This bug was fixed in the package linux-raspi - 6.8.0-1060.64

---------------
linux-raspi (6.8.0-1060.64) noble; urgency=medium

  * noble/linux-raspi: 6.8.0-1060.64 -proposed tracker (LP: #2158426)

  [ Ubuntu: 6.8.0-134.134 ]

  * noble/linux: 6.8.0-134.134 -proposed tracker (LP: #2158432)
  * ext4: writeback causes kernel oops when low on space (LP: #2158377)
    - ext4: get rid of ppath in get_ext_path()

linux-raspi (6.8.0-1059.63) noble; urgency=medium

  * noble/linux-raspi: 6.8.0-1059.63 -proposed tracker (LP: #2157190)

  [ Ubuntu: 6.8.0-131.131 ]

  * noble/linux: 6.8.0-131.131 -proposed tracker (LP: #2157196)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2026-46244
    - netfilter: nft_inner: Fix IPv6 inner_thoff desync
  * CVE-2026-43185
    - ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
  * CVE-2026-46289
    - lib/scatterlist: fix length calculations in extract_kvec_to_sg
  * CVE-2026-46119
    - libceph: Fix slab-out-of-bounds access in auth message processing
  * CVE-2026-46135
    - nvmet-tcp: fix race between ICReq handling and queue teardown
  * CVE-2026-46185
    - smb/client: fix out-of-bounds read in symlink_data()
  * CVE-2026-46195
    - smb: client: validate dacloffset before building DACL pointers
  * CVE-2026-46115
    - block: add pgmap check to biovec_phys_mergeable
  * CVE-2026-43501
    - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
  * CVE-2026-45988
    - rxrpc: Fix re-decryption of RESPONSE packets
  * CVE-2026-46043
    - RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
  * CVE-2026-43493
    - crypto: pcrypt - Fix handling of MAY_BACKLOG requests
  * CVE-2026-43071
    - dcache: Limit the minimal number of bucket to two
  * CVE-2026-31685
    - netfilter: ip6t_eui64: reject invalid MAC header for all packets
  * CVE-2026-43117
    - btrfs: tracepoints: get correct superblock from dentry in event
      btrfs_sync_file()
  * CVE-2026-43114
    - netfilter: nft_set_pipapo_avx2: don't return non-matching entry on
      expiry
  * CVE-2026-31607
    - usbip: validate number_of_packets in usbip_pack_ret_submit()
  * CVE-2026-31659
    - batman-adv: reject oversized global TT response buffers
  * CVE-2026-31649
    - net: stmmac: fix integer underflow in chain mode
  * CVE-2026-31657
    - batman-adv: hold claim backbone gateways by reference
  * CVE-2026-31637
    - rxrpc: reject undecryptable rxkad response tickets
  * CVE-2026-31669
    - mptcp: fix slab-use-after-free in __inet_lookup_established
  * CVE-2026-31668
    - seg6: separate dst_cache for input and output paths in seg6 lwtunnel
  * CVE-2026-43011
    - net/x25: Fix potential double free of skb
  * CVE-2026-43037
    - ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
  * CVE-2026-43341
    - net/ipv6: ioam6: prevent schema length wraparound in trace fill
  * CVE-2026-43038
    - ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
  * CVE-2026-31682
    - bridge: br_nd_send: linearize skb before parsing ND options
  * CVE-2026-31436
    - dmaengine: idxd: fix possible wrong descriptor completion in
      llist_abort_desc()
  * CVE-2026-43384
    - net/tcp-ao: Fix MAC comparison to be constant-time
  * CVE-2026-31448
    - ext4: get rid of ppath in ext4_find_extent()
    - ext4: get rid of ppath in ext4_ext_create_new_leaf()
    - ext4: get rid of ppath in ext4_ext_insert_extent()
    - ext4: avoid infinite loops caused by residual data
  * CVE-2026-31478
    - ksmbd: replace hardcoded hdr2_len with offsetof() in
      smb2_calc_max_out_buf_len()
  * CVE-2026-23428
    - ksmbd: fix use-after-free of share_conf in compound request
  * CVE-2026-23450
    - net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()
  * CVE-2026-23455
    - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
  * CVE-2026-31402
    - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
  * CVE-2026-43383
    - net/tcp-md5: Fix MAC comparison to be constant-time
  * CVE-2026-43378
    - smb: server: fix use-after-free in smb2_open()
  * CVE-2026-46243
    - smb: client: reject userspace cifs.spnego descriptions
  * CVE-2026-43414
    - scsi: qla2xxx: Completely fix fcport double free
  * CVE-2026-43407
    - libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
  * CVE-2026-43406
    - libceph: prevent potential out-of-bounds reads in
      process_message_header()

 -- Alessio Faina <[email protected]>  Mon, 29 Jun 2026
09:13:38 +0200

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2150798

Title:
  CONFIG_BPF_LSM not enabled in linux-raspi arm64 kernel

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-raspi/+bug/2150798/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to