[ubuntu/focal-security] linux-bluefield 5.4.0-1062.68 (Accepted)
Andy Whitcroft
apw at canonical.com
Fri May 19 08:18:32 UTC 2023
linux-bluefield (5.4.0-1062.68) focal; urgency=medium
* focal/linux-bluefield: 5.4.0-1062.68 -proposed tracker (LP: #2016751)
* CVE-2023-1829
- [Config] bluefield: Make sure CONFIG_NET_CLS_TCINDEX is not available
* net/sched: cls_api: Support hardware miss to tc action (LP: #2012571)
- Revert "net/sched: flower: fix fl_change() error recovery path"
- Revert "net/sched: flower: Support hardware miss to tc action"
- Revert "net/sched: flower: Move filter handle initialization earlier"
- Revert "net/sched: cls_api: Support hardware miss to tc action"
- Revert "UBUNTU: SAUCE: net/sched: Provide act to offload action"
[ Ubuntu: 5.4.0-148.165 ]
* focal/linux: 5.4.0-148.165 -proposed tracker (LP: #2016777)
* CVE-2023-1829
- net/sched: Retire tcindex classifier
- [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
linux-bluefield (5.4.0-1061.67) focal; urgency=medium
* focal/linux-bluefield: 5.4.0-1061.67 -proposed tracker (LP: #2011934)
* net: sched: allow flower to match erspan options (LP: #2015515)
- net: sched: allow flower to match erspan options
* netfilter: ctnetlink: Support offloaded conntrack entry deletion
(LP: #2015293)
- netfilter: ctnetlink: Support offloaded conntrack entry deletion
* net/sched: cls_api: Support hardware miss to tc action (LP: #2012571)
- SAUCE: net/sched: Provide act to offload action
- net/sched: cls_api: Support hardware miss to tc action
- net/sched: flower: Move filter handle initialization earlier
- net/sched: flower: Support hardware miss to tc action
- net/sched: flower: fix fl_change() error recovery path
* net: sched: allow flower to match vxlan options (LP: #2013422)
- net: sched: allow flower to match vxlan options
* Add support for 200G/400G speed to bond (LP: #2013758)
- bonding: 3ad: add support for 200G speed
- bonding: 3ad: add support for 400G speed
- ethtool: Add support for 400Gbps (50Gbps per lane) link modes
[ Ubuntu: 5.4.0-147.164 ]
* focal/linux: 5.4.0-147.164 -proposed tracker (LP: #2011959)
* CVE-2023-26545
- net: mpls: fix stale pointer if allocation fails during device rename
* CVE-2023-1281
- rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
- net/sched: tcindex: update imperfect hash filters respecting rcu
* Focal update: v5.4.231 upstream stable release (LP: #2011226)
- clk: generalize devm_clk_get() a bit
- clk: Provide new devm_clk helpers for prepared and enabled clocks
- memory: atmel-sdramc: Fix missing clk_disable_unprepare in
atmel_ramc_probe()
- memory: mvebu-devbus: Fix missing clk_disable_unprepare in
mvebu_devbus_probe()
- ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
- ARM: imx27: Retrieve the SYSCTRL base address from devicetree
- ARM: imx31: Retrieve the IIM base address from devicetree
- ARM: imx35: Retrieve the IIM base address from devicetree
- ARM: imx: add missing of_node_put()
- HID: intel_ish-hid: Add check for ishtp_dma_tx_map
- EDAC/highbank: Fix memory leak in highbank_mc_probe()
- tomoyo: fix broken dependency on *.conf.default
- RDMA/core: Fix ib block iterator counter overflow
- IB/hfi1: Reject a zero-length user expected buffer
- IB/hfi1: Reserve user expected TIDs
- IB/hfi1: Fix expected receive setup error exit issues
- affs: initialize fsdata in affs_truncate()
- amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
- amd-xgbe: Delay AN timeout during KR training
- bpf: Fix pointer-leak due to insufficient speculative store bypass
mitigation
- phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
rockchip_usb2phy_power_on()
- net: nfc: Fix use-after-free in local_cleanup()
- net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
- gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
- net/sched: sch_taprio: fix possible use-after-free
- net: fix a concurrency bug in l2tp_tunnel_register()
- l2tp: Serialize access to sk_user_data with sk_callback_lock
- l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
- net: usb: sr9700: Handle negative len
- net: mdio: validate parameter addr in mdiobus_get_phy()
- HID: check empty report_list in hid_validate_values()
- HID: check empty report_list in bigben_probe()
- net: stmmac: fix invalid call to mdiobus_get_phy()
- HID: revert CHERRY_MOUSE_000C quirk
- usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
- usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
- net: mlx5: eliminate anonymous module_init & module_exit
