invalid duplicate_state()
     - drm/mediatek: dpi: Remove output format of YUV
     - drm: bridge: sii8620: fix possible off-by-one
     - media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
     - tcp: make retransmitted SKB fit into the send window
     - selftests: timers: valid-adjtimex: build fix for newer toolchains
     - selftests: timers: clocksource-switch: fix passing errors from child
     - fs: check FMODE_LSEEK to control internal pipe splicing
     - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
     - wifi: p54: Fix an error handling path in p54spi_probe()
     - wifi: p54: add missing parentheses in p54_flush()
     - can: pch_can: do not report txerr and rxerr during bus-off
     - can: rcar_can: do not report txerr and rxerr during bus-off
     - can: sja1000: do not report txerr and rxerr during bus-off
     - can: hi311x: do not report txerr and rxerr during bus-off
     - can: sun4i_can: do not report txerr and rxerr during bus-off
     - can: usb_8dev: do not report txerr and rxerr during bus-off
     - can: error: specify the values of data[5..7] of CAN error frames
     - can: pch_can: pch_can_error(): initialize errc before using it
     - Bluetooth: hci_intel: Add check for platform_driver_register
     - i2c: cadence: Support PEC for SMBus block read
     - i2c: mux-gpmux: Add of_node_put() when breaking out of loop
     - wifi: wil6210: debugfs: fix uninitialized variable use in
       `wil_write_file_wmi()`
     - wifi: libertas: Fix possible refcount leak in if_usb_probe()
     - net: rose: fix netdev reference changes
     - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
     - mtd: maps:

Source diff to previous version
1991774 Memory leak while using NFQUEUE to delegate the decision on TCP packets to userspace processes
1990698 Bionic update: upstream stable patchset 2022-09-23
1990434 Bionic update: upstream stable patchset 2022-09-21
1989144 unprivileged users may trigger page cache invalidation WARN
1990690 Users belonging to video group may trigger a deadlock WARN
1990985 ACPI: processor idle: Practically limit \
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 4.15.0-1142.154 2022-10-03 22:08:53 UTC

 linux-aws (4.15.0-1142.154) bionic; urgency=medium
 .
   * bionic/linux-aws: 4.15.0-1142.154 -proposed tracker (LP: #1989910)
 .
   * Miscellaneous Ubuntu changes
     - [Config] aws: updateconfigs for RANDOM_TRUST_CPU
 .
   [ Ubuntu: 4.15.0-194.205 ]
 .
   * bionic/linux: 4.15.0-194.205 -proposed tracker (LP: #1989935)
   * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625)
     - random: schedule mix_interrupt_randomness() less often
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - random: quiet urandom warning ratelimit suppression message
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - x86/xen: Remove undefined behavior in setup_features()
     - MIPS: Remove repetitive increase irq_err_count
     - igb: Make DMA faster when CPU is active on the PCIe link
     - iio: adc: vf610: fix conversion mode sysfs node name
     - usb: chipidea: udc: check request status before setting device address
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: trigger: sysfs: fix use-after-free on remove
     - iio: adc: axp288: Override TS pin bias current for some models
     - xtensa: xtfpga: Fix refcount leak bug in setup
     - xtensa: Fix refcount leak bug in time.c
     - powerpc: Enable execve syscall exit tracepoint
     - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
     - powerpc/powernv: wire up rng during setup_arch
     - ARM: dts: imx6qdl: correct PU regulator ramp delay
     - ARM: exynos: Fix refcount leak in exynos_map_pmu
     - ARM: Fix refcount leak in axxia_boot_secondary
     - ARM: cns3xxx: Fix refcount leak in cns3xxx_init
     - modpost: fix section mismatch check for exported init/exit sections
     - powerpc/pseries: wire up rng during setup_arch()
     - drm: remove drm_fb_helper_modinit
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - fdt: Update CRC check for rng-seed
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - swiotlb: skip swiotlb_bounce when orig_addr is zero
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - afs: Fix dynamic root getattr
     - iio:chemical:ccs811: rearrange iio trigger get and register
     - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
     - nvdimm: Fix badblocks clear off-by-one error
     - dm raid: fix accesses beyond end of raid member array
     - dm raid: fix KASAN warning in raid5_add_disks
     - s390/archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher
     - net: rose: fix UAF bugs caused by timer handler
     - net: usb: ax88179_178a: Fix packet receiving
     - RDMA/qedr: Fix reporting QP timeout attribute
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - caif_virtio: fix race between virtio_device_ready() and ndo_open()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
     - NFC: nxp-nci: Don't issue a zero length i2c_master_read()
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - net: Rename and export copy_skb_header
     - xen/blkfront: fix leaking data in shared pages
     - xen/netfront: fix leaking data in shared pages
     - xen/netfront: force data bouncing when backend is untrusted
     - xen/blkfront: force data bouncing when backend is untrusted
     - xen/arm: Fix race in RB-tree based P2M accounting
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - esp: limit skb_page_frag_refill use to a single page
     - mm/slub: add missing TID updates on slab deactivation
     - can: grcan: grcan_probe(): remove extra of_node_get()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - usbnet: fix memory leak in error case
     - net: rose: fix UAF bug caused by rose_t0timer_expiry
     - iommu/vt-d: Fix PCI bus rescan device hot add
     - video: of_display_timing.h: include errno.h
     - powerpc/powernv: delay rng platform device creation until later in boot
     - xfs: remove incorrect ASSERT in xfs_rename
     - pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - i2c: cadence: Unregister the clk notifier in error path
     - ida: don't use BUG_ON() for debugging
     - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
     - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
     - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
     - dmaengine: pl330: Fix lockdep warning about non-static key
     - ALSA: hda - Add fixup for Dell Latitidue E5430
     - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ARM: 9213/1:

