UbuntuUpdates.org

Package "linux-nvidia-tegra"

Name: linux-nvidia-tegra

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0
  • Header files related to Linux kernel version 5.15.0

Latest version: 5.15.0-1041.41
Release: jammy (22.04)
Level: updates
Repository: universe

Links



Other versions of "linux-nvidia-tegra" in Jammy

Repository Area Version
security universe 5.15.0-1041.41
proposed universe 5.15.0-1041.41

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.15.0-1041.41 2025-07-17 01:07:38 UTC

  linux-nvidia-tegra (5.15.0-1041.41) jammy; urgency=medium

  * jammy/linux-nvidia-tegra: 5.15.0-1041.41 -proposed tracker (LP: #2114552)

  [ Ubuntu-realtime: 5.15.0-1088.97 ]

  * jammy/linux-realtime: 5.15.0-1088.97 -proposed tracker (LP: #2114556)
  [ Ubuntu: 5.15.0-144.157 ]
  * jammy/linux: 5.15.0-144.157 -proposed tracker (LP: #2114581)
  * cifs: NULL pointer dereference in refresh_cache_worker (LP: #2112440)
    - cifs: fix NULL ptr dereference in refresh_mounts()
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581)
    - platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection
    - tracing: probes: Fix a possible race in trace_probe_log APIs
    - iio: adc: ad7768-1: Fix insufficient alignment of timestamp.
    - iio: chemical: sps30: use aligned_s64 for timestamp
    - RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug
    - nfs: handle failure of nfs_get_lock_context in unlock path
    - spi: loopback-test: Do not split 1024-byte hexdumps
    - net: cadence: macb: Fix a possible deadlock in macb_halt_tx.
    - net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING
    - ALSA: sh: SND_AICA should depend on SH_DMA_API
    - qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd()
    - NFSv4/pnfs: Reset the layout state after a layoutreturn
    - x86,nospec: Simplify {JMP,CALL}_NOSPEC
    - x86/speculation: Simplify and make CALL_NOSPEC consistent
    - x86/speculation: Add a conditional CS prefix to CALL_NOSPEC
    - x86/speculation: Remove the extra #ifdef around CALL_NOSPEC
    - Documentation: x86/bugs/its: Add ITS documentation
    - x86/its: Enumerate Indirect Target Selection (ITS) bug
    - x86/its: Add support for ITS-safe indirect thunk
    - [Config] enable ITS mitigation
    - x86/alternative: Optimize returns patching
    - x86/alternatives: Remove faulty optimization
    - x86/its: Add support for ITS-safe return thunk
    - x86/its: Enable Indirect Target Selection mitigation
    - x86/its: Add "vmexit" option to skip mitigation on some CPUs
    - x86/its: Align RETs in BHB clear sequence to avoid thunking
    - x86/its: Use dynamic thunks for indirect branches
    - x86/its: Fix build errors when CONFIG_MODULES=n
    - x86/its: FineIBT-paranoid vs ITS
    - dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when
      interrupted"
    - btrfs: fix discard worker infinite loop after disabling discard
    - ACPI: PPTT: Fix processor subtable walk
    - ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2()
    - ALSA: usb-audio: Add sample rate quirk for Audioengine D1
    - ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera
    - ftrace: Fix preemption accounting for stacktrace trigger command
    - ftrace: Fix preemption accounting for stacktrace filter command
    - tracing: samples: Initialize trace_array_printk() with the correct
      function
    - phy: Fix error handling in tegra_xusb_port_init
    - phy: renesas: rcar-gen3-usb2: Set timing registers only once
    - wifi: mt76: disable napi on driver removal
    - dmaengine: ti: k3-udma: Add missing locking
    - dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure
      instead of a local copy
    - dmaengine: idxd: fix memory leak in error handling path of
      idxd_setup_engines
    - dmaengine: idxd: fix memory leak in error handling path of
      idxd_setup_groups
    - block: fix direct io NOWAIT flag not work
    - clocksource/i8253: Use raw_spinlock_irqsave() in
      clockevent_i8253_disable()
    - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    - selftests/mm: compaction_test: support platform with huge mount of
      memory
    - netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx
    - netfilter: nf_tables: wait for rcu grace period on net_device removal
    - netfilter: nf_tables: do not defer rule destruction via call_rcu
    - x86/modules: Set VM_FLUSH_RESET_PERMS in module_alloc()
    - Linux 5.15.184
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2022-49063
    - ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2022-49168
    - btrfs: do not clean up repair bio if submit fails
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2024-46751
    - btrfs: don't BUG_ON() when 0 reference count at
      btrfs_lookup_extent_info()
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2025-22062
    - sctp: add mutual exclusion in proc_sctp_do_udp_port()
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2024-53203
    - usb: typec: fix potential array underflow in ucsi_ccg_sync_control()
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2024-35790
    - usb: typec: altmodes/displayport: create sysfs nodes as driver's default
      device attribute group
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2025-37967
    - usb: typec: ucsi: displayport: Fix deadlock
  * Jammy update: v5.15.184 upstream stable release (LP: #2112581) //
    CVE-2025-37992
    - net_sched: Flush gso_skb list too during ->change()
  * Mounting btrfs LVM volumes changes mountpoint location and breaks lsblk
    output (LP: #2107516)
    - SAUCE: Revert "btrfs: avoid unnecessary device path update for the same
      device"
  * Jammy update: v5.15.183 upstream stable release (LP: #2111705)
    - can: mcan: m_can_class_unregister(): fix order of unregistration calls
    - can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls
    - openvswitch: Fix unsafe attribute parsing in output_userspace()
    - gre: Fix again IPv6 link-local address generation.
    - can: gw: use call_rcu() instead of costly synchronize_rcu()
    - rcu/kvfree: Add kvfree_rcu_mightsleep() and kfree_rcu_mightsleep()
    - can: gw: fix RCU/BH usage in

