linux-hwe-5.15 5.15.0-46.49~20.04.1 source package in Ubuntu
Changelog
linux-hwe-5.15 (5.15.0-46.49~20.04.1) focal; urgency=medium
[ Ubuntu: 5.15.0-46.49 ]
* CVE-2022-2585
- SAUCE: posix-cpu-timers: Cleanup CPU timers before freeing them during exec
* CVE-2022-2586
- SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
* CVE-2022-2588
- SAUCE: net_sched: cls_route: remove from list when handle is 0
linux-hwe-5.15 (5.15.0-45.48~20.04.1) focal; urgency=medium
[ Ubuntu: 5.15.0-45.48 ]
* CVE-2022-29900 // CVE-2022-29901
- x86/lib/atomic64_386_32: Rename things
- x86: Prepare asm files for straight-line-speculation
- x86: Prepare inline-asm for straight-line-speculation
- x86/alternative: Relax text_poke_bp() constraint
- kbuild: move objtool_args back to scripts/Makefile.build
- x86: Add straight-line-speculation mitigation
- kvm/emulate: Fix SETcc emulation function offsets with SLS
- crypto: x86/poly1305 - Fixup SLS
- objtool: Add straight-line-speculation validation
- objtool: Fix SLS validation for kcov tail-call replacement
- objtool: Fix objtool regression on x32 systems
- objtool: Fix symbol creation
- objtool: Introduce CFI hash
- objtool: Default ignore INT3 for unreachable
- x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
- x86/traps: Use pt_regs directly in fixup_bad_iret()
- x86/entry: Switch the stack after error_entry() returns
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
- x86/entry: Don't call error_entry() for XENPV
- x86/entry: Remove skip_r11rcx
- x86/realmode: build with -D__DISABLE_EXPORTS
- x86/ibt,ftrace: Make function-graph play nice
- x86/kvm/vmx: Make noinstr clean
- x86/cpufeatures: Move RETPOLINE flags to word 11
- x86/retpoline: Cleanup some #ifdefery
- x86/retpoline: Swizzle retpoline thunk
- x86/retpoline: Use -mfunction-return
- x86: Undo return-thunk damage
- x86,objtool: Create .return_sites
- objtool: skip non-text sections when adding return-thunk sites
- x86,static_call: Use alternative RET encoding
- x86/ftrace: Use alternative RET encoding
- x86/bpf: Use alternative RET encoding
- x86/kvm: Fix SETcc emulation for return thunks
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
- x86/sev: Avoid using __x86_return_thunk
- x86: Use return-thunk in asm code
- x86/entry: Avoid very early RET
- objtool: Treat .text.__x86.* as noinstr
- x86: Add magic AMD return-thunk
- x86/bugs: Report AMD retbleed vulnerability
- x86/bugs: Add AMD retbleed= boot parameter
- x86/bugs: Enable STIBP for JMP2RET
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
- x86/entry: Add kernel IBRS implementation
- x86/bugs: Optimize SPEC_CTRL MSR writes
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
- x86/bugs: Split spectre_v2_select_mitigation() and
spectre_v2_user_select_mitigation()
- x86/bugs: Report Intel retbleed vulnerability
- intel_idle: Disable IBRS during long idle
- objtool: Update Retpoline validation
- x86/xen: Rename SYS* entry points
- x86/xen: Add UNTRAIN_RET
- x86/bugs: Add retbleed=ibpb
- x86/bugs: Do IBPB fallback check only once
- objtool: Add entry UNRET validation
- x86/cpu/amd: Add Spectral Chicken
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
- x86/speculation: Fix firmware entry SPEC_CTRL handling
- x86/speculation: Fix SPEC_CTRL write on SMT state change
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
- x86/speculation: Remove x86_spec_ctrl_mask
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
- KVM: VMX: Flatten __vmx_vcpu_run()
- KVM: VMX: Convert launched argument to flags
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
- KVM: VMX: Fix IBRS handling after vmexit
- x86/speculation: Fill RSB on vmexit for IBRS
- KVM: VMX: Prevent RSB underflow before vmenter
- x86/common: Stamp out the stepping madness
- x86/cpu/amd: Enumerate BTC_NO
- x86/retbleed: Add fine grained Kconfig knobs
- x86/bugs: Add Cannon lake to RETBleed affected CPU list
- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
- x86/kexec: Disable RET on kexec
- x86/speculation: Disable RRSBA behavior
- [Config]: Enable speculation mitigations
- x86/static_call: Serialize __static_call_fixup() properly
- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
- x86/bugs: Mark retbleed_strings static
- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
