Bug #2002812 “Revoke & rotate to new signing key” : Bugs : linux package : Ubuntu

Dimitri John Ledkov (xnox) on 2023-01-13

Changed in linux (Ubuntu):
status:	New → Triaged

Stefan Bader (smb) on 2023-01-20

Changed in linux (Ubuntu Kinetic):
importance:	Undecided → High
status:	New → Fix Committed
Changed in linux (Ubuntu Jammy):
importance:	Undecided → High
status:	New → Fix Committed
Changed in linux (Ubuntu Focal):
importance:	Undecided → High
status:	New → Fix Committed

Stefan Bader (smb) on 2023-01-20

Changed in linux (Ubuntu Bionic):
importance:	Undecided → High
status:	New → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-24:

#1

This bug is awaiting verification that the linux/5.19.0-31.32 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-kinetic' to 'verification-done-kinetic'. If the problem still exists, change the tag 'verification-needed-kinetic' to 'verification-failed-kinetic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-kinetic-linux verification-needed-kinetic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-24:

#2

This bug is awaiting verification that the linux/5.4.0-139.156 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux verification-needed-focal

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-24:

#3

This bug is awaiting verification that the linux/4.15.0-204.215 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-bionic-linux verification-needed-bionic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-24:

#4

This bug is awaiting verification that the linux/5.15.0-60.66 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux verification-needed-jammy

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-27:

#5

This bug is awaiting verification that the linux-oem-6.0/6.0.0-1011.11 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-oem-6.0

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-27:

#6

This bug is awaiting verification that the linux-oem-5.14/5.14.0-1057.64 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-oem-5.14

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-01-27:

#7

This bug is awaiting verification that the linux-oem-6.1/6.1.0-1006.6 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-oem-6.1

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-08:

#8

Download full text (22.0 KiB)

This bug was fixed in the package linux - 4.15.0-204.215

---------------
linux (4.15.0-204.215) bionic; urgency=medium

* bionic/linux: 4.15.0-204.215 -proposed tracker (LP: #2003522)

* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key

linux (4.15.0-203.214) bionic; urgency=medium

* bionic/linux: 4.15.0-203.214 -proposed tracker (LP: #2001876)

* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

  * Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542)
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/cpufeature: Add facility to check for min microcode revisions
    - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h>
      header
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/entry: Remove skip_r11rcx
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - entel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Add LFENCE to RSB fill sequence
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protections
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - ata: ahci-imx: Fix MODULE_ALIAS
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - r8152: add PID for the Lenovo OneLink+ Dock
    - btrfs: fix processing of delayed data refs during backref walking
    - ACPI: extlog: Handle multiple records
    - HID: magicmouse...

This bug was fixed in the package linux - 4.15.0-204.215

---------------
linux (4.15.0-204.215) bionic; urgency=medium

* bionic/linux: 4.15.0-204.215 -proposed tracker (LP: #2003522)

* Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux (4.15.0-203.214) bionic; urgency=medium

* bionic/linux: 4.15.0-203.214 -proposed tracker (LP: #2001876)

* Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

* Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542)
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/cpufeature: Add facility to check for min microcode revisions
    - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h>
      header
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/entry: Remove skip_r11rcx
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - entel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Add LFENCE to RSB fill sequence
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protections
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - ata: ahci-imx: Fix MODULE_ALIAS
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - r8152: add PID for the Lenovo OneLink+ Dock
    - btrfs: fix processing of delayed data refs during backref walking
    - ACPI: extlog: Handle multiple records
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - net/atm: fix proc_mpc_write incorrect return value
    - net: hns: fix possible memory leak in hnae_ae_register()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
    - ACPI: video: Force backlight native for more TongFang devices
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: au88x0: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - fbdev: smscufx: Fix several use-after-free bugs
    - mac802154: Fix LQI recording
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - kernfs: fix use-after-free in __kernfs_remove
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - Xen/gntdev: don't ignore kernel unmapping error
    - xen/gntdev: Prevent leaking grants
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - net: ieee802154: fix error return code in dgram_bind()
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - arc: iounmap() arg is volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - media: venus: dec: Handle the case where find_format fails
    - Makefile.debug: re-enable debug info for .S files
    - drm/msm/dsi: fix memory corruption with too many bridges
    - perf auxtrace: Fix address filter symbol name match for modules
    - net: netsec: fix error handling in netsec_register_mdio()
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - i40e: Fix VF hang when reset is triggered on another VF

* Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650)
    - of: fdt: fix off-by-one error in unflatten_dt_nodes()
    - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
    - drm/meson: Correct OSD1 global alpha value
    - parisc: ccio-dma: Add missing iounmap in error path in ccio_probe()
    - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
    - ASoC: nau8824: Fix semaphore unbalance at error paths
    - regulator: pfuze100: Fix the global-out-of-bounds access in
      pfuze100_regulator_probe()
    - ALSA: hda/sigmatel: Keep power up while beep is enabled
    - net: usb: qmi_wwan: add Quectel RM520N
    - MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
    - mksysmap: Fix the mismatch of 'L0' symbols in System.map
    - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
    - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
    - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
    - USB: core: Fix RST error in hub.c
    - USB: serial: option: add Quectel BG95 0x0203 composition
    - USB: serial: option: add Quectel RM520N
    - ALSA: hda/tegra: set depop delay for tegra
    - ALSA: hda: add Intel 5 Series / 3400 PCI DID
    - mm/slub: fix to return errno if kmalloc() fails
    - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
    - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
    - netfilter: nf_conntrack_irc: Tighten matching on DCC message
    - iavf: Fix cached head and tail value for iavf_get_tx_pending
    - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
    - net: team: Unsync device addresses on ndo_stop
    - MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
    - of: mdio: Add of_node_put() when breaking out of for_each_xx
    - netfilter: ebtables: fix memory leak when blob is malformed
    - can: gs_usb: gs_can_open(): fix race dev->can.state condition
    - perf kcore_copy: Do not check /proc/modules is unchanged
    - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
    - serial: Create uart_xmit_advance()
    - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
    - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
    - Drivers: hv: Never allocate anything besides framebuffer from framebuffer
      memory region
    - ext4: make directory inode spreading reflect flexbg size
    - nvmet: fix a use-after-free
    - i40e: Fix VF set max MTU size
    - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
    - perf jit: Include program header in ELF files
    - workqueue: don't skip lockdep work dependency in cancel_work_sync()
    - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
    - mm/page_alloc: fix race condition between build_all_zonelists and page
      allocation
    - mm: prevent page_frag_alloc() from corrupting the memory
    - mm/migrate_device.c: flush TLB while holding PTL
    - soc: sunxi: sram: Actually claim SRAM regions
    - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
    - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
      suspend/resume time"
    - Input: melfas_mip4 - fix return value check in mip4_probe()
    - usbnet: Fix memory leak in usbnet_disconnect()
    - selftests: Fix the if conditions of in test_extra_filter()
    - uas: add no-uas quirk for Hiksemi usb_disk
    - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
    - uas: ignore UAS for Thinkplus chips
    - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
    - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
    - nvme: add new line after variable declatation
    - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
    - clk: iproc: Minor tidy up of iproc pll data structures
    - clk: iproc: Do not rely on node name for correct PLL setup
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - ARM: fix function graph tracer and unwinder dependencies
    - [Config] updateconfigs for UNWINDER_ARM
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - usb: mon: make mmapped memory read only
    - USB: serial: ftdi_sio: fix 300 bps rate for SIO
    - mmc: core: Replace with already defined values for readability
    - mmc: core: Terminate infinite loop in SD-UHS voltage switch
    - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - random: restore O_NONBLOCK support
    - random: avoid reading two cache lines on irq randomness
    - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - random: use expired timer rather than wq for mixing fast pool
    - ALSA: oss: Fix potential deadlock at unregistration
    - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
    - ALSA: usb-audio: Fix potential memory leaks
    - ALSA: usb-audio: Fix NULL dererence at error path
    - iio: dac: ad5593r: Fix i2c read protocol requirements
    - fs: dlm: fix race between test_bit() and queue_work()
    - fs: dlm: handle -EBUSY first in lock arg validation
    - HID: multitouch: Add memory barriers
    - quota: Check next/prev free block number after reading from quota file
    - regulator: qcom_rpm: Fix circular deferral regression
    - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
    - parisc: fbdev/stifb: Align graphics memory size to 4MB
    - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
    - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
    - nilfs2: fix use-after-free bug of struct nilfs_root
    - ext4: fix null-ptr-deref in ext4_write_info
    - ext4: make ext4_lazyinit_thread freezable
    - ext4: place buffer head allocation before handle start
    - livepatch: fix race between fork and KLP transition
    - ftrace: Properly unset FTRACE_HASH_FL_MOD
    - ring-buffer: Allow splice to read previous partially read pages
    - ring-buffer: Check pending waiters when doing wake ups as well
    - ring-buffer: Fix race between reset page and reading page
    - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
    - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
    - gcov: support GCC 12.1 and newer compilers
    - selinux: use "grep -E" instead of "egrep"
    - sh: machvec: Use char[] for section boundaries
    - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
    - wifi: mac80211: allow bw change during channel switch in mesh
    - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
    - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
    - spi: qup: add missing clk_disable_unprepare on error in
      spi_qup_pm_resume_runtime()
    - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
    - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
    - net: fs_enet: Fix wrong check in do_pd_setup
    - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
    - netfilter: nft_fib: Fix for rpath check with VRF devices
    - spi: s3c64xx: Fix large transfers with DMA
    - vhost/vsock: Use kvmalloc/kvfree for larger packets.
    - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
    - net: rds: don't hold sock lock when cancelling work from
      rds_tcp_reset_callbacks()
    - bnx2x: fix potential memory leak in bnx2x_tpa_stop()
