UbuntuUpdates.org

Package "linux-bluefield"

Name: linux-bluefield

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0

Latest version: 5.4.0-1054.60
Release: focal (20.04)
Level: proposed
Repository: main

Links



Other versions of "linux-bluefield" in Focal

Repository Area Version
security main 5.4.0-1054.60
updates main 5.4.0-1054.60
PPA: Canonical Kernel Team 5.4.0-1057.63

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-1054.60 2022-12-08 00:06:23 UTC

  linux-bluefield (5.4.0-1054.60) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1054.60 -proposed tracker (LP: #1997808)

  * Increase stability with connection tracking offload (LP: #1995004)
    - net: Fix return value of qdisc ingress handling on success
    - netfilter: conntrack: annotate data-races around ct->timeout
    - netfilter: conntrack: remove unneeded nf_ct_put
    - netfilter: conntrack: convert to refcount_t api
    - netfilter: flowtable: Make sure GC works periodically in idle system
    - netfilter: flowtable: avoid possible false sharing
    - netfilter: flowtable: fix excessive hw offload attempts after failure
    - netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
    - netfilter: flowtable: add function to invoke garbage collection immediately
    - netfilter: flowtable: fix stuck flows on cleanup due to pending work

  * bluefield-edac: Potentially overflowing expression (LP: #1995109)
    - SAUCE: bluefield-edac: Fix potential integer overflow

  [ Ubuntu: 5.4.0-136.153 ]

  * focal/linux: 5.4.0-136.153 -proposed tracker (LP: #1997835)
  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates
  * [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
    (LP: #1995941)
    - KVM: s390: pv: don't present the ecall interrupt twice
  * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
    - s390/boot: add secure boot trailer
  * Fix rfkill causing soft blocked wifi (LP: #1996198)
    - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
  * md: Replace snprintf with scnprintf (LP: #1993315)
    - md: Replace snprintf with scnprintf
  * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
    - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
    - ACPI: resource: Add ASUS model S5402ZA to quirks
  * Focal update: v5.4.218 upstream stable release (LP: #1995530)
    - mm: pagewalk: Fix race between unmap and page walker
    - perf tools: Fixup get_current_dir_name() compilation
    - firmware: arm_scmi: Add SCMI PM driver remove routine
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - scsi: qedf: Fix a UAF bug in __qedf_probe()
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - arch: um: Mark the stack non-executable to fix a binutils warning
    - usb: mon: make mmapped memory read only
    - USB: serial: ftdi_sio: fix 300 bps rate for SIO
    - mmc: core: Replace with already defined values for readability
    - mmc: core: Terminate infinite loop in SD-UHS voltage switch
    - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - efi: Correct Macmini DMI match in uefi cert quirk
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - random: restore O_NONBLOCK support
    - random: avoid reading two cache lines on irq randomness
    - random: use expired timer rather than wq for mixing fast pool
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - Linux 5.4.218
  * Focal update: v5.4.217 upstream stable release (LP: #1995528)
    - xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag
    - xfs: introduce XFS_MAX_FILEOFF
    - xfs: truncate should remove all blocks, not just to the end of the page
      cache
    - xfs: fix s_maxbytes computation on 32-bit kernels
    - xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read
    - xfs: refactor remote attr value buffer invalidation
    - xfs: fix memory corruption during remote attr value buffer invalidation
    - xfs: move incore structures out of xfs_da_format.h
    - xfs: streamline xfs_attr3_leaf_inactive
    - xfs: fix uninitialized variable in xfs_attr3_leaf_inactive
    - xfs: remove unused variable 'done'
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - docs: update mediator information in CoC docs
    - Linux 5.4.217
  * Focal update: v5.4.216 upstream stable release (LP: #1995526)
    - uas: add no-uas quirk for Hiksemi usb_disk
    - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
    - uas: ignore UAS for Thinkplus chips
    - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
    - clk: ingenic-tcu: Properly enable registers before accessing timers
    - ARM: dts: integrator: Tag PCI host with device_type
    - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
    - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
    - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
    - mm/page_alloc: fix race condition between build_all_zonelists and page
      allocation
    - mm: prevent page_frag_alloc() from corrupting the memory
    - mm/migrate_device.c: flush TLB while holding PTL
    - mm: fix madivse_pageout mishandling on non-LRU page
    - media: dvb_vb2: fix possible out of bound access
    - ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver
    - ARM: dts: am33xx: Fix MMCHS0 dma properties
    - soc: sunxi: sram: Actually claim SRAM regions
    - soc: sunxi: sram: Prevent the driver from being unbound
    - soc: sunxi_sram: Make use of the helper function
      devm_platform_ioremap_resource()
    - soc: sunxi: sram: Fix probe function ordering issues
    - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
    - Rev

Source diff to previous version
1995004 Increase stability with connection tracking offload
1995109 bluefield-edac: Potentially overflowing expression
1996892 Expose built-in trusted and revoked certificates
1995941 [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
1996071 [UBUNTU 20.04] boot: Add s390x secure boot trailer
1996198 Fix rfkill causing soft blocked wifi
1993315 md: Replace snprintf with scnprintf
1992266 input/keyboard: the keyboard on some Asus laptops can't work
1995530 Focal update: v5.4.218 upstream stable release
1995528 Focal update: v5.4.217 upstream stable release
1995526 Focal update: v5.4.216 upstream stable release
1993203 Focal update: v5.4.215 upstream stable release
1993196 Focal update: v5.4.214 upstream stable release
1992211 Focal update: v5.4.213 upstream stable release
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c

Version: 5.4.0-1051.57 2022-11-18 12:07:49 UTC

  linux-bluefield (5.4.0-1051.57) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1051.57 -proposed tracker (LP: #1996359)

  * Increase stability with connection tracking offload (LP: #1995004)
    - net: Fix return value of qdisc ingress handling on success
    - netfilter: conntrack: annotate data-races around ct->timeout
    - netfilter: conntrack: remove unneeded nf_ct_put
    - netfilter: conntrack: convert to refcount_t api
    - netfilter: flowtable: Make sure GC works periodically in idle system
    - netfilter: flowtable: avoid possible false sharing
    - netfilter: flowtable: fix excessive hw offload attempts after failure
    - netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
    - netfilter: flowtable: add function to invoke garbage collection immediately
    - netfilter: flowtable: fix stuck flows on cleanup due to pending work

  * bluefield-edac: Potentially overflowing expression (LP: #1995109)
    - SAUCE: bluefield-edac: Fix potential integer overflow

  [ Ubuntu: 5.4.0-133.149 ]

  * focal/linux: 5.4.0-133.149 -proposed tracker (LP: #1996385)
  * CVE-2022-42703
    - mm/rmap.c: don't reuse anon_vma if we just want a copy
  * [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
    (LP: #1995941)
    - KVM: s390: pv: don't present the ecall interrupt twice
  * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
    - s390/boot: add secure boot trailer
  * Fix rfkill causing soft blocked wifi (LP: #1996198)
    - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
  * md: Replace snprintf with scnprintf (LP: #1993315)
    - md: Replace snprintf with scnprintf
  * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
    - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
    - ACPI: resource: Add ASUS model S5402ZA to quirks
  * Focal update: v5.4.218 upstream stable release (LP: #1995530)
    - mm: pagewalk: Fix race between unmap and page walker
    - perf tools: Fixup get_current_dir_name() compilation
    - firmware: arm_scmi: Add SCMI PM driver remove routine
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - scsi: qedf: Fix a UAF bug in __qedf_probe()
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - arch: um: Mark the stack non-executable to fix a binutils warning
    - usb: mon: make mmapped memory read only
    - USB: serial: ftdi_sio: fix 300 bps rate for SIO
    - mmc: core: Replace with already defined values for readability
    - mmc: core: Terminate infinite loop in SD-UHS voltage switch
    - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
    - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - efi: Correct Macmini DMI match in uefi cert quirk
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - random: restore O_NONBLOCK support
    - random: avoid reading two cache lines on irq randomness
    - random: use expired timer rather than wq for mixing fast pool
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - Linux 5.4.218
  * Focal update: v5.4.217 upstream stable release (LP: #1995528)
    - xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag
    - xfs: introduce XFS_MAX_FILEOFF
    - xfs: truncate should remove all blocks, not just to the end of the page
      cache
    - xfs: fix s_maxbytes computation on 32-bit kernels
    - xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read
    - xfs: refactor remote attr value buffer invalidation
    - xfs: fix memory corruption during remote attr value buffer invalidation
    - xfs: move incore structures out of xfs_da_format.h
    - xfs: streamline xfs_attr3_leaf_inactive
    - xfs: fix uninitialized variable in xfs_attr3_leaf_inactive
    - xfs: remove unused variable 'done'
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - docs: update mediator information in CoC docs
    - Linux 5.4.217
  * Focal update: v5.4.216 upstream stable release (LP: #1995526)
    - uas: add no-uas quirk for Hiksemi usb_disk
    - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
    - uas: ignore UAS for Thinkplus chips
    - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
    - clk: ingenic-tcu: Properly enable registers before accessing timers
    - ARM: dts: integrator: Tag PCI host with device_type
    - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
    - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
    - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
    - mm/page_alloc: fix race condition between build_all_zonelists and page
      allocation
    - mm: prevent page_frag_alloc() from corrupting the memory
    - mm/migrate_device.c: flush TLB while holding PTL
    - mm: fix madivse_pageout mishandling on non-LRU page
    - media: dvb_vb2: fix possible out of bound access
    - ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver
    - ARM: dts: am33xx: Fix MMCHS0 dma properties
    - soc: sunxi: sram: Actually claim SRAM regions
    - soc: sunxi: sram: Prevent the driver from being unbound
    - soc: sunxi_sram: Make use of the helper function
      devm_platform_ioremap_resource()
    - soc: sunxi: sram: Fix probe function ordering issues
    - soc: sunxi: sram: Fix debugfs info for

Source diff to previous version
1995004 Increase stability with connection tracking offload
1995109 bluefield-edac: Potentially overflowing expression
1995941 [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait
1996071 [UBUNTU 20.04] boot: Add s390x secure boot trailer
1996198 Fix rfkill causing soft blocked wifi
1993315 md: Replace snprintf with scnprintf
1992266 input/keyboard: the keyboard on some Asus laptops can't work
1995530 Focal update: v5.4.218 upstream stable release
1995528 Focal update: v5.4.217 upstream stable release
1995526 Focal update: v5.4.216 upstream stable release
1993203 Focal update: v5.4.215 upstream stable release
1993196 Focal update: v5.4.214 upstream stable release
1992211 Focal update: v5.4.213 upstream stable release
CVE-2022-42703 mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c

Version: 5.4.0-1050.56 2022-10-24 23:07:13 UTC

  linux-bluefield (5.4.0-1050.56) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1050.56 -proposed tracker (LP: #1992038)

