UbuntuUpdates.org

Package "linux-headers-5.11.0-1028-azure"

Name: linux-headers-5.11.0-1028-azure

Description:

Linux kernel headers for version 5.11.0 on 64 bit x86 SMP

Latest version: 5.11.0-1028.31~20.04.2
Release: focal (20.04)
Level: updates
Repository: main
Head package: linux-azure-5.11

Links


Download "linux-headers-5.11.0-1028-azure"


Other versions of "linux-headers-5.11.0-1028-azure" in Focal

Repository Area Version
security main 5.11.0-1028.31~20.04.2

Changelog

Version: 5.11.0-1028.31~20.04.2 2022-01-31 14:07:38 UTC

  linux-azure-5.11 (5.11.0-1028.31~20.04.2) focal; urgency=medium

  * focal/linux-azure-5.11: 5.11.0-1028.31~20.04.2 -proposed tracker (LP:
    #1955200)

  * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] azure-5.11: Re-enable CONFIG_DEBUG_INFO_BTF on all arches

  [ Ubuntu: 5.11.0-1028.31 ]

  * hirsute/linux-azure: 5.11.0-1028.31 -proposed tracker (LP: #1955201)
  * Hirsute update: upstream stable patchset 2021-12-10 (LP: #1954533)
    - [Config] azure: updateconfigs for ARCH_HAS_CC_PLATFORM
  * hirsute:linux 5.11.0-45.49 fails to boot (LP: #1956984)
    - Revert "mm: filemap: check if THP has hwpoisoned subpage for PMD page fault"
    - mm: filemap: check if THP has hwpoisoned subpage for PMD page fault
  * icmp_redirect from selftests fails on F/kvm (unary operator expected)
    (LP: #1938964)
    - selftests: icmp_redirect: pass xfail=0 to log_test()
  * Hirsute update: upstream stable patchset 2021-12-17 (LP: #1955277)
    - arm64: zynqmp: Do not duplicate flash partition label property
    - arm64: zynqmp: Fix serial compatible string
    - ARM: dts: sunxi: Fix OPPs node name
    - arm64: dts: allwinner: h5: Fix GPU thermal zone node name
    - arm64: dts: allwinner: a100: Fix thermal zone node name
    - staging: wfx: ensure IRQ is ready before enabling it
    - ARM: dts: NSP: Fix mpcore, mmc node names
    - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
    - arm64: dts: rockchip: Disable CDN DP on Pinebook Pro
    - arm64: dts: hisilicon: fix arm,sp805 compatible string
    - RDMA/bnxt_re: Check if the vlan is valid before reporting
    - bus: ti-sysc: Add quirk handling for reinit on context lost
    - bus: ti-sysc: Use context lost quirk for otg
    - usb: musb: tusb6010: check return value after calling
      platform_get_resource()
    - usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
    - ARM: dts: ux500: Skomer regulator fixes
    - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
    - ARM: BCM53016: Specify switch ports for Meraki MR32
    - arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
    - arm64: dts: qcom: ipq6018: Fix qcom,controlled-remotely property
    - arm64: dts: freescale: fix arm,sp805 compatible string
    - ASoC: SOF: Intel: hda-dai: fix potential locking issue
    - clk: imx: imx6ul: Move csi_sel mux to correct base register
    - ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
    - scsi: advansys: Fix kernel pointer leak
    - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
      codec
    - firmware_loader: fix pre-allocated buf built-in firmware use
    - ARM: dts: omap: fix gpmc,mux-add-data type
    - usb: host: ohci-tmio: check return value after calling
      platform_get_resource()
    - ARM: dts: ls1021a: move thermal-zones node out of soc/
    - ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible for flash
    - ALSA: ISA: not for M68K
    - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
    - MIPS: sni: Fix the build
    - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
    - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
    - scsi: target: Fix ordered tag handling
    - scsi: target: Fix alua_tg_pt_gps_count tracking
    - iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr()
    - powerpc/5200: dts: fix memory node unit name
    - ARM: dts: qcom: fix memory and mdio nodes naming for RB3011
    - ALSA: gus: fix null pointer dereference on pointer block
    - powerpc/dcr: Use cmplwi instead of 3-argument cmpli
    - powerpc/8xx: Fix Oops with STRICT_KERNEL_RWX without DEBUG_RODATA_TEST
    - sh: check return code of request_irq
    - maple: fix wrong return value of maple_bus_init().
    - f2fs: fix up f2fs_lookup tracepoints
    - f2fs: fix to use WHINT_MODE
    - sh: fix kconfig unmet dependency warning for FRAME_POINTER
    - sh: math-emu: drop unused functions
    - sh: define __BIG_ENDIAN for math-emu
    - f2fs: compress: disallow disabling compress on non-empty compressed file
    - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
    - clk: ingenic: Fix bugs with divided dividers
    - clk/ast2600: Fix soc revision for AHB
    - clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
    - mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set
    - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
    - perf/x86/vlbr: Add c->flags to vlbr event constraints
    - blkcg: Remove extra blkcg_bio_issue_init
    - tracing/histogram: Do not copy the fixed-size char array field over the
      field size
    - perf bpf: Avoid memory leak from perf_env__insert_btf()
    - perf bench futex: Fix memory leak of perf_cpu_map__new()
    - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
    - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
    - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
    - tracing: Add length protection to histogram string copies
    - net: ipa: disable HOLB drop when updating timer
    - net: bnx2x: fix variable dereferenced before check
    - bnxt_en: reject indirect blk offload when hw-tc-offload is off
    - tipc: only accept encrypted MSG_CRYPTO msgs
    - net: reduce indentation level in sk_clone_lock()
    - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
    - net/smc: Make sure the link_id is unique
    - iavf: Fix return of set the new channel count
    - iavf: check for null in iavf_fix_features
    - iavf: free q_vectors before queues in iavf_disable_vf
    - iavf: Fix failure to exit out from last all-multicast mode
    - iavf: prevent accidental free of filter structure
    - iavf: validate pointers
    - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
    - iavf: Fix for setting queues to 0
    - MIPS: generic/yamon-dt: fix uninitialized variable error
    - mips: bcm63xx: ad