    - drm/mipi-dsi: Detach devices when removing the host
    - platform/x86: msi-laptop: Fix old-ec check for backlight registering
    - platform/x86: msi-laptop: Fix resource cleanup
    - drm/bridge: megachips: Fix a null pointer dereference bug
    - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
    - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
    - ALSA: dmaengine: increment buffer pointer atomically
    - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
    - memory: of: Fix refcount leak bug in of_get_ddr_timings()
    - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
    - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
    - ARM: dts: turris-omnia: Fix mpp26 pin name and comment
    - ARM: dts: kirkwood: lsxl: fix serial line
    - ARM: dts: kirkwood: lsxl: remove first ethernet port
    - ARM: Drop CMDLINE_* dependency on ATAGS
    - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
    - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
    - iio: inkern: only release the device node when done with it
    - iio: ABI: Fix wrong format of differential capacitance channel ABI.
    - clk: oxnas: Hold reference returned by of_get_parent()
    - clk: tegra: Fix refcount leak in tegra210_clock_init
    - clk: tegra: Fix refcount leak in tegra114_clock_init
    - clk: tegra20: Fix refcount leak in tegra20_clock_init
    - HSI: omap_ssi: Fix refcount leak in ssi_probe
    - HSI: omap_ssi_port: Fix dma_map_sg error check
    - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
    - tty: xilinx_uartps: Fix the ignore_status
    - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
    - RDMA/rxe: Fix "kernel NULL pointer dereference" error
    - RDMA/rxe: Fix the error caused by qp->sk
    - dyndbg: fix module.dyndbg handling
    - dyndbg: let query-modname override actual module name
    - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
    - ata: fix ata_id_has_devslp()
    - ata: fix ata_id_has_ncq_autosense()
    - ata: fix ata_id_has_dipm()
    - md/raid5: Ensure stripe_fill happens on non-read IO with journal
    - xhci: Don't show warning for reinit on known broken suspend
    - usb: gadget: function: fix dangling pnp_string in f_printer.c
    - drivers: serial: jsm: fix some leaks in probe
    - phy: qualcomm: call clk_disable_unprepare in the error handling
    - firmware: google: Test spinlock on panic path to avoid lockups
    - serial: 8250: Fix restoring termios speed after suspend
    - fsi: core: Check error number after calling ida_simple_get
    - mfd: intel_soc_pmic: Fix an error handling path in
      intel_soc_pmic_i2c_probe()
    - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
    - mfd: lp8788: Fix an error handling path in lp8788_probe()
    - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
      lp8788_irq_init()
    - mfd: sm501: Add check for platform_driver_register()
    - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
      __cleanup()
    - spmi: pmic-arb: correct duplicate APID to PPID mapping logic
    - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
    - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
    - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
    - powerpc/math_emu/efp: Include module.h
    - powerpc/sysdev/fsl_msi: Add missing of_node_put()
    - powerpc/pci_dn: Add missing of_node_put()
    - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
    - powerpc: Fix SPE Power ISA properties for e500v1 platforms
    - iommu/omap: Fix buffer overflow in debugfs
    - iommu/iova: Fix module config properly
    - crypto: cavium - prevent integer overflow loading firmware
    - f2fs: fix race condition on setting FI_NO_EXTENT flag
    - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
    - MIPS: BCM47XX: Cast memcmp() of function to (void *)
    - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
    - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to
      avoid crash
    - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
    - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
    - openvswitch: Fix double reporting of drops in dropwatch
    - openvswitch: Fix overreporting of drops in dropwatch
    - tcp: annotate data-race around tcp_md5sig_pool_populated
    - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
    - xfrm: Update ipcomp_scratches with NULL when freed
    - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
    - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
    - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    - can: bcm: check the result of can_send() in bcm_can_tx()
    - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
    - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
    - wifi: rt2x00: set SoC wmac clock register
    - wifi: rt2x00: correctly set BBP register 86 for MT7620
    - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
    - Bluetooth: L2CAP: Fix user-after-free
    - drm: Use size_t type for len variable in drm_copy_field()
    - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
    - drm/vc4: vec: Fix timings for VEC modes
    - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
      autoloading
    - drm/amdgpu: fix initial connector audio value
    - ARM: dts: imx7d-sdb: config the max pressure for tsc2046
    - ARM: dts: imx6q: add missing properties for sram
    - ARM: dts: imx6dl: add missing properties for sram
    - ARM: dts: imx6qp: add missing properties for sram
    - ARM: dts: imx6sl: add missing properties for sram
    - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
    - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
    - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
    - HID: roccat: Fix use-after-free in roccat_read()
    - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
    - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
    - usb: musb: Fix musb_gadget.c rxstate overflow bug
    - Revert "usb: storage: Add quirk for Samsung Fit flash"
    - usb: idmouse: fix an uninit-value in idmouse_open
    - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
    - net: ieee802154: return -EINVAL for unknown addr type
    - net/ieee802154: don't warn zero-sized raw_sendmsg()
    - ext4: continue to expand file system when the target size doesn't reach
    - md: Replace snprintf with scnprintf
    - efi: libstub: drop pointless get_memory_map() call
    - inet: fully convert sk->sk_rx_dst to RCU rules
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - mtd: rawnand: atmel: Unmap streaming DMA mappings
    - drm: bridge: adv7511: fix CEC power down control register offset
    - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
    - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
    - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
    - clk: berlin: Add of_node_put() for of_get_parent()
    - mtd: devices: docg3: check the return value of devm_ioremap() in the probe