Source diff to previous version
2112440 cifs: NULL pointer dereference in refresh_cache_worker
2112581 Jammy update: v5.15.184 upstream stable release
2107516 Mounting btrfs LVM volumes changes mountpoint location and breaks lsblk output
2111705 Jammy update: v5.15.183 upstream stable release
2111618 Jammy update: v5.15.182 upstream stable release
2111606 Jammy update: v5.15.181 upstream stable release
1786013 Packaging resync
CVE-2022-49063 In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots tri
CVE-2022-49168 In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always
CVE-2024-46751 In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Inst
CVE-2025-22062 In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls t
CVE-2024-53203 In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "comma
CVE-2024-35790 In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device
CVE-2025-37967 In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix deadlock This patch introduces the ucsi_con_
CVE-2025-37992 In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a
CVE-2025-37949 In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fau
CVE-2025-37969 In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo Preven
CVE-2025-37970 In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo Prevent st_ls
CVE-2025-37964 In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr:
CVE-2022-21546 In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC s
CVE-2025-37819 In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in pla
CVE-2025-37905 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Balance device refcount when destroying devices Using devic
CVE-2024-38541 In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the
CVE-2025-37909 In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS
CVE-2025-37911 In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix out-of-bound memcpy() during ethtool -w When retrieving the FW cor
CVE-2025-37912 In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() As mentioned in the c
CVE-2025-37913 In the Linux kernel, the following vulnerability has been resolved: net_sched: qfq: Fix double list add in class with netem as child qdisc As descr
CVE-2025-37914 In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As descr
CVE-2025-37915 In the Linux kernel, the following vulnerability has been resolved: net_sched: drr: Fix double list add in class with netem as child qdisc As descr
CVE-2024-26739 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we'r
CVE-2025-21839 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move
CVE-2025-37923 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in trace_seq_to_buffer() syzbot reported this bug: =====
CVE-2025-37927 In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a strin
CVE-2025-37990 In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() The fun
CVE-2025-37991 In the Linux kernel, the following vulnerability has been resolved: parisc: Fix double SIGFPE crash Camm noticed that on parisc a SIGFPE exception
CVE-2025-37930 In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly desi
CVE-2024-49989 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible end
CVE-2025-37803 In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_
CVE-2025-37983 In the Linux kernel, the following vulnerability has been resolved: qibfs: fix _another_ leak failure to allocate inode => leaked dentry... this o
CVE-2025-37881 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() The variable
CVE-2025-37805 In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancel_sync warnings on uninitialized work_structs Betty repo
CVE-2025-37883 In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of ge
CVE-2025-37808 In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be free
CVE-2025-37985 In the Linux kernel, the following vulnerability has been resolved: USB: wdm: close race between wdm_open and wdm_wwan_port_stop Clearing WDM_WWAN_
CVE-2025-37810 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length T
CVE-2025-37811 In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device
CVE-2025-37812 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NC
CVE-2025-37885 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an I
CVE-2025-37817 In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), i
CVE-2025-37823 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the pre
CVE-2025-37797 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a U
CVE-2025-37824 In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported:
CVE-2025-37989 In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an ou
CVE-2025-37829 In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_ra
CVE-2025-37830 In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_ra
CVE-2025-37836 In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fail
CVE-2025-37844 In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies serv
CVE-2025-23144 In the Linux kernel, the following vulnerability has been resolved: backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() Lockde
CVE-2025-23148 In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() so
CVE-2025-22027 In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkal
CVE-2024-50125 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/f
CVE-2022-49535 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
CVE-2024-35943 In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init devm_kasprin
CVE-2024-26686 In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
CVE-2022-48893 In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Cleanup partial engine discovery failures If we abort driver initi
CVE-2024-50280 In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpec
CVE-2024-54458 In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not ca
CVE-2024-42322 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve s
CVE-2024-49960 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug i
CVE-2024-36908 In the Linux kernel, the following vulnerability has been resolved: blk-iocost: do not WARN if iocg was already offlined In iocg_pay_debt(), warn i
CVE-2025-21853 In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex
CVE-2024-53128 In the Linux kernel, the following vulnerability has been resolved: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFI
CVE-2024-35867 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are
CVE-2023-52757 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() calle
CVE-2024-46742 In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() null-
CVE-2023-52572 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs
CVE-2024-35866 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are b
CVE-2024-46816 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
CVE-2024-46774 In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns
CVE-2024-38540 In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined
CVE-2024-27402 In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skb_queue_empty() use The receive queues are protected by
CVE-2024-50272 In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->
CVE-2024-50258 In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small
CVE-2024-56751 In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup
CVE-2025-23140 In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq e
CVE-2025-37765 In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttm_bo_delayed_delete oops Fix an oops in ttm_bo_delaye
CVE-2025-37766 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed
CVE-2025-37767 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed
CVE-2025-37768 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed
CVE-2025-37770 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed
CVE-2025-37771 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed
CVE-2025-37773 In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for ex
CVE-2025-37780 In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Re
CVE-2025-37781 In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-t
CVE-2025-0927 hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
CVE-2025-37871 In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning
CVE-2025-37787 In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never regist
CVE-2025-37788 In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path In the for lo
CVE-2025-37789 In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not
CVE-2025-37790 In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socke
CVE-2025-37875 In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit wh
CVE-2025-37792 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtl_initialize() fun
CVE-2025-37867 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Silence oversized kvmalloc() warning syzkaller triggered an oversize
CVE-2025-37982 In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251_tx_work The skb dequeued from tx_queue
CVE-2025-37794 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211_do_stop() After ieee80211_do_stop()
CVE-2025-37796 In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use after free access in at76_disconnect The memory pointed
CVE-2025-37838 In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due t
CVE-2025-37940 In the Linux kernel, the following vulnerability has been resolved: ftrace: Add cond_resched() to ftrace_graph_set_hash() When the kernel contains
CVE-2025-23142 In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctp_sendms
CVE-2025-37892 In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(),
CVE-2025-23145 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark
CVE-2025-23146 In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fix a potential NULL pointer dereference The off_gpios could b
CVE-2025-37839 In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by
CVE-2025-23147 In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3c_master_queue_ibi() The I3C master driver may
CVE-2025-23150 In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issu
CVE-2025-23151 In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fix race between unprepare and queue_buf A client driver may us
CVE-2025-23156 In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes
CVE-2025-23157 In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a pos
CVE-2025-37840 In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: fix PM resume warning Fixed warning on PM resume as sho
CVE-2025-23158 In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents si
CVE-2025-23159 In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr->buf_size is in
CVE-2025-37850 In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMP
CVE-2025-37851 In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended
CVE-2025-23161 In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI co
CVE-2025-23163 In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there i
CVE-2025-37857 In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parm
CVE-2025-37738 In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we shou
CVE-2025-37739 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() syzbot
CVE-2025-37740 In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is
CVE-2025-37741 In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a dead
CVE-2025-37858 In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calc
CVE-2025-37742 In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount() function syzbot
CVE-2025-37859 In the Linux kernel, the following vulnerability has been resolved: page_pool: avoid infinite loop to schedule delayed worker We noticed the kworke
CVE-2025-37862 In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function tri
CVE-2025-37841 In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc retur
CVE-2025-37749 In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have eno
CVE-2025-37756 In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconne
CVE-2025-37757 In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for
CVE-2025-37758 In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_i
CVE-2024-53051 In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during
CVE-2024-46787 In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races arou
CVE-2025-37890 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As
CVE-2025-37997 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in
CVE-2025-37798 In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making
CVE-2025-37750 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694
CVE-2024-53185 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.
CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read)