Source diff to previous version
1945632 Re-enable DEBUG_INFO_BTF where it was dissabled
1954533 Hirsute update: upstream stable patchset 2021-12-10
1956984 hirsute:linux 5.11.0-45.49 fails to boot
1938964 icmp_redirect from selftests fails on F/kvm (unary operator expected)
1955277 Hirsute update: upstream stable patchset 2021-12-17
1955083 Hirsute update: upstream stable patchset 2021-12-16
1950666 system crash when removing ipmi_msghandler module
1954680 zcrypt DD: Toleration for new IBM Z Crypto Hardware - (Backport to Ubuntu 20.04)
1953334 [UBUNTU 20.04] KVM hardware diagnose data improvements for guest kernel - kernel part
1952785 Hirsute update: upstream stable patchset 2021-11-30
CVE-2021-4090 Overflow of bmval[bmlen-1] in nfsd4_decode_bitmap function
CVE-2021-42327 dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer ov

Version: 5.11.0-1027.30~20.04.1 2022-01-18 20:06:56 UTC

  linux-azure-5.11 (5.11.0-1027.30~20.04.1) focal; urgency=medium

  [ Ubuntu: 5.11.0-1027.30 ]

  * CVE-2022-0185
    - SAUCE: vfs: Out-of-bounds write of heap buffer in fs_context.c
    - SAUCE: vfs: test that one given mount param is not larger than PAGE_SIZE

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 12 Jan 2022 17:15:13 -0300

Source diff to previous version
CVE-2022-0185 vfs: fs_context: fix up param length parsing in legacy_parse_param

Version: 5.11.0-1025.27~20.04.1 2022-01-10 20:06:28 UTC

  linux-azure-5.11 (5.11.0-1025.27~20.04.1) focal; urgency=medium

  [ Ubuntu: 5.11.0-1025.27 ]

  * OOB write on BPF_RINGBUF (LP: #1956585)
    - SAUCE: bpf: prevent helper argument PTR_TO_ALLOC_MEM to have offset other
      than 0
  * hirsute/linux: 5.11.0-44.48 -proposed tracker (LP: #1954388)
  * Add F81966 watchdog support (LP: #1949063)
    - SAUCE: watchdog: f71808e_wdt: Add F81966 support

 -- Thadeu Lima de Souza Cascardo <email address hidden> Fri, 07 Jan 2022 10:38:18 -0300

Source diff to previous version
1949063 Add F81966 watchdog support

Version: 5.11.0-1023.24~20.04.1 2022-01-04 16:06:38 UTC

  linux-azure-5.11 (5.11.0-1023.24~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.11: 5.11.0-1023.24~20.04.1 -proposed tracker
    (LP: #1952267)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  * Enable arm64 for Hyper-V guests (LP: #1949770)
    - [Packaging] azure-5.11: Enable arm64

