Package "linux-lowlatency-hwe-5.19-cloud-tools-common"
Name: |
linux-lowlatency-hwe-5.19-cloud-tools-common
|
Description: |
Linux kernel version specific cloud tools for version 5.19.0
|
Latest version: |
5.19.0-1030.30 |
Release: |
jammy (22.04) |
Level: |
security |
Repository: |
main |
Head package: |
linux-lowlatency-hwe-5.19 |
Links
Download "linux-lowlatency-hwe-5.19-cloud-tools-common"
Other versions of "linux-lowlatency-hwe-5.19-cloud-tools-common" in Jammy
Changelog
linux-lowlatency-hwe-5.19 (5.19.0-1030.30) jammy; urgency=medium
* jammy/linux-lowlatency-hwe-5.19: 5.19.0-1030.30 -proposed tracker
(LP: #2026452)
* Packaging resync (LP: #1786013)
- [Packaging] update update.conf
[ Ubuntu: 5.19.0-50.50 ]
* jammy/linux-hwe-5.19: 5.19.0-50.50 -proposed tracker (LP: #2026456)
* CVE-2023-2640 // CVE-2023-32629
- Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
ovl_do_(set|remove)xattr"
- Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
trusted.overlayfs.* xattrs"
- SAUCE: overlayfs: default to userxattr when mounted from non initial user
namespace
* CVE-2023-35001
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
* CVE-2023-31248
- netfilter: nf_tables: do not ignore genmask when looking up chain by id
* CVE-2023-3389
- io_uring: hold uring mutex around poll removal
* CVE-2023-3390
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
* CVE-2023-3141
- memstick: r592: Fix UAF bug in r592_remove due to race condition
* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb
* CVE-2022-48502
- fs/ntfs3: Check fields while reading
* Packaging resync (LP: #1786013)
- [Packaging] update update.conf
-- Stefan Bader <email address hidden> Thu, 13 Jul 2023 11:01:04 +0200
|
Source diff to previous version |
1786013 |
Packaging resync |
CVE-2023-35001 |
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or |
CVE-2023-31248 |
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a |
CVE-2023-3141 |
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker |
CVE-2022-48502 |
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an |
|
linux-lowlatency-hwe-5.19 (5.19.0-1028.29~22.04.1) jammy; urgency=medium
* jammy/linux-lowlatency-hwe-5.19: 5.19.0-1028.29~22.04.1 -proposed tracker
(LP: #2024035)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] resync update-dkms-versions helper
[ Ubuntu: 5.19.0-1028.29 ]
* kinetic/linux-lowlatency: 5.19.0-1028.29 -proposed tracker (LP: #2024036)
* kinetic/linux: 5.19.0-46.47 -proposed tracker (LP: #2024043)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] resync getabis
* CVE-2023-2430
- io_uring/msg_ring: fix missing lock on overflow for IOPOLL
* cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
- net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
* Some INVLPG implementations can leave Global translations unflushed when
PCIDs are enabled (LP: #2023220)
- x86/mm: Avoid incomplete Global INVLPG flushes
-- Stefan Bader <email address hidden> Wed, 21 Jun 2023 11:27:31 +0200
|
Source diff to previous version |
1786013 |
Packaging resync |
2023577 |
cls_flower: off-by-one in fl_set_geneve_opt |
CVE-2023-2430 |
io_uring/msg_ring: fix missing lock on overflow for IOPOLL |
|
linux-lowlatency-hwe-5.19 (5.19.0-1027.28~22.04.1) jammy; urgency=medium
* jammy/linux-lowlatency-hwe-5.19: 5.19.0-1027.28~22.04.1 -proposed tracker
(LP: #2023052)
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
[ Ubuntu: 5.19.0-1027.28 ]
* kinetic/linux-lowlatency: 5.19.0-1027.28 -proposed tracker (LP: #2023053)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
* kinetic/linux: 5.19.0-45.46 -proposed tracker (LP: #2023057)
* Kinetic update: upstream stable patchset 2023-05-23 (LP: #2020599)
- wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
|
Source diff to previous version |
1786013 |
Packaging resync |
2020599 |
Kinetic update: upstream stable patchset 2023-05-23 |
|
linux-lowlatency-hwe-5.19 (5.19.0-1025.26~22.04.1) jammy; urgency=medium
