[ubuntu/jammy-security] linux-gke 5.15.0-1048.53 (Accepted)

Andy Whitcroft apw at canonical.com
Mon Dec 11 13:33:45 UTC 2023


linux-gke (5.15.0-1048.53) jammy; urgency=medium

  * jammy/linux-gke: 5.15.0-1048.53 -proposed tracker (LP: #2041572)

  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules

  [ Ubuntu: 5.15.0-91.101 ]

  * jammy/linux: 5.15.0-91.101 -proposed tracker (LP: #2043452)
  * USB bus error after upgrading to proposed kernel on lunar and jammy
    (LP: #2043197)
    - USB: core: Fix oversight in SuperSpeed initialization

  [ Ubuntu: 5.15.0-90.100 ]

  * jammy/linux: 5.15.0-90.100 -proposed tracker (LP: #2041603)
  * CVE-2023-25775
    - RDMA/irdma: Remove irdma_uk_mw_bind()
    - RDMA/irdma: Remove irdma_sc_send_lsmm_nostag()
    - RDMA/irdma: Remove irdma_cqp_up_map_cmd()
    - RDMA/irdma: Remove irdma_get_hw_addr()
    - RDMA/irdma: Make irdma_uk_cq_init() return a void
    - RDMA/irdma: optimize rx path by removing unnecessary copy
    - RDMA/irdma: Remove enum irdma_status_code
    - RDMA/irdma: Remove excess error variables
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read
  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-39193
    - netfilter: xt_sctp: validate the flag_info count
  * CVE-2023-39192
    - netfilter: xt_u32: validate user space input
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads
  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup
  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * HP ProBook 450 G8 Notebook fail to wifi test (LP: #2037513)
    - iwlwifi: mvm: Don't fail if PPAG isn't supported
    - wifi: iwlwifi: fw: skip PPAG for JF
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * scripts/pahole-flags.sh change return to exit 0 (LP: #2035123)
    - SAUCE: scripts/pahole-flags.sh change return to exit 0
  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe
  * Jammy update: v5.15.131 upstream stable release (LP: #2039610)
    - erofs: ensure that the post-EOF tails are all zeroed
    - ksmbd: fix wrong DataOffset validation of create context
    - ksmbd: replace one-element array with flex-array member in struct
      smb2_ea_info
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - ALSA: usb-audio: Fix init call orders for UAC1
    - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
    - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
    - HID: wacom: remove the battery when the EKR is off
    - staging: rtl8712: fix race condition
    - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
      condition
    - wifi: mt76: mt7921: do not support one stream on secondary antenna only
    - serial: qcom-geni: fix opp vote on shutdown
    - serial: sc16is7xx: fix broken port 0 uart init
    - serial: sc16is7xx: fix bug when first setting GPIO direction
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
    - tcpm: Avoid soft reset when partner does not support get_status
    - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
    - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
    - pinctrl: amd: Don't show `Invalid config param` errors
    - usb: typec: tcpci: move tcpci.h to include/linux/usb/
    - usb: typec: tcpci: clear the fault status bit
    - Linux 5.15.131
  * Jammy update: v5.15.130 upstream stable release (LP: #2039608)
    - ACPI: thermal: Drop nocrt parameter
    - module: Expose module_init_layout_section()
    - arm64: module-plts: inline linux/moduleloader.h
    - arm64: module: Use module_init_layout_section() to spot init sections
    - ARM: module: Use module_init_layout_section() to spot init sections
    - rcu: Prevent expedited GP from enabling tick on offline CPU
    - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
    - rcu-tasks: Wait for trc_read_check_handler() IPIs
    - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
    - Linux 5.15.130
  * CVE-2023-42754
    - ipv4: fix null-deref in ipv4_link_failure
  * Jammy update: v5.15.129 upstream stable release (LP: #2039227)
    - NFSv4.2: fix error handling in nfs42_proc_getxattr
    - NFSv4: fix out path in __nfs4_get_acl_uncached
    - xprtrdma: Remap Receive buffers after a reconnect
    - PCI: acpiphp: Reassign resources on bridge if necessary
    - dlm: improve plock logging if interrupted
    - dlm: replace usage of found with dedicated list iterator variable
    - fs: dlm: add pid to debug log
    - fs: dlm: change plock interrupted message to debug again
    - fs: dlm: use dlm_plock_info for do_unlock_close
    - fs: dlm: fix mismatch of plock results from userspace
    - MIPS: cpu-features: Enable octeon_cache by cpu_type
    - MIPS: cpu-features: Use boot_cpu_type for CPU type based features
    - fbdev: Improve performance of sys_imageblit()
    - fbdev: Fix sys_imageblit() for arbitrary image widths
    - fbdev: fix potential OOB read in fast_imageblit()
    - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
    - jbd2: remove t_checkpoint_io_list
    - jbd2: remove journal_clean_one_cp_list()
    - jbd2: fix a race when checking checkpoint buffer busy
    - can: raw: fix receiver memory leak
    - drm/amd/display: do not wait for mpc idle if tg is disabled
    - drm/amd/display: check TG is non-null before checking if enabled
    - can: raw: fix lockdep issue in raw_release()
    - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
    - tracing: Fix memleak due to race between current_tracer and trace
    - octeontx2-af: SDP: fix receive link config
    - sock: annotate data-races around prot->memory_pressure
    - dccp: annotate data-races in dccp_poll()
    - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
    - net: bgmac: Fix return value check for fixed_phy_register()
    - net: bcmgenet: Fix return value check for fixed_phy_register()
    - net: validate veth and vxcan peer ifindexes
    - ice: fix receive buffer size miscalculation
    - igb: Avoid starting unnecessary workqueues
    - igc: Fix the typo in the PTM Control macro
    - net/sched: fix a qdisc modification with ambiguous command request
    - netfilter: nf_tables: flush pending destroy work before netlink notifier
    - netfilter: nf_tables: fix out of memory error handling
    - rtnetlink: return ENODEV when ifname does not exist and group is given
    - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
    - net: remove bond_slave_has_mac_rcu()
    - bonding: fix macvlan over alb bond support
    - net/ncsi: make one oem_gma function for all mfr id
    - net/ncsi: change from ndo_set_mac_address to dev_set_mac_address
    - ibmveth: Use dcbf rather than dcbfl
    - NFSv4: Fix dropped lock for racing OPEN and delegation return
    - clk: Fix slab-out-of-bounds error in devm_clk_release()
    - ALSA: ymfpci: Fix the missing snd_card_free() call at probe error
    - mm: add a call to flush_cache_vmap() in vmap_pfn()
    - NFS: Fix a use after free in nfs_direct_join_group()
    - nfsd: Fix race to FREE_STATEID and cl_revoked
    - selinux: set next pointer before attaching to list
    - batman-adv: Trigger events for auto adjusted MTU
    - batman-adv: Don't increase MTU when set by user
    - batman-adv: Do not get eth header before batadv_check_management_packet
    - batman-adv: Fix TT global entry leak when client roamed back
    - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
    - batman-adv: Hold rtnl lock during MTU update via netlink
    - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
    - radix tree: remove unused variable
    - of: unittest: Fix EXPECT for parse_phandle_with_args_map() test
    - of: dynamic: Refactor action prints to not use "%pOF" inside devtree_lock
    - media: vcodec: Fix potential array out-of-bounds in encoder queue_setup
    - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root
      bus
    - drm/vmwgfx: Fix shader stage validation
    - drm/display/dp: Fix the DP DSC Receiver cap size
    - x86/fpu: Invalidate FPU state correctly on exec()
    - nfs: use vfs setgid helper
    - nfsd: use vfs setgid helper
    - torture: Fix hang during kthread shutdown phase
    - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
    - sched/cpuset: Bring back cpuset_mutex
    - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
    - cgroup/cpuset: Iterate only if DEADLINE tasks are present
    - sched/deadline: Create DL BW alloc, free & check overflow interface
    - cgroup/cpuset: Free DL BW in case can_attach() fails
    - drm/i915: Fix premature release of request's reusable memory
    - can: raw: add missing refcount for memory leak fix
    - scsi: snic: Fix double free in snic_tgt_create()
    - scsi: core: raid_class: Remove raid_component_add()
    - clk: Fix undefined reference to `clk_rate_exclusive_{get,put}'
    - pinctrl: renesas: rza2: Add lock around
      pinctrl_generic{{add,remove}_group,{add,remove}_function}
    - dma-buf/sw_sync: Avoid recursive lock during fence signal
    - mm: memory-failure: kill soft_offline_free_page()
    - mm: memory-failure: fix unexpected return value in soft_offline_page()
    - mm,ima,kexec,of: use memblock_free_late from ima_free_kexec_buffer
    - Linux 5.15.129
  * Jammy update: v5.15.128 upstream stable release (LP: #2038486)
    - mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
    - selftests: forwarding: tc_actions: cleanup temporary files when test is
      aborted
    - selftests: forwarding: tc_actions: Use ncat instead of nc
    - macsec: Fix traffic counters/statistics
    - macsec: use DEV_STATS_INC()
    - net/tls: Perform immediate device ctx cleanup when possible
    - net/tls: Multi-threaded calls to TX tls_dev_del
    - net: tls: avoid discarding data on record close
    - PCI: tegra194: Fix possible array out of bounds access
    - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings
    - iopoll: Call cpu_relax() in busy loops
    - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion
    - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
    - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL
      Keyboard
    - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
    - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
    - ovl: check type and offset of struct vfsmount in ovl_entry
    - smb: client: fix warning in cifs_smb3_do_mount()
    - media: v4l2-mem2mem: add lock to protect parameter num_rdy
    - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
    - media: platform: mediatek: vpu: fix NULL ptr dereference
    - thunderbolt: Read retimer NVM authentication status prior
      tb_retimer_set_inbound_sbtx()
    - usb: chipidea: imx: don't request QoS for imx8ulp
    - usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
    - gfs2: Fix possible data races in gfs2_show_options()
    - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
    - firewire: net: fix use after free in fwnet_finish_incoming_packet()
    - watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub)
    - Bluetooth: L2CAP: Fix use-after-free
    - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
    - drm/amdgpu: Fix potential fence use-after-free v2
    - fs/ntfs3: Enhance sanity check while generating attr_list
    - fs: ntfs3: Fix possible null-pointer dereferences in mi_read()
    - fs/ntfs3: Mark ntfs dirty when on-disk struct is corrupted
    - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
    - ALSA: hda: fix a possible null-pointer dereference due to data race in
      snd_hdac_regmap_sync()
    - powerpc/kasan: Disable KCOV in KASAN code
    - ring-buffer: Do not swap cpu_buffer during resize process
    - iio: add addac subdirectory
    - iio: adc: stx104: Utilize iomap interface
    - iio: adc: stx104: Implement and utilize register structures
    - iio: stx104: Move to addac subdirectory
    - iio: addac: stx104: Fix race condition for stx104_write_raw()
    - iio: addac: stx104: Fix race condition when converting analog-to-digital
    - igc: read before write to SRRCTL register
    - ARM: dts: aspeed: asrock: Correct firmware flash SPI clocks
    - drm/amd/display: save restore hdcp state when display is unplugged from mst
      hub
    - drm/amd/display: phase3 mst hdcp for multiple displays
    - drm/amd/display: fix access hdcp_workqueue assert
    - usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect
    - usb: dwc3: Remove DWC3 locking during gadget suspend/resume
    - usb: dwc3: Fix typos in gadget.c
    - USB: dwc3: gadget: drop dead hibernation code
    - usb: dwc3: gadget: Improve dwc3_gadget_suspend() and dwc3_gadget_resume()
    - tty: serial: fsl_lpuart: Add i.MXRT1050 support
    - tty: serial: fsl_lpuart: make rx_watermark configurable for different
      platforms
    - tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A
    - USB: dwc3: qcom: fix NULL-deref on suspend
    - USB: dwc3: fix use-after-free on core driver unbind
