UbuntuUpdates.org

Package "linux-bluefield"

Name: linux-bluefield

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0
  • Header files related to Linux kernel version 5.4.0

Latest version: 5.4.0-1079.85
Release: focal (20.04)
Level: updates
Repository: main

Links



Other versions of "linux-bluefield" in Focal

Repository Area Version
security main 5.4.0-1079.85
proposed main 5.4.0-1080.87
PPA: Canonical Kernel Team 5.4.0-1080.87

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.4.0-1074.80 2023-10-30 18:11:46 UTC

  linux-bluefield (5.4.0-1074.80) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1074.80 -proposed tracker (LP: #2037977)

  * Use new annotations model (LP: #2019000)
    - [Config] bluefield: sanitize annotations
    - [Config] bluefield: import generated config into annotation file
    - [Config] bluefield: Remove all old configs files

  * Focal update: v5.4.251 upstream stable release (LP: #2034918)
    - SAUCE: fix build for net/netfilter/nf_tables_offload.c
    - SAUCE: fix build for net/netfilter/nf_flow_table_offload.c

  [ Ubuntu: 5.4.0-166.183 ]

  * focal/linux: 5.4.0-166.183 -proposed tracker (LP: #2038010)
  * Use new annotations model (LP: #2019000)
    - [Packaging] new annotations model infrastructure
    - [Packaging] config-check: Handle new annotations format 4
    - [Packaging] rules: Use old-kernelconfig for old configs
    - [Config] sanitize annotations
    - [Config] import generated configs into annotation file
    - [Packaging] kernelconfig: add i386 as supported arch
    - [Config] Remove all old configs files
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update annotations scripts
  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo when calling the old config-check
    - [Packaging] fix typo in 4-checks.mk
  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * Focal update: v5.4.252 upstream stable release (LP: #2036240)
    - ia64/cpu: Switch to arch_cpu_finalize_init()
    - m68k/cpu: Switch to arch_cpu_finalize_init()
    - mips/cpu: Switch to arch_cpu_finalize_init()
    - sh/cpu: Switch to arch_cpu_finalize_init()
    - x86/cpufeatures: Add SEV-ES CPU feature
    - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
    - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
    - tools headers cpufeatures: Sync with the kernel sources
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - Linux 5.4.252
    - Upstream stable to v5.4.252
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * Avoid address overwrite in kernel_connect (LP: #2035163)
    - net: Avoid address overwrite in kernel_connect
  * [regression] Unable to initialize SGX enclaves with XFRM other than 3
    (LP: #2034745)
    - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
  * Focal update: v5.4.251 upstream stable release (LP: #2034918)
    - x86/smp: Use dedicated cache-line for mwait_play_dead()
    - video: imsttfb: check for ioremap() failures
    - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
    - HID: wacom: Use ktime_t rather than int when dealing with timestamps
    - drm/i915: Initialise outparam for error return from wait_for_register
    - scripts/tags.sh: Resolve gtags empty index generation
    - drm/amdgpu: Validate VM ioctl flags.
    - bgmac: fix *initial* chip reset to support BCM5358
    - x86/resctrl: Use is_closid_match() in more places
    - x86/resctrl: Only show tasks' pid in current pid namespace
    - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
    - md/raid10: fix overflow of md/safe_mode_delay
    - md/raid10: fix wrong setting of max_corr_read_errors
    - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
    - md/raid10: fix io loss while replacement replace rdev
    - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
    - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
    - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
    - clocksource/drivers/cadence-ttc: Use ttc driver as platform driver
    - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
    - PM: domains: fix integer overflow issues in genpd_parse_state()
    - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
    - ARM: 9303/1: kprobes: avoid missing-declaration warnings
    - evm: Complete description of evm_inode_setattr()
    - pstore/ram: Add check for kstrdup
    - ima: Fix build warnings
    - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
    - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
    - samples/bpf: Fix buffer overflow in tcp_basertt
    - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
    - wifi: mwifiex: Fix the size of a memory allocation in
      mwifiex_ret_802_11_scan()
    - nfc: constify several pointers to u8, char and sk_buff
    - nfc: llcp: fix possible use of uninitialized variable in
      nfc_llcp_send_connect()
    - regulator: core: Fix more error checking for debugfs_create_dir()
    - regulator: core: Streamline debugfs operations
    - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
    - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
    - wifi: atmel: Fix an error handling path in atmel_probe()
    - wl3501_cs: Fix a bunch of formatting issues related to function docs
    - wl3501_cs: Remove unnecessary NULL check
    - wl3501_cs: Fix misspelling and provide missing documentation
    - net: create netdev->dev_addr assignment helpers
    - wl3501_cs: use eth_hw_addr_set()
    - wifi: wl3501