Version: 5.15.0-1040.40 2025-07-07 23:07:10 UTC

  linux-nvidia-tegra (5.15.0-1040.40) jammy; urgency=medium

  * jammy/linux-nvidia-tegra: 5.15.0-1040.40 -proposed tracker (LP: #2114372)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu-realtime: 5.15.0-1087.96 ]

  * jammy/linux-realtime: 5.15.0-1087.96 -proposed tracker (LP: #2114376)
  [ Ubuntu: 5.15.0-143.153 ]
  * jammy/linux: 5.15.0-143.153 -proposed tracker (LP: #2114401)
  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - [Packaging] update annotations scripts
  * CVE-2024-53051
    - drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
  * CVE-2024-46787
    - userfaultfd: fix checks for huge PMDs
  * CVE-2025-37890
    - net_sched: hfsc: Fix a UAF vulnerability in class with netem as child
      qdisc
    - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
    - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
  * CVE-2025-37997
    - netfilter: ipset: fix region locking in hash types
  * CVE-2025-37798
    - sch_htb: make htb_qlen_notify() idempotent
    - sch_htb: make htb_deactivate() idempotent
    - sch_drr: make drr_qlen_notify() idempotent
    - sch_hfsc: make hfsc_qlen_notify() idempotent
    - sch_qfq: make qfq_qlen_notify() idempotent
    - sch_ets: make est_qlen_notify() idempotent
    - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
  * CVE-2025-37750
    - smb: client: fix UAF in decryption with multichannel
  * CVE-2024-53185
    - smb: client: fix NULL ptr deref in crypto_aead_setkey()
  * CVE-2024-50047
    - smb: client: fix UAF in async decryption

