* jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
[ Ubuntu: 5.15.0-112.122 ]
* jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)
* CVE-2024-21823
- dmanegine: idxd: reformat opcap output to match bitmap_parse() input
- dmaengine: idxd: add WQ operation cap restriction support
- dmaengine: idxd: add knob for enqcmds retries
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- dmaengine: idxd: add a new security check to deal with a hardware erratum
- dmaengine: idxd: add a write() method for applications to submit work
-- Joseph Salisbury <email address hidden> Wed, 12 Jun 2024 16:36:43 -0400
This bug was fixed in the package linux-gkeop - 5.15.0-1047.54
---------------
linux-gkeop (5.15.0-1047.54) jammy; urgency=medium
* jammy/linux-gkeop: 5.15.0-1047.54 -proposed tracker (LP: #2068210)
[ Ubuntu: 5.15.0-113.123 ]
* jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
[ Ubuntu: 5.15.0-112.122 ]
* jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)
* CVE-2024-21823
- dmanegine: idxd: reformat opcap output to match bitmap_parse() input
- dmaengine: idxd: add WQ operation cap restriction support
- dmaengine: idxd: add knob for enqcmds retries
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- dmaengine: idxd: add a new security check to deal with a hardware erratum
- dmaengine: idxd: add a write() method for applications to submit work
-- Joseph Salisbury <email address hidden> Wed, 12 Jun 2024 16:36:43 -0400