[ubuntu/jammy-security] linux-allwinner-5.17 5.17.0-1007.7 (Accepted)

[Andy Whitcroft]

linux-allwinner-5.17 (5.17.0-1007.7) jammy; urgency=medium

  [ Ubuntu: 5.17.0-10.10~22.04.8 ]

  * CVE-2022-2602
    - SAUCE: io_uring/af_unix: defer registered files gc to io_uring release
    - SAUCE: io_uring/af_unix: fix memleak during unix GC
  * CVE-2022-41674
    - SAUCE: wifi: cfg80211: fix u8 overflow in
      cfg80211_update_notlisted_nontrans()
    - SAUCE: wifi: cfg80211/mac80211: reject bad MBSSID elements
    - SAUCE: wifi: cfg80211: ensure length byte is present before access
    - SAUCE: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - SAUCE: wifi: cfg80211: update hidden BSSes to avoid WARN_ON
  * CVE-2022-42722
    - SAUCE: wifi: mac80211: fix crash in beacon protection for P2P-device
  * CVE-2022-42721
    - SAUCE: wifi: cfg80211: avoid nontransmitted BSS list corruption
  * CVE-2022-42720
    - SAUCE: wifi: cfg80211: fix BSS refcounting bugs
  * CVE-2022-42719
    - SAUCE: wifi: mac80211: fix MBSSID parsing use-after-free
  * CVE-2022-2318
    - net: rose: fix UAF bugs caused by timer handler
  * CVE-2022-3028
    - af_key: Do not call xfrm_probe_algs in parallel
  * CVE-2022-40768
    - scsi: stex: Properly zero out the passthrough command structure
  * CVE-2022-2978
    - SAUCE: fs: fix UAF/GPF bug in nilfs_mdt_destroy

Date: 2022-10-14 14:29:44.745976+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-allwinner-5.17/5.17.0-1007.7
-------------- next part --------------
Sorry, changesfile not available.