This bug was fixed in the package linux-gcp - 6.11.0-1017.17
---------------
linux-gcp (6.11.0-1017.17) oracular; urgency=medium
* oracular/linux-gcp: 6.11.0-1017.17 -proposed tracker (LP: #2114290)
* Packaging resync (LP: #1786013)
- [Packaging] update variants
* Fix HLT logic execution for TDX VMs (LP: #2112602)
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT
[ Ubuntu: 6.11.0-29.29 ]
* oracular/linux: 6.11.0-29.29 -proposed tracker (LP: #2114305)
* Packaging resync (LP: #1786013)
- [Packaging] update variants
- [Packaging] update annotations scripts
* CVE-2025-37890
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child
qdisc
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
* raid1: Fix NULL pointer dereference in process_checks() (LP: #2112519)
- md/raid1: Add check for missing source disk in process_checks()
* CVE-2025-37798
- sch_htb: make htb_qlen_notify() idempotent
- sch_htb: make htb_deactivate() idempotent
- sch_drr: make drr_qlen_notify() idempotent
- sch_hfsc: make hfsc_qlen_notify() idempotent
- sch_qfq: make qfq_qlen_notify() idempotent
- sch_ets: make est_qlen_notify() idempotent
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
* CVE-2025-37997
- netfilter: ipset: fix region locking in hash types
-- Ian Whitfield <[email protected]> Wed, 25 Jun 2025
13:26:12 -0700
** Changed in: linux-gcp (Ubuntu Oracular)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-37798
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-37890
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-37997
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/2112602
Title:
Fix HLT logic execution for TDX VMs
Status in linux-gcp package in Ubuntu:
New
Status in linux-gcp source package in Noble:
Fix Committed
Status in linux-gcp source package in Oracular:
Fix Released
Bug description:
SRU Justification
[Impact]
Google has requested a backport of the following commits:
22cc5ca5de52 ("x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT")
9f98a4f4e721 ("x86/tdx: Fix arch_safe_halt() execution for TDX VMs")
Targets include 6.8 onwards.
[Fix]
Backport the patches as needed to noble:linux-gcp and later kernels.
[Test plan]
Compile and boot test. Verification on Google's side is optional as this is a
fairly isolated backport.
[Where problems could occur]
This fix affects TDX guest VMs which call the HLT instruction. An issue with
this fix would be visible to the user as unexpected #VEs (virtualization
exceptions) or unexpected interrupt behavior in their TDX guest VM.
[Other]
SF #00412211
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-gcp/+bug/2112602/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
