UbuntuUpdates.org

Package "linux-headers-5.17.0-1033-oem"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-headers-5.17.0-1033-oem

Description:

Linux kernel headers for version 5.17.0 on 64 bit x86 SMP

Latest version: 5.17.0-1033.34
Release: jammy (22.04)
Level: base
Repository: main
Head package: linux-oem-5.17

Links


Download "linux-headers-5.17.0-1033-oem"


Other versions of "linux-headers-5.17.0-1033-oem" in Jammy

Repository Area Version
security main 5.17.0-1033.34
updates main 5.17.0-1033.34

Changelog

Version: 5.17.0-1033.34 2023-06-02 10:08:45 UTC

 linux-oem-5.17 (5.17.0-1033.34) jammy; urgency=medium
 .
   * jammy/linux-oem-5.17: 5.17.0-1033.34 -proposed tracker (LP: #2019421)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
 .
   * CVE-2023-1073
     - HID: check empty report_list in hid_validate_values()
 .
   * CVE-2023-0459
     - uaccess: Add speculation barrier to copy_from_user()
 .
   * CVE-2023-26606
     - fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs
 .
   * selftest: fib_tests: Always cleanup before exit (LP: #2015956)
     - selftest: fib_tests: Always cleanup before exit

Source diff to previous version
1786013 Packaging resync
CVE-2023-1073 A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This fl
CVE-2023-0459 Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check a
CVE-2023-26606 In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c.

Version: 5.17.0-1031.32 2023-04-18 15:12:37 UTC

 linux-oem-5.17 (5.17.0-1031.32) jammy; urgency=medium
 .
   * jammy/linux-oem-5.17: 5.17.0-1031.32 -proposed tracker (LP: #2016821)
 .
   * CVE-2022-2590
     - SAUCE: Revert "mm/shmem: unconditionally set pte dirty in
       mfill_atomic_install_pte"
 .
   * CVE-2023-23455
     - net: sched: atm: dont intepret cls results when asked to drop
 .
   * CVE-2023-26545
     - net: mpls: fix stale pointer if allocation fails during device rename
 .
   * CVE-2023-1829
     - net/sched: Retire tcindex classifier
     - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
 .
   * CVE-2023-1859
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition
 .
   * CVE-2022-3303
     - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
 .
   * CVE-2022-4095
     - staging: rtl8712: fix use after free bugs
 .
   * CVE-2022-4662
     - USB: core: Prevent nested device-reset calls
 .
   * CVE-2022-3586
     - sch_sfb: Don't assume the skb is still around after enqueueing to child
 .
   * CVE-2022-40307
     - efi: capsule-loader: Fix use-after-free in efi_capsule_write
 .
   * CVE-2023-0468
     - io_uring: update res mask in io_poll_check_events
     - io_uring: fix tw losing poll events
     - io_uring: cmpxchg for poll arm refs release
     - io_uring: make poll refs more robust
     - io_uring/poll: fix poll_refs race with cancelation
 .
   * CVE-2023-0386
     - ovl: fail on invalid uid/gid mapping at copy up
 .
   * Miscellaneous Ubuntu changes
     - [Config] Update gcc version

Source diff to previous version
CVE-2022-2590 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory
CVE-2023-23455 atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-
CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a
CVE-2022-3303 A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handli
CVE-2022-4095 A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing
CVE-2022-4662 A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this fla
CVE-2022-3586 A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SK
CVE-2022-40307 An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-fre
CVE-2023-0468 A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition o
CVE-2023-0386 A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s

Version: 5.17.0-1030.31 2023-04-03 17:08:58 UTC

 linux-oem-5.17 (5.17.0-1030.31) jammy; urgency=medium
 .
   * jammy/linux-oem-5.17: 5.17.0-1030.31 -proposed tracker (LP: #2011919)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update update.conf
     - debian/dkms-versions -- update from kernel-versions (main/2023.03.20)
 .
   * CVE-2022-4382
     - USB: gadgetfs: Fix race between mounting and unmounting
 .
   * CVE-2023-23559
     - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
 .
   * CVE-2022-3903
     - media: mceusb: Use new usb_control_msg_*() routines
 .
   * CVE-2023-1118
     - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
 .
   * CVE-2023-26607
     - ntfs: fix use-after-free in ntfs_ucsncmp()
     - ntfs: fix out-of-bounds read in ntfs_attr_find()
 .
   * CVE-2022-21505
     - lockdown: Fix kexec lockdown bypass with ima policy
 .
   * CVE-2023-1095
     - netfilter: nf_tables: fix null deref due to zeroed list head
 .
   * CVE-2023-1074
     - sctp: fail if no bound addresses can be used for a given scope
 .
   * CVE-2022-41849
     - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
 .
   * CVE-2023-1281
     - net/sched: tcindex: update imperfect hash filters respecting rcu

