canonical-hw-cert team mailing list archive

Thread
Date
[Bug 2042660] Re: mantic/linux: 6.5.0-14.14 -proposed tracker

To: canonical-hw-cert@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2042660@xxxxxxxxxxxxxxxxxx>
Date: Tue, 05 Dec 2023 09:37:09 -0000
Reply-to: Bug 2042660 <2042660@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
This bug was fixed in the package linux - 6.5.0-14.14

---------------
linux (6.5.0-14.14) mantic; urgency=medium

  * mantic/linux: 6.5.0-14.14 -proposed tracker (LP: #2042660)

  * Boot log print hang on screen, no login prompt on Aspeed 2600 rev 52 BMC
    (LP: #2042850)
    - drm/ast: Add BMC virtual connector

  * arm64 atomic issues cause disk corruption (LP: #2042573)
    - locking/atomic: scripts: fix fallback ifdeffery

  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts

linux (6.5.0-12.12) mantic; urgency=medium

  * mantic/linux: 6.5.0-12.12 -proposed tracker (LP: #2041536)

  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.10.30)

  * CVE-2023-5633
    - drm/vmwgfx: Keep a gem reference to user bos in surfaces

  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL

  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read

  * CVE-2023-4244
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction

  * apparmor restricts read access of user namespace mediation sysctls to root
    (LP: #2040194)
    - SAUCE: apparmor: open userns related sysctl so lxc can check if restriction
      are in place

  * AppArmor spams kernel log with assert when auditing (LP: #2040192)
    - SAUCE: apparmor: fix request field from a prompt reply that denies all
      access

  * apparmor notification files verification (LP: #2040250)
    - SAUCE: apparmor: fix notification header size

  * apparmor oops when racing to retrieve a notification (LP: #2040245)
    - SAUCE: apparmor: fix oops when racing to retrieve notification

  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics

  * Support mipi camera on Intel Meteor Lake platform (LP: #2031412)
    - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor
      Lake
    - SAUCE: platform/x86: int3472: Add handshake GPIO function

  * CVE-2023-45898
    - ext4: fix slab-use-after-free in ext4_es_insert_extent()

  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0

  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads

  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup

  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()

  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception

  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules

  * Unable to power off the system with MTL CPU (LP: #2039405)
    - Revert "x86/smp: Put CPUs into INIT on shutdown if possible"

  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata

  * drop all references to is_rust_module.sh in kernels >= 6.5 (LP: #2038611)
    - [Packaging] drop references to is_rust_module.sh

  * disable shiftfs (LP: #2038522)
    - SAUCE: ceph: enable unsafe idmapped mounts by default
    - [Config] disable shiftfs

  * Infinite systemd loop when power off the machine with multiple MD RAIDs
    (LP: #2036184)
    - md: Put the right device in md_seq_next

  * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and
    PCIE peripherals (LP: #2036587)
    - [Config] Enable CONFIG_MTK_IOMMU on arm64

  * Realtek 8852CE WiFi 6E country code udpates (LP: #2037273)
    - wifi: rtw89: regd: update regulatory map to R64-R43

  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe

  * CVE-2023-42754
    - ipv4: fix null-deref in ipv4_link_failure

  * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
    images (LP: #2019040)
    - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y

  * Fix RCU warning on AMD laptops (LP: #2036377)
    - power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint

  * allow io_uring to be disabled in runtime (LP: #2035116)
    - io_uring: add a sysctl to disable io_uring system-wide

  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support

 -- Roxana Nicolescu <roxana.nicolescu@xxxxxxxxxxxxx>  Tue, 14 Nov 2023
14:46:30 +0100

** Changed in: linux (Ubuntu Mantic)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-31085

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-39189

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-4244

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-42754

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45898

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5090

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5158

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5178

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5345

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5633

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5717

-- 
You received this bug notification because you are a member of Canonical
Hardware Certification, which is a bug assignee.
https://bugs.launchpad.net/bugs/2042660

Title:
  mantic/linux: 6.5.0-14.14 -proposed tracker

Status in canonical-signing-jobs task00 series:
  Fix Released
Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow abi-testing series:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow boot-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Fix Released
Status in Kernel SRU Workflow kernel-signoff series:
  Fix Released
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  In Progress
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux source package in Mantic:
  Fix Released

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: 48a6bddeca1150b4
    route-entry: 1
  comments:
    abi-testing: 4
  delta:
    promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
    promote-to-updates: [lrm, lrs, main, meta, signed]
  flag:
    boot-testing-requested: true
    bugs-spammed: true
    proposed-announcement-sent: true
    proposed-testing-requested: true
    stream-from-cycle: true
  issue: KSRU-10503
  packages:
    generate: linux-generate
    lrg: linux-restricted-generate
    lrm: linux-restricted-modules
    lrs: linux-restricted-signatures
    main: linux
    meta: linux-meta
    signed: linux-signed
  phase: Promote to Updates
  phase-changed: Tuesday, 05. December 2023 09:39 UTC
  reason:
    promote-to-updates: Ongoing -- packages not yet published
  synthetic:
    :promote-to-as-proposed: Fix Released
  trackers:
    jammy/linux-hwe-6.5: bug 2043483
    jammy/linux-oem-6.5: bug 2041693
    mantic/linux-aws: bug 2041526
    mantic/linux-azure: bug 2041528
    mantic/linux-gcp: bug 2041529
    mantic/linux-laptop: bug 2041530
    mantic/linux-lowlatency: bug 2041531
    mantic/linux-oracle: bug 2041532
    mantic/linux-raspi: bug 2041533
    mantic/linux-riscv: bug 2041534
    mantic/linux-starfive: bug 2041535
    mantic/linux/pc-kernel: bug 2042659
  variant: debs
  versions:
    lrm: 6.5.0-14.14
    main: 6.5.0-14.14
    meta: 6.5.0.14.16
    signed: 6.5.0-14.14
  ~~:
    announce:
      swm-transition-crankable: 2023-11-13 13:35:26.670228
    clamps:
      new-review: 48a6bddeca1150b4
      promote-to-proposed: 48a6bddeca1150b4
      self: 6.5.0-14.14
      sru-review: 48a6bddeca1150b4
    tracker:
      last-message: '2023-12-05 09:37:09.666480+00:00'

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2042660/+subscriptions