Ubuntu
linux package

linux 5.4.0-216.236 source package in Ubuntu

Changelog

linux (5.4.0-216.236) focal; urgency=medium

  * focal/linux: 5.4.0-216.236 -proposed tracker (LP: #2106869)

  * CVE-2023-52741
    - cifs: Fix use-after-free in rdata->read_into_pages()

  * CVE-2021-47191
    - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()

  * iommu/arm-smmu-v3: Don't reserve implementation defined register space
    (LP: #2067864)
    - iommu/arm-smmu-v3: Don't reserve implementation defined register space

  * CVE-2025-21971
    - net_sched: Prevent creation of classes with TC_H_ROOT

  * CVE-2024-56599
    - wifi: ath10k: avoid NULL pointer error during sdio remove

  * Focal update: v5.4.291 upstream stable release (LP: #2106002)
    - perf cs-etm: Add missing variable in cs_etm__process_queues()
    - udf: Fix use of check_add_overflow() with mixed type arguments
    - overflow: Add __must_check attribute to check_*() helpers
    - overflow: Correct check_shl_overflow() comment
    - overflow: Allow mixed type arguments
    - afs: Fix directory format encoding struct
    - partitions: ldm: remove the initial kernel-doc notation
    - drm/etnaviv: Fix page property being used for non writecombine buffers
    - wifi: rtlwifi: do not complete firmware loading needlessly
    - rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg
    - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    - wifi: rtlwifi: usb: fix workqueue leak when probe fails
    - dt-bindings: mmc: controller: clarify the address-cells description
    - rtlwifi: replace usage of found with dedicated list iterator variable
    - wifi: rtlwifi: remove unused timer and related code
    - wifi: rtlwifi: remove unused dualmac control leftovers
    - wifi: rtlwifi: pci: wait for firmware loading before releasing memory
    - cpupower: fix TSC MHz calculation
    - regulator: of: Implement the unwind path of of_regulator_match()
    - wifi: wlcore: fix unbalanced pm_runtime calls
    - selftests/harness: Display signed values correctly
    - selftests: harness: fix printing of mismatch values in __EXPECT()
    - clk: analogbits: Fix incorrect calculation of vco rate delta
    - net/mlxfw: Drop hard coded max FW flash image size
    - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind
    - ASoC: sun4i-spdif: Add clock multiplier settings
    - perf header: Fix one memory leakage in process_bpf_btf()
    - perf header: Fix one memory leakage in process_bpf_prog_info()
    - ktest.pl: Remove unused declarations in run_bisect_test function
    - padata: fix sysfs store callback check
    - perf top: Don't complain about lack of vmlinux when not resolving some
      kernel samples
    - perf report: Fix misleading help message about --demangle
    - RDMA/mlx4: Avoid false error about access to uninitialized gids array
    - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property
    - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names
    - ARM: dts: mediatek: mt7623: fix IR nodename
    - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device()
    - media: rc: iguanair: handle timeouts
    - media: lmedm04: Use GFP_KERNEL for URB allocation/submission.
    - media: lmedm04: Handle errors for lme2510_int_read
    - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy()
    - media: mipi-csis: Add check for clk_enable()
    - media: camif-core: Add check for clk_enable()
    - media: uvcvideo: Propagate buf->error to userspace
    - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs()
    - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1
    - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails
    - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot
    - module: Extend the preempt disabled section in
      dereference_symbol_descriptor().
    - dmaengine: ti: edma: fix OF node reference leaks in edma_driver
    - net: fec: implement TSO descriptor cleanup
    - PM: hibernate: Add error handling for syscore_suspend()
    - perf trace: Fix runtime error of index out of bounds
    - vsock: Allow retrying on connect() failure
    - net: sh_eth: Fix missing rtnl lock in suspend/resume path
    - genksyms: fix memory leak when the same symbol is added from source
    - genksyms: fix memory leak when the same symbol is read from *.symref file
    - hexagon: fix using plain integer as NULL pointer warning in cmpxchg
    - hexagon: Fix unbalanced spinlock in die()
    - NFSD: Reset cb_seq_status after NFS4ERR_DELAY
    - ktest.pl: Check kernelrelease return in get_version
    - drivers/card_reader/rtsx_usb: Restore interrupt based detection
    - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    - btrfs: output the reason for open_ctree() failure
    - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling
    - sched: Don't try to catch up excess steal time.
    - x86/amd_nb: Restrict init function to AMD-based systems
    - tun: fix group permission check
    - mmc: core: Respect quirk_max_rate for non-UHS SDIO card
    - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
    - HID: Wacom: Add PCI Wacom device support
    - APEI: GHES: Have GHES honor the panic= setting
    - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode
    - spi-mxs: Fix chipselect glitch
    - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link
    - nilfs2: eliminate staggered calls to kunmap in nilfs_rename