  * i2c-mlxbf.c: Sync up driver with upstreaming (LP: #1991551)
    - Revert "UBUNTU: SAUCE: i2c-mlxbf.c: support lock mechanism"
    - Revert "UBUNTU: SAUCE: i2c-mlxbf.c: fix wrong variable name"
    - Revert "UBUNTU: SAUCE: i2c-mlxbf.c: remove IRQF_ONESHOT flag"
    - Revert "UBUNTU: SAUCE: i2c-mlxbf.c: prevent stack overflow in
      mlxbf_i2c_smbus_start_transaction()"
    - Revert "UBUNTU: SAUCE: i2c-mlxbf.c: revert upstreaming version"
    - Revert "UBUNTU: SAUCE: Syncup i2c-mlx driver with upstreamed version"
    - Revert "UBUNTU: SAUCE: i2c-mlx.c: Fix core frequency"
    - Revert "UBUNTU: SAUCE: i2c: i2c-mlx: I2C SMBus driver for Mellanox BlueField
      SoC"
    - i2c: mlxbf: I2C SMBus driver for Mellanox BlueField SoC
    - i2c: mlxbf: Add CONFIG_ACPI to guard ACPI function call
    - i2c: mlxbf: Fix resrticted cast warning of sparse
    - i2c: mlxbf: Remove unecessary wrapper functions
    - i2c: mlxbf: Update reference clock frequency
    - i2c: mlxbf: Update author and maintainer email info
    - i2c: mlxbf: Fix the return check of devm_ioremap and ioremap
    - i2c: mlxbf: add IRQ check
    - i2c: mlxbf: incorrect base address passed during io write
    - i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
    - i2c: mlxbf: Fix frequency calculation
    - i2c: mlxbf: remove IRQF_ONESHOT
    - i2c: mlxbf: support lock mechanism
    - i2c: mlxbf: add multi slave functionality
    - i2c: mlxbf: support BlueField-3 SoC
    - i2c: mlxbf: remove device tree support
    - SAUCE: i2c-mlxbf.c: Add driver version
    - [Config] bluefield: Fix config name for i2c-mlxbf (I2C_MELLANOX ->
      I2C_MLXBF)

  [ Ubuntu: 5.4.0-132.148 ]

  * CVE-2022-42719
    - mac80211: mlme: find auth challenge directly
    - wifi: mac80211: don't parse mbssid in assoc response
    - wifi: mac80211: fix MBSSID parsing use-after-free
  * iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
    (LP: #1983656)
    - iavf: Fix set max MTU size with port VLAN and jumbo frames
    - i40e: Fix VF set max MTU size
  * fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
    (LP: #1990800)
    - SAUCE: selftests/net: skipping tests for older ip command releases
  * CVE-2022-29901
    - Revert "x86/speculation: Add RSB VM Exit protections"
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Remove skip_r11rcx
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - intel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
    - KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
    - KVM: VMX: Flatten __vmx_vcpu_run()
    - KVM: VMX: Convert launched argument to flags
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protections
  * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
    systems (LP: #1990985)
    - ACPI: processor_idle: Skip dummy wait if kernel is in guest
    - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
      systems
  * cgroup: all controllers mounted when using 'cgroup_no_v1=' (LP: #1988584)
    - cgroup-v1: add disabled controller check in cgroup1_parse_param()
  * Focal update: v5.4.212 upstream stable release (LP: #1991156)
    - audit: fix potential double free on error path from fsnotify_add_inode_mark
    - parisc: Fix exception handler for fldw and fstw instructions
    - kernel/sys_ni: add compat entry for fadvise64_64
    - usb: cdns3: Fix issue for clear halt endpoint
    - pinctrl: amd: Don't save/restore interrupt status and wake status bits
    - sched/deadline: Unthrottle PI boosted threads while enqueuing
    - sched/deadline: Fix stale throttling on de-/boosted tasks
    - sched/deadline: Fix priority inheritance with multiple scheduling classes
    - kernel/sched: Remove dl_boosted flag comment
    - xfrm: fix refcount leak in __xfrm_policy_check()
    - SUNRPC: RPC level errors should set task->tk_rpc_status
    - rose: check NULL rose_loopback_neigh->loopback
    - net/mlx5e: Properly disable vlan strip on non-UL reps
    - net: moxa: get rid of asymmetry in DMA mapping/unmapping
    - bonding: 802.3ad: fix no transmission of LACPDUs
    - net: ipvtap - add __init/__exit annotations to module init/exit func

Source diff to previous version
1991551 i2c-mlxbf.c: Sync up driver with upstreaming
1983656 iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
1990800 fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
1990985 ACPI: processor idle: Practically limit \
1988584 cgroup: all controllers mounted when using 'cgroup_no_v1='
1991156 Focal update: v5.4.212 upstream stable release
1990190 Focal update: v5.4.211 upstream stable release
CVE-2022-42719 A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by atta
CVE-2022-29901 Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 5.4.0-1047.52 2022-09-23 15:07:07 UTC

  linux-bluefield (5.4.0-1047.52) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1047.52 -proposed tracker (LP: #1989866)

