{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "linux-headers-5.15.0-1077-kvm", "linux-image-5.15.0-1077-kvm", "linux-kvm-headers-5.15.0-1077", "linux-modules-5.15.0-1077-kvm" ], "removed": [ "linux-headers-5.15.0-1076-kvm", "linux-image-5.15.0-1076-kvm", "linux-kvm-headers-5.15.0-1076", "linux-modules-5.15.0-1076-kvm" ], "diff": [ "libnss-systemd", "libpam-systemd", "libsystemd0", "libudev1", "linux-headers-kvm", "linux-image-kvm", "linux-kvm", "systemd", "systemd-sysv", "systemd-timesyncd", "udev" ] } }, "diff": { "deb": [ { "name": "libnss-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd0", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libudev1", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1076.72", "version": "5.15.0.1076.72" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1077.73", "version": "5.15.0.1077.73" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1077", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1077.73", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:47:26 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1076.72", "version": "5.15.0.1076.72" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1077.73", "version": "5.15.0.1077.73" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1077", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1077.73", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:47:26 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm", "from_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1076.72", "version": "5.15.0.1076.72" }, "to_version": { "source_package_name": "linux-meta-kvm", "source_package_version": "5.15.0.1077.73", "version": "5.15.0.1077.73" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Bump ABI 5.15.0-1077", "" ], "package": "linux-meta-kvm", "version": "5.15.0.1077.73", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:47:26 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-sysv", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-timesyncd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "udev", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.12", "version": "249.11-0ubuntu3.12" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.15", "version": "249.11-0ubuntu3.15" }, "cves": [], "launchpad_bugs_fixed": [ 2078555, 2003250, 2009859, 2037667, 2055200, 2077779 ], "changes": [ { "cves": [], "log": [ "", " * d/systemd.prerm: call d-s-h update-state for resolved on upgrades", " (LP: #2078555)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.15", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2078555 ], "author": "Nick Rosbrook ", "date": "Thu, 20 Feb 2025 08:24:02 -0500" }, { "cves": [], "log": [ "", " [ Ioanna Alifieraki ]", " * network: skip to reassign master ifindex if already set", " (LP: #2003250)", "", " [ Nick Rosbrook ]", " * network: do not bring down a bonding port interface when it is already joined", " (This is a follow-up commit required for LP: 2003250)", "", " * networkd-test: skip test_resolved_domain_restricted_dns", " (LP: #2009859)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.14", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2003250, 2009859 ], "author": "Nick Rosbrook ", "date": "Mon, 16 Dec 2024 15:23:18 -0500" }, { "cves": [], "log": [ "", " [ Lukas Märdian ]", " * Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)", "", " [ Nick Rosbrook ]", " * debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)", "", " [ Chengen Du ]", " * udev: Handle PTP device symlink properly on udev action 'change'", " (LP: #2077779)", "" ], "package": "systemd", "version": "249.11-0ubuntu3.13", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2037667, 2055200, 2077779 ], "author": "Nick Rosbrook ", "date": "Thu, 17 Oct 2024 10:26:55 -0400" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "linux-headers-5.15.0-1077-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1077.82", "version": "5.15.0-1077.82" }, "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2102415, 2102429 ], "changes": [ { "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1077.82 -proposed tracker (LP: #2102415)", "", " [ Ubuntu: 5.15.0-136.147 ]", "", " * jammy/linux: 5.15.0-136.147 -proposed tracker (LP: #2102429)", " * CVE-2024-57798", " - drm/dp_mst: Skip CSN if topology probing is not done yet", " - drm/dp_mst: Ensure mst_primary pointer is valid in", " drm_dp_mst_handle_up_req()", " * CVE-2024-56658", " - net: defer final 'struct net' free in netns dismantle", " * CVE-2024-35864", " - smb: client: fix potential UAF in smb2_is_valid_lease_break()", " * CVE-2024-35864/CVE-2024-26928", " - smb: client: fix potential UAF in cifs_debug_files_proc_show()", "" ], "package": "linux-kvm", "version": "5.15.0-1077.82", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2102415, 2102429 ], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:45:35 -0400" } ], "notes": "linux-headers-5.15.0-1077-kvm version '5.15.0-1077.82' (source package linux-kvm version '5.15.0-1077.82') was added. linux-headers-5.15.0-1077-kvm version '5.15.0-1077.82' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1076-kvm. As such we can use the source package version of the removed package, '5.15.0-1076.81', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1077-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1076.81", "version": null }, "to_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1077.82", "version": "5.15.0-1077.82" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 5.15.0-1077.82", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-kvm", "version": "5.15.0-1077.82", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 1786013 ], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:47:42 -0400" } ], "notes": "linux-image-5.15.0-1077-kvm version '5.15.0-1077.82' (source package linux-signed-kvm version '5.15.0-1077.82') was added. linux-image-5.15.0-1077-kvm version '5.15.0-1077.82' has the same source package name, linux-signed-kvm, as removed package linux-image-5.15.0-1076-kvm. As such we can use the source package version of the removed package, '5.15.0-1076.81', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1077", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1077.82", "version": "5.15.0-1077.82" }, "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2102415, 2102429 ], "changes": [ { "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1077.82 -proposed tracker (LP: #2102415)", "", " [ Ubuntu: 5.15.0-136.147 ]", "", " * jammy/linux: 5.15.0-136.147 -proposed tracker (LP: #2102429)", " * CVE-2024-57798", " - drm/dp_mst: Skip CSN if topology probing is not done yet", " - drm/dp_mst: Ensure mst_primary pointer is valid in", " drm_dp_mst_handle_up_req()", " * CVE-2024-56658", " - net: defer final 'struct net' free