Source diff to previous version
2019000 Use new annotations model
2034918 Focal update: v5.4.251 upstream stable release
1786013 Packaging resync
2020413 fix typo in config-checks invocation
2020531 support python \u003c 3.9 with annotations
2036240 Focal update: v5.4.252 upstream stable release
2035163 Avoid address overwrite in kernel_connect
2034745 [regression] Unable to initialize SGX enclaves with XFRM other than 3
2033297 Focal update: v5.4.250 upstream stable release
2033278 Focal update: v5.4.249 upstream stable release
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSET
CVE-2023-4132 A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano d
CVE-2023-3772 A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADM
CVE-2023-0597 A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location o

Version: 5.4.0-1073.79 2023-10-19 12:07:02 UTC

  linux-bluefield (5.4.0-1073.79) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1073.79 -proposed tracker (LP: #2038130)

  * CVE-2023-42755
    - [Config] bluefield: remove NET_CLS_RSVP and NET_CLS_RSVP6

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  * CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal

  [ Ubuntu: 5.4.0-165.182 ]

  * focal/linux: 5.4.0-165.182 -proposed tracker (LP: #2038163)
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().

 -- Bartlomiej Zolnierkiewicz <email address hidden> Wed, 04 Oct 2023 16:48:36 +0200

Source diff to previous version
1786013 Packaging resync
CVE-2023-42755 wild pointer access in rsvp classifer in the Linux kernel
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic
CVE-2023-42753 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->n
CVE-2023-42752 integer overflows in kmalloc_reserve()
CVE-2023-4881 ** REJECT ** CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.

Version: 5.4.0-1072.78 2023-10-04 16:10:05 UTC

  linux-bluefield (5.4.0-1072.78) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1072.78 -proposed tracker (LP: #2033834)

  * Focal update: v5.4.248 upstream stable release (LP: #2031121)
    - [Config] bluefield: updateconfigs for DECNET

  * mlxbf-gige: Enable the OOB port in mlxbf_gige_open (LP: #2035128)
    - SAUCE: mlxbf-gige: Enable the OOB port in mlxbf_gige_open

  [ Ubuntu: 5.4.0-164.181 ]

