canonical-hw-cert team mailing list archive
-
canonical-hw-cert team
-
Mailing list archive
-
Message #160642
[Bug 2033856] Re: focal/linux-iot: 5.4.0-1023.24 -proposed tracker
This bug was fixed in the package linux-iot - 5.4.0-1023.24
---------------
linux-iot (5.4.0-1023.24) focal; urgency=medium
* focal/linux-iot: 5.4.0-1023.24 -proposed tracker (LP: #2033856)
* Please enable Renesas RZ platform serial installer (LP: #2022361)
- [Config] iot: Disable hihope RZ/G2M serial console
* Focal update: v5.4.248 upstream stable release (LP: #2031121)
- [Config] iot: updateconfigs for DECNET
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
[ Ubuntu: 5.4.0-164.181 ]
* focal/linux: 5.4.0-164.181 -proposed tracker (LP: #2033867)
* Please enable Renesas RZ platform serial installer (LP: #2022361)
- [Config] enable hihope RZ/G2M serial console
* Azure: hv_netvsc: add support for vlans in AF_PACKET mode (LP: #2030872)
- hv_netvsc: add support for vlans in AF_PACKET mode
* systemd mount units fail during boot, while file system is correctly mounted
(LP: #1837227)
- list: introduce list_for_each_continue()
- proc/mounts: add cursor
* CVE-2023-40283
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
* CVE-2023-20588
- x86/bugs: Increase the x86 bugs vector size to two u32s
- x86/CPU/AMD: Do not leak quotient data after a division by 0
- x86/CPU/AMD: Fix the DIV(0) initial fix attempt
* CVE-2023-4194
- net: tun_chr_open(): set sk_uid from current_fsuid()
- net: tap_open(): set sk_uid from current_fsuid()
* CVE-2023-1206
- tcp: Reduce chance of collisions in inet6_hashfn().
* CVE-2021-4001
- bpf: Fix toctou on read-only map's constant scalar tracking
* Focal update: v5.4.248 upstream stable release (LP: #2031121)
- test_firmware: fix a memory leak with reqs buffer
- KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
- dasd: refactor dasd_ioctl_information
- s390/dasd: Use correct lock while counting channel queue length
- power: supply: ab8500: Fix external_power_changed race
- power: supply: sc27xx: Fix external_power_changed race
- power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
schedule()
- ARM: dts: vexpress: add missing cache properties
- power: supply: Ratelimit no data debug output
- platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
- regulator: Fix error checking for debugfs_create_dir
- irqchip/meson-gpio: Mark OF related data as maybe unused
- power: supply: Fix logic checking if system is running from battery
- btrfs: handle memory allocation failure in btrfs_csum_one_bio
- parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
- parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
- MIPS: Alchemy: fix dbdma2
- mips: Move initrd_start check after initrd address sanitisation.
- xen/blkfront: Only check REQ_FUA for writes
- drm:amd:amdgpu: Fix missing buffer object unlock in failure path
- ocfs2: fix use-after-free when unmounting read-only filesystem
- ocfs2: check new file size on fallocate call
- nios2: dts: Fix tse_mac "max-frame-size" property
- nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
- nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
- kexec: support purgatories with .text.hot sections
- powerpc/purgatory: remove PGO flags
- nouveau: fix client work fence deletion race
- RDMA/uverbs: Restrict usage of privileged QKEYs
- net: usb: qmi_wwan: add support for Compal RXM-G1
- ALSA: hda/realtek: Add a quirk for Compaq N14JP6
- Remove DECnet support from kernel
- [Config] updateconfigs for DECNET
- USB: serial: option: add Quectel EM061KGL series
- serial: lantiq: add missing interrupt ack
- usb: dwc3: gadget: Reset num TRBs before giving back the request
- spi: spi-fsl-dspi: Remove unused chip->void_write_data
- spi: fsl-dspi: avoid SCK glitches with continuous transfers
- netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
- ping6: Fix send to link-local addresses with VRF.
- RDMA/rxe: Remove the unused variable obj
- RDMA/rxe: Removed unused name from rxe_task struct
- RDMA/rxe: Fix the use-before-initialization error of resp_pkts
- iavf: remove mask from iavf_irq_enable_queues()
- IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
- IB/isert: Fix dead lock in ib_isert
- IB/isert: Fix possible list corruption in CMA handler
- IB/isert: Fix incorrect release of isert connection
- ipvlan: fix bound dev checking for IPv6 l3s mode
- sctp: fix an error code in sctp_sf_eat_auth()
- igb: fix nvm.ops.read() error handling
- drm/nouveau/dp: check for NULL nv_connector->native_mode
- drm/nouveau/kms: Don't change EDID when it hasn't actually changed
- drm/nouveau: add nv_encoder pointer check for NULL
- net/sched: cls_api: Fix lockup on flushing explicitly created chain
- net: lapbether: only support ethernet devices
- net: tipc: resize nlattr array to correct size
- selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
- afs: Fix vlserver probe RTT handling
- neighbour: Remove unused inline function neigh_key_eq16()
- net: Remove unused inline function dst_hold_and_use()
- neighbour: delete neigh_lookup_nodev as not used
- drm/nouveau/kms: Fix NULL pointer dereference in
nouveau_connector_detect_depth
- mmc: block: ensure error propagation for non-blk
- Linux 5.4.248
* Focal update: v5.4.247 upstream stable release (LP: #2030818)
- blk-iocost: avoid 64-bit division in ioc_timer_fn
- block/blk-iocost (gcc13): keep large values in a new enum
- i40iw: fix build warning in i40iw_manage_apbvt()
- i40e: fix build warnings in i40e_alloc.h
- spi: qup: Request DMA before enabling clocks
- neighbour: Replace zero-length array with flexible-array member
- neighbour: fix unaligned access to pneigh_entry
- net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
- Bluetooth: Fix l2cap_disconnect_req deadlock
- Bluetooth: L2CAP: Add missing checks for invalid DCID
- netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
- netfilter: ipset: Add schedule point in call_ad().
- rfs: annotate lockless accesses to sk->sk_rxhash
- rfs: annotate lockless accesses to RFS sock flow table
- net: sched: move rtm_tca_policy declaration to include file
- net: sched: fix possible refcount leak in tc_chain_tmplt_add()
- lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
- bnxt_en: Query default VLAN before VNIC setup on a VF
- batman-adv: Broken sync while rescheduling delayed work
- Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
- Input: psmouse - fix OOB access in Elantech protocol
- ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
- ALSA: hda/realtek: Add Lenovo P3 Tower platform
- drm/amdgpu: fix xclk freq on CHIP_STONEY
- can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
J1939 Socket
- can: j1939: change j1939_netdev_lock type to mutex
- can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
- ceph: fix use-after-free bug for inodes when flushing capsnaps
- Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
- rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
- pinctrl: meson-axg: add missing GPIOA_18 gpio group
- usb: usbfs: Enforce page requirements for mmap
- usb: usbfs: Use consistent mmap functions
- bonding (gcc13): synchronize bond_{a,t}lb_xmit() types
- i2c: sprd: Delete i2c adapter in .remove's error path
- eeprom: at24: also select REGMAP
- ext4: only check dquot_initialize_needed() when debugging
- drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
- rbd: get snapshot context after exclusive lock is ensured to be held
- mtd: spinand: macronix: Add support for MX35LFxGE4AD
- Linux 5.4.247
* CVE-2023-4128
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
free
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-
after-free
* CVE-2023-3863
- nfc: llcp: simplify llcp_sock_connect() error paths
- net: nfc: Fix use-after-free caused by nfc_llcp_find_local
* CVE-2023-3212
- gfs2: Don't deref jdesc in evict
-- Wen-chien Jesse Sung <jesse.sung@xxxxxxxxxxxxx> Mon, 25 Sep 2023
15:00:02 +0800
** Changed in: linux-iot (Ubuntu Focal)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4001
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-1206
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-20588
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3212
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3863
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-40283
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-4128
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-4194
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2033856
Title:
focal/linux-iot: 5.4.0-1023.24 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Fix Released
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Fix Released
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
Fix Released
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-iot source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: 9cf3a11d81d60e4c
route-entry: 1
delta:
promote-to-proposed: [main, meta, signed, generate]
promote-to-updates: [main, meta, signed]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
issue: KSRU-9638
kernel-stable-master-bug: 2033867
packages:
generate: linux-generate-iot
main: linux-iot
meta: linux-meta-iot
signed: linux-signed-iot
phase: Holding before Promote to Security
phase-changed: Wednesday, 04. October 2023 15:59 UTC
reason:
promote-to-security: Holding -- not ready for security (replication
dwell)
synthetic:
:promote-to-as-proposed: Fix Released
trackers:
focal/linux-uc20-iot: bug 2033853
focal/linux-uc20-jollyville: bug 2033855
variant: debs
versions:
main: 5.4.0-1023.24
meta: 5.4.0.1023.21
signed: 5.4.0-1023.24
~~:
announce:
swm-transition-crankable: 2023-09-24 08:10:15.861033
clamps:
new-review: 9cf3a11d81d60e4c
promote-to-proposed: 9cf3a11d81d60e4c
self: 5.4.0-1023.24
sru-review: 9cf3a11d81d60e4c
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2033856/+subscriptions
