[ubuntu/focal-proposed] linux-hwe-5.15 5.15.0-132.143~20.04.1 (Accepted)
Andy Whitcroft
apw at canonical.com
Sat Jan 25 19:11:14 UTC 2025
linux-hwe-5.15 (5.15.0-132.143~20.04.1) focal; urgency=medium
* focal/linux-hwe-5.15: 5.15.0-132.143~20.04.1 -proposed tracker
(LP: #2093733)
* Packaging resync (LP: #1786013)
- [Packaging] debian.hwe-5.15/dkms-versions -- update from kernel-versions
(main/2025.01.13)
* Add list of source files to linux-buildinfo (LP: #2086606)
- [Packaging] hwe-5.15: Add dwarfdump dependency
[ Ubuntu: 5.15.0-132.143 ]
* jammy/linux: 5.15.0-132.143 -proposed tracker (LP: #2093735)
* Packaging resync (LP: #1786013)
- [Packaging] debian.master/dkms-versions -- update from kernel-versions
(main/2025.01.13)
* KVM: Cache CPUID at KVM.ko module init to reduce latency of VM-Enter and VM-
Exit (LP: #2093146)
- kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init
* Jammy update: v5.15.173 upstream stable release (LP: #2089541)
- 9p: Avoid creating multiple slab caches with the same name
- irqchip/ocelot: Fix trigger register address
- block: Fix elevator_get_default() checking for NULL q->tag_set
- HID: multitouch: Add support for B2402FVA track point
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
- bpf: use kvzmalloc to allocate BPF verifier environment
- crypto: marvell/cesa - Disable hash algorithms
- sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML
- drm/vmwgfx: Limit display layout ioctl array size to
VMWGFX_NUM_DISPLAY_UNITS
- powerpc/powernv: Free name on error in opal_event_init()
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling
- fs: Fix uninitialized value issue in from_kuid and from_kgid
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
- md/raid10: improve code of mrdev in raid10_sync_request
- mm/memory: add non-anonymous page check in the copy_present_page()
- udf: Allocate name buffer in directory iterator on heap
- udf: Avoid directory type conversion failure due to ENOMEM
- 9p: fix slab cache name creation for real
- Linux 5.15.173
* Jammy update: v5.15.173 upstream stable release (LP: #2089541) //
CVE-2024-41080
- io_uring: fix possible deadlock in io_register_iowq_max_workers()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-
excavator
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc
- arm64: dts: imx8mp: correct sdhc ipg clk
- ARM: dts: rockchip: fix rk3036 acodec node
- ARM: dts: rockchip: drop grf reference from rk3036 hdmi
- ARM: dts: rockchip: Fix the spi controller on rk3036
- ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible
- NFS: Add a tracepoint to show the results of nfs_set_cache_invalid()
- NFSv3: handle out-of-order write replies.
