diff options
| author | Stefan Bader <stefan.bader@canonical.com> | 2024-02-02 14:22:27 +0100 |
|---|---|---|
| committer | Stefan Bader <stefan.bader@canonical.com> | 2024-02-02 14:22:27 +0100 |
| commit | 23960365b4877f64c19c4dbfa41e5f32089b40bf (patch) | |
| tree | 3187b8fe286d1748259b83526862313351232a0b | |
| parent | d89e5c112e1283ce3d908fd1af90d31208891260 (diff) | |
UBUNTU: Ubuntu-5.4.0-173.191Ubuntu-5.4.0-173.191master-prepmaster-next
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
| -rw-r--r-- | debian.master/changelog | 606 | ||||
| -rw-r--r-- | debian.master/reconstruct | 3 |
2 files changed, 604 insertions, 5 deletions
diff --git a/debian.master/changelog b/debian.master/changelog index c15d219005ac..125b6ce520b4 100644 --- a/debian.master/changelog +++ b/debian.master/changelog @@ -1,10 +1,606 @@ -linux (5.4.0-173.191) UNRELEASED; urgency=medium +linux (5.4.0-173.191) focal; urgency=medium - CHANGELOG: Do not edit directly. Autogenerated at release. - CHANGELOG: Use the printchanges target to see the curent changes. - CHANGELOG: Use the insertchanges target to create the final log. + * focal/linux: 5.4.0-173.191 -proposed tracker (LP: #2052135) - -- Stefan Bader <stefan.bader@canonical.com> Fri, 02 Feb 2024 14:11:21 +0100 + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/2024.02.05) + + * CVE-2023-0340 + - vhost: use kzalloc() instead of kmalloc() followed by memset() + + * CVE-2023-6915 + - ida: Fix crash in ida_free when the bitmap is empty + + * Focal update: v5.4.265 upstream stable release (LP: #2051644) + - afs: Fix refcount underflow from error handling race + - net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX + - qca_debug: Prevent crash on TX ring changes + - qca_debug: Fix ethtool -G iface tx behavior + - qca_spi: Fix reset behavior + - atm: solos-pci: Fix potential deadlock on &cli_queue_lock + - atm: solos-pci: Fix potential deadlock on &tx_queue_lock + - atm: Fix Use-After-Free in do_vcc_ioctl + - qed: Fix a potential use-after-free in qed_cxt_tables_alloc + - net: Remove acked SYN flag from packet in the transmit queue correctly + - sign-file: Fix incorrect return values check + - vsock/virtio: Fix unsigned integer wrap around in + virtio_transport_has_space() + - net: stmmac: use dev_err_probe() for reporting mdio bus registration failure + - net: stmmac: Handle disabled MDIO busses from devicetree + - cred: switch to using atomic_long_t + - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants + - usb: aqc111: check packet for fixup for true limit + - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock + required!" + - bcache: avoid oversize memory allocation by small stripe_size + - bcache: add code comments for bch_btree_node_get() and + __bch_btree_node_alloc() + - bcache: avoid NULL checking to c->root in run_cache_set() + - platform/x86: intel_telemetry: Fix kernel doc descriptions + - HID: add ALWAYS_POLL quirk for Apple kb + - HID: hid-asus: reset the backlight brightness level on resume + - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad + - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation + - net: usb: qmi_wwan: claim interface 4 for ZTE MF290 + - HID: hid-asus: add const to read-only outgoing usb buffer + - soundwire: stream: fix NULL pointer dereference for multi_link + - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS + - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify + - team: Fix use-after-free when an option instance allocation fails + - ring-buffer: Fix memory leak of free page + - mmc: block: Be sure to wait while busy in CQE error recovery + - powerpc/ftrace: Create a dummy stackframe to fix stack unwind + - powerpc/ftrace: Fix stack teardown in ftrace_no_trace + - Linux 5.4.265 + + * Focal update: v5.4.264 upstream stable release (LP: #2049935) + - hrtimers: Push pending hrtimers away from outgoing CPU earlier + - netfilter: ipset: fix race condition between swap/destroy and kernel side + add/del/test + - tg3: Move the [rt]x_dropped counters to tg3_napi + - tg3: Increment tx_dropped in tg3_tso_bug() + - kconfig: fix memory leak from range properties + - drm/amdgpu: correct chunk_ptr to a pointer to chunk. + - of: base: Add of_get_cpu_state_node() to get idle states for a CPU node + - ACPI/IORT: Make iort_get_device_domain IRQ domain agnostic + - ACPI/IORT: Make iort_msi_map_rid() PCI agnostic + - of/iommu: Make of_map_rid() PCI agnostic + - of/irq: make of_msi_map_get_device_domain() bus agnostic + - of/irq: Make of_msi_map_rid() PCI bus agnostic + - of: base: Fix some formatting issues and provide missing descriptions + - of: Fix kerneldoc output formatting + - of: Add missing 'Return' section in kerneldoc comments + - of: dynamic: Fix of_reconfig_get_state_change() return value documentation + - ipv6: fix potential NULL deref in fib6_add() + - hv_netvsc: rndis_filter needs to select NLS + - net: arcnet: Fix RESET flag handling + - net: arcnet: com20020 fix error handling + - arcnet: restoring support for multiple Sohard Arcnet cards + - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() + - net: hns: fix fake link up on xge port + - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket + - tcp: do not accept ACK of bytes we never sent + - bpf: sockmap, updating the sg structure should also update curr + - RDMA/bnxt_re: Correct module description string + - hwmon: (acpi_power_meter) Fix 4.29 MW bug + - ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate + - tracing: Fix a warning when allocating buffered events fails + - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() + - ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init + - ARM: dts: imx: make gpt node name generic + - ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt + - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names + - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() + - tracing: Always update snapshot buffer size + - tracing: Fix incomplete locking when disabling buffered events + - tracing: Fix a possible race when disabling buffered events + - packet: Move reference count in packet_sock to atomic_long_t + - arm64: dts: mediatek: mt7622: fix memory node warning check + - arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names + - gpiolib: sysfs: Fix error handling on failed export + - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc + - mmc: sdhci-sprd: Fix vqmmc not shutting down after the card was pulled + - usb: gadget: f_hid: fix report descriptor allocation + - parport: Add support for Brainboxes IX/UC/PX parallel cards + - usb: typec: class: fix typec_altmode_put_partner to put plugs + - ARM: PL011: Fix DMA support + - serial: sc16is7xx: address RX timeout interrupt errata + - serial: 8250_omap: Add earlycon support for the AM654 UART controller + - x86/CPU/AMD: Check vendor in the AMD microcode callback + - KVM: s390/mm: Properly reset no-dat + - nilfs2: fix missing error check for sb_set_blocksize call + - io_uring/af_unix: disable sending io_uring over sockets + - netlink: don't call ->netlink_bind with table lock held + - genetlink: add CAP_NET_ADMIN test for multicast bind + - psample: Require 'CAP_NET_ADMIN' when joining "packets" group + - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group + - tools headers UAPI: Sync linux/perf_event.h with the kernel sources + - cifs: Fix non-availability of dedup breaking generic/304 + - smb: client: fix potential NULL deref in parse_dfs_referrals() + - devcoredump : Serialize devcd_del work + - devcoredump: Send uevent once devcd is ready + - Linux 5.4.264 + + * CVE-2024-0646 + - net: tls, update curr on splice as well + + * CVE-2024-0565 + - smb: client: fix OOB in receive_encrypted_standard() + + * CVE-2023-51781 + - appletalk: Fix Use-After-Free in atalk_ioctl + + * CVE-2023-51782 + - net/rose: Fix Use-After-Free in rose_ioctl + + * Focal update: v5.4.263 upstream stable release (LP: #2049084) + - driver core: Release all resources during unbind before updating device + links + - RDMA/irdma: Prevent zero-length STAG registration + - PCI: keystone: Drop __init from ks_pcie_add_pcie_{ep,port}() + - afs: Make error on cell lookup failure consistent with OpenAFS + - drm/panel: simple: Fix Innolux G101ICE-L01 bus flags + - drm/panel: simple: Fix Innolux G101ICE-L01 timings + - ata: pata_isapnp: Add missing error check for devm_ioport_map() + - drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full + - HID: core: store the unique system identifier in hid_device + - HID: fix HID device resource race between HID core and debugging support + - ipv4: Correct/silence an endian warning in __ip_do_redirect + - net: usb: ax88179_178a: fix failed operations during ax88179_reset + - arm/xen: fix xen_vcpu_info allocation alignment + - amd-xgbe: handle corner-case during sfp hotplug + - amd-xgbe: handle the corner-case during tx completion + - amd-xgbe: propagate the correct speed and duplex status + - net: axienet: Fix check for partial TX checksum + - afs: Return ENOENT if no cell DNS record can be found + - afs: Fix file locking on R/O volumes to operate in local mode + - nvmet: remove unnecessary ctrl parameter + - nvmet: nul-terminate the NQNs passed in the connect command + - MIPS: KVM: Fix a build warning about variable set but not used + - ext4: add a new helper to check if es must be kept + - ext4: factor out __es_alloc_extent() and __es_free_extent() + - ext4: use pre-allocated es in __es_insert_extent() + - ext4: use pre-allocated es in __es_remove_extent() + - ext4: using nofail preallocation in ext4_es_remove_extent() + - ext4: using nofail preallocation in ext4_es_insert_delayed_block() + - ext4: using nofail preallocation in ext4_es_insert_extent() + - ext4: fix slab-use-after-free in ext4_es_insert_extent() + - ext4: make sure allocate pending entry not fail + - arm64: cpufeature: Extract capped perfmon fields + - KVM: arm64: limit PMU version to PMUv3 for ARMv8.1 + - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA + - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in + btree_gc_coalesce() + - s390/dasd: protect device queue against concurrent access + - USB: serial: option: add Luat Air72*U series products + - hv_netvsc: Fix race of register_netdevice_notifier and VF register + - hv_netvsc: Mark VF as slave before exposing it to user-mode + - dm-delay: fix a race between delay_presuspend and delay_bio + - bcache: check return value from btree_node_alloc_replacement() + - bcache: prevent potential division by zero error + - USB: serial: option: add Fibocom L7xx modules + - USB: serial: option: fix FM101R-GL defines + - USB: serial: option: don't claim interface 4 for ZTE MF290 + - USB: dwc2: write HCINT with INTMASK applied + - usb: dwc3: set the dma max_seg_size + - USB: dwc3: qcom: fix resource leaks on probe deferral + - USB: dwc3: qcom: fix wakeup after probe deferral + - io_uring: fix off-by one bvec index + - pinctrl: avoid reload of p state in list iteration + - firewire: core: fix possible memory leak in create_units() + - mmc: block: Do not lose cache flush during CQE error recovery + - ALSA: hda: Disable power-save on KONTRON SinglePC + - ALSA: hda/realtek: Headset Mic VREF to 100% + - ALSA: hda/realtek: Add supported ALC257 for ChromeOS + - dm-verity: align struct dm_verity_fec_io properly + - dm verity: don't perform FEC for failed readahead IO + - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR + - powerpc: Don't clobber f0/vs0 during fp|altivec register save + - btrfs: fix off-by-one when checking chunk map includes logical address + - btrfs: send: ensure send_fd is writable + - btrfs: make error messages more clear when getting a chunk map + - Input: xpad - add HyperX Clutch Gladiate Support + - net: stmmac: xgmac: Disable FPE MMC interrupts + - ravb: Fix races between ravb_tx_timeout_work() and net related ops + - net: ravb: Use pm_runtime_resume_and_get() + - net: ravb: Start TX queues after HW initialization succeeded + - smb3: fix touch -h of symlink + - s390/mm: fix phys vs virt confusion in mark_kernel_pXd() functions family + - s390/cmma: fix detection of DAT pages + - mtd: cfi_cmdset_0001: Support the absence of protection registers + - mtd: cfi_cmdset_0001: Byte swap OTP info + - fbdev: stifb: Make the STI next font pointer a 32-bit signed offset + - ima: annotate iint mutex to avoid lockdep false positive warnings + - ovl: skip overlayfs superblocks at global sync + - ima: detect changes to the backing overlay file + - scsi: qla2xxx: Simplify the code for aborting SCSI commands + - scsi: core: Introduce the scsi_cmd_to_rq() function + - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request + - scsi: qla2xxx: Fix system crash due to bad pointer access + - cpufreq: imx6q: don't warn for disabling a non-existing frequency + - cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily + - mmc: cqhci: Increase recovery halt timeout + - mmc: cqhci: Warn of halt or task clear failure + - mmc: cqhci: Fix