 -- Noah Wager <email address hidden> Wed, 25 Jun 2025 09:34:20 -0600

Source diff to previous version
1786013 Packaging resync
CVE-2024-53051 In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during
CVE-2024-46787 In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races arou
CVE-2025-37890 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As
CVE-2025-37997 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in
CVE-2025-37798 In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making
CVE-2025-37750 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694
CVE-2024-53185 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.
CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read)

Version: 5.15.0-1039.39 2025-06-19 18:09:00 UTC

  linux-nvidia-tegra (5.15.0-1039.39) jammy; urgency=medium

  * jammy/linux-nvidia-tegra: 5.15.0-1039.39 -proposed tracker (LP: #2110800)

  [ Ubuntu: 5.15.0-1086.95 ]

  * jammy/linux-realtime: 5.15.0-1086.95 -proposed tracker (LP: #2110804)
  * Jammy real-time patch set update: v5.15.183-rt85 (LP: #2111843)
    - rcu/tree: Protect rcu_rdp_is_offloaded() invocations on RT
    - sched: Introduce migratable()
    - arm64: mm: Make arch_faults_on_old_pte() check for migratability
    - printk: rename printk cpulock API and always disable interrupts
    - console: add write_atomic interface
    - kdb: only use atomic consoles for output mirroring
    - serial: 8250: implement write_atomic
    - printk: relocate printk_delay()
    - printk: call boot_delay_msec() in printk_delay()
    - printk: use seqcount_latch for console_seq
    - printk: introduce kernel sync mode
    - printk: move console printing to kthreads
    - printk: add console handover
    - printk: add pr_flush()
    - printk: Enhance the condition check of msleep in pr_flush()
    - sched: Switch wait_task_inactive to HRTIMER_MODE_REL_HARD
    - kthread: Move prio/affinite change into the newly created thread
    - genirq: Move prio assignment into the newly created thread
    - genirq: Disable irqfixup/poll on PREEMPT_RT.
    - efi: Allow efi=runtime
    - mm: Disable zsmalloc on PREEMPT_RT
    - net/core: disable NET_RX_BUSY_POLL on PREEMPT_RT
    - samples/kfifo: Rename read_lock/write_lock
    - crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()
    - mm: Allow only SLUB on PREEMPT_RT
    - mm: page_alloc: Use migrate_disable() in drain_local_pages_wq()
    - mm/scatterlist: Replace the !preemptible warning in sg_miter_stop()
    - mm: Disable NUMA_BALANCING_DEFAULT_ENABLED and TRANSPARENT_HUGEPAGE on
      PREEMPT_RT
    - x86/softirq: Disable softirq stacks on PREEMPT_RT
    - Documentation/kcov: Include types.h in the example.
    - Documentation/kcov: Define `ip' in the example.
    - kcov: Allocate per-CPU memory on the relevant node.
    - kcov: Avoid enable+disable interrupts if !in_task().
    - kcov: Replace local_irq_save() with a local_lock_t.
    - net/sched: sch_ets: properly init all active DRR list handles
    - gen_stats: Add instead Set the value in __gnet_stats_copy_basic().
    - gen_stats: Add gnet_stats_add_queue().
    - mq, mqprio: Use gnet_stats_add_queue().
    - gen_stats: Move remaining users to gnet_stats_add_queue().
    - u64_stats: Introduce u64_stats_set()
    - net: sched: Protect Qdisc::bstats with u64_stats
    - net: sched: Use _bstats_update/set() instead of raw writes
    - net: sched: Merge Qdisc::bstats and Qdisc::cpu_bstats data types
    - net: sched: Remove Qdisc::running sequence counter
    - net: sched: Allow statistics reads from softirq.
    - net: sched: fix logic error in qdisc_run_begin()
    - net: sched: remove one pair of atomic operations
    - net: stats: Read the statistics in ___gnet_stats_copy_basic() instead of
      adding.
    - net: sched: gred: dynamically allocate tc_gred_qopt_offload
    - sched/rt: Annotate the RT balancing logic irqwork as IRQ_WORK_HARD_IRQ
    - irq_work: Allow irq_work_sync() to sleep if irq_work() no IRQ support.
    - irq_work: Handle some irq_work in a per-CPU thread on PREEMPT_RT
    - irq_work: Also rcuwait for !IRQ_WORK_HARD_IRQ on PREEMPT_RT
    - irq_poll: Use raise_softirq_irqoff() in cpu_dead notifier
    - smp: Wake ksoftirqd on PREEMPT_RT instead do_softirq().
    - fs/namespace: Boost the mount_lock.lock owner instead of spinning on
      PREEMPT_RT.
    - fscache: Use only one fscache_object_cong_wait.
    - sched: Clean up the might_sleep() underscore zoo
    - sched: Make cond_resched_*lock() variants consistent vs. might_sleep()
    - sched: Remove preempt_offset argument from __might_sleep()
    - sched: Cleanup might_sleep() printks
    - sched: Make might_sleep() output less confusing
    - sched: Make RCU nest depth distinct in __might_resched()
    - sched: Make cond_resched_lock() variants RT aware
    - locking/rt: Take RCU nesting into account for __might_resched()
    - sched: Limit the number of task migrations per batch on RT
    - sched: Disable TTWU_QUEUE on RT
    - sched: Move kprobes cleanup out of finish_task_switch()
    - sched: Delay task stack freeing on RT
    - sched: Move mmdrop to RCU on RT
    - cgroup: use irqsave in cgroup_rstat_flush_locked()
    - mm: workingset: replace IRQ-off check with a lockdep assert.
    - jump-label: disable if stop_machine() is used
    - locking: Remove rt_rwlock_is_contended()
    - lockdep/selftests: Avoid using local_lock_{acquire|release}().
    - sched: Trigger warning if ->migration_disabled counter underflows.
    - rtmutex: Add a special case for ww-mutex handling.
    - rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable().
    - lockdep: Make it RT aware
    - lockdep/selftests: Add rtmutex to the last column
    - lockdep/selftests: Unbalanced migrate_disable() & rcu_read_lock()
    - lockdep/selftests: Skip the softirq related tests on PREEMPT_RT
    - lockdep/selftests: Adapt ww-tests for PREEMPT_RT
    - locking: Allow to include asm/spinlock_types.h from
      linux/spinlock_types_raw.h
    - sched: Make preempt_enable_no_resched() behave like preempt_enable() on
      PREEMPT_RT
    - kernel/sched: add {put|get}_cpu_light()
    - block/mq: do not invoke preempt_disable()
    - md: raid5: Make raid5_percpu handling RT aware
    - scsi/fcoe: Make RT aware.
    - mm/vmalloc: Another preempt disable region which sucks
    - net: Remove preemption disabling in netif_rx()
    - sunrpc: Make svc_xprt_do_enqueue() use get_cpu_light()
    - softirq: Check preemption after reenabling interrupts
    - mm/memcontrol: Disable on PREEMPT_RT
    - signal: Revert ptrace preempt magic
    - ptrace: fix ptrace vs tasklist_lock race
    - fs/dcache: use swait_queue instead of waitqueue
    - fs/dcache: disable preemption

