Ubuntu
linux-intel-iotg-5.15 package

linux-intel-iotg-5.15 5.15.0-1043.49~20.04.1 source package in Ubuntu

Changelog

linux-intel-iotg-5.15 (5.15.0-1043.49~20.04.1) focal; urgency=medium

  * focal/linux-intel-iotg-5.15: 5.15.0-1043.49~20.04.1 -proposed tracker
    (LP: #2038195)

  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

  [ Ubuntu: 5.15.0-1043.49 ]

  * jammy/linux-intel-iotg: 5.15.0-1043.49 -proposed tracker (LP: #2038196)
  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * jammy/linux: 5.15.0-87.97 -proposed tracker (LP: #2038209)
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * CVE-2023-42755
    - net/sched: Retire rsvp classifier
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * CVE-2023-34319
    - xen/netback: Fix buffer overrun triggered by unusual packet
  * CVE-2023-4921
    - net: sched: sch_qfq: Fix UAF in qfq_dequeue()
  * CVE-2023-42752
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
  * CVE-2023-4622
    - af_unix: Fix null-ptr-deref in unix_stream_sendpage().
  * CVE-2023-4244
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-42753
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
  * CVE-2023-5197
    - netfilter: nf_tables: skip bound chain in netns release path
    - netfilter: nf_tables: disallow rule removal from chain binding
  * CVE-2023-4881
    - netfilter: nftables: exthdr: fix 4-byte stack OOB write

  [ Ubuntu: 5.15.0-1042.48 ]

  * jammy/linux-intel-iotg: 5.15.0-1042.48 -proposed tracker (LP: #2036562)
  * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
  * 5.15.0-85 live migration regression (LP: #2036675)
    - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
    - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
  * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
    (LP: #2034447)
    - crypto: rsa-pkcs1pad - Use helper to set reqsize

 -- Philip Cox <email address hidden>  Wed, 11 Oct 2023 16:50:56 -0400

Upload details

Uploaded by:
Philip Cox
Uploaded to:
Focal
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
linux-intel-iotg-5.15_5.15.0.orig.tar.gz 185.9 MiB 4d7908da75ad50a70a0141721e259c2589b7bdcc317f7bd885b80c2ffa689211
linux-intel-iotg-5.15_5.15.0-1043.49~20.04.1.diff.gz 12.5 MiB 16339465ce33b1cc48773247ac1c7da4a5b52188e7ad48f3cd8e755b2e3fbf55
linux-intel-iotg-5.15_5.15.0-1043.49~20.04.1.dsc 5.0 KiB 7268494e940009efb678aa9c1c90a80003d8250efedd1e394caa50d2f1623975

View changes file

Binary packages built by this source

linux-buildinfo-5.15.0-1043-intel-iotg: Linux kernel buildinfo for version 5.15.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 5.15.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-cloud-tools-5.15.0-1043-intel-iotg: Linux kernel version specific cloud tools for version 5.15.0-1043

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.15.0-1043 on
 64 bit x86.

linux-headers-5.15.0-1043-intel-iotg: Linux kernel headers for version 5.15.0 on 64 bit x86 SMP

 This package provides kernel header files for version 5.15.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.15.0-1043/debian.README.gz for details.

linux-image-unsigned-5.15.0-1043-intel-iotg: Linux kernel image for version 5.15.0 on 64 bit x86 SMP

 This package contains the unsigned Linux kernel image for version 5.15.0 on
 64 bit x86 SMP.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-intel-iotg meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.15.0-1043-intel-iotg-dbgsym: Linux kernel debug image for version 5.15.0 on 64 bit x86 SMP

 This package provides the unsigned kernel debug image for version 5.15.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-intel-iotg-5.15-cloud-tools-5.15.0-1043: Linux kernel version specific cloud tools for version 5.15.0-1043

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud tools for version 5.15.0-1043 on
 64 bit x86.
 You probably want to install linux-cloud-tools-5.15.0-1043-<flavour>.

linux-intel-iotg-5.15-cloud-tools-common: Linux kernel version specific cloud tools for version 5.15.0

 This package provides the architecture independent parts for kernel
 version locked tools for cloud tools for version 5.15.0.

linux-intel-iotg-5.15-headers-5.15.0-1043: Header files related to Linux kernel version 5.15.0

 This package provides kernel header files for version 5.15.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-intel-iotg-5.15-headers-5.15.0-1043/debian.README.gz for details

linux-intel-iotg-5.15-tools-5.15.0-1043: Linux kernel version specific tools for version 5.15.0-1043

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.15.0-1043 on
 64 bit x86.
 You probably want to install linux-tools-5.15.0-1043-<flavour>.

linux-intel-iotg-5.15-tools-common: Linux kernel version specific tools for version 5.15.0

 This package provides the architecture independent parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.15.0.

linux-intel-iotg-5.15-tools-host: Linux kernel VM host tools

 This package provides kernel tools useful for VM hosts.

linux-modules-5.15.0-1043-intel-iotg: Linux kernel extra modules for version 5.15.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-intel-iotg meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-extra-5.15.0-1043-intel-iotg: Linux kernel extra modules for version 5.15.0 on 64 bit x86 SMP

 This package contains the Linux kernel extra modules for version 5.15.0 on
 64 bit x86 SMP.
 .
 Also includes the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-intel-iotg meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-iwlwifi-5.15.0-1043-intel-iotg: Linux kernel iwlwifi modules for version 5.15.0-1043

 This package provides the Linux kernel iwlwifi modules for version
 5.15.0-1043.
 .
 You likely do not want to install this package directly. Instead, install the
 one of the linux-modules-iwlwifi-intel-iotg* meta-packages,
 which will ensure that upgrades work correctly, and that supporting packages are
 also installed.

linux-tools-5.15.0-1043-intel-iotg: Linux kernel version specific tools for version 5.15.0-1043

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.15.0-1043 on
 64 bit x86.