This bug was fixed in the package linux-riscv-5.15 -
5.15.0-1070.74~20.04.1
---------------
linux-riscv-5.15 (5.15.0-1070.74~20.04.1) focal; urgency=medium
* focal/linux-riscv-5.15: 5.15.0-1070.74~20.04.1 -proposed tracker
(LP: #2090162)
* CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
- [Config] riscv-5.15: Disable BlueZ highspeed support
[ Ubuntu: 5.15.0-128.138 ]
* jammy/linux: 5.15.0-128.138 -proposed tracker (LP: #2090163)
* CVE-2024-50264
- vsock/virtio: Initialization of the dangling pointer occurring in
vsk->trans
* CVE-2024-53057
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
* CVE-2024-43904
- drm/amd/display: Add null checks for 'stream' and 'plane' before
dereferencing
* CVE-2024-40973
- media: mtk-vcodec: potential null pointer deference in SCP
* CVE-2024-38553
- net: fec: remove .ndo_poll_controller to avoid deadlocks
* CVE-2024-26822
- smb: client: set correct id, uid and cruid for multiuser automounts
* CVE-2020-12351 // CVE-2020-12352 // CVE-2020-24490
- [Config] Disable BlueZ highspeed support
* CVE-2024-40910
- ax25: Fix refcount imbalance on inbound connections
* CVE-2024-35963
- Bluetooth: hci_sock: Fix not validating setsockopt user input
* CVE-2024-35965
- Bluetooth: L2CAP: Fix not validating setsockopt user input
* CVE-2024-35966
- Bluetooth: RFCOMM: Fix not validating setsockopt user input
* CVE-2024-35967
- Bluetooth: SCO: Fix not validating setsockopt user input
-- Emil Renner Berthing <[email protected]> Wed, 04
Dec 2024 10:29:57 +0100
** Changed in: linux-riscv-5.15 (Ubuntu Focal)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-12351
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-12352
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-24490
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26822
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35963
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35965
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35966
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35967
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38553
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-40910
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-40973
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-43904
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50264
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53057
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2090162
Title:
focal/linux-riscv-5.15: 5.15.0-1070.74~20.04.1 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow abi-testing series:
Fix Released
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
In Progress
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-riscv-5.15 source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: d568b1e92fa5310a
route-entry: 2
comments:
abi-testing: 1
delta:
promote-to-proposed: [main, meta]
promote-to-updates: [main, meta]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
flavours:
linux-image-extra-virtual: [riscv64]
linux-image-extra-virtual-hwe-20.04: [riscv64]
linux-image-extra-virtual-hwe-20.04-edge: [riscv64]
linux-image-generic: [riscv64]
linux-image-generic-hwe-20.04: [riscv64]
linux-image-generic-hwe-20.04-edge: [riscv64]
linux-image-virtual: [riscv64]
linux-image-virtual-hwe-20.04: [riscv64]
linux-image-virtual-hwe-20.04-edge: [riscv64]
issue: KSRU-14894
kernel-stable-master-bug: 2090163
packages:
main: linux-riscv-5.15
meta: linux-meta-riscv-5.15
phase: Promote to Updates
phase-changed: Tuesday, 17. December 2024 21:26 UTC
reason:
promote-to-updates: Ongoing -- packages not yet published
synthetic:
:promote-to-as-proposed: Invalid
testing:
verification-bugs: [2090162]
variant: debs
versions:
main: 5.15.0-1070.74~20.04.1
meta: 5.15.0.1070.74~20.04.1
~~:
announce:
swm-transition-crankable: 2024-12-03 16:38:26.867572
clamps:
new-review: d568b1e92fa5310a
promote-to-proposed: d568b1e92fa5310a
self: 5.15.0-1070.74~20.04.1
sru-review: d568b1e92fa5310a
tracker:
last-message: '2024-12-17 21:27:42.306089+00:00'
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2090162/+subscriptions
--
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to : [email protected]
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help : https://help.launchpad.net/ListHelp