  * focal/linux: 5.4.0-164.181 -proposed tracker (LP: #2033867)
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
  * Azure: hv_netvsc: add support for vlans in AF_PACKET mode (LP: #2030872)
    - hv_netvsc: add support for vlans in AF_PACKET mode
  * systemd mount units fail during boot, while file system is correctly mounted
    (LP: #1837227)
    - list: introduce list_for_each_continue()
    - proc/mounts: add cursor
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
  * CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().
  * CVE-2021-4001
    - bpf: Fix toctou on read-only map's constant scalar tracking
  * Focal update: v5.4.248 upstream stable release (LP: #2031121)
    - test_firmware: fix a memory leak with reqs buffer
    - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
    - dasd: refactor dasd_ioctl_information
    - s390/dasd: Use correct lock while counting channel queue length
    - power: supply: ab8500: Fix external_power_changed race
    - power: supply: sc27xx: Fix external_power_changed race
    - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
      schedule()
    - ARM: dts: vexpress: add missing cache properties
    - power: supply: Ratelimit no data debug output
    - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
    - regulator: Fix error checking for debugfs_create_dir
    - irqchip/meson-gpio: Mark OF related data as maybe unused
    - power: supply: Fix logic checking if system is running from battery
    - btrfs: handle memory allocation failure in btrfs_csum_one_bio
    - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
    - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
    - MIPS: Alchemy: fix dbdma2
    - mips: Move initrd_start check after initrd address sanitisation.
    - xen/blkfront: Only check REQ_FUA for writes
    - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
    - ocfs2: fix use-after-free when unmounting read-only filesystem
    - ocfs2: check new file size on fallocate call
    - nios2: dts: Fix tse_mac "max-frame-size" property
    - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
    - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
    - kexec: support purgatories with .text.hot sections
    - powerpc/purgatory: remove PGO flags
    - nouveau: fix client work fence deletion race
    - RDMA/uverbs: Restrict usage of privileged QKEYs
    - net: usb: qmi_wwan: add support for Compal RXM-G1
    - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
    - Remove DECnet support from kernel
    - [Config] updateconfigs for DECNET
    - USB: serial: option: add Quectel EM061KGL series
    - serial: lantiq: add missing interrupt ack
    - usb: dwc3: gadget: Reset num TRBs before giving back the request
    - spi: spi-fsl-dspi: Remove unused chip->void_write_data
    - spi: fsl-dspi: avoid SCK glitches with continuous transfers
    - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
    - ping6: Fix send to link-local addresses with VRF.
    - RDMA/rxe: Remove the unused variable obj
    - RDMA/rxe: Removed unused name from rxe_task struct
    - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
    - iavf: remove mask from iavf_irq_enable_queues()
    - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
    - IB/isert: Fix dead lock in ib_isert
    - IB/isert: Fix possible list corruption in CMA handler
    - IB/isert: Fix incorrect release of isert connection
    - ipvlan: fix bound dev checking for IPv6 l3s mode
    - sctp: fix an error code in sctp_sf_eat_auth()
    - igb: fix nvm.ops.read() error handling
    - drm/nouveau/dp: check for NULL nv_connector->native_mode
    - drm/nouveau/kms: Don't change EDID when it hasn't actually changed
    - drm/nouveau: add nv_encoder pointer check for NULL
    - net/sched: cls_api: Fix lockup on flushing explicitly created chain
    - net: lapbether: only support ethernet devices
    - net: tipc: resize nlattr array to correct size
    - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
    - afs: Fix vlserver probe RTT handling
    - neighbour: Remove unused inline function neigh_key_eq16()
    - net: Remove unused inline function dst_hold_and_use()
    - neighbour: delete neigh_lookup_nodev as not used
    - drm/nouveau/kms: Fix NULL pointer dereference in
      nouveau_connector_detect_depth
    - mmc: block: ensure error propagation for non-blk
    - Linux 5.4.248
  * Focal update: v5.4.247 upstream stable release (LP: #2030818)
    - blk-iocost: avoid 64-bit division in ioc_timer_fn
    - block/blk-iocost (gcc13): keep large values in a new enum
    - i40iw: fix build warning in i40iw_manage_apbvt()
    - i40e: fix build warnings in i40e_alloc.h
    - spi: qup: Request DMA before enabling clocks
    - neighbour: Replace zero-length array with flexible-array member
    - neighbour: fix unaligned access to pneigh_entry
    - net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
    - Bluetooth: Fi

Source diff to previous version
2031121 Focal update: v5.4.248 upstream stable release
2035128 mlxbf-gige: Enable the OOB port in mlxbf_gige_open
2022361 Please enable Renesas RZ platform serial installer
2030872 Azure: hv_netvsc: add support for vlans in AF_PACKET mode
1837227 systemd mount units fail during boot, while file system is correctly mounted
2030818 Focal update: v5.4.247 upstream stable release
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2021-4001 A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/sys
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3863 A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr

Version: 5.4.0-1071.77 2023-09-25 17:06:48 UTC

  linux-bluefield (5.4.0-1071.77) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1071.77 -proposed tracker (LP: #2034214)

  [ Ubuntu: 5.4.0-163.180 ]

  * focal/linux: 5.4.0-163.180 -proposed tracker (LP: #2034247)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

 -- Agathe Porte <email address hidden> Fri, 08 Sep 2023 17:01:18 +0200

Source diff to previous version
1786013 Packaging resync
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a

Version: 5.4.0-1070.76 2023-09-21 22:06:50 UTC

  linux-bluefield (5.4.0-1070.76) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1070.76 -proposed tracker (LP: #2030986)

  * EFI pstore not cleared on boot (LP: #1978079)
    - [Config] bluefield: Enable CONFIG_EFI_VARS_PSTORE as build-in
    - [Config] bluefield: Remove efi-pstore from modules list

  * Focal update: v5.4.246 upstream stable release (LP: #2028981)
    - [Config] bluefield: updateconfigs for SCSI_DPT_I2O
    - SAUCE: xfrm: Check if_id in xfrm full offload

  * rshim console truncates dmesg output due to tmfifo issue (LP: #2028197)
    - SAUCE: mlxbf-tmfifo.c: Fix rhsim console w/ truncated dmesg output

