UbuntuUpdates.org

Package "linux-bluefield"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-bluefield

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0

Latest version: 5.4.0-1080.87
Release: focal (20.04)
Level: base
Repository: main

Links



Other versions of "linux-bluefield" in Focal

Repository Area Version
security main 5.4.0-1079.85
updates main 5.4.0-1079.85
proposed main 5.4.0-1080.87

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-1080.87 2024-02-22 15:08:43 UTC

 linux-bluefield (5.4.0-1080.87) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1080.87 -proposed tracker (LP: #2052097)
 .
   * Focal update: v5.4.262 upstream stable release (LP: #2049069)
     - netfilter: nf_tables: adapt set backend to use GC transaction API
     - netfilter: nf_tables: drop map element references from preparation phase
 .
   * Focal update: v5.4.261 upstream stable release (LP: #2049049)
     - [Config] bluefield: remove CONFIG_QCOM_SDM845_LLCC
 .
   * Focal update: v5.4.260 upstream stable release (LP: #2049024)
     - [Config] bluefield: remove CONFIG_BLK_DEV_SX8
 .
   [ Ubuntu: 5.4.0-173.191 ]
 .
   * focal/linux: 5.4.0-173.191 -proposed tracker (LP: #2052135)
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)
   * CVE-2023-0340
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
   * CVE-2023-6915
     - ida: Fix crash in ida_free when the bitmap is empty
   * Focal update: v5.4.265 upstream stable release (LP: #2051644)
     - afs: Fix refcount underflow from error handling race
     - net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX
     - qca_debug: Prevent crash on TX ring changes
     - qca_debug: Fix ethtool -G iface tx behavior
     - qca_spi: Fix reset behavior
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - atm: Fix Use-After-Free in do_vcc_ioctl
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
       virtio_transport_has_space()
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - cred: switch to using atomic_long_t
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
       required!"
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: add code comments for bch_btree_node_get() and
       __bch_btree_node_alloc()
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
     - powerpc/ftrace: Fix stack teardown in ftrace_no_trace
     - Linux 5.4.265
   * Focal update: v5.4.264 upstream stable release (LP: #2049935)
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
       add/del/test
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - of: base: Add of_get_cpu_state_node() to get idle states for a CPU node
     - ACPI/IORT: Make iort_get_device_domain IRQ domain agnostic
     - ACPI/IORT: Make iort_msi_map_rid() PCI agnostic
     - of/iommu: Make of_map_rid() PCI agnostic
     - of/irq: make of_msi_map_get_device_domain() bus agnostic
     - of/irq: Make of_msi_map_rid() PCI bus agnostic
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: Fix RESET flag handling
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - RDMA/bnxt_re: Correct module description string
     - hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ARM: dts: imx: make gpt node name generic
     - ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - tracing: Always update snapshot buffer size
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - arm64: dts: me

Source diff to previous version
2049069 Focal update: v5.4.262 upstream stable release
2049049 Focal update: v5.4.261 upstream stable release
2049024 Focal update: v5.4.260 upstream stable release
1786013 Packaging resync
2051644 Focal update: v5.4.265 upstream stable release
2049935 Focal update: v5.4.264 upstream stable release
2049084 Focal update: v5.4.263 upstream stable release
CVE-2023-0340 The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contribu
CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cau
CVE-2024-0646 An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with
CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Ker
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race co
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race conditi
CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2023-22995 In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and