Source diff to previous version
1989625 Bionic update: upstream stable patchset 2022-09-14
1989374 Bionic update: upstream stable patchset 2022-09-12

Version: 4.15.0-1142.153 2022-09-29 21:08:13 UTC

 linux-aws (4.15.0-1142.153) bionic; urgency=medium
 .
   * bionic/linux-aws: 4.15.0-1142.153 -proposed tracker (LP: #1989910)
 .
   * Miscellaneous Ubuntu changes
     - [Config] aws: updateconfigs for RANDOM_TRUST_CPU
 .
   [ Ubuntu: 4.15.0-194.205 ]
 .
   * bionic/linux: 4.15.0-194.205 -proposed tracker (LP: #1989935)
   * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625)
     - random: schedule mix_interrupt_randomness() less often
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - random: quiet urandom warning ratelimit suppression message
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - x86/xen: Remove undefined behavior in setup_features()
     - MIPS: Remove repetitive increase irq_err_count
     - igb: Make DMA faster when CPU is active on the PCIe link
     - iio: adc: vf610: fix conversion mode sysfs node name
     - usb: chipidea: udc: check request status before setting device address
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: trigger: sysfs: fix use-after-free on remove
     - iio: adc: axp288: Override TS pin bias current for some models
     - xtensa: xtfpga: Fix refcount leak bug in setup
     - xtensa: Fix refcount leak bug in time.c
     - powerpc: Enable execve syscall exit tracepoint
     - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
     - powerpc/powernv: wire up rng during setup_arch
     - ARM: dts: imx6qdl: correct PU regulator ramp delay
     - ARM: exynos: Fix refcount leak in exynos_map_pmu
     - ARM: Fix refcount leak in axxia_boot_secondary
     - ARM: cns3xxx: Fix refcount leak in cns3xxx_init
     - modpost: fix section mismatch check for exported init/exit sections
     - powerpc/pseries: wire up rng during setup_arch()
     - drm: remove drm_fb_helper_modinit
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - fdt: Update CRC check for rng-seed
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - swiotlb: skip swiotlb_bounce when orig_addr is zero
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - afs: Fix dynamic root getattr
     - iio:chemical:ccs811: rearrange iio trigger get and register
     - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
     - nvdimm: Fix badblocks clear off-by-one error
     - dm raid: fix accesses beyond end of raid member array
     - dm raid: fix KASAN warning in raid5_add_disks
     - s390/archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher
     - net: rose: fix UAF bugs caused by timer handler
     - net: usb: ax88179_178a: Fix packet receiving
     - RDMA/qedr: Fix reporting QP timeout attribute
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - caif_virtio: fix race between virtio_device_ready() and ndo_open()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
     - NFC: nxp-nci: Don't issue a zero length i2c_master_read()
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - net: Rename and export copy_skb_header
     - xen/blkfront: fix leaking data in shared pages
     - xen/netfront: fix leaking data in shared pages
     - xen/netfront: force data bouncing when backend is untrusted
     - xen/blkfront: force data bouncing when backend is untrusted
     - xen/arm: Fix race in RB-tree based P2M accounting
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - esp: limit skb_page_frag_refill use to a single page
     - mm/slub: add missing TID updates on slab deactivation
     - can: grcan: grcan_probe(): remove extra of_node_get()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - usbnet: fix memory leak in error case
     - net: rose: fix UAF bug caused by rose_t0timer_expiry
     - iommu/vt-d: Fix PCI bus rescan device hot add
     - video: of_display_timing.h: include errno.h
     - powerpc/powernv: delay rng platform device creation until later in boot
     - xfs: remove incorrect ASSERT in xfs_rename
     - pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - i2c: cadence: Unregister the clk notifier in error path
     - ida: don't use BUG_ON() for debugging
     - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
     - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
     - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
     - dmaengine: pl330: Fix lockdep warning about non-static key
     - ALSA: hda - Add fixup for Dell Latitidue E5430
     - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ARM: 9213/1:

Source diff to previous version
1989625 Bionic update: upstream stable patchset 2022-09-14
1989374 Bionic update: upstream stable patchset 2022-09-12

Version: 4.15.0-1141.152 2022-09-02 19:08:12 UTC

 linux-aws (4.15.0-1141.152) bionic; urgency=medium
 .
   * bionic/linux-aws: 4.15.0-1141.152 -proposed tracker (LP: #1987880)
 .
   [ Ubuntu: 4.15.0-193.204 ]
 .
   * bionic/linux: 4.15.0-193.204 -proposed tracker (LP: #1987905)
   * CVE-2022-36946
     - netfilter: nf_queue: do not allow packet truncation below transport header
       offset
   * CVE-2021-33655
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
     - fbmem: Check virtual screen sizes in fb_set_var()

CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) beca
CVE-2021-33655 When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.



About   -   Send Feedback to @ubuntu_updates