  [ Ubuntu: 5.11.0-1023.24 ]

  * hirsute/linux-azure: 5.11.0-1023.24 -proposed tracker (LP: #1952268)
  * Enable arm64 for Hyper-V guests (LP: #1949770)
    - Drivers: hv: vmbus: Move Hyper-V page allocator to arch neutral code
    - x86/hyper-v: Move hv_message_type to architecture neutral module
    - Drivers: hv: Redo Hyper-V synthetic MSR get/set functions
    - Drivers: hv: vmbus: Move hyperv_report_panic_msg to arch neutral code
    - Drivers: hv: vmbus: Handle auto EOI quirk inline
    - Drivers: hv: vmbus: Move handling of VMbus interrupts
    - clocksource/drivers/hyper-v: Handle vDSO differences inline
    - clocksource/drivers/hyper-v: Handle sched_clock differences inline
    - asm-generic/hyperv: change HV_CPU_POWER_MANAGEMENT to HV_CPU_MANAGEMENT
    - x86/hyperv: detect if Linux is the root partition
    - clocksource/hyperv: use MSR-based access if running as root
    - clocksource/drivers/hyper-v: Set clocksource rating based on Hyper-V feature
    - clocksource/drivers/hyper-v: Move handling of STIMER0 interrupts
    - drivers: hv: Fix whitespace errors
    - x86/Hyper-V: Support for free page reporting
    - x86/hyperv: Move hv_do_rep_hypercall to asm-generic
    - drivers: hv: Create a consistent pattern for checking Hyper-V hypercall
      status
    - arm64: smccc: Add support for SMCCCv1.2 extended input/output registers
    - Drivers: hv: Move Hyper-V extended capability check to arch neutral code
    - asm-generic/hyperv: Add missing #include of nmi.h
    - arm64: hyperv: Add Hyper-V hypercall and register access utilities
    - arm64: hyperv: Add panic handler
    - arm64: hyperv: Initialize hypervisor on boot
    - arm64: efi: Export screen_info
    - Drivers: hv: Enable Hyper-V code to be built on ARM64
    - [Packaging] linux-azure: Add basic packaging support for arm64
    - [Config] linux-azure: Extending existing annotations to arm64
    - [Config] linux-azure: Generate initial config for arm64
    - [Packaging] linux-azure: Ignore initial arm64 ABI
    - Drivers: hv: Make portions of Hyper-V init code be arch neutral
    - Drivers: hv: Add arch independent default functions for some Hyper-V
      handlers
    - Drivers: hv: Move Hyper-V misc functionality to arch-neutral code
    - drivers: hv: Decouple Hyper-V clock/timer code from VMbus drivers
    - PCI: Introduce domain_nr in pci_host_bridge
    - PCI: Support populating MSI domains of root buses via bridges
    - arm64: PCI: Restructure pcibios_root_bridge_prepare()
    - arm64: PCI: Support root bridge preparation for Hyper-V
    - PCI: hv: Generify PCI probing
    - PCI: hv: Set ->domain_nr of pci_host_bridge at probing time
    - PCI: hv: Turn on the host bridge probing on ARM64
    - PCI: hv: Set up MSI domain at bridge probing time
    - [Config] azure: COMMON_CLK_XLNX_CLKWZRD=m
    - PCI: hv: Support for create interrupt v3
    - SAUCE: PCI: hv: Make the code arch neutral by adding arch specific
      interfaces
    - SAUCE: arm64: PCI: hv: Add support for Hyper-V vPCI
    - [Packaging] Update CONFIG_PCI_HYPERV policy for arm64
    - PCI: hv: Drop msi_controller structure
    - clocksource/drivers/hyper-v: Re-enable VDSO_CLOCKMODE_HVCLOCK on X86
  * linux-azure: add Icelake servers support in no-HWP mode to
    cpufreq/intel_pstate driver (LP: #1952234)
    - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode
  * hirsute/linux-azure: Backport more CIFS patches (LP: #1950336)
    - cifs: To match file servers, make sure the server hostname matches
    - cifs: add mount parameter tcpnodelay
  * hirsute/linux: 5.11.0-42.46 -proposed tracker (LP: #1952278)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)
  * CVE-2021-4002
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare
  * CVE-2021-43267
    - tipc: fix size validations for the MSG_CRYPTO type
  * Hirsute update: upstream stable patchset 2021-11-24 (LP: #1952136)
    - ext4: check and update i_disksize properly
    - ext4: correct the error path of ext4_write_inline_data_end()
    - ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
    - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
    - netfilter: ip6_tables: zero-initialize fragment offset
    - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
    - ASoC: SOF: loader: release_firmware() on load failure to avoid batching
    - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
    - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
    - mac80211: Drop frames from invalid MAC address in ad-hoc mode
    - m68k: Handle arrivals of multiple signals correctly
    - hwmon: (ltc2947) Properly handle errors when looking for the external clock
    - net: prevent user from passing illegal stab size
    - mac80211: check return value of rhashtable_init
    - vboxfs: fix broken legacy mount signature checking
    - net: sun: SUNVNET_COMMON should depend on INET
    - drm/amdgpu: fix gart.bo pin_count leak
    - scsi: ses: Fix unsigned comparison with less than zero
    - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
    - perf/core: fix userpage->time_enabled of inactive events
    - sched: Always inline is_percpu_thread()
    - hwmon: (pmbus/ibm-cffps) max_power_out swap changes
    - ALSA: usb-audio: Unify mixer resume and reset_resume procedure
    - pinctrl: qcom: sc7280: Add PM suspend callbacks
    - io_uring: kill fasync
    - ALSA: usb-audio: Add quirk for VF0770
    - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compa

