UbuntuUpdates.org

Package "linux-oem-6.0"




Name: linux-oem-6.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

Latest version: *DELETED*
Release: jammy (22.04)
Level: proposed
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux-oem-6.0" in Jammy

Repository Area Version
security main 6.0.0-1021.21
updates main 6.0.0-1021.21
PPA: Canonical Kernel Team 6.0.0-1018.18

Changelog

Version: 6.0.0-1014.14 2023-04-05 21:06:55 UTC

  linux-oem-6.0 (6.0.0-1014.14) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1014.14 -proposed tracker (LP: #2011920)

  * CVE-2022-4382
    - USB: gadgetfs: Fix race between mounting and unmounting

  * CVE-2023-23559
    - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid

  * CVE-2023-1118
    - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()

  * CVE-2023-26605
    - fs: do not update freeing inode i_io_list

  * CVE-2023-26607
    - ntfs: fix out-of-bounds read in ntfs_attr_find()

  * CVE-2022-36280
    - drm/vmwgfx: Validate the box size for the snooped cursor

  * CVE-2023-1074
    - sctp: fail if no bound addresses can be used for a given scope

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update Ubuntu.md
    - [Packaging] update update.conf

 -- Manuel Diewald <email address hidden> Fri, 31 Mar 2023 17:29:02 +0200
1786013 Packaging resync
CVE-2022-4382 A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a
CVE-2023-23559 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user
CVE-2023-26605 In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.
CVE-2023-26607 In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel
CVE-2023-1074 A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networki

Version: *DELETED* 2023-03-28 17:06:56 UTC
No changelog for deleted or moved packages.

Version: 6.0.0-1013.13 2023-03-17 14:06:50 UTC

  linux-oem-6.0 (6.0.0-1013.13) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1013.13 -proposed tracker (LP: #2008351)

  * CVE-2023-1281
    - net/sched: tcindex: update imperfect hash filters respecting rcu

  * CVE-2023-1032
    - net: avoid double iput when sock_alloc_file fails

  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest

  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS

  * Fix HFP mSBC support on Realtek Bluetooth USB controller (LP: #2007331)
    - Bluetooth: btrtl: Add btrealtek data struct
    - Bluetooth: btusb: Ignore zero length of USB packets on ALT 6 for specific
      chip

 -- Timo Aaltonen <email address hidden> Thu, 16 Mar 2023 17:59:47 +0200
1814234 rtcpie in timers from ubuntu_kernel_selftests randomly failing
CVE-2023-1281 RESERVED
CVE-2023-1032 RESERVED
CVE-2022-2196 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 du

Version: *DELETED* 2023-03-03 05:07:04 UTC
No changelog for deleted or moved packages.

Version: 6.0.0-1012.12 2023-02-13 21:07:07 UTC

  linux-oem-6.0 (6.0.0-1012.12) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1012.12 -proposed tracker (LP: #2004348)

  * CVE-2023-0469
    - io_uring/filetable: fix file reference underflow

  * LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot (LP: #1987998)
    - SAUCE: LSM: Change Landlock from LSMBLOB_NEEDED to LSMBLOB_NOT_NEEDED

  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()

  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets

  * CVE-2022-3567
    - ipv6: Fix data races around sk->sk_prot.

  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow

  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

  * CVE-2022-43945
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()

  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP

  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates

 -- Timo Aaltonen <email address hidden> Fri, 10 Feb 2023 12:37:27 +0200
1987998 LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot
1996892 Expose built-in trusted and revoked certificates
CVE-2023-0469 A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e
CVE-2022-20369 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation
CVE-2023-0461 RESERVED


About   -   Send Feedback to @ubuntu_updates