    - media: uvcvideo: Only save async fh if success
    - kbuild: userprogs: use correct lld when linking through clang
    - tasklet: Introduce new initialization API
    - net: usb: rtl8150: use new tasklet API
    - usb: xhci: Add timeout argument in address_device USB HCD callback
    - nvme: handle connectivity loss in nvme_set_queue_count
    - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry
    - gpu: drm_dp_cec: fix broken CEC adapter properties check
    - tg3: Disable tg3 PCIe AER on system reboot
    - udp: gso: do not drop small packets when PMTU reduces
    - tun: revert fix group permission check
    - cpufreq: s3c64xx: Fix compilation warning
    - leds: lp8860: Write full EEPROM, not only half of it
    - s390/futex: Fix FUTEX_OP_ANDN implementation
    - m68k: vga: Fix I/O defines
    - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma
    - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages
    - drm/komeda: Add check for komeda_get_layer_fourcc_list()
    - clk: qcom: clk-alpha-pll: fix alpha mode configuration
    - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate
    - perf bench: Fix undefined behavior in cmpworker()
    - of: Correct child specifier used as input of the 2nd nexus node
    - of: Fix of_find_node_opts_by_path() handling of alias+path+options
    - of: reserved-memory: Fix using wrong number of cells to get property
      'alignment'
    - HID: hid-sensor-hub: don't use stale platform-data on remove
    - usb: gadget: f_tcm: Translate error to sense
    - usb: gadget: f_tcm: Decrement command ref count on cleanup
    - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint
    - usb: gadget: f_tcm: Don't prepare BOT write request twice
    - serial: sh-sci: Drop __initdata macro for port_cfg
    - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
      in use
    - powerpc/pseries/eeh: Fix get PE state translation
    - kbuild: Move -Wenum-enum-conversion to W=2
    - soc: qcom: smem_state: fix missing of_node_put in error path
    - media: ov5640: fix get_light_freq on auto
    - media: uvcvideo: Fix event flags in uvc_ctrl_send_events
    - media: uvcvideo: Remove redundant NULL assignment
    - crypto: qce - fix goto jump in error path
    - crypto: qce - unregister previously registered algos in error path
    - nvmem: core: improve range check for nvmem_cell_write()
    - vfio/platform: check the bounds of read/write syscalls
    - ocfs2: fix incorrect CPU endianness conversion causing mount failure
    - mtd: onenand: Fix uninitialized retlen in do_otp_read()
    - misc: fastrpc: Fix registered buffer page address
    - net/ncsi: wait for the last response to Deselect Package before configuring
      channel
    - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static
    - ocfs2: check dir i_size in ocfs2_find_entry
    - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
    - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0
    - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ
    - gpio: bcm-kona: Add missing newline to dev_err format string
    - xen: remove a confusing comment on auto-translated guest I/O
    - x86/xen: allow larger contiguous memory regions in PV guests
    - media: cxd2841er: fix 64-bit division on gcc-9
    - vfio/pci: Enable iowrite64 and ioread64 for vfio pci
    - Grab mm lock before grabbing pt lock
    - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V
    - usb: roles: set switch registered flag early on
    - usb: gadget: udc: renesas_usb3: Fix compiler warning
    - usb: dwc2: gadget: remove of_node reference upon udc_stop
    - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI
    - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist
    - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone
    - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk
    - usb: cdc-acm: Fix handling of oversized fragments
    - USB: serial: option: add MeiG Smart SLM828
    - USB: serial: option: add Telit Cinterion FN990B compositions
    - USB: serial: option: fix Telit Cinterion FN990A name
    - USB: serial: option: drop MeiG Smart defines
    - can: c_can: fix unbalanced runtime PM disable in error path
    - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data
      length zero
    - alpha: make stack 16-byte aligned (most cases)
    - serial: 8250: Fix fifo underflow on flush
    - alpha: align stack for page fault and user unaligned trap handlers
    - gpio: stmpe: Check return value of stmpe_reg_read in
      stmpe_gpio_irq_sync_unlock
    - regmap-irq: Add missing kfree()
    - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu()
    - net: add dev_net_rcu() helper
    - ipv4: use RCU protection in rt_is_expired()
    - ipv4: use RCU protection in inet_select_addr()
    - neighbour: delete redundant judgment statements
    - alpha: replace hardcoded stack offsets with autogenerated ones
    - nilfs2: do not output warnings when clearing dirty buffers
    - can: ems_pci: move ASIX AX99100 ids to pci_ids.h
    - serial: 8250_pci: add support for ASIX AX99100
    - parport_pc: add support for ASIX AX99100
    - x86/i8253: Disable PIT timer 0 when not in use
    - Revert "btrfs: avoid monopolizing a core when activating a swap file"
    - btrfs: avoid monopolizing a core when activating a swap file
    - vlan: introduce vlan_dev_free_egress_priority