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 20 Jan 2023 16:01:55 +0100

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-08:

#9

Download full text (27.8 KiB)

This bug was fixed in the package linux - 5.4.0-139.156

---------------
linux (5.4.0-139.156) focal; urgency=medium

* focal/linux: 5.4.0-139.156 -proposed tracker (LP: #2003486)

* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key

linux (5.4.0-138.155) focal; urgency=medium

* focal/linux: 5.4.0-138.155 -proposed tracker (LP: #2001845)

* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

  * Focal update: v5.4.224 upstream stable release (LP: #1999273)
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING in __ip_vs_cleanup_batch()
    - ipvs: fix WARNING in ip_vs_app_net_cleanup()
    - rose: Fix NULL pointer dereference in rose_send_frame()
    - mISDN: fix possible memory leak in mISDN_register_device()
    - isdn: mISDN: netjet: fix wrong check of device registration
    - btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
    - btrfs: fix inode list leak during backref walking at find_parent_nodes()
    - btrfs: fix ulist leaks in error paths of qgroup self tests
    - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
    - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
    - net, neigh: Fix null-ptr-deref in neigh_table_clear()
    - ipv6: fix WARNING in ip6_route_net_exit_late()
    - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: dvb-frontends/drxk: initialize err to 0
    - media: meson: vdec: fix possible refcount leak in vdec_probe()
    - scsi: core: Restrict legal sdev_state transitions via sysfs
    - HID: saitek: add madcatz variant of MMO7 mouse device ID
    - i2c: xiic: Add platform module alias
    - xfs: don't fail verifier on empty attr3 leaf block
    - xfs: use ordered buffers to initialize dquot buffers during quotacheck
    - xfs: gut error handling in xfs_trans_unreserve_and_mod_sb()
    - xfs: group quota should return EDQUOT when prj quota enabled
    - xfs: don't fail unwritten extent conversion on writeback due to edquot
    - xfs: Add the missed xfs_perag_put() for xfs_ifree_cluster()
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
    - block, bfq: protect 'bfqd->queued' by ...

This bug was fixed in the package linux - 5.4.0-139.156

---------------
linux (5.4.0-139.156) focal; urgency=medium

* focal/linux: 5.4.0-139.156 -proposed tracker (LP: #2003486)

* Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux (5.4.0-138.155) focal; urgency=medium

* focal/linux: 5.4.0-138.155 -proposed tracker (LP: #2001845)

* Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

* Focal update: v5.4.224 upstream stable release (LP: #1999273)
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING in __ip_vs_cleanup_batch()
    - ipvs: fix WARNING in ip_vs_app_net_cleanup()
    - rose: Fix NULL pointer dereference in rose_send_frame()
    - mISDN: fix possible memory leak in mISDN_register_device()
    - isdn: mISDN: netjet: fix wrong check of device registration
    - btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
    - btrfs: fix inode list leak during backref walking at find_parent_nodes()
    - btrfs: fix ulist leaks in error paths of qgroup self tests
    - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
    - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
    - net, neigh: Fix null-ptr-deref in neigh_table_clear()
    - ipv6: fix WARNING in ip6_route_net_exit_late()
    - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: dvb-frontends/drxk: initialize err to 0
    - media: meson: vdec: fix possible refcount leak in vdec_probe()
    - scsi: core: Restrict legal sdev_state transitions via sysfs
    - HID: saitek: add madcatz variant of MMO7 mouse device ID
    - i2c: xiic: Add platform module alias
    - xfs: don't fail verifier on empty attr3 leaf block
    - xfs: use ordered buffers to initialize dquot buffers during quotacheck
    - xfs: gut error handling in xfs_trans_unreserve_and_mod_sb()
    - xfs: group quota should return EDQUOT when prj quota enabled
    - xfs: don't fail unwritten extent conversion on writeback due to edquot
    - xfs: Add the missed xfs_perag_put() for xfs_ifree_cluster()
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
    - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
    - binder: fix UAF of alloc->vma in race with munmap()
    - btrfs: fix type of parameter generation in btrfs_get_dentry
    - tcp/udp: Make early_demux back namespacified.
    - kprobe: reverse kp->flags when arm_kprobe failed
    - tools/nolibc/string: Fix memcmp() implementation
    - tracing/histogram: Update document for KEYS_MAX size
    - capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
    - fuse: add file_modified() to fallocate
    - efi: random: reduce seed size to 32 bytes
    - perf/x86/intel: Fix pebs event constraints for ICL
    - perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
    - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
    - parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
    - parisc: Export iosapic_serial_irq() symbol for serial port driver
    - parisc: Avoid printing the hardware path twice
    - ext4: fix warning in 'ext4_da_release_space'
    - ext4: fix BUG_ON() when directory entry has invalid rec_len
    - KVM: x86: Mask off reserved bits in CPUID.8000001AH
    - KVM: x86: Mask off reserved bits in CPUID.80000008H
    - KVM: x86: emulator: em_sysexit should update ctxt->mode
    - KVM: x86: emulator: introduce emulator_recalc_and_set_mode
    - KVM: x86: emulator: update the emulation mode after CR0 write
    - mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times
    - drm/rockchip: dsi: Force synchronous probe
    - drm/i915/sdvo: Filter out invalid outputs more sensibly
    - drm/i915/sdvo: Setup DDC fully before output init
    - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
    - ipc: remove memcg accounting for sops objects in do_semtimedop()
    - Linux 5.4.224

