UbuntuUpdates.org

Package "linux-oem-6.0"

Name: linux-oem-6.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 6.0.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.0.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.0.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.0.0 on 64 bit x86 SMP
Latest version: 6.0.0-1021.21
Release: jammy (22.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux-oem-6.0" in Jammy

Repository Area Version
security main 6.0.0-1021.21
PPA: Canonical Kernel Team 6.0.0-1018.18

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.0.0-1016.16 2023-05-18 05:07:18 UTC

  linux-oem-6.0 (6.0.0-1016.16) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1016.16 -proposed tracker (LP: #2016550)

  * both dell_backlight and nvidia_0 backlight interface appear, and can't
    adjust the display brightness (LP: #2017774)
    - ACPI: video: Add acpi_video_backlight_use_native() helper
    - ACPI: video: Drop backlight_device_get_by_type() call from
      acpi_video_get_backlight_type()
    - ACPI: video: Refactor acpi_video_get_backlight_type() a bit
    - ACPI: video: Make acpi_video_backlight_use_native() always return true
    - ACPI: video: Simplify __acpi_video_get_backlight_type()
    - ACPI: video: Prefer native over vendor

  * CVE-2022-4139
    - drm/i915: fix TLB invalidation for Gen12 video and compute engines

 -- Timo Aaltonen <email address hidden> Thu, 27 Apr 2023 13:15:34 +0300
Source diff to previous version
2017774 both dell_backlight and nvidia_0 backlight interface appear, and can't adjust the display brightness
CVE-2022-4139 An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. T

Version: 6.0.0-1015.15 2023-05-10 03:07:11 UTC

  linux-oem-6.0 (6.0.0-1015.15) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1015.15 -proposed tracker (LP: #2016822)

  * CVE-2023-23455
    - net: sched: atm: dont intepret cls results when asked to drop

  * CVE-2023-26545
    - net: mpls: fix stale pointer if allocation fails during device rename

  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

  * CVE-2023-1859
    - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
      condition

  * CVE-2023-0468
    - io_uring: update res mask in io_poll_check_events
    - io_uring: fix tw losing poll events
    - io_uring: cmpxchg for poll arm refs release
    - io_uring: make poll refs more robust
    - io_uring/poll: fix poll_refs race with cancelation

  * CVE-2023-0386
    - ovl: fail on invalid uid/gid mapping at copy up

  * Miscellaneous Ubuntu changes
    - [Config] Update gcc version

 -- Timo Aaltonen <email address hidden> Tue, 18 Apr 2023 16:01:23 +0300
Source diff to previous version
CVE-2023-23455 atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-
CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a
CVE-2023-0468 A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition o
CVE-2023-0386 A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s

Version: 6.0.0-1014.14 2023-04-18 12:07:54 UTC

  linux-oem-6.0 (6.0.0-1014.14) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1014.14 -proposed tracker (LP: #2011920)

  * CVE-2022-4382
    - USB: gadgetfs: Fix race between mounting and unmounting

  * CVE-2023-23559
    - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid

  * CVE-2023-1118
    - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()

  * CVE-2023-26605
    - fs: do not update freeing inode i_io_list

  * CVE-2023-26607
    - ntfs: fix out-of-bounds read in ntfs_attr_find()

  * CVE-2022-36280
    - drm/vmwgfx: Validate the box size for the snooped cursor

  * CVE-2023-1074
    - sctp: fail if no bound addresses can be used for a given scope

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update Ubuntu.md
    - [Packaging] update update.conf

 -- Manuel Diewald <email address hidden> Fri, 31 Mar 2023 17:29:02 +0200
Source diff to previous version
1786013 Packaging resync
CVE-2022-4382 A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a
CVE-2023-23559 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2023-1118 A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user
CVE-2023-26605 In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid.
CVE-2023-26607 In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2022-36280 An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel
CVE-2023-1074 A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networki

Version: 6.0.0-1013.13 2023-03-27 13:07:14 UTC

  linux-oem-6.0 (6.0.0-1013.13) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1013.13 -proposed tracker (LP: #2008351)

  * CVE-2023-1281
    - net/sched: tcindex: update imperfect hash filters respecting rcu

  * CVE-2023-1032
    - net: avoid double iput when sock_alloc_file fails

  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest

  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS

  * Fix HFP mSBC support on Realtek Bluetooth USB controller (LP: #2007331)
    - Bluetooth: btrtl: Add btrealtek data struct
    - Bluetooth: btusb: Ignore zero length of USB packets on ALT 6 for specific
      chip

 -- Timo Aaltonen <email address hidden> Thu, 16 Mar 2023 17:59:47 +0200
Source diff to previous version
1814234 rtcpie in timers from ubuntu_kernel_selftests randomly failing
CVE-2023-1281 RESERVED
CVE-2023-1032 RESERVED
CVE-2022-2196 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 du

Version: 6.0.0-1012.12 2023-03-02 00:06:54 UTC

  linux-oem-6.0 (6.0.0-1012.12) jammy; urgency=medium

  * jammy/linux-oem-6.0: 6.0.0-1012.12 -proposed tracker (LP: #2004348)

  * CVE-2023-0469
    - io_uring/filetable: fix file reference underflow

  * LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot (LP: #1987998)
    - SAUCE: LSM: Change Landlock from LSMBLOB_NEEDED to LSMBLOB_NOT_NEEDED

  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()

  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets

  * CVE-2022-3567
    - ipv6: Fix data races around sk->sk_prot.

  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow

  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

  * CVE-2022-43945
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()

  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP

  * Expose built-in trusted and revoked certificates (LP: #1996892)
    - [Packaging] Expose built-in trusted and revoked certificates

 -- Timo Aaltonen <email address hidden> Fri, 10 Feb 2023 12:37:27 +0200
1987998 LSM: Configuring Too Many LSMs Causes Kernel Panic on Boot
1996892 Expose built-in trusted and revoked certificates
CVE-2023-0469 A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup
CVE-2022-47520 An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e
CVE-2022-20369 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation
CVE-2023-0461 RESERVED


About   -   Send Feedback to @ubuntu_updates