[ubuntu/jammy-security] linux-riscv-6.8 6.8.0-107.107~22.04.1 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue Apr 7 23:08:30 UTC 2026
linux-riscv-6.8 (6.8.0-107.107~22.04.1) jammy; urgency=medium
* jammy/linux-riscv-6.8: 6.8.0-107.107~22.04.1 -proposed tracker (LP: #2144266)
[ Ubuntu: 6.8.0-107.107 ]
* noble/linux: 6.8.0-107.107 -proposed tracker (LP: #2144267)
* CVE-2026-23074
- net/sched: Enforce that teql can only be used as root qdisc
* CVE-2026-23060
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN
spec
* CVE-2026-23111
- netfilter: nf_tables: fix inverted genmask check in
nft_map_catchall_activate()
[ Ubuntu: 6.8.0-106.106 ]
* Miscellaneous upstream changes
- apparmor: validate DFA start states are in bounds in unpack_pdb
- apparmor: fix memory leak in verify_header
- apparmor: replace recursive profile removal with iterative approach
- apparmor: fix: limit the number of levels of policy namespaces
- apparmor: fix side-effect bug in match_char() macro usage
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
- apparmor: Fix double free of ns_name in aa_replace_profiles()
- apparmor: fix unprivileged local user can do privileged policy
management
- apparmor: fix differential encoding verification
- apparmor: fix race on rawdata dereference
- apparmor: fix race between freeing data and fs accessing it
Date: 2026-03-19 10:54:11.740668+00:00
Changed-By: Sarah Emery <sarah.emery at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-riscv-6.8/6.8.0-107.107~22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list