[ubuntu/focal-security] linux-bluefield 5.4.0-1044.49 (Accepted)

Andy Whitcroft apw at canonical.com
Wed Aug 10 09:25:16 UTC 2022


linux-bluefield (5.4.0-1044.49) focal; urgency=medium

  [ Ubuntu: 5.4.0-124.140 ]

  * CVE-2022-2586
    - SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
  * CVE-2022-2588
    - SAUCE: net_sched: cls_route: remove from list when handle is 0
  * CVE-2022-34918
    - netfilter: nf_tables: stricter validation of element data

linux-bluefield (5.4.0-1043.48) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1043.48 -proposed tracker (LP: #1981258)

  * pwr-mlxbf.c: make hids local variables (LP: #1980774)
    - SAUCE: pwr-mlxbf.c: make hids local variables

  * ipmb_host.c: rename structs to be driver specific (LP: #1980537)
    - SAUCE: ipmb_host.c: rename structs to be driver specific

  * ipmb_dev_int.c: sync up with upstream (LP: #1980525)
    - ipmi: remove open coded version of SMBus block write
    - ipmi: use simple i2c probe function

  * mlx-trio module license update (LP: #1979264)
    - SAUCE: mlx-trio: Module license update

  * misleading error prints from mlx-trio (LP: #1979045)
    - SAUCE: mlx-trio: Use pr_debug for TRIO IRQ prints

  [ Ubuntu: 5.4.0-123.139 ]

