Package "linux"

Name: linux


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.8.0 on 64 bit x86 SMP

Latest version: 5.8.0-53.60
Release: groovy (20.10)
Level: updates
Repository: main


Other versions of "linux" in Groovy

Repository Area Version
base main 5.8.0-25.26
security main 5.8.0-53.60
proposed main 5.8.0-54.61
PPA: Canonical Kernel Team 5.8.0-54.61

Packages in group

Deleted packages are displayed in grey.


Version: 5.8.0-53.60 2021-05-11 19:06:27 UTC

  linux (5.8.0-53.60) groovy; urgency=medium

  * CVE-2021-3491
    - io_uring: fix provide_buffers sign extension
    - io_uring: fix overflows checks in provide buffers
    - SAUCE: proc: Avoid mixing integer types in mem_rw()
    - SAUCE: io_uring: truncate lengths larger than MAX_RW_COUNT on provide

  * CVE-2021-3490
    - bpf: Fix a verifier failure with xor
    - SAUCE: bpf: verifier: fix ALU32 bounds tracking with bitwise ops

  * CVE-2021-3489
    - SAUCE: bpf: ringbuf: deny reserve of buffers larger than ringbuf
    - SAUCE: bpf: prevent writable memory-mapping of read-only ringbuf pages

 -- Stefan Bader <email address hidden> Thu, 06 May 2021 07:43:20 +0200

Source diff to previous version

Version: 5.8.0-50.56 2021-04-15 19:07:28 UTC

  linux (5.8.0-50.56) groovy; urgency=medium

  * overlayfs calls vfs_setxattr without cap_convert_nscap
    - vfs: move cap_convert_nscap() call into vfs_setxattr()

  * CVE-2021-3492
    - SAUCE: shiftfs: free allocated memory in shiftfs_btrfs_ioctl_fd_replace()
      error paths
    - SAUCE: shiftfs: handle copy_to_user() return values correctly

  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

 -- Stefan Bader <email address hidden> Mon, 12 Apr 2021 17:02:49 +0200

Source diff to previous version
CVE-2021-3492 RESERVED
CVE-2021-29154 BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ...

Version: 5.8.0-49.55 2021-04-12 16:06:25 UTC

  linux (5.8.0-49.55) groovy; urgency=medium

  * groovy/linux: 5.8.0-49.55 -proposed tracker (LP: #1921053)

  * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * improper memcg accounting causes NULL pointer derefs (LP: #1918668)
    - SAUCE: Revert "mm: memcg/slab: optimize objcg stock draining"

  * kernel: Enable CONFIG_BPF_LSM on Ubuntu (LP: #1905975)
    - [Config] Enable CONFIG_BPF_LSM

  * Groovy update: upstream stable patchset 2021-03-10 (LP: #1918516)
    - gpio: mvebu: fix pwm .get_state period calculation
    - HID: wacom: Correct NULL dereference on AES pen proximity
    - media: v4l2-subdev.h: BIT() is not available in userspace
    - RDMA/vmw_pvrdma: Fix network_hdr_type reported in WC
    - kernel/io_uring: cancel io_uring before task works
    - io_uring: dont kill fasync under completion_lock
    - objtool: Don't fail on missing symbol table
    - mm/page_alloc: add a missing mm_page_alloc_zone_locked() tracepoint
    - mm: fix a race on nr_swap_pages
    - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
    - iwlwifi: provide gso_type to GSO packets
    - tty: avoid using vfs_iocb_iter_write() for redirected console writes
    - ACPI: sysfs: Prefer "compatible" modalias
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
    - ALSA: hda/via: Apply the workaround generically for Clevo machines
    - parisc: Enable -mlong-calls gcc option by default when !CONFIG_MODULES
    - media: cec: add stm32 driver
    - media: hantro: Fix reset_raw_fmt initialization
    - media: rc: fix timeout handling after switch to microsecond durations
    - media: rc: ite-cir: fix min_timeout calculation
    - media: rc: ensure that uevent can be read directly after rc device register
    - ARM: dts: tbs2910: rename MMC node aliases
    - ARM: dts: ux500: Reserve memory carveouts
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - ASoC: AMD Renoir - refine DMI entries for some Lenovo products
    - drm/i915: Always flush the active worker before returning from the wait
    - drm/i915/gt: Always try to reserve GGTT address 0x0
    - drivers/nouveau/kms/nv50-: Reject format modifiers for cursor planes
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - s390: uv: Fix sysfs max number of VCPUs reporting
    - s390/vfio-ap: No need to disable IRQ after queue reset
    - PM: hibernate: flush swap writer after marking
    - x86/entry: Emit a symbol for register restoring thunk
    - efi/apple-properties: Reinstate support for boolean properties
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - btrfs: fix possible free space tree corruption with online conversion
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
    - KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh()
    - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
    - KVM: x86: get smi pending status correctly
    - KVM: Forbid the use of tagged userspace addresses for memslots
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - arm64: dts: broadcom: Fix USB DMA address translation for Stingray
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit.
    - drm/i915/gt: Clear CACHE_MODE prior to clearing residuals
    - drm/i915/pmu: Don't grab wakeref when enabling events
    - net/mlx5e: Fix IPSEC stats
    - ARM: dts: imx6qdl-kontron-samx6i: fix pwms for lcd-backlight
    - drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices
    - drm/i915: Check for all subplatform bits
    - drm/i915/selftest: Fix potential memory leak
    - uapi: fix big endian definition of ipv6_rpl_sr_hdr
    - KVM: Documentation: Fix spec for KVM_CAP_ENABLE_CAP_VM
    - tee: optee: replace might_sleep with cond_resched
    - xen-blkfront: allow discard-* nodes to be optional
    - clk: mmp2: fix build without CONFIG_PM
    - clk: qcom: gcc-sm250: Use floor ops for sdcc clks
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - ARM: zImage: atags_to_fdt: Fix node names on added root nodes
    - netfilter: nft_dynset: add timeout extension to template
    - Revert "RDMA/mlx5: Fix devlink deadlock on net namespace deletion"
    - xfrm: Fix oops in xfrm_replay_advance_bmp
    - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
    - xfrm: Fix wraparound in xfrm_policy_addr_delta()
    - arm64: dts: ls1028a: fix the offset of the reset register
    - ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
    - ARM: dts: imx6qdl-sr-som: fix some cubox-i platforms
    - arm64: dts: imx8mp: Correct the gpio ranges of gpio3
    - firmware: imx: select SOC_BUS to fix firmware build
    - RDMA/cxgb4: Fix the reported max_recv_sge value
    - ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
    - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
    - pNFS/NFSv4: Update the layout barrier when we schedule a layoutreturn
    - iwlwifi: pcie: set LTR on more devices
    - iwlwifi: pcie: use jiffies for memory read spin time limit
    - iwlwifi: pcie: reschedule in long-running memory reads
    - mac80211: pause TX while changing interface type
    - ice: fix FDir IPv6 flexbyte
    - ice: Implement flow for IPv6 next header (extension header)
    - ice: update dev

Source diff to previous version
1920995 selftests: bpf verifier fails after sanitize_ptr_alu fixes
1786013 Packaging resync
1918668 improper memcg accounting causes NULL pointer derefs
1905975 kernel: Enable CONFIG_BPF_LSM on Ubuntu
1918516 Groovy update: upstream stable patchset 2021-03-10
1917609 [Regression] ubuntu_bpf failed to build on Groovy
1917829 alsa/hda: the hdmi audio dosn't work on TGL machines
1917964 Groovy update: upstream stable patchset 2021-03-05
1916290 Enforce CONFIG_DRM_BOCHS=m
1916960 Groovy update: upstream stable patchset 2021-02-25
CVE-2021-3347 An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local user
CVE-2021-3348 nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attacke
CVE-2021-20239 Untrusted Pointer Dereference in setsockopt system call

Version: 5.8.0-48.54 2021-03-23 21:06:49 UTC

  linux (5.8.0-48.54) groovy; urgency=medium

  * CVE-2020-27170
    - bpf: Fix off-by-one for area size in creating mask to left

  * CVE-2020-27171
    - bpf: Prohibit alu ops for pointer types not defining ptr_limit

Source diff to previous version
CVE-2020-27170 An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...
CVE-2020-27171 An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...

Version: 5.8.0-45.51 2021-03-15 10:07:04 UTC

  linux (5.8.0-45.51) groovy; urgency=medium

  * groovy/linux: 5.8.0-45.51 -proposed tracker (LP: #1916143)

  * Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
    - [Config] enable CONFIG_MODVERSIONS=y
    - [Packaging] build canonical-certs.pem from branch/arch certs
    - [Config] add Canonical Livepatch Service key to SYSTEM_TRUSTED_KEYS
    - [Config] add ubuntu-drivers key to SYSTEM_TRUSTED_KEYS

  * CVE-2021-20194
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check

  * Missing device id for Intel TGL-H ISH [8086:43fc] in intel-ish-hid driver
    (LP: #1914543)
    - HID: intel-ish-hid: ipc: Add Tiger Lake H PCI device ID

  * Prevent thermal shutdown during boot process (LP: #1906168)
    - thermal/core: Emit a warning if the thermal zone is updated without ops
    - thermal/core: Add critical and hot ops
    - thermal/drivers/acpi: Use hot and critical ops
    - thermal/drivers/rcar: Remove notification usage
    - thermal: int340x: Fix unexpected shutdown at critical temperature
    - thermal: intel: pch: Fix unexpected shutdown at critical temperature

  * geneve overlay network on vlan interface broken with offload enabled
    (LP: #1914447)
    - net/mlx5e: Fix SWP offsets when vlan inserted by driver