* jammy/linux-lowlatency-hwe-5.19: 5.19.0-1025.26~22.04.1 -proposed tracker
(LP: #2019598)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
[ Ubuntu: 5.19.0-1025.26 ]
* kinetic/linux-lowlatency: 5.19.0-1025.26 -proposed tracker (LP: #2019599)
* kinetic/linux: 5.19.0-43.44 -proposed tracker (LP: #2019606)
* CVE-2023-32233
- netfilter: nf_tables: deactivate anonymous set from preparation phase
* CVE-2023-2612
- SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
* CVE-2023-31436
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
* CVE-2023-1380
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
* CVE-2023-30456
- KVM: nVMX: add missing consistency checks for CR0 and CR4
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
-- Stefan Bader <email address hidden> Tue, 23 May 2023 15:37:34 +0200
|
Source diff to previous version |
1786013 |
Packaging resync |
CVE-2023-32233 |
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and |
CVE-2023-2612 |
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ub ... |
CVE-2023-31436 |
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. |
CVE-2023-1380 |
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. |
CVE-2023-30456 |
An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. |
|
linux-lowlatency-hwe-5.19 (5.19.0-1024.25~22.04.1) jammy; urgency=medium
* jammy/linux-lowlatency-hwe-5.19: 5.19.0-1024.25~22.04.1 -proposed tracker
(LP: #2016493)
[ Ubuntu: 5.19.0-1024.25 ]
* kinetic/linux-lowlatency: 5.19.0-1024.25 -proposed tracker (LP: #2016494)
* kinetic/linux: 5.19.0-42.43 -proposed tracker (LP: #2016503)
* selftest: fib_tests: Always cleanup before exit (LP: #2015956)
- selftest: fib_tests: Always cleanup before exit
* Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
- [Debian] autoreconstruct - fix restoration of execute permissions
* Kinetic update: upstream stable patchset 2023-04-10 (LP: #2015812)
- drm/etnaviv: don't truncate physical page address
- wifi: rtl8xxxu: gen2: Turn on the rate control
- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink
- clk: mxl: Switch from direct readl/writel based IO to regmap based IO
- clk: mxl: Remove redundant spinlocks
- clk: mxl: Add option to override gate clks
- clk: mxl: Fix a clk entry by adding relevant flags
- powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
- clk: mxl: syscon_node_to_regmap() returns error pointers
- random: always mix cycle counter in add_latent_entropy()
- KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
- KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
- can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
- powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
- powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
- powerpc/64s/radix: Fix RWX mapping with relocated kernel
- uaccess: Add speculation barrier to copy_from_user()
- wifi: mwifiex: Add missing compatible string for SD8787
- audit: update the mailing list in MAINTAINERS
- ext4: Fix function prototype mismatch for ext4_feat_ktype
- Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
child qdiscs"
- bpf: add missing header file include
- wifi: ath11k: fix warning in dma_free_coherent() of memory chunks while
recovery
- sched/psi: Stop relying on timer_pending() for poll_work rescheduling
- docs: perf: Fix PMU instance name of hisi-pcie-pmu
- randstruct: disable Clang 15 support
- ionic: refactor use of ionic_rx_fill()
- Fix XFRM-I support for nested ESP tunnels
- arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
- ARM: dts: rockchip: add power-domains property to dp node on rk3288
- HID: elecom: add support for TrackBall 056E:011C
- ACPI: NFIT: fix a potential deadlock during NFIT teardown
- btrfs: send: limit number of clones and allocated memory size
- ASoC: rt715-sdca: fix clock stop prepare timeout issue
- IB/hfi1: Assign npages earlier
- neigh: make sure used and confirmed times are valid
- HID: core: Fix deadloop in hid_apply_multiplier.