task clearing in CQE error recovery + - mmc: core: convert comma to semicolon + - mmc: block: Retry commands in CQE error recovery + - Linux 5.4.263 + + * Focal update: v5.4.262 upstream stable release (LP: #2049069) + - locking/ww_mutex/test: Fix potential workqueue corruption + - perf/core: Bail out early if the request AUX area is out of bound + - clocksource/drivers/timer-imx-gpt: Fix potential memory leak + - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware + - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size + - wifi: mac80211_hwsim: fix clang-specific fortify warning + - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() + - wifi: ath9k: fix clang-specific fortify warnings + - wifi: ath10k: fix clang-specific fortify warning + - net: annotate data-races around sk->sk_tx_queue_mapping + - net: annotate data-races around sk->sk_dst_pending_confirm + - wifi: ath10k: Don't touch the CE interrupt registers after power up + - Bluetooth: Fix double free in hci_conn_cleanup + - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e + - drm/komeda: drop all currently held locks if deadlock happens + - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 + - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga + - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL + - selftests/efivarfs: create-read: fix a resource leak + - crypto: pcrypt - Fix hungtask for PADATA_RESET + - RDMA/hfi1: Use FIELD_GET() to extract Link Width + - fs/jfs: Add check for negative db_l2nbperpage + - fs/jfs: Add validity check for db_maxag and db_agpref + - jfs: fix array-index-out-of-bounds in dbFindLeaf + - jfs: fix array-index-out-of-bounds in diAlloc + - ARM: 9320/1: fix stack depot IRQ stack filter + - ALSA: hda: Fix possible null-ptr-deref when assigning a stream + - PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields + - atm: iphase: Do PCI error checks on own line + - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() + - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W + - tty: vcc: Add check for kstrdup() in vcc_probe() + - usb: gadget: f_ncm: Always set current gadget in ncm_bind() + - i2c: sun6i-p2wi: Prevent potential division by zero + - media: gspca: cpia1: shift-out-of-bounds in set_flicker + - media: vivid: avoid integer overflow + - gfs2: ignore negated quota changes + - media: cobalt: Use FIELD_GET() to extract Link Width + - drm/amd/display: Avoid NULL dereference of timing generator + - kgdb: Flush console before entering kgdb on panic + - ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings + - pwm: Fix double shift bug + - wifi: iwlwifi: Use FW rate for non-data frames + - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO + - ipvlan: add ipvlan_route_v6_outbound() helper + - tty: Fix uninit-value access in ppp_sync_receive() + - net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() + - tipc: Fix kernel-infoleak due to uninitialized TLV value + - ppp: limit MRU to 64K + - xen/events: fix delayed eoi list handling + - ptp: annotate data-race around q->head and q->tail + - bonding: stop the device in bond_setup_by_slave() + - net: ethernet: cortina: Fix max RX frame define + - net: ethernet: cortina: Handle large frames + - net: ethernet: cortina: Fix MTU max setting + - netfilter: nf_conntrack_bridge: initialize err to 0 + - net: stmmac: Rework stmmac_rx() + - net: stmmac: fix rx budget limit check + - net/mlx5_core: Clean driver version and name + - net/mlx5e: Check return value of snprintf writing to fw_version buffer for + representors + - macvlan: Don't propagate promisc change to lower dev in passthru + - tools/power/turbostat: Fix a knl bug + - cifs: spnego: add ';' in HOST_KEY_LEN + - media: venus: hfi: add checks to perform sanity on queue pointers + - randstruct: Fix gcc-plugin performance mode to stay in group + - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END + - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for + selected registers + - x86/cpu/hygon: Fix the CPU topology evaluation for real + - KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space + - KVM: x86: Ignore MSR_AMD64_TW_CFG access + - audit: don't take task_lock() in audit_exe_compare() code path + - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() + - hvc/xen: fix error path in xen_hvc_init() to