[ubuntu/jammy-proposed] linux-raspi 5.15.0-1042.45 (Accepted)
Andy Whitcroft
apw at canonical.com
Wed Oct 18 12:25:19 UTC 2023
linux-raspi (5.15.0-1042.45) jammy; urgency=medium
* jammy/linux-raspi: 5.15.0-1042.45 -proposed tracker (LP: #2038050)
* Include USB drivers in linux-modules (LP: #2037938)
- [Packaging] raspi: Include most USB modules in linux-modules
* Exclude DRM drivers from linux-modules (LP: #2037936)
- [Packaging] raspi: Exclude unlikely DRM modules from linux-modules
* pi-kernel snap is missing modules for microk8s/microceph on UC22
(LP: #2036747)
- [Packaging] raspi: Include rbd and vxlan modules in linux-modules
* Move nbd module into modules (from -extra) (LP: #2035373)
- [Packaging] raspi: Include nbd module in linux-modules
[ Ubuntu: 5.15.0-88.98 ]
* jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
* CVE-2023-4244
- netfilter: nf_tables: don't skip expired elements during walk
- netfilter: nf_tables: adapt set backend to use GC transaction API
- netfilter: nft_set_hash: mark set element as dead when deleting from packet
path
- netfilter: nf_tables: GC transaction API to avoid race with control plane
- netfilter: nf_tables: remove busy mark and gc batch API
- netfilter: nf_tables: don't fail inserts if duplicate has expired
- netfilter: nf_tables: fix kdoc warnings after gc rework
- netfilter: nf_tables: fix GC transaction races with netns and netlink event
exit path
- netfilter: nf_tables: GC transaction race with netns dismantle
- netfilter: nf_tables: GC transaction race with abort path
- netfilter: nf_tables: use correct lock to protect gc_list
- netfilter: nf_tables: defer gc run if previous batch is still pending
- netfilter: nft_dynset: disallow object maps
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
* CVE-2023-42756
- netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
* CVE-2023-4623
- net/sched: sch_hfsc: Ensure inner classes have fsc curve
* PCI BARs larger than 128GB are disabled (LP: #2037403)
- PCI: Support BAR sizes up to 8TB
* Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
- ALSA: hda/realtek - ALC287 I2S speaker platform support
* Check for changes relevant for security certifications (LP: #1945989)
- [Packaging] Add a new fips-checks script
* Jammy update: v5.15.126 upstream stable release (LP: #2037593)
- io_uring: gate iowait schedule on having pending requests
- perf: Fix function pointer case
- net/mlx5: Free irqs only on shutdown callback
- arm64: errata: Add workaround for TSB flush failures
- arm64: errata: Add detection for TRBE write to out-of-range
- [Config] updateconfigs for ARM64_ERRATUM_ and
ARM64_WORKAROUND_TSB_FLUSH_FAILURE
- iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
- iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
- iommu/arm-smmu-v3: Add explicit feature for nesting
- iommu/arm-smmu-v3: Document nesting-related errata
- arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
- word-at-a-time: use the same return type for has_zero regardless of
endianness
- KVM: s390: fix sthyi error handling
- wifi: cfg80211: Fix return value in scan logic
- net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
- net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
- bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
- rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
- net: dsa: fix value check in bcm_sf2_sw_probe()
- perf test uprobe_from_different_cu: Skip if there is no gcc
- net: sched: cls_u32: Fix match key mis-addressing
- mISDN: hfcpci: Fix potential deadlock on &hc->lock
- qed: Fix kernel-doc warnings
- qed: Fix scheduling in a tasklet while getting stats
- net: annotate data-races around sk->sk_max_pacing_rate
- net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
- net: add missing READ_ONCE(sk->sk_sndbuf) annotation
- net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
- net: add missing data-race annotations around sk->sk_peek_off
- net: add missing data-race annotation for sk_ll_usec
- net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
- bpf, cpumap: Handle skb as well when clean up ptr_ring
- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
- net: ll_temac: Switch to use dev_err_probe() helper
- net: ll_temac: fix error checking of irq_of_parse_and_map()
- net: korina: handle clk prepare error in korina_probe()
- net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
- net: dcb: choose correct policy to parse DCB_ATTR_BCN
- s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
- ip6mr: Fix skb_under_panic in ip6mr_cache_report()
- vxlan: Fix nexthop hash size
- net/mlx5: fs_core: Make find_closest_ft more generic
- net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
- prestera: fix fallback to previous version on same major version
- tcp_metrics: fix addr_same() helper
- tcp_metrics: annotate data-races around tm->tcpm_stamp
- tcp_metrics: annotate data-races around tm->tcpm_lock
- tcp_metrics: annotate data-races around tm->tcpm_vals[]
- tcp_metrics: annotate data-races around tm->tcpm_net
- tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
- scsi: zfcp: Defer fc_rport blocking until after ADISC response
- scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices
- libceph: fix potential hang in ceph_osdc_notify()
- USB: zaurus: Add ID for A-300/B-500/C-700
- ceph: defer stopping mdsc delayed_work
- firmware: arm_scmi: Drop OF node reference in the transport channel setup
- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
- exfat: release s_lock before calling dir_emit()
- mtd: spinand: toshiba: Fix ecc_get_status
- mtd: rawnand: meson: fix OOB available bytes for ECC
- arm64: dts: stratix10: fix incorrect I2C property for SCL signal
- wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
- rbd: prevent busy loop when requesting exclusive lock
- bpf: Disable preemption in bpf_event_output
- open: make RESOLVE_CACHED correctly test for O_TMPFILE
- drm/ttm: check null pointer before accessing when swapping
- bpf, cpumap: Make sure kthread is running before map update returns
- file: reinstate f_pos locking optimization for regular files
- fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list()
- fs/sysv: Null check to prevent null-ptr-deref bug
- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
- fs: Protect reconfiguration of sb read-write from racing writes
- ext2: Drop fragment support
- mtd: rawnand: omap_elm: Fix incorrect type in assignment
- mtd: rawnand: rockchip: fix oobfree offset and description
- mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts
- mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
- powerpc/mm/altmap: Fix altmap boundary check
- drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning
- selftests/rseq: check if libc rseq support is registered
- selftests/rseq: Play nice with binaries statically linked against glibc
2.35+
- soundwire: bus: pm_runtime_request_resume on peripheral attachment
- soundwire: fix enumeration completion
- PM / wakeirq: support enabling wake-up irq after runtime_suspend called
- PM: sleep: wakeirq: fix wake irq arming
- Linux 5.15.126
* Jammy update: v5.15.125 upstream stable release (LP: #2036843)
- ia64/cpu: Switch to arch_cpu_finalize_init()
- m68k/cpu: Switch to arch_cpu_finalize_init()
- mips/cpu: Switch to arch_cpu_finalize_init()
- sh/cpu: Switch to arch_cpu_finalize_init()
- Linux 5.15.125
- Upstream stable to v5.15.125
* CVE-2023-42755
- net/sched: Retire rsvp classifier
- [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
* CVE-2023-42753
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
ip_set_hash_netportnet.c
* CVE-2023-34319
- xen/netback: Fix buffer overrun triggered by unusual packet
* CVE-2023-5197
- netfilter: nf_tables: disallow rule removal from chain binding
* CVE-2023-4921
- net: sched: sch_qfq: Fix UAF in qfq_dequeue()
* CVE-2023-42752
- igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
* Avoid address overwrite in kernel_connect (LP: #2035163)
- net: Avoid address overwrite in kernel_connect
* NULL Pointer Dereference During KVM MMU Page Invalidation (LP: #2035166)
- KVM: x86/mmu: Track the number of TDP MMU pages, but not the actual pages
* Fix suspend hang on Lenovo workstation (LP: #2034479)
- igb: Fix igb_down hung on surprise removal
* [regression] Unable to initialize SGX enclaves with XFRM other than 3
(LP: #2034745)
- x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
* CVE-2023-4881
- netfilter: nftables: exthdr: fix 4-byte stack OOB write
* CVE-2023-4622
- af_unix: Fix null-ptr-deref in unix_stream_sendpage().
* Jammy update: v5.15.124 upstream stable release (LP: #2035400)
- jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
- KVM: s390: pv: fix index value of replaced ASCE
- io_uring: don't audit the capability check in io_uring_create()
- gpio: tps68470: Make tps68470_gpio_output() always set the initial value
- pwm: Add a stub for devm_pwmchip_add()
- gpio: mvebu: Make use of devm_pwmchip_add
- gpio: mvebu: fix irq domain leak
- btrfs: fix race between quota disable and relocation
- i2c: Delete error messages for failed memory allocations
- i2c: Improve size determinations
- i2c: nomadik: Remove unnecessary goto label
- i2c: nomadik: Use devm_clk_get_enabled()
- i2c: nomadik: Remove a useless call in the remove function
- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
- PCI/ASPM: Factor out pcie_wait_for_retrain()
- PCI/ASPM: Avoid link retraining race
- PCI: rockchip: Remove writes to unused registers
- PCI: rockchip: Fix window mapping and address translation for endpoint
- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
- dlm: cleanup plock_op vs plock_xop
- dlm: rearrange async condition return
- fs: dlm: interrupt posix locks only when process is killed
- drm/ttm: Don't print error message if eviction was interrupted
- drm/ttm: Don't leak a resource on eviction error
- n_tty: Rename tail to old_tail in n_tty_read()
- tty: fix hang on tty device with no_room set
- drm/ttm: never consider pinned BOs for eviction&swap
- cifs: missing directory in MAINTAINERS file
- cifs: use fs_context for automounts
- ksmbd: remove internal.h include
- cifs: if deferred close is disabled then close files immediately
- pwm: meson: Simplify duplicated per-channel tracking
- pwm: meson: fix handling of period/duty if greater than UINT_MAX
- tracing/probes: Add symstr type for dynamic events
- tracing/probes: Fix to avoid double count of the string length on the array
- tracing: Allow synthetic events to pass around stacktraces
- Revert "tracing: Add "(fault)" name injection to kernel probes"
- tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if
fails
- scsi: qla2xxx: Remove unused declarations for qla2xxx
- scsi: qla2xxx: Multi-que support for TMF
- scsi: qla2xxx: Fix task management cmd failure
- scsi: qla2xxx: Fix task management cmd fail due to unavailable resource
- scsi: qla2xxx: Add debug prints in the device remove path
- scsi: qla2xxx: Fix hang in task management
- drm/amdgpu: fix vkms crtc settings
- drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
- phy: qcom-snps: Use dev_err_probe() to simplify code
- phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc
- phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend
- phy: qcom-snps-femto-v2: properly enable ref clock
- soundwire: qcom: update status correctly with mask
- media: staging: atomisp: select V4L2_FWNODE
- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
- iavf: fix potential deadlock on allocation failure
- iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED
- net: phy: marvell10g: fix 88x3310 power up
- net: hns3: fix wrong tc bandwidth weight data issue
- net: hns3: fix wrong bw weight of disabled tc issue
- vxlan: move to its own directory
- vxlan: calculate correct header length for GPE
- phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
- ethernet: atheros: fix return value check in atl1e_tso_csum()
- ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
temporary address
- ice: Fix memory management in ice_ethtool_fdir.c
- bonding: reset bond's flags when down link is P2P device
- team: reset team's flags when down link is P2P device
- net: stmmac: Apply redundant write work around on 4.xx too
- platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
- igc: Fix Kernel Panic during ndo_tx_timeout callback
- netfilter: nft_set_rbtree: fix overlap expiration walk
- net/sched: mqprio: refactor nlattr parsing to a separate function
- net/sched: mqprio: add extack to mqprio_parse_nlattr()
- net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
- benet: fix return value check in be_lancer_xmit_workarounds()
- tipc: check return value of pskb_trim()
- tipc: stop tipc crypto on failure in tipc_node_create
- RDMA/mlx4: Make check for invalid flags stricter
- drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
- drm/msm/adreno: Fix snapshot BINDLESS_DATA size
- RDMA/irdma: Add missing read barriers
- RDMA/irdma: Fix data race on CQP completion stats
- RDMA/irdma: Fix data race on CQP request done
- RDMA/mthca: Fix crash when polling CQ for shared QPs
- RDMA/bnxt_re: Prevent handling any completions after qp destroy
- drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
- ASoC: fsl_spdif: Silence output on stop
- block: Fix a source code comment in include/uapi/linux/blkzoned.h
- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
- dm raid: clean up four equivalent goto tags in raid_ctr()
- dm raid: protect md_stop() with 'reconfig_mutex'
- drm/amd: Fix an error handling mistake in psp_sw_init()
- RDMA/irdma: Report correct WC error
- ata: pata_ns87415: mark ns87560_tf_read static
- ring-buffer: Fix wrong stat of cpu_buffer->read
- tracing: Fix warning in trace_buffered_event_disable()
- Revert "usb: gadget: tegra-xudc: Fix error check in
tegra_xudc_powerdomain_init()"
- usb: gadget: call usb_gadget_check_config() to verify UDC capability
- USB: gadget: Fix the memory leak in raw_gadget driver
- KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
- KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
- serial: qcom-geni: drop bogus runtime pm state update
- serial: 8250_dw: Preserve original value of DLF register
- serial: sifive: Fix sifive_serial_console_setup() section
- USB: serial: option: support Quectel EM060K_128
- USB: serial: option: add Quectel EC200A module support
- USB: serial: simple: add Kaufmann RKS+CAN VCP
- USB: serial: simple: sort driver entries
- can: gs_usb: gs_can_close(): add missing set of CAN state to
CAN_STATE_STOPPED
- Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
- usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
- usb: dwc3: don't reset device side if dwc3 was configured as host-only
- usb: ohci-at91: Fix the unhandle interrupt when resume
- USB: quirks: add quirk for Focusrite Scarlett
- usb: cdns3: fix incorrect calculation of ep_buf_size when more than one
config
- usb: xhci-mtk: set the dma max_seg_size
- Revert "usb: xhci: tegra: Fix error check"
- Documentation: security-bugs.rst: update preferences when dealing with the
linux-distros group
- Documentation: security-bugs.rst: clarify CVE handling
- staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
- staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
- tty: n_gsm: fix UAF in gsm_cleanup_mux
- Revert "xhci: add quirk for host controllers that don't update endpoint DCS"
- ALSA: hda/relatek: Enable Mute LED on HP 250 G8
- hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature
- hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
- btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
- btrfs: check for commit error at btrfs_attach_transaction_barrier()
- file: always lock position for FMODE_ATOMIC_POS
- nfsd: Remove incorrect check in nfsd4_validate_stateid
- tpm_tis: Explicitly check for error code
- irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
- irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation
- locking/rtmutex: Fix task->pi_waiters integrity
- KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid
- virtio-net: fix race between set queues and probe
- s390/dasd: fix hanging device after quiesce/resume
- ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
- ceph: never send metrics if disable_send_metrics is set
- dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
- rbd: make get_lock_owner_info() return a single locker or NULL
- rbd: harden get_lock_owner_info() a bit
- rbd: retrieve and check lock owner twice before blocklisting
- tracing: Fix trace_event_raw_event_synth() if else statement
- ACPI: processor: perflib: Use the "no limit" frequency QoS
- ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
- cpufreq: intel_pstate: Drop ACPI _PSS states table patching
- selftests: mptcp: sockopt: use 'iptables-legacy' if available
- io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
- ASoC: cs42l51: fix driver to properly autoload with automatic module loading
- selftests: mptcp: join: only check for ip6tables if needed
- Linux 5.15.124
* Jammy update: v5.15.123 upstream stable release (LP: #2034612)
- ALSA: hda/realtek - remove 3k pull low procedure
- ALSA: hda/realtek: Add quirk for Clevo NS70AU
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
- keys: Fix linking a duplicate key to a keyring's assoc_array
- perf probe: Add test for regression introduced by switch to
die_get_decl_file()
- btrfs: fix warning when putting transaction with qgroups enabled after abort
- fuse: revalidate: don't invalidate if interrupted
- btrfs: zoned: fix memory leak after finding block group with super blocks
- fuse: ioctl: translate ENOSYS in outarg
- selftests: tc: set timeout to 15 minutes
- selftests: tc: add 'ct' action kconfig dep
- regmap: Drop initial version of maximum transfer length fixes
- regmap: Account for register length in SMBus I/O limits
- can: bcm: Fix UAF in bcm_proc_show()
- selftests: tc: add ConnTrack procfs kconfig
- drm/client: Fix memory leak in drm_client_target_cloned
- drm/client: Fix memory leak in drm_client_modeset_probe
- drm/amd/display: Disable MPC split by default on special asic
- drm/amd/display: Keep PHY active for DP displays on DCN31
- ASoC: fsl_sai: Disable bit clock with transmitter
- ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
- ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
- ASoC: codecs: wcd938x: fix resource leaks on component remove
- ASoC: codecs: wcd938x: fix missing mbhc init error handling
- ASoC: codecs: wcd934x: fix resource leaks on component remove
- ASoC: codecs: wcd938x: fix codec initialisation race
- ASoC: codecs: wcd938x: fix soundwire initialisation race
- ext4: correct inline offset when handling xattrs in inode body
- drm/radeon: Fix integer overflow in radeon_cs_parser_init
- ALSA: emu10k1: roll up loops in DSP setup code for Audigy
- quota: Properly disable quotas when add_dquot_ref() fails
- quota: fix warning in dqgrab()
- udf: Fix uninitialized array access for some pathnames
- fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
- MIPS: dec: prom: Address -Warray-bounds warning
- FS: JFS: Fix null-ptr-deref Read in txBegin
- FS: JFS: Check for read-only mounted filesystem in txBegin
- spi: bcm63xx: fix max prepend length
- fbdev: imxfb: warn about invalid left/right margin
- perf build: Fix library not found error when using CSLIBS
- pinctrl: amd: Use amd_pinconf_set() for all config options
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
- bridge: Add extack warning when enabling STP in netns.