  * Focal update: v5.4.208 upstream stable release (LP: #1988225)
    - [Config] bluefield: updateconfigs for IMA_TEMPLATE
    - [Config] bluefield: updateconfigs for REFCOUNT_FULL

  * mlxbf-pmc: error when reading unprogrammed events (LP: #1989172)
    - SAUCE: mlxbf-pmc: Fix error when reading unprogrammed events

  * mlxbf_gige: need to clear MDIO gateway lock after read (LP: #1989495)
    - SAUCE: mlxbf_gige: clear MDIO gateway lock after read

  [ Ubuntu: 5.4.0-128.144 ]

  * focal/linux: 5.4.0-128.144 -proposed tracker (LP: #1990152)
  * CVE-2022-3176
    - io_uring: disable polling pollfree files
  * ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809)
    - selftests/net: test nexthop without gw
  * ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809) // icmp_redirect.sh in ubuntu_kernel_selftests failed on
    Jammy 5.15.0-49.55 (LP: #1990124)
    - ip: fix triggering of 'icmp redirect'

  [ Ubuntu: 5.4.0-127.143 ]

  * focal/linux: 5.4.0-127.143 -proposed tracker (LP: #1989892)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.09.19)
  * [UBUNTU 20.04] mlx5 driver crashes on accessing device attributes during
    recovery (LP: #1987287)
    - net/mlx5: Avoid processing commands before cmdif is ready
  * Focal update: v5.4.210 upstream stable release (LP: #1989230)
    - thermal: Fix NULL pointer dereferences in of_thermal_ functions
    - ACPI: video: Force backlight native for some TongFang devices
    - ACPI: video: Shortening quirk list by identifying Clevo by board_name only
    - ACPI: APEI: Better fix to avoid spamming the console with old error logs
    - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
    - selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
    - bpf: Test_verifier, #70 error message updates for 32-bit right shift
    - KVM: Don't null dereference ops->destroy
    - selftests: KVM: Handle compiler optimizations in ucall
    - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
    - macintosh/adb: fix oob read in do_adb_query() function
    - x86/speculation: Add RSB VM Exit protections
    - x86/speculation: Add LFENCE to RSB fill sequence
    - Linux 5.4.210
  * Focal update: v5.4.209 upstream stable release (LP: #1989228)
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
    - ntfs: fix use-after-free in ntfs_ucsncmp()
    - s390/archrandom: prevent CPACF trng invocations in interrupt context
    - tcp: Fix data-races around sysctl_tcp_dsack.
    - tcp: Fix a data-race around sysctl_tcp_app_win.
    - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
    - tcp: Fix a data-race around sysctl_tcp_frto.
    - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
    - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
    - ice: do not setup vlan for loopback VSI
    - scsi: ufs: host: Hold reference returned by of_parse_phandle()
    - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
    - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
    - net: ping6: Fix memleak in ipv6_renew_options().
    - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
    - igmp: Fix data-races around sysctl_igmp_qrv.
    - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
    - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
    - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
    - tcp: Fix a data-race around sysctl_tcp_autocorking.
    - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
    - Documentation: fix sctp_wmem in ip-sysctl.rst
    - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
    - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
    - i40e: Fix interface init with MSI interrupts (no MSI-X)
    - sctp: fix sleep in atomic context bug in timer handlers
    - virtio-net: fix the race between refill work and close
    - perf symbol: Correct address for bss symbols
    - sfc: disable softirqs for ptp TX
    - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
    - ARM: crypto: comment out gcc warning that breaks clang builds
    - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
    - scsi: core: Fix race between handling STS_RESOURCE and completion
    - Linux 5.4.209
  * Focal update: v5.4.208 upstream stable release (LP: #1988225)
    - pinctrl: stm32: fix optional IRQ support to gpios
    - riscv: add as-options for modules with assembly compontents
    - mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
    - lockdown: Fix kexec lockdown bypass with ima policy
    - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
    - PCI: hv: Fix multi-MSI to allow more than one MSI vector
    - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
    - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
    - PCI: hv: Fix interrupt mapping for multi-MSI
    - serial: mvebu-uart: correctly report configured baudrate value
    - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
      xfrm_bundle_lookup()
    - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
    - pinctrl: ralink: Check for null return of devm_kcalloc
    - perf/core: Fix data race between perf_event_set_output() and
      perf_mmap_close()
    - igc: Reinstate IGC_REMOVED logic and implement it properly
    - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
    - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
    - ip: Fix data-races around sysctl_ip_nonlocal_bind.
    - ip: Fix a data-race around sysctl_fwmark_reflect.
    - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
    - tcp: Fix data-races around sysctl_tcp_mtu_probing.
    - tcp: Fix data-races aroun