Source diff to previous version
2111843 Jammy real-time patch set update: v5.15.183-rt85
2111244 Rotate the Canonical Livepatch key
2109537 Jammy generic-64k fails to initialize gVNIC devices
2109601 [UBUNTU 22.04] net/smc: fix neighbour and rtable leak in smc_ib_find_route()
2109355 Jammy update: v5.15.180 upstream stable release
2097389 VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
2075575 kexec fails in LPAR when some cpus are disabled
1786013 Packaging resync
CVE-2025-2312 A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to th
CVE-2024-36945 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route() In smc_ib_find_ro
CVE-2025-22025 In the Linux kernel, the following vulnerability has been resolved: nfsd: put dl_stid if fail to queue dl_recall Before calling nfsd4_run_cb to que
CVE-2025-39735 In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in ea_get() During the "size_check" label in e
CVE-2025-37785 In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem wit
CVE-2025-22035 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix use-after-free in print_graph_function_flags during tracer switchin
CVE-2025-22044 In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a
CVE-2025-22045 In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the followin
CVE-2024-46753 In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(
CVE-2025-22050 In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical P
CVE-2024-46812 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration
CVE-2024-46821 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for c
CVE-2025-22054 In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pci_probe() devm_kasprintf() returns NULL whe
CVE-2025-22055 In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length
CVE-2025-22056 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling mul
CVE-2025-22060 In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM
CVE-2025-38637 In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implem
CVE-2025-22063 In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When cal
CVE-2025-22066 In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NUL
CVE-2023-53034 In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There i
CVE-2025-22071 In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufs_create_context() Leak fixes back in 2008 missed one
CVE-2025-22073 In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir()
CVE-2025-21994 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for num_aces field of smb_acl parse_dcal() vali
CVE-2025-38575 In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free(
CVE-2025-22075 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0
CVE-2025-22079 In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate l_tree_depth to avoid out-of-bounds access The l_tree_depth fie
CVE-2025-22081 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the
CVE-2025-22086 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in or
CVE-2025-22089 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f43
CVE-2025-39728 In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsung_clk_init() With UBSAN_ARRAY_BOUNDS=y,
CVE-2025-38152 In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear table_sz when rproc_shutdown There is case as below cou
CVE-2024-58093 In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 45
CVE-2025-22097 In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initia
CVE-2025-23136 In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companio
CVE-2025-23138 In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() mod
CVE-2025-22020 In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This f
CVE-2025-22021 In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does th
CVE-2025-22018 In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg
CVE-2024-56664 In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (wit
CVE-2024-53144 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/ED
CVE-2024-8805 BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to exec
CVE-2025-21996 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() On the off ch
CVE-2025-22014 In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdr_
CVE-2025-21999 In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode
CVE-2025-22008 In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to as
CVE-2025-22004 In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so
CVE-2025-22005 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_
CVE-2025-22007 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() functi
CVE-2025-22010 In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allo
CVE-2025-21941 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scal
CVE-2025-21962 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provid
CVE-2025-21963 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided
CVE-2025-21964 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided
CVE-2025-21968 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-fr
CVE-2025-21956 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign normalized_pix_clk when color depth = 14 [WHY & HOW] A
CVE-2025-21991 In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Curren
CVE-2025-21992 In the Linux kernel, the following vulnerability has been resolved: HID: ignore non-functional sensor in HP 5MP Camera The HP 5MP Camera (USB ID 04
CVE-2025-21957 In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops
CVE-2025-21970 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG dev
CVE-2025-21959 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tr
CVE-2025-21975 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_tab
CVE-2025-21981 In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS (accelerated Receive Flow Ste
CVE-2022-49728 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data Resurrect ubsan overflow
CVE-2022-49636 In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlan_newlink() Blamed commit added back a bug I fixed
CVE-2024-56608 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An iss
CVE-2024-53168 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-u
CVE-2024-56551 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-