- drm/panfrost: fix GENERIC_ATOMIC64 dependency
- dmaengine: Fix double increment of client_count in dma_chan_get()
- net: macb: fix PTP TX timestamp failure due to packet padding
- HID: betop: check shape of output reports
- dmaengine: xilinx_dma: use devm_platform_ioremap_resource()
- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
- dmaengine: xilinx_dma: call of_node_put() when breaking out of
for_each_child_of_node()
- tcp: avoid the lookup process failing to get sk in ehash table
- w1: fix deadloop in __w1_remove_master_device()
- w1: fix WARNING after calling w1_process()
- driver core: Fix test_async_probe_init saves device in wrong array
- net: dsa: microchip: ksz9477: port map correction in ALU table entry
register
- tcp: fix rate_app_limited to default to 1
- cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
- ASoC: fsl_micfil: Correct the number of steps on SX controls
- drm: Add orientation quirk for Lenovo ideapad D330-10IGL
- s390/debug: add _ASM_S390_ prefix to header guard
- cpufreq: armada-37xx: stop using 0 as NULL pointer
- ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
- ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
- spi: spidev: remove debug messages that access spidev->spi without locking
- KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
- scsi: hisi_sas: Set a port invalid only if there are no devices attached
when refreshing port id
- platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
- platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
- lockref: stop doing cpu_relax in the cmpxchg loop
- mmc: sdhci-esdhc-imx: clear pending interrupt and halt cqhci
- mmc: sdhci-esdhc-imx: disable the CMD CRC check for standard tuning
- mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
- fs: reiserfs: remove useless new_opts in reiserfs_remount
- Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
- scsi: hpsa: Fix allocation size for scsi_host_alloc()
- module: Don't wait for GOING modules
- tracing: Make sure trace_printk() can output as soon as it can be used
- trace_events_hist: add check for return value of 'create_hist_field'
- ftrace/scripts: Update the instructions for ftrace-bisect.sh
- cifs: Fix oops due to uncleared server->smbd_conn in reconnect
- KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
- thermal: intel: int340x: Protect trip temperature from concurrent updates
- ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
- EDAC/device: Respect any driver-supplied workqueue polling value
- EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
- netlink: prevent potential spectre v1 gadgets
- net: fix UaF in netns ops registration error path
- netfilter: nft_set_rbtree: skip elements in transaction from garbage
collection
- netlink: annotate data races around nlk->portid
- netlink: annotate data races around dst_portid and dst_group
- netlink: annotate data races around sk_state
- ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
- ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
- netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
- netrom: Fix use-after-free of a listening socket.
- net/sched: sch_taprio: do not schedule in taprio_reset()
- sctp: fail if no bound addresses can be used for a given scope
- net: ravb: Fix possible hang if RIS2_QFF1 happen
- thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type()
- net/tg3: resolve deadlock in tg3_reset_task() during EEH
- net/phy/mdio-i2c: Move header file to include/linux/mdio
- net: xgene: Move shared header file into include/linux
- net: mdio-mux-meson-g12a: force internal PHY off on mux switch
- Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
mode"
- nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
- block: fix and cleanup bio_check_ro
- x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
- netfilter: conntrack: unify established states for SCTP paths
- perf/x86/amd: fix potential integer overflow on shift of a int
- clk: Fix pointer casting to prevent oops in devm_clk_release()
- x86/asm: Fix an assembler warning with current binutils
- ARM: dts: imx: Fix pca9547 i2c-mux node name
- bpf: Skip task with pid=1 in send_signal_common()
- blk-cgroup: fix missing pd_online_fn() while activating policy
- dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
- sysctl: add a new register_sysctl_init() interface
- panic: unset panic_on_warn inside panic()
- mm: kasan: do not panic if both panic_on_warn and kasan_multishot set
- exit: Add and use make_task_dead.
