[Bug 2154023] Re: DGX Cloud GB300 clusters fail to build due zero dmac race in neighbor resolution

[Launchpad Bug Tracker]

This bug was fixed in the package linux-aws - 6.17.0-1019.19

---------------
linux-aws (6.17.0-1019.19) questing; urgency=medium

  * questing/linux-aws: 6.17.0-1019.19 -proposed tracker (LP: #2157606)

  [ Ubuntu: 6.17.0-40.40 ]

  * questing/linux: 6.17.0-40.40 -proposed tracker (LP: #2157631)
  * CVE-2026-43037
    - ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

  [ Ubuntu: 6.17.0-39.39 ]

  * questing/linux: 6.17.0-39.39 -proposed tracker (LP: #2157145)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2026-45988
    - rxrpc: Fix re-decryption of RESPONSE packets
  * CVE-2026-46135
    - nvmet-tcp: fix race between ICReq handling and queue teardown
  * CVE-2026-46195
    - smb: client: validate dacloffset before building DACL pointers
  * CVE-2026-31402
    - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
  * CVE-2026-43378
    - smb: server: fix use-after-free in smb2_open()
  * CVE-2026-31657
    - batman-adv: hold claim backbone gateways by reference
  * CVE-2026-46266
    - inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP
  * CVE-2026-46289
    - lib/scatterlist: fix length calculations in extract_kvec_to_sg
  * CVE-2026-31436
    - dmaengine: idxd: fix possible wrong descriptor completion in
      llist_abort_desc()
  * CVE-2026-31649
    - net: stmmac: fix integer underflow in chain mode
  * CVE-2026-31659
    - batman-adv: reject oversized global TT response buffers
  * CVE-2026-31448
    - ext4: avoid infinite loops caused by residual data
  * CVE-2026-43071
    - dcache: Limit the minimal number of bucket to two
  * CVE-2026-31478
    - ksmbd: replace hardcoded hdr2_len with offsetof() in
      smb2_calc_max_out_buf_len()
  * CVE-2026-31682
    - bridge: br_nd_send: linearize skb before parsing ND options
  * CVE-2026-43117
    - btrfs: tracepoints: get correct superblock from dentry in event
      btrfs_sync_file()
  * CVE-2026-31669
    - mptcp: fix slab-use-after-free in __inet_lookup_established
  * CVE-2026-46115
    - block: add pgmap check to biovec_phys_mergeable
  * CVE-2026-45898
    - RDMA/iwcm: Fix workqueue list corruption by removing work_list
  * CVE-2026-46244
    - netfilter: nft_inner: Fix IPv6 inner_thoff desync
  * CVE-2026-43493
    - crypto: pcrypt - Fix handling of MAY_BACKLOG requests
  * CVE-2026-43186
    - ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()
  * CVE-2026-31685
    - netfilter: ip6t_eui64: reject invalid MAC header for all packets
  * CVE-2026-43114
    - netfilter: nft_set_pipapo_avx2: don't return non-matching entry on
      expiry
  * CVE-2026-46325
    - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE
  * CVE-2026-31668
    - seg6: separate dst_cache for input and output paths in seg6 lwtunnel
  * CVE-2026-43197
    - netconsole: avoid OOB reads, msg is not nul-terminated
  * CVE-2026-43083
    - net: ioam6: fix OOB and missing lock
  * CVE-2026-46043
    - RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
  * CVE-2026-23428
    - ksmbd: fix use-after-free of share_conf in compound request
  * CVE-2026-23450
    - net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()
  * CVE-2026-46185
    - smb/client: fix out-of-bounds read in symlink_data()
  * CVE-2026-23455
    - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
  * CVE-2026-46119
    - libceph: Fix slab-out-of-bounds access in auth message processing
  * CVE-2026-46039
    - rxgk: Fix potential integer overflow in length check
  * CVE-2026-23427
    - ksmbd: fix use-after-free in durable v2 replay of active file handles
  * CVE-2026-31718
    - ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger
  * CVE-2026-31637
    - rxrpc: reject undecryptable rxkad response tickets
  * CVE-2026-43011
    - net/x25: Fix potential double free of skb
  * CVE-2026-43038
    - ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
  * CVE-2026-31635
    - rxrpc: fix oversized RESPONSE authenticator length check
  * CVE-2026-43501
    - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
  * CVE-2026-43125
    - dlm: validate length in dlm_search_rsb_tree
  * CVE-2026-46316
    - KVM: arm64: vgic-its: Drop the translation cache reference only for the
      erased entry
  * CVE-2026-43185
    - ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
  * CVE-2026-43341
    - net/ipv6: ioam6: prevent schema length wraparound in trace fill
  * CVE-2026-31607
    - usbip: validate number_of_packets in usbip_pack_ret_submit()
  * CVE-2026-43402
    - kthread: consolidate kthread exit paths to prevent use-after-free
  * CVE-2026-43384
    - net/tcp-ao: Fix MAC comparison to be constant-time
  * CVE-2026-43383
    - net/tcp-md5: Fix MAC comparison to be constant-time
  * CVE-2026-43376
    - ksmbd: fix use-after-free by using call_rcu() for oplock_info
  * CVE-2026-46243
    - smb: client: reject userspace cifs.spnego descriptions
  * CVE-2026-43414
    - scsi: qla2xxx: Completely fix fcport double free
  * CVE-2026-43407
    - libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
  * CVE-2026-43406
    - libceph: prevent potential out-of-bounds reads in
      process_message_header()
  * CVE-2026-43304
    - libceph: define and enforce CEPH_MAX_KEY_LEN
  * CVE-2026-22984
    - libceph: prevent potential out-of-bounds reads in handle_auth_done()

 -- Manuel Diewald <manuel.diew...@canonical.com>  Fri, 19 Jun 2026
18:23:51 +0200

** Changed in: linux-aws (Ubuntu Questing)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.org/CVERecord?id=CVE-2026-22984

** CVE added: https://cve.org/CVERecord?id=CVE-2026-23427

** CVE added: https://cve.org/CVERecord?id=CVE-2026-23428

** CVE added: https://cve.org/CVERecord?id=CVE-2026-23450

** CVE added: https://cve.org/CVERecord?id=CVE-2026-23455

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31402

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31436

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31448

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31478

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31607

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31635

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31637

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31649

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31657

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31659

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31668

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31669

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31682

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31685

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31718

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43011

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43037

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43038

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43071

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43083

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43114

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43117

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43125

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43185

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43186

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43197

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43304

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43341

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43376

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43378

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43383

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43384

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43402

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43406

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43407

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43414

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43493

** CVE added: https://cve.org/CVERecord?id=CVE-2026-43501

** CVE added: https://cve.org/CVERecord?id=CVE-2026-45898

** CVE added: https://cve.org/CVERecord?id=CVE-2026-45988

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46039

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46043

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46115

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46119

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46135

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46185

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46195

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46243

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46244

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46266

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46289

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46316

** CVE added: https://cve.org/CVERecord?id=CVE-2026-46325

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154023

Title:
  DGX Cloud GB300 clusters fail to build due zero dmac race in neighbor
  resolution

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/2154023/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs