Comment 2 for bug 2068178

This bug was fixed in the package linux-riscv-6.5 - 6.5.0-42.42.1~22.04.1

---------------
linux-riscv-6.5 (6.5.0-42.42.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.5: 6.5.0-42.42.1~22.04.1 -proposed tracker
    (LP: #2068178)

  [ Ubuntu: 6.5.0-42.42.1 ]

  * mantic/linux-riscv: 6.5.0-42.42.1 -proposed tracker (LP: #2068180)
  * mantic/linux: 6.5.0-42.42 -proposed tracker (LP: #2068188)
  * CVE-2024-26925
    - netfilter: nf_tables: release batch on table validation from abort path
    - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element
  * CVE-2024-26809
    - netfilter: nft_set_pipapo: release elements in clone only from destroy path
  * Mantic update: upstream stable patchset 2024-04-02 (LP: #2059991) //
    CVE-2024-26809
    - netfilter: nft_set_pipapo: store index in scratch maps
    - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
    - netfilter: nft_set_pipapo: remove scratch_aligned pointer
  * CVE-2024-26643
    - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
      timeout
  * mantic/linux: 6.5.0-41.41 -proposed tracker (LP: #2065893)
  * CVE-2024-21823
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

 -- Hannah Peuckmann <email address hidden> Thu, 20 Jun 2024 09:51:22 +0200