Source diff to previous version
1786013 Packaging resync
1950336 hirsute/linux-azure: Backport more CIFS patches
1952136 Hirsute update: upstream stable patchset 2021-11-24
1947206 Updates to ib_peer_memory requested by Nvidia
1950584 cpufreq: intel_pstate: Clear HWP desired on suspend/shutdown and offline
1950536 keyboard not working on Medion notebook s17 series
1950144 [UBUNTU 20.04] kernel: unable to read partitions on virtio-block dasd (kvm)
1867570 reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
1951643 Hirsute update: upstream stable patchset 2021-11-19
1951159 Hirsute update: upstream stable patchset 2021-11-16
1950516 Hirsute update: upstream stable patchset 2021-11-10
CVE-2021-4002 hugetlbfs: flush TLBs correctly after huge_pmd_unshare
CVE-2021-43267 An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality all

Version: 5.11.0-1022.23~20.04.1 2021-11-29 16:07:29 UTC

  linux-azure-5.11 (5.11.0-1022.23~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.11: 5.11.0-1022.23~20.04.1 -proposed tracker
    (LP: #1949788)

  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.08)

  [ Ubuntu: 5.11.0-1022.23 ]

  * hirsute/linux-azure: 5.11.0-1022.23 -proposed tracker (LP: #1949789)
  * linux-azure: make mana.ko built-in (LP: #1949357)
    - [Config] CONFIG_MICROSOFT_MANA=y
    - [Config] remove mana from azure.modules
  * hirsute/linux-azure: Backport CIFS patches (LP: #1947027)
    - Revert "CIFS: Fix a potencially linear read overflow"
    - Revert "smb3: fix posix extensions mount option"
    - Revert "cifs: create sd context must be a multiple of 8"
    - Revert "smb3: rc uninitialized in one fallocate path"
    - Revert "cifs: add missing parsing of backupuid"
    - Revert "cifs: use helpers when parsing uid/gid mount options and validate
      them"
    - Revert "SMB3: fix readpage for large swap cache"
    - Revert "cifs: fix the out of range assignment to bit fields in
      parse_server_interfaces"
    - Revert "cifs: fix fallocate when trying to allocate a hole."
    - Revert "cifs: only write 64kb at a time when fallocating a small region of a
      file"
    - Revert "cifs: prevent NULL deref in cifs_compose_mount_options()"
    - Revert "cifs: Do not use the original cruid when following DFS links for
      multiuser mounts"
    - Revert "cifs: use the expiry output of dns_query to schedule next
      resolution"
    - Revert "cifs: handle reconnect of tcon when there is no cached dfs referral"
    - Revert "smb3: fix uninitialized value for port in witness protocol move"
    - Revert "cifs: fix check of dfs interlinks"
    - Revert "cifs: fix missing spinlock around update to ses->status"
    - Revert "cifs: improve fallocate emulation"
    - Revert "SMB3: incorrect file id in requests compounded with open"
    - Revert "cifs: set server->cipher_type to AES-128-CCM for SMB3.0"
    - Revert "cifs: fix memory leak in smb2_copychunk_range"
    - Revert "smb3: do not attempt multichannel to server which does not support
      it"
    - Revert "smb3: if max_channels set to more than one channel request
      multichannel"
    - Revert "smb3: when mounting with multichannel include it in requested
      capabilities"
    - Revert "smb2: fix use-after-free in smb2_ioctl_query_info()"
    - Revert "cifs: fix regression when mounting shares with prefix paths"
    - Revert "cifs: detect dead connections only when echoes are enabled."
    - Revert "cifs: fix leak in cifs_smb3_do_mount() ctx"
    - Revert "cifs: fix out-of-bound memory access when calling smb3_notify() at
      mount point"
    - Revert "cifs: Return correct error code from smb2_get_enc_key"
    - Revert "cifs: On cifs_reconnect, resolve the hostname again."
    - Revert "cifs: escape spaces in share names"
    - Revert "cifs: Silently ignore unknown oplock break handle"
