"exec: Fix ToCToU between perm check and set-uid/gid usage" applied for CVE-2024-43882
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-43882 ** Changed in: linux (Ubuntu Noble) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2083794 Title: Noble update: upstream stable patchset 2024-10-07 Status in linux package in Ubuntu: Invalid Status in linux source package in Noble: Fix Committed Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: upstream stable patchset 2024-10-07 Ported from the following upstream stable releases: v6.6.47, v6.10.6 from git://git.kernel.org/ exec: Fix ToCToU between perm check and set-uid/gid usage ASoC: topology: Clean up route loading ASoC: topology: Fix route memory corruption LoongArch: Define __ARCH_WANT_NEW_STAT in unistd.h sunrpc: don't change ->sv_stats if it doesn't exist nfsd: stop setting ->pg_stats for unused stats sunrpc: pass in the sv_stats struct through svc_create_pooled sunrpc: remove ->pg_stats from svc_program nfsd: remove nfsd_stats, make th_cnt a global counter nfsd: make svc_stat per-network namespace instead of global mm: gup: stop abusing try_grab_folio nvme/pci: Add APST quirk for Lenovo N60z laptop genirq/cpuhotplug: Skip suspended interrupts when restoring affinity genirq/cpuhotplug: Retry with cpu_online_mask when migration fails quota: Detect loops in quota tree bpf: Replace bpf_lpm_trie_key 0-length array with flexible array fs: Annotate struct file_handle with __counted_by() and use struct_size() mISDN: fix MISDN_TIME_STAMP handling mm/page_table_check: support userfault wr-protect entries bpf, net: Use DEV_STAT_INC() f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC f2fs: fix to cover read extent cache access with lock fou: remove warn in gue_gro_receive on unsupported protocol jfs: fix null ptr deref in dtInsertEntry jfs: Fix shift-out-of-bounds in dbDiscardAG fs/ntfs3: Do copy_to_user out of run_lock ALSA: usb: Fix UBSAN warning in parse_audio_unit() binfmt_flat: Fix corruption when not offsetting data start mm/debug_vm_pgtable: drop RANDOM_ORVALUE trick KVM: arm64: Don't defer TLB invalidation when zapping table entries KVM: arm64: Don't pass a TLBI level hint when zapping table entries drm/amd/display: Defer handling mst up request in resume drm/amd/display: Guard cursor idle reallow by DC debug option drm/amd/display: Separate setting and programming of cursor drm/amd/display: Prevent IPX From Link Detect and Set Mode ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value platform/x86/amd/pmf: Fix to Update HPD Data When ALS is Disabled platform/x86: ideapad-laptop: introduce a generic notification chain platform/x86: ideapad-laptop: move ymc_trigger_ec from lenovo-ymc platform/x86: ideapad-laptop: add a mutex to synchronize VPC commands drm/amd/display: Solve mst monitors blank out problem after resume drm/amdgpu/display: Fix null pointer dereference in dc_stream_program_cursor_position UBUNTU: Upstream stable to v6.6.47, v6.10.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2083794/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
