Release Info

Advisory: CLSA-2023:1695144235

OS: Ubuntu 16.04 ELS

Public date: 2023-09-19 13:23:57

Project: linux-hwe

Version: 4.15.0-217.228~16.04.1

Errata link:


* Miscellaneous Ubuntu changes - update-from-bionic-master repo has been updated - fix tuxcare.suffix after rebase from bionic [ Ubuntu: 4.15.0-217.228 ] * CVE-url: - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: - nvme: ensure subsystem reset is single threaded * CVE-url: - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 [ Ubuntu: 4.15.0-216.227 ] * Jammy update: v5.15.86 upstream stable release (LP: #2005113) // CVE-url: - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() * Jammy update: v5.15.87 upstream stable release (LP: #2007441) // CVE-url: - net: sched: cbq: dont intepret cls results when asked to drop * Jammy update: v5.15.76 upstream stable release (LP: #1997113) // CVE-url: - net: sched: fix race condition in qdisc_graft() * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition * Jammy update: v5.15.91 upstream stable release (LP: #2011467) // CVE-url: - l2tp: Serialize access to sk_user_data with sk_callback_lock * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: - net: qcom/emac: Fix use after free bug in emac_remove due to race condition * CVE-2023-31084 // CVE-2023-31084 was assigned to this bug. // CVE-url: - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() * Jammy update: v5.15.99 upstream stable release (LP: #2018438) // CVE-url: - fs: hfsplus: fix UAF issue in hfsplus_put_super * Jammy update: v5.15.111 upstream stable release (LP: #2025095) // CVE-url: - dm ioctl: fix nested locking in table_clear() to remove deadlock concern [ Ubuntu: 4.15.0-215.226 ] * CVE-url: - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: - net/sched: cls_fw: Fix improper refcount update leads to use-after-free [ Ubuntu: 4.15.0-214.225 ] * Jammy update: v5.15.75 upstream stable release (LP: #1996825) // CVE-url: - ext4: fix check for block being out of directory size * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: - ext4: check if directory block is within i_size * Jammy update: v5.15.68 upstream stable release (LP: #1993003) // CVE-url: - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * CVE-2023-1670 // CVE-url: - xirc2ps_cs: Fix use after free bug in xirc2ps_detach * CVE-url: - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition * Jammy update: v5.15.104 upstream stable release (LP: #2023225) // CVE-url: - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition * CVE-url: - scsi: dpt_i2o: Remove obsolete driver * CVE-2023-2124 // CVE-url: - xfs: verify buffer contents when we skip log replay * CVE-url: - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function * CVE-url: - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() * CVE-url: - ipvlan:Fix out-of-bounds caused by unclear skb->cb * Jammy update: v5.15.63 upstream stable release (LP: #1990564) // CVE-url: - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() * CVE-url: - btrfs: check return value of btrfs_commit_transaction in relocation * CVE-url: - memstick: r592: Fix UAF bug in r592_remove due to race condition * CVE-url: - gfs2: Don't deref jdesc in evict * CVE-url: - kernel/relay.c: fix read_pos error when multiple readers - relayfs: fix out-of-bounds access in relay_file_read * CVE-url: - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE * CVE-url: - media: saa7134: fix use after free bug in saa7134_finidev due to race condition * CVE-url: - media: dm1105: Fix use after free bug in dm1105_remove due to race condition * Miscellaneous Ubuntu changes - [Config] updateconfigs for SCSI_DPT_I2O * Miscellaneous upstream changes - fixup! UBUNTU: [Packaging]: add tuxcare suffix [ Ubuntu: 4.15.0-213.224 ] * Jammy update: v5.15.97 upstream stable release (LP: #2015599) - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). [ Ubuntu: 4.15.0-212.223 ] * bionic/linux: 4.15.0-212.223 -proposed tracker (LP: #2019708) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts * CVE-2023-32233 - netfilter: nf_tables: add nft_set_is_anonymous() helper - netfilter: nf_tables: split set destruction in deactivate and destroy phase - netfilter: nf_tables: unbind set in rule from commit path - netfilter: nf_tables: bogus EBUSY in helper removal from transaction - netfilter: nf_tables: fix set double-free in abort path - netfilter: nf_tables: bogus EBUSY when deleting set after flush - netfilter: nf_tables: use-after-free in failing rule with bound set - netfilter: nf_tables: deactivate anonymous set from preparation phase * CVE-2023-31436 - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg * CVE-2023-1380 - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() * CVE-2023-30456 - KVM: nVMX: add missing consistency checks for CR0 and CR4


Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-buildinfo-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb linux-cloud-tools-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-cloud-tools-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb linux-headers-4.15.0-217-tuxcare.els15_4.15.0-217.228~16.04.1_all.deb linux-headers-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-headers-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-217-tuxcare.els15_4.15.0-217.228~16.04.1_amd64.deb linux-hwe-tools-4.15.0-217-tuxcare.els15_4.15.0-217.228~16.04.1_amd64.deb linux-image-unsigned-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-image-unsigned-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb linux-modules-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-modules-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb linux-modules-extra-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-217.228~16.04.1_all.deb linux-tools-4.15.0-217-tuxcare.els15-generic_4.15.0-217.228~16.04.1_amd64.deb linux-tools-4.15.0-217-tuxcare.els15-lowlatency_4.15.0-217.228~16.04.1_amd64.deb