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping
- net: enetc: set MAC address to the VF net_device
- can: c_can: fix {rx,tx}_errors statistics
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag
- net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case
- Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown"
- media: stb0899_algo: initialize cfr before using it
- media: dvb_frontend: don't play tricks with underflow values
- media: adv7604: prevent underflow condition when reporting colorspace
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init()
- media: pulse8-cec: fix data timestamp at pulse8_setup()
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl()
- pwm: imx-tpm: Use correct MODULO value for EPWM mode
- drm/amdgpu: Adjust debugfs eviction and IB access permissions
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
- thermal/drivers/qcom/lmh: Remove false lockdep backtrace
- dm cache: correct the number of origin blocks to match the target length
- dm cache: optimize dirty bit checking with find_next_bit when resizing
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t
overflow
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone
- io_uring: rename kiocb_end_write() local helper
- fs: create kiocb_{start,end}_write() helpers
- io_uring: use kiocb_{start,end}_write() helpers
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
uvc_parse_format
- fs/proc: fix compile warning about variable 'vmcore_mmap_ops'
- usb: dwc3: fix fault at system suspend if device was already runtime
suspended
- USB: serial: qcserial: add support for Sierra Wireless EM86xx
- USB: serial: option: add Fibocom FG132 0x0112 composition
- USB: serial: option: add Quectel RG650V
- irqchip/gic-v3: Force propagation of the active state with a read-back
- ucounts: fix counter leak in inc_rlimit_get_ucounts()
- ALSA: usb-audio: Support jack detection on Dell dock
- ALSA: usb-audio: Add quirks for Dell WD19 dock
- ACPI: PRM: Clean up guid type in struct prm_handler_info
- ALSA: usb-audio: Add endianness annotations
- Linux 5.15.172
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50265
- ocfs2: remove entry once instead of null-ptr-dereference in
ocfs2_xa_remove()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50267
- USB: serial: io_edgeport: fix use after free in debug printk
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50268
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50269
- usb: musb: sunxi: Fix accessing an released usb phy
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50036
- net: do not delay dst_entries_add() in dst_release()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-42291
- ice: Add a per-VF limit on number of FDIR filters
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50273
- btrfs: reinitialize delayed ref list after deleting it from the list
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-53066
- nfs: Fix KMSAN warning in decode_getfattr_attrs()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-53052
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50278
- dm cache: fix potential out-of-bounds access on the first resume
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50279
- dm cache: fix out-of-bounds access to the dirty bitset when resizing
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50282
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50287
- media: v4l2-tpg: prevent the risk of a division by zero
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50290
- media: cx24116: prevent overflows on SNR calculus
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-53061
- media: s5p-jpeg: prevent buffer overflows
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50292
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-53063
- media: dvbdev: prevent the risk of out of memory access
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50295
- net: arc: fix the device for dma_map_single/dma_unmap_single
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50296
- net: hns3: fix kernel crash when uninstalling driver
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-53088
- i40e: fix race condition by adding filter's intermediate sync state
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50299
- sctp: properly validate chunk size in sctp_sf_ootb()
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50301
- security/keys: fix slab-out-of-bounds in key_task_permission
* Jammy update: v5.15.172 upstream stable release (LP: #2089533) //
CVE-2024-50302
- HID: core: zero-initialize the report buffer
* Jammy update: v5.15.171 upstream stable release (LP: #2089405)
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test
- ACPI: PRM: Remove unnecessary blank lines
- ACPI: PRM: Change handler_addr type to void pointer
- cgroup: Fix potential overflow issue when checking max_depth
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
- wifi: brcm80211: BRCM_TRACING should depend on TRACING
- RDMA/cxgb4: Dump vendor specific QP details
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down
- RDMA/bnxt_re: synchronize the qp-handle table array
- mac80211: do drv_reconfig_complete() before restarting all
- mac80211: Add support to trigger sta disconnect on hardware restart
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe()
- gtp: allow -1 to be specified as file description from userspace
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state()
- fs/ntfs3: Fix warning possible deadlock in ntfs_set_state
- scsi: scsi_transport_fc: Allow setting rport state to current state
- net: amd: mvme147: Fix probe banner message
- NFS: remove revoked delegation from server's delegation list
- misc: sgi-gru: Don't disable preemption in GRU driver
- usbip: tools: Fix detach_port() invalid port error path
- usb: phy: Fix API devm_usb_put_phy() can not release the phy
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes()
- xhci: Fix Link TRB DMA in command ring stopped completion event
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems
- Revert "driver core: Fix uevent_show() vs driver detach race"
- iio: light: veml6030: fix microlux value calculation
- riscv: vdso: Prevent the compiler from inserting calls to memset()
- riscv: efi: Set NX compat flag in PE/COFF header
- riscv: Use '%u' to format the output of 'cpu'
- riscv: Remove unused GENERATING_ASM_OFFSETS
- riscv: Remove duplicated GET_RM
- mm/page_alloc: call check_new_pages() while zone spinlock is not held
- mm/page_alloc: fix tracepoint mm_page_alloc_zone_locked()
- mm/page_alloc: split out buddy removal code from rmqueue into separate
helper
- mm/page_alloc: rename ALLOC_HIGH to ALLOC_MIN_RESERVE
- mm/page_alloc: treat RT tasks similar to __GFP_HIGH
- mm/page_alloc: explicitly record high-order atomic allocations in
alloc_flags
- mm/page_alloc: explicitly define what alloc flags deplete min reserves
- mm/page_alloc: explicitly define how __GFP_HIGH non-blocking allocations
accesses reserves
- Revert "drm/mipi-dsi: Set the fwnode for mipi_dsi_device"
- vt: prevent kernel-infoleak in con_font_get()
- mac80211: always have ieee80211_sta_restart()
- Linux 5.15.171
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2023-52913
- drm/i915: Fix potential context UAFs
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50228
- mm: shmem: fix data-race in shmem_getattr()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-53055
- wifi: iwlwifi: mvm: fix 6 GHz scan construction
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50230
- nilfs2: fix kernel bug due to missing clearing of checked flag
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50072
- x86/bugs: Use code segment selector for VERW operand
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50218
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50219
- mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50229
- nilfs2: fix potential deadlock with newly created symlinks
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50232
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50233
- staging: iio: frequency: ad9832: fix division by zero in
ad9832_calc_freqreg()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50234
- wifi: iwlegacy: Clear stale interrupts before resuming device
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50236
- wifi: ath10k: Fix memory leak in management tx
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50237
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50244
- fs/ntfs3: Additional check in ni_clear()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50245
- fs/ntfs3: Fix possible deadlock in mi_read
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50247
- fs/ntfs3: Check if more than chunk-size bytes are written
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50249
- ACPI: CPPC: Make rmw_lock a raw_spin_lock
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50251
- netfilter: nft_payload: sanitize offset and length before calling
skb_checksum()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50257
- netfilter: Fix use-after-free in get_info()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50262
- bpf: Fix out-of-bounds write in trie_get_next_key()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50259
- netdevsim: Add trailing zero to terminate the string in
nsim_nexthop_bucket_activity_write()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-53042
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-53058
- net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-53059
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50141
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context
* Jammy update: v5.15.171 upstream stable release (LP: #2089405) //
CVE-2024-50086
- ksmbd: fix user-after-free from session log off
* Jammy update: v5.15.170 upstream stable release (LP: #2089272)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure
- x86/resctrl: Avoid overflow in MB settings in bw_validate()
- ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP
- RDMA/irdma: Fix misspelling of "accept*"
- ipv4: give an IPv4 dev to blackhole_netdev
- RDMA/bnxt_re: Return more meaningful error
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation
- drm/msm: Allocate memory for disp snapshot with kvzalloc()
- net: usb: usbnet: fix race in probe failure
- octeontx2-af: Fix potential integer overflows on integer shifts
- macsec: don't increment counters for an unrelated SA
