This bug was fixed in the package linux-azure - 5.4.0-1136.143
---------------
linux-azure (5.4.0-1136.143) focal; urgency=medium
* focal/linux-azure: 5.4.0-1136.143 -proposed tracker (LP: #2075762)
[ Ubuntu: 5.4.0-193.213 ]
* focal/linux: 5.4.0-193.213 -proposed tracker (LP: #2075804)
* CVE-2024-26921
- skbuff: introduce skb_expand_head()
- skb_expand_head() adjust skb->truesize incorrectly
- inet: inet_defrag: prevent sk release while still in use
* CVE-2024-26929
- scsi: qla2xxx: Fix double free of fcport
* CVE-2024-39484
- mmc: davinci: Don't strip remove function when driver is builtin
* CVE-2024-36901
- ipv6: prevent NULL dereference in ip6_output()
* CVE-2024-26830
- i40e: Refactoring VF MAC filters counting to make more reliable
- i40e: Fix MAC address setting for a VF via Host/VM
- i40e: Do not allow untrusted VF to remove administratively set MAC
* CVE-2024-24860
- Bluetooth: Fix atomicity violation in {min, max}_key_size_set
* CVE-2023-52760
- gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
* CVE-2024-2201
- [Config] Set SPECTRE_BHI_ON=y
* CVE-2023-52629
- sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
* CVE-2021-46926
- ALSA: hda: intel-sdw-acpi: harden detection of controller
-- John Cabaj <[email protected]> Wed, 07 Aug 2024 14:53:29
-0500
** Changed in: linux-azure (Ubuntu Focal)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-46926
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52629
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52760
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-2201
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-24860
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26830
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26921
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26929
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36901
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-39484
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2075762
Title:
focal/linux-azure: 5.4.0-1136.143 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow abi-testing series:
Fix Released
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
In Progress
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-azure source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: 8ca39157bb5ddb10
route-entry: 2
comments:
abi-testing: 1
delta:
promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
issue: KSRU-13473
kernel-stable-master-bug: 2075804
packages:
generate: linux-generate-azure
lrg: linux-restricted-generate-azure
lrm: linux-restricted-modules-azure
lrs: linux-restricted-signatures-azure
main: linux-azure
meta: linux-meta-azure
signed: linux-signed-azure
phase: Promote to Updates
phase-changed: Tuesday, 20. August 2024 21:27 UTC
reason:
promote-to-updates: Ongoing -- packages not yet published
synthetic:
:promote-to-as-proposed: Invalid
trackers:
bionic/linux-azure-5.4: bug 2075761
focal/linux-azure-fips: bug 2075760
variant: debs
versions:
lrm: 5.4.0-1136.143
main: 5.4.0-1136.143
meta: 5.4.0.1136.130
signed: 5.4.0-1136.143
~~:
announce:
swm-transition-crankable: 2024-08-07 08:24:54.799853
clamps:
new-review: 8ca39157bb5ddb10
promote-to-proposed: 8ca39157bb5ddb10
self: 5.4.0-1136.143
sru-review: 8ca39157bb5ddb10
tracker:
last-message: '2024-08-08 10:30:09.582861+00:00'
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2075762/+subscriptions
--
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to : [email protected]
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help : https://help.launchpad.net/ListHelp