Version: 5.4.0-1078.84 2024-01-15 18:08:41 UTC

 linux-bluefield (5.4.0-1078.84) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1078.84 -proposed tracker (LP: #2048244)
 .
   [ Ubuntu: 5.4.0-171.189 ]
 .
   * focal/linux: 5.4.0-171.189 -proposed tracker (LP: #2048282)
   * Packaging resync (LP: #1786013)
     - [Packaging] remove helper scripts
     - [Packaging] update annotations scripts
     - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)
   * Page fault in RDMA ODP triggers BUG_ON during MMU notifier registration
     (LP: #2046534)
     - RDMA/odp: Ensure the mm is still alive before creating an implicit child
   * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
   * CVE-2023-6040
     - netfilter: nf_tables: Reject tables of unsupported family
   * kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10
     (LP: #2032641)
     - selftests: Skip TM tests on synthetic TM implementations
   * [Debian] autoreconstruct - Do not generate chmod -x for deleted files
     (LP: #2045562)
     - [Debian] autoreconstruct - Do not generate chmod -x for deleted files
   * CVE-2023-6931
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size()
     - perf: Fix perf_event_validate_size() lockdep splat
   * CVE-2023-6932
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
   * CVE-2023-6606
     - smb: client: fix OOB in smbCalcSize()
   * CVE-2023-45863
     - kobject: Fix slab-out-of-bounds in fill_kobj_path()
   * Focal update: v5.4.259 upstream stable release (LP: #2043724)
     - RDMA/cxgb4: Check skb value for failure to allocate
     - lib/test_meminit: fix off-by-one error in test_pages()
     - pwm: hibvt: Explicitly set .polarity in .get_state()
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - drm: etvnaviv: fix bad backport leading to warning
     - drm/msm/dsi: skip the wait for video mode done if not applicable
     - ravb: Fix up dma_free_coherent() call in ravb_remove()
     - ieee802154: ca8210: Fix a potential UAF in ca8210_probe
     - mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type
     - xen-netback: use default TX queue size for vifs
     - drm/vmwgfx: fix typo of sizeof argument
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
       workqueue_apply_unbound_cpumask()
     - dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - mcb: remove is_added flag from mcb_device struct
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - dmaengine: mediatek: Fix deadlock caused by synchronize_irq()
     - powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE
     - powerpc/64e: Fix wrong test in __ptep_test_and_clear_young()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work()
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - KVM: x86: Mask LVTPC when handling a PMI
     - netfilter: nft_payload: fix wrong mac header matching
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     

Source diff to previous version
1786013 Packaging resync
2046534 Page fault in RDMA ODP triggers BUG_ON during MMU notifier registration
2047382 Hotplugging SCSI disk in QEMU VM fails
2032641 kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10 \t
2045562 [Debian] autoreconstruct - Do not generate chmod -x for deleted files
2043724 Focal update: v5.4.259 upstream stable release
2042107 Focal update: v5.4.258 upstream stable release
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported
CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escala
CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition c
CVE-2023-6606 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker
CVE-2023-45863 An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in

Version: 5.4.0-1076.82 2023-11-30 14:11:27 UTC

 linux-bluefield (5.4.0-1076.82) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1076.82 -proposed tracker (LP: #2041621)
 .
   * pwr-mlxbf: Several bug fixes for focal (LP: #2041996)
     - SAUCE: Fix race condition between loading pwr-mlxbf.c and gpio-mlxbf2.c
       drivers
     - SAUCE: pwr-mlxbf.c: rmmod results in kernel panic due to access to NULL
       pointer
     - SAUCE: pwr-mlxbf: support graceful reboot instead of soft reset
 .
   [ Ubuntu: 5.4.0-169.187 ]
 .
   * focal/linux: 5.4.0-169.187 -proposed tracker (LP: #2044375)
   * USB bus error after upgrading to proposed kernel on lunar, jammy and focal
     (LP: #2043197)
     - USB: core: Fix oversight in SuperSpeed initialization
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] update annotations scripts
 .
   [ Ubuntu: 5.4.0-168.186 ]
 .
   * focal/linux: 5.4.0-168.186 -proposed tracker (LP: #2041652)
   * Focal update: v5.4.257 upstream stable release (LP: #2040284)
     - erofs: ensure that the post-EOF tails are all zeroed
     - ARM: pxa: remove use of symbol_get()
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - m68k: Fix invalid .section syntax
     - s390/dasd: use correct number of retries for ERP requests
     - s390/dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - ASoC: atmel: Fix the 8K sample parameter in I2SC master
     - platform/x86: intel: hid: Always call BTNL ACPI method
     - platform/x86: huawei-wmi: Silence ambient light sensor
     - security: keys: perform capable check only on privileged operations
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - cifs: add a warning when the in-flight count goes negative
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE
       notifications
     - powerpc/32s: Fix assembler warning about r0
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - new helper: lookup_positive_unlocked()
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - x86/asm: Make more symbols local
     - x86/boot: Annotate local functions
     - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - spi: tegra20-sflash: fix to check return value of platform_get_irq() in
       tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - mwifiex: switch from 'pci_' to 'dma_' API
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - crypto: stm32 - Properly handle pm_runtime_get failing
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - use semicolons rather than commas to separate
       statements
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a l