Source diff to previous version
1988225 Focal update: v5.4.208 upstream stable release
1989172 mlxbf-pmc: error when reading unprogrammed events
1989495 mlxbf_gige: need to clear MDIO gateway lock after read
1988809 ip/nexthop: fix default address selection for connected nexthop
1990124 icmp_redirect.sh in ubuntu_kernel_selftests failed on Jammy 5.15.0-49.55
1786013 Packaging resync
1987287 [UBUNTU 20.04] mlx5 driver crashes on accessing device attributes during recovery
1989230 Focal update: v5.4.210 upstream stable release
1989228 Focal update: v5.4.209 upstream stable release
1988219 Focal update: v5.4.207 upstream stable release
1988215 Focal update: v5.4.206 upstream stable release
1988214 Focal update: v5.4.205 upstream stable release
1988212 Focal update: v5.4.204 upstream stable release
CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task.

Version: 5.4.0-1046.51 2022-09-06 14:07:07 UTC

  linux-bluefield (5.4.0-1046.51) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1046.51 -proposed tracker (LP: #1987793)

  [ Ubuntu: 5.4.0-126.142 ]

  * focal/linux: 5.4.0-126.142 -proposed tracker (LP: #1987819)
  * [SRU] fnic driver on needs to be updated to 1.6.0.53 on Focal (LP: #1984011)
    - scsi: fnic: Change shost_printk() to FNIC_FCS_DBG()
    - scsi: fnic: Avoid looping in TRANS ETH on unload
    - scsi: fnic: Change shost_printk() to FNIC_MAIN_DBG()
    - scsi: fnic: Set scsi_set_resid() only for underflow
    - scsi: fnic: Validate io_req before others
  * Focal update: v5.4.203 upstream stable release (LP: #1986999)
    - drm: remove drm_fb_helper_modinit
    - powerpc/ftrace: Remove ftrace init tramp once kernel init is complete
    - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
    - net: mscc: ocelot: allow unregistered IP multicast flooding
    - ARM: 8989/1: use .fpu assembler directives instead of assembler arguments
    - ARM: 8990/1: use VFP assembler mnemonics in register load/store macros
    - ARM: 8971/1: replace the sole use of a symbol with its definition
    - crypto: arm/sha256-neon - avoid ADRL pseudo instruction
    - crypto: arm/sha512-neon - avoid ADRL pseudo instruction
    - ARM: 8933/1: replace Sun/Solaris style flag on section directive
    - ARM: 8929/1: use APSR_nzcv instead of r15 as mrc operand
    - ARM: OMAP2+: drop unnecessary adrl
    - ARM: 9029/1: Make iwmmxt.S support Clang's integrated assembler
    - crypto: arm - use Kconfig based compiler checks for crypto opcodes
    - crypto: arm/ghash-ce - define fpu before fpu registers are referenced
    - Linux 5.4.203
  * Focal update: v5.4.202 upstream stable release (LP: #1986995)
    - random: schedule mix_interrupt_randomness() less often
    - ALSA: hda/via: Fix missing beep setup
    - ALSA: hda/conexant: Fix missing beep setup
    - ALSA: hda/realtek - ALC897 headset MIC no sound
    - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
    - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
    - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
    - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
    - dm era: commit metadata in postsuspend after worker stops
    - dm mirror log: clear log bits up to BITS_PER_LONG boundary
    - random: quiet urandom warning ratelimit suppression message
    - USB: serial: option: add Telit LE910Cx 0x1250 composition
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: option: add Quectel RM500K module support
    - bpf: Fix request_sock leak in sk lookup helpers
    - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
    - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
    - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
    - drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
