Kernel SRU Workflow

jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker

Series prepare-package-meta
Bug #2034204

Bug #2034204 reported by Thadeu Lima de Souza Cascardo on 2023-09-05

This bug affects 2 people

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Invalid	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Kernel-signoff	Fix Released	Medium	Canonical Kernel Team
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Timo Aaltonen
Prepare-package-generate	Fix Released	Medium	Timo Aaltonen
Prepare-package-lrg	Fix Released	Medium	Timo Aaltonen
Prepare-package-lrm	Fix Released	Medium	Timo Aaltonen
Prepare-package-lrs	Fix Released	Medium	Timo Aaltonen
Prepare-package-meta	Fix Released	Medium	Timo Aaltonen
Prepare-package-signed	Fix Released	Medium	Timo Aaltonen
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-oem-6.0 (Ubuntu)
Jammy	Fix Released	Medium	Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
built:
  from: b62da1db52fa962e
  route-entry: 2
delta:
  promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
  promote-to-security: []
  promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
  boot-testing-requested: true
  proposed-announcement-sent: true
  proposed-testing-requested: true
issue: KSRU-9713
packages:
  generate: linux-generate-oem-6.0
  lrg: linux-restricted-generate-oem-6.0
  lrm: linux-restricted-modules-oem-6.0
  lrs: linux-restricted-signatures-oem-6.0
  main: linux-oem-6.0
  meta: linux-meta-oem-6.0
  signed: linux-signed-oem-6.0
phase: Complete
phase-changed: Tuesday, 19. September 2023 12:07 UTC
reason: {}
synthetic:
  :promote-to-as-proposed: Invalid
variant: debs
versions:
  lrm: 6.0.0-1021.21
  main: 6.0.0-1021.21
  meta: 6.0.0.1021.21
  signed: 6.0.0-1021.21
~~:
  announce:
    swm-transition-crankable: 2023-09-07 12:31:29.712407
  clamps:
    new-review: b62da1db52fa962e
    promote-to-proposed: b62da1db52fa962e
    self: 6.0.0-1021.21
    sru-review: b62da1db52fa962e

See original description

Tags:

CVE References

Thadeu Lima de Souza Cascardo (cascardo) on 2023-09-05

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-s2023.08.07-1
description:	updated
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-05

Changed in linux-oem-6.0 (Ubuntu Jammy):
importance:	Undecided → Medium
tags:	added: kernel-block-derivatives
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged
description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-05

tags:	added: kernel-jira-issue-ksru-9713
description:	updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-05:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-oem-6.0 (Ubuntu Jammy):
status:	New → Confirmed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-05

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-06

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Timo Aaltonen (tjaalton) on 2023-09-07

summary:

- jammy/linux-oem-6.0: <version to be filled> -proposed tracker
+ jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Timo Aaltonen (tjaalton) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-07

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-18

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-18:

Download full text (4.5 KiB)

This bug was fixed in the package linux-oem-6.0 - 6.0.0-1021.21

---------------
linux-oem-6.0 (6.0.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker (LP: #2034204)

* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper

* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb

* CVE-2023-1611
- btrfs: fix race between quota disable and quota assign ioctls

  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()

  * CVE-2023-1076
    - net: add sock_init_data_uid()
    - tun: tun_chr_open(): correctly initialize socket uid
    - tap: tap_open(): correctly initialize socket uid

* CVE-2023-40283
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb

* CVE-2023-4569
- netfilter: nf_tables: deactivate catchall elements in next generation

  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

* CVE-2023-4273
- exfat: check if filename entries exceeds max filename length

* CVE-2023-1206
- tcp: Reduce chance of collisions in inet6_hashfn().

* CVE-2023-3863
- net: nfc: Fix use-after-free caused by nfc_llcp_find_local

  * CVE-2022-27672
    - x86/speculation: Identify processors vulnerable to SMT RSB predictions
    - KVM: x86: Mitigate the cross-thread return address predictions bug
    - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions

* CVE-2023-3141
- memstick: r592: Fix UAF bug in r592_remove due to race condition

* CVE-2023-3220
- drm/msm/dpu: Add check for pstates

  * CVE-2022-4269
    - net/sched: act_mirred: better wording on protection against excessive stack
      growth
    - act_mirred: use the backlog for nested calls to mirred ingress

  * CVE-2023-28466
    - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
      do_tls_setsockopt_conf()

* CVE-2023-2235
- perf: Fix check before add_event_to_groups() in perf_group_detach()

* CVE-2023-2163
- bpf: Fix incorrect verifier pruning due to missing register precision taints

* CVE-2023-2002
- bluetooth: Perform careful capability checks in hci_sock_ioctl()

  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails

  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID

* CVE-2023-3777
- netfilter: nf_tables: skip bound chain on rule flush

* CVE-2023-3390
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

* CVE-2023-3609
- net/sched: cls_u32: Fix reference counter leak leading to overflow

* CVE-2023-20593
- x86/cpu/amd: Move the errata checking f...

This bug was fixed in the package linux-oem-6.0 - 6.0.0-1021.21

---------------
linux-oem-6.0 (6.0.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker (LP: #2034204)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

* CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb

* CVE-2023-1611
    - btrfs: fix race between quota disable and quota assign ioctls

* CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()

* CVE-2023-1076
    - net: add sock_init_data_uid()
    - tun: tun_chr_open(): correctly initialize socket uid
    - tap: tap_open(): correctly initialize socket uid

* CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb

* CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation

* CVE-2023-4273
    - exfat: check if filename entries exceeds max filename length

* CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().

* CVE-2023-3863
    - net: nfc: Fix use-after-free caused by nfc_llcp_find_local

* CVE-2023-3141
    - memstick: r592: Fix UAF bug in r592_remove due to race condition

* CVE-2023-3220
    - drm/msm/dpu: Add check for pstates

* CVE-2022-4269
    - net/sched: act_mirred: better wording on protection against excessive stack
      growth
    - act_mirred: use the backlog for nested calls to mirred ingress

* CVE-2023-28466
    - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
      do_tls_setsockopt_conf()

* CVE-2023-2235
    - perf: Fix check before add_event_to_groups() in perf_group_detach()

* CVE-2023-2163
    - bpf: Fix incorrect verifier pruning due to missing register precision taints

* CVE-2023-2002
    - bluetooth: Perform careful capability checks in hci_sock_ioctl()

* CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID

* CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush

* CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

* CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow

* CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix

* CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal

* CVE-2023-3611
    - net/sched: sch_qfq: refactor parsing of netlink parameters
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue

* CVE-2023-3610
    - netfilter: nf_tables: fix chain binding transaction logic

* CVE-2023-2162
    - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

* CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg

* CVE-2023-32269
    - netrom: Fix use-after-free caused by accept on already connected socket

* CVE-2023-2898
    - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()

* CVE-2023-28328
    - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()

* CVE-2023-0458
    - prlimit: do_prlimit needs to have a speculation check

* CVE-2023-3776
    - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

* CVE-2023-2269
    - dm ioctl: fix nested locking in table_clear() to remove deadlock concern

* CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()

* CVE-2023-1075
    - net/tls: tls_is_tx_ready() checked list_entry

* Miscellaneous Ubuntu changes
    - [Config] Update gcc version

-- Timo Aaltonen <timo.aaltonen@canonical.com>  Thu, 07 Sep 2023 16:59:43 +0300

Changed in linux-oem-6.0 (Ubuntu Jammy):
status:	Confirmed → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-19

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-19

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-19: Workflow done!

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-11-14

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.