UbuntuUpdates.org

Package "linux"

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Headers for BPF development
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
  • Linux kernel buildinfo for version 6.8.0 on 64 bit x86 SMP
Latest version: 6.8.0-111.111
Release: noble (24.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux" in Noble

Repository Area Version
base main 6.8.0-31.31
security main 6.8.0-110.110
proposed main 6.8.0-116.116
PPA: Canonical Kernel Team 6.8.0-116.116

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.8.0-111.111 2026-04-30 18:09:07 UTC

  linux (6.8.0-111.111) noble; urgency=medium

  * noble/linux: 6.8.0-111.111 -proposed tracker (LP: #2147890)

  * CVE-2026-23231
    - netfilter: nf_tables: fix use-after-free in nf_tables_addchain()

  * macvlan: observe an RCU grace period in macvlan_common_newlink() error
    path (LP: #2144380) // CVE-2026-23209
    - macvlan: observe an RCU grace period in macvlan_common_newlink() error
      path

  * CVE-2026-23112
    - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec

 -- Manuel Diewald <email address hidden> Sat, 11 Apr 2026 22:54:06 +0200
Source diff to previous version
2144380 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23231 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addc
CVE-2026-23209 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23112 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i

Version: 6.8.0-110.110 2026-04-13 15:08:16 UTC

  linux (6.8.0-110.110) noble; urgency=medium

  * noble/linux: 6.8.0-110.110 -proposed tracker (LP: #2144887)

  * ITS mitigation is not enabled on affected CPUs (LP: #2144730)
    - x86/bugs: Rename CONFIG_RETPOLINE => CONFIG_MITIGATION_RETPOLINE
    - x86/bugs: Rename CONFIG_RETHUNK => CONFIG_MITIGATION_RETHUNK
    - [Config] rename config options RETHUNK and RETPOLINE
Source diff to previous version
2144730 ITS mitigation is not enabled on affected CPUs

Version: 6.8.0-107.107 2026-04-01 05:08:52 UTC

  linux (6.8.0-107.107) noble; urgency=medium

  * noble/linux: 6.8.0-107.107 -proposed tracker (LP: #2144267)

  * CVE-2026-23074
    - net/sched: Enforce that teql can only be used as root qdisc

  * CVE-2026-23060
    - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN
      spec

  * CVE-2026-23111
    - netfilter: nf_tables: fix inverted genmask check in
      nft_map_catchall_activate()

 -- Manuel Diewald <email address hidden> Fri, 13 Mar 2026 14:27:20 +0100
Source diff to previous version
CVE-2026-23074 In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of te
CVE-2026-23060 In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec au
CVE-2026-23111 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()

Version: 6.8.0-106.106 2026-03-13 20:08:18 UTC

  linux (6.8.0-106.106) noble; urgency=medium

  * Miscellaneous upstream changes
    - apparmor: validate DFA start states are in bounds in unpack_pdb
    - apparmor: fix memory leak in verify_header
    - apparmor: replace recursive profile removal with iterative approach
    - apparmor: fix: limit the number of levels of policy namespaces
    - apparmor: fix side-effect bug in match_char() macro usage
    - apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
    - apparmor: Fix double free of ns_name in aa_replace_profiles()
    - apparmor: fix unprivileged local user can do privileged policy
      management
    - apparmor: fix differential encoding verification
    - apparmor: fix race on rawdata dereference
    - apparmor: fix race between freeing data and fs accessing it

 -- Mehmet Basaran <email address hidden> Fri, 06 Mar 2026 03:43:25 +0300
Source diff to previous version

Version: 6.8.0-101.101 2026-02-23 14:08:27 UTC

  linux (6.8.0-101.101) noble; urgency=medium

  * noble/linux: 6.8.0-101.101 -proposed tracker (LP: #2140964)

  * CVE-2025-37899
    - ksmbd: fix use-after-free in session logoff

  * CVE-2025-22037
    - ksmbd: mark SMB2_SESSION_EXPIRED to session when destroying previous
      session
    - ksmbd: fix race condition between destroy_previous_session() and smb2
      operations()
    - ksmbd: fix null pointer dereference in alloc_preauth_hash()

 -- Manuel Diewald <email address hidden> Fri, 06 Feb 2026 18:52:19 +0100
CVE-2025-37899 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently
CVE-2025-22037 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The Client send mal


About   -   Send Feedback to @ubuntu_updates