* Focal update: v5.4.223 upstream stable release (LP: #1999179)
    - can: j1939: transport: j1939_session_skb_drop_old():
      spin_unlock_irqrestore() before kfree_skb()
    - can: kvaser_usb: Fix possible completions during init_completion
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: au88x0: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: dwc3: gadget: Stop processing more requests on IMI
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - mtd: rawnand: marvell: Use correct logic for nand-keep-config
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - fbdev: smscufx: Fix several use-after-free bugs
    - mac802154: Fix LQI recording
    - drm/msm/dsi: fix memory corruption with too many bridges
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - kernfs: fix use-after-free in __kernfs_remove
    - perf auxtrace: Fix address filter symbol name match for modules
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - s390/pci: add missing EX_TABLE entries to
      __pcistg_mio_inuser()/__pcilg_mio_inuser()
    - xfs: finish dfops on every insert range shift iteration
    - xfs: clear XFS_DQ_FREEING if we can't lock the dquot buffer to flush
    - xfs: force the log after remapping a synchronous-writes file
    - Xen/gntdev: don't ignore kernel unmapping error
    - xen/gntdev: Prevent leaking grants
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - net: ieee802154: fix error return code in dgram_bind()
    - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - arc: iounmap() arg is volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - tipc: fix a null-ptr-deref in tipc_topsrv_accept
    - net: netsec: fix error handling in netsec_register_mdio()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix VF hang when reset is triggered on another VF
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - nh: fix scope used to find saddr when adding non gw nh
    - net/mlx5e: Do not increment ESN when updating IPsec ESN state
    - net/mlx5: Fix possible use-after-free in async command interface
    - net: enetc: survive memory pressure without crashing
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - Linux 5.4.223

* Focal update: v5.4.222 upstream stable release (LP: #1997994)
    - once: fix section mismatch on clang builds
    - Linux 5.4.222

* Focal update: v5.4.221 upstream stable release (LP: #1997993)
    - xfs: open code insert range extent split helper
    - xfs: rework insert range into an atomic operation
    - xfs: rework collapse range into an atomic operation
    - xfs: add a function to deal with corrupt buffers post-verifiers
    - xfs: xfs_buf_corruption_error should take __this_address
    - xfs: fix buffer corruption reporting when xfs_dir3_free_header_check fails
    - xfs: check owner of dir3 data blocks
    - xfs: check owner of dir3 blocks
    - xfs: Use scnprintf() for avoiding potential buffer overflow
    - xfs: remove the xfs_disk_dquot_t and xfs_dquot_t
    - xfs: remove the xfs_dq_logitem_t typedef
    - xfs: remove the xfs_qoff_logitem_t typedef
    - xfs: Replace function declaration by actual definition
    - xfs: factor out quotaoff intent AIL removal and memory free
    - xfs: fix unmount hang and memory leak on shutdown during quotaoff
    - xfs: preserve default grace interval during quotacheck
    - xfs: Lower CIL flush limit for large logs
    - xfs: Throttle commits on delayed background CIL push
    - xfs: factor common AIL item deletion code
    - xfs: tail updates only need to occur when LSN changes
    - xfs: don't write a corrupt unmount record to force summary counter recalc
    - xfs: trylock underlying buffer on dquot flush
    - xfs: factor out a new xfs_log_force_inode helper
    - xfs: reflink should force the log out if mounted with wsync
    - xfs: move inode flush to the sync workqueue
    - xfs: fix use-after-free on CIL context on shutdown
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - hwmon/coretemp: Handle large core ID value
    - ata: ahci-imx: Fix MODULE_ALIAS
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - media: venus: dec: Handle the case where find_format fails
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - r8152: add PID for the Lenovo OneLink+ Dock
    - btrfs: fix processing of delayed data refs during backref walking
    - btrfs: fix processing of delayed tree block refs during backref walking
    - ACPI: extlog: Handle multiple records
    - tipc: Fix recognition of trial period
    - tipc: fix an information leak in tipc_topsrv_kern_subscr
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - net/atm: fix proc_mpc_write incorrect return value
    - net: phy: dp83867: Extend RX strap quirk for SGMII mode
    - net: sched: cake: fix null pointer access issue when cake_init() fails
    - net: hns: fix possible memory leak in hnae_ae_register()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - arm64: topology: move store_cpu_topology() to shared code
    - riscv: topology: fix default topology reporting
    - ACPI: video: Force backlight native for more TongFang devices
    - Makefile.debug: re-enable debug info for .S files
    - hv_netvsc: Fix race between VF offering and VF association message from host
    - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
    - Linux 5.4.221

