Package "linux"

This package belongs to a PPA: Canonical Kernel Team

Name: linux


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

Latest version: 5.4.0-173.191
Release: focal (20.04)
Level: base
Repository: main


Other versions of "linux" in Focal

Repository Area Version
base main 5.4.0-26.30
security main 5.4.0-172.190
updates main 5.4.0-172.190
proposed main 5.4.0-173.191

Packages in group

Deleted packages are displayed in grey.


Version: 5.4.0-173.191 2024-02-02 17:09:41 UTC

 linux (5.4.0-173.191) focal; urgency=medium
   * focal/linux: 5.4.0-173.191 -proposed tracker (LP: #2052135)
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)
   * CVE-2023-0340
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
   * CVE-2023-6915
     - ida: Fix crash in ida_free when the bitmap is empty
   * Focal update: v5.4.265 upstream stable release (LP: #2051644)
     - afs: Fix refcount underflow from error handling race
     - net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX
     - qca_debug: Prevent crash on TX ring changes
     - qca_debug: Fix ethtool -G iface tx behavior
     - qca_spi: Fix reset behavior
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - atm: Fix Use-After-Free in do_vcc_ioctl
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - cred: switch to using atomic_long_t
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: add code comments for bch_btree_node_get() and
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
     - powerpc/ftrace: Fix stack teardown in ftrace_no_trace
     - Linux 5.4.265
   * Focal update: v5.4.264 upstream stable release (LP: #2049935)
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - of: base: Add of_get_cpu_state_node() to get idle states for a CPU node
     - ACPI/IORT: Make iort_get_device_domain IRQ domain agnostic
     - ACPI/IORT: Make iort_msi_map_rid() PCI agnostic
     - of/iommu: Make of_map_rid() PCI agnostic
     - of/irq: make of_msi_map_get_device_domain() bus agnostic
     - of/irq: Make of_msi_map_rid() PCI bus agnostic
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: Fix RESET flag handling
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - RDMA/bnxt_re: Correct module description string
     - hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ARM: dts: imx: make gpt node name generic
     - ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - tracing: Always update snapshot buffer size
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - arm64: dts: mediatek: mt7622: fix memory node warning check
     - arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names
     - gpiolib: sysfs: Fix error handling on failed export
     - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc
     - mmc: sdhci-sprd: Fix vqmmc not shutting down after the card was pulled
     - usb: gadget: f_hid: fix report descriptor allocation
     - parport: Add support for Brainboxes IX/UC/PX parallel cards
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - ARM: PL011: Fix DMA support
     - serial: sc16is7xx: ad

Source diff to previous version
1786013 Packaging resync
2051644 Focal update: v5.4.265 upstream stable release
2049935 Focal update: v5.4.264 upstream stable release
2049084 Focal update: v5.4.263 upstream stable release
2049069 Focal update: v5.4.262 upstream stable release
2049049 Focal update: v5.4.261 upstream stable release
2049024 Focal update: v5.4.260 upstream stable release
CVE-2023-0340 The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contribu
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2023-22995 In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and

Version: 5.4.0-171.189 2024-01-05 18:08:46 UTC

 linux (5.4.0-171.189) focal; urgency=medium
   * focal/linux: 5.4.0-171.189 -proposed tracker (LP: #2048282)
   * Packaging resync (LP: #1786013)
     - [Packaging] remove helper scripts
     - [Packaging] update annotations scripts
     - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)
   * Page fault in RDMA ODP triggers BUG_ON during MMU notifier registration
     (LP: #2046534)
     - RDMA/odp: Ensure the mm is still alive before creating an implicit child
   * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
   * CVE-2023-6040
     - netfilter: nf_tables: Reject tables of unsupported family
   * kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10
     (LP: #2032641)
     - selftests: Skip TM tests on synthetic TM implementations
   * [Debian] autoreconstruct - Do not generate chmod -x for deleted files
     (LP: #2045562)
     - [Debian] autoreconstruct - Do not generate chmod -x for deleted files
   * CVE-2023-6931
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size()
     - perf: Fix perf_event_validate_size() lockdep splat
   * CVE-2023-6932
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
   * CVE-2023-6606
     - smb: client: fix OOB in smbCalcSize()
   * CVE-2023-45863
     - kobject: Fix slab-out-of-bounds in fill_kobj_path()
   * Focal update: v5.4.259 upstream stable release (LP: #2043724)
     - RDMA/cxgb4: Check skb value for failure to allocate
     - lib/test_meminit: fix off-by-one error in test_pages()
     - pwm: hibvt: Explicitly set .polarity in .get_state()
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - drm: etvnaviv: fix bad backport leading to warning
     - drm/msm/dsi: skip the wait for video mode done if not applicable
     - ravb: Fix up dma_free_coherent() call in ravb_remove()
     - ieee802154: ca8210: Fix a potential UAF in ca8210_probe
     - mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type
     - xen-netback: use default TX queue size for vifs
     - drm/vmwgfx: fix typo of sizeof argument
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
     - dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - mcb: remove is_added flag from mcb_device struct
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - dmaengine: mediatek: Fix deadlock caused by synchronize_irq()
     - powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE
     - powerpc/64e: Fix wrong test in __ptep_test_and_clear_young()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work()
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - KVM: x86: Mask LVTPC when handling a PMI
     - netfilter: nft_payload: fix wrong mac header matching
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
     - ACPI: resource: Add

Source diff to previous version
1786013 Packaging resync
2046534 Page fault in RDMA ODP triggers BUG_ON during MMU notifier registration
2047382 Hotplugging SCSI disk in QEMU VM fails
2032641 kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10 \t
2045562 [Debian] autoreconstruct - Do not generate chmod -x for deleted files
2043724 Focal update: v5.4.259 upstream stable release
2042107 Focal update: v5.4.258 upstream stable release
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-45863 An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in

Version: 5.4.0-169.187 2023-11-23 18:09:06 UTC

 linux (5.4.0-169.187) focal; urgency=medium
   * focal/linux: 5.4.0-169.187 -proposed tracker (LP: #2044375)
   * USB bus error after upgrading to proposed kernel on lunar, jammy and focal
     (LP: #2043197)
     - USB: core: Fix oversight in SuperSpeed initialization
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] update annotations scripts

Source diff to previous version
2043197 USB bus error after upgrading to proposed kernel on lunar and jammy
1786013 Packaging resync

Version: 5.4.0-168.186 2023-10-30 15:13:25 UTC

 linux (5.4.0-168.186) focal; urgency=medium
   * focal/linux: 5.4.0-168.186 -proposed tracker (LP: #2041652)
   * Focal update: v5.4.257 upstream stable release (LP: #2040284)
     - erofs: ensure that the post-EOF tails are all zeroed
     - ARM: pxa: remove use of symbol_get()
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - m68k: Fix invalid .section syntax
     - s390/dasd: use correct number of retries for ERP requests
     - s390/dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - ASoC: atmel: Fix the 8K sample parameter in I2SC master
     - platform/x86: intel: hid: Always call BTNL ACPI method
     - platform/x86: huawei-wmi: Silence ambient light sensor
     - security: keys: perform capable check only on privileged operations
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - cifs: add a warning when the in-flight count goes negative
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE
     - powerpc/32s: Fix assembler warning about r0
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - new helper: lookup_positive_unlocked()
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - x86/asm: Make more symbols local
     - x86/boot: Annotate local functions
     - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - spi: tegra20-sflash: fix to check return value of platform_get_irq() in
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - mwifiex: switch from 'pci_' to 'dma_' API
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - crypto: stm32 - Properly handle pm_runtime_get failing
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - use semicolons rather than commas to separate
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
     - ARM: dts: BCM53573: Drop nonexistent "default-off" LED

Source diff to previous version
2040284 Focal update: v5.4.257 upstream stable release
2039446 Focal update: v5.4.256 upstream stable release
2039440 Focal update: v5.4.255 upstream stable release
2039291 Focal update: v5.4.254 upstream stable release
2038652 Focal update: v5.4.253 upstream stable release
1786013 Packaging resync
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 5.4.0-166.183 2023-10-02 15:08:26 UTC

 linux (5.4.0-166.183) focal; urgency=medium
   * focal/linux: 5.4.0-166.183 -proposed tracker (LP: #2038010)
   * Use new annotations model (LP: #2019000)
     - [Packaging] new annotations model infrastructure
     - [Packaging] config-check: Handle new annotations format 4
     - [Packaging] rules: Use old-kernelconfig for old configs
     - [Config] sanitize annotations
     - [Config] import generated configs into annotation file
     - [Packaging] kernelconfig: add i386 as supported arch
     - [Config] Remove all old configs files
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - [Packaging] update annotations scripts
   * fix typo in config-checks invocation (LP: #2020413)
     - [Packaging] fix typo when calling the old config-check
     - [Packaging] fix typo in 4-checks.mk
   * support python < 3.9 with annotations (LP: #2020531)
     - [Packaging] kconfig/annotations.py: support older way of merging dicts
   * CVE-2023-42756
     - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
   * CVE-2023-4623
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve
   * Focal update: v5.4.252 upstream stable release (LP: #2036240)
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - x86/cpufeatures: Add SEV-ES CPU feature
     - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
     - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - Linux 5.4.252
     - Upstream stable to v5.4.252
   * CVE-2023-42755
     - net/sched: Retire rsvp classifier
     - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
   * CVE-2023-42753
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
   * CVE-2023-34319
     - xen/netback: Fix buffer overrun triggered by unusual packet
   * CVE-2023-4921
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
   * CVE-2023-42752
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
   * Avoid address overwrite in kernel_connect (LP: #2035163)
     - net: Avoid address overwrite in kernel_connect
   * [regression] Unable to initialize SGX enclaves with XFRM other than 3
     (LP: #2034745)
     - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
   * CVE-2023-4881
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
   * CVE-2023-4622
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
   * Focal update: v5.4.251 upstream stable release (LP: #2034918)
     - x86/smp: Use dedicated cache-line for mwait_play_dead()
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - drm/i915: Initialise outparam for error return from wait_for_register
     - scripts/tags.sh: Resolve gtags empty index generation
     - drm/amdgpu: Validate VM ioctl flags.
     - bgmac: fix *initial* chip reset to support BCM5358
     - x86/resctrl: Use is_closid_match() in more places
     - x86/resctrl: Only show tasks' pid in current pid namespace
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Use ttc driver as platform driver
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - ARM: 9303/1: kprobes: avoid missing-declaration warnings
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - ima: Fix build warnings
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - samples/bpf: Fix buffer overflow in tcp_basertt
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: mwifiex: Fix the size of a memory allocation in
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix a bunch of formatting issues related to function docs
     - wl3501_cs: Remove unnecessary NULL check
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdo

2019000 Use new annotations model
1786013 Packaging resync
2020413 fix typo in config-checks invocation
2020531 support python \u003c 3.9 with annotations
2036240 Focal update: v5.4.252 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2034918 Focal update: v5.4.251 upstream stable release
2033297 Focal update: v5.4.250 upstream stable release
2033278 Focal update: v5.4.249 upstream stable release
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

About   -   Send Feedback to @ubuntu_updates