    - vlan: move dev_put into vlan_dev_uninit
    - scsi: storvsc: Set correct data length for sending SCSI command without
      payload
    - crypto: testmgr - fix wrong key length for pkcs1pad
    - crypto: testmgr - Fix wrong test case of RSA
    - crypto: testmgr - fix version number of RSA tests
    - crypto: testmgr - populate RSA CRT parameters in RSA test vectors
    - crypto: testmgr - some more fixes to RSA test vectors
    - mm: update mark_victim tracepoints fields
    - usb: dwc3: Increase DWC3 controller halt timeout
    - usb: dwc3: Fix timeout issue during controller enter/exit from halt state
    - usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API
    - usb/gadget: f_midi: Replace tasklet with work
    - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
    - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline
    - ALSA: hda/realtek - Add type for ALC287
    - ALSA: hda/realtek: Fixup ALC225 depop procedure
    - geneve: Suppress list corruption splat in geneve_destroy_tunnels().
    - net: extract port range fields from fl_flow_key
    - flow_dissector: Fix handling of mixed port and port-range keys
    - flow_dissector: Fix port range key handling in BPF conversion
    - power: supply: da9150-fg: fix potential overflow
    - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
    - acct: block access to kernel internal filesystems
    - batman-adv: Ignore neighbor throughput metrics in error case
    - sunrpc: suppress warnings for unused procfs functions
    - net: loopback: Avoid sending IP packets without an Ethernet header
    - net: cadence: macb: Synchronize stats calculations
    - ASoC: es8328: fix route from DAC to output
    - ipvs: Always clear ipvs_property flag in skb_scrub_packet()
    - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination.
    - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems
    - ftrace: Avoid potential division by zero in function_stat_show()
    - perf/core: Fix low freq setting via IOC_PERIOD
    - phy: tegra: xusb: reset VBUS & ID OVERRIDE
    - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk
    - kernel/acct.c: use #elif instead of #end and #elif
    - kernel/acct.c: use dedicated helper to access rlimit values
    - drm/amdgpu: skip BAR resizing if the bios already did it
    - drm/amdgpu: Check extended configuration space register when system uses
      large bar
    - drm/amdgpu: disable BAR resize on Dell G5 SE
    - Revert "of: reserved-memory: Fix using wrong number of cells to get property
      'alignment'"
    - HID: appleir: Fix potential NULL dereference at raw event handle
    - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist
    - ALSA: hda/realtek: update ALC222 depop optimize
    - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M
    - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e
    - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output
    - x86/cpu: Validate CPUID leaf 0x2 EDX output
    - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63
    - wifi: cfg80211: regulatory: improve invalid hints checking
    - wifi: nl80211: reject cooked mode if it is set along with other flags
    - rapidio: add check for rio_add_net() in rio_scan_alloc_net()
    - rapidio: fix an API misues when rio_add_net() fails
    - mm/page_alloc: fix uninitialized variable
    - wifi: iwlwifi: limit printed string from FW file
    - HID: google: fix unused variable warning under !CONFIG_ACPI
    - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
    - net: gso: fix ownership in __udp_gso_segment
    - caif_virtio: fix wrong pointer check in cfv_probe()
    - hwmon: (pmbus) Initialise page count in pmbus_identify()
    - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table
    - hwmon: (ad7314) Validate leading zero bits and return error
    - llc: do not use skb_get() before dev_queue_xmit()
    - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe()
    - drm/sched: Fix preprocessor guard
    - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink
    - ppp: Fix KMSAN uninit-value warning with bpf
    - vlan: enforce underlying device type
    - net-timestamp: support TCP GSO case for a few missing flags
    - net: ipv6: fix dst ref loop in ila lwtunnel
    - net: ipv6: fix missing dst ref drop in ila lwtunnel
    - gpio: rcar: Fix missing of_node_put() call
    - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection"
    - usb: renesas_usbhs: Call clk_put()
    - usb: renesas_usbhs: Use devm_usb_get_phy()
    - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader
    - usb: renesas_usbhs: Flush the notify_hotplug_work
    - usb: atm: cxacru: fix a flaw in existing endpoint checks
    - usb: typec: ucsi: increase timeout for PPM reset operations
    - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality
    - usb: gadget: Set self-powered based on MaxPower and bmAttributes
    - usb: gadget: Fix setting self-powered state on suspend
    - usb: gadget: Check bmAttributes only if configuration is valid
    - xhci: pci: Fix indentation in the PCI device ID definitions
    - intel_th: pci: Add Arrow Lake support
    - intel_th: pci: Add Panther Lake-H support
    - intel_th: pci: Add Panther Lake-P/U support
    - slimbus: messaging: Free transaction ID in delayed interrupt scenario
    - eeprom: digsy_mtc: Make GPIO lookup table match the device
    - Linux 5.4.291

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-26982
    - Squashfs: check the inode number is not the invalid value of zero

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21846
    - acct: perform last write from workqueue

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21862
    - drop_monitor: fix incorrect initialization order

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58090
    - sched/core: Prevent rescheduling when interrupts are disabled

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21877
    - usbnet: gl620a: fix endpoint checking in genelink_bind()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21823
    - batman-adv: Drop unmanaged ELP metric worker

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21848
    - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21871
    - tee: optee: Fix supplicant wait loop

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21865
    - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21858
    - geneve: Fix use-after-free in geneve_find_dev().

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21866
    - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as
      VM_ALLOC

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21859
    - USB: gadget: f_midi: f_midi_complete to call queue_work

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57977
    - memcg: fix soft lockup in the OOM process

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-50055
    - driver core: bus: Fix double free in driver API bus_register()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57979
    - pps: Fix a use-after-free

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21811
    - nilfs2: protect access to buffers with no active references

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21722
    - nilfs2: do not force clear folio if buffer is referenced

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21760
    - ndisc: extend RCU protection in ndisc_send_skb()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21761
    - openvswitch: use RCU protection in ovs_vport_cmd_fill_info()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21762
    - arp: use RCU protection in arp_xmit()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21763
    - neighbour: use RCU protection in __neigh_notify()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21764
    - ndisc: use RCU protection in ndisc_alloc_skb()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21765
    - ipv6: use RCU protection in ip6_default_advmss()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21772
    - partitions: mac: fix handling of bogus partition table

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21704
    - usb: cdc-acm: Check control transfer buffer size before access

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21776
    - USB: hub: Ignore non-compliant devices with too many configs or interfaces

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21835
    - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21781
    - batman-adv: fix panic during interface removal

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21782
    - orangefs: fix a oob in orangefs_debug_write

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21785
    - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21787
    - team: better TEAM_OPTION_TYPE_STRING validation

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21791
    - vrf: use RCU protection in l3mdev_l3_out()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58020
    - HID: multitouch: Add NULL check in mt_input_configured

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21814
    - ptp: Ensure info->enable callback is always set

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21735
    - NFC: nci: Add bounds checking in nci_hci_create_pipe()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21736
    - nilfs2: fix possible int overflows in nilfs_fiemap()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58001
    - ocfs2: handle a symlink read error correctly

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58007
    - soc: qcom: socinfo: Avoid out of bounds read of serial number

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21744
    - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58009
    - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58083
    - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58010
    - binfmt_flat: Fix integer overflow bug on 32 bit systems

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21749
    - net: rose: lock the socket in rose_bind()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57981
    - usb: xhci: Fix NULL pointer dereference on certain command aborts

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21708
    - net: usb: rtl8150: enable basic endpoint checking

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21647
    - sched: sch_cake: add bounds checks to host bulk flow fairness counts

