This bug was fixed in the package linux-xilinx-zynqmp - 5.4.0-1058.62
---------------
linux-xilinx-zynqmp (5.4.0-1058.62) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1058.62 -proposed tracker (LP:
#2093783)
* Focal update: v5.4.285 upstream stable release (LP: #2089233)
- [Config] xilinx-zynqmp: updateconfigs for SND_MESON_CARD_UTILS
[ Ubuntu: 5.4.0-207.227 ]
* focal/linux: 5.4.0-207.227 -proposed tracker (LP: #2095347)
* Remove "ftrace: Fix possible use-after-free issue in ftrace_location()" bad
commit from focal (LP: #2095348)
- Revert "ftrace: Fix possible use-after-free issue in ftrace_location()"
[ Ubuntu: 5.4.0-206.226 ]
* focal/linux: 5.4.0-206.226 -proposed tracker (LP: #2093785)
* nouveau keeps showing `disp: ctrl 00000080` and crippling the system
(LP: #2078011)
- drm/nouveau/disp/gv100-: halt NV_PDISP_FE_RM_INTR_STAT_CTRL_DISP_ERROR
storms
- drm/nouveau/kms/gv100-: move window ownership setup into modesetting path
- drm/nouveau/kms/gv100-: avoid sending a core update until the first
modeset
* CVE-2024-43863
- drm/vmwgfx: Fix a deadlock in dma buf fence polling
* CVE-2024-40911
- wifi: cfg80211: Lock wiphy in cfg80211_get_station
* CVE-2024-35896
- netfilter: validate user input for expected length
- netfilter: complete validation of user input
* CVE-2023-52458
- block: add check that partition length needs to be aligned with block size
* kernel:nft "Could not process rule: Device or resource busy" on unreferenced
chain (LP: #2089699)
- SAUCE: netfilter: nf_tables: Fix EBUSY on deleting unreferenced chain
* CVE-2024-35887
- lockdep: Add preemption enabled/disabled assertion APIs
- timers: Don't block on ->expiry_lock for TIMER_IRQSAFE timers
- Documentation: Remove bogus claim about del_timer_sync()
- ARM: spear: Do not use timer namespace for timer_shutdown() function
- clocksource/drivers/arm_arch_timer: Do not use timer namespace for
timer_shutdown() function
- clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown()
function
- timers: Get rid of del_singleshot_timer_sync()
- timers: Replace BUG_ON()s
- timers: Rename del_timer() to timer_delete()
- Documentation: Replace del_timer/del_timer_sync()
- timers: Silently ignore timers with a NULL function
- timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode
- timers: Add shutdown mechanism to the internal functions
- timers: Provide timer_shutdown[_sync]()
- timers: Update the documentation to reflect on the new timer_shutdown()
API
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer
* CVE-2024-40965
- clk: Add a devm variant of clk_rate_exclusive_get()
- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get()
- i2c: lpi2c: Avoid calling clk_get_rate during transfer
* CVE-2024-40982
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent()
* CVE-2024-41066
- ibmvnic: Add tx check to prevent skb leak
* CVE-2024-42252
- closures: Change BUG_ON() to WARN_ON()
* CVE-2024-46731
- drm/amd/pm: fix the Out-of-bounds read warning
* Focal update: v5.4.286 upstream stable release (LP: #2089558)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-
excavator
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion
- ARM: dts: rockchip: fix rk3036 acodec node
- ARM: dts: rockchip: drop grf reference from rk3036 hdmi
- ARM: dts: rockchip: Fix the spi controller on rk3036
- ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin
- enetc: simplify the return expression of enetc_vf_set_mac_addr()
- net: enetc: set MAC address to the VF net_device
- can: c_can: fix {rx,tx}_errors statistics
- media: stb0899_algo: initialize cfr before using it
- media: dvb_frontend: don't play tricks with underflow values
- media: adv7604: prevent underflow condition when reporting colorspace
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init()
- pwm: imx-tpm: Use correct MODULO value for EPWM mode
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
- dm cache: correct the number of origin blocks to match the target length
- dm cache: optimize dirty bit checking with find_next_bit when resizing
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t
overflow
- mtd: rawnand: protect access to rawnand devices while in suspend
- spi: fix use-after-free of the add_lock mutex
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
uvc_parse_format
- fs/proc: fix compile warning about variable 'vmcore_mmap_ops'
- USB: serial: qcserial: add support for Sierra Wireless EM86xx
- USB: serial: option: add Fibocom FG132 0x0112 composition
- USB: serial: option: add Quectel RG650V
- irqchip/gic-v3: Force propagation of the active state with a read-back
- ALSA: usb-audio: Support jack detection on Dell dock
- ALSA: usb-audio: Add quirks for Dell WD19 dock
- NFSD: Fix NFSv4's PUTPUBFH operation
- ALSA: usb-audio: Add endianness annotations
- 9p: Avoid creating multiple slab caches with the same name
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
- bpf: use kvzmalloc to allocate BPF verifier environment
- sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML
- powerpc/powernv: Free name on error in opal_event_init()
- fs: Fix uninitialized value issue in from_kuid and from_kgid
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
- md/raid10: improve code of mrdev in raid10_sync_request
- mm: clarify a confusing comment for remap_pfn_range()
- mm: fix ambiguous comments for better code readability
- mm/memory.c: make remap_pfn_range() reject unaligned addr
- mm: add remap_pfn_range_notrack
- 9p: fix slab cache name creation for real
- Linux 5.4.286
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-47674
- mm: avoid leaving partial pfn mappings around in error case
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-38588
- ftrace: Fix possible use-after-free issue in ftrace_location()
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50265
- ocfs2: remove entry once instead of null-ptr-dereference in
ocfs2_xa_remove()
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50267
- USB: serial: io_edgeport: fix use after free in debug printk
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50269
- usb: musb: sunxi: Fix accessing an released usb phy
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2021-47469
- spi: Fix deadlock when adding SPI controllers on SPI buses
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50273
- btrfs: reinitialize delayed ref list after deleting it from the list
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-53066
- nfs: Fix KMSAN warning in decode_getfattr_attrs()
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50278
- dm cache: fix potential out-of-bounds access on the first resume
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50279
- dm cache: fix out-of-bounds access to the dirty bitset when resizing
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50282
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50287
- media: v4l2-tpg: prevent the risk of a division by zero
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50290
- media: cx24116: prevent overflows on SNR calculus
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-53061
- media: s5p-jpeg: prevent buffer overflows
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-53063
- media: dvbdev: prevent the risk of out of memory access
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50296
- net: hns3: fix kernel crash when uninstalling driver
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50299
- sctp: properly validate chunk size in sctp_sf_ootb()
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50301
- security/keys: fix slab-out-of-bounds in key_task_permission
* Focal update: v5.4.286 upstream stable release (LP: #2089558) //
CVE-2024-50302
- HID: core: zero-initialize the report buffer
* Add list of source files to linux-buildinfo (LP: #2086606)
- [Packaging] Sort build dependencies alphabetically
- [Packaging] Add list of used source files to buildinfo package
* Focal update: v5.4.285 upstream stable release (LP: #2089233)
- usbnet: ipheth: fix carrier detection in modes 1 and 4
- net: ethernet: use ip_hdrlen() instead of bit shift
- net: phy: vitesse: repair vsc73xx autonegotiation
- scripts: kconfig: merge_config: config files: add a trailing newline
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
Puma
- ice: fix accounting for filters shared by multiple VSIs
- net/mlx5e: Add missing link modes to ptys2ethtool_map
- net: ftgmac100: Enable TX interrupt to avoid TX timeout
- soundwire: stream: Revert "soundwire: stream: fix programming slave ports
for non-continous port maps"
- selftests: breakpoints: Fix a typo of function name
