* jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
[ Ubuntu: 5.15.0-112.122 ]
* jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)
* CVE-2024-21823
- dmanegine: idxd: reformat opcap output to match bitmap_parse() input
- dmaengine: idxd: add WQ operation cap restriction support
- dmaengine: idxd: add knob for enqcmds retries
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- dmaengine: idxd: add a new security check to deal with a hardware erratum
- dmaengine: idxd: add a write() method for applications to submit work
-- John Cabaj <email address hidden> Thu, 13 Jun 2024 10:14:12 -0500
This bug was fixed in the package linux-ibm - 5.15.0-1057.60
---------------
linux-ibm (5.15.0-1057.60) jammy; urgency=medium
* jammy/linux-ibm: 5.15.0-1057.60 -proposed tracker (LP: #2068212)
[ Ubuntu: 5.15.0-113.123 ]
* jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
* CVE-2024-26924
- netfilter: nft_set_pipapo: do not free live element
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
[ Ubuntu: 5.15.0-112.122 ]
* jammy/linux: 5.15.0-112.122 -proposed tracker (LP: #2065898)
* CVE-2024-21823
- dmanegine: idxd: reformat opcap output to match bitmap_parse() input
- dmaengine: idxd: add WQ operation cap restriction support
- dmaengine: idxd: add knob for enqcmds retries
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- dmaengine: idxd: add a new security check to deal with a hardware erratum
- dmaengine: idxd: add a write() method for applications to submit work
-- John Cabaj <email address hidden> Thu, 13 Jun 2024 10:14:12 -0500