Version: 5.15.0-1038.38 2025-06-02 18:09:01 UTC

  linux-nvidia-tegra (5.15.0-1038.38) jammy; urgency=medium

  * jammy/linux-nvidia-tegra: 5.15.0-1038.38 -proposed tracker (LP: #2111023)

  [ Ubuntu: 5.15.0-1085.94 ]

  * jammy/linux-realtime: 5.15.0-1085.94 -proposed tracker (LP: #2111027)
  * jammy/linux: 5.15.0-141.151 -proposed tracker (LP: #2111052)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2024-56608
    - drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
  * CVE-2024-53168
    - net: make sock_inuse_add() available
    - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket
  * CVE-2024-56551
    - drm/amdgpu: fix usage slab after free

 -- Noah Wager <email address hidden> Tue, 27 May 2025 07:51:38 -0700

Source diff to previous version
1786013 Packaging resync
CVE-2024-56608 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An iss
CVE-2024-53168 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-u
CVE-2024-56551 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-

Version: 5.15.0-1037.37 2025-05-19 17:07:39 UTC

  linux-nvidia-tegra (5.15.0-1037.37) jammy; urgency=medium

  * jammy/linux-nvidia-tegra: 5.15.0-1037.37 -proposed tracker (LP: #2106954)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.nvidia-tegra/dkms-versions -- update from kernel-versions
      (main/2025.04.14)

  * apply NVIDIA patches May 6, 2025 (LP: #2110073)
    - NVIDIA: SAUCE: arm64: defconfig: set configs for AI-RAN
    - [Config] nvidia-tegra: set configs for AI-RAN

  [ Ubuntu: 5.15.0-1084.93 ]