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58002
    - media: uvcvideo: Remove dangling pointers

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21721
    - nilfs2: handle errors that nilfs_prepare_chunk() may return

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58085
    - tomoyo: don't emit warning in tomoyo_write_control()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58014
    - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58017
    - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21753
    - btrfs: fix use-after-free when attempting to join an aborted transaction

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58055
    - usb: gadget: f_tcm: Don't free command immediately

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57980
    - media: uvcvideo: Fix double free in error path

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57986
    - HID: core: Fix assumption that Resolution Multipliers must be in Logical
      Collections

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21715
    - net: davicom: fix UAF in dm9000_drv_remove

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21718
    - net: rose: fix timer races against user threads

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21719
    - ipmr: do not call mr_mfc_uses_dev() for unres entries

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58058
    - ubifs: skip dumping tnc tree when zroot is null

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58069
    - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-57973
    - rdma/cxgb4: Prevent potential integer overflow on 32bit

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21728
    - bpf: Send signals asynchronously if !preemptible

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21806
    - net: let net.core.dev_weight always be non-zero

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58071
    - team: prevent adding a device which is already a team device lower

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58063
    - wifi: rtlwifi: fix memory leaks and invalid access at probe error path

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58072
    - wifi: rtlwifi: remove unused check_buddy_priv

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58051
    - ipmi: ipmb: Add check devm_kasprintf() returned value

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2024-58052
    - drm/amdgpu: Fix potential NULL pointer dereference in
      atomctrl_get_smc_sclk_range_table

  * Focal update: v5.4.291 upstream stable release (LP: #2106002) //
    CVE-2025-21731
    - nbd: don't allow reconnect after disconnect

  * CVE-2024-26996
    - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
      error

  * CVE-2023-52664
    - net: atlantic: eliminate double free in error handling logic

  * CVE-2024-26689
    - ceph: prevent use-after-free in encode_cap_msg()

  * CVE-2023-52927
    - netfilter: allow exp not to be removed in nf_ct_find_expectation

 -- Mehmet Basaran <email address hidden>  Fri, 11 Apr 2025 22:12:36 +0300

Upload details

Uploaded by:
Mehmet Basaran
Uploaded to:
Focal
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64 armhf arm64 ppc64el s390x i386 riscv64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal security main devel
Focal updates main devel

Downloads

File Size SHA-256 Checksum
linux_5.4.0.orig.tar.gz 162.4 MiB 805f3ed93854317814c59caf2dbfd2097745685f95c8c18b509c9347dcc7d51f
linux_5.4.0-216.236.diff.gz 9.7 MiB 5b5277c507b9778d52b57af0190126a25e022e37c2f457979733dc14bdd8fb17
linux_5.4.0-216.236.dsc 7.2 KiB 34e2da1466c472f42af9248b339558b58e3f508c28ebdb13b165259fa4893fc1

View changes file

Binary packages built by this source

block-modules-5.4.0-216-generic-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

block-modules-5.4.0-216-generic-lpae-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

crypto-modules-5.4.0-216-generic-di: crypto modules

 This package contains crypto modules.

crypto-modules-5.4.0-216-generic-lpae-di: crypto modules

 This package contains crypto modules.

dasd-extra-modules-5.4.0-216-generic-di: DASD storage support -- extras
dasd-modules-5.4.0-216-generic-di: DASD storage support
fat-modules-5.4.0-216-generic-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fat-modules-5.4.0-216-generic-lpae-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fb-modules-5.4.0-216-generic-di: Framebuffer modules
firewire-core-modules-5.4.0-216-generic-di: Firewire (IEEE-1394) Support
floppy-modules-5.4.0-216-generic-di: Floppy driver support
fs-core-modules-5.4.0-216-generic-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-core-modules-5.4.0-216-generic-lpae-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-secondary-modules-5.4.0-216-generic-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

fs-secondary-modules-5.4.0-216-generic-lpae-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

input-modules-5.4.0-216-generic-di: Support for various input methods
input-modules-5.4.0-216-generic-lpae-di: Support for various input methods
ipmi-modules-5.4.0-216-generic-di: ipmi modules
ipmi-modules-5.4.0-216-generic-lpae-di: ipmi modules
kernel-image-5.4.0-216-generic-di: kernel image and system map
kernel-image-5.4.0-216-generic-lpae-di: kernel image and system map
linux-buildinfo-5.4.0-216-generic: Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-buildinfo-5.4.0-216-generic-lpae: Linux kernel buildinfo for version 5.4.0 on ARM (hard float) SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 ARM (hard float) SMP.
 .
 You likely do not want to install this package.

linux-buildinfo-5.4.0-216-lowlatency: Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-cloud-tools-5.4.0-216: Linux kernel version specific cloud tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud tools for version 5.4.0-216 on
 64 bit x86.
 You probably want to install linux-cloud-tools-5.4.0-216-<flavour>.

linux-cloud-tools-5.4.0-216-generic: Linux kernel version specific cloud tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.4.0-216 on
 64 bit x86.

linux-cloud-tools-5.4.0-216-lowlatency: Linux kernel version specific cloud tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.4.0-216 on
 64 bit x86.

linux-cloud-tools-common: Linux kernel version specific cloud tools for version 5.4.0

 This package provides the architecture independent parts for kernel
 version locked tools for cloud tools for version 5.4.0.

linux-doc: Linux kernel specific documentation for version 5.4.0

 This package provides the various documents in the 5.4.0 kernel
 Documentation/ subdirectory. These document kernel subsystems, APIs, device
 drivers, and so on. See
 /usr/share/doc/linux-doc/00-INDEX for a list of what is
 contained in each file.

linux-headers-5.4.0-216: Header files related to Linux kernel version 5.4.0

 This package provides kernel header files for version 5.4.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-216/debian.README.gz for details

linux-headers-5.4.0-216-generic: Linux kernel headers for version 5.4.0 on 64 bit x86 SMP

 This package provides kernel header files for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-216/debian.README.gz for details.

linux-headers-5.4.0-216-generic-lpae: Linux kernel headers for version 5.4.0 on ARM (hard float) SMP

 This package provides kernel header files for version 5.4.0 on
 ARM (hard float) SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-216/debian.README.gz for details.

linux-headers-5.4.0-216-lowlatency: Linux kernel headers for version 5.4.0 on 64 bit x86 SMP

 This package provides kernel header files for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-216/debian.README.gz for details.

linux-image-5.4.0-216-generic: Signed kernel image generic

 A kernel image for generic. This version of it is signed with
 Canonical's signing key.

linux-image-5.4.0-216-generic-dbgsym: Signed kernel image generic

 A link to the debugging symbols for the generic signed kernel.

linux-image-5.4.0-216-generic-lpae: Linux kernel image for version 5.4.0 on ARM (hard float) SMP

 This package contains the Linux kernel image for version 5.4.0 on
 ARM (hard float) SMP.
 .
 Supports Generic LPAE processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic-lpae meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-5.4.0-216-generic-lpae-dbgsym: Linux kernel debug image for version 5.4.0 on ARM (hard float) SMP

 This package provides the kernel debug image for version 5.4.0 on
 ARM (hard float) SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-image-unsigned-5.4.0-216-generic: Linux kernel image for version 5.4.0 on 64 bit x86 SMP

 This package contains the unsigned Linux kernel image for version 5.4.0 on
 64 bit x86 SMP.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.4.0-216-generic-dbgsym: Linux kernel debug image for version 5.4.0 on 64 bit x86 SMP

 This package provides the unsigned kernel debug image for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-image-unsigned-5.4.0-216-lowlatency: Linux kernel image for version 5.4.0 on 64 bit x86 SMP

 This package contains the unsigned Linux kernel image for version 5.4.0 on
 64 bit x86 SMP.
 .
 Supports Lowlatency processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-lowlatency meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.4.0-216-lowlatency-dbgsym: Linux kernel debug image for version 5.4.0 on 64 bit x86 SMP

 This package provides the unsigned kernel debug image for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-libc-dev: Linux Kernel Headers for development

 This package provides headers from the Linux kernel. These headers
 are used by the installed headers for GNU glibc and other system
 libraries. They are NOT meant to be used to build third-party modules for
 your kernel. Use linux-headers-* packages for that.

linux-modules-5.4.0-216-generic: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-5.4.0-216-generic-lpae: Linux kernel extra modules for version 5.4.0 on ARM (hard float) SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic LPAE processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic-lpae meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-5.4.0-216-lowlatency: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Lowlatency processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-lowlatency meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-extra-5.4.0-216-generic: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel extra modules for version 5.4.0 on
 64 bit x86 SMP.
 .
 Also includes the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-source-5.4.0: Linux kernel source for version 5.4.0 with Ubuntu patches

 This package provides the source code for the Linux kernel version
 5.4.0.
 .
 This package is mainly meant for other packages to use, in order to build
 custom flavours.
 .
 If you wish to use this package to create a custom Linux kernel, then it
 is suggested that you investigate the package kernel-package, which has
 been designed to ease the task of creating kernel image packages.
 .
 If you are simply trying to build third-party modules for your kernel,
 you do not want this package. Install the appropriate linux-headers
 package instead.

linux-tools-5.4.0-216: Linux kernel version specific tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-216 on
 64 bit x86.
 You probably want to install linux-tools-5.4.0-216-<flavour>.

linux-tools-5.4.0-216-generic: Linux kernel version specific tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-216 on
 64 bit x86.

linux-tools-5.4.0-216-generic-lpae: Linux kernel version specific tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-216 on
 ARM (hard float).

linux-tools-5.4.0-216-lowlatency: Linux kernel version specific tools for version 5.4.0-216

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-216 on
 64 bit x86.

linux-tools-common: Linux kernel version specific tools for version 5.4.0

 This package provides the architecture independent parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0.

linux-tools-host: Linux kernel VM host tools

 This package provides kernel tools useful for VM hosts.

linux-udebs-generic: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

linux-udebs-generic-lpae: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

md-modules-5.4.0-216-generic-di: Multi-device support (raid, device-mapper, lvm)
md-modules-5.4.0-216-generic-lpae-di: Multi-device support (raid, device-mapper, lvm)
message-modules-5.4.0-216-generic-di: Fusion and i2o storage modules

 This package containes the fusion and i2o storage modules.

mouse-modules-5.4.0-216-generic-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

mouse-modules-5.4.0-216-generic-lpae-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

multipath-modules-5.4.0-216-generic-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

multipath-modules-5.4.0-216-generic-lpae-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

nfs-modules-5.4.0-216-generic-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nfs-modules-5.4.0-216-generic-lpae-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nic-modules-5.4.0-216-generic-di: Network interface support
nic-modules-5.4.0-216-generic-lpae-di: Network interface support
nic-pcmcia-modules-5.4.0-216-generic-di: PCMCIA network interface support
nic-shared-modules-5.4.0-216-generic-di: nic shared modules

  This package contains modules which support nic modules

nic-shared-modules-5.4.0-216-generic-lpae-di: nic shared modules

  This package contains modules which support nic modules

nic-usb-modules-5.4.0-216-generic-di: USB network interface support
nic-usb-modules-5.4.0-216-generic-lpae-di: USB network interface support
parport-modules-5.4.0-216-generic-di: Parallel port support
parport-modules-5.4.0-216-generic-lpae-di: Parallel port support
pata-modules-5.4.0-216-generic-di: PATA support modules
pcmcia-modules-5.4.0-216-generic-di: PCMCIA Modules
pcmcia-storage-modules-5.4.0-216-generic-di: PCMCIA storage support
plip-modules-5.4.0-216-generic-di: PLIP (parallel port) networking support
plip-modules-5.4.0-216-generic-lpae-di: PLIP (parallel port) networking support
ppp-modules-5.4.0-216-generic-di: PPP (serial port) networking support
ppp-modules-5.4.0-216-generic-lpae-di: PPP (serial port) networking support
sata-modules-5.4.0-216-generic-di: SATA storage support
sata-modules-5.4.0-216-generic-lpae-di: SATA storage support
scsi-modules-5.4.0-216-generic-di: SCSI storage support
scsi-modules-5.4.0-216-generic-lpae-di: SCSI storage support
serial-modules-5.4.0-216-generic-di: Serial port support
storage-core-modules-5.4.0-216-generic-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

storage-core-modules-5.4.0-216-generic-lpae-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

usb-modules-5.4.0-216-generic-di: Core USB support
usb-modules-5.4.0-216-generic-lpae-di: Core USB support
virtio-modules-5.4.0-216-generic-di: VirtIO Modules

 Includes modules for VirtIO (virtual machine, generally kvm guests)

vlan-modules-5.4.0-216-generic-di: vlan modules

 This package contains vlan (8021.Q) modules.

vlan-modules-5.4.0-216-generic-lpae-di: vlan modules

 This package contains vlan (8021.Q) modules.