Focal update: v5.4.271 upstream stable release

Bug #2060216 reported by Manuel Diewald
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Focal
Fix Released
Medium
Manuel Diewald

Bug Description

    SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.271 upstream stable release
       from git://git.kernel.org/

netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
net: ip_tunnel: prevent perpetual headroom growth
tun: Fix xdp_rxq_info's queue_index when detaching
ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected
net: usb: dm9601: fix wrong return value in dm9601_mdio_read
Bluetooth: Avoid potential use-after-free in hci_error_reset
Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
Bluetooth: Enforce validation on max value of connection interval
netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
efi/capsule-loader: fix incorrect allocation size
power: supply: bq27xxx-i2c: Do not free non existing IRQ
ALSA: Drop leftover snd-rtctimer stuff from Makefile
afs: Fix endless loop in directory parsing
gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
wifi: nl80211: reject iftype change with mesh ID change
btrfs: dev-replace: properly validate device names
dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
dmaengine: fsl-qdma: init irq after reg initialization
mmc: core: Fix eMMC initialization with 1-bit bus connection
x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers
cachefiles: fix memory leak in cachefiles_add_cache()
fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
gpio: 74x164: Enable output pins after registers are reset
Linux 5.4.271
UBUNTU: Upstream stable to v5.4.271

Manuel Diewald (diewald)
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Focal):
assignee: nobody → Manuel Diewald (diewald)
importance: Undecided → Medium
status: New → In Progress
description: updated
Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (8.6 KiB)

This bug was fixed in the package linux - 5.4.0-186.206

---------------
linux (5.4.0-186.206) focal; urgency=medium

  * focal/linux: 5.4.0-186.206 -proposed tracker (LP: #2063812)

  * Mount CIFS fails with Permission denied (LP: #2061986)
    - cifs: fix ntlmssp auth when there is no key exchange

  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown

  * CVE-2024-26733
    - net: dev: Convert sa_data to flexible array in struct sockaddr
    - arp: Prevent overflow in arp_req_get().
    - stddef: Introduce DECLARE_FLEX_ARRAY() helper

  * CVE-2024-26712
    - powerpc/kasan: Fix addr error caused by page alignment

  * CVE-2023-52530
    - wifi: mac80211: fix potential key use-after-free

  * CVE-2021-47063
    - drm: bridge/panel: Cleanup connector on bridge detach

  * [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output "UBSAN: array-
    index-out-of-bounds in /build/linux-hwe-6.5-34pCLi/linux-
    hwe-6.5-6.5.0/drivers/net/hyperv/netvsc.c:1445:41" multiple times,
    especially during boot. (LP: #2058477)
    - hv: hyperv.h: Replace one-element array with flexible-array member

  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create

  * Focal update: v5.4.271 upstream stable release (LP: #2060216)
    - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
    - net: ip_tunnel: prevent perpetual headroom growth
    - tun: Fix xdp_rxq_info's queue_index when detaching
    - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
    - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
      detected
    - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
    - Bluetooth: Avoid potential use-after-free in hci_error_reset
    - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
    - Bluetooth: Enforce validation on max value of connection interval
    - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
    - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
    - efi/capsule-loader: fix incorrect allocation size
    - power: supply: bq27xxx-i2c: Do not free non existing IRQ
    - ALSA: Drop leftover snd-rtctimer stuff from Makefile
    - afs: Fix endless loop in directory parsing
    - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
    - wifi: nl80211: reject iftype change with mesh ID change
    - btrfs: dev-replace: properly validate device names
    - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
    - dmaengine: fsl-qdma: init irq after reg initialization
    - mmc: core: Fix eMMC initialization with 1-bit bus connection
    - x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers
    - cachefiles: fix memory leak in cachefiles_add_cache()
    - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
    - gpio: 74x164: Enable output pins after registers are reset
    - Linux 5.4.271

  * Focal update: v5.4.270 upstream stable release (LP: #2060019)
    - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()
    - KVM: arm64: vgic-its: Test for valid...

Read more...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.