[Canonical-hw-cert] [Bug 2086440] Re: focal/linux-iot: 5.4.0-1045.46 -proposed tracker

[Launchpad Bug Tracker]

This bug was fixed in the package linux-iot - 5.4.0-1045.46

---------------
linux-iot (5.4.0-1045.46) focal; urgency=medium

  * focal/linux-iot: 5.4.0-1045.46 -proposed tracker (LP: #2086440)

  [ Ubuntu: 5.4.0-202.222 ]

  * focal/linux: 5.4.0-202.222 -proposed tracker (LP: #2086451)
    - [Packaging] resync git-ubuntu-log
  * CVE-2021-47501
    - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
  * CVE-2024-46724
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
  * CVE-2024-42240
    - x86/bhi: Avoid warning in #DB handler due to BHI mitigation
  * CVE-2024-42077
    - ocfs2: fix DIO failure due to insufficient transaction credits
  * CVE-2024-42068
    - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()
  * CVE-2024-36968
    - Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
  * CVE-2024-35904
    - selinux: avoid dereference of garbage after mount failure
  * CVE-2023-52498
    - PM: sleep: Avoid calling put_device() under dpm_list_mtx
    - PM: sleep: Fix error handling in dpm_prepare()
    - async: Split async_schedule_node_domain()
    - async: Introduce async_schedule_dev_nocall()
    - PM: sleep: Fix possible deadlocks in core system-wide PM code
  * CVE-2023-52488
    - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
  * CVE-2022-48938
    - CDC-NCM: avoid overflow in sanity checking
  * CVE-2024-42156
    - s390/pkey: Wipe copies of clear-key structures on failure
  * CVE-2024-44942
    - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
  * CVE-2024-38538
    - net: bridge: xmit: make sure we have at least eth header len bytes
  * CVE-2021-47076
    - RDMA/rxe: Return CQE error if invalid lkey was supplied
  * CVE-2024-36938
    - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
  * CVE-2024-44940
    - fou: remove warn in gue_gro_receive on unsupported protocol
  * CVE-2024-35951
    - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()
  * CVE-2023-52497
    - erofs: fix lz4 inplace decompression
  * CVE-2024-36953
    - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
  * CVE-2022-48943
    - KVM: x86/mmu: make apf token non-zero to fix bug
  * CVE-2024-26947
    - ARM: 9359/1: flush: check if the folio is reserved for no-mapping 
addresses
  * CVE-2022-48733
    - btrfs: fix use-after-free after failure to create a snapshot
  * CVE-2023-52639
    - KVM: s390: vsie: fix race during shadow creation

 -- Roger Knecht <roger.kne...@canonical.com>  Thu, 14 Nov 2024 15:13:37
+0000

** Changed in: linux-iot (Ubuntu Focal)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47076

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47501

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-48733

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-48938

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-48943

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52488

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52497

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52498

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52639

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26947

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35904

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35951

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36938

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36953

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36968

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38538

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-42068

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-42077

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-42156

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-42240

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-44940

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-44942

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-46724

-- 
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2086440

Title:
  focal/linux-iot: 5.4.0-1045.46 -proposed tracker

Status in canonical-signing-jobs task00 series:
  Fix Released
Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow abi-testing series:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow boot-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Fix Released
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  In Progress
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-iot source package in Focal:
  Fix Released

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: 8b0bbf81f10a213c
    route-entry: 1
  comments:
    abi-testing: 1
  delta:
    promote-to-proposed: [main, meta, signed, generate]
    promote-to-updates: [main, meta, signed]
  flag:
    boot-testing-requested: true
    bugs-spammed: true
    proposed-announcement-sent: true
    proposed-testing-requested: true
    stream-from-cycle: true
  issue: KSRU-14726
  kernel-stable-master-bug: 2086451
  packages:
    generate: linux-generate-iot
    main: linux-iot
    meta: linux-meta-iot
    signed: linux-signed-iot
  phase: Promote to Updates
  phase-changed: Tuesday, 17. December 2024 21:21 UTC
  reason:
    promote-to-updates: Ongoing -- packages not yet published
  synthetic:
    :promote-to-as-proposed: Fix Released
  test-observer:
    proposed: 72228
  testing:
    verification-bugs: [2086440]
  trackers:
    focal/linux-uc20-iot: bug 2086437
    focal/linux-uc20-jollyville: bug 2086439
  variant: debs
  versions:
    main: 5.4.0-1045.46
    meta: 5.4.0.1045.43
    signed: 5.4.0-1045.46
  ~~:
    announce:
      swm-transition-crankable: 2024-11-14 12:11:32.053973
      swm-transition-peer-reviewable: 2024-11-14 16:42:49.447497
    clamps:
      new-review: 8b0bbf81f10a213c
      promote-to-proposed: 8b0bbf81f10a213c
      self: 5.4.0-1045.46
      sru-review: 8b0bbf81f10a213c
    tracker:
      last-message: '2024-12-17 21:23:52.438095+00:00'

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2086440/+subscriptions


-- 
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to     : canonical-hw-cert@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help   : https://help.launchpad.net/ListHelp