- x86/kvm: fix FASTOP_SIZE when return thunks are enabled
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
- KVM: emulate: do not adjust size of fastop and setcc subroutines
- x86/bugs: Remove apostrophe typo
- efi/x86: use naked RET on mixed mode call wrapper
-- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 04 Aug 2022 15:44:38 -0300
Upload details
- Uploaded by:
- Thadeu Lima de Souza Cascardo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Kernel Team
- Architectures:
- all amd64 armhf arm64 ppc64el s390x
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| linux-hwe-5.15_5.15.0.orig.tar.gz | 185.9 MiB | 4d7908da75ad50a70a0141721e259c2589b7bdcc317f7bd885b80c2ffa689211 |
| linux-hwe-5.15_5.15.0-46.49~20.04.1.diff.gz | 9.6 MiB | 513659df5800b52588b501866e54b8bc2c92330f31be7f726da28f7136cd1d9a |
| linux-hwe-5.15_5.15.0-46.49~20.04.1.dsc | 7.1 KiB | 82b09d9bef362bbb808334495b4a19659b01d0b81f09fe0089351ff1be392283 |
Available diffs
Binary packages built by this source
- linux-buildinfo-5.15.0-46-generic: Linux kernel buildinfo for version 5.15.0 on ARMv8 SMP
This package contains the Linux kernel buildinfo for version 5.15.0 on
ARMv8 SMP.
.
You likely do not want to install this package.
- linux-buildinfo-5.15.0-46-generic-64k: Linux kernel buildinfo for version 5.15.0 on ARMv8 SMP
This package contains the Linux kernel buildinfo for version 5.15.0 on
ARMv8 SMP.
.
You likely do not want to install this package.
- linux-buildinfo-5.15.0-46-generic-lpae: Linux kernel buildinfo for version 5.15.0 on ARM (hard float) SMP
This package contains the Linux kernel buildinfo for version 5.15.0 on
ARM (hard float) SMP.
.
You likely do not want to install this package.
- linux-cloud-tools-5.15.0-46-generic: Linux kernel version specific cloud tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools for cloud for version 5.15.0-46 on
64 bit x86.
- linux-headers-5.15.0-46-generic: Linux kernel headers for version 5.15.0 on ARMv8 SMP
This package provides kernel header files for version 5.15.0 on
ARMv8 SMP.
.
This is for sites that want the latest kernel headers. Please read
/usr/share/doc/linux- headers- 5.15.0- 46/debian. README. gz for details.
- linux-headers-5.15.0-46-generic-64k: Linux kernel headers for version 5.15.0 on ARMv8 SMP
This package provides kernel header files for version 5.15.0 on
ARMv8 SMP.
.
This is for sites that want the latest kernel headers. Please read
/usr/share/doc/linux- headers- 5.15.0- 46/debian. README. gz for details.
- linux-headers-5.15.0-46-generic-lpae: Linux kernel headers for version 5.15.0 on ARM (hard float) SMP
This package provides kernel header files for version 5.15.0 on
ARM (hard float) SMP.
.
This is for sites that want the latest kernel headers. Please read
/usr/share/doc/linux- headers- 5.15.0- 46/debian. README. gz for details.
- linux-hwe-5.15-cloud-tools-5.15.0-46: Linux kernel version specific cloud tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools for cloud tools for version 5.15.0-46 on
64 bit x86.
You probably want to install linux-cloud-tools-5. 15.0-46- <flavour> .
- linux-hwe-5.15-cloud-tools-common: Linux kernel version specific cloud tools for version 5.15.0
This package provides the architecture independent parts for kernel
version locked tools for cloud tools for version 5.15.0.
- linux-hwe-5.15-headers-5.15.0-46: Header files related to Linux kernel version 5.15.0
This package provides kernel header files for version 5.15.0, for sites
that want the latest kernel headers. Please read
/usr/share/doc/linux- hwe-5.15- headers- 5.15.0- 46/debian. README. gz for details
- linux-hwe-5.15-source-5.15.0: Linux kernel source for version 5.15.0 with Ubuntu patches
This package provides the source code for the Linux kernel version
5.15.0.
.
This package is mainly meant for other packages to use, in order to build
custom flavours.
.
If you wish to use this package to create a custom Linux kernel, then it
is suggested that you investigate the package kernel-package, which has
been designed to ease the task of creating kernel image packages.
.
If you are simply trying to build third-party modules for your kernel,
you do not want this package. Install the appropriate linux-headers
package instead.