- ASoC: allow module autoloading for table db1200_pids
- ALSA: hda/realtek - Fixed ALC256 headphone no sound
- ALSA: hda/realtek - FIxed ALC285 headphone no sound
- pinctrl: at91: make it work with current gpiolib
- microblaze: don't treat zero reserved memory regions as error
- net: ftgmac100: Ensure tx descriptor updates are visible
- wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room()
- ASoC: tda7419: fix module autoloading
- drm: komeda: Fix an issue related to normalized zpos
- spi: bcm63xx: Enable module autoloading
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
- USB: serial: pl2303: add device id for Macrosilicon MS3020
- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe()
- wifi: ath9k: fix parameter check in ath9k_init_debug()
- wifi: ath9k: Remove error checks when creating debugfs entries
- fs: explicitly unregister per-superblock BDIs
- mount: warn only once about timestamp range expiration
- fs/namespace: fnic: Switch to use %ptTd
- mount: handle OOM on mnt_warn_timestamp_expiry
- can: j1939: use correct function name in comment
- netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire
- netfilter: nf_tables: reject element expiration with no timeout
- netfilter: nf_tables: reject expiration higher than timeout
- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan()
- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors
- mac80211: parse radiotap header when selecting Tx queue
- Bluetooth: btusb: Fix not handling ZPL/short-transfer
- net: tipc: avoid possible garbage value
- block, bfq: choose the last bfqq from merge chain in
bfq_setup_cooperator()
- block, bfq: don't break merge chain in bfq_split_bfqq()
- spi: ppc4xx: handle irq_of_parse_and_map() errors
- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ
- ARM: dts: imx7d-zii-rmu2: fix Ethernet PHY pinctrl property
- ARM: versatile: fix OF node leak in CPUs prepare
- reset: berlin: fix OF node leak in probe() error path
- clocksource/drivers/qcom: Add missing iounmap() on errors in
msm_dt_timer_init()
- hwmon: (max16065) Fix overflows seen when writing limits
- mtd: slram: insert break after errors in parsing the map
- hwmon: (ntc_thermistor) fix module autoloading
- power: supply: axp20x_battery: allow disabling battery charging
- power: supply: axp20x_battery: Remove design from min and max voltage
- power: supply: max17042_battery: Fix SOC threshold calc w/ no current
sense
- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe()
- mtd: powernv: Add check devm_kasprintf() returned value
- drm/stm: Fix an error handling path in stm_drm_platform_probe()
- drm/amdgpu: Replace one-element array with flexible-array member
- drm/amdgpu: properly handle vbios fake edid sizing
- drm/radeon: Replace one-element array with flexible-array member
- drm/radeon: properly handle vbios fake edid sizing
- drm/rockchip: vop: Allow 4096px width scaling
- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode
- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets
- drm/msm: Fix incorrect file name output in adreno_request_fw()
- drm/msm/a5xx: disable preemption in submits by default
- drm/msm/a5xx: properly clear preemption records on resume
- drm/msm/a5xx: fix races in preemption evaluation stage
- ipmi: docs: don't advertise deprecated sysfs entries
- drm/msm: fix %s null argument error
- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind()
- xen: use correct end address of kernel for conflict checking
- xen/swiotlb: add alignment check for dma buffers
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc
- selftests/bpf: Fix error compiling test_lru_map.c
- xz: cleanup CRC32 edits from 2018
- kthread: add kthread_work tracepoints
- kthread: fix task state in kthread worker if being frozen
- ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard
- smackfs: Use rcu_assign_pointer() to ensure safe assignment in
smk_set_cipso
- ext4: avoid negative min_clusters in find_group_orlov()
- ext4: return error on ext4_find_inline_entry
- nilfs2: determine empty node blocks as corrupted
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit
- perf sched timehist: Fix missing free of session in perf_sched__timehist()
- perf sched timehist: Fixed timestamp error when unable to confirm event
sched_in time
- perf time-utils: Fix 32-bit nsec parsing
- clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228
- PCI: xilinx-nwl: Fix register misspelling
- pinctrl: single: fix missing error code in pcs_probe()
- clk: ti: dra7-atl: Fix leak of of_nodes
- pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function
- watchdog: imx_sc_wdt: Don't disable WDT in suspend
- RDMA/hns: Optimize hem allocation performance
- riscv: Fix fp alignment bug in perf_callchain_user()
- f2fs: enhance to update i_mode and acl atomically in f2fs_setattr()
- f2fs: fix typo
- f2fs: fix to update i_ctime in __f2fs_setxattr()
- f2fs: remove unneeded check condition in __f2fs_setxattr()
- f2fs: reduce expensive checkpoint trigger frequency
- iio: adc: ad7606: fix oversampling gpio array
- iio: adc: ad7606: fix standby gpio state to match the documentation
- coresight: tmc: sg: Do not leak sg_table
- net: qrtr: Update packets cloning when broadcasting
- netfilter: ctnetlink: compile ctnetlink_label_size with
CONFIG_NF_CONNTRACK_EVENTS
- Remove *.orig pattern from .gitignore
- soc: versatile: integrator: fix OF node leak in probe() error path
- drm/amd/display: Round calculated vtotal
- USB: appledisplay: close race between probe and completion handler
- USB: misc: cypress_cy7c63: check for short transfer
- USB: class: CDC-ACM: fix race between get_serial and set_serial
- tty: rp2: Fix reset with non forgiving PCIe host bridges
- drbd: Fix atomicity violation in drbd_uuid_set_bm()
- drbd: Add NULL check for net_conf to prevent dereference in state
validation
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
- wifi: rtw88: 8822c: Fix reported RX band width
- debugobjects: Fix conditions in fill_pool()
- f2fs: prevent possible int overflow in dir_block_index()
- f2fs: avoid potential int overflow in sanity_check_area_boundary()
- hwrng: mtk - Use devm_pm_runtime_enable
- fs: Fix file_set_fowner LSM hook inconsistencies
- nfs: fix memory leak in error path of nfs4_do_reclaim
- ASoC: meson: axg: extract sound card utils
- [Config] updateconfigs for SND_MESON_CARD_UTILS
- PCI: xilinx-nwl: Use irq_data_get_irq_chip_data()
- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler
- soc: versatile: realview: fix memory leak during device remove
- soc: versatile: realview: fix soc_dev leak during device remove
- usb: yurex: Replace snprintf() with the safer scnprintf() variant
- USB: misc: yurex: fix race between read and write
- pps: remove usage of the deprecated ida_simple_xx() API
- pps: add an error check in parport_attach
- mm: only enforce minimum stack gap size if it's sensible
- i2c: aspeed: Update the stop sw state when the bus recovery occurs
- i2c: isch: Add missed 'else'
- usb: yurex: Fix inconsistent locking bug in yurex_read()
- mailbox: rockchip: fix a typo in module autoloading
- Minor fixes to the CAIF Transport drivers Kconfig file
- drivers: net: Fix Kconfig indentation, continued
- ieee802154: Fix build error
- net/mlx5: Added cond_resched() to crdump collection
- netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
- net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq()
- Bluetooth: btmrvl_sdio: Refactor irq wakeup
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq()
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit
- ALSA: hda/realtek: Fix the push button function for the ALC257
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats()
- ice: Adjust over allocation of memory in ice_sched_add_root_node() and
ice_sched_add_node()
- net: hisilicon: hip04: fix OF node leak in probe()
- net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info()
- net: hisilicon: hns_mdio: fix OF node leak in probe()
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails
- net: sched: consistently use rcu_replace_pointer() in taprio_change()
- wifi: rtw88: select WANT_DEV_COREDUMP
- ACPI: EC: Do not release locks during operation region accesses
- net: mvpp2: Increase size of queue_name buffer
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process
- ACPICA: iasl: handle empty connection_node
- proc: add config & param to block forcing mem writes
- [Config] updateconfigs to select PROC_MEM_ALWAYS_FORCE
- nfp: Use IRQF_NO_AUTOEN flag in request_irq()
- signal: Replace BUG_ON()s
- ALSA: hdsp: Break infinite MIDI input flush loop
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments()