- net: ethernet: aeroflex: fix potential memory leak in
greth_start_xmit_gbit()
- net/smc: Fix searching in list of known pnetids in smc_pnet_add_pnetid
- net: xilinx: axienet: fix potential memory leak in axienet_start_xmit()
- genetlink: hold RCU in genlmsg_mcast()
- s390: Initialize psw mask in perf_arch_fetch_caller_regs()
- arm64:uprobe fix the uprobe SWBP_INSN in big-endian
- KVM: s390: gaccess: Check if guest address is in memslot
- usb: gadget: Add function wakeup support
- XHCI: Separate PORT and CAPs macros into dedicated file
- usb: dwc3: core: Fix system suspend on TI AM62 platforms
- block, bfq: fix procress reference leakage for bfqq in merge chain
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to
default regs values
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit
- arm64: Force position-independent veneers
- platform/x86: dell-wmi: Ignore suspend notifications
- arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse warning
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string
- platform/x86: dell-sysman: add support for alienware products
- jfs: Fix sanity check in dbMount
- xfrm: extract dst lookup parameters into a struct
- xfrm: respect ip protocols rules criteria when performing dst lookups
- net: plip: fix break; causing plip to never transmit
- net: dsa: mv88e6xxx: Fix error when setting port policy on mv88e6393x
- net: usb: usbnet: fix name regression
- r8169: avoid unsolicited interrupts
- posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
- bpf,perf: Fix perf_event_detach_bpf_prog error handling
- ALSA: hda/realtek: Update default depop procedure
- btrfs: zoned: fix zone unusable accounting for freed reserved extent
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[]
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid
detection issue
- openat2: explicitly return -E2BIG for (usize > PAGE_SIZE)
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event
- selinux: improve error checking in sel_write_load()
- net: phy: dp83822: Fix reset pin definitions
- Linux 5.15.170
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50142
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50103
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50058
- serial: protect uart_port_dtr_rts() in uart_shutdown() too
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50110
- xfrm: fix one more kernel-infoleak in algo dumping
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50115
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50116
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50117
- drm/amd: Guard against bad data for ATIF ACPI method
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50205
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50127
- net: sched: fix use-after-free in taprio_change()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50128
- net: wwan: fix global oob in wwan_rtnl_policy
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50167
- be2net: fix potential memory leak in be_xmit()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50168
- net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50131
- tracing: Consider the NULL character when validating the event length
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50143
- udf: fix uninit-value use in udf_get_fileshortad
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50134
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real
VLA
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50010
- exec: don't WARN for racy path_noexec check
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50194
- arm64: probes: Fix uprobes for big-endian kernels
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50148
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50150
- usb: typec: altmode should keep reference to parent
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50151
- smb: client: fix OOBs when building SMB2_IOCTL request
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50153
- scsi: target: core: Fix null-ptr-deref in target_alloc_device()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50154
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50171
- net: systemport: fix potential memory leak in bcm_sysport_xmit()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50156
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs()
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50208
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50160
- ALSA: hda/cs8409: Fix possible NULL dereference
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50209
- RDMA/bnxt_re: Add a check for memory allocation
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50162
- bpf: devmap: provide rxq after redirect
* Jammy update: v5.15.170 upstream stable release (LP: #2089272) //
CVE-2024-50163
- bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
* kernel:nft "Could not process rule: Device or resource busy" on unreferenced
chain (LP: #2089699)
- SAUCE: netfilter: nf_tables: Fix EBUSY on deleting unreferenced chain
* WARN in trc_wait_for_one_reader about failed IPIs (LP: #2089373)
- SAUCE: rcu-tasks: fix mismerge in trc_inspect_reader
- rcu-tasks: Idle tasks on offline CPUs are in quiescent states
* CVE-2024-35887
