UbuntuUpdates.org

Package "linux"

This package belongs to a PPA: Canonical Kernel Team

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

Latest version: 5.4.0-136.153
Release: focal (20.04)
Level: base
Repository: main

Links



Other versions of "linux" in Focal

Repository Area Version
base main 5.4.0-26.30
security main 5.4.0-135.152
updates main 5.4.0-135.152
proposed main 5.4.0-136.153

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-136.153 2022-11-24 19:09:10 UTC

 linux (5.4.0-136.153) focal; urgency=medium
 .
   * focal/linux: 5.4.0-136.153 -proposed tracker (LP: #1997835)
 .
   * Expose built-in trusted and revoked certificates (LP: #1996892)
     - [Packaging] Expose built-in trusted and revoked certificates
 .
   * [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
     (LP: #1995941)
     - KVM: s390: pv: don't present the ecall interrupt twice
 .
   * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
     - s390/boot: add secure boot trailer
 .
   * Fix rfkill causing soft blocked wifi (LP: #1996198)
     - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
 .
   * md: Replace snprintf with scnprintf (LP: #1993315)
     - md: Replace snprintf with scnprintf
 .
   * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
 .
   * Focal update: v5.4.218 upstream stable release (LP: #1995530)
     - mm: pagewalk: Fix race between unmap and page walker
     - perf tools: Fixup get_current_dir_name() compilation
     - firmware: arm_scmi: Add SCMI PM driver remove routine
     - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
     - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
       failure
     - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
     - scsi: qedf: Fix a UAF bug in __qedf_probe()
     - net/ieee802154: fix uninit value bug in dgram_sendmsg
     - um: Cleanup syscall_handler_t cast in syscalls_32.h
     - um: Cleanup compiler warning in arch/x86/um/tls_32.c
     - arch: um: Mark the stack non-executable to fix a binutils warning
     - usb: mon: make mmapped memory read only
     - USB: serial: ftdi_sio: fix 300 bps rate for SIO
     - mmc: core: Replace with already defined values for readability
     - mmc: core: Terminate infinite loop in SD-UHS voltage switch
     - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
     - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
     - ceph: don't truncate file in atomic_open
     - random: clamp credited irq bits to maximum mixed
     - ALSA: hda: Fix position reporting on Poulsbo
     - efi: Correct Macmini DMI match in uefi cert quirk
     - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     - random: restore O_NONBLOCK support
     - random: avoid reading two cache lines on irq randomness
     - random: use expired timer rather than wq for mixing fast pool
     - Input: xpad - add supported devices as contributed on github
     - Input: xpad - fix wireless 360 controller breaking after suspend
     - Linux 5.4.218
 .
   * Focal update: v5.4.217 upstream stable release (LP: #1995528)
     - xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag
     - xfs: introduce XFS_MAX_FILEOFF
     - xfs: truncate should remove all blocks, not just to the end of the page
       cache
     - xfs: fix s_maxbytes computation on 32-bit kernels
     - xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read
     - xfs: refactor remote attr value buffer invalidation
     - xfs: fix memory corruption during remote attr value buffer invalidation
     - xfs: move incore structures out of xfs_da_format.h
     - xfs: streamline xfs_attr3_leaf_inactive
     - xfs: fix uninitialized variable in xfs_attr3_leaf_inactive
     - xfs: remove unused variable 'done'
     - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
     - docs: update mediator information in CoC docs
     - Linux 5.4.217
 .
   * Focal update: v5.4.216 upstream stable release (LP: #1995526)
     - uas: add no-uas quirk for Hiksemi usb_disk
     - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
     - uas: ignore UAS for Thinkplus chips
     - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
     - clk: ingenic-tcu: Properly enable registers before accessing timers
     - ARM: dts: integrator: Tag PCI host with device_type
     - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
     - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
     - mm/page_alloc: fix race condition between build_all_zonelists and page
       allocation
     - mm: prevent page_frag_alloc() from corrupting the memory
     - mm/migrate_device.c: flush TLB while holding PTL
     - mm: fix madivse_pageout mishandling on non-LRU page
     - media: dvb_vb2: fix possible out of bound access
     - ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver
     - ARM: dts: am33xx: Fix MMCHS0 dma properties
     - soc: sunxi: sram: Actually claim SRAM regions
     - soc: sunxi: sram: Prevent the driver from being unbound
     - soc: sunxi_sram: Make use of the helper function
       devm_platform_ioremap_resource()
     - soc: sunxi: sram: Fix probe function ordering issues
     - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
     - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
       suspend/resume time"
     - Input: melfas_mip4 - fix return value check in mip4_probe()
     - usbnet: Fix memory leak in usbnet_disconnect()
     - nvme: add new line after variable declatation
     - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
     - selftests: Fix the if conditions of in test_extra_filter()
     - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     - clk: iproc: Do not rely on node name for correct PLL setup
     - Linux 5.4.216
 .
   * Focal update: v5.4.215 upstream stable release (LP: #1993203)
     - of: fdt: fix off-by-one error in unflatten_dt_nodes()
     - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
     - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
     - drm/meson: Correct OSD1