    - mmc: bcm2835: fix deferred probing
    - mmc: sunxi: fix deferred probing
    - ARM: dts: imx6sll: fixup of operating points
    - ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node
    - btrfs: move out now unused BG from the reclaim list
    - virtio-mmio: don't break lifecycle of vm_dev
    - vduse: Use proper spinlock for IRQ injection
    - cifs: fix potential oops in cifs_oplock_break
    - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
    - i2c: hisi: Only handle the interrupt of the driver's transfer
    - fbdev: mmp: fix value check in mmphw_probe()
    - powerpc/rtas_flash: allow user copy to flash block cache objects
    - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
    - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
      platforms
    - btrfs: fix BUG_ON condition in btrfs_cancel_balance
    - i2c: designware: Correct length byte validation logic
    - i2c: designware: Handle invalid SMBus block data response length value
    - net: xfrm: Fix xfrm_address_filter OOB read
    - net: af_key: fix sadb_x_filter validation
    - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
    - xfrm: fix slab-use-after-free in decode_session6
    - ip6_vti: fix slab-use-after-free in decode_session6
    - ip_vti: fix potential slab-use-after-free in decode_session6
    - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH
    - net: phy: fix IRQ-based wake-on-lan over hibernate / power off
    - selftests: mirror_gre_changes: Tighten up the TTL test match
    - drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs
    - netfilter: nf_tables: fix false-positive lockdep splat
    - ipvs: fix racy memcpy in proc_do_sync_threshold
    - net: phy: broadcom: stub c45 read/write for 54810
    - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - iavf: fix FDIR rule fields masks validation
    - i40e: fix misleading debug logs
    - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
    - sock: Fix misuse of sk_under_memory_pressure()
    - net: do not allow gso_size to be set to GSO_BY_FRAGS
    - bus: ti-sysc: Flush posted write on enable before reset
    - arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict
    - ARM: dts: imx: Set default tuning step for imx6sx usdhc
    - ASoC: rt5665: add missed regulator_bulk_disable
    - ASoC: meson: axg-tdm-formatter: fix channel slot allocation
    - soc: aspeed: socinfo: Add kfree for kstrdup
    - ALSA: hda/realtek - Remodified 3k pull low procedure
    - riscv: uaccess: Return the number of bytes effectively not copied
    - serial: 8250: Fix oops for port->pm on uart_change_pm()
    - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
      interfaces.
    - cifs: Release folio lock on fscache read hit.
    - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
    - mmc: block: Fix in_flight[issue_type] value error
    - drm/qxl: fix UAF on handle creation
    - drm/amd: flush any delayed gfxoff on suspend entry
    - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
      state
    - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4
    - virtio-net: set queues after driver_ok
    - net: fix the RTO timer retransmitting skb every 1ms if linear option is
      enabled
    - mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
    - Linux 5.15.128
  * Jammy update: v5.15.127 upstream stable release (LP: #2038382)
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - riscv,mmio: Fix readX()-to-delay() ordering
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - bpf: allow precision tracking for programs with subprogs
    - bpf: stop setting precise in current state
    - bpf: aggressively forget precise markings during state checkpointing
    - selftests/bpf: make test_align selftest more robust
    - selftests/bpf: Workaround verification failure for
      fexit_bpf2bpf/func_replace_return_code
    - selftests/bpf: Fix sk_assign on s390x
    - io_uring: correct check for O_TMPFILE
    - iio: cros_ec: Fix the allocation size for cros_ec_command
    - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match
    - binder: fix memory leak in binder_init()
    - misc: rtsx: judge ASPM Mode to set PETXCFG Reg
    - usb-storage: alauda: Fix uninit-value in alauda_check_media()