- linux-hwe-5.15-tools-5.15.0-46: Linux kernel version specific tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 5.15.0-46 on
ARMv8.
You probably want to install linux-tools-5.15.0- 46-<flavour> .
- linux-hwe-5.15-tools-common: Linux kernel version specific tools for version 5.15.0
This package provides the architecture independent parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 5.15.0.
- linux-hwe-5.15-tools-host: Linux kernel VM host tools
This package provides kernel tools useful for VM hosts.
- linux-image-5.15.0-46-generic: Signed kernel image generic
A kernel image for generic. This version of it is signed with
Canonical's UEFI/Opal signing key.
- linux-image-5.15.0-46-generic-dbgsym: Signed kernel image generic
A link to the debugging symbols for the generic signed kernel.
- linux-image-5.15.0-46-generic-lpae: Linux kernel image for version 5.15.0 on ARM (hard float) SMP
This package contains the Linux kernel image for version 5.15.0 on
ARM (hard float) SMP.
.
Supports Generic LPAE processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic-lpae meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-image-5.15.0-46-generic-lpae-dbgsym: Linux kernel debug image for version 5.15.0 on ARM (hard float) SMP
This package provides the kernel debug image for version 5.15.0 on
ARM (hard float) SMP.
.
This is for sites that wish to debug the kernel.
.
The kernel image contained in this package is NOT meant to boot from. It
is uncompressed, and unstripped. This package also includes the
unstripped modules.
- linux-image-unsigned-5.15.0-46-generic: Linux kernel image for version 5.15.0 on ARMv8 SMP
This package contains the unsigned Linux kernel image for version 5.15.0 on
ARMv8 SMP.
.
Supports Generic processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-image-unsigned-5.15.0-46-generic-64k: Linux kernel image for version 5.15.0 on ARMv8 SMP
This package contains the unsigned Linux kernel image for version 5.15.0 on
ARMv8 SMP.
.
Supports Generic 64K pages processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic-64k meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-image-unsigned-5.15.0-46-generic-64k-dbgsym: Linux kernel debug image for version 5.15.0 on ARMv8 SMP
This package provides the unsigned kernel debug image for version 5.15.0 on
ARMv8 SMP.
.
This is for sites that wish to debug the kernel.
.
The kernel image contained in this package is NOT meant to boot from. It
is uncompressed, and unstripped. This package also includes the
unstripped modules.
- linux-image-unsigned-5.15.0-46-generic-dbgsym: Linux kernel debug image for version 5.15.0 on ARMv8 SMP
This package provides the unsigned kernel debug image for version 5.15.0 on
ARMv8 SMP.
.
This is for sites that wish to debug the kernel.
.
The kernel image contained in this package is NOT meant to boot from. It
is uncompressed, and unstripped. This package also includes the
unstripped modules.
- linux-modules-5.15.0-46-generic: Linux kernel extra modules for version 5.15.0 on ARMv8 SMP
Contains the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports Generic processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-modules-5.15.0-46-generic-64k: Linux kernel extra modules for version 5.15.0 on ARMv8 SMP
Contains the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports Generic 64K pages processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic-64k meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-modules-5.15.0-46-generic-lpae: Linux kernel extra modules for version 5.15.0 on ARM (hard float) SMP
Contains the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports Generic LPAE processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic-lpae meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-modules-extra-5.15.0-46-generic: Linux kernel extra modules for version 5.15.0 on ARMv8 SMP
This package contains the Linux kernel extra modules for version 5.15.0 on
ARMv8 SMP.
.
Also includes the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports Generic processors.
.
Geared toward desktop and server systems.
.
You likely do not want to install this package directly. Instead, install
the linux-generic meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-modules-iwlwifi-5.15.0-46-generic: Linux kernel iwlwifi modules for version 5.15.0-46
This package provides the Linux kernel iwlwifi modules for version
5.15.0-46.
.
You likely do not want to install this package directly. Instead, install the
one of the linux-modules-iwlwifi- generic* meta-packages,
which will ensure that upgrades work correctly, and that supporting packages are
also installed.
- linux-tools-5.15.0-46-generic: Linux kernel version specific tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 5.15.0-46 on
ARMv8.
- linux-tools-5.15.0-46-generic-64k: Linux kernel version specific tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 5.15.0-46 on
ARMv8.
- linux-tools-5.15.0-46-generic-lpae: Linux kernel version specific tools for version 5.15.0-46
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 5.15.0-46 on
ARM (hard float).
