Jammy update: v5.15.20 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.15.20 upstream stable release
from git://git.
Linux 5.15.20
ovl: fix NULL pointer dereference in copy up warning
tcp: add missing tcp_skb_
af_packet: fix data-race in packet_setsockopt / packet_setsockopt
e1000e: Handshake with CSME starts from ADL platforms
cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
net: sched: fix use-after-free in tc_new_tfilter()
fanotify: Fix stale file descriptor in copy_event_
net: amd-xgbe: Fix skb data length underflow
net: amd-xgbe: ensure to reset the tx_timer_active flag
i40e: Fix reset path while removing the driver
i40e: Fix reset bw limit when DCB enabled with 1 TC
ipheth: fix EOVERFLOW in ipheth_
net/mlx5: E-Switch, Fix uninitialized variable modact
net/mlx5: Bridge, Fix devlink deadlock on net namespace deletion
net/mlx5e: Don't treat small ceil values as unlimited in HTB offload
net/mlx5: Fix offloading with ESWITCH_
net/mlx5e: Fix module EEPROM query
net/mlx5: Use del_timer_sync in fw reset flow of halting poll
net/mlx5e: Fix handling of wrong devices during bond netevent
net/mlx5: Bridge, ensure dev_name is null-terminated
net/mlx5: Bridge, take rtnl lock in init error handler
net/mlx5e: IPsec: Fix tunnel mode crypto offload for non TCP/UDP traffic
lockd: fix failure to cleanup client locks
lockd: fix server crash on reboot of client holding lock
ovl: don't fail copy up if no fileattr support on upper
Revert "mm/gup: small refactoring: simplify try_grab_page()"
cgroup-v1: Require capabilities to set release_agent
drm/vc4: hdmi: Make sure the device is powered with CEC
net: ipa: prevent concurrent replenish
net: ipa: use a bitmap for endpoint replenish_enabled
selftests: mptcp: fix ipv6 routing setup
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
CVE References
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
This bug was fixed in the package linux - 5.15.0-23.23
---------------
linux (5.15.0-23.23) jammy; urgency=medium
* jammy/linux: 5.15.0-23.23 -proposed tracker (LP: #1964573)
* Packaging resync (LP: #1786013) ,--nvidia- N} from LRMv5 dkms-versions -- update from kernel-versions (main/master)
- [Packaging] resync dkms-build{
- debian/
* [22.04 FEAT] KVM: Enable GISA support for Secure Execution guests
(LP: #1959977)
- KVM: s390: pv: make use of ultravisor AIV support
* intel_iommu breaks Intel IPU6 camera: isys port open ready failed -16
(LP: #1958004)
- SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs
* CVE-2022-23960 v4_patch_ fw_mitigation_ conduit el1_vectors for mitigations WORKAROUND_ 3 to be discovered and migrated
- ARM: report Spectre v2 status through sysfs
- ARM: early traps initialisation
- ARM: use LOADADDR() to get load address of sections
- ARM: Spectre-BHB workaround
- ARM: include unprivileged BPF status in Spectre V2 reporting
- arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
- arm64: Add HWCAP for self-synchronising virtual counter
- arm64: Add Cortex-X2 CPU part definition
- arm64: add ID_AA64ISAR2_EL1 sys register
- arm64: cpufeature: add HWCAP for FEAT_AFP
- arm64: cpufeature: add HWCAP for FEAT_RPRES
- arm64: entry.S: Add ventry overflow sanity checks
- arm64: spectre: Rename spectre_
- KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
- arm64: entry: Make the trampoline cleanup optional
- arm64: entry: Free up another register on kpti's tramp_exit path
- arm64: entry: Move the trampoline data page before the text page
- arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
- arm64: entry: Don't assume tramp_vectors is the start of the vectors
- arm64: entry: Move trampoline macros out of ifdef'd section
- arm64: entry: Make the kpti trampoline's kpti sequence optional
- arm64: entry: Allow the trampoline text to occupy multiple pages
- arm64: entry: Add non-kpti __bp_harden_
- arm64: entry: Add vectors that have the bhb mitigation sequences
- arm64: entry: Add macro for reading symbol addresses from the trampoline
- arm64: Add percpu vectors for EL1
- arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
- arm64: Mitigate spectre style branch history side channels
- KVM: arm64: Allow SMCCC_ARCH_
- arm64: Use the clearbhb instruction in mitigations
- arm64: proton-pack: Include unprivileged eBPF status in Spectre v2
mitigation reporting
- ARM: fix build error when BPF_SYSCALL is disabled
* CVE-2021-26401
- x86/speculation: Use generic retpoline by default on AMD
- x86/speculation: Update link to AMD speculation whitepaper
- x86/speculation: Warn about Spectre v2 LFENCE mitigation
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
* CVE-2022-0001 v2=retpoline, amd
- x86,bugs: Unconditionally allow spectre_
- x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
- x86/speculation: Add eIBRS + Retpoline options
- Document...