UbuntuUpdates.org

Package "linux-riscv"

Name: linux-riscv

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 5.19.0
  • Header files related to Linux kernel version 5.19.0
  • Header files related to Linux kernel version 5.19.0
  • Header files related to Linux kernel version 5.19.0
Latest version: 5.19.0-1012.13
Release: kinetic (22.10)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux-riscv" in Kinetic

Repository Area Version
base main 5.19.0-1004.4
updates main 5.19.0-1012.13
proposed main 5.19.0-1011.12
PPA: Canonical Kernel Team 5.19.0-1011.12

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.19.0-1012.13 2023-01-17 17:07:25 UTC

  linux-riscv (5.19.0-1012.13) kinetic; urgency=medium

  * kinetic/linux-riscv: 5.19.0-1012.13 -proposed tracker (LP: #1999796)

  [ Ubuntu: 5.19.0-29.30 ]

  * kinetic/linux: 5.19.0-29.30 -proposed tracker (LP: #1999799)
  * CVE-2022-3643
    - xen/netback: Ensure protocol headers don't fall in the non-linear area
  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow
  * CVE-2022-4378
    - proc: proc_skip_spaces() shouldn't think it is working on C strings
    - proc: avoid integer type confusion in get_proc_long
  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 05 Jan 2023 14:59:31 -0300
Source diff to previous version
CVE-2022-3643 Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux bas
CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_R
CVE-2022-4378 A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem ...
CVE-2022-42896 There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which ma

Version: 5.19.0-1011.12 2023-01-06 12:07:05 UTC

  linux-riscv (5.19.0-1011.12) kinetic; urgency=medium

  * kinetic/linux-riscv: 5.19.0-1011.12 -proposed tracker (LP: #1999743)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] update update.conf

  [ Ubuntu: 5.19.0-28.29 ]

  * kinetic/linux: 5.19.0-28.29 -proposed tracker (LP: #1999746)
  * mm:vma05 in ubuntu_ltp fails with '[vdso] bug not patched' on kinetic/linux
    5.19.0-27.28 (LP: #1999094)
    - fix coredump breakage
Source diff to previous version
1786013 Packaging resync
1999094 mm:vma05 in ubuntu_ltp fails with '[vdso] bug not patched' on kinetic/linux 5.19.0-27.28

Version: 5.19.0-1009.10 2022-12-01 16:07:20 UTC

  linux-riscv (5.19.0-1009.10) kinetic; urgency=medium

  * kinetic/linux-riscv: 5.19.0-1009.10 -proposed tracker (LP: #1997431)

  [ Ubuntu: 5.19.0-26.27 ]

  * kinetic/linux: 5.19.0-26.27 -proposed tracker (LP: #1997434)
  * CVE-2022-3566
    - tcp: Fix data races around icsk->icsk_af_ops.
  * CVE-2022-3567
    - ipv6: Fix data races around sk->sk_prot.
  * CVE-2022-3621
    - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
  * CVE-2022-3565
    - mISDN: fix use-after-free bugs in l1oip timer handlers
  * CVE-2022-3594
    - r8152: Rate limit overflow messages
  * CVE-2022-3564
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
  * CVE-2022-3524
    - tcp/udp: Fix memory leak in ipv6_renew_options().
  * CVE-2022-43945
    - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
    - SUNRPC: Fix svcxdr_init_encode's buflen calculation
    - NFSD: Protect against send buffer overflow in NFSv2 READDIR
    - NFSD: Protect against send buffer overflow in NFSv3 READDIR
    - NFSD: Protect against send buffer overflow in NFSv2 READ
    - NFSD: Protect against send buffer overflow in NFSv3 READ
    - NFSD: Remove "inline" directives on op_rsize_bop helpers
    - NFSD: Cap rsize_bop result based on send buffer size

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 24 Nov 2022 07:29:28 -0300
Source diff to previous version
CVE-2022-3566 A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the compo
CVE-2022-3567 A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_op
CVE-2022-3621 A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/
CVE-2022-3565 A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drive
CVE-2022-3594 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the f
CVE-2022-3564 A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net
CVE-2022-3524 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of
CVE-2022-43945 The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by e

Version: 5.19.0-1006.7 2022-10-25 13:06:27 UTC

  linux-riscv (5.19.0-1006.7) kinetic; urgency=medium

  [ Ubuntu: 5.19.0-23.24 ]

  * CVE-2022-2602
    - SAUCE: io_uring/af_unix: defer registered files gc to io_uring release
    - SAUCE: io_uring/af_unix: fix memleak during unix GC
  * CVE-2022-41674
    - SAUCE: wifi: cfg80211: fix u8 overflow in
      cfg80211_update_notlisted_nontrans()
    - SAUCE: wifi: cfg80211/mac80211: reject bad MBSSID elements
    - SAUCE: wifi: cfg80211: ensure length byte is present before access
    - SAUCE: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - SAUCE: wifi: cfg80211: update hidden BSSes to avoid WARN_ON
  * CVE-2022-42722
    - SAUCE: wifi: mac80211: fix crash in beacon protection for P2P-device
  * CVE-2022-42721
    - SAUCE: wifi: cfg80211: avoid nontransmitted BSS list corruption
  * CVE-2022-42720
    - SAUCE: wifi: cfg80211: fix BSS refcounting bugs
  * CVE-2022-42719
    - SAUCE: wifi: mac80211: fix MBSSID parsing use-after-free

 -- Thadeu Lima de Souza Cascardo <email address hidden> Sat, 15 Oct 2022 00:21:55 -0300
CVE-2022-2602 io_uring/af_unix: defer registered files gc to io_uring release
CVE-2022-41674 An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_i
CVE-2022-42722 In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer
CVE-2022-42721 A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (a
CVE-2022-42720 Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local
CVE-2022-42719 A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by atta


About   -   Send Feedback to @ubuntu_updates