UbuntuUpdates.org

Package "linux-aws-5.15"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-aws-5.15

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.15.0
  • Linux kernel version specific tools for version 5.15.0-1065
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel headers for version 5.15.0 on 64 bit x86 SMP

Latest version: 5.15.0-1065.71~20.04.1
Release: focal (20.04)
Level: base
Repository: main

Links



Other versions of "linux-aws-5.15" in Focal

Repository Area Version
security main 5.15.0-1064.70~20.04.1
updates main 5.15.0-1064.70~20.04.1
proposed main 5.15.0-1065.71~20.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1065.71~20.04.1 2024-06-29 00:11:18 UTC

 linux-aws-5.15 (5.15.0-1065.71~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1065.71~20.04.1 -proposed tracker
     (LP: #2068344)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.aws-5.15/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
 .
   [ Ubuntu: 5.15.0-1065.71 ]
 .
   * jammy/linux-aws: 5.15.0-1065.71 -proposed tracker (LP: #2068345)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.aws/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * aws: Backport linear memory map change (LP: #2069352)
     - arm64: mm: Don't remap pgtables per-cont(pte|pmd) block
     - arm64: mm: Batch dsb and isb when populating pgtables
   * jammy/linux: 5.15.0-115.125 -proposed tracker (LP: #2068396)
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
   * Jammy update: v5.15.158 upstream stable release (LP: #2067974)
     - smb: client: fix rename(2) regression against samba
     - cifs: reinstate original behavior again for forceuid/forcegid
     - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
     - HID: logitech-dj: allow mice to use all types of reports
     - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 Puma
     - arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
     - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
     - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro dts
     - arm64: dts: mediatek: mt8183: Add power-domains properity to mfgcfg
     - arm64: dts: mediatek: mt7622: add support for coherent DMA
     - arm64: dts: mediatek: mt7622: introduce nodes for Wireless Ethernet Dispatch
     - arm64: dts: mediatek: mt7622: fix clock controllers
     - arm64: dts: mediatek: mt7622: fix IR nodename
     - arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
     - arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
     - arm64: dts: mediatek: mt2712: fix validation errors
     - ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
     - vxlan: drop packets from invalid src-address
     - mlxsw: core: Unregister EMAD trap using FORWARD action
     - icmp: prevent possible NULL dereferences from icmp_build_probe()
     - bridge/br_netlink.c: no need to return void function
     - NFC: trf7970a: disable all regulators on removal
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
     - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
     - mlxsw: spectrum_acl_tcam: Rate limit error message
     - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
     - mlxsw: spectrum_acl_tcam: Fix warning during rehash
     - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
     - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - serial: mxs-auart: add spinlock around changing cts state
     - drm-print: add drm_dbg_driver to improve namespace symmetry
     - drm/vmwgfx: Fix crtc's atomic check conditional
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - x86/cpu: Fix check for RDPKRU in __show_regs()
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - Bluetooth: qca: fix NULL-deref on non-serdev suspend
     - mmc: sdhci-msm: pervent access to suspended controller
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - [Configs] Update CPU mitigation configs
     - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - dmaengine: owl: fix register access functions
     - idma64: Don't try to serve interrupts when device is powered off
     - dma: xilinx_dpdma: Fix locking
     - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
     - riscv: fix VMALLOC_START definition
     - riscv: Fix TASK_SIZE on 64-bit NOMMU
     - i2c: smbus: fix NULL function pointer dereference
     - fbdev: fix incorrect address computation in d

Source diff to previous version
1786013 Packaging resync
2069352 aws: Backport linear memory map change
2067974 Jammy update: v5.15.158 upstream stable release
2067959 Jammy update: v5.15.157 upstream stable release
2046722 [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes
2065857 Jammy update: v5.15.156 upstream stable release
2065805 Jammy update: v5.15.155 upstream stable release
2065435 Jammy update: v5.15.154 upstream stable release
CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow
CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through
CVE-2024-24861 A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu
CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a
CVE-2024-26926 In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin
CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.
CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with
CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