    - usb: dwc3: Properly handle processing of pending events
    - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none
    - usb: typec: tcpm: Fix response to vsafe0V event
    - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
    - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines
    - x86/speculation: Add cpu_show_gds() prototype
    - x86: Move gds_ucode_mitigated() declaration to header
    - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
    - selftests/rseq: Fix build with undefined __weak
    - selftests: forwarding: Add a helper to skip test when using veth pairs
    - selftests: forwarding: ethtool: Skip when using veth pairs
    - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs
    - selftests: forwarding: Skip test when no interfaces are specified
    - selftests: forwarding: Switch off timeout
    - selftests: forwarding: tc_flower: Relax success criterion
    - net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
    - bpf, sockmap: Fix map type error in sock_map_del_link
    - bpf, sockmap: Fix bug that strp_done cannot be called
    - mISDN: Update parameter type of dsp_cmx_send()
    - net/packet: annotate data-races around tp->status
    - tunnels: fix kasan splat when generating ipv4 pmtu error
    - xsk: fix refcount underflow in error path
    - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - dccp: fix data-race around dp->dccps_mss_cache
    - drivers: net: prevent tun_build_skb() to exceed the packet size limit
    - iavf: fix potential races for FDIR filters
    - IB/hfi1: Fix possible panic during hotplug remove
    - drm/rockchip: Don't spam logs in atomic check
    - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
    - RDMA/umem: Set iova in ODP flow
    - net: phy: at803x: remove set/get wol callbacks for AR8032
    - net: hns3: refactor hclge_mac_link_status_wait for interface reuse
    - net: hns3: add wait until mac link down
    - nexthop: Fix infinite nexthop dump when using maximum nexthop ID
    - nexthop: Make nexthop bucket dump more efficient
    - nexthop: Fix infinite nexthop bucket dump when using maximum nexthop ID
    - dmaengine: mcf-edma: Fix a potential un-allocated memory access
    - net/mlx5: Allow 0 for total host VFs
    - net/mlx5: Skip clock update work when device is in error state
    - ibmvnic: Enforce stronger sanity checks on login response
    - ibmvnic: Unmap DMA login rsp buffer on send login fail
    - ibmvnic: Handle DMA unmapping of login buffs in release functions
    - btrfs: don't stop integrity writeback too early
    - btrfs: exit gracefully if reloc roots don't match
    - btrfs: reject invalid reloc tree root keys with stack dump
    - btrfs: set cache_block_group_error if we find an error
    - nvme-tcp: fix potential unbalanced freeze & unfreeze
    - nvme-rdma: fix potential unbalanced freeze & unfreeze
    - netfilter: nf_tables: report use refcount overflow
    - scsi: core: Fix legacy /proc parsing buffer overflow
    - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
    - scsi: 53c700: Check that command slot is not NULL
    - scsi: snic: Fix possible memory leak if device_add() fails
    - scsi: core: Fix possible memory leak if device_add() fails
    - scsi: fnic: Replace return codes in fnic_clean_pending_aborts()
    - scsi: qedi: Fix firmware halt over suspend and resume
    - scsi: qedf: Fix firmware halt over suspend and resume
    - alpha: remove __init annotation from exported page_is_ram()
    - sch_netem: fix issues in netem_change() vs get_dist_table()
    - tick: Detect and fix jiffies update stall
    - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the tick
      is stopped
    - timers/nohz: Last resort update jiffies on nohz_full IRQ entry
    - Linux 5.15.127
    - Upstream stable to v5.15.127
  * CVE-2023-37453
    - USB: core: Unite old scheme and new scheme descriptor reads
    - USB: core: Change usb_get_device_descriptor() API
    - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

Date: 2023-11-28 00:35:09.260765+00:00
Changed-By: Portia Stephens <portia.stephens at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1048.53
-------------- next part --------------
Sorry, changesfile not available.


More information about the jammy-changes mailing list