[ubuntu/focal-security] linux 5.4.0-202.222 (Accepted)

Andy Whitcroft apw at canonical.com
Thu Dec 12 14:09:48 UTC 2024 

linux (5.4.0-202.222) focal; urgency=medium

  * focal/linux: 5.4.0-202.222 -proposed tracker (LP: #2086451)
    - [Packaging] resync git-ubuntu-log

  * CVE-2021-47501
    - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

  * CVE-2024-46724
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

  * CVE-2024-42240
    - x86/bhi: Avoid warning in #DB handler due to BHI mitigation

  * CVE-2024-42077
    - ocfs2: fix DIO failure due to insufficient transaction credits

  * CVE-2024-42068
    - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()

  * CVE-2024-36968
    - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

  * CVE-2024-35904
    - selinux: avoid dereference of garbage after mount failure

  * CVE-2023-52498
    - PM: sleep: Avoid calling put_device() under dpm_list_mtx
    - PM: sleep: Fix error handling in dpm_prepare()
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - PM: sleep: Fix possible deadlocks in core system-wide PM code

  * CVE-2023-52488
    - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO

  * CVE-2022-48938
    - CDC-NCM: avoid overflow in sanity checking

  * CVE-2024-42156
    - s390/pkey: Wipe copies of clear-key structures on failure

  * CVE-2024-44942
    - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC

  * CVE-2024-38538
    - net: bridge: xmit: make sure we have at least eth header len bytes

  * CVE-2021-47076
    - RDMA/rxe: Return CQE error if invalid lkey was supplied

  * CVE-2024-36938
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

  * CVE-2024-44940
    - fou: remove warn in gue_gro_receive on unsupported protocol

  * CVE-2024-35951
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()

  * CVE-2023-52497
    - erofs: fix lz4 inplace decompression

  * CVE-2024-36953
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

  * CVE-2022-48943
    - KVM: x86/mmu: make apf token non-zero to fix bug

  * CVE-2024-26947
    - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

  * CVE-2022-48733
    - btrfs: fix use-after-free after failure to create a snapshot

  * CVE-2023-52639
    - KVM: s390: vsie: fix race during shadow creation

Date: 2024-11-08 14:38:10.049591+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux/5.4.0-202.222
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list