UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP

Latest version: 5.15.0-58.64
Release: jammy (22.04)
Level: updates
Repository: main

Links



Other versions of "linux" in Jammy

Repository Area Version
base main 5.15.0-25.25
security main 5.15.0-56.62
proposed main 5.15.0-60.66
PPA: Canonical Kernel Team 5.15.0-66.73

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-58.64 2023-01-12 16:07:42 UTC

  linux (5.15.0-58.64) jammy; urgency=medium

  * jammy/linux: 5.15.0-58.64 -proposed tracker (LP: #2001670)

  * CVE-2022-3643
    - xen/netback: Ensure protocol headers don't fall in the non-linear area

  * CVE-2022-4378
    - proc: proc_skip_spaces() shouldn't think it is working on C strings
    - proc: avoid integer type confusion in get_proc_long

  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow

  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 05 Jan 2023 08:07:03 -0300

Source diff to previous version
CVE-2022-3643 Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux bas
CVE-2022-4378 A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem ...
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma

Version: 5.15.0-57.63 2023-01-06 02:09:10 UTC

  linux (5.15.0-57.63) jammy; urgency=medium

  * jammy/linux: 5.15.0-57.63 -proposed tracker (LP: #1997737)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - debian/dkms-versions -- update from kernel-versions (main/2022.11.14)

  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates

  * TEE Support for CCP driver (LP: #1991608)
    - crypto: ccp: Add support for TEE for PCI ID 0x14CA

  * alsa: soc: the kernel print UBSAN calltrace on the machine with cs35l41
    codec (LP: #1996121)
    - ASoC: cs35l41: Add one more variable in the debug log
    - ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t

  * Fix ath11k deadlock on WCN6855 (LP: #1995041)
    - wifi: ath11k: avoid deadlock during regulatory update in
      ath11k_regd_update()

  * [UBUNTU 20.04] boot: Add s390x secure boot trailer (LP: #1996071)
    - s390/boot: add secure boot trailer

  * Fix rfkill causing soft blocked wifi (LP: #1996198)
    - platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi

  * Fix Thunderbolt device hotplug fail when connect via thunderbolt dock
    (LP: #1991366)
    - PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
    - PCI: Pass available buses even if the bridge is already configured
    - PCI: Move pci_assign_unassigned_root_bus_resources()
    - PCI: Distribute available resources for root buses, too
    - PCI: Fix whitespace and indentation
    - PCI: Fix typo in pci_scan_child_bus_extend()

  * md: Replace snprintf with scnprintf (LP: #1993315)
    - md: Replace snprintf with scnprintf

  * input/keyboard: the keyboard on some Asus laptops can't work (LP: #1992266)
    - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
    - ACPI: resource: Add ASUS model S5402ZA to quirks

  * Fix Turbostat is not working for fam: 6 model: 191: stepping: 2 CPU
    (LP: #1991365)
    - tools/power turbostat: Add support for RPL-S

  * pcieport 0000:00:1b.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal),
    type=Transaction Layer, (Requester ID) (LP: #1988797)
    - PCI/PTM: Cache PTM Capability offset
    - PCI/PTM: Add pci_upstream_ptm() helper
    - PCI/PTM: Separate configuration and enable
    - PCI/PTM: Add pci_suspend_ptm() and pci_resume_ptm()
    - PCI/PTM: Move pci_ptm_info() body into its only caller
    - PCI/PTM: Preserve RsvdP bits in PTM Control register
    - PCI/PTM: Reorder functions in logical order
    - PCI/PTM: Consolidate PTM interface declarations
    - PCI/PM: Always disable PTM for all devices during suspend
    - PCI/PM: Simplify pci_pm_suspend_noirq()

  * Fix RPL-S support on powercap/intel_rapl (LP: #1990161)
    - x86/cpu: Drop spurious underscore from RAPTOR_LAKE #define
    - x86/cpu: Add new Alderlake and Raptorlake CPU model numbers
    - x86/cpu: Add new Raptor Lake CPU model number
    - powercap: intel_rapl: add support for RaptorLake
    - powercap: intel_rapl: Add support for RAPTORLAKE_P
    - powercap: intel_rapl: Add support for RAPTORLAKE_S

  * AMD Yellow Carp system hang on HDMI plug in/out over HP hook2 docking
    (LP: #1991974)
    - drm/amd/display: Fix for link encoder access for MST.
    - drm/amd/display: Fix MST link encoder availability check.
    - drm/amd/display: FEC configuration for dpia links
    - drm/amd/display: FEC configuration for dpia links in MST mode
    - drm/amd/display: Add work around for tunneled MST.