in netns dismantle", " * CVE-2024-35864", " - smb: client: fix potential UAF in smb2_is_valid_lease_break()", " * CVE-2024-35864/CVE-2024-26928", " - smb: client: fix potential UAF in cifs_debug_files_proc_show()", "" ], "package": "linux-kvm", "version": "5.15.0-1077.82", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2102415, 2102429 ], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:45:35 -0400" } ], "notes": "linux-kvm-headers-5.15.0-1077 version '5.15.0-1077.82' (source package linux-kvm version '5.15.0-1077.82') was added. linux-kvm-headers-5.15.0-1077 version '5.15.0-1077.82' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1076-kvm. As such we can use the source package version of the removed package, '5.15.0-1076.81', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1077-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": null }, "to_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1077.82", "version": "5.15.0-1077.82" }, "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2102415, 2102429 ], "changes": [ { "cves": [ { "cve": "CVE-2024-57798", "url": "https://ubuntu.com/security/CVE-2024-57798", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.", "cve_priority": "high", "cve_public_date": "2025-01-11 13:15:00 UTC" }, { "cve": "CVE-2024-56658", "url": "https://ubuntu.com/security/CVE-2024-56658", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops. But net structure might be freed before all the dst callbacks are called. So when dst_destroy() calls later : if (dst->ops->destroy) dst->ops->destroy(dst); dst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed. See a relevant issue fixed in : ac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\") A fix is to queue the 'struct net' to be freed after one another cleanup_net() round (and existing rcu_barrier()) [1] BUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112) Read of size 8 at addr ffff8882137ccab0 by task swapper/37/0 Dec 03 05:46:18 kernel: CPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67 Hardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:124) print_address_description.constprop.0 (mm/kasan/report.c:378) ? dst_destroy (net/core/dst.c:112) print_report (mm/kasan/report.c:489) ? dst_destroy (net/core/dst.c:112) ? kasan_addr_to_slab (mm/kasan/common.c:37) kasan_report (mm/kasan/report.c:603) ? dst_destroy (net/core/dst.c:112) ? rcu_do_batch (kernel/rcu/tree.c:2567) dst_destroy (net/core/dst.c:112) rcu_do_batch (kernel/rcu/tree.c:2567) ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406) rcu_core (kernel/rcu/tree.c:2825) handle_softirqs (kernel/softirq.c:554) __irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637) irq_exit_rcu (kernel/softirq.c:651) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) RIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743) Code: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 RSP: 0018:ffff888100d2fe00 EFLAGS: 00000246 RAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123 RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d R10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000 R13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000 ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148) ? cpuidle_idle_call (kernel/sched/idle.c:186) default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118) cpuidle_idle_call (kernel/sched/idle.c:186) ? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168) ? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848) ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406) ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59) do_idle (kernel/sched/idle.c:326) cpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1)) start_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282) ? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232) ? soft_restart_cpu (arch/x86/kernel/head_64.S:452) common_startup_64 (arch/x86/kernel/head_64.S:414) Dec 03 05:46:18 kernel: Allocated by task 12184: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141) copy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480) create_new_namespaces ---truncated---", "cve_priority": "high", "cve_public_date": "2024-12-27 15:15:00 UTC" }, { "cve": "CVE-2024-35864", "url": "https://ubuntu.com/security/CVE-2024-35864", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-05-19 09:15:00 UTC" }, { "cve": "CVE-2024-26928", "url": "https://ubuntu.com/security/CVE-2024-26928", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.", "cve_priority": "high", "cve_public_date": "2024-04-28 12:15:00 UTC" } ], "log": [ "", " * jammy/linux-kvm: 5.15.0-1077.82 -proposed tracker (LP: #2102415)", "", " [ Ubuntu: 5.15.0-136.147 ]", "", " * jammy/linux: 5.15.0-136.147 -proposed tracker (LP: #2102429)", " * CVE-2024-57798", " - drm/dp_mst: Skip CSN if topology probing is not done yet", " - drm/dp_mst: Ensure mst_primary pointer is valid in", " drm_dp_mst_handle_up_req()", " * CVE-2024-56658", " - net: defer final 'struct net' free in netns dismantle", " * CVE-2024-35864", " - smb: client: fix potential UAF in smb2_is_valid_lease_break()", " * CVE-2024-35864/CVE-2024-26928", " - smb: client: fix potential UAF in cifs_debug_files_proc_show()", "" ], "package": "linux-kvm", "version": "5.15.0-1077.82", "urgency": "medium", "distributions": "jammy", "launchpad_bugs_fixed": [ 2102415, 2102429 ], "author": "Benjamin Wheeler ", "date": "Fri, 21 Mar 2025 09:45:35 -0400" } ], "notes": "linux-modules-5.15.0-1077-kvm version '5.15.0-1077.82' (source package linux-kvm version '5.15.0-1077.82') was added. linux-modules-5.15.0-1077-kvm version '5.15.0-1077.82' has the same source package name, linux-kvm, as removed package linux-headers-5.15.0-1076-kvm. As such we can use the source package version of the removed package, '5.15.0-1076.81', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-headers-5.15.0-1076-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": "5.15.0-1076.81" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-5.15.0-1076-kvm", "from_version": { "source_package_name": "linux-signed-kvm", "source_package_version": "5.15.0-1076.81", "version": "5.15.0-1076.81" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-kvm-headers-5.15.0-1076", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": "5.15.0-1076.81" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-5.15.0-1076-kvm", "from_version": { "source_package_name": "linux-kvm", "source_package_version": "5.15.0-1076.81", "version": "5.15.0-1076.81" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 22.04 jammy image from release image serial 20250326 to 20250401", "from_series": "jammy", "to_series": "jammy", "from_serial": "20250326", "to_serial": "20250401", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }