Comment 2 for bug 2075799

This bug was fixed in the package linux-oracle - 5.4.0-1130.139

---------------
linux-oracle (5.4.0-1130.139) focal; urgency=medium

  * focal/linux-oracle: 5.4.0-1130.139 -proposed tracker (LP: #2075799)

  [ Ubuntu: 5.4.0-193.213 ]

  * focal/linux: 5.4.0-193.213 -proposed tracker (LP: #2075804)
  * CVE-2024-26921
    - skbuff: introduce skb_expand_head()
    - skb_expand_head() adjust skb->truesize incorrectly
    - inet: inet_defrag: prevent sk release while still in use
  * CVE-2024-26929
    - scsi: qla2xxx: Fix double free of fcport
  * CVE-2024-39484
    - mmc: davinci: Don't strip remove function when driver is builtin
  * CVE-2024-36901
    - ipv6: prevent NULL dereference in ip6_output()
  * CVE-2024-26830
    - i40e: Refactoring VF MAC filters counting to make more reliable
    - i40e: Fix MAC address setting for a VF via Host/VM
    - i40e: Do not allow untrusted VF to remove administratively set MAC
  * CVE-2024-24860
    - Bluetooth: Fix atomicity violation in {min, max}_key_size_set
  * CVE-2023-52760
    - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
  * CVE-2024-2201
    - [Config] Set SPECTRE_BHI_ON=y
  * CVE-2023-52629
    - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
  * CVE-2021-46926
    - ALSA: hda: intel-sdw-acpi: harden detection of controller

 -- Philip Cox <email address hidden> Wed, 07 Aug 2024 10:01:27 -0400