always register frontend driver + - PCI/sysfs: Protect driver's D3cold preference from user space + - ACPI: resource: Do IRQ override on TongFang GMxXGxx + - mmc: meson-gx: Remove setting of CMD_CFG_ERROR + - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware + - PCI: keystone: Don't discard .remove() callback + - PCI: keystone: Don't discard .probe() callback + - parisc/pdc: Add width field to struct pdc_model + - clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks + - mmc: vub300: fix an error code + - PM: hibernate: Use __get_safe_page() rather than touching the list + - PM: hibernate: Clean up sync_read handling in snapshot_write_next() + - btrfs: don't arbitrarily slow down delalloc if we're committing + - jbd2: fix potential data lost in recovering journal raced with synchronizing + fs bdev + - quota: explicitly forbid quota files from being encrypted + - kernel/reboot: emergency_restart: Set correct system_state + - i2c: core: Run atomic i2c xfer when !preemptible + - mcb: fix error handling for different scenarios when parsing + - dmaengine: stm32-mdma: correct desc prep when channel running + - mm/cma: use nth_page() in place of direct struct page manipulation + - i3c: master: cdns: Fix reading status register + - parisc: Prevent booting 64-bit kernels on PA1.x machines + - parisc/pgtable: Do not drop upper 5 address bits of physical address + - ALSA: info: Fix potential deadlock at disconnection + - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC + - serial: meson: remove redundant initialization of variable id + - tty: serial: meson: retrieve port FIFO size from DT + - serial: meson: Use platform_get_irq() to get the interrupt + - tty: serial: meson: fix hard LOCKUP on crtscts mode + - Bluetooth: btusb: add Realtek 8822CE to usb_device_id table + - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 + - bluetooth: Add device 0bda:887b to device tables + - bluetooth: Add device 13d3:3571 to device tables + - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables + - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE + - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller + - net: dsa: lan9303: consequently nested-lock physical MDIO + - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte + - media: lirc: drop trailing space from scancode transmit + - media: sharp: fix sharp encoding + - media: venus: hfi_parser: Add check to keep the number of codecs within + range + - media: venus: hfi: fix the check to handle session buffer requirement + - media: venus: hfi: add checks to handle capabilities from firmware + - nfsd: fix file memleak on client_opens_release + - ext4: apply umask if ACL support is disabled + - ext4: correct offset of gdb backup in non meta_bg group to update_backups + - ext4: correct return value of ext4_convert_meta_bg + - ext4: correct the start block of counting reserved clusters + - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks + - drm/amdgpu: fix error handling in amdgpu_bo_list_get() + - tracing: Have trace_event_file have ref counters + - netfilter: nf_tables: pass context to nft_set_destroy() + - netfilter: nftables: rename set element data activation/deactivation + functions + - netfilter: nf_tables: drop map element references from preparation phase + - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection + - netfilter: nft_set_rbtree: fix null deref on element insertion + - netfilter: nft_set_rbtree: fix overlap expiration walk + - netfilter: nf_tables: don't skip expired elements during walk + - netfilter: nf_tables: GC transaction API to avoid race with control plane + - netfilter: nf_tables: adapt set backend to use GC transaction API + - netfilter: nft_set_hash: mark set element as dead when deleting from packet + path + - netfilter: nf_tables: remove busy mark and gc batch API + - netfilter: nf_tables: fix GC transaction races with netns and netlink event + exit path + - netfilter: nf_tables: GC transaction race with netns dismantle + - netfilter: nf_tables: GC transaction race with abort path + - netfilter: nf_tables: use correct lock to protect gc_list + - netfilter: nf_tables: defer gc run if previous batch is still pending + - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction + - netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention + - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration + - netfilter: nf_tables: fix memleak when more than 255 elements expired + - netfilter: nf_tables: unregister flowtable hooks on netns exit + - netfilter: nf_tables: double hook unregistration in netns path + - netfilter: nftables: update table flags from the commit phase + - netfilter: nf_tables: fix table flag updates + - netfilter: nf_tables: disable toggling dormant table state more than once + - netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for + 5.4) + - Linux 5.4.262 + + * Focal update: v5.4.261 upstream stable release (LP: #2049049) + - vfs: fix readahead(2) on block devices + - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() + - i40e: fix potential memory leaks in i40e_remove() + - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed + - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file() + - wifi: mt76: mt7603: rework/fix rx pse hang check + - tcp_metrics: add missing barriers on delete + - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() + - tcp_metrics: do not create an entry from tcp_init_metrics() + - wifi: rtlwifi: fix EDCA limit set by BT coexistence + - can: dev: can_restart(): don't crash kernel if carrier is OK + - can: dev: can_restart(): fix race condition between controller restart and + netif_carrier_on() + - thermal: core: prevent potential string overflow + - r8169: use tp_to_dev instead of open code + - r8169: fix rare issue with broken rx after link-down on RTL8125 + - chtls: fix tp->rcv_tstamp initialization + - tcp: Remove one extra ktime_get_ns() from cookie_init_timestamp + - tcp: fix cookie_init_timestamp() overflows + - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() + - ipv6: avoid atomic fragment on GSO packets + - net: add DEV_STATS_READ() helper + - ipvlan: properly track tx_errors + - regmap: debugfs: Fix a erroneous check after snprintf() + - clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies + - clk: qcom: gcc-sm8150: use ARRAY_SIZE instead of specifying num_parents + - clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src + - clk: imx: Select MXC_CLK for CLK_IMX8QXP + - clk: keystone: pll: fix a couple NULL vs IS_ERR() checks + - clk: npcm7xx: Fix incorrect kfree + - clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data + - clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data + - clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data + - clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data + - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data + - platform/x86: wmi: Fix probe failure when failing to register WMI devices + - platform/x86: wmi: remove unnecessary initializations + - platform/x86: wmi: Fix opening of char device + - hwmon: (coretemp) Fix potentially truncated sysfs attribute name + - drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs + - drm/rockchip: vop: Fix call to crtc reset helper + - drm/radeon: possible buffer overflow + - drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() + - arm64: dts: qcom: sdm845-mtp: fix WiFi configuration + - ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator + - soc: qcom: llcc cleanup to get rid of sdm845 specific driver file + - [Config] remove CONFIG_QCOM_SDM845_LLCC + - soc: qcom: Rename llcc-slice to llcc-qcom + - [Config] remove llcc-slice module + - soc: qcom: llcc: Handle a second device without data corruption + - firmware: ti_sci: Replace HTTP links with HTTPS ones + - firmware: ti_sci: Mark driver as non removable + - clk: scmi: Free scmi_clk allocated when the clocks with invalid info are + skipped + - hwrng: geode - fix accessing registers + - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return + value + - sched/rt: Provide migrate_disable/enable() inlines + - nd_btt: Make BTT lanes preemptible + - crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure + - crypto: caam/jr - fix Chacha20 + Poly1305 self test failure + - HID: cp2112: Use irqchip template + - hid: cp2112: Fix duplicate workqueue initialization + - ARM: 9321/1: memset: cast the constant byte to unsigned char + - ext4: move 'ix' sanity check to corrent position + - scsi: ufs: core: Leave space for '\0' in utf8 desc string + - RDMA/hfi1: Workaround truncation compilation error + - sh: bios: Revive earlyprintk support + - ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails + - ASoC: ams-delta.c: use component after check + - mfd: dln2: Fix double put in dln2_probe + - leds: pwm: simplify if condition + - leds: pwm: convert to atomic PWM API + - leds: pwm: Don't disable the PWM when the LED should be off + - ledtrig-cpu: Limit to 8 CPUs + - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' + - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() + - usb: dwc2: fix possible NULL pointer dereference caused by driver + concurrency + - dmaengine: ti: edma: handle irq_of_parse_and_map() errors + - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() + - tools: iio: privatize globals and functions in iio_generic_buffer.c file + - tools: iio: iio_generic_buffer: Fix some integer type and calculation + - tools: iio: iio_generic_buffer ensure alignment + - USB: usbip: fix stub_dev hub disconnect + - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() + - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents() + - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host + - powerpc/xive: Fix endian conversion size + - powerpc/imc-pmu: Use the correct spinlock initializer. + - powerpc/pseries: fix potential memory leak in init_cpu_associativity() + - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs + - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call + - pcmcia: cs: fix possible hung task and memory leak pccardd() + - pcmcia: ds: fix refcount leak in pcmcia_device_add() + - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() + - media: bttv: fix use after free error due to btv->timeout timer + - media: s3c-camif: Avoid inappropriate kfree() + - media: dvb-usb-v2: af9035: fix missing unlock + - regmap: prevent noinc writes from clobbering cache + - pwm: sti: Avoid conditional gotos + - pwm: sti: Reduce number of allocations and drop usage of chip_data + - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume + - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() + - llc: verify mac len before reading mac header + - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING + - inet: shrink struct flowi_common + - dccp: Call security_inet_conn_request() after setting IPv4 addresses. + - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. + - Fix termination state for idr_for_each_entry_ul() + - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs + - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT + - tg3: power down device only on SYSTEM_POWER_OFF + - r8169: respect userspace disabling IFF_MULTICAST + - netfilter: xt_recent: fix (increase) ipv6 literal buffer length + - netfilter: nft_redir: use `struct nf_nat_range2` throughout and deduplicate + eval call-backs + - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses + - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE + - spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies + - fbdev: imsttfb: Fix error path of imsttfb_probe() + - fbdev: imsttfb: fix a resource leak in probe + - fbdev: fsl-diu-fb: mark wr_reg_wa() static + - Revert "mmc: core: Capture correct oemid-bits for eMMC cards" + - btrfs: use u64 for buffer sizes in the tree search ioctls + - Linux 5.4.261 + + * Focal update: v5.4.260 upstream stable release (LP: #2049024) + - mtd: rawnand: marvell: Ensure program page operations are successful + - selftests/ftrace: Add new test case which checks non unique symbol + - mcb: Return actual parsed size when reading chameleon table + - mcb-lpc: Reallocate memory region to avoid memory overlapping + - virtio_balloon: Fix endless deflation and inflation on arm64 + - virtio-mmio: fix memory leak of vm_dev + - r8169: fix the KCSAN reported data-race in rtl_tx while reading + TxDescArray[entry].opts1 + - r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 + - treewide: Spelling fix in comment + - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry + - neighbour: fix various data-races + - igc: Fix ambiguity in the ethtool advertising + - net: ieee802154: adf7242: Fix some potential buffer overflow in + adf7242_stats_show() + - r8152: Increase USB control msg timeout to 5000ms as per spec + - r8152: Run the unload routine if we have errors during probe + - r8152: Cancel hw_phy_work if we have an error in probe + - tcp: fix wrong RTO timeout when received