- ethernet: use eth_hw_addr_set() instead of ether_addr_copy()
- of: net: add a helper for loading netdev->dev_addr
- ethernet: use of_get_ethdev_address()
- net: ethernet: mtk_eth_soc: handle probe deferral
- net: sched: cls_bpf: Undo tcf_bind_filter in case of an error
- iavf: Fix use-after-free in free_netdev
- iavf: Fix out-of-bounds when setting channels on remove
- security: keys: Modify mismatched function name
- octeontx2-pf: Dont allocate BPIDs for LBK interfaces
- bpf: Fix subprog idx logic in check_max_stack_depth
- igc: Prevent garbled TX queue with XDP ZEROCOPY
- tcp: annotate data-races around tcp_rsk(req)->ts_recent
- net: ipv4: Use kfree_sensitive instead of kfree
- net:ipv6: check return value of pskb_trim()
- Revert "tcp: avoid the lookup process failing to get sk in ehash table"
- fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
- llc: Don't drop packet from non-root netns.
- netfilter: nf_tables: fix spurious set element insertion failure
- netfilter: nf_tables: skip bound chain in netns release path
- tcp: annotate data-races around tp->tcp_tx_delay
- tcp: annotate data-races around tp->keepalive_time
- tcp: annotate data-races around tp->keepalive_intvl
- tcp: annotate data-races around tp->keepalive_probes
- tcp: annotate data-races around icsk->icsk_syn_retries
- tcp: annotate data-races around tp->linger2
- tcp: annotate data-races around rskq_defer_accept
- tcp: annotate data-races around tp->notsent_lowat
- tcp: annotate data-races around icsk->icsk_user_timeout
- tcp: annotate data-races around fastopenq.max_qlen
- net: phy: prevent stale pointer dereference in phy_init()
- jbd2: recheck chechpointing non-dirty buffer
- tracing/histograms: Return an error if we fail to add histogram to hist_vars
list
- nixge: fix mac address error handling again
- Linux 5.15.123
* allow io_uring to be disabled in runtime (LP: #2035116)
- io_uring: add a sysctl to disable io_uring system-wide
* CVE-2023-31083
- Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO
* CVE-2023-3772
- xfrm: add NULL check in xfrm_update_ae_params
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
linux-raspi (5.15.0-1041.44) jammy; urgency=medium
* jammy/linux-raspi: 5.15.0-1041.44 -proposed tracker (LP: #2038204)
[ Ubuntu: 5.15.0-87.97 ]
* jammy/linux: 5.15.0-87.97 -proposed tracker (LP: #2038209)
* CVE-2023-4623
- net/sched: sch_hfsc: Ensure inner classes have fsc curve
* CVE-2023-42755
- net/sched: Retire rsvp classifier
- [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
* CVE-2023-34319
- xen/netback: Fix buffer overrun triggered by unusual packet
* CVE-2023-4921
- net: sched: sch_qfq: Fix UAF in qfq_dequeue()
* CVE-2023-42752
- igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
* CVE-2023-4622
- af_unix: Fix null-ptr-deref in unix_stream_sendpage().
* CVE-2023-4244
- netfilter: nft_set_rbtree: fix overlap expiration walk
- netfilter: nf_tables: don't skip expired elements during walk
- netfilter: nf_tables: adapt set backend to use GC transaction API
- netfilter: nft_set_hash: mark set element as dead when deleting from packet
path
- netfilter: nf_tables: GC transaction API to avoid race with control plane
- netfilter: nf_tables: remove busy mark and gc batch API
- netfilter: nf_tables: don't fail inserts if duplicate has expired
- netfilter: nf_tables: fix kdoc warnings after gc rework
- netfilter: nf_tables: fix GC transaction races with netns and netlink event
exit path
- netfilter: nf_tables: GC transaction race with netns dismantle
- netfilter: nf_tables: GC transaction race with abort path
- netfilter: nf_tables: use correct lock to protect gc_list
- netfilter: nf_tables: defer gc run if previous batch is still pending
- netfilter: nft_dynset: disallow object maps
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
* CVE-2023-42756
- netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
* CVE-2023-42753
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
ip_set_hash_netportnet.c
* CVE-2023-5197
- netfilter: nf_tables: skip bound chain in netns release path
- netfilter: nf_tables: disallow rule removal from chain binding
* CVE-2023-4881
- netfilter: nftables: exthdr: fix 4-byte stack OOB write
Date: 2023-10-12 09:14:09.292338+00:00
Changed-By: Juerg Haefliger <juerg.haefliger at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1042.45
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list