- power: reset: brcmstb: Do not go into infinite loop if reset fails
- ata: sata_sil: Rename sil_blacklist to sil_quirks
- jfs: UBSAN: shift-out-of-bounds in dbFindBits
- drm/printer: Allow NULL data in devcoredump printer
- scsi: aacraid: Rearrange order of struct aac_srb_unit
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode()
- of/irq: Refer to actual buffer size in of_irq_parse_one()
- ext4: ext4_search_dir should return a proper error
- spi: s3c64xx: fix timeout counters in flush_fifo
- selftests: breakpoints: use remaining time to check if suspend succeed
- selftests: vDSO: fix vDSO symbols lookup for powerpc64
- i2c: xiic: Wait for TX empty to avoid missed TX NAKs
- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp()
- spi: bcm63xx: Fix module autoloading
- perf/core: Fix small negative period being ignored
- parisc: Fix itlb miss handler for 64-bit programs
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS
- ALSA: core: add isascii() check to card ID generator
- ext4: propagate errors from ext4_find_extent() in ext4_insert_range()
- ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space()
- ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit()
- parisc: Fix 64-bit userspace syscall path
- parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
- of/irq: Support #msi-cells=<0> in of_msi_get_domain
- mm: krealloc: consider spare memory for __GFP_ZERO
- ocfs2: fix the la space leak when unmounting an ocfs2 volume
- ocfs2: fix uninit-value in ocfs2_get_block()
- riscv: define ILLEGAL_POINTER_VALUE for 64bit
- clk: rockchip: fix error for unknown clocks
- media: sun4i_csi: Implement link validate for sun4i_csi subdev
- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags
- iio: magnetometer: ak8975: Fix reading for ak099xx sensors
- tomoyo: fallback to realpath if symlink's pathname does not exist
- rtc: at91sam9: fix OF node leak in probe() error path
- Input: adp5589-keys - fix adp5589_gpio_get_value()
- ACPI: resource: Add Asus Vivobook X1704VAP to
irq1_level_low_skip_override[]
- ACPI: resource: Add Asus ExpertBook B2502CVA to
irq1_level_low_skip_override[]
- gpio: davinci: fix lazy disable
- i2c: qcom-geni: Let firmware specify irq trigger flags
- i2c: qcom-geni: Grow a dev pointer to simplify code
- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq()
- arm64: Add Cortex-715 CPU part definition
- arm64: cputype: Add Neoverse-N3 definitions
- arm64: errata: Expand speculative SSBS workaround once more
- nfsd: use ktime_get_seconds() for timestamps
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds
- clk: qcom: rpmh: Simplify clk_rpmh_bcm_send_cmd()
- clk: qcom: clk-rpmh: Fix overflow in BCM vote
- r8169: Fix spelling mistake: "tx_underun" -> "tx_underrun"
- ACPI: battery: Simplify battery hook locking
- ext4: fix inode tree inconsistency caused by ENOMEM
- net: ethernet: cortina: Drop TSO support
- tracing: Remove precision vsnprintf() check from print event
- drm/crtc: fix uninitialized variable use even harder
- tracing: Have saved_cmdlines arrays all in one allocation
- virtio_console: fix misc probe bugs
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
- bpf: Check percpu map value size first
- s390/facility: Disable compile time optimization for decompressor code
- s390/mm: Add cond_resched() to cmm_alloc/free_pages()
- ext4: nested locking for xattr inode
- s390/cpum_sf: Remove WARN_ON_ONCE statements
- ktest.pl: Avoid false positives with grub2 skip regex
- clk: bcm: bcm53573: fix OF node leak in init
- PCI: Add ACS quirk for Qualcomm SA8775P
- i2c: i801: Use a different adapter-name for IDF adapters
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken
- media: videobuf2-core: clear memory related fields in
__vb2_plane_dmabuf_put()
- usb: chipidea: udc: enable suspend interrupt after usb reset
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the
Crashkernel Scenario
- tools/iio: Add memory allocation failure check for trigger_name
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus
attribute
- ice: fix VLAN replay after reset
- SUNRPC: Fix integer overflow in decode_rc_list()
- tcp: fix to allow timestamp undo if no retransmits were sent
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe
- gpio: aspeed: Add the flush write to ensure the write complete.