  * Groovy update: upstream stable patchset 2021-02-11 (LP: #1915473)
    - net: cdc_ncm: correct overhead in delayed_ndp_size
    - net: hns3: fix the number of queues actually used by ARQ
    - net: hns3: fix a phy loopback fail issue
    - net: stmmac: dwmac-sun8i: Balance internal PHY resource references
    - net: stmmac: dwmac-sun8i: Balance internal PHY power
    - net: vlan: avoid leaks on register_vlan_dev() failures
    - net/sonic: Fix some resource leaks in error handling paths
    - net: ipv6: fib: flush exceptions when purging route
    - tools: selftests: add test for changing routes with PTMU exceptions
    - net: fix pmtu check in nopmtudisc mode
    - net: ip: always refragment ip defragmented packets
    - octeontx2-af: fix memory leak of lmac and lmac->name
    - nexthop: Fix off-by-one error in error path
    - nexthop: Unlink nexthop group entry in error path
    - s390/qeth: fix L2 header access in qeth_l3_osa_features_check()
    - net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE
    - net/mlx5: Use port_num 1 instead of 0 when delete a RoCE address
    - net/mlx5e: ethtool, Fix restriction of autoneg with 56G
    - chtls: Fix hardware tid leak
    - chtls: Remove invalid set_tcb call
    - chtls: Fix panic when route to peer not configured
    - chtls: Replace skb_dequeue with skb_peek
    - chtls: Added a check to avoid NULL pointer dereference
    - chtls: Fix chtls resources release sequence
    - HID: wacom: Fix memory leakage caused by kfifo_alloc
    - ARM: OMAP2+: omap_device: fix idling of devices during probe
    - i2c: sprd: use a specific timeout to avoid system hang up issue
    - dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk()
    - can: tcan4x5x: fix bittiming const, use common bittiming from m_can driver
    - can: m_can: m_can_class_unregister(): remove erroneous m_can_clk_stop()
    - can: kvaser_pciefd: select CONFIG_CRC32
    - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
    - spi: stm32: FIFO threshold level - fix align packet size
    - i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated
    - dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling
      path of the probe function
    - dmaengine: xilinx_dma: check dma_async_device_register return value
    - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe()
    - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
    - qed: select CONFIG_CRC32
    - wil6210: select CONFIG_CRC32
    - block: rsxx: select CONFIG_CRC32
    - lightnvm: select CONFIG_CRC32
    - iommu/intel: Fix memleak in intel_irq_remapping_alloc
    - bpftool: Fix compilation failure for net.o with older glibc
    - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
    - net/mlx5e: Fix two double free cases
    - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev
    - wan: ds26522: select CONFIG_BITREVERSE
    - regulator: qcom-rpmh-regulator: correct hfsmps515 definition
    - net: mvpp2: disable force link UP during port init procedure
    - KVM: arm64: Don't access PMCR_EL0 when no PMU is available
    - block: fix use-after-free in disk_part_iter_next
    - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed
    - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init()
    - drm/panfrost: Don't corrupt the queue mutex on open/close
    - scsi: ufs: Fix -Wsometimes-uninitialized warning
    - btrfs: skip unnecessary searches for xattrs when logging an inode
    - net: stmmac: dwmac-sun8i: Fix probe error handling
    - net: stmmac: dwmac-sun8i: Balance syscon (de)initialization
    - net: bareudp: add missing error handling for bareudp_link_config()
    - ptp: ptp_ines: prevent build when HAS_IOMEM is not set
    - chtls: Avoid unnecessary freeing of oreq pointer
    - nexthop: Bounce NHA_GATEWAY in FDB nexthop groups
    - net/mlx5e: In skb build skip setting mark in switchdev mode
    - ionic: start queues before announcing link up
    - fanotify: Fix sys_fanotify_mark() on native x86-32
    - spi: spi-geni-qcom: Fix geni_spi_isr() NULL dereference in timeout case
    - i2c: mediatek: Fix apdma and i2c hand-shake timeout
    - interconnect: imx: Add a missing of_node_put after of_device_is_available
    - dmaengine: milbeaut-xdmac: Fix a resource leak in the error handling path of
      the probe function
    - phy: dp83640: select CONFIG_CRC32
    - zonefs: select CONFIG_CRC32
    - iommu/vt-d: Fix misuse of ALIGN in

1898716 Please trust Canonical Livepatch Service kmod signing key
1914543 Missing device id for Intel TGL-H ISH [8086:43fc] in intel-ish-hid driver
1906168 Prevent thermal shutdown during boot process
1914447 geneve overlay network on vlan interface broken with offload enabled
1915473 Groovy update: upstream stable patchset 2021-02-11
1913372 Fix the video can't output through WD19TB connected on TGL's Type-C port during cold-boot
1912676 Fix regression introduced by codec PM change
1913520 Restore palm ejection on multi-input devices
1907160 intel-hid is not loaded on new Intel platform
1913263 Remove scary stack trace from Realtek WiFi driver
1914832 Groovy update: upstream stable patchset 2021-02-05
1914472 Groovy update: upstream stable patchset 2021-02-03
CVE-2021-20194 heap overflow in __cgroup_bpf_run_filter_getsockopt()

About   -   Send Feedback to @ubuntu_updates