  * jammy/linux-realtime: 5.15.0-1084.93 -proposed tracker (LP: #2106957)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.realtime/dkms-versions -- update from kernel-versions
      (main/2025.04.14)
  * Jammy real-time patch set update: v5.15.179-rt84 (LP: #2109976)
    - rcu/tree: Protect rcu_rdp_is_offloaded() invocations on RT
    - sched: Introduce migratable()
    - arm64: mm: Make arch_faults_on_old_pte() check for migratability
    - printk: rename printk cpulock API and always disable interrupts
    - console: add write_atomic interface
    - kdb: only use atomic consoles for output mirroring
    - serial: 8250: implement write_atomic
    - printk: relocate printk_delay()
    - printk: call boot_delay_msec() in printk_delay()
    - printk: use seqcount_latch for console_seq
    - printk: introduce kernel sync mode
    - printk: move console printing to kthreads
    - printk: add console handover
    - printk: add pr_flush()
    - printk: Enhance the condition check of msleep in pr_flush()
    - sched: Switch wait_task_inactive to HRTIMER_MODE_REL_HARD
    - kthread: Move prio/affinite change into the newly created thread
    - genirq: Move prio assignment into the newly created thread
    - genirq: Disable irqfixup/poll on PREEMPT_RT.
    - efi: Allow efi=runtime
    - mm: Disable zsmalloc on PREEMPT_RT
    - net/core: disable NET_RX_BUSY_POLL on PREEMPT_RT
    - samples/kfifo: Rename read_lock/write_lock
    - crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()
    - mm: Allow only SLUB on PREEMPT_RT
    - mm: page_alloc: Use migrate_disable() in drain_local_pages_wq()
    - mm/scatterlist: Replace the !preemptible warning in sg_miter_stop()
    - mm: Disable NUMA_BALANCING_DEFAULT_ENABLED and TRANSPARENT_HUGEPAGE on
      PREEMPT_RT
    - x86/softirq: Disable softirq stacks on PREEMPT_RT
    - Documentation/kcov: Include types.h in the example.
    - Documentation/kcov: Define `ip' in the example.
    - kcov: Allocate per-CPU memory on the relevant node.
    - kcov: Avoid enable+disable interrupts if !in_task().
    - kcov: Replace local_irq_save() with a local_lock_t.
    - net/sched: sch_ets: properly init all active DRR list handles
    - gen_stats: Add instead Set the value in __gnet_stats_copy_basic().
    - gen_stats: Add gnet_stats_add_queue().
    - mq, mqprio: Use gnet_stats_add_queue().
    - gen_stats: Move remaining users to gnet_stats_add_queue().
    - u64_stats: Introduce u64_stats_set()
    - net: sched: Protect Qdisc::bstats with u64_stats
    - net: sched: Use _bstats_update/set() instead of raw writes
    - net: sched: Merge Qdisc::bstats and Qdisc::cpu_bstats data types
    - net: sched: Remove Qdisc::running sequence counter
    - net: sched: Allow statistics reads from softirq.
    - net: sched: fix logic error in qdisc_run_begin()
    - net: sched: remove one pair of atomic operations
    - net: stats: Read the statistics in ___gnet_stats_copy_basic() instead of
      adding.
    - net: sched: gred: dynamically allocate tc_gred_qopt_offload
    - sched/rt: Annotate the RT balancing logic irqwork as IRQ_WORK_HARD_IRQ
    - irq_work: Allow irq_work_sync() to sleep if irq_work() no IRQ support.
    - irq_work: Handle some irq_work in a per-CPU thread on PREEMPT_RT
    - irq_work: Also rcuwait for !IRQ_WORK_HARD_IRQ on PREEMPT_RT
    - irq_poll: Use raise_softirq_irqoff() in cpu_dead notifier
    - smp: Wake ksoftirqd on PREEMPT_RT instead do_softirq().
    - fs/namespace: Boost the mount_lock.lock owner instead of spinning on
      PREEMPT_RT.
    - fscache: Use only one fscache_object_cong_wait.
    - sched: Clean up the might_sleep() underscore zoo
    - sched: Make cond_resched_*lock() variants consistent vs. might_sleep()
    - sched: Remove preempt_offset argument from __might_sleep()
    - sched: Cleanup might_sleep() printks
    - sched: Make might_sleep() output less confusing
    - sched: Make RCU nest depth distinct in __might_resched()
    - sched: Make cond_resched_lock() variants RT aware
    - locking/rt: Take RCU nesting into account for __might_resched()
    - sched: Limit the number of task migrations per batch on RT
    - sched: Disable TTWU_QUEUE on RT
    - sched: Move kprobes cleanup out of finish_task_switch()
    - sched: Delay task stack freeing on RT
    - sched: Move mmdrop to RCU on RT
    - cgroup: use irqsave in cgroup_rstat_flush_locked()
    - mm: workingset: replace IRQ-off check with a lockdep assert.
    - jump-label: disable if stop_machine() is used
    - locking: Remove rt_rwlock_is_contended()
    - lockdep/selftests: Avoid using local_lock_{acquire|release}().
    - sched: Trigger warning if ->migration_disabled counter underflows.
    - rtmutex: Add a special case for ww-mutex handling.
    - rtmutex: Add rt_mutex_lock_nest_lock() and rt_mutex_lock_killable().
    - lockdep: Make it RT aware
    - lockdep/selftests: Add rtmutex to the last column
    - lockdep/selftests: Unbalanced migrate_disable() & rcu_read_lock()
    - lockdep/selftests: Skip the softirq related tests on PREEMPT_RT
    - lockdep/selftests: Adapt ww-tests for PREEMPT_RT
    - locking: Allow to include asm/spinlock_types.h from
      linux/spinlock_types_raw.h
    - sched: Make preempt_enable_no_resched() behave like preempt_enable() on
      PREEMPT_RT
    - kernel/sched: add {put|get}_cpu_light()
    - block/mq: do not invoke preempt_disable()
    - md: raid5: Make raid5_percpu handling RT aware
    - scsi/fcoe: Make RT aware.
    -

