This has become a security issue! So the kernels are now being built with impish, and unless people are using my PPA or building their own, then the last install-able kernel for LTS (focal) was 5.11.16.
The 5.11.x series went EOL with 5.11.22, and all 5.11.x have a level 7.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-32606 As far as I can see this is still vulnerable up to and including 5.12.8. Linus applied the fix to his tree here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/can?id=2b17c400aeb44daf041627722581ade527bb3c1d but that hasn't yet been applied to the stable 5.12.x branch. Ooops: https://www.openwall.com/lists/oss-security/2021/05/28/2 If you're using mainline on focal, then you might want to drop back to a 5.10.x release which doesn't have the vulnerability, or use my PPA, or follow one of the build instructions posted in this thread. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-32606 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1926938 Title: Recent mainline packages are built with Hirsuite 21.04, not Focal 20.04 LTS Status in linux package in Ubuntu: Confirmed Bug description: Hi all, The Mainline wiki states that the mainline kernels are built with the previous LTS toolchain, but the recent 5.12.x and 5.11.x releases are being built with Hirsuite 21.04, and before that Groovy? If this is intentional, then the wiki should be updated to reflect the change in policy. From https://wiki.ubuntu.com/Kernel/MainlineBuilds Mainline kernel build toolchain These kernels are built with the toolchain (gcc, g++, etc.) from the previous Ubuntu LTS release. (e.g. Ubuntu 14.04 "Trusty Tahr" / 16.04 "Xenial Xerus" / 18.04 "Bionic Beaver", etc.) Therefore, out-of-tree kernel modules you already have built and installed for use with your release kernels are not likely to work with the mainline builds. The 5.12 kernel was built with GCC 10.3.0, and 5.11.16 with 10.2.0. On my Focal LTS system I have GCC 9.3.0. The Mainline kernel build toolchain These kernels are built with the toolchain (gcc, g++, etc.) from the previous Ubuntu LTS release. (e.g. Ubuntu 14.04 "Trusty Tahr" / 16.04 "Xenial Xerus" / 18.04 "Bionic Beaver", etc.) Therefore, out-of-tree kernel modules you already have built and installed for use with your release kernels are not likely to work with the mainline builds. The *linux-headers-generic* packages have unmet dependencies on 20.04 LTS. I could install Groovy built kernels fine, but the Hirsuite ones built with GCC 10.3.0 appear to require libc6 >= 2.33. So the new kernels can't be installed on Focal (libc 2.31). Thanks, Mark To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1926938/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