SACK reneging + - gtp: uapi: fix GTPA_MAX + - gtp: fix fragmentation needed check with gso + - iio: exynos-adc: request second interupt only when touchscreen mode is used + - i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() + - i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() + - i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() + - i2c: stm32f7: Fix PEC handling in case of SMBUS transfers + - i2c: aspeed: Fix i2c bus hang in slave read + - nvmem: imx: correct nregs for i.MX6ULL + - nvmem: imx: correct nregs for i.MX6SLL + - nvmem: imx: correct nregs for i.MX6UL + - perf/core: Fix potential NULL deref + - clk: Sanitize possible_parent_show to Handle Return Value of + of_clk_get_parent_name + - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR + - x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility + - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() + - arm64: fix a concurrency issue in emulation_proc_handler() + - smbdirect: missing rc checks while waiting for rdma events + - f2fs: fix to do sanity check on inode type during garbage collection + - nfsd: lock_rename() needs both directories to live on the same fs + - x86/mm: Simplify RESERVE_BRK() + - x86/mm: Fix RESERVE_BRK() for older binutils + - ext4: add two helper functions extent_logical_end() and pa_logical_end() + - ext4: avoid overlapping preallocations due to overflow + - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow + - driver: platform: Add helper for safer setting of driver_override + - rpmsg: Constify local variable in field store macro + - rpmsg: Fix kfree() of static memory on setting driver_override + - rpmsg: Fix calling device_lock() on non-initialized device + - rpmsg: glink: Release driver_override + - rpmsg: Fix possible refcount leak in rpmsg_register_device_override() + - x86: Fix .brk attribute in linker script + - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table + - irqchip/stm32-exti: add missing DT IRQ flag translation + - dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe + - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport + - fbdev: atyfb: only use ioremap_uc() on i386 and ia64 + - spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 + - netfilter: nfnetlink_log: silence bogus compiler warning + - ASoC: rt5650: fix the wrong result of key button + - fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() + - scsi: mpt3sas: Fix in error path + - platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e + - platform/mellanox: mlxbf-tmfifo: Fix a warning message + - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw + - ata: ahci: fix enum constants for gcc-13 + - remove the sx8 block driver + - [Config] remove CONFIG_BLK_DEV_SX8 + - Revert "ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver" + - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device + - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" + compatibility + - tty: 8250: Remove UC-257 and UC-431 + - tty: 8250: Add support for additional Brainboxes UC cards + - tty: 8250: Add support for Brainboxes UP cards + - tty: 8250: Add support for Intashield IS-100 + - Linux 5.4.260 + + * CVE-2023-51779 + - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg + + * CVE-2023-22995 + - usb: dwc3: dwc3-qcom: Add missing platform_device_put() in + dwc3_qcom_acpi_register_core + + -- Stefan Bader <stefan.bader@canonical.com> Fri, 02 Feb 2024 14:22:27 +0100 linux (5.4.0-171.189) focal; urgency=medium diff --git a/debian.master/reconstruct b/debian.master/reconstruct index 946fbf16de48..88a64082d38e 100644 --- a/debian.master/reconstruct +++ b/debian.master/reconstruct @@ -74,6 +74,7 @@ rm -f 'arch/um/kernel/gmon_syms.c' rm -f 'arch/x86/events/intel/rapl.c' rm -f 'arch/x86/include/asm/refcount.h' rm -f 'arch/xtensa/include/asm/bugs.h' +rm -f 'drivers/block/sx8.c' rm -f 'drivers/crypto/hisilicon/sgl.h' rm -f 'drivers/gpu/drm/amd/display/dc/calcs/dcn_calc_math.h' rm -f 'drivers/iio/adc/stx104.c' @@ -82,6 +83,8 @@ rm -f 'drivers/net/can/dev.c' rm -f 'drivers/net/can/rx-offload.c' rm -f 'drivers/net/phy/mdio-i2c.h' rm -f 'drivers/net/phy/mdio-xgene.h' +rm -f 'drivers/soc/qcom/llcc-sdm845.c' +rm -f 'drivers/soc/qcom/llcc-slice.c' rm -f 'drivers/staging/mt7621-dma/mtk-hsdma.c' rm -f 'include/Kbuild' rm -f 'include/asm-generic/bugs.h' |