* focal/linux: 5.4.0-190.210 -proposed tracker (LP: #2072108)
* CVE-2024-36016
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
* CVE-2022-48655
- firmware: arm_scmi: Harden accesses to the reset domains
* CVE-2024-26907
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment
* CVE-2024-26585
- tls: fix race between tx work scheduling and socket close
* CVE-2024-26584
- net: tls: handle backlogging of crypto requests
* CVE-2024-26583
- net/tls: Replace TLS_RX_SYNC_RUNNING with RCU
- net/tls: Fix use-after-free after the TLS device goes down and up
- tls: splice_read: fix record type check
- tls splice: remove inappropriate flags checking for MSG_PEEK
- tls: splice_read: fix accessing pre-processed records
- tls: Fix context leak on tls_device_down
- net/tls: Check for errors in tls_device_init
- net/tls: Remove the context from the list in tls_device_down
- net/tls: pass context to tls_device_decrypted()
- net/tls: Perform immediate device ctx cleanup when possible
- net/tls: Multi-threaded calls to TX tls_dev_del
- net: tls: avoid discarding data on record close
- tls: rx: don't store the record type in socket context
- tls: rx: don't store the decryption status in socket context
- tls: rx: don't issue wake ups when data is decrypted
- tls: rx: refactor decrypt_skb_update()
- tls: hw: rx: use return value of tls_device_decrypted() to carry status
- tls: rx: drop unnecessary arguments from tls_setup_from_iter()
- tls: rx: don't report text length from the bowels of decrypt
- tls: rx: wrap decryption arguments in a structure
- tls: rx: factor out writing ContentType to cmsg
- tls: rx: don't track the async count
- tls: rx: assume crypto always calls our callback
- tls: rx: use async as an in-out argument
- tls: decrement decrypt_pending if no async completion will be called
- net: tls: fix async vs NIC crypto offload
- tls: rx: simplify async wait
- tls: extract context alloc/initialization out of tls_set_sw_offload
- net: tls: factor out tls_*crypt_async_wait()
- tls: fix race between async notify and socket close
This bug was fixed in the package linux-kvm - 5.4.0-1117.124
---------------
linux-kvm (5.4.0-1117.124) focal; urgency=medium
* focal/linux-kvm: 5.4.0-1117.124 -proposed tracker (LP: #2072098)
[ Ubuntu: 5.4.0-190.210 ]
* focal/linux: 5.4.0-190.210 -proposed tracker (LP: #2072108) decrypted( ) skb_update( ) decrypted( ) to carry status from_iter( ) ation out of tls_set_sw_offload async_wait( )
* CVE-2024-36016
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
* CVE-2022-48655
- firmware: arm_scmi: Harden accesses to the reset domains
* CVE-2024-26907
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment
* CVE-2024-26585
- tls: fix race between tx work scheduling and socket close
* CVE-2024-26584
- net: tls: handle backlogging of crypto requests
* CVE-2024-26583
- net/tls: Replace TLS_RX_SYNC_RUNNING with RCU
- net/tls: Fix use-after-free after the TLS device goes down and up
- tls: splice_read: fix record type check
- tls splice: remove inappropriate flags checking for MSG_PEEK
- tls: splice_read: fix accessing pre-processed records
- tls: Fix context leak on tls_device_down
- net/tls: Check for errors in tls_device_init
- net/tls: Remove the context from the list in tls_device_down
- net/tls: pass context to tls_device_
- net/tls: Perform immediate device ctx cleanup when possible
- net/tls: Multi-threaded calls to TX tls_dev_del
- net: tls: avoid discarding data on record close
- tls: rx: don't store the record type in socket context
- tls: rx: don't store the decryption status in socket context
- tls: rx: don't issue wake ups when data is decrypted
- tls: rx: refactor decrypt_
- tls: hw: rx: use return value of tls_device_
- tls: rx: drop unnecessary arguments from tls_setup_
- tls: rx: don't report text length from the bowels of decrypt
- tls: rx: wrap decryption arguments in a structure
- tls: rx: factor out writing ContentType to cmsg
- tls: rx: don't track the async count
- tls: rx: assume crypto always calls our callback
- tls: rx: use async as an in-out argument
- tls: decrement decrypt_pending if no async completion will be called
- net: tls: fix async vs NIC crypto offload
- tls: rx: simplify async wait
- tls: extract context alloc/initializ
- net: tls: factor out tls_*crypt_
- tls: fix race between async notify and socket close
-- Thibault Ferrante <email address hidden> Fri, 12 Jul 2024 10:03:23 +0200