[ubuntu/focal-updates] linux 5.4.0-204.224 (Accepted)

Andy Whitcroft apw at canonical.com
Mon Dec 16 12:50:34 UTC 2024


linux (5.4.0-204.224) focal; urgency=medium

  * focal/linux: 5.4.0-204.224 -proposed tracker (LP: #2091090)

  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT

  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1

  * CVE-2024-43892
    - memcg: protect concurrent access to mem_cgroup_idr

  * CVE-2024-38553
    - net: fec: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2024-38597
    - eth: sungem: remove .ndo_poll_controller to avoid deadlocks

  * CVE-2023-52821
    - drm/panel: fix a possible null pointer dereference

  * CVE-2024-36952
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

  * CVE-2024-40910
    - ax25: Fix refcount imbalance on inbound connections

  * CVE-2024-35963
    - Bluetooth: hci_sock: Fix not validating setsockopt user input

  * CVE-2024-35965
    - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
    - Bluetooth: L2CAP: Fix not validating setsockopt user input

  * CVE-2024-35966
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input

  * CVE-2024-35967
    - Bluetooth: SCO: Fix not validating setsockopt user input

  * CVE-2021-47101
    - net: asix: fix uninit value bugs
    - asix: fix wrong return value in asix_check_host_enable()
    - asix: fix uninit-value in asix_mdio_read()

  * CVE-2022-38096
    - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts

  * CVE-2021-47001
    - xprtrdma: Fix cwnd update ordering

Date: 2024-12-05 13:27:13.140627+00:00
Changed-By: Manuel Diewald <manuel.diewald at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux/5.4.0-204.224
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list