  * mlxbf-gige: Fix kernel panic after reboot (LP: #2030765)
    - SAUCE: mlxbf-gige: Fix kernel panic after reboot (part 1/2)
    - SAUCE: mlxbf-gige: Fix kernel panic after reboot (part 2/2)

  [ Ubuntu: 5.4.0-162.179 ]

  * focal/linux: 5.4.0-162.179 -proposed tracker (LP: #2031128)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

  [ Ubuntu: 5.4.0-160.177 ]

  * focal/linux: 5.4.0-160.177 -proposed tracker (LP: #2031017)
  * Fix boot test warning for log_check "CPU: 0 PID: 0 at
    arch/x86/kernel/fpu/xstate.c:878 get_xsave_addr+0x98/0xb0" (LP: #2031022)
    - x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate")

  [ Ubuntu: 5.4.0-158.175 ]

  * focal/linux: 5.4.0-158.175 -proposed tracker (LP: #2030466)
  * CVE-2022-40982
    - x86/mm: Initialize text poking earlier
    - x86/mm: fix poking_init() for Xen PV guests
    - x86/mm: Use mm_alloc() in poking_init()
    - mm: Move mm_cachep initialization to mm_init()
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow
  * CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix
  * CVE-2023-3611
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
  * stacked overlay file system mounts that have chroot() called against them
    appear to be getting locked (by the kernel most likely?) (LP: #2016398)
    - SAUCE: overlayfs: fix reference count mismatch
  * Focal update: v5.4.246 upstream stable release (LP: #2028981)
    - RDMA/efa: Fix unsupported page sizes in device
    - RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series
    - RDMA/bnxt_re: Refactor queue pair creation code
    - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
    - iommu/rockchip: Fix unwind goto issue
    - iommu/amd: Don't block updates to GATag if guest mode is on
    - dmaengine: pl330: rename _start to prevent build error
    - net/mlx5: fw_tracer, Fix event handling
    - netrom: fix info-leak in nr_write_internal()
    - af_packet: Fix data-races of pkt_sk(sk)->num.
    - amd-xgbe: fix the false linkup in xgbe_phy_status
    - mtd: rawnand: ingenic: fix empty stub helper definitions
    - af_packet: do not use READ_ONCE() in packet_bind()
    - tcp: deny tcp_disconnect() when threads are waiting
    - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
    - net/sched: sch_ingress: Only create under TC_H_INGRESS
    - net/sched: sch_clsact: Only create under TC_H_CLSACT
    - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
    - net/sched: Prohibit regrafting ingress or clsact Qdiscs
    - net: sched: fix NULL pointer dereference in mq_attach
    - ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use
    - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
    - udp6: Fix race condition in udp6_sendmsg & connect
    - net: dsa: mv88e6xxx: Increase wait after reset deactivation
    - mtd: rawnand: marvell: ensure timing values are written
    - mtd: rawnand: marvell: don't set the NAND frequency select
    - watchdog: menz069_wdt: fix watchdog initialisation
    - mailbox: mailbox-test: Fix potential double-free in
      mbox_test_message_write()
    - ARM: 9295/1: unwind:fix unwind abort for uleb128 case
    - media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
    - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
    - fbdev: stifb: Fix info entry in sti_struct on error path
    - nbd: Fix debugfs_create_dir error checking
    - ASoC: dwc: limit the number of overrun messages
    - xfrm: Check if_id in inbound policy/secpath match
    - ASoC: ssm2602: Add workaround for playback distortions
    - media: dvb_demux: fix a bug for the continuity counter
    - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
    - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
    - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
    - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
    - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
    - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_ad

1978079 EFI pstore not cleared on boot
2028981 Focal update: v5.4.246 upstream stable release
2028197 rshim console truncates dmesg output due to tmfifo issue
2030765 mlxbf-gige: Fix kernel panic after reboot
2031093 libgnutls report \
2031022 Fix boot test warning for log_check \
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2028980 Focal update: v5.4.245 upstream stable release
2028697 Focal update: v5.4.244 upstream stable release
2025387 Focal update: v5.4.243 upstream stable release
2025094 Focal update: v5.4.242 upstream stable release
1786013 Packaging resync
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-2269 A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI
CVE-2023-3268 An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw coul



About   -   Send Feedback to @ubuntu_updates