- gpio: aspeed: Use devm_clk api to manage clock source
- net: ibm: emac: mal: fix wrong goto
- net: annotate lockless accesses to sk->sk_ack_backlog
- net: annotate lockless accesses to sk->sk_max_ack_backlog
- sctp: ensure sk_state is set to CLOSED if hashing fails in
sctp_listen_start
- locking/lockdep: Fix bad recursion pattern
- locking/lockdep: Rework lockdep_lock
- locking/lockdep: Avoid potential access of invalid memory in lock_class
- lockdep: fix deadlock issue between lockdep and rcu
- HID: plantronics: Workaround for an unexcepted opposite volume key
- Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant"
- usb: dwc3: core: Stop processing of pending events if controller is halted
- usb: xhci: Fix problem with xhci resume from suspend
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in
ish_fw_xfer_direct_dma
- arm64: probes: Fix simulate_ldr*_literal()
- tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
- tracing/kprobes: Fix symbol counting logic by looking at modules as well
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
- fat: fix uninitialized variable
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
- KVM: s390: Change virtual to physical address access in diag 0x258 handler
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET
- drm/vmwgfx: Handle surface check failure correctly
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: hid-sensors: Fix an error handling path in
_hid_sensor_set_report_latency()
- iio: light: opt3001: add missing full-scale range value
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- Bluetooth: Remove debugfs directory on module init failure
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001
- xhci: Fix incorrect stream context type macro
- USB: serial: option: add support for Quectel EG916Q-GL
- USB: serial: option: add Telit FN920C04 MBIM compositions
- x86/resctrl: Annotate get_mem_config() functions as __init
- x86/apic: Always explicitly disarm TSC-deadline timer
- mac80211: Fix NULL ptr deref for injected rate info
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure
- ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP
- ipv4: give an IPv4 dev to blackhole_netdev
- RDMA/bnxt_re: Return more meaningful error
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation
- macsec: don't increment counters for an unrelated SA
- net: ethernet: aeroflex: fix potential memory leak in
greth_start_xmit_gbit()
- genetlink: hold RCU in genlmsg_mcast()
- arm64:uprobe fix the uprobe SWBP_INSN in big-endian
- KVM: s390: gaccess: Check if guest address is in memslot
- jfs: Fix sanity check in dbMount
- net: usb: usbnet: fix name regression
- r8169: avoid unsolicited interrupts
- posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
- ALSA: hda/realtek: Update default depop procedure
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[]
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid
detection issue
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event
- selinux: improve error checking in sel_write_load()
- arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse
warning
- cgroup: Fix potential overflow issue when checking max_depth
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
- mac80211: do drv_reconfig_complete() before restarting all
- mac80211: Add support to trigger sta disconnect on hardware restart
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe()
- dt-bindings: gpu: Convert Samsung Image Rotator to dt-schema
- gtp: simplify error handling code in 'gtp_encap_enable()'
- gtp: allow -1 to be specified as file description from userspace
- net: support ip generic csum processing in skb_csum_hwoffload_help
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension
- drivers/misc: ti-st: Remove unneeded variable in st_tty_open
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state()
- net: amd: mvme147: Fix probe banner message
- misc: sgi-gru: Don't disable preemption in GRU driver
- usbip: tools: Fix detach_port() invalid port error path
- usb: phy: Fix API devm_usb_put_phy() can not release the phy
- xhci: Fix Link TRB DMA in command ring stopped completion event
- Revert "driver core: Fix uevent_show() vs driver detach race"
- riscv: Remove unused GENERATING_ASM_OFFSETS
- Revert "drm/mipi-dsi: Set the fwnode for mipi_dsi_device"
- vt: prevent kernel-infoleak in con_font_get()
- mac80211: always have ieee80211_sta_restart()
- mm: krealloc: Fix MTE false alarm in __do_krealloc
- Linux 5.4.285
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50228
- mm: shmem: fix data-race in shmem_getattr()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50230
- nilfs2: fix kernel bug due to missing clearing of checked flag
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50218
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50229
- nilfs2: fix potential deadlock with newly created symlinks
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50233
- staging: iio: frequency: ad9832: fix division by zero in
ad9832_calc_freqreg()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50234
- wifi: iwlegacy: Clear stale interrupts before resuming device
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50236
- wifi: ath10k: Fix memory leak in management tx
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50237
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50251
- netfilter: nft_payload: sanitize offset and length before calling
skb_checksum()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50262
- bpf: Fix out-of-bounds write in trie_get_next_key()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-53059
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50142
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50116
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50117
- drm/amd: Guard against bad data for ATIF ACPI method
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50205
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50127
- net: sched: fix use-after-free in taprio_change()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50167
- be2net: fix potential memory leak in be_xmit()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50168
- net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50131
- tracing: Consider the NULL character when validating the event length
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50143
- udf: fix uninit-value use in udf_get_fileshortad
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50134
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with
real
VLA
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50194
- arm64: probes: Fix uprobes for big-endian kernels
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50148
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50150
- usb: typec: altmode should keep reference to parent
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50151
- smb: client: fix OOBs when building SMB2_IOCTL request
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50171
- net: systemport: fix potential memory leak in bcm_sysport_xmit()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50202
- nilfs2: propagate directory read errors from nilfs_find_entry()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50074
- parport: Proper fix for array out-of-bounds access
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50082
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-40953
- KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50199
- mm/swapfile: skip HugeTLB pages for unuse_vma
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50099
- arm64: probes: Remove broken LDR (literal) uprobe support
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50195
- posix-clock: Fix missing timespec64 check in pc_clock_settime()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50096
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50024
- net: Fix an unsafe loop on the list
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49878
- resource: fix region_intersects() vs add_memory_driver_managed()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50033
- slip: make slhc_remember() more robust against malicious packets
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50035
- ppp: fix ppp_async_encode() illegal access
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50039
- net/sched: accept TCA_STAB only for root qdisc
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50040
- igb: Do not bring the device up after non-fatal error
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50044
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50045
- netfilter: br_netfilter: fix panic with metadata_dst skb
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-38544
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50180
- fbdev: sisfb: Fix strbuf array overflow
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50184
- virtio_pmem: Check device status before requesting flush
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50059
- ntb: ntb_hw_switchtec: Fix use after free vulnerability in
switchtec_ntb_remove due to race condition
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50089
- unicode: Don't special case ignorable code points
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49955
- ACPI: battery: Fix possible crash when unregistering a battery hook
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49973
- r8169: add tally counter fields added with RTL8125
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49975
- uprobes: fix kernel info leak via "[uprobes]" vma
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49867
- btrfs: wait for fixup workers before stopping cleaner kthread during
umount
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49868
- btrfs: fix a NULL pointer dereference when failed to start a new
trasacntion
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49981
- media: venus: fix use after free bug in venus_remove due to race condition
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49982
- aoe: fix the potential use-after-free problem in more places
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49877
- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49957
- ocfs2: fix null-ptr-deref when journal load failed.
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49965
- ocfs2: remove unreasonable unlock in ocfs2_read_blocks
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49966
- ocfs2: cancel dqi_sync_work before freeing oinfo
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49958
- ocfs2: reserve space for inline xattr before attaching reflink tree
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49959
- jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns
error
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49879
- drm: omapdrm: Add missing check for alloc_ordered_workqueue
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49882
- ext4: fix double brelse() the buffer of the extents path
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49883
- ext4: aovid use-after-free in ext4_ext_insert_extent()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49985
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50006
- ext4: fix i_data_sem unlock order in ext4_ind_migrate()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49892
- drm/amd/display: Initialize get_bytes_per_element's default to 1
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49894
- drm/amd/display: Fix index out of bounds in degamma hardware format
translation
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49896
- drm/amd/display: Check stream before comparing them
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49900
- jfs: Fix uninit-value access of new_ea in ea_buffer
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49902
- jfs: check if leafidx greater than num leaves per dmap tree
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49903
- jfs: Fix uaf in dbFreeBits
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49924
- fbdev: pxafb: Fix possible use after free in pxafb_task()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50007
- ALSA: asihpi: Fix potential OOB array access
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50008
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_cmd_802_11_scan_ext()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49995
- tipc: guard against string buffer overrun
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49962
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in
acpi_db_convert_to_package()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49938
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47740
- f2fs: Require FMODE_WRITE for atomic write ioctls
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49944
- sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49948
- net: add more sanity checks to qdisc_pkt_len_init()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49949
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49997
- net: ethernet: lantiq_etop: fix memory disclosure
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49952
- netfilter: nf_tables: prevent nf_skb_duplicated corruption
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50179
- ceph: remove the incorrect Fw reference check when dirtying pages
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49963
- mailbox: bcm2835: Fix timeout during suspend mode
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-46849
- ASoC: meson: axg-card: fix 'use-after-free'
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47679
- vfs: fix race between evice_inodes() and find_inode()&iput()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49860
- ACPI: sysfs: validate return type of _STR method
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47742
- firmware_loader: Block path traversal
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47684
- tcp: check skb is non-NULL in tcp_rto_delta_us()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47747
- net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race
Condition
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47685
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47692
- nfsd: return -EINVAL when namelen is 0
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47737
- nfsd: call cache_put if xdr_reserve_space returns NULL
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2023-52917
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47749
- RDMA/cxgb4: Added NULL check for lookup_atid
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47696
- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47756
- PCI: keystone: Fix if-statement expression in ks_pcie_quirk()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47697
- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47698
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47757
- nilfs2: fix potential oob read in nilfs_btree_check_delete()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47699
- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47701
- ext4: avoid OOB when system.data xattr changes underneath the filesystem
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49851
- tpm: Clean up TPM space after command failure
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47723
- jfs: fix out-of-bounds in dbNextAG() and diAlloc()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47706
- block, bfq: fix possible UAF for bfqq->bic with merge chain
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47709
- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47710
- sock_map: Add a cond_resched() in sock_hash_free()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47712
- wifi: wilc1000: fix potential RCU dereference issue in
wilc_parse_join_bss_param
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47713
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47671
- USB: usbtmc: prevent kernel-usb-infoleak
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-44931
- gpio: prevent potential speculation leaks in gpio_device_get_desc()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-41016
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47670
- ocfs2: add bounds checking to ocfs2_xattr_find_entry()
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-47672
- wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-46853
- spi: nxp-fspi: fix the KASAN report out-of-bounds bug
* Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-46854
- net: dpaa: Pad packets to ETH_ZLEN
-- Benjamin Wheeler <benjamin.whee...@canonical.com> Fri, 31 Jan 2025
12:06:43 -0500
** Changed in: linux (Ubuntu Focal)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2086606
Title:
Add list of source files to linux-buildinfo
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2086606/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
