Ubuntu
linux-aws package

linux-aws 5.4.0-1126.136 source package in Ubuntu

Changelog

linux-aws (5.4.0-1126.136) focal; urgency=medium

  * focal/linux-aws: 5.4.0-1126.136 -proposed tracker (LP: #2063766)

  [ Ubuntu: 5.4.0-186.206 ]

  * focal/linux: 5.4.0-186.206 -proposed tracker (LP: #2063812)
  * Mount CIFS fails with Permission denied (LP: #2061986)
    - cifs: fix ntlmssp auth when there is no key exchange
  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown
  * CVE-2024-26733
    - net: dev: Convert sa_data to flexible array in struct sockaddr
    - arp: Prevent overflow in arp_req_get().
    - stddef: Introduce DECLARE_FLEX_ARRAY() helper
  * CVE-2024-26712
    - powerpc/kasan: Fix addr error caused by page alignment
  * CVE-2023-52530
    - wifi: mac80211: fix potential key use-after-free
  * CVE-2021-47063
    - drm: bridge/panel: Cleanup connector on bridge detach
  * [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output "UBSAN: array-
    index-out-of-bounds in /build/linux-hwe-6.5-34pCLi/linux-
    hwe-6.5-6.5.0/drivers/net/hyperv/netvsc.c:1445:41" multiple times,
    especially during boot. (LP: #2058477)
    - hv: hyperv.h: Replace one-element array with flexible-array member
  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create
  * Focal update: v5.4.271 upstream stable release (LP: #2060216)
    - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
    - net: ip_tunnel: prevent perpetual headroom growth
    - tun: Fix xdp_rxq_info's queue_index when detaching
    - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
    - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
      detected
    - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
    - Bluetooth: Avoid potential use-after-free in hci_error_reset
    - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
    - Bluetooth: Enforce validation on max value of connection interval
    - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
    - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
    - efi/capsule-loader: fix incorrect allocation size
    - power: supply: bq27xxx-i2c: Do not free non existing IRQ
    - ALSA: Drop leftover snd-rtctimer stuff from Makefile
    - afs: Fix endless loop in directory parsing
    - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
    - wifi: nl80211: reject iftype change with mesh ID change
    - btrfs: dev-replace: properly validate device names
    - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
    - dmaengine: fsl-qdma: init irq after reg initialization
    - mmc: core: Fix eMMC initialization with 1-bit bus connection
    - x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers
    - cachefiles: fix memory leak in cachefiles_add_cache()
    - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
    - gpio: 74x164: Enable output pins after registers are reset
    - Linux 5.4.271
  * Focal update: v5.4.270 upstream stable release (LP: #2060019)
    - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()
    - KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
    - net/sched: Retire CBQ qdisc
    - [Config] updateconfigs for NET_SCH_CBQ
    - net/sched: Retire ATM qdisc
    - [Config] updateconfigs for NET_SCH_ATM
    - net/sched: Retire dsmark qdisc
    - [Config] updateconfigs for NET_SCH_DSMARK
    - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
    - memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock()
    - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
    - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
    - sched/rt: Fix sysctl_sched_rr_timeslice intial value
    - sched/rt: Disallow writing invalid values to sched_rt_period_us
    - scsi: target: core: Add TMF to tmr_list handling
    - dmaengine: shdma: increase size of 'dev_id'
    - dmaengine: fsl-qdma: increase size of 'irq_name'
    - wifi: cfg80211: fix missing interfaces when dumping
    - wifi: mac80211: fix race condition on enabling fast-xmit
    - fbdev: savage: Error out if pixclock equals zero
    - fbdev: sis: Error out if pixclock equals zero
    - ahci: asm1166: correct count of reported ports
    - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
    - ext4: avoid allocating blocks from corrupted group in
      ext4_mb_try_best_found()
    - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
    - regulator: pwm-regulator: Add validity checks in continuous .get_voltage
    - nvmet-tcp: fix nvme tcp ida memory leak
    - ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
    - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
      sctp_new
    - nvmet-fc: abort command when there is no binding
    - hwmon: (coretemp) Enlarge per package core count limit
    - scsi: lpfc: Use unsigned type for num_sge
    - firewire: core: send bus reset promptly on gap count error
    - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
    - s390/qeth: Fix potential loss of L3-IP@ in case of network issues
    - pmdomain: renesas: r8a77980-sysc: CR7 must be always on
    - tcp: factor out __tcp_close() helper
    - tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit
    - tcp: add annotations around sk->sk_shutdown accesses
    - pinctrl: pinctrl-rockchip: Fix a bunch of kerneldoc misdemeanours
    - pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
    - spi: mt7621: Fix an error message in mt7621_spi_probe()
    - net: bridge: clear bridge's private skb space on xmit
    - selftests/bpf: Avoid running unprivileged tests with alignment requirements
    - Revert "drm/sun4i: dsi: Change the start delay calculation"
    - drm/amdgpu: Check for valid number of registers to read
    - x86/alternatives: Disable KASAN in apply_alternatives()
    - dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata()
    - iomap: Set all uptodate bits for an Uptodate page
    - drm/amdgpu: Fix type of second parameter in trans_msg() callback
    - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node
    - PCI: tegra: Fix reporting GPIO error value
    - PCI: tegra: Fix OF node reference leak
    - IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
    - dm-crypt: don't modify the data when using authenticated encryption
    - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
    - PCI/MSI: Prevent MSI hardware interrupt number truncation
    - l2tp: pass correct message length to ip6_append_data
    - ARM: ep93xx: Add terminator to gpiod_lookup_table
    - usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()
    - usb: cdns3: fix memory double free when handle zero packet
    - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
    - usb: roles: don't get/set_role() when usb_role_switch is unregistered
    - IB/hfi1: Fix a memleak in init_credit_return
    - RDMA/bnxt_re: Return error for SRQ resize
    - RDMA/srpt: Make debug output more detailed
    - RDMA/srpt: fix function pointer cast warnings
    - scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions
    - bpf, scripts: Correct GPL license name
    - scsi: jazz_esp: Only build if SCSI core is builtin
    - nouveau: fix function cast warnings
    - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
    - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
    - afs: Increase buffer size in afs_update_volume_status()
    - ipv6: sr: fix possible use-after-free and null-ptr-deref
    - packet: move from strlcpy with unused retval to strscpy
    - s390: use the correct count for __iowrite64_copy()
    - tls: rx: jump to a more appropriate label
    - tls: rx: drop pointless else after goto
    - tls: stop recv() if initial process_rx_list gave us non-DATA
    - netfilter: nf_tables: set dormant flag on hook register failure
    - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
    - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set
    - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
    - scripts/bpf: Fix xdp_md forward declaration typo
    - Linux 5.4.270
  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  * CVE-2021-47070
    - uio: uio_hv_generic: use devm_kzalloc() for private data alloc
    - uio_hv_generic: Fix another memory leak in error handling paths
  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()

 -- Philip Cox <email address hidden>  Fri, 10 May 2024 10:32:13 -0400

Upload details

Uploaded by:
Philip Cox
Uploaded to:
Focal
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64 arm64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal proposed main devel

Builds

Focal: [FULLYBUILT] amd64 [FULLYBUILT] arm64

Downloads

File Size SHA-256 Checksum
linux-aws_5.4.0.orig.tar.gz 162.4 MiB 805f3ed93854317814c59caf2dbfd2097745685f95c8c18b509c9347dcc7d51f
linux-aws_5.4.0-1126.136.diff.gz 10.2 MiB f7957d62101e86db6e2d92bc75e0f1d17a3b86eef095d925d49d0929ef5e9e17
linux-aws_5.4.0-1126.136.dsc 4.1 KiB d4176ee34bb53f41ec5dfedefd0b466503da950aa2989a597eb0cf1a833d4c04

View changes file

Binary packages built by this source

linux-aws-cloud-tools-5.4.0-1126: Linux kernel version specific cloud tools for version 5.4.0-1126

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud tools for version 5.4.0-1126 on
 ARMv8.
 You probably want to install linux-cloud-tools-5.4.0-1126-<flavour>.

linux-aws-headers-5.4.0-1126: Header files related to Linux kernel version 5.4.0

 This package provides kernel header files for version 5.4.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-aws-headers-5.4.0-1126/debian.README.gz for details

linux-aws-tools-5.4.0-1126: Linux kernel version specific tools for version 5.4.0-1126

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-1126 on
 ARMv8.
 You probably want to install linux-tools-5.4.0-1126-<flavour>.

linux-buildinfo-5.4.0-1126-aws: Linux kernel buildinfo for version 5.4.0 on ARMv8 SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 ARMv8 SMP.
 .
 You likely do not want to install this package.

linux-cloud-tools-5.4.0-1126-aws: Linux kernel version specific cloud tools for version 5.4.0-1126

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.4.0-1126 on
 ARMv8.

linux-headers-5.4.0-1126-aws: Linux kernel headers for version 5.4.0 on ARMv8 SMP

 This package provides kernel header files for version 5.4.0 on
 ARMv8 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-1126/debian.README.gz for details.

linux-image-unsigned-5.4.0-1126-aws: Linux kernel image for version 5.4.0 on ARMv8 SMP

 This package contains the unsigned Linux kernel image for version 5.4.0 on
 ARMv8 SMP.
 .
 Supports AWS processors.
 .
 Geared toward Amazon Web Services (AWS) systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-aws meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.4.0-1126-aws-dbgsym: Linux kernel debug image for version 5.4.0 on ARMv8 SMP

 This package provides the unsigned kernel debug image for version 5.4.0 on
 ARMv8 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-modules-5.4.0-1126-aws: Linux kernel extra modules for version 5.4.0 on ARMv8 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports AWS processors.
 .
 Geared toward Amazon Web Services (AWS) systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-aws meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-extra-5.4.0-1126-aws: Linux kernel extra modules for version 5.4.0 on ARMv8 SMP

 This package contains the Linux kernel extra modules for version 5.4.0 on
 ARMv8 SMP.
 .
 Supports AWS processors.
 .
 Geared toward Amazon Web Services (AWS) systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-modules-extra-aws meta-package, which will ensure that upgrades
 work correctly, and that supporting packages are also installed.

linux-tools-5.4.0-1126-aws: Linux kernel version specific tools for version 5.4.0-1126

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-1126 on
 ARMv8.