Source diff to previous version
1996892 Expose built-in trusted and revoked certificates
1995941 [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
1996071 [UBUNTU 20.04] boot: Add s390x secure boot trailer
1996198 Fix rfkill causing soft blocked wifi
1993315 md: Replace snprintf with scnprintf
1992266 input/keyboard: the keyboard on some Asus laptops can't work
1995530 Focal update: v5.4.218 upstream stable release
1995528 Focal update: v5.4.217 upstream stable release
1995526 Focal update: v5.4.216 upstream stable release
1993203 Focal update: v5.4.215 upstream stable release
1993196 Focal update: v5.4.214 upstream stable release
1992211 Focal update: v5.4.213 upstream stable release
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c

Version: 5.4.0-133.149 2022-11-14 23:08:25 UTC

 linux (5.4.0-133.149) focal; urgency=medium
 .
   * focal/linux: 5.4.0-133.149 -proposed tracker (LP: #1996385)
 .
   * CVE-2022-42703
     - mm/rmap.c: don't reuse anon_vma if we just want a copy
 .
   * [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
     (LP: #1995941)
     - KVM: s390: pv: don't present the ecall interrupt twice
 .
   * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
     - s390/boot: add secure boot trailer
 .
   * Fix rfkill causing soft blocked wifi (LP: #1996198)
     - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
 .
   * md: Replace snprintf with scnprintf (LP: #1993315)
     - md: Replace snprintf with scnprintf
 .
   * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
 .
   * Focal update: v5.4.218 upstream stable release (LP: #1995530)
     - mm: pagewalk: Fix race between unmap and page walker
     - perf tools: Fixup get_current_dir_name() compilation
     - firmware: arm_scmi: Add SCMI PM driver remove routine
     - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
     - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
       failure
     - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
     - scsi: qedf: Fix a UAF bug in __qedf_probe()
     - net/ieee802154: fix uninit value bug in dgram_sendmsg
     - um: Cleanup syscall_handler_t cast in syscalls_32.h
     - um: Cleanup compiler warning in arch/x86/um/tls_32.c
     - arch: um: Mark the stack non-executable to fix a binutils warning
     - usb: mon: make mmapped memory read only
     - USB: serial: ftdi_sio: fix 300 bps rate for SIO
     - mmc: core: Replace with already defined values for readability
     - mmc: core: Terminate infinite loop in SD-UHS voltage switch
     - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
     - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
     - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
     - ceph: don't truncate file in atomic_open
     - random: clamp credited irq bits to maximum mixed
     - ALSA: hda: Fix position reporting on Poulsbo
     - efi: Correct Macmini DMI match in uefi cert quirk
     - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     - random: restore O_NONBLOCK support
     - random: avoid reading two cache lines on irq randomness
     - random: use expired timer rather than wq for mixing fast pool
     - Input: xpad - add supported devices as contributed on github
     - Input: xpad - fix wireless 360 controller breaking after suspend
     - Linux 5.4.218
 .
   * Focal update: v5.4.217 upstream stable release (LP: #1995528)
     - xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag
     - xfs: introduce XFS_MAX_FILEOFF
     - xfs: truncate should remove all blocks, not just to the end of the page
       cache
     - xfs: fix s_maxbytes computation on 32-bit kernels
     - xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read
     - xfs: refactor remote attr value buffer invalidation
     - xfs: fix memory corruption during remote attr value buffer invalidation
     - xfs: move incore structures out of xfs_da_format.h
     - xfs: streamline xfs_attr3_leaf_inactive
     - xfs: fix uninitialized variable in xfs_attr3_leaf_inactive
     - xfs: remove unused variable 'done'
     - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
     - docs: update mediator information in CoC docs
     - Linux 5.4.217
 .
   * Focal update: v5.4.216 upstream stable release (LP: #1995526)
     - uas: add no-uas quirk for Hiksemi usb_disk
     - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
     - uas: ignore UAS for Thinkplus chips
     - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
     - clk: ingenic-tcu: Properly enable registers before accessing timers
     - ARM: dts: integrator: Tag PCI host with device_type
     - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
     - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
     - mm/page_alloc: fix race condition between build_all_zonelists and page
       allocation
     - mm: prevent page_frag_alloc() from corrupting the memory
     - mm/migrate_device.c: flush TLB while holding PTL
     - mm: fix madivse_pageout mishandling on non-LRU page
     - media: dvb_vb2: fix possible out of bound access
     - ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver
     - ARM: dts: am33xx: Fix MMCHS0 dma properties
     - soc: sunxi: sram: Actually claim SRAM regions
     - soc: sunxi: sram: Prevent the driver from being unbound
     - soc: sunxi_sram: Make use of the helper function
       devm_platform_ioremap_resource()
     - soc: sunxi: sram: Fix probe function ordering issues
     - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
     - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
       suspend/resume time"
     - Input: melfas_mip4 - fix return value check in mip4_probe()
     - usbnet: Fix memory leak in usbnet_disconnect()
     - nvme: add new line after variable declatation
     - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
     - selftests: Fix the if conditions of in test_extra_filter()
     - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     - clk: iproc: Do not rely on node name for correct PLL setup
     - Linux 5.4.216
 .
   * Focal update: v5.4.215 upstream stable release (LP: #1993203)
     - of: fdt: fix off-by-one error in unflatten_dt_nodes()
     - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
     - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
     - drm

Source diff to previous version
1995941 [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
1996071 [UBUNTU 20.04] boot: Add s390x secure boot trailer
1996198 Fix rfkill causing soft blocked wifi
1993315 md: Replace snprintf with scnprintf
1992266 input/keyboard: the keyboard on some Asus laptops can't work
1995530 Focal update: v5.4.218 upstream stable release
1995528 Focal update: v5.4.217 upstream stable release
1995526 Focal update: v5.4.216 upstream stable release
1993203 Focal update: v5.4.215 upstream stable release
1993196 Focal update: v5.4.214 upstream stable release
1992211 Focal update: v5.4.213 upstream stable release
CVE-2022-42703 mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c