  * Jammy update: v5.15.74 upstream stable release (LP: #1995638)
    - nilfs2: fix use-after-free bug of struct nilfs_root
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: restore O_NONBLOCK support
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - efi: Correct Macmini DMI match in uefi cert quirk
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - Revert "powerpc/rtas: Implement reentrant rtas call"
    - Revert "crypto: qat - reduce size of mapped region"
    - random: avoid reading two cache lines on irq randomness
    - random: use expired timer rather than wq for mixing fast pool
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - misc: pci_endpoint_test: Aggregate params checking for xfer
    - misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
    - Linux 5.15.74

  * Jammy update: v5.15.73 upstream stable release (LP: #1995637)
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - docs: update mediator information in CoC docs
    - xsk: Inherit need_wakeup flag for shared sockets
    - mm: gup: fix the fast GUP race against THP collapse
    - powerpc/64s/radix: don't need to broadcast IPI for radix pmd collapse flush
    - firmware: arm_scmi: Improve checks in the info_get operations
    - firmware: arm_scmi: Harden accesses to the sensor domains
    - firmware: arm_scmi: Add SCMI PM driver remove routine
    - dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - scsi: qedf: Fix a UAF bug in __qedf_probe()
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - net: marvell: prestera: add support for for Aldrin2
    - ALSA: hda/hdmi: Fix the converter reuse for the silent stream
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - arch: um: Mark the stack non-executable to fix a binutils warning
    - net: atlantic: fix potential memory leak

Source diff to previous version
1786013 Packaging resync
1996892 Expose built-in trusted and revoked certificates
1996121 alsa: soc: the kernel print UBSAN calltrace on the machine with cs35l41 codec
1996071 [UBUNTU 20.04] boot: Add s390x secure boot trailer
1996198 Fix rfkill causing soft blocked wifi
1991366 Fix Thunderbolt device hotplug fail when connect via thunderbolt dock
1993315 md: Replace snprintf with scnprintf
1992266 input/keyboard: the keyboard on some Asus laptops can't work
1991974 AMD Yellow Carp system hang on HDMI plug in/out over HP hook2 docking
1995638 Jammy update: v5.15.74 upstream stable release
1995637 Jammy update: v5.15.73 upstream stable release
1995517 Jammy update: v5.15.72 upstream stable release
1995420 Jammy update: v5.15.71 upstream stable release
1995415 Jammy update: v5.15.70 upstream stable release
1993010 Jammy update: v5.15.69 upstream stable release
1993003 Jammy update: v5.15.68 upstream stable release
1991841 Jammy update: v5.15.67 upstream stable release
1991840 Jammy update: v5.15.66 upstream stable release
1991831 Jammy update: v5.15.65 upstream stable release
CVE-2022-2663 An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall
CVE-2022-3061 Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't c

Version: 5.15.0-56.62 2022-12-01 02:07:32 UTC

  linux (5.15.0-56.62) jammy; urgency=medium

  * jammy/linux: 5.15.0-56.62 -proposed tracker (LP: #1997079)

  * CVE-2022-3566
    - tcp: Fix data races around icsk->icsk_af_ops.

  * CVE-2022-3567
    - ipv6: annotate some data-races around sk->sk_prot
    - ipv6: Fix data races around sk->sk_prot.

  * CVE-2022-3621
    - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()

  * CVE-2022-3564
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu

  * CVE-2022-3524
    - tcp/udp: Fix memory leak in ipv6_renew_options().

  * CVE-2022-3565
    - mISDN: fix use-after-free bugs in l1oip timer handlers

  * CVE-2022-3594
    - r8152: Rate limit overflow messages

  * CVE-2022-43945
    - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
    - SUNRPC: Fix svcxdr_init_encode's buflen calculation
    - NFSD: Protect against send buffer overflow in NFSv2 READDIR
    - NFSD: Protect against send buffer overflow in NFSv3 READDIR
    - NFSD: Protect against send buffer overflow in NFSv2 READ
    - NFSD: Protect against send buffer overflow in NFSv3 READ
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

  * CVE-2022-42703
    - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse

  * 5.15.0-53-generic no longer boots (LP: #1996740)
    - drm/amd/display: Add helper for blanking all dp displays

 -- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 22 Nov 2022 12:08:58 -0300

Source diff to previous version
1996740 5.15.0-53-generic no longer boots
CVE-2022-3566 A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the compo
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-3621 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/
CVE-2022-3564 A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net
CVE-2022-3524 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of
CVE-2022-3565 A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drive
CVE-2022-3594 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the f
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e
CVE-2022-42703 mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

Version: 5.15.0-53.59 2022-11-15 12:06:42 UTC

  linux (5.15.0-53.59) jammy; urgency=medium

  * Fix blank screen on Thinkpad ADL 4K+ panel (LP: #1980621)
    - drm/i915: Implement WaEdpLinkRateDataReload

  * Kernel regresses openjdk on riscv64 (LP: #1992484)
    - SAUCE: Revert "riscv: mmap with PROT_WRITE but no PROT_READ is invalid"

  * iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
    (LP: #1983656)
    - iavf: Fix set max MTU size with port VLAN and jumbo frames
    - i40e: Fix VF set max MTU size

  * [Ubuntu 22.04] mpt3sas: Request to include latest bug fix patches
    (LP: #1965927)
    - scsi: mpt3sas: Remove scsi_dma_map() error messages
    - scsi: mpt3sas: Update persistent trigger pages from sysfs interface

  * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
    systems (LP: #1990985)
    - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
      systems

  * Fix resume on AMD platforms when TBT monitor is plugged (LP: #1990920)
    - SAUCE: Revert "drm/amd/display: Add helper for blanking all dp displays"
    - drm/amd/display: Detect dpcd_rev when hotplug mst monitor
    - drm/amd/display: Release remote dc_sink under mst scenario

  * LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot (LP: #1987998)
    - SAUCE: LSM: Change Landlock from LSMBLOB_NEEDED to LSMBLOB_NOT_NEEDED

  * To support Intel Maple Ridge Thunderbolt [8086:1134] (LP: #1990240)
    - thunderbolt: Add support for Intel Maple Ridge single port controller

  * Intel graphic driver is not probing[8086:468b] (LP: #1990242)
    - drm/i915/adl_s: Update ADL-S PCI IDs
    - drm/i915: Add new ADL-S pci id

  * Add HDMI codec ID for Intel Raptor Lake (LP: #1989578)
    - ALSA: hda: Add PCI and HDMI IDs for Intel Raptor Lake

  * Jammy update: v5.15.64 upstream stable release (LP: #1991717)
    - wifi: rtlwifi: remove always-true condition pointed out by GCC 12
    - eth: sun: cassini: remove dead code
    - audit: fix potential double free on error path from fsnotify_add_inode_mark
    - cgroup: Fix race condition at rebind_subsystems()
    - parisc: Make CONFIG_64BIT available for ARCH=parisc64 only
    - parisc: Fix exception handler for fldw and fstw instructions
    - kernel/sys_ni: add compat entry for fadvise64_64
    - x86/entry: Move CLD to the start of the idtentry macro
    - block: add a bdev_max_zone_append_sectors helper
    - block: add bdev_max_segments() helper
    - btrfs: zoned: revive max_zone_append_bytes
    - btrfs: replace BTRFS_MAX_EXTENT_SIZE with fs_info->max_extent_size
    - btrfs: convert count_max_extents() to use fs_info->max_extent_size
    - Input: i8042 - move __initconst to fix code styling warning
    - Input: i8042 - merge quirk tables
    - Input: i8042 - add TUXEDO devices to i8042 quirk tables
    - Input: i8042 - add additional TUXEDO devices to i8042 quirk tables
    - drivers/base: fix userspace break from using bin_attributes for cpumap and
      cpulist
    - scsi: qla2xxx: Fix response queue handler reading stale packets
    - scsi: qla2xxx: edif: Fix dropped IKE message
    - btrfs: put initial index value of a directory in a constant
    - btrfs: pass the dentry to btrfs_log_new_name() instead of the inode
    - btrfs: remove unnecessary parameter delalloc_start for writepage_delalloc()
    - riscv: lib: uaccess: fold fixups into body
    - riscv: lib: uaccess: fix CSR_STATUS SR_SUM bit
    - xfrm: fix refcount leak in __xfrm_policy_check()
    - xfrm: clone missing x->lastused in xfrm_do_migrate
    - xfrm: policy: fix metadata dst->dev xmit null pointer dereference
    - fs: require CAP_SYS_ADMIN in target namespace for idmapped mounts
    - net: use eth_hw_addr_set() instead of ether_addr_copy()
    - Revert "net: macsec: update SCI upon MAC address change."
    - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
    - NFSv4.2 fix problems with __nfs42_ssc_open
    - SUNRPC: RPC level errors should set task->tk_rpc_status
    - mm/smaps: don't access young/dirty bit if pte unpresent
    - ntfs: fix acl handling
    - rose: check NULL rose_loopback_neigh->loopback
    - r8152: fix the units of some registers for RTL8156A
    - r8152: fix the RX FIFO settings when suspending
    - nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout
    - ice: xsk: Force rings to be sized to power of 2
    - ice: xsk: prohibit usage of non-balanced queue id
    - net/mlx5e: Properly disable vlan strip on non-UL reps
    - net/mlx5: Avoid false positive lockdep warning by adding lock_class_key
    - net/mlx5e: Fix wrong application of the LRO state
    - net/mlx5e: Fix wrong tc flag used when set hw-tc-offload off
    - net: ipa: don't assume SMEM is page-aligned
    - net: phy: Don't WARN for PHY_READY state in mdio_bus_phy_resume()
    - net: moxa: get rid of asymmetry in DMA mapping/unmapping
    - bonding: 802.3ad: fix no transmission of LACPDUs
    - net: ipvtap - add __init/__exit annotations to module init/exit funcs
    - netfilter: ebtables: reject blobs that don't provide all entry points
    - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
    - netfilter: nf_tables: disallow updates of implicit chain
    - netfilter: nf_tables: make table handle allocation per-netns friendly
    - netfilter: nft_payload: report ERANGE for too long offset and length
    - netfilter: nft_payload: do not truncate csum_offset and csum_type
    - netfilter: nf_tables: do not leave chain stats enabled on error
    - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
    - netfilter: nft_tunnel: restrict it to netdev family
    - netfilter: nf_tables: consolidate rule verdict trace call
    - netfilter: nft_cmp: optimize comparison for 16-bytes
    - netfilter: bitwise: improve error goto labels
    - netfilter: nf_tables: upfront validation of data via nft_data_init()
    - netfilter: nf_tables: disallow jump to implicit chain from set element
    - netfilter: nf_tables:

Source diff to previous version
1980621 Fix blank screen on Thinkpad ADL 4K+ panel
1992484 Kernel regresses openjdk on riscv64
1983656 iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
1965927 [Ubuntu 22.04] mpt3sas: Request to include latest bug fix patches
1990985 ACPI: processor idle: Practically limit \
1990920 Fix resume on AMD platforms when TBT monitor is plugged
1987998 LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot
1989578 Add HDMI codec ID for Intel Raptor Lake
1991717 Jammy update: v5.15.64 upstream stable release
1990564 Jammy update: v5.15.63 upstream stable release
1990554 Jammy update: v5.15.62 upstream stable release
1990162 Jammy update: v5.15.61 upstream stable release
CVE-2022-3028 A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurr
CVE-2022-2978 A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following c
CVE-2022-40768 drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecomman

Version: 5.15.0-52.58 2022-10-18 20:07:53 UTC

  linux (5.15.0-52.58) jammy; urgency=medium

  * CVE-2022-2602
    - SAUCE: io_uring/af_unix: defer registered files gc to io_uring release
    - SAUCE: io_uring/af_unix: fix memleak during unix GC

  * CVE-2022-41674
    - mac80211: move CRC into struct ieee802_11_elems
    - mac80211: mlme: find auth challenge directly
    - mac80211: mesh: clean up rx_bcn_presp API
    - mac80211: always allocate struct ieee802_11_elems
    - mac80211: fix memory leaks with element parsing
    - SAUCE: wifi: cfg80211: fix u8 overflow in
      cfg80211_update_notlisted_nontrans()
    - SAUCE: wifi: cfg80211/mac80211: reject bad MBSSID elements
    - SAUCE: wifi: cfg80211: ensure length byte is present before access
    - SAUCE: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - SAUCE: wifi: cfg80211: update hidden BSSes to avoid WARN_ON

  * CVE-2022-42722
    - SAUCE: wifi: mac80211: fix crash in beacon protection for P2P-device

  * CVE-2022-42721
    - SAUCE: wifi: cfg80211: avoid nontransmitted BSS list corruption

  * CVE-2022-42720
    - SAUCE: wifi: cfg80211: fix BSS refcounting bugs

  * CVE-2022-42719
    - SAUCE: wifi: mac80211: fix MBSSID parsing use-after-free

 -- Stefan Bader <email address hidden> Thu, 13 Oct 2022 09:40:20 +0200

CVE-2022-2602 io_uring/af_unix: defer registered files gc to io_uring release
CVE-2022-41674 An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_i
CVE-2022-42722 In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer
CVE-2022-42721 A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (a
CVE-2022-42720 Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local
CVE-2022-42719 A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by atta



About   -   Send Feedback to @ubuntu_updates