    - erspan: do not assume transport header is always set
    - net/tls: fix tls_sk_proto_close executed repeatedly
    - udmabuf: add back sanity check
    - x86/xen: Remove undefined behavior in setup_features()
    - MIPS: Remove repetitive increase irq_err_count
    - afs: Fix dynamic root getattr
    - ice: ethtool: advertise 1000M speeds properly
    - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
    - igb: Make DMA faster when CPU is active on the PCIe link
    - virtio_net: fix xdp_rxq_info bug after suspend/resume
    - Revert "net/tls: fix tls_sk_proto_close executed repeatedly"
    - gpio: winbond: Fix error code in winbond_gpio_get()
    - s390/cpumf: Handle events cycles and instructions identical
    - iio: adc: vf610: fix conversion mode sysfs node name
    - xhci: turn off port power in shutdown
    - usb: chipidea: udc: check request status before setting device address
    - iio:chemical:ccs811: rearrange iio trigger get and register
    - iio:accel:bma180: rearrange iio trigger get and register
    - iio:accel:mxc4005: rearrange iio trigger get and register
    - iio: accel: mma8452: ignore the return value of reset operation
    - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
    - iio: trigger: sysfs: fix use-after-free on remove
    - iio: adc: stm32: fix maximum clock rate for stm32mp15x
    - iio: adc: axp288: Override TS pin bias current for some models
    - xtensa: xtfpga: Fix refcount leak bug in setup
    - xtensa: Fix refcount leak bug in time.c
    - parisc: Enable ARCH_HAS_STRICT_MODULE_RWX
    - powerpc: Enable execve syscall exit tracepoint
    - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
    - powerpc/powernv: wire up rng during setup_arch
    - ARM: dts: imx6qdl: correct PU regulator ramp delay
    - ARM: exynos: Fix refcount leak in exynos_map_pmu
    - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
    - ARM: Fix refcount leak in axxia_boot_secondary
    - ARM: cns3xxx: Fix refcount leak in cns3xxx_init
    - modpost: fix section mismatch check for exported init/exit sections
    - random: update comment from copy_to_user() -> copy_to_iter()
    - kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt)
    - powerpc/pseries: wire up rng during setup_arch()
    - Linux 5.4.202
  * Focal update: v5.4.201 upstream stable release (LP: #1986993)
    - dm: remove special-casing of bio-based immutable singleton target on NVMe
    - usb: gadget: u_ether: fix regression in setting fixed MAC address
    - tcp: add some entropy in __inet_hash_connect()
    - tcp: use different parts of the port_offset for index and offset
    - tcp: add small random increments to the source port
    - tcp: dynamically allocate the perturb table used by source ports
    - tcp: increase source port perturb table to 2^16
    - tcp: drop the hash_32() part from the index calculation
    - arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
    - Linux 5.4.201
  * Focal update: v

1984011 [SRU] fnic driver on needs to be updated to 1.6.0.53 on Focal
1986999 Focal update: v5.4.203 upstream stable release
1986995 Focal update: v5.4.202 upstream stable release
1986993 Focal update: v5.4.201 upstream stable release
1983152 Focal update: v5.4.200 upstream stable release
1983150 Focal update: v5.4.199 upstream stable release
1982409 Focal update: v5.4.198 upstream stable release
1981758 Focal update: v5.4.197 upstream stable release
1981111 Focal update: v5.4.196 upstream stable release
CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) beca
CVE-2021-33655 When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.



About   -   Send Feedback to @ubuntu_updates