Version: 5.4.0-132.148 2022-10-19 16:08:17 UTC

 linux (5.4.0-132.148) focal; urgency=medium
 .
   * CVE-2022-42719
     - mac80211: mlme: find auth challenge directly
     - wifi: mac80211: don't parse mbssid in assoc response
     - wifi: mac80211: fix MBSSID parsing use-after-free
 .
   * iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
     (LP: #1983656)
     - iavf: Fix set max MTU size with port VLAN and jumbo frames
     - i40e: Fix VF set max MTU size
 .
   * fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
     (LP: #1990800)
     - SAUCE: selftests/net: skipping tests for older ip command releases
 .
   * CVE-2022-29901
     - Revert "x86/speculation: Add RSB VM Exit protections"
     - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
     - x86/devicetable: Move x86 specific macro out of generic code
     - x86/cpu: Add consistent CPU match macros
     - x86/cpu: Add a steppings field to struct x86_cpu_id
     - x86/kvm/vmx: Make noinstr clean
     - x86/cpufeatures: Move RETPOLINE flags to word 11
     - x86/bugs: Report AMD retbleed vulnerability
     - x86/bugs: Add AMD retbleed= boot parameter
     - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
     - x86/entry: Remove skip_r11rcx
     - x86/entry: Add kernel IBRS implementation
     - x86/bugs: Optimize SPEC_CTRL MSR writes
     - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
     - x86/bugs: Split spectre_v2_select_mitigation() and
       spectre_v2_user_select_mitigation()
     - x86/bugs: Report Intel retbleed vulnerability
     - intel_idle: Disable IBRS during long idle
     - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
     - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
     - x86/speculation: Fix firmware entry SPEC_CTRL handling
     - x86/speculation: Fix SPEC_CTRL write on SMT state change
     - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
     - x86/speculation: Remove x86_spec_ctrl_mask
     - KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
     - KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
     - KVM: VMX: Flatten __vmx_vcpu_run()
     - KVM: VMX: Convert launched argument to flags
     - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
     - KVM: VMX: Fix IBRS handling after vmexit
     - x86/speculation: Fill RSB on vmexit for IBRS
     - x86/common: Stamp out the stepping madness
     - x86/cpu/amd: Enumerate BTC_NO
     - x86/bugs: Add Cannon lake to RETBleed affected CPU list
     - x86/speculation: Disable RRSBA behavior
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - x86/speculation: Add RSB VM Exit protections
 .
   * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
     systems (LP: #1990985)
     - ACPI: processor_idle: Skip dummy wait if kernel is in guest
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
       systems
 .
   * cgroup: all controllers mounted when using 'cgroup_no_v1=' (LP: #1988584)
     - cgroup-v1: add disabled controller check in cgroup1_parse_param()
 .
   * Focal update: v5.4.212 upstream stable release (LP: #1991156)
     - audit: fix potential double free on error path from fsnotify_add_inode_mark
     - parisc: Fix exception handler for fldw and fstw instructions
     - kernel/sys_ni: add compat entry for fadvise64_64
     - usb: cdns3: Fix issue for clear halt endpoint
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - sched/deadline: Unthrottle PI boosted threads while enqueuing
     - sched/deadline: Fix stale throttling on de-/boosted tasks
     - sched/deadline: Fix priority inheritance with multiple scheduling classes
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - rose: check NULL rose_loopback_neigh->loopback
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - net: moxa: get rid of asymmetry in DMA mapping/unmapping
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - s390: fix double free of GS and RI CBs on fork() failure
     - ACPI: processor: Remove freq Qos request for all CPUs
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - md: call __md_stop_write

Source diff to previous version
1983656 iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
1990800 fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
1990985 ACPI: processor idle: Practically limit \
1988584 cgroup: all controllers mounted when using 'cgroup_no_v1='
1991156 Focal update: v5.4.212 upstream stable release
1990190 Focal update: v5.4.211 upstream stable release
CVE-2022-42719 A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by atta
CVE-2022-29901 Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 5.4.0-130.146 2022-10-07 14:09:20 UTC