- objtool: Add a missing comma to avoid string concatenation
- hexagon: Fix function name in die()
- h8300: Fix build errors from do_exit() to make_task_dead() transition
- csky: Fix function name in csky_alignment() and die()
- ia64: make IA64_MCA_RECOVERY bool instead of tristate
- exit: Put an upper limit on how often we can oops
- exit: Expose "oops_count" to sysfs
- exit: Allow oops_limit to be disabled
- panic: Consolidate open-coded panic_on_warn checks
- panic: Introduce warn_limit
- panic: Expose "warn_count" to sysfs
- docs: Fix path paste-o for /sys/kernel/warn_count
- exit: Use READ_ONCE() for all oops/warn limit reads
- ipv6: ensure sane device mtu in tunnels
- Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
- usb: host: xhci-plat: add wakeup entry at sysfs
- Revert "xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()"
- Linux 5.4.231
* CVE-2022-3903
- USB: add usb_control_msg_send() and usb_control_msg_recv()
- USB: correct API of usb_control_msg_send/recv
- USB: move snd_usb_pipe_sanity_check into the USB core
- media: mceusb: Use new usb_control_msg_*() routines
* CVE-2022-3108
- drm/amdkfd: Check for null pointer after calling kmemdup
* Focal update: v5.4.230 upstream stable release (LP: #2008946)
- pNFS/filelayout: Fix coalescing test for single DS
- net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
- RDMA/srp: Move large values to a new enum for gcc13
- f2fs: let's avoid panic if extent_tree is not created
- wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
- Add exception protection processing for vd in axi_chan_handle_err function
- nilfs2: fix general protection fault in nilfs_btree_insert()
- efi: fix userspace infinite retry read efivars after EFI runtime services
page fault
- drm/i915/gt: Reset twice
- ALSA: hda/realtek - Turn on power early
- xhci-pci: set the dma max_seg_size
- usb: xhci: Check endpoint is valid before dereferencing it
- xhci: Fix null pointer dereference when host dies
- xhci: Add update_hub_device override for PCI xHCI hosts
- xhci: Add a flag to disable USB3 lpm on a xhci root port level.
- usb: acpi: add helper to check port lpm capability using acpi _DSM
- xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
- prlimit: do_prlimit needs to have a speculation check
- USB: serial: option: add Quectel EM05-G (GR) modem
- USB: serial: option: add Quectel EM05-G (CS) modem
- USB: serial: option: add Quectel EM05-G (RS) modem
- USB: serial: option: add Quectel EC200U modem
- USB: serial: option: add Quectel EM05CN (SG) modem
- USB: serial: option: add Quectel EM05CN modem
- USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
- misc: fastrpc: Don't remove map on creater_process and device_release
- misc: fastrpc: Fix use-after-free race condition for maps
- usb: core: hub: disable autosuspend for TI TUSB8041
- comedi: adv_pci1760: Fix PWM instruction handling
- mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
- btrfs: fix race between quota rescan and disable leading to NULL pointer
deref
- cifs: do not include page data when checking signature
- USB: serial: cp210x: add SCALANCE LPE-9000 device id
- usb: host: ehci-fsl: Fix module alias
- usb: typec: altmodes/displayport: Add pin assignment helper
- usb: typec: altmodes/displayport: Fix pin assignment calculation
- usb: gadget: g_webcam: Send color matching descriptor per frame
- usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
- usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
- dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string documentation
- serial: pch_uart: Pass correct sg to dma_unmap_sg()
- dmaengine: tegra210-adma: fix global intr clear
- serial: atmel: fix incorrect baudrate setup
- gsmi: fix null-deref in gsmi_get_variable
- drm/i915: re-disable RC6p on Sandy Bridge
- drm/amd/display: Fix set scaling doesn's work
- drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
- x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
- Linux 5.4.230
[ Ubuntu: 5.4.0-146.163 ]
* focal/linux: 5.4.0-146.163 -proposed tracker (LP: #2012094)
* NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
- NFS: Correct timing for assigning access cache timestamp
Date: 2023-05-04 10:27:06.463635+00:00
Changed-By: Bartlomiej Zolnierkiewicz <bartlomiej.zolnierkiewicz at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1062.68
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list