Source diff to previous version
2041996 pwr-mlxbf: Several bug fixes for focal
2043197 USB bus error after upgrading to proposed kernel on lunar and jammy
1786013 Packaging resync
2040284 Focal update: v5.4.257 upstream stable release
2039446 Focal update: v5.4.256 upstream stable release
2039440 Focal update: v5.4.255 upstream stable release
2039291 Focal update: v5.4.254 upstream stable release
2038652 Focal update: v5.4.253 upstream stable release
CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num
CVE-2023-45871 An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be ade
CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local pr
CVE-2023-39192 A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw all
CVE-2023-31085 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirec
CVE-2023-5178 A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` ...
CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before c
CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/us

Version: 5.4.0-1074.80 2023-10-09 16:09:01 UTC

 linux-bluefield (5.4.0-1074.80) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1074.80 -proposed tracker (LP: #2037977)
 .
   * Use new annotations model (LP: #2019000)
     - [Config] bluefield: sanitize annotations
     - [Config] bluefield: import generated config into annotation file
     - [Config] bluefield: Remove all old configs files
 .
   * Focal update: v5.4.251 upstream stable release (LP: #2034918)
     - SAUCE: fix build for net/netfilter/nf_tables_offload.c
     - SAUCE: fix build for net/netfilter/nf_flow_table_offload.c
 .
   [ Ubuntu: 5.4.0-166.183 ]
 .
   * focal/linux: 5.4.0-166.183 -proposed tracker (LP: #2038010)
   * Use new annotations model (LP: #2019000)
     - [Packaging] new annotations model infrastructure
     - [Packaging] config-check: Handle new annotations format 4
     - [Packaging] rules: Use old-kernelconfig for old configs
     - [Config] sanitize annotations
     - [Config] import generated configs into annotation file
     - [Packaging] kernelconfig: add i386 as supported arch
     - [Config] Remove all old configs files
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - [Packaging] update annotations scripts
   * fix typo in config-checks invocation (LP: #2020413)
     - [Packaging] fix typo when calling the old config-check
     - [Packaging] fix typo in 4-checks.mk
   * support python < 3.9 with annotations (LP: #2020531)
     - [Packaging] kconfig/annotations.py: support older way of merging dicts
   * CVE-2023-42756
     - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
   * CVE-2023-4623
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve
   * Focal update: v5.4.252 upstream stable release (LP: #2036240)
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - x86/cpufeatures: Add SEV-ES CPU feature
     - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
     - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - Linux 5.4.252
     - Upstream stable to v5.4.252
   * CVE-2023-42755
     - net/sched: Retire rsvp classifier
     - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
   * CVE-2023-42753
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c
   * CVE-2023-34319
     - xen/netback: Fix buffer overrun triggered by unusual packet
   * CVE-2023-4921
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
   * CVE-2023-42752
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
   * Avoid address overwrite in kernel_connect (LP: #2035163)
     - net: Avoid address overwrite in kernel_connect
   * [regression] Unable to initialize SGX enclaves with XFRM other than 3
     (LP: #2034745)
     - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
   * CVE-2023-4881
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
   * CVE-2023-4622
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
   * Focal update: v5.4.251 upstream stable release (LP: #2034918)
     - x86/smp: Use dedicated cache-line for mwait_play_dead()
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - drm/i915: Initialise outparam for error return from wait_for_register
     - scripts/tags.sh: Resolve gtags empty index generation
     - drm/amdgpu: Validate VM ioctl flags.
     - bgmac: fix *initial* chip reset to support BCM5358
     - x86/resctrl: Use is_closid_match() in more places
     - x86/resctrl: Only show tasks' pid in current pid namespace
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Use ttc driver as platform driver
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - ARM: 9303/1: kprobes: avoid missing-declaration warnings
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - ima: Fix build warnings
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - samples/bpf: Fix buffer overflow in tcp_basertt
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix a bunch of formatting issues related to function docs
     - wl3501_cs: Remove unnecessary NULL check
     - wl3501_cs: Fix misspelling and provide missing documentatio

