[Canonical-hw-cert] [Bug 2086409] Re: focal/linux-azure: 5.4.0-1141.148 -proposed tracker

[Launchpad Bug Tracker]

*** This bug is a duplicate of bug 2090041 ***
    https://bugs.launchpad.net/bugs/2090041

This bug was fixed in the package linux-azure - 5.4.0-1142.149

---------------
linux-azure (5.4.0-1142.149) focal; urgency=medium

  * focal/linux-azure: 5.4.0-1142.149 -proposed tracker (LP: #2090041)

  [ Ubuntu: 5.4.0-204.224 ]

  * focal/linux: 5.4.0-204.224 -proposed tracker (LP: #2091090)
  * CVE-2024-50264
    - vsock/virtio: Initialization of the dangling pointer occurring in 
vsk->trans
  * CVE-2024-53057
    - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
  * CVE-2024-49967
    - ext4: no need to continue when the number of entries is 1
  * CVE-2024-43892
    - memcg: protect concurrent access to mem_cgroup_idr
  * CVE-2024-38553
    - net: fec: remove .ndo_poll_controller to avoid deadlocks
  * CVE-2024-38597
    - eth: sungem: remove .ndo_poll_controller to avoid deadlocks
  * CVE-2023-52821
    - drm/panel: fix a possible null pointer dereference
  * CVE-2024-36952
    - scsi: lpfc: Move NPIV's transport unregistration to after resource clean 
up
  * CVE-2024-40910
    - ax25: Fix refcount imbalance on inbound connections
  * CVE-2024-35963
    - Bluetooth: hci_sock: Fix not validating setsockopt user input
  * CVE-2024-35965
    - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
    - Bluetooth: L2CAP: Fix not validating setsockopt user input
  * CVE-2024-35966
    - Bluetooth: RFCOMM: Fix not validating setsockopt user input
  * CVE-2024-35967
    - Bluetooth: SCO: Fix not validating setsockopt user input
  * CVE-2021-47101
    - net: asix: fix uninit value bugs
    - asix: fix wrong return value in asix_check_host_enable()
    - asix: fix uninit-value in asix_mdio_read()
  * CVE-2022-38096
    - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
  * CVE-2021-47001
    - xprtrdma: Fix cwnd update ordering

 -- Vinicius Peixoto <vinicius.peix...@canonical.com>  Tue, 10 Dec 2024
20:34:01 -0300

** Changed in: linux-azure (Ubuntu Focal)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47001

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-47101

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-38096

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52821

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35963

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35965

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35966

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-35967

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36952

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38553

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-38597

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-40910

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-43892

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49967

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50264

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53057

-- 
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2086409

Title:
  focal/linux-azure: 5.4.0-1141.148 -proposed tracker

Status in canonical-signing-jobs task00 series:
  Fix Released
Status in Kernel SRU Workflow:
  Fix Committed
Status in Kernel SRU Workflow abi-testing series:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow boot-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
  Fix Released
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-azure source package in Focal:
  Fix Released

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: 8e4b97bd42fee0dc
    route-entry: 1
  comments:
    abi-testing: 1
  delta:
    promote-to-proposed: []
  flag:
    boot-testing-requested: true
    bugs-spammed: true
    proposed-announcement-sent: true
    proposed-testing-requested: true
    stream-from-cycle: true
  issue: KSRU-14697
  kernel-stable-master-bug: 2086451
  packages:
    generate: linux-generate-azure
    lrg: linux-restricted-generate-azure
    lrm: linux-restricted-modules-azure
    lrs: linux-restricted-signatures-azure
    main: linux-azure
    meta: linux-meta-azure
    signed: linux-signed-azure
  phase: Holding before Promote to Updates
  phase-changed: Monday, 06. January 2025 04:21 UTC
  reason:
    promote-to-updates: Holding -- package in development blackout
  synthetic:
    :promote-to-as-proposed: Fix Released
  testing:
    verification-bugs: [2086409, 1786013]
  trackers:
    bionic/linux-azure-5.4: bug 2086408
    focal/linux-azure-fips: bug 2086407
  variant: debs
  versions:
    lrm: 5.4.0-1141.148+1
    main: 5.4.0-1141.148
    meta: 5.4.0.1141.135
    signed: 5.4.0-1141.148
  versions-replace:
    lrm: [5.4.0-1141.148]
  ~~:
    announce:
      swm-transition-crankable: 2024-11-12 11:59:23.775184
    clamps:
      new-review: 8e4b97bd42fee0dc
      promote-to-proposed: 8e4b97bd42fee0dc
      self: 5.4.0-1141.148
      sru-review: 8e4b97bd42fee0dc
    tracker:
      last-message: '2025-01-08 13:39:14.467000+00:00'

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2086409/+subscriptions


-- 
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to     : canonical-hw-cert@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help   : https://help.launchpad.net/ListHelp