From a7bbcbe5de91a5987a6897882871dea34eaee08b Mon Sep 17 00:00:00 2001 From: Mehmet Basaran Date: Tue, 15 Apr 2025 20:24:37 +0300 Subject: [PATCH] UBUNTU: Ubuntu-6.8.0-60.63 Signed-off-by: Mehmet Basaran --- debian.master/changelog | 1119 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 1114 insertions(+), 5 deletions(-) diff --git a/debian.master/changelog b/debian.master/changelog index fdbb726816d5..3d36aa9744e8 100644 --- a/debian.master/changelog +++ b/debian.master/changelog @@ -1,10 +1,1119 @@ -linux (6.8.0-60.63) UNRELEASED; urgency=medium +linux (6.8.0-60.63) noble; urgency=medium - CHANGELOG: Do not edit directly. Autogenerated at release. - CHANGELOG: Use the printchanges target to see the curent changes. - CHANGELOG: Use the insertchanges target to create the final log. + * noble/linux: 6.8.0-60.63 -proposed tracker (LP: #2107138) - -- Mehmet Basaran Tue, 15 Apr 2025 19:55:08 +0300 + * Packaging resync (LP: #1786013) + - [Packaging] debian.master/dkms-versions -- update from kernel-versions + (main/2025.04.14) + + * Missing upstream commits for LP: #2102181 (LP: #2107336) + - libperf cpumap: Add any, empty and min helpers + - libperf cpumap: Ensure empty cpumap is NULL from alloc + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) + - memblock: use numa_valid_node() helper to check for invalid node ID + - jbd2: increase IO priority for writing revoke records + - jbd2: flush filesystem device before updating tail sequence + - dm array: fix unreleased btree blocks on closing a faulty array cursor + - dm array: fix cursor index when skipping across block boundaries + - exfat: fix the infinite loop in __exfat_free_cluster() + - erofs: fix PSI memstall accounting + - ASoC: rt722: add delay time to wait for the calibration procedure + - ASoC: mediatek: disable buffer pre-allocation + - selftests/alsa: Fix circular dependency involving global-timer + - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() + - net: 802: LLC+SNAP OID:PID lookup on start of skb data + - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog + - tcp/dccp: allow a connection when sk_max_ack_backlog is zero + - net: libwx: fix firmware mailbox abnormal return + - pds_core: limit loop over fw name list + - bnxt_en: Fix possible memory leak when hwrm_req_replace fails + - cxgb4: Avoid removal of uninserted tid + - ice: fix incorrect PHY settings for 100 GB/s + - igc: return early when failing to read EECD register + - tls: Fix tls_sw_sendmsg error handling + - eth: gve: use appropriate helper to set xdp_features + - Bluetooth: hci_sync: Fix not setting Random Address when required + - Bluetooth: MGMT: Fix Add Device to responding before completing + - Bluetooth: btnxpuart: Fix driver sending truncated data + - tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset + - riscv: Fix early ftrace nop patching + - memblock tests: fix implicit declaration of function 'numa_valid_node' + - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on + - netfilter: nf_tables: imbalance in flowtable binding + - drm/mediatek: stop selecting foreign drivers + - [Config] updateconfigs for MTK_SMI + - drm/mediatek: Fix YCbCr422 color format issue for DP + - drm/mediatek: Fix mode valid issue for dp + - drm/mediatek: Add return value check when reading DPCD + - cpuidle: riscv-sbi: fix device node release in early exit of + for_each_possible_cpu + - scsi: ufs: qcom: Power off the PHY if it was already powered on in + ufs_qcom_power_up_sequence() + - dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY + - ksmbd: Implement new SMB3 POSIX type + - thermal: of: fix OF node leak in of_thermal_zone_find() + - smb: client: sync the root session and superblock context passwords before + automounting + - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] + - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] + - drm/amd/display: increase MAX_SURFACES to the value supported by hw + - io_uring/timeout: fix multishot updates + - dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) + - USB: serial: option: add MeiG Smart SRM815 + - USB: serial: option: add Neoway N723-EA support + - staging: iio: ad9834: Correct phase range check + - staging: iio: ad9832: Correct phase range check + - usb-storage: Add max sectors quirk for Nokia 208 + - USB: serial: cp210x: add Phoenix Contact UPS Device + - usb: dwc3: gadget: fix writing NYET threshold + - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set + config + - tty: serial: 8250: Fix another runtime PM usage counter underflow + - usb: dwc3-am62: Disable autosuspend during remove + - USB: usblp: return error when setting unsupported protocol + - USB: core: Disable LPM only for non-suspended ports + - usb: fix reference leak in usb_new_device() + - usb: gadget: midi2: Reverse-select at the right place + - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in + the error path of .probe() + - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints + - usb: typec: tcpm/tcpci_maxim: fix error code in + max_contaminant_read_resistance_kohm() + - usb: gadget: configfs: Ignore trailing LF for user strings to cdev + - iio: gyro: fxas21002c: Fix missing data update in trigger handler + - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() + - iio: inkern: call iio_device_put() only on mapped devices + - iio: adc: ad7124: Disable all channels at probe time + - riscv: kprobes: Fix incorrect address calculation + - ARM: dts: imxrt1050: Fix clocks for mmc + - arm64: dts: rockchip: add hevc power domain clock to rk3328 + - pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop + - pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe() + - workqueue: Add rcu lock check at the end of work item execution + - workqueue: Update lock debugging code + - mm/hugetlb: enforce that PMD PT sharing has split PMD PT locks + - riscv: Fix text patching when IPI are used + - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported + - ovl: pass realinode to ovl_encode_real_fh() instead of realdentry + - net: don't dump Tx and uninitialized NAPIs + - ice: fix max values for dpll pin phase adjust + - net: hns3: fixed reset failure issues caused by the incorrect reset type + - net: hns3: fix missing features due to dev->features configuration too early + - net: hns3: Resolved the issue that the debugfs query result is inconsistent. + - net: hns3: initialize reset_timer before hclgevf_misc_irq_init() + - mctp i3c: fix MCTP I3C driver multi-thread issue + - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() + - drm/mediatek: Add support for 180-degree rotation in the display driver + - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 + - platform/x86: intel/pmc: Fix ioremap() of bad address + - riscv: module: remove relocation_head rel_entry member allocation + - cgroup/cpuset: Prevent leakage of isolated CPUs into sched domains + - fs: kill MNT_ONRB + - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset + - drm/amd/pm: fix BUG: scheduling while atomic + - drm/amdkfd: wq_release signals dma_fence only when available + - drm/amd/display: fix divide error in DM plane scale calcs + - drm/amd/display: fix page fault due to max surface definition mismatch + - serial: stm32: use port lock wrappers for break control + - usb: host: xhci-plat: set skip_phy_initialization if software node has + XHCI_SKIP_PHY_INIT property + - iio: imu: inv_icm42600: add register caching in the regmap + - iio: imu: inv_icm42600: fix spi burst write not supported + - Upstream stable to v6.6.71, v6.6.72, v6.12.10 + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21659 + - netdev: prevent accessing NAPI instances from another namespace + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21634 + - cgroup/cpuset: remove kernfs active break + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21635 + - rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21643 + - netfs: Fix kernel async DIO + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21649 + - net: hns3: fix kernel crash when 1588 is sent on HIP08 devices + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21650 + - net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21651 + - net: hns3: don't auto enable misc vector + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21654 + - ovl: support encoding fid from inode with no alias + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57883 + - mm: hugetlb: independent PMD page table shared count + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57888 + - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from + !WQ_MEM_RECLAIM worker + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21631 + - block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21656 + - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21655 + - io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57904 + - iio: adc: at91: call input_free_device() on allocated iio_dev + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57906 + - iio: adc: ti-ads8688: fix information leak in triggered buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57907 + - iio: adc: rockchip_saradc: fix information leak in triggered buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57908 + - iio: imu: kmx61: fix information leak in triggered buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57910 + - iio: light: vcnl4035: fix information leak in triggered buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57911 + - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered + buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57912 + - iio: pressure: zpa2326: fix information leak in triggered buffer + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57913 + - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21632 + - x86/fpu: Ensure shadow stack is active before "getting" registers + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57916 + - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57917 + - topology: Keep the cpumask unchanged when printing cpumap + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57939 + - riscv: Fix sleeping in invalid context in die() + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21636 + - sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21637 + - sctp: sysctl: udp_port: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21638 + - sctp: sysctl: auth_enable: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21639 + - sctp: sysctl: rto_min/max: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21640 + - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21642 + - mptcp: sysctl: sched: avoid using current->nsproxy + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21664 + - dm thin: make get_first_thin use rcu-safe list first function + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57945 + - riscv: mm: Fix the out of bound issue of vmemmap address + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21660 + - ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21645 + - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled + it + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21646 + - afs: Fix the maximum cell name length + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57925 + - ksmbd: fix a missing return value check bug + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57926 + - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind + returns err + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21662 + - net/mlx5: Fix variable not being completed when function returns + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21663 + - net: stmmac: dwmac-tegra: Read iommu stream id from device tree + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21647 + - sched: sch_cake: add bounds checks to host bulk flow fairness counts + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21648 + - netfilter: conntrack: clamp maximum hashtable size to INT_MAX + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21652 + - ipvlan: Fix use-after-free in ipvlan_get_iflink(). + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21658 + - btrfs: avoid NULL pointer dereference if no valid extent tree + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2025-21653 + - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-47736 + - erofs: handle overlapped pclusters out of crafted images properly + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57940 + - exfat: fix the infinite loop in exfat_readdir() + + * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) // + CVE-2024-57929 + - dm array: fix releasing a faulty array block twice in dm_array_cursor_end + + * intel_idle: add Granite Rapids Xeon (D) support (LP: #2106638) + - intel_idle: add Granite Rapids Xeon support + - intel_idle: add Granite Rapids Xeon D support + + * [SRU] Enable speaker/mic mute LEDs on Lenovo ideapad and thinkbook + (LP: #2106449) + - ALSA: hda: Support for Ideapad hotkey mute LEDs + - platform/x86:lenovo-wmi-hotkey-utilities.c: Support for mic and audio mute + LEDs + - [Config] Enable Lenovo wmi hotkey driver + + * Backport "PCI: Wait for device readiness with Configuration RRS" to N/O + (LP: #2106251) + - PCI: Wait for device readiness with Configuration RRS + - PCI: Avoid FLR for Mediatek MT7922 WiFi + + * Enable OOB P-state control for Intel Sierra Forest/Granite Rapids + (LP: #2106275) + - cpufreq: intel_pstate: Support Granite Rapids and Sierra Forest OOB mode + + * mptcp BUG 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr + (LP: #2101120) + - mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr + + * CVE-2025-21971 + - net_sched: Prevent creation of classes with TC_H_ROOT + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) + - smb/client: rename cifs_ntsd to smb_ntsd + - smb/client: rename cifs_sid to smb_sid + - smb/client: rename cifs_acl to smb_acl + - smb/client: rename cifs_ace to smb_ace + - fs/smb/client: implement chmod() for SMB3 POSIX Extensions + - smb: client: stop flooding dmesg in smb2_calc_signature() + - media: uvcvideo: Force UVC version to 1.0a for 0408:4033 + - Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 + - watchdog: rzg2l_wdt: Remove reset de-assert from probe + - watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset + - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler + - ALSA: ump: Use guard() for locking + - ALSA: ump: Don't open legacy substream for an inactive group + - scsi: mpi3mr: Use ida to manage mrioc ID + - scsi: mpi3mr: Start controller indexing from 0 + - ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 + - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A + - x86/ptrace: Cleanup the definition of the pt_regs structure + - x86/ptrace: Add FRED additional information to the pt_regs structure + - Bluetooth: btusb: add callback function in btusb suspend/resume + - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect + - platform/x86: mlx-platform: call pci_dev_put() to balance the refcount + - mmc: sdhci-msm: fix crypto key eviction + - tracing: Handle old buffer mappings for event strings and functions + - tracing: Fix trace_check_vprintf() when tp_printk is used + - tracing: Check "%s" dereference via the field and not the TP_printk format + - RDMA/bnxt_re: Allow MSN table capability check + - RDMA/bnxt_re: Remove always true dattr validity check + - RDMA/mlx5: Enforce same type port association for multiport RoCE + - RDMA/bnxt_re: Avoid initializing the software queue for user queues + - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters + - nvme-pci: 512 byte aligned dma pool segment quirk + - RDMA/bnxt_re: Fix the check for 9060 condition + - RDMA/bnxt_re: Add check for path mtu in modify_qp + - RDMA/bnxt_re: Fix reporting hw_ver in query_device + - RDMA/bnxt_re: Fix max_qp_wrs reported + - RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters + - RDMA/bnxt_re: Disable use of reserved wqes + - RDMA/bnxt_re: Add send queue size check for variable wqe + - RDMA/bnxt_re: Fix MSN table size for variable wqe mode + - drm/bridge: adv7511_audio: Update Audio InfoFrame properly + - net: dsa: microchip: Fix KSZ9477 set_ageing_time function + - net: dsa: microchip: Fix LAN937X set_ageing_time function + - RDMA/hns: Refactor mtr find + - RDMA/hns: Remove unused parameters and variables + - RDMA/hns: Fix mapping error of zero-hop WQE buffer + - RDMA/hns: Fix warning storm caused by invalid input in IO path + - RDMA/hns: Fix missing flush CQE for DWQE + - ip_tunnel: annotate data-races around t->parms.link + - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() + - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() + - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() + - net: Fix netns for ip_tunnel_init_flow() + - net/mlx5: DR, select MSIX vector 0 for completion queue creation + - net/mlx5e: macsec: Maintain TX SA from encoding_sa + - drm/i915/dg1: Fix power gate sequence. + - net: llc: reset skb->transport_header + - ALSA: usb-audio: US16x08: Initialize array before use + - eth: bcmsysport: fix call balance of priv->clk handling routines + - net: mv643xx_eth: fix an OF node reference leak + - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params + - net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() + - net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during iep_init + - wifi: mac80211: wake the queues in case of failure in resume + - ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers + - ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model + - sound: usb: enable DSD output for ddHiFi TC44C + - sound: usb: format: don't warn that raw DSD is unsupported + - bpf: fix potential error return + - ksmbd: retry iterate_dir in smb2_query_dir + - smb: client: destroy cfid_put_wq on module exit + - net: usb: qmi_wwan: add Telit FE910C04 compositions + - irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base + - ARC: build: Try to guess GCC variant of cross compiler + - RDMA/bnxt_re: Fix the max WQE size for static WQE support + - modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host + - modpost: fix the missed iteration for the max bit in do_input() + - ALSA: seq: Check UMP support for midi_version change + - ALSA hda/realtek: Add quirk for Framework F111:000C + - kcov: mark in_softirq_really() as __always_inline + - scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity + - sky2: Add device ID 11ab:4373 for Marvell 88E8075 + - drm: adv7511: Drop dsi single lane support + - dt-bindings: display: adi,adv7533: Drop single lane support + - fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit + - mm/readahead: fix large folio support in async readahead + - mptcp: fix recvbuffer adjust on sleeping rcvmsg + - mptcp: don't always assume copied data in mptcp_cleanup_rbuf() + - RDMA/bnxt_re: Fix max SGEs for the Work Request + - scsi: hisi_sas: Remove redundant checks for automatic debugfs dump + - platform/x86: hp-wmi: Add thermal profile support for 8BAD boards + - platform/x86: hp-wmi: Fix platform profile option switch bug on Omen and + Victus laptops + - platform/x86: hp-wmi: Fix implementation of the platform_profile_omen_get + function + - platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile + - RDMA/core: Fix ENODEV error for iWARP test over vlan + - net: phy: micrel: Dynamically control external clock of KSZ PHY + - netdev-genl: avoid empty messages in napi get + - net: stmmac: restructure the error path of stmmac_probe_config_dt() + - net/mlx5e: Fix netif state handling + - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only + - drm/i915/cx0_phy: Fix C10 pll programming sequence + - RDMA/bnxt_re: Fix error recovery sequence + - btrfs: allow swap activation to be interruptible + - perf/x86/intel: Add Arrow Lake U support + - ALSA: hda: cs35l56: Remove calls to + cs35l56_force_sync_asp1_registers_from_cache() + - ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio + - spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA. + - ARC: build: disallow invalid PAE40 + 4K page config + - bpf: refactor bpf_helper_changes_pkt_data to use helper number + - bpf: consider that tail calls invalidate packet pointers + - maple_tree: reload mas before the second call for mas_empty_area + - io_uring/rw: fix downgraded mshot read + - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* + - net: ethernet: ti: am65-cpsw: default to round-robin for host port receive + - gve: process XSK TX descriptors as part of RX NAPI + - gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup + - mm: reinstate ability to map write-sealed memfd mappings read-only + - Upstream stable to v6.6.70, v6.12.9 + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57898 + - wifi: cfg80211: clear link ID from bitmap during link delete after clean up + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57882 + - mptcp: fix TCP options overflow. + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57884 + - mm: vmscan: account for free pages to prevent infinite Loop in + throttle_direct_reclaim() + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57885 + - mm/kmemleak: fix sleeping function called from invalid context at print + message + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57932 + - gve: guard XDP xmit NDO on existence of xdp queues + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57933 + - gve: guard XSK operations on the existence of queues + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57887 + - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57938 + - net/sctp: Prevent autoclose integer overflow in sctp_association_init() + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57889 + - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57890 + - RDMA/uverbs: Prevent integer overflow issue + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57892 + - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57893 + - ALSA: seq: oss: Fix races at processing SysEx messages + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57895 + - ksmbd: set ATTR_CTIME flags when setting mtime + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57896 + - btrfs: flush delalloc workers queue before stopping cleaner kthread during + unmount + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57897 + - drm/amdkfd: Correct the migration DMA map direction + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57899 + - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57900 + - ila: serialize calls to nf_register_net_hooks() + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57901 + - af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57902 + - af_packet: fix vlan_get_tci() vs MSG_PEEK + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57903 + - net: restrict SO_REUSEPORT to inet sockets + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-36476 + - RDMA/rtrs: Ensure 'ib_sge list' is accessible + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-39282 + - net: wwan: t7xx: Fix FSM command timeout issue + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57801 + - net/mlx5e: Skip restore TC rules for vport rep without loaded flag + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57802 + - netrom: check buffer length before accessing it + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57841 + - net: fix memory leak in tcp_conn_request() + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-57931 + - selinux: ignore unknown extended permissions + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-56761 + - x86/fred: Clear WFE in missing-ENDBRANCH #CPs + + * Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) // + CVE-2024-53179 + - smb: client: fix use-after-free of signing key + + * uprobe-related panics during profiling (LP: #2104210) + - uprobes: Fix race in uprobe_free_utask + + * ubuntu_bpf failed to build on Noble / Oracular (LP: #2069407) + - selftests/bpf: Fix compilation failure when CONFIG_NET_FOU!=y + + * nfsd hangs and never recovers after NFS4ERR_DELAY and a connection loss + (LP: #2103564) + - NFSD: Reset cb_seq_status after NFS4ERR_DELAY + + * thermal: Fix temperature readings on intel hardware (LP: #2103427) + - thermal: intel: intel_tcc: Add model checks for temperature registers + - thermal: intel: intel_tcc_cooling: Use a model-specific bitmask for TCC + offset + - hwmon: (coretemp) Extend the bitmask to read temperature to 0xff + + * [SRU] Fix Lenovo M70/90 gen6 micmute key and led (LP: #2101811) + - ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform + - ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) + - ceph: allocate sparse_ext map only for sparse reads + - mm/vmstat: fix a W=1 clang compiler warning + - tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() + - tcp_bpf: Add sk_rmem_alloc related logic for tcp_bpf ingress redirection + - bpf: Check negative offsets in __bpf_skb_min_len() + - mtd: diskonchip: Cast an operand to prevent potential overflow + - mtd: rawnand: arasan: Fix double assertion of chip-select + - mtd: rawnand: arasan: Fix missing de-registration of NAND + - phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP + - phy: core: Fix an OF node refcount leakage in _of_phy_get() + - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() + - phy: core: Fix that API devm_phy_put() fails to release the phy + - phy: core: Fix that API devm_of_phy_provider_unregister() fails to + unregister the phy provider + - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy + - phy: usb: Toggle the PHY power during init + - phy: rockchip: naneng-combphy: fix phy reset + - dmaengine: mv_xor: fix child node refcount handling in early exit + - dmaengine: dw: Select only supported masters for ACPI devices + - dmaengine: tegra: Return correct DMA status when paused + - dmaengine: fsl-edma: implement the cleanup path of fsl_edma3_attach_pd() + - dmaengine: apple-admac: Avoid accessing registers in probe + - stddef: make __struct_group() UAPI C++-friendly + - tracing/kprobe: Make trace_kprobe's module callback called after jump_label + update + - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 + - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT + - scsi: qla1280: Fix hw revision numbering for ISP1020/1040 + - udf: Skip parent dir link count update if corrupted + - ALSA: hda/conexant: fix Z60MR100 startup pop issue + - ALSA: sh: Use standard helper for buffer accesses + - smb: server: Fix building with GCC 15 + - regmap: Use correct format specifier for logging range errors + - LoongArch: Fix reserving screen info memory for above-4G firmware + - LoongArch: BPF: Adjust the parameter of emit_jirl() + - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF + - spi: intel: Add Panther Lake SPI controller support + - scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load + time + - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN + as an error + - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() + - blk-mq: register cpuhp callback after hctx is added to xarray table + - blk-mq: move cpuhp callback registering out of q->sysfs_lock + - MIPS: Probe toolchain support of -msym32 + - MIPS: mipsregs: Set proper ISA level for virt extensions + - freezer, sched: Report frozen tasks as 'D' instead of 'R' + - tracing: Constify string literal data member in struct trace_event_call + - io_uring/sqpoll: fix sqpoll error handling races + - i2c: microchip-core: actually use repeated sends + - i2c: imx: add imx7d compatible string for applying erratum ERR007805 + - i2c: microchip-core: fix "ghost" detections + - btrfs: sysfs: fix direct super block member reads + - ALSA: sh: Fix wrong argument order for copy_from_iter() + - block: avoid to reuse `hctx` not removed from cpuhp callback list + - fork: avoid inappropriate uprobe access to invalid mm + - ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP + - power: supply: bq24190: Fix BQ24296 Vbus regulator support + - udf: Verify inode link counts before performing rename + - ALSA: ump: Indicate the inactive group in legacy substream names + - ALSA: ump: Update legacy substream names upon FB info update + - scsi: mpi3mr: Synchronize access to ioctl data buffer + - scsi: mpi3mr: Handling of fault code for insufficient power + - objtool: Add bch2_trans_unlocked_error() to bcachefs noreturns + - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL + - perf/x86/intel/ds: Add PEBS format 6 + - btrfs: add and use helper to verify the calling task has locked the inode + - btrfs: fix race with memory mapped writes when activating swap file + - btrfs: fix swap file activation failure due to extents that used to be + shared + - ALSA: ump: Shut up truncated string warning + - Upstream stable to v6.6.69, v6.12.8 + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56758 + - btrfs: check folio mapping after unlock in relocate_one_folio() + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56759 + - btrfs: fix use-after-free when COWing tree bock and tracing is enabled + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57806 + - btrfs: fix transaction atomicity bug when enabling simple quotas + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57793 + - virt: tdx-guest: Just leak decrypted memory on unrecoverable errors + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56764 + - ublk: detach gendisk from ublk device if add_disk() fails + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57804 + - scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57792 + - power: supply: gpio-charger: Fix set charge current limits + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56760 + - PCI/MSI: Handle lack of irqdomain gracefully + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56763 + - tracing: Prevent bad count for tracing_cpumask_write + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57946 + - virtio-blk: don't keep queue frozen during system suspend + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-57807 + - scsi: megaraid_sas: Fix for a potential deadlock + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56767 + - dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset + + * Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) // + CVE-2024-56769 + - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) + - usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with + iommu enabled + - PCI: vmd: Create domain symlink before pci_bus_add_devices() + - PCI: Add ACS quirk for Broadcom BCM5760X NIC + - usb: cdns3-ti: Add workaround for Errata i2409 + - MIPS: Loongson64: DTS: Fix msi node for ls7a + - ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP + - ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C + - usb: cdns3: Add quirk flag to enable suspend residency + - platform/x86: p2sb: Make p2sb_get_devfn() return void + - p2sb: Factor out p2sb_read_from_cache() + - p2sb: Introduce the global flag p2sb_hidden_by_bios + - p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache() + - p2sb: Do not scan and remove the P2SB device when it is unhidden + - i2c: pnx: Fix timeout in wait functions + - xfs: fix the contact address for the sysfs ABI documentation + - xfs: verify buffer, inode, and dquot items every tx commit + - xfs: use consistent uid/gid when grabbing dquots for inodes + - xfs: declare xfs_file.c symbols in xfs_file.h + - xfs: create a new helper to return a file's allocation unit + - xfs: Fix xfs_flush_unmap_range() range for RT + - xfs: Fix xfs_prepare_shift() range for RT + - xfs: convert comma to semicolon + - xfs: fix file_path handling in tracepoints + - xfs: remove unused parameter in macro XFS_DQUOT_LOGRES + - xfs: attr forks require attr, not attr2 + - xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set + - xfs: Fix the owner setting issue for rmap query in xfs fsmap + - xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code + - xfs: take m_growlock when running growfsrt + - xfs: reset rootdir extent size hint after growfsrt + - tools: hv: change permissions of NetworkManager configuration file + - cxl/pci: Fix potential bogus return value upon successful probing + - cxl/region: Fix region creation for greater than x2 switches + - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll + - ionic: use ee->offset when returning sprom data + - net: renesas: rswitch: rework ts tags management + - net: hinic: Fix cleanup in create_rxqs/txqs() + - net: ethernet: bgmac-platform: fix an OF node reference leak + - ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems + - netfilter: ipset: Fix for recursive locking warning + - selftests: openvswitch: fix tcpdump execution + - net: mdiobus: fix an OF node reference leak + - mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk + - mmc: mtk-sd: disable wakeup in .remove() and in the error path of .probe() + - EDAC/amd64: Simplify ECC check on unified memory controllers + - chelsio/chtls: prevent potential integer overflow on 32bit + - i2c: riic: Always round-up when calculating bus period + - efivarfs: Fix error on non-existent file + - hexagon: Disable constant extender optimization for LLVM prior to 19.1.0 + - USB: serial: option: add TCL IK512 MBIM & ECM + - USB: serial: option: add MeiG Smart SLM770A + - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready + - USB: serial: option: add MediaTek T7XX compositions + - USB: serial: option: add Telit FE910C04 rmnet compositions + - thunderbolt: Improve redrive mode handling + - drm/panel: novatek-nt35950: fix return value check in nt35950_probe() + - i915/guc: Reset engine utilization buffer before registration + - i915/guc: Ensure busyness counter increases motonically + - i915/guc: Accumulate active runtime on gt reset + - hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit + Registers + - hwmon: (tmp513) Fix Current Register value interpretation + - hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit + Registers + - zram: refuse to use zero sized block device as backing device + - zram: fix uninitialized ZRAM not releasing backing device + - zram: fix potential UAF of zram table + - vmalloc: fix accounting with i915 + - btrfs: tree-checker: reject inline extent items with 0 ref count + - smb: client: fix TCP timers deadlock after rmmod + - tracing: Fix test_event_printk() to process entire print argument + - tracing: Add missing helper functions in event pointer dereference check + - tracing: Add "%s" check in test_event_printk() + - tracing: Have process_string() also allow arrays + - selftests/memfd: run sysctl tests when PID namespace support is enabled + - selftests/bpf: Use asm constraint "m" for LoongArch + - io_uring: Fix registered ring file refcount leak + - NFS/pnfs: Fix a live lock between recalled layouts and layoutget + - of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent() + - of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() + - nilfs2: fix buffer head leaks in calls to truncate_inode_pages() + - udmabuf: also check for F_SEAL_FUTURE_WRITE + - of: Fix error path in of_parse_phandle_with_args_map() + - of: Fix refcount leakage for OF node returned by __of_get_dma_parent() + - ceph: validate snapdirname option length when mounting + - ceph: improve error handling and short/overflow-read logic in + __ceph_sync_read() + - ceph: fix memory leaks in __ceph_sync_read() + - epoll: Add synchronous wakeup support for ep_poll_callback + - io_uring/rw: avoid punting to io-wq directly + - drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update + - xfs: sb_spino_align is not verified + - xfs: fix sparse inode limits on runt AG + - xfs: fix sb_spino_align checks for large fsblock sizes + - xfs: fix zero byte checking in the superblock scrubber + - netdev: fix repeated netlink messages in queue dump + - team: Fix feature exposure when no ports are present + - can: m_can: fix missed interrupts with m_can_pci + - netdev-genl: avoid empty messages in queue dump + - KVM: arm64: Do not allow ID_AA64MMFR0_EL1.ASIDbits to be overridden + - KVM: arm64: Fix set_id_regs selftest for ASIDBITS becoming unwritable + - net: mctp: handle skb cleanup on sock_queue failures + - xhci: retry Stop Endpoint on buggy NEC controllers + - usb: xhci: Limit Stop Endpoint retries + - usb: xhci: Avoid queuing redundant Stop Endpoint commands + - xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic + - thunderbolt: Add support for Intel Panther Lake-M/P + - thunderbolt: Don't display nvm_version unless upgrade supported + - drm/panel: st7701: Add prepare_prev_first flag to drm_panel + - drm/panel: synaptics-r63353: Fix regulator unbalance + - drm/amdgpu/nbio7.11: fix IP version check + - drm/amdgpu/nbio7.7: fix IP version check + - fgraph: Still initialize idle shadow stacks when starting + - x86/hyperv: Fix hv tsc page based sched_clock for hibernation + - ocfs2: fix the space leak in LA when releasing LA + - of: property: fw_devlink: Do not use interrupt-parent directly + - of: address: Preserve the flags portion on 1:1 dma-ranges mapping + - Upstream stable to v6.6.68, v6.12.7 + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56710 + - ceph: fix memory leak in ceph_direct_read_write() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-53685 + - ceph: give up on paths longer than PATH_MAX + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-54193 + - accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-54455 + - accel/ivpu: Fix general protection fault in ivpu_bo_list() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-53690 + - nilfs2: prevent use of deleted inode + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56709 + - io_uring: check if iowq is killed before queuing + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-55881 + - KVM: x86: Play nice with protected guests in complete_hypercall_exit() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-55916 + - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56369 + - drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56372 + - net: tun: fix tun_napi_alloc_frags() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56715 + - ionic: Fix netdev notifier unregister on failure + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56716 + - netdevsim: prevent bad user input in nsim_dev_health_break_write() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56717 + - net: mscc: ocelot: fix incorrect IFH SRC_PORT field in + ocelot_ifh_set_basic() + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-57791 + - net/smc: check return value of sock_recvmsg when draining clc data + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-47408 + - net/smc: check smcd_v2_ext_offset when receiving proposal msg + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-49568 + - net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-49571 + - net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal + msg + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-56718 + - net/smc: protect link down work from execute after lgr freed + + * Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) // + CVE-2024-41013 + - xfs: don't walk off the end of a directory data block + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) + - perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG + - ksmbd: fix racy issue from session lookup and expire + - splice: do not checksum AF_UNIX sockets + - tcp: check space before adding MPTCP SYN options + - ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 + - usb: host: max3421-hcd: Correctly abort a USB request. + - ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() + - usb: dwc2: Fix HCD resume + - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature + - usb: dwc2: Fix HCD port connection race + - scsi: ufs: core: Update compl_time_stamp_local_clock after completing a cqe + - usb: gadget: midi2: Fix interpretation of is_midi1 bits + - usb: ehci-hcd: fix call balance of clocks handling routines + - usb: typec: anx7411: fix fwnode_handle reference leak + - usb: typec: anx7411: fix OF node reference leaks in + anx7411_typec_switch_probe() + - usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode + - drm/i915: Fix memory leak by correcting cache object name in error handler + - xfs: update btree keys correctly when _insrec splits an inode root block + - xfs: don't drop errno values when we fail to ficlone the entire range + - xfs: return from xfs_symlink_verify early on V4 filesystems + - xfs: fix scrub tracepoints when inode-rooted btrees are involved + - xfs: only run precommits once per transaction object + - bpf: Check size for BTF-based ctx access of pointer members + - bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() + - bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog + - bpf, sockmap: Fix update element with same + - wifi: mac80211: init cnt before accessing elem in + ieee80211_copy_mbssid_beacon + - wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() + - wifi: mac80211: fix station NSS capability initialization order + - batman-adv: Do not send uninitialized TT changes + - batman-adv: Remove uninitialized data in full table TT response + - batman-adv: Do not let TT changes list grows indefinitely + - wifi: cfg80211: sme: init n_channels before channels[] access + - selftests: mlxsw: sharedbuffer: Remove h1 ingress test case + - selftests: mlxsw: sharedbuffer: Remove duplicate test cases + - selftests: mlxsw: sharedbuffer: Ensure no extra packets are counted + - ptp: kvm: x86: Return EOPNOTSUPP instead of ENODEV from kvm_arch_ptp_init() + - net: mscc: ocelot: fix memory leak on ocelot_port_add_txtstamp_skb() + - net: mscc: ocelot: improve handling of TX timestamp for unknown skb + - net: mscc: ocelot: ocelot->ts_id_lock and ocelot_port->tx_skbs.lock are IRQ- + safe + - net: mscc: ocelot: be resilient to loss of PTP packets during transmission + - net: mscc: ocelot: perform error cleanup in ocelot_hwstamp_set() + - spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() + - net: sparx5: fix FDMA performance issue + - net: sparx5: fix the maximum frame length register + - ACPI: resource: Fix memory resource type union access + - cxgb4: use port number to set mac addr + - qca_spi: Fix clock speed for multiple QCA7000 + - qca_spi: Make driver probing reliable + - ASoC: amd: yc: Fix the wrong return value + - Documentation: PM: Clarify pm_runtime_resume_and_get() return value + - net: renesas: rswitch: fix race window between tx start and complete + - net: renesas: rswitch: fix leaked pointer on error path + - net: renesas: rswitch: handle stop vs interrupt race + - net: dsa: felix: fix stuck CPU-injected packets with short taprio windows + - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() + - bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL + - team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL + - ACPICA: events/evxfregn: don't release the ContextMutex that was never + acquired + - Bluetooth: iso: Fix recursive locking warning + - Bluetooth: SCO: Add support for 16 bits transparent voice setting + - net: renesas: rswitch: fix initial MPIC register setting + - net: dsa: microchip: KSZ9896 register regmap alignment to 32 bit boundaries + - blk-iocost: Avoid using clamp() on inuse in __propagate_weights() + - kselftest/arm64: abi: fix SVCR detection + - KVM: arm64: Disable MPAM visibility by default and ignore VMM writes + - selftests/bpf: remove use of __xlated() + - xen/netfront: fix crash when removing device + - x86: make get_cpu_vendor() accessible from Xen code + - objtool/x86: allow syscall instruction + - x86/static-call: provide a way to do very early static-call updates + - x86/xen: don't do PV iret hypercall through hypercall page + - x86/xen: add central hypercall functions + - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx + - x86/xen: add FRAME_END to xen_hypercall_hvm() + - x86/xen: use new hypercall functions instead of hypercall page + - x86/xen: remove hypercall page + - x86/static-call: fix 32-bit build + - x86/asm: Make serialize() always_inline + - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 + - serial: sh-sci: Check if TX data was written to device in .tx_empty() + - gpio: ljca: Initialize num before accessing item in ljca_gpio_config + - ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 + - drm/amdkfd: Use device based logging for errors + - drm/amdkfd: pause autosuspend when creating pdd + - drm/amdkfd: fixed page fault when enable MES shader debugger + - drm/i915/color: Stop using non-posted DSB writes for legacy LUT + - drm/amd/pm: Set SMU v13.0.7 default workload type + - xfs: return a 64-bit block count from xfs_btree_count_blocks + - perf machine: Initialize machine->env to address a segfault + - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips + - net: renesas: rswitch: fix possible early skb release + - Bluetooth: Improve setsockopt() handling of malformed user input + - libperf: evlist: Fix --cpu argument on hybrid platform + - selftests: netfilter: Stabilize rpath.sh + - net, team, bonding: Add netdev_base_features helper + - bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features + - team: Fix initial vlan_feature set in __team_compute_features + - drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt + - Upstream stable to v6.6.67, v6.12.6 + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56652 + - drm/xe/reg_sr: Remove register pool + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-54460 + - Bluetooth: iso: Fix circular lock in iso_listen_bis + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-57879 + - Bluetooth: iso: Always release hdev at the end of iso_listen_bis + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56656 + - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-53125 + - bpf: sync_linked_regs() must preserve subreg_def + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56654 + - Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56770 + - net/sched: netem: account for backlog updates from child qdisc + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-54683 + - netfilter: IDLETIMER: Fix for possible ABBA deadlock + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-55639 + - net: renesas: rswitch: avoid use-after-put for a device tree node + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56657 + - ALSA: control: Avoid WARN() for symlink errors + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56659 + - net: lapb: increase LAPB_HEADER_LEN + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56660 + - net/mlx5: DR, prevent potential error pointer dereference + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56662 + - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56664 + - bpf, sockmap: Fix race between element replace and close() + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56667 + - drm/i915: Fix NULL pointer dereference in capture_engine + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56670 + - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to + accessing null pointer + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-53687 + - riscv: Fix IPIs usage in kfence_protect_page() + + * Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) // + CVE-2024-56675 + - bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors + + * Noble update: upstream stable patchset 2025-02-04 (LP: #2097393) + - selftests: net: Remove executable bits from library scripts + + * CVE-2024-56653 + - Bluetooth: btmtk: avoid UAF in btmtk_process_coredump + + -- Mehmet Basaran Tue, 15 Apr 2025 20:24:36 +0300 linux (6.8.0-58.60) noble; urgency=medium