    - Revert "cifs: revalidate mapping when we open files for SMB1 POSIX"
    - Revert "cifs: Adjust key sizes and key generation routines for AES256
      encryption"
    - Revert "smb3: fix cached file size problems in duplicate extents (reflink)"
    - Revert "cifs: change noisy error message to FYI"
    - Revert "cifs: ask for more credit on async read/write code paths"
    - Revert "cifs: Fix preauth hash corruption"
    - Revert "cifs: fix allocation size on newly created files"
    - Revert "cifs: warn and fail if trying to use rootfs without the config
      option"
    - Revert "cifs: do not send close in compound create+close requests"
    - Revert "cifs: return proper error code in statfs(2)"
    - Revert "cifs: fix credit accounting for extra channel"
    - Revert "cifs: fix handling of escaped ',' in the password mount argument"
    - Revert "cifs: fix nodfs mount option"
    - Revert "cifs: introduce helper for finding referral server to improve DFS
      target resolution"
    - Revert "cifs: check all path components in resolved dfs target"
    - Revert "cifs: fix DFS failover"
    - Revert "cifs: Fix inconsistent IS_ERR and PTR_ERR"
    - cifs_debug: use %pd instead of messing with ->d_name
    - smb3: negotiate current dialect (SMB3.1.1) when version 3 or greater
      requested
    - cifs: fix trivial typo
    - cifs: New optype for session operations.
    - cifs: Fix in error types returned for out-of-credit situations.
    - cifs: Identify a connection by a conn_id.
    - cifs: Reformat DebugData and index connections by conn_id.
    - cifs: Fix inconsistent IS_ERR and PTR_ERR
    - cifs: change confusing field serverName (to ip_addr)
    - cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData
    - cifs: Fix cifsacl ACE mask for group and others.
    - cifs: Retain old ACEs when converting between mode bits and ACL.
    - cifs: Change SIDs in ACEs while transferring file ownership.
    - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c
    - TCON Reconnect during STATUS_NETWORK_NAME_DELETED
    - cifs: minor simplification to smb2_is_network_name_deleted
    - cifs: If a corrupted DACL is returned by the server, bail out.
    - cifs: Add new mount parameter "acdirmax" to allow caching directory metadata
    - cifs: convert revalidate of directories to using directory metadata cache
      timeout
    - cifs: Add new parameter "acregmax" for distinct file and directory metadata
      timeout
    - cifs: fix handling of escaped ',' in the password mount argument
    - cifs: fix nodfs mount option
    - cifs: fix DFS failover
    - cifs: check all path components in resolved dfs target
    - cifs: introduce helper for finding referral server to improve DFS target
      resolution
    - cifs: use discard iterator to discard unneeded network data more efficiently
    - cifs: update internal version number
    - cifs: fix credit accounting for extra channel
    - cifs: ask for more credit on as

1786013 Packaging resync
1949357 linux-azure: make mana.ko built-in
1947027 hirsute/linux-azure: Backport CIFS patches
1948470 aufs: kernel bug with apparmor and fuseblk
1947164 ebpf: bpf_redirect fails with ip6 gre interfaces
1949516 require CAP_NET_ADMIN to attach N_HCI ldisc
1948351 ppc64 BPF JIT mod by 1 will not return 0
1949050 Fix Screen freeze after resume from suspend with iGPU [1002:6987]
1947709 Drop \
1949640 Hirsute update: upstream stable patchset 2021-11-03
1947161 ACL updates on OCFS2 are not revalidated
1949397 Hirsute update: upstream stable patchset 2021-11-01
1948873 Hirsute update: upstream stable patchset 2021-10-26
1947781 Hirsute update: upstream stable patchset 2021-10-19
CVE-2021-3744 crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
CVE-2021-3764 DoS in ccp_run_aes_gcm_cmd() function



About   -   Send Feedback to @ubuntu_updates