- x86/cpu: Add Lunar Lake M
- bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
- net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().
- vc_screen: don't clobber return value in vcs_read
- scripts/tags.sh: fix incompatibility with PCRE2
- usb: dwc3: pci: add support for the Intel Meteor Lake-M
- USB: serial: option: add support for VW/Skoda "Carstick LTE"
- usb: gadget: u_serial: Add null pointer check in gserial_resume
- USB: core: Don't hold device lock while reading the "descriptors" sysfs file
* Kinetic update: upstream stable patchset 2023-04-06 (LP: #2015511)
- ARM: dts: imx: Fix pca9547 i2c-mux node name
- ARM: dts: vf610: Fix pca9548 i2c-mux node names
- arm64: dts: freescale: Fix pca954x i2c-mux node names
- arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI
- firmware: arm_scmi: Clear stale xfer->hdr.status
- bpf: Skip task with pid=1 in send_signal_common()
- erofs/zmap.c: Fix incorrect offset calculation
- blk-cgroup: fix missing pd_online_fn() while activating policy
- HID: playstation: sanity check DualSense calibration data.
- dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
- cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
- extcon: usbc-tusb320: fix kernel-doc warning
- net: fix NULL pointer in skb_segment_list
- net: mctp: purge receive queues on sk destruction
- firewire: fix memory leak for payload of request subaction to IEC 61883-1
FCP region
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
- ASoC: Intel: bytcht_es8316: Drop reference count of ACPI device after use
- ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
- ASoC: Intel: bytcr_rt5640: Drop reference count of ACPI device after use
- ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
- bpf: Fix a possible task gone issue with bpf_send_signal[_thread]() helpers
- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
- bpf: Fix to preserve reg parent/live fields when copying range info
- bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
- arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
- drm/vc4: hdmi: make CEC adapter name unique
- scsi: Revert "scsi: core: map PQ=1, PDT=other values to
SCSI_SCAN_TARGET_PRESENT"
- vhost/net: Clear the pending messages when the backend is removed
- WRITE is "data source", not destination...
- READ is "data destination", not source...
- fix iov_iter_bvec() "direction" argument
- fix "direction" argument of iov_iter_kvec()
- ice: Prevent set_channel from changing queues while RDMA active
- qede: execute xdp_do_flush() before napi_complete_done()
- virtio-net: execute xdp_do_flush() before napi_complete_done()
- dpaa_eth: execute xdp_do_flush() before napi_complete_done()
- dpaa2-eth: execut
|
2015498 |
Debian autoreconstruct Fix restoration of execute permissions |
2015812 |
Kinetic update: upstream stable patchset 2023-04-10 |
2015511 |
Kinetic update: upstream stable patchset 2023-04-06 |
1988346 |
cm32181 module error blocking suspend |
2013088 |
kernel: fix __clear_user() inline assembly constraints |
2013209 |
expoline.o is packaged unconditionally for s390x |
2006453 |
Fix selftests/ftracetests/Meta-selftests in Focal |
2009136 |
No HDMI audio under 5.19.0-35 \u0026 -37 (regression from -32) |
2004262 |
Intel E810 NICs driver in causing hangs when booting and bonds configured |
2015288 |
Kinetic update: upstream stable patchset 2023-04-04 |
1937133 |
devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute (KeyError: 'flavour') |
2011616 |
Connection timeout due to conntrack limits |
2012977 |
Kinetic update: upstream stable patchset 2023-03-27 |
2012438 |
Kinetic update: upstream stable patchset 2023-03-21 |
2012307 |
Kinetic update: upstream stable patchset 2023-03-20 |
2009546 |
Kinetic update: upstream stable patchset 2023-03-06 |
CVE-2023-1075 |
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the |
CVE-2022-36280 |
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel |
CVE-2023-1118 |
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user |
|
About
-
Send Feedback to @ubuntu_updates