 linux (5.4.0-130.146) focal; urgency=medium
 .
   * focal/linux: 5.4.0-130.146 -proposed tracker (LP: #1992064)
 .
   * fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
     (LP: #1990800)
     - SAUCE: selftests/net: skipping tests for older ip command releases
 .
   * CVE-2022-29901
     - Revert "x86/speculation: Add RSB VM Exit protections"
     - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
     - x86/devicetable: Move x86 specific macro out of generic code
     - x86/cpu: Add consistent CPU match macros
     - x86/cpu: Add a steppings field to struct x86_cpu_id
     - x86/kvm/vmx: Make noinstr clean
     - x86/cpufeatures: Move RETPOLINE flags to word 11
     - x86/bugs: Report AMD retbleed vulnerability
     - x86/bugs: Add AMD retbleed= boot parameter
     - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
     - x86/entry: Remove skip_r11rcx
     - x86/entry: Add kernel IBRS implementation
     - x86/bugs: Optimize SPEC_CTRL MSR writes
     - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
     - x86/bugs: Split spectre_v2_select_mitigation() and
       spectre_v2_user_select_mitigation()
     - x86/bugs: Report Intel retbleed vulnerability
     - intel_idle: Disable IBRS during long idle
     - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
     - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
     - x86/speculation: Fix firmware entry SPEC_CTRL handling
     - x86/speculation: Fix SPEC_CTRL write on SMT state change
     - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
     - x86/speculation: Remove x86_spec_ctrl_mask
     - KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
     - KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
     - KVM: VMX: Flatten __vmx_vcpu_run()
     - KVM: VMX: Convert launched argument to flags
     - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
     - KVM: VMX: Fix IBRS handling after vmexit
     - x86/speculation: Fill RSB on vmexit for IBRS
     - x86/common: Stamp out the stepping madness
     - x86/cpu/amd: Enumerate BTC_NO
     - x86/bugs: Add Cannon lake to RETBleed affected CPU list
     - x86/speculation: Disable RRSBA behavior
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - x86/speculation: Add RSB VM Exit protections
 .
   * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
     systems (LP: #1990985)
     - ACPI: processor_idle: Skip dummy wait if kernel is in guest
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
       systems
 .
   * cgroup: all controllers mounted when using 'cgroup_no_v1=' (LP: #1988584)
     - cgroup-v1: add disabled controller check in cgroup1_parse_param()
 .
   * Focal update: v5.4.212 upstream stable release (LP: #1991156)
     - audit: fix potential double free on error path from fsnotify_add_inode_mark
     - parisc: Fix exception handler for fldw and fstw instructions
     - kernel/sys_ni: add compat entry for fadvise64_64
     - usb: cdns3: Fix issue for clear halt endpoint
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - sched/deadline: Unthrottle PI boosted threads while enqueuing
     - sched/deadline: Fix stale throttling on de-/boosted tasks
     - sched/deadline: Fix priority inheritance with multiple scheduling classes
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - rose: check NULL rose_loopback_neigh->loopback
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - net: moxa: get rid of asymmetry in DMA mapping/unmapping
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - s390: fix double free of GS and RI CBs on fork() failure
     - ACPI: processor: Remove freq Qos request for all CPUs
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - md: call __md_stop_writes in md_stop
     - perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
     - scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
     - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
     - s390/mm: do not trigger write fault when vma does not allow VM_WRITE
     - x86/bugs: Add "unkno

Source diff to previous version
1990800 fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
1990985 ACPI: processor idle: Practically limit \
1988584 cgroup: all controllers mounted when using 'cgroup_no_v1='
1991156 Focal update: v5.4.212 upstream stable release
1990190 Focal update: v5.4.211 upstream stable release
CVE-2022-29901 Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 5.4.0-128.144 2022-09-20 14:08:16 UTC

 linux (5.4.0-128.144) focal; urgency=medium
 .
   * focal/linux: 5.4.0-128.144 -proposed tracker (LP: #1990152)
 .
   * CVE-2022-3176
     - io_uring: disable polling pollfree files
 .
   * ip/nexthop: fix default address selection for connected nexthop
     (LP: #1988809)
     - selftests/net: test nexthop without gw
 .
   * ip/nexthop: fix default address selection for connected nexthop
     (LP: #1988809) // icmp_redirect.sh in ubuntu_kernel_selftests failed on
     Jammy 5.15.0-49.55 (LP: #1990124)
     - ip: fix triggering of 'icmp redirect'
 .

1988809 ip/nexthop: fix default address selection for connected nexthop
1990124 icmp_redirect.sh in ubuntu_kernel_selftests failed on Jammy 5.15.0-49.55
CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task.



About   -   Send Feedback to @ubuntu_updates