Version: 5.15.0-1063.69~20.04.1 2024-05-10 22:08:50 UTC

 linux-aws-5.15 (5.15.0-1063.69~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1063.69~20.04.1 -proposed tracker
     (LP: #2063711)
 .
   [ Ubuntu: 5.15.0-1063.69 ]
 .
   * jammy/linux-aws: 5.15.0-1063.69 -proposed tracker (LP: #2063712)
   * aws: Support hibernation on Graviton (LP: #2060992)
     - SAUCE: PM: hibernate: Allow ACPI hardware signature to be honoured
     - SAUCE: PM: hibernate: Honour ACPI hardware signature by default for virtual
       guests
     - SAUCE: ACPICA: Detect FACS even for hardware reduced platforms
     - SAUCE: arm64: acpi: Honour firmware_signature field of FACS, if it exists
     - SAUCE: firmware/psci: Add definitions for PSCI v1.3 specification (ALPHA)
     - SAUCE: arm64: Use SYSTEM_OFF2 PSCI call to power off for hibernate
     - [Config]: Enable hibernate on arm64
     - [Config]: Enable hibernate on arm64
   * jammy/linux: 5.15.0-111.121 -proposed tracker (LP: #2063763)
   * RTL8852BE fw security fail then lost WIFI function during suspend/resume
     cycle (LP: #2063096)
     - wifi: rtw89: download firmware with five times retry
   * Mount CIFS fails with Permission denied (LP: #2061986)
     - cifs: fix ntlmssp auth when there is no key exchange
   * USB stick can't be detected (LP: #2040948)
     - usb: Disable USB3 LPM at shutdown
   * Jammy update: v5.15.153 upstream stable release (LP: #2063290)
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - selftests: tls: use exact comparison in recv_partial
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - x86/xen: Add some null pointer checking to smp.c
     - MIPS: Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - riscv: dts: sifive: add missing #interrupt-cells to pmic
     - x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - parisc/ftrace: add missing CONFIG_DYNAMIC_FTRACE check
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
     - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
     - firewire: core: use long bus reset on gap count error
     - ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
     - ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
     - ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - s390/dasd: put block allocation in separate function
     - s390/dasd: add query PPRC function
     - s390/dasd: add copy pair setup
     - s390/dasd: add autoquiesce feature
     - s390/dasd: Use dev_*() for device log messages
     - s390/dasd: fix double module refcount decrement
     - fs/select: rework stack allocation hack for clang
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - lib/cmdline: Fix an invalid format specifier in an assertion msg
     - time: test: Fix incorrect format specifier
     - rtc: test: Fix invalid format specifier.
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - sched/fair: Take the scheduling domain into account in select_idle_core()
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - cpufreq: Explicitly include correct DT includes
     - cpufreq: mediatek-hw: Wait for CPU supplies before probing
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - cpufreq: mediatek-hw: Don't error out if supply is not found
     - arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL i.MX8MM
     - arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals on BL
       board
     - arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on SD
       card
     - arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card IO
       voltage
     - arm64: dts: imx8mm-kontron: Disable pull resistors for SD card signals on BL
       board
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: mvm: report beacon protect

Source diff to previous version
2060992 aws: Support hibernation on Graviton
2063096 RTL8852BE fw security fail then lost WIFI function during suspend/resume cycle
2061986 Mount CIFS fails with Permission denied
2063290 Jammy update: v5.15.153 upstream stable release
2063276 Jammy update: v5.15.152 upstream stable release
2060422 Avoid creating non-working backlight sysfs knob from ASUS board
2058477 [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \
2060209 Jammy update: v5.15.151 upstream stable release
2063067 Fix bluetooth connections with 3.0 device
2060142 Jammy update: v5.15.150 upstream stable release
CVE-2024-26809 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clo
CVE-2024-26792 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When
CVE-2023-52530 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c
CVE-2023-52447 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an in
CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incomin
CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i
CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations
CVE-2024-26736 In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volum
CVE-2024-26748 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->co
CVE-2023-47233 The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by
CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_
CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous
CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one
CVE-2024-26622 In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control(

