jammy/linux-kvm: 5.15.0-1014.17 -proposed tracker

ADT and RT look okay, marking automated and regression testing passed

This bug was fixed in the package linux-kvm - 5.15.0-1016.19

---------------
linux-kvm (5.15.0-1016.19) jammy; urgency=medium

  [ Ubuntu: 5.15.0-46.49 ]

  * CVE-2022-2585
    - SAUCE: posix-cpu-timers: Cleanup CPU timers before freeing them during exec
  * CVE-2022-2586
    - SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
    - SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
  * CVE-2022-2588
    - SAUCE: net_sched: cls_route: remove from list when handle is 0

linux-kvm (5.15.0-1015.18) jammy; urgency=medium

  * jammy/linux-kvm: 5.15.0-1015.18 -proposed tracker (LP: #1983062)

  * CVE-2022-29900 // CVE-2022-29901
    - [Config] kvm: Enable speculation mitigations

  [ Ubuntu: 5.15.0-45.48 ]

  * CVE-2022-29900 // CVE-2022-29901
    - x86/lib/atomic64_386_32: Rename things
    - x86: Prepare asm files for straight-line-speculation
    - x86: Prepare inline-asm for straight-line-speculation
    - x86/alternative: Relax text_poke_bp() constraint
    - kbuild: move objtool_args back to scripts/Makefile.build
    - x86: Add straight-line-speculation mitigation
    - kvm/emulate: Fix SETcc emulation function offsets with SLS
    - crypto: x86/poly1305 - Fixup SLS
    - objtool: Add straight-line-speculation validation
    - objtool: Fix SLS validation for kcov tail-call replacement
    - objtool: Fix objtool regression on x32 systems
    - objtool: Fix symbol creation
    - objtool: Introduce CFI hash
    - objtool: Default ignore INT3 for unreachable
    - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
    - x86/traps: Use pt_regs directly in fixup_bad_iret()
    - x86/entry: Switch the stack after error_entry() returns
    - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
    - x86/entry: Don't call error_entry() for XENPV
    - x86/entry: Remove skip_r11rcx
    - x86/realmode: build with -D__DISABLE_EXPORTS
    - x86/ibt,ftrace: Make function-graph play nice
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/retpoline: Cleanup some #ifdefery
    - x86/retpoline: Swizzle retpoline thunk
    - x86/retpoline: Use -mfunction-return
    - x86: Undo return-thunk damage
    - x86,objtool: Create .return_sites
    - objtool: skip non-text sections when adding return-thunk sites
    - x86,static_call: Use alternative RET encoding
    - x86/ftrace: Use alternative RET encoding
    - x86/bpf: Use alternative RET encoding
    - x86/kvm: Fix SETcc emulation for return thunks
    - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
    - x86/sev: Avoid using __x86_return_thunk
    - x86: Use return-thunk in asm code
    - x86/entry: Avoid very early RET
    - objtool: Treat .text.__x86.* as noinstr
    - x86: Add magic AMD return-thunk
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Enable STIBP for JMP2RET
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Ad...