Source diff to previous version
2019000 Use new annotations model
2034918 Focal update: v5.4.251 upstream stable release
1786013 Packaging resync
2020413 fix typo in config-checks invocation
2020531 support python \u003c 3.9 with annotations
2036240 Focal update: v5.4.252 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2033297 Focal update: v5.4.250 upstream stable release
2033278 Focal update: v5.4.249 upstream stable release
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

Version: 5.4.0-1072.78 2023-09-22 12:08:28 UTC

 linux-bluefield (5.4.0-1072.78) focal; urgency=medium
 .
   * focal/linux-bluefield: 5.4.0-1072.78 -proposed tracker (LP: #2033834)
 .
   * Focal update: v5.4.248 upstream stable release (LP: #2031121)
     - [Config] bluefield: updateconfigs for DECNET
 .
   * mlxbf-gige: Enable the OOB port in mlxbf_gige_open (LP: #2035128)
     - SAUCE: mlxbf-gige: Enable the OOB port in mlxbf_gige_open
 .
   [ Ubuntu: 5.4.0-164.181 ]
 .
   * focal/linux: 5.4.0-164.181 -proposed tracker (LP: #2033867)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
   * Azure: hv_netvsc: add support for vlans in AF_PACKET mode (LP: #2030872)
     - hv_netvsc: add support for vlans in AF_PACKET mode
   * systemd mount units fail during boot, while file system is correctly mounted
     (LP: #1837227)
     - list: introduce list_for_each_continue()
     - proc/mounts: add cursor
   * CVE-2023-40283
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   * CVE-2023-20588
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/CPU/AMD: Do not leak quotient data after a division by 0
     - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
   * CVE-2023-4194
     - net: tun_chr_open(): set sk_uid from current_fsuid()
     - net: tap_open(): set sk_uid from current_fsuid()
   * CVE-2023-1206
     - tcp: Reduce chance of collisions in inet6_hashfn().
   * CVE-2021-4001
     - bpf: Fix toctou on read-only map's constant scalar tracking
   * Focal update: v5.4.248 upstream stable release (LP: #2031121)
     - test_firmware: fix a memory leak with reqs buffer
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - dasd: refactor dasd_ioctl_information
     - s390/dasd: Use correct lock while counting channel queue length
     - power: supply: ab8500: Fix external_power_changed race
     - power: supply: sc27xx: Fix external_power_changed race
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - ARM: dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - irqchip/meson-gpio: Mark OF related data as maybe unused
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
     - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
     - MIPS: Alchemy: fix dbdma2
     - mips: Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nios2: dts: Fix tse_mac "max-frame-size" property
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - powerpc/purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel
     - [Config] updateconfigs for DECNET
     - USB: serial: option: add Quectel EM061KGL series
     - serial: lantiq: add missing interrupt ack
     - usb: dwc3: gadget: Reset num TRBs before giving back the request
     - spi: spi-fsl-dspi: Remove unused chip->void_write_data
     - spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - ping6: Fix send to link-local addresses with VRF.
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau/kms: Don't change EDID when it hasn't actually changed
     - drm/nouveau: add nv_encoder pointer check for NULL
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: lapbether: only support ethernet devices
     - net: tipc: resize nlattr array to correct size
     - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
     - afs: Fix vlserver probe RTT handling
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - neighbour: delete neigh_lookup_nodev as not used
     - drm/nouveau/kms: Fix NULL pointer dereference in
       nouveau_connector_detect_depth
     - mmc: block: ensure error propagation for non-blk
     - Linux 5.4.248
   * Focal update: v5.4.247 upstream stable release (LP: #2030818)
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - block/blk-iocost (gcc13): keep large values in a new enum
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - spi: qup: Request DMA before enabling clocks
     - neighbour: Replace zero-length array with flexible-array member
     - neighbour: fix unaligned

2031121 Focal update: v5.4.248 upstream stable release
2035128 mlxbf-gige: Enable the OOB port in mlxbf_gige_open
2022361 Please enable Renesas RZ platform serial installer
2030872 Azure: hv_netvsc: add support for vlans in AF_PACKET mode
1837227 systemd mount units fail during boot, while file system is correctly mounted
2030818 Focal update: v5.4.247 upstream stable release
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2021-4001 A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/sys
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr



About   -   Send Feedback to @ubuntu_updates