UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 5.19.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.19.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.19.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 5.19.0 on 64 bit x86 SMP

Latest version: 5.19.0-29.30
Release: kinetic (22.10)
Level: security
Repository: main

Links



Other versions of "linux" in Kinetic

Repository Area Version
base main 5.19.0-21.21
updates main 5.19.0-29.30
proposed main 5.19.0-31.32
PPA: Canonical Kernel Team 5.19.0-35.36

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.19.0-29.30 2023-01-12 12:07:37 UTC

  linux (5.19.0-29.30) kinetic; urgency=medium

  * kinetic/linux: 5.19.0-29.30 -proposed tracker (LP: #1999799)

  * CVE-2022-3643
    - xen/netback: Ensure protocol headers don't fall in the non-linear area

  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow

  * CVE-2022-4378
    - proc: proc_skip_spaces() shouldn't think it is working on C strings
    - proc: avoid integer type confusion in get_proc_long

  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 04 Jan 2023 08:36:13 -0300

Source diff to previous version
CVE-2022-3643 Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux bas
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-4378 A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem ...
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma

Version: 5.19.0-28.29 2023-01-06 12:07:05 UTC

  linux (5.19.0-28.29) kinetic; urgency=medium

  * kinetic/linux: 5.19.0-28.29 -proposed tracker (LP: #1999746)

  * mm:vma05 in ubuntu_ltp fails with '[vdso] bug not patched' on kinetic/linux
    5.19.0-27.28 (LP: #1999094)
    - fix coredump breakage

Source diff to previous version
1999094 mm:vma05 in ubuntu_ltp fails with '[vdso] bug not patched' on kinetic/linux 5.19.0-27.28

Version: 5.19.0-26.27 2022-12-01 16:07:20 UTC

  linux (5.19.0-26.27) kinetic; urgency=medium

  * kinetic/linux: 5.19.0-26.27 -proposed tracker (LP: #1997434)

  * CVE-2022-3566
    - tcp: Fix data races around icsk->icsk_af_ops.

  * CVE-2022-3567
    - ipv6: Fix data races around sk->sk_prot.

  * CVE-2022-3621
    - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()

  * CVE-2022-3565
    - mISDN: fix use-after-free bugs in l1oip timer handlers

  * CVE-2022-3594
    - r8152: Rate limit overflow messages

  * CVE-2022-3564
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu

  * CVE-2022-3524
    - tcp/udp: Fix memory leak in ipv6_renew_options().

  * CVE-2022-43945
    - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
    - SUNRPC: Fix svcxdr_init_encode's buflen calculation
    - NFSD: Protect against send buffer overflow in NFSv2 READDIR
    - NFSD: Protect against send buffer overflow in NFSv3 READDIR
    - NFSD: Protect against send buffer overflow in NFSv2 READ
    - NFSD: Protect against send buffer overflow in NFSv3 READ
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 23 Nov 2022 17:21:27 -0300

Source diff to previous version
CVE-2022-3566 A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the compo
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-3621 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/
CVE-2022-3565 A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drive
CVE-2022-3594 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the f
CVE-2022-3564 A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net
CVE-2022-3524 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e

Version: 5.19.0-23.24 2022-10-25 13:06:27 UTC

  linux (5.19.0-23.24) kinetic; urgency=medium

  * CVE-2022-2602
    - SAUCE: io_uring/af_unix: defer registered files gc to io_uring release
    - SAUCE: io_uring/af_unix: fix memleak during unix GC

  * CVE-2022-41674
    - SAUCE: wifi: cfg80211: fix u8 overflow in
      cfg80211_update_notlisted_nontrans()
    - SAUCE: wifi: cfg80211/mac80211: reject bad MBSSID elements
    - SAUCE: wifi: cfg80211: ensure length byte is present before access
    - SAUCE: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - SAUCE: wifi: cfg80211: update hidden BSSes to avoid WARN_ON

  * CVE-2022-42722
    - SAUCE: wifi: mac80211: fix crash in beacon protection for P2P-device

  * CVE-2022-42721
    - SAUCE: wifi: cfg80211: avoid nontransmitted BSS list corruption

  * CVE-2022-42720
    - SAUCE: wifi: cfg80211: fix BSS refcounting bugs

  * CVE-2022-42719
    - SAUCE: wifi: mac80211: fix MBSSID parsing use-after-free

 -- Thadeu Lima de Souza Cascardo <email address hidden> Fri, 14 Oct 2022 09:58:08 -0300

CVE-2022-2602 io_uring/af_unix: defer registered files gc to io_uring release
CVE-2022-41674 An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_i
CVE-2022-42722 In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer
CVE-2022-42721 A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (a
CVE-2022-42720 Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local
CVE-2022-42719 A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by atta



About   -   Send Feedback to @ubuntu_updates