  * focal/linux: 5.4.0-123.139 -proposed tracker (LP: #1981284)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.07.11)
  * Hairpin traffic does not work with centralized NAT gw (LP: #1967856)
    - net: openvswitch: fix misuse of the cached connection on tuple changes
  * [UBUNTU 20.04] Include patches to avoid self-detected stall with Secure
    Execution (LP: #1979296)
    - KVM: s390: pv: add macros for UVC CC values
    - KVM: s390: pv: avoid stalls when making pages secure
    - KVM: s390: pv: avoid stalls for kvm_s390_pv_init_vm
  * Focal update: v5.4.195 upstream stable release (LP: #1980407)
    - batman-adv: Don't skb_split skbuffs with frag_list
    - hwmon: (tmp401) Add OF device ID table
    - mac80211: Reset MBSSID parameters upon connection
    - net: Fix features skip in for_each_netdev_feature()
    - ipv4: drop dst in multicast routing path
    - drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name()
    - netlink: do not reset transport header in netlink_recvmsg()
    - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
    - dim: initialize all struct fields
    - hwmon: (ltq-cputemp) restrict it to SOC_XWAY
    - s390/ctcm: fix variable dereferenced before check
    - s390/ctcm: fix potential memory leak
    - s390/lcs: fix variable dereferenced before check
    - net/sched: act_pedit: really ensure the skb is writable
    - net/smc: non blocking recvmsg() return -EAGAIN when no data and
      signal_pending
    - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
    - gfs2: Fix filesystem block deallocation for short writes
    - hwmon: (f71882fg) Fix negative temperature
    - ASoC: max98090: Reject invalid values in custom control put()
    - ASoC: max98090: Generate notifications on changes for custom control
    - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
    - s390: disable -Warray-bounds
    - net: emaclite: Don't advertise 1000BASE-T and do auto negotiation
    - tcp: resalt the secret every 10 seconds
    - tty: n_gsm: fix mux activation issues in gsm_config()
    - usb: cdc-wdm: fix reading stuck on device close
    - usb: typec: tcpci: Don't skip cleanup in .remove() on error
    - USB: serial: pl2303: add device id for HP LM930 Display
    - USB: serial: qcserial: add support for Sierra Wireless EM7590
    - USB: serial: option: add Fibocom L610 modem
    - USB: serial: option: add Fibocom MA510 modem
    - slimbus: qcom: Fix IRQ check in qcom_slim_probe
    - serial: 8250_mtk: Fix UART_EFR register address
    - serial: 8250_mtk: Fix register address for XON/XOFF character
    - drm/nouveau/tegra: Stop using iommu_present()
    - i40e: i40e_main: fix a missing check on list iterator
    - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
    - drm/vmwgfx: Initialize drm_mode_fb_cmd2
    - MIPS: fix build with gcc-12
    - net: phy: Fix race condition on link status change
    - arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map
    - ping: fix address binding wrt vrf
    - tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe()
    - Linux 5.4.195
  * Focal update: v5.4.194 upstream stable release (LP: #1980399)
    - MIPS: Use address-of operator on section symbols
    - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
    - drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version,
      environment} types
    - drm/i915: Cast remain to unsigned long in eb_relocate_vma
    - nfp: bpf: silence bitwise vs. logical OR warning
    - can: grcan: grcan_probe(): fix broken system id check for errata workaround
      needs
    - can: grcan: only use the NAPI poll budget for RX
    - arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
    - [Config] updateconfigs for ARCH_HAS_HOLES_MEMORYMODEL
    - KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
    - x86/asm: Allow to pass macros to __ASM_FORM()
    - x86: xen: kvm: Gather the definition of emulate prefixes
    - x86: xen: insn: Decode Xen and KVM emulate-prefix signature
    - x86: kprobes: Prohibit probing on instruction which has emulate prefix
    - KVM: x86/svm: Account for family 17h event renumberings in
      amd_pmc_perf_hw_id
    - Bluetooth: Fix the creation of hdev->name
    - mm: fix missing cache flush for all tail pages of compound page
    - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
    - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
      __mcopy_atomic()
    - Linux 5.4.194
  * Focal update: v5.4.193 upstream stable release (LP: #1979566)
    - MIPS: Fix CP0 counter erratum detection for R4k CPUs
    - parisc: Merge model and model name into one line in /proc/cpuinfo
    - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
    - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
    - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
    - firewire: fix potential uaf in outbound_phy_packet_callback()
    - firewire: remove check of list iterator against head past the loop body
    - firewire: core: extend card->lock in fw_core_handle_bus_reset
    - ACPICA: Always create namespace nodes using acpi_ns_create_node()
    - genirq: Synchronize interrupt thread startup
    - ASoC: da7219: Fix change notifications for tone generator frequency
    - ASoC: wm8958: Fix change notifications for DSP controls
    - ASoC: meson: Fix event generation for G12A tohdmi mux
    - s390/dasd: fix data corruption for ESE devices
    - s390/dasd: prevent double format of tracks for ESE devices
    - s390/dasd: Fix read for ESE with blksize < 4k
    - s390/dasd: Fix read inconsistency for ESE DASD devices
    - can: grcan: grcan_close(): fix deadlock
    - can: grcan: use ofdev->dev when allocating DMA memory
    - nfc: replace improper check device_is_registered() in netlink related
      functions
    - NFC: netlink: fix sleep in atomic bug when firmware download timeout
    - hwmon: (adt7470) Fix warning on module removal
    - ASoC: dmaengine: Restore NULL prepare_slave_config() callback
    - RDMA/siw: Fix a condition race issue in MPA request processing
    - net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init()
    - net: stmmac: dwmac-sun8i: add missing of_node_put() in
      sun8i_dwmac_register_mdio_mux()
    - net: emaclite: Add error handling for of_address_to_resource()
    - selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is
      operational
    - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
    - smsc911x: allow using IRQ0
    - btrfs: always log symlinks in full mode
    - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
    - drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
    - NFSv4: Don't invalidate inode attributes on delegation return
    - kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
    - x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
    - KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
    - net: ipv6: ensure we call ipv6_mc_down() at most once
    - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
    - mm: fix unexpected zeroed page mapping with zram swap
    - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
    - ALSA: pcm: Fix races among concurrent read/write and buffer changes
    - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
    - ALSA: pcm: Fix races among concurrent prealloc proc writes
    - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
    - tcp: make sure treq->af_specific is initialized
    - dm: fix mempool NULL pointer race when completing IO
    - dm: interlock pending dm_io and dm_wait_for_bios_completion
    - PCI: aardvark: Clear all MSIs at setup
    - PCI: aardvark: Fix reading MSI interrupt number
    - mmc: rtsx: add 74 Clocks in power on flow
    - Linux 5.4.193
  * CVE-2022-1679
    - SAUCE: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
  * CVE-2022-28893
    - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
    - SUNRPC: Don't leak sockets in xs_local_connect()
  * CVE-2022-1734
    - nfc: nfcmrvl: main: reorder destructive operations in
      nfcmrvl_nci_unregister_dev to avoid bugs
  * CVE-2022-1652
    - floppy: use a statically allocated error counter

Date: 2022-08-08 14:27:09.421628+00:00
Changed-By: Thadeu Lima de Souza Cascardo <thadeu.cascardo at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1044.49
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list