[ubuntu/focal-security] linux-aws 5.4.0-1136.146 (Accepted)

Andy Whitcroft apw at canonical.com
Mon Dec 16 21:38:44 UTC 2024


linux-aws (5.4.0-1136.146) focal; urgency=medium

  * focal/linux-aws: 5.4.0-1136.146 -proposed tracker (LP: #2086406)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  * [AWS]  Fix interrupt mappings which are set to a bad default after certain
    ENI operations (LP: #2085159)
    - genirq: Provide new interfaces for affinity hints
    - UBUNTU SAUCE: (no-up) linux/ena: Add NUMA aware interrupt allocation

  [ Ubuntu: 5.4.0-202.222 ]

  * focal/linux: 5.4.0-202.222 -proposed tracker (LP: #2086451)
    - [Packaging] resync git-ubuntu-log
  * CVE-2021-47501
    - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
  * CVE-2024-46724
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
  * CVE-2024-42240
    - x86/bhi: Avoid warning in #DB handler due to BHI mitigation
  * CVE-2024-42077
    - ocfs2: fix DIO failure due to insufficient transaction credits
  * CVE-2024-42068
    - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()
  * CVE-2024-36968
    - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
  * CVE-2024-35904
    - selinux: avoid dereference of garbage after mount failure
  * CVE-2023-52498
    - PM: sleep: Avoid calling put_device() under dpm_list_mtx
    - PM: sleep: Fix error handling in dpm_prepare()
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - PM: sleep: Fix possible deadlocks in core system-wide PM code
  * CVE-2023-52488
    - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
  * CVE-2022-48938
    - CDC-NCM: avoid overflow in sanity checking
  * CVE-2024-42156
    - s390/pkey: Wipe copies of clear-key structures on failure
  * CVE-2024-44942
    - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
  * CVE-2024-38538
    - net: bridge: xmit: make sure we have at least eth header len bytes
  * CVE-2021-47076
    - RDMA/rxe: Return CQE error if invalid lkey was supplied
  * CVE-2024-36938
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
  * CVE-2024-44940
    - fou: remove warn in gue_gro_receive on unsupported protocol
  * CVE-2024-35951
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()
  * CVE-2023-52497
    - erofs: fix lz4 inplace decompression
  * CVE-2024-36953
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
  * CVE-2022-48943
    - KVM: x86/mmu: make apf token non-zero to fix bug
  * CVE-2024-26947
    - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses
  * CVE-2022-48733
    - btrfs: fix use-after-free after failure to create a snapshot
  * CVE-2023-52639
    - KVM: s390: vsie: fix race during shadow creation

Date: 2024-11-12 18:33:10.406250+00:00
Changed-By: Philip Cox <philip.cox at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1136.146
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list