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer
* CVE-2024-40965
- clk: Add a devm variant of clk_rate_exclusive_get()
- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get()
- i2c: lpi2c: Avoid calling clk_get_rate during transfer
* CVE-2024-40982
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent()
* CVE-2024-41066
- ibmvnic: Add tx check to prevent skb leak
* CVE-2024-42252
- closures: Change BUG_ON() to WARN_ON()
* CVE-2024-53097
- mm: krealloc: Fix MTE false alarm in __do_krealloc
* Add list of source files to linux-buildinfo (LP: #2086606)
- [Packaging] Sort build dependencies alphabetically
- [Packaging] Add list of used source files to buildinfo package
* UFS: uspi->s_3apb UBSAN: shift-out-of-bounds (LP: #2087853)
- ufs: ufs_sb_private_info: remove unused s_{2, 3}apb fields
* Jammy update: v5.15.169 upstream stable release (LP: #2088231)
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
- udf: New directory iteration code
- udf: Convert udf_expand_dir_adinicb() to new directory iteration
- udf: Move udf_expand_dir_adinicb() to its callsite
- udf: Implement searching for directory entry using new iteration code
- udf: Provide function to mark entry as deleted using new directory iteration
code
- udf: Convert udf_rename() to new directory iteration code
- udf: Convert udf_readdir() to new directory iteration
- udf: Convert udf_lookup() to use new directory iteration code
- udf: Convert udf_get_parent() to new directory iteration code
- udf: Convert empty_dir() to new directory iteration code
- udf: Convert udf_rmdir() to new directory iteration code
- udf: Convert udf_unlink() to new directory iteration code
- udf: Implement adding of dir entries using new iteration code
- udf: Convert udf_add_nondir() to new directory iteration
- udf: Convert udf_mkdir() to new directory iteration code
- udf: Convert udf_link() to new directory iteration code
- udf: Remove old directory iteration code
- udf: Handle error when expanding directory
- udf: Don't return bh from udf_expand_dir_adinicb()
- udf: Fix bogus checksum computation in udf_rename()
- net: enetc: remove xdp_drops statistic from enetc_xdp_drop()
- net: enetc: add missing static descriptor and inline keyword
- posix-clock: Fix missing timespec64 check in pc_clock_settime()
- arm64: probes: Remove broken LDR (literal) uprobe support
- arm64: probes: Fix simulate_ldr*_literal()
- net: macb: Avoid 20s boot delay by skipping MDIO bus registration for fixed-
link PHY
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1
- fat: fix uninitialized variable
- mm/swapfile: skip HugeTLB pages for unuse_vma
- secretmem: disable memfd_secret() if arch cannot set direct map
- dm-crypt, dm-verity: disable tasklets
- KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
- io_uring/sqpoll: do not allow pinning outside of cpuset
- io_uring/sqpoll: retain test for whether the CPU is valid
- io_uring/sqpoll: do not put cpumask on stack
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
- KVM: s390: Change virtual to physical address access in diag 0x258 handler
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag
- x86/entry: Have entry_ibpb() invalidate return predictions
- x86/bugs: Skip RSB fill at VMEXIT
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
- io_uring/sqpoll: close race on waiting for sqring entries
- drm/radeon: Fix encoder->possible_clones
- drm/vmwgfx: Handle surface check failure correctly
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: hid-sensors: Fix an error handling path in
_hid_sensor_set_report_latency()
- iio: light: veml6030: fix ALS sensor resolution
- iio: light: veml6030: fix IIO device retrieval from embedded device
- iio: light: opt3001: add missing full-scale range value
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- Bluetooth: Remove debugfs directory on module init failure
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001
- xhci: Fix incorrect stream context type macro
- xhci: Mitigate failed set dequeue pointer commands
- USB: serial: option: add support for Quectel EG916Q-GL
- USB: serial: option: add Telit FN920C04 MBIM compositions
- parport: Proper fix for array out-of-bounds access
- x86/resctrl: Annotate get_mem_config() functions as __init
- x86/apic: Always explicitly disarm TSC-deadline timer
- x86/entry_32: Do not clobber user EFLAGS.ZF
- x86/entry_32: Clear CPU buffers after register restore in NMI return
- pinctrl: ocelot: fix system hang on level based interrupts
- irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
- mptcp: track and update contiguous data status
- mptcp: handle consistently DSS corruption
- tcp: fix mptcp DSS corruption due to large pmtu xmit
- mptcp: fallback when MPTCP opts are dropped after 1st data
- mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
- mptcp: prevent MPC handshake on port-based signal endpoints
- nilfs2: propagate directory read errors from nilfs_find_entry()
- powerpc/mm: Always update max/min_low_pfn in mem_topology_setup()
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne
1000 G2
- Linux 5.15.169
Date: 2025-01-23 16:15:11.917501+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-132.143~20.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list