1786013 Packaging resync
2110073 apply NVIDIA patches May 6, 2025
2109976 Jammy real-time patch set update: v5.15.179-rt84
2103598 NFS, overlay, fstab issue after update to kernel 5.15.0-133-generic and -134
2104326 Remove floppy kernel module causes null pointer deference
2106026 Jammy update: v5.15.179 upstream stable release
2097811 Fix bugs preventing boot on Intel TDX-enabled hosts
2104380 Build failure when CONFIG_NET_SWITCHDEV=n due to CVE-2024-26837 fix backport
2103564 nfsd hangs and never recovers after NFS4ERR_DELAY and a connection loss
2089318 kernel hard lockup in cgroups during eBPF workload
CVE-2025-21971 In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_r
CVE-2024-56599 In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod a
CVE-2024-56721 In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microc
CVE-2025-21647 In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: add bounds checks to host bulk flow fairness counts Even thoug
CVE-2024-58002 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we
CVE-2024-58079 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix crash during unbind if gpio unit is in use We used the wro
CVE-2025-21721 In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs
CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has
CVE-2025-21844 In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add chec
CVE-2024-58090 In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a
CVE-2025-21875 In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a
CVE-2025-21877 In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a w
CVE-2025-21878 In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devm_request_irq The customer re
CVE-2025-21887 In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The iss
CVE-2025-21846 In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2)
CVE-2025-21848 In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value
CVE-2025-21862 In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the followin
CVE-2025-21871 In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon a
CVE-2025-21865 In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler
CVE-2025-21858 In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after
CVE-2025-21866 In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_AL
CVE-2025-21859 In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a
CVE-2025-21823 In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate
CVE-2024-58005 In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported
CVE-2025-21748 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition op
CVE-2024-57977 In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the
CVE-2024-57978 In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Fix potential error pointer dereference in detach_pm() The pro
CVE-2024-57979 In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consis
CVE-2024-47726 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs befo
CVE-2025-21811 In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_
CVE-2025-21722 In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not force clear folio if buffer is referenced Patch series "nilfs2:
CVE-2024-58086 In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance
CVE-2025-21758 In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called wi
CVE-2025-21760 In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called
CVE-2025-21761 In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill
CVE-2025-21762 In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or
CVE-2025-21763 In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be calle
CVE-2025-21764 In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called
CVE-2025-21765 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu
CVE-2025-21766 In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must us
CVE-2025-21767 In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic c
CVE-2025-21772 In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in pa
CVE-2025-21704 In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fra
CVE-2025-21776 In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robe
CVE-2025-21835 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks
CVE-2025-21779 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel Ad
CVE-2025-21781 In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix panic during interface removal Reference counting is used to en
CVE-2025-21782 In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-
CVE-2024-57834 In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread syzbot report a nul
CVE-2025-21785 In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that de
CVE-2025-21787 In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat
CVE-2025-21791 In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called withou
CVE-2024-58020 In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can ret
CVE-2025-21795 In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state t
CVE-2025-21796 In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default
CVE-2025-21820 In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular
CVE-2025-21814 In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers un
CVE-2025-21735 In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a
CVE-2025-21736 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfs_fiemap() Since nilfs_bmap_lookup_co
CVE-2024-58001 In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use
CVE-2024-58007 In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 device
CVE-2025-21744 In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal o
CVE-2025-21745 In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root
CVE-2024-58076 In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-sm6350: Add missing parent_map for two clocks If a clk_rcg2 has
CVE-2024-58083 In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verif
CVE-2024-58010 In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix integer overflow bug on 32 bit systems Most of these sizes and
CVE-2025-21749 In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rose_bind() syzbot reported a soft lockup in rose
CVE-2024-57981 In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command
CVE-2025-21684 In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be calle
CVE-2024-58085 In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too la
CVE-2024-58014 In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc
CVE-2024-58016 In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a
CVE-2024-58017 In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 <<
CVE-2025-21753 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When w
CVE-2024-58055 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the c
CVE-2024-57980 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() functio
CVE-2025-21707 In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options st
CVE-2025-21708 In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports [1] encount
CVE-2025-21826 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length T
CVE-2025-21715 In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it can
CVE-2025-21718 In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the so
CVE-2025-21719 In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling
CVE-2025-21802 In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, i
CVE-2024-58058 In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free a
CVE-2024-58069 In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interfa
CVE-2025-21804 In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()
CVE-2024-58034 In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_
CVE-2024-57973 In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" varia
CVE-2025-21726 In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorder_work Although the previous patch can avoid ps and
CVE-2025-21727 In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASA
CVE-2025-21728 In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in al
CVE-2025-21711 In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rose_setsockopt() In case of possible un
CVE-2025-21799 In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()
CVE-2025-21806 In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encou
CVE-2025-21830 In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem (e.g. bcachefs) might retur
CVE-2024-58071 In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent addi
CVE-2024-58063 In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitia
CVE-2024-58072 In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Up
CVE-2024-58051 In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can retu
CVE-2024-58052 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_rang
CVE-2024-57986 In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collect
CVE-2025-21731 In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause nbd_con
CVE-2024-26837 In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before t
CVE-2023-52664 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic
CVE-2023-52927 In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_c



About   -   Send Feedback to @ubuntu_updates