Source diff to previous version
1786013 Packaging resync
CVE-2022-4382 A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a
CVE-2023-23559 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2022-3903 An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicio
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user
CVE-2023-26607 In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2023-1095 In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() ca
CVE-2023-1074 A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networki
CVE-2022-41849 drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacke
CVE-2023-1281 RESERVED

Version: 5.17.0-1029.30 2023-03-13 21:08:40 UTC

 linux-oem-5.17 (5.17.0-1029.30) jammy; urgency=medium
 .
   * jammy/linux-oem-5.17: 5.17.0-1029.30 -proposed tracker (LP: #2008350)
 .
   * CVE-2023-0461
     - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461
 .
   * CVE-2023-0394
     - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
 .
   * CVE-2022-36280
     - drm/vmwgfx: Validate the box size for the snooped cursor
 .
   * CVE-2022-41850
     - HID: roccat: Fix use-after-free in roccat_read()
 .
   * CVE-2022-3061
     - video: fbdev: i740fb: Error out if 'pixclock' equals zero
 .
   * CVE-2022-3628
     - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
 .
   * CVE-2022-3646
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
 .
   * CVE-2022-3649
     - nilfs2: fix use-after-free bug of struct nilfs_root
 .
   * rtcpie in timers from ubuntu_kernel_selftests randomly failing
     (LP: #1814234)
     - SAUCE: selftest: rtcpie: Force passing unreliable subtest
 .
   * CVE-2022-2196
     - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS

Source diff to previous version
1814234 rtcpie in timers from ubuntu_kernel_selftests randomly failing
CVE-2023-0461 RESERVED
CVE-2023-0394 A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw c
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel
CVE-2022-41850 roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situ
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c
CVE-2022-3628 A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device
CVE-2022-3646 A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the
CVE-2022-3649 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inod
CVE-2022-2196 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 du

Version: 5.17.0-1028.29 2023-02-10 12:08:50 UTC

 linux-oem-5.17 (5.17.0-1028.29) jammy; urgency=medium
 .
   * jammy/linux-oem-5.17: 5.17.0-1028.29 -proposed tracker (LP: #2004346)
 .
   * CVE-2023-0045
     - x86/bugs: Flush IBP in ib_prctl_set()
 .
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/2023.01.30)
 .
   * Keeps rebooting with AMD W6400, W6600, and W6800 graphic cards
     (LP: #2000110)
     - drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
     - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
     - drm/amdgpu: make sure to init common IP before gmc
     - drm/amdgpu: fix sdma doorbell init ordering on APUs
 .
   * CVE-2022-47520
     - wifi: wilc1000: validate pairwise and authentication suite offsets
 .
   * Improve arp_ndisc_evict_nocarrier.sh test result processing (LP: #2006546)
     - selftests: net: return non-zero for failures reported in
       arp_ndisc_evict_nocarrier
 .
   * CVE-2022-43750
     - usb: mon: make mmapped memory read only
 .
   * CVE-2023-0461
     - net/ulp: prevent ULP without clone op from entering the LISTEN status
     - net/ulp: use consistent error code when blocking ULP
 .
   * CVE-2022-3565
     - mISDN: fix use-after-free bugs in l1oip timer handlers
 .
   * CVE-2022-36879
     - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
       xfrm_bundle_lookup()
 .
   * CVE-2022-20369
     - NFSD: fix use-after-free in __nfs42_ssc_open()
 .
   * arp_ndisc_evict_nocarrier.sh in net from ubuntu_kernel_selftests failed on
     J-oem-5.17 / K (LP: #1968310)
     - selftests: net: fix cleanup_v6() for arp_ndisc_evict_nocarrier
 .
   * CVE-2022-20566
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
 .
   * Expose built-in trusted and revoked certificates (LP: #1996892)
     - [Packaging] Expose built-in trusted and revoked certificates

1786013 Packaging resync
2006546 Improve arp_ndisc_evict_nocarrier.sh test result processing
1996892 Expose built-in trusted and revoked certificates
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-43750 drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's inter
CVE-2023-0461 RESERVED
CVE-2022-3565 A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drive
CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
CVE-2022-20369 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation
CVE-2022-20566 In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no



About   -   Send Feedback to @ubuntu_updates