[ubuntu/jammy-updates] linux 5.15.0-143.153 (Accepted)

[Andy Whitcroft]

linux (5.15.0-143.153) jammy; urgency=medium

  * jammy/linux: 5.15.0-143.153 -proposed tracker (LP: #2114401)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - [Packaging] update annotations scripts

  * CVE-2024-53051
    - drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability

  * CVE-2024-46787
    - userfaultfd: fix checks for huge PMDs

  * CVE-2025-37890
    - net_sched: hfsc: Fix a UAF vulnerability in class with netem as child
      qdisc
    - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
    - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

  * CVE-2025-37997
    - netfilter: ipset: fix region locking in hash types

  * CVE-2025-37798
    - sch_htb: make htb_qlen_notify() idempotent
    - sch_htb: make htb_deactivate() idempotent
    - sch_drr: make drr_qlen_notify() idempotent
    - sch_hfsc: make hfsc_qlen_notify() idempotent
    - sch_qfq: make qfq_qlen_notify() idempotent
    - sch_ets: make est_qlen_notify() idempotent
    - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

  * CVE-2025-37750
    - smb: client: fix UAF in decryption with multichannel

  * CVE-2024-53185
    - smb: client: fix NULL ptr deref in crypto_aead_setkey()

  * CVE-2024-50047
    - smb: client: fix UAF in async decryption

Date: 2025-06-13 19:06:25.403222+00:00
Changed-By: Manuel Diewald <manuel.diewald at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux/5.15.0-143.153
-------------- next part --------------
Sorry, changesfile not available.