Version: 5.15.0-1061.67~20.04.1 2024-04-17 18:08:54 UTC

 linux-aws-5.15 (5.15.0-1061.67~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1061.67~20.04.1 -proposed tracker
     (LP: #2061761)
 .
   [ Ubuntu: 5.15.0-1061.67 ]
 .
   * jammy/linux-aws: 5.15.0-1061.67 -proposed tracker (LP: #2061762)
   * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
   * CVE-2024-2201
     - x86/bugs: Use sysfs_emit()
     - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
     - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
     - KVM: x86: Use a switch statement and macros in __feature_translate()
     - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
     - x86/syscall: Don't force use of indirect calls for system calls
     - x86/bhi: Add support for clearing branch history at syscall entry
     - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
     - x86/bhi: Enumerate Branch History Injection (BHI) bug
     - x86/bhi: Add BHI mitigation knob
     - x86/bhi: Mitigate KVM by default
     - KVM: x86: Add BHI_NO
     - [Config] Set CONFIG_BHI to enabled (auto)
   * Drop fips-checks script from trees (LP: #2055083)
     - [Packaging] Remove fips-checks script
   * alsa/realtek: adjust max output valume for headphone on 2 LG machines
     (LP: #2058573)
     - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
   * A general-proteciton exception during guest migration to unsupported PKRU
     machine (LP: #2032164)
     - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
     - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
   * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
     counter (LP: #2058485)
     - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
     - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
     - ipc: Store mqueue sysctls in the ipc namespace
     - ipc: Store ipc sysctls in the ipc namespace
     - ipc: Use the same namespace to modify and validate
     - ipc: Remove extra1 field abuse to pass ipc namespace
     - ipc: Check permissions for checkpoint_restart sysctls at open time
     - percpu: add percpu_counter_add_local and percpu_counter_sub_local
     - ipc/msg: mitigate the lock contention with percpu counter
   * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
     - ksmbd: free ppace array on error in parse_dacl
     - ksmbd: don't allow O_TRUNC open on read-only share
     - ksmbd: validate mech token in session setup
     - ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
     - ksmbd: only v2 leases handle the directory
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - scsi: ufs: core: Simplify power management during async scan
     - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan()
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - btrfs: sysfs: validate scrub_speed_max value
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - crypto: s390/aes - Fix buffer overread in CTR mode
     - media: imx355: Enable runtime PM before registering async sub-device
     - rpmsg: virtio: Free driver_override when rpmsg_remove()
     - media: ov9734: Enable runtime PM before registering async sub-device
     - mips: Fix max_mapnr being uninitialized on early stages
     - bus: mhi: host: Drop chan lock before queuing buffers
     - bus: mhi: host: Add spinlock to protect WP access when queueing TREs
     - parisc/firmware: Fix F-extend for PDC addresses
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
     - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types
     - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - ksmbd: set v2 lease version on lease upgrade
     - ksmbd: fix potential circular locking issue in smb2_set_ea()
     - ksmbd: don't increment epoch if current state and request state are same
     - ksmbd: send lease break notification on FILE_RENAME_INFORMATION
     - ksmbd: Add missing set_freezable() for freezable kthread
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5: DR, Align mlx5dv_dr API vport action with FW behavior
     - net/mlx5: DR

Source diff to previous version
2055083 Drop fips-checks script from trees
2058573 alsa/realtek: adjust max output valume for headphone on 2 LG machines
2032164 A general-proteciton exception during guest migration to unsupported PKRU machine
2058485 [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu counter
2059014 Jammy update: v5.15.149 upstream stable release
2056418 Fix headphone mic detection issue on ALC897
2056373 Problems with HVCS and hotplugging
2056227 KVM: arm64: softlockups in stage2_apply_range
2060780 CIFS stopped working/is unstable with kernel update to 5.15.0-102.112
CVE-2024-2201 Native Branch History Injection
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.

Version: 5.15.0-1057.63~20.04.1 2024-03-25 13:09:09 UTC

 linux-aws-5.15 (5.15.0-1057.63~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1057.63~20.04.1 -proposed tracker
     (LP: #2055586)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
     - debian.aws-5.15/dkms-versions -- update from kernel-versions
       (main/2024.03.04)
 .
   [ Ubuntu: 5.15.0-1057.63 ]
 .
   * Packaging resync (LP: #1786013)
     - debian.aws/dkms-versions -- update from kernel-versions (main/2024.03.04)
 .
   [ Ubuntu: 5.15.0-1057.62 ]
 .
   * jammy/linux-aws: 5.15.0-1057.62 -proposed tracker (LP: #2055587)
   * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
     linux-modules-extra to linux-modules (LP: #2045561)
     - [Packaging] Move dmi-sysfs.ko into linux-modules
   * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
     modules-extra to linux-modules (LP: #2054809)
     - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
       extra
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
   * aws: Backport latest ENA driver in upstream Linux to enable IRQ moderation
     (LP: #2056475)
     - net: ena: Enable DIM by default
   * tcp: Add memory barrier to tcp_push() (LP: #2051727)
     - tcp: Add memory barrier to tcp_push()
   * jammy/linux: 5.15.0-102.112 -proposed tracker (LP: #2055632)
   * Drop ABI checks from kernel build (LP: #2055686)
     - [Packaging] Remove in-tree abi checks
     - [Packaging] Drop abi checks from final-checks
   * Packaging resync (LP: #1786013)
     - [Packaging] drop ABI data
     - [Packaging] update annotations scripts
     - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
   * block/loop: No longer allows to create partitions (LP: #2056143)
     - block, loop: support partitions without scanning
   * Cranky update-dkms-versions rollout (LP: #2055685)
     - [Packaging] remove update-dkms-versions
     - Move debian/dkms-versions to debian.master/dkms-versions
     - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
     - [Packaging] remove update-version-dkms
   * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
     modules-extra to linux-modules (LP: #2054809)
     - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
       extra
   * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
     - [Packaging] rules: Put usbip manpages in the correct directory
   * CVE-2024-23851
     - dm ioctl: log an error if the ioctl structure is corrupted
     - dm: limit the number of targets and parameter size area
   * CVE-2024-23850
     - btrfs: do not ASSERT() if the newly created subvolume already got read
   * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
     (LP: #2054699)
     - x86/tsc: Extend watchdog check exemption to 4-Sockets platform
   * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
     linux-modules-extra to linux-modules (LP: #2045561)
     - [Packaging] Move dmi-sysfs.ko into linux-modules
   * Fix bpf selftests build failure after v5.15.139 update (LP: #2054567)
     - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on
       stack"
   * Jammy update: v5.15.148 upstream stable release (LP: #2055145)
     - f2fs: explicitly null-terminate the xattr list
     - pinctrl: lochnagar: Don't build on MIPS
     - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
     - mptcp: fix uninit-value in mptcp_incoming_options
     - wifi: cfg80211: lock wiphy mutex for rfkill poll
     - debugfs: fix automount d_fsdata usage
     - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
     - nvme-core: check for too small lba shift
     - ASoC: wm8974: Correct boost mixer inputs
     - ASoC: Intel: Skylake: Fix mem leak in few functions
     - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
       __be16
     - ASoC: Intel: Skylake: mem leak in skl register function
     - ASoC: cs43130: Fix the position of const qualifier
     - ASoC: cs43130: Fix incorrect frame delay configuration
     - ASoC: rt5650: add mutex to avoid the jack detection failure
     - nouveau/tu102: flush all pdbs on vmm flush
     - net/tg3: fix race condition in tg3_reset_task()
     - ASoC: da7219: Support low DC impedance headset
     - ASoC: ops: add correct range check for limiting volume
     - nvme: introduce helper function to get ctrl state
     - drm/amdgpu: Add NULL checks for function pointers
     - drm/exynos: fix a potential error pointer dereference
     - drm/exynos: fix a wrong error checking
     - hwmon: (corsair-psu) Fix probe when built-in
     - clk: rockchip: rk3128: Fix HCLK_OTG gate register
     - jbd2: correct the printing of write_flags in jbd2_write_superblock()
     - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
     - neighbour: Don't let neigh_forced_gc() disable preemption for long
     - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events
     - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
     - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
     - tracing: Add size check when printing trace_marker output
     - stmmac: dwmac-loongson: drop useless check for compatible fallback
     - MIPS: dts: loongson: drop incorrect dwmac fallback compatible
     - tracing: Fix uaf issue when open the hist or hist_debug file
     - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
       NMI
     - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
     - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
     - Input: i8042 - add nomux quirk for Acer P459-G2-M
     - s390/scm: fix virtual vs physical address confusion
     - ARC: fix spare error
     - wifi: iwlwifi: pcie: avoid a NULL pointer dereference
     - Input: xpad - add Razer Wol

Source diff to previous version
1786013 Packaging resync
2045561 linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from linux-modules-extra to linux-modules
2054809 linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-modules-extra to linux-modules
2056475 aws: Backport latest ENA driver in upstream Linux to enable IRQ moderation
2051727 tcp: Add memory barrier to tcp_push()
2055686 Drop ABI checks from kernel build
2056143 block/loop: No longer allows to create partitions
2055685 Cranky update-dkms-versions rollout
2054094 linux-tools-common: man page of usbip[d] is misplaced
2054699 x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
2054567 Fix bpf selftests build failure after v5.15.139 update
2055145 Jammy update: v5.15.148 upstream stable release
2053251 performance: Scheduler: ratelimit updating of load_avg
2054411 Jammy update: v5.15.147 upstream stable release
2053152 performance: mm/percpu-internal.h: Re-layout pcpu_chunk to mitigate false sharing
2053069 performance: address_space: add padding for i_map and i_mmap_rwsem to mitigate a false sharing
2052817 cpufreq: intel_pstate: Enable HWP IO boost for all servers
2052827 performance: mm/memcontrol.c: remove the redundant updating of stats_flush_threshold
2053212 Jammy update: v5.15.146 upstream stable release
1971699 disable Intel DMA remapping by default
2052005 Validate connection interval to pass Bluetooth Test Suite
2052406 Jammy update: v5.15.145 upstream stable release
2052404 Jammy update: v5.15.144 upstream stable release
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missi
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be
CVE-2024-24855 A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer deref
CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-23000 In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error cas
CVE-2023-46838 Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them
CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_
CVE-2023-32247 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_S
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_

Version: 5.15.0-1053.58~20.04.1 2024-01-22 19:08:55 UTC

 linux-aws-5.15 (5.15.0-1053.58~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1053.58~20.04.1 -proposed tracker
     (LP: #2048286)
 .
   [ Ubuntu: 5.15.0-1053.58 ]
 .
   * jammy/linux-aws: 5.15.0-1053.58 -proposed tracker (LP: #2048287)
   * jammy/linux: 5.15.0-94.104 -proposed tracker (LP: #2048777)
   * [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
     (LP: #2028158)
     - device-dax: Fix duplicate 'hmem' device registration
   * Add ODM driver f81604 usb-can (LP: #2045387)
     - can: usb: f81604: add Fintek F81604 support
     - [Config] updateconfigs for ODM drivers CONFIG_CAN_F81604
   * Add ODM driver gpio-m058ssan (LP: #2045386)
     - SAUCE: ODM: gpio: add M058SSAN gpio driver
     - [Config] updateconfigs for ODM drivers CONFIG_GPIO_M058SSAN
   * Add ODM driver rtc-pcf85263 (LP: #2045385)
     - SAUCE: ODM: rtc: add PCF85263 RTC driver
     - [Config] updateconfigs for ODM drivers CONFIG_RTC_DRV_PCF85263
   * AppArmor patch for mq-posix interface is missing in jammy (LP: #2045384)
     - SAUCE: (no-up) apparmor: reserve mediation classes
     - SAUCE: (no-up) apparmor: Add fine grained mediation of posix mqueues
   * Packaging resync (LP: #1786013)
     - [Packaging] update annotations scripts
   * jammy/linux: 5.15.0-93.103 -proposed tracker (LP: #2048330)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] remove helper scripts
     - [Packaging] update annotations scripts
     - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)
   * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
   * CVE-2023-6622
     - netfilter: nf_tables: bail out on mismatching dynset and set expressions
   * CVE-2024-0193
     - netfilter: nf_tables: skip set commit for deleted/destroyed sets
   * CVE-2023-6040
     - netfilter: nf_tables: Reject tables of unsupported family
   * Patches needed for AmpereOne (arm64) (LP: #2044192)
     - clocksource/arm_arch_timer: Add build-time guards for unhandled register
       accesses
     - clocksource/drivers/arm_arch_timer: Drop CNT*_TVAL read accessors
     - clocksource/drivers/arm_arch_timer: Extend write side of timer register
       accessors to u64
     - clocksource/drivers/arm_arch_timer: Move system register timer programming
       over to CVAL
     - clocksource/drivers/arm_arch_timer: Move drop _tval from erratum function
       names
     - clocksource/drivers/arm_arch_timer: Fix MMIO base address vs callback
       ordering issue
     - clocksource/drivers/arm_arch_timer: Move MMIO timer programming over to CVAL
     - clocksource/drivers/arm_arch_timer: Advertise 56bit timer to the core code
     - clocksource/drivers/arm_arch_timer: Work around broken CVAL implementations
     - clocksource/drivers/arm_arch_timer: Remove any trace of the TVAL programming
       interface
     - clocksource/drivers/arm_arch_timer: Drop unnecessary ISB on CVAL programming
     - clocksource/drivers/arm_arch_timer: Fix masking for high freq counters
     - clocksource/drivers/arch_arm_timer: Move workaround synchronisation around
   * Add quirk to disable i915 fastboot on B&R PC (LP: #2047630)
     - SAUCE: i915: force disable fastboot quirk
   * Some machines can't pass the pm-graph test (LP: #2046217)
     - wifi: iwlwifi: pcie: rescan bus if no parent
   * Sound: Add rtl quirk of M90-Gen5 (LP: #2046105)
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
   * linux tools packages for derived kernels refuse to install simultaneously
     due to libcpupower name collision (LP: #2035971)
     - [Packaging] Statically link libcpupower into cpupower tool
   * [Debian] autoreconstruct - Do not generate chmod -x for deleted files
     (LP: #2045562)
     - [Debian] autoreconstruct - Do not generate chmod -x for deleted files
   * CVE-2023-6931
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size()
     - perf: Fix perf_event_validate_size() lockdep splat
   * CVE-2023-6932
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
   * CVE-2023-6606
     - smb: client: fix OOB in smbCalcSize()
   * CVE-2023-6817
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
   * Jammy update: v5.15.136 upstream stable release (LP: #2046008)
     - iommu/vt-d: Avoid memory allocation in iommu_suspend()
     - scsi: core: Use a structure member to track the SCSI command submitter
     - scsi: core: Rename scsi_mq_done() into scsi_done() and export it
     - scsi: ib_srp: Call scsi_done() directly
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - of: overlay: Reorder struct fragment fields kerneldoc
     - platform/x86: think-lmi: Fix reference leak
     - platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section
       mismatch warning
     - lib/test_meminit: fix off-by-one error in test_pages()
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset
     - KEYS: trusted: allow use of kernel RNG for key material
     - KEYS: trusted: Remove redundant static calls usage
     - drm/msm/dp: do not reinitialize phy unless retry during link training
     - drm/msm/dsi: skip the wait for video mode done if not applicable
     - drm/msm/dsi: fix irq_of_parse_and_map() error checking
     - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow
     - ravb: Fix up dma_free_coherent() call in ravb_remove()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work()
     - ieee802154: ca8210: Fix

2028158 [SRU] Duplicate Device_dax ids Created and hence Probing is Failing.
2045387 Add ODM driver f81604 usb-can
2045386 Add ODM driver gpio-m058ssan
2045385 Add ODM driver rtc-pcf85263
2045384 AppArmor patch for mq-posix interface is missing in jammy
1786013 Packaging resync
2047382 Hotplugging SCSI disk in QEMU VM fails
2044192 Patches needed for AmpereOne (arm64)
2047630 Add quirk to disable i915 fastboot on B\u0026R PC
2035971 linux tools packages for derived kernels refuse to install simultaneously due to libcpupower name collision
2045562 [Debian] autoreconstruct - Do not generate chmod -x for deleted files
2046008 Jammy update: v5.15.136 upstream stable release
2045809 Jammy update: v5.15.135 upstream stable release
2029405 Change in trace file leads to test timeout in ftrace tests on 5.15 ARM64
2041842 Kernel doesn't compile with CONFIG_IMA
2044023 Jammy update: v5.15.134 upstream stable release
2043422 Jammy update: v5.15.133 upstream stable release
2041702 Jammy update: v5.15.132 upstream stable release
CVE-2023-6622 A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue ma
CVE-2024-0193 A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is r
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-6817 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-46813 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checki
CVE-2023-6111 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The func
CVE-2023-32252 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF co
CVE-2023-6176 A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a
CVE-2023-6039 A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel.



About   -   Send Feedback to @ubuntu_updates