* Focal update: v5.4.220 upstream stable release (LP: #1996812)
    - ALSA: oss: Fix potential deadlock at unregistration
    - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
    - ALSA: usb-audio: Fix potential memory leaks
    - ALSA: usb-audio: Fix NULL dererence at error path
    - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
    - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
    - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
    - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
    - mtd: rawnand: atmel: Unmap streaming DMA mappings
    - cifs: destage dirty pages before re-reading them for cache=none
    - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
    - iio: dac: ad5593r: Fix i2c read protocol requirements
    - iio: pressure: dps310: Refactor startup procedure
    - iio: pressure: dps310: Reset chip after timeout
    - usb: add quirks for Lenovo OneLink+ Dock
    - can: kvaser_usb: Fix use of uninitialized completion
    - can: kvaser_usb_leaf: Fix overread with an invalid command
    - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
    - can: kvaser_usb_leaf: Fix CAN state after restart
    - mmc: sdhci-sprd: Fix minimum clock limit
    - fs: dlm: fix race between test_bit() and queue_work()
    - fs: dlm: handle -EBUSY first in lock arg validation
    - HID: multitouch: Add memory barriers
    - quota: Check next/prev free block number after reading from quota file
    - ASoC: wcd9335: fix order of Slimbus unprepare/disable
    - regulator: qcom_rpm: Fix circular deferral regression
    - RISC-V: Make port I/O string accessors actually work
    - parisc: fbdev/stifb: Align graphics memory size to 4MB
    - riscv: Allow PROT_WRITE-only mmap()
    - riscv: Pass -mno-relax only on lld < 15.0.0
    - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
    - powerpc/boot: Explicitly disable usage of SPE instructions
    - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
    - btrfs: fix race between quota enable and quota rescan ioctl
    - f2fs: increase the limit for reserve_root
    - f2fs: fix to do sanity check on destination blkaddr during recovery
    - f2fs: fix to do sanity check on summary info
    - nilfs2: fix use-after-free bug of struct nilfs_root
    - jbd2: wake up journal waiters in FIFO order, not LIFO
    - ext4: avoid crash when inline data creation follows DIO write
    - ext4: fix null-ptr-deref in ext4_write_info
    - ext4: make ext4_lazyinit_thread freezable
    - ext4: place buffer head allocation before handle start
    - livepatch: fix race between fork and KLP transition
    - ftrace: Properly unset FTRACE_HASH_FL_MOD
    - ring-buffer: Allow splice to read previous partially read pages
    - ring-buffer: Have the shortest_full queue be the shortest not longest
    - ring-buffer: Check pending waiters when doing wake ups as well
    - ring-buffer: Fix race between reset page and reading page
    - media: cedrus: Set the platform driver data earlier
    - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
    - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
    - KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
    - gcov: support GCC 12.1 and newer compilers
    - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
    - selinux: use "grep -E" instead of "egrep"
    - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
    - userfaultfd: open userfaultfds with O_RDONLY
    - sh: machvec: Use char[] for section boundaries
    - ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
    - nfsd: Fix a memory leak in an error handling path
    - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
    - wifi: mac80211: allow bw change during channel switch in mesh
    - bpftool: Fix a wrong type cast in btf_dumper_int
    - x86/resctrl: Fix to restore to original value when re-enabling hardware
      prefetch register
    - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
    - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
    - spi: qup: add missing clk_disable_unprepare on error in
      spi_qup_pm_resume_runtime()
    - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
    - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
    - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
    - net: fs_enet: Fix wrong check in do_pd_setup
    - bpf: Ensure correct locking around vulnerable function find_vpid()
    - x86/microcode/AMD: Track patch allocation size explicitly
    - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
    - netfilter: nft_fib: Fix for rpath check with VRF devices
    - spi: s3c64xx: Fix large transfers with DMA
    - vhost/vsock: Use kvmalloc/kvfree for larger packets.
    - sctp: handle the error returