Release Info

* Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2023-52804 - fs: jfs: fix shift-out-of-bounds in dbAllocAG * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47153 - i2c: i801: Don't generate an interrupt on bus reset * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48757 - net: fix information leakage in /proc/net/ptype * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48760 - USB: core: Fix hang in usb_kill_urb by adding memory barriers * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47383 - tty: Fix out-of-bound vmalloc access in imageblit * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49145 - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) // CVE- url: https://ubuntu.com/security/CVE-2021-47458 - ocfs2: mount fails with buffer overflow in strlen * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47477 - comedi: dt9812: fix DMA buffers on stack * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47642 - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47565 - scsi: mpt3sas: Fix kernel panic during drive powercycle test * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47566 - proc/vmcore: fix clearing user buffer by properly using clear_user() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - net: ppp: Add bound checking for skb data on ppp_sync_txmung - wifi: at76c50x: fix use after free access in at76_disconnect

Update command: apt-get update apt-get --only-upgrade install linux*

linux-buildinfo-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-buildinfo-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-cloud-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb linux-cloud-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-cloud-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-cloud-tools-common_4.4.0-280.314_all.deb linux-doc_4.4.0-280.314_all.deb linux-headers-4.4.0-280-tuxcare.els51_4.4.0-280.314_all.deb linux-headers-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-headers-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-image-unsigned-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-image-unsigned-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-libc-dev_4.4.0-280.314_amd64.deb linux-modules-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-modules-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-modules-extra-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-source-4.4.0_4.4.0-280.314_all.deb linux-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb linux-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb linux-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb linux-tools-common_4.4.0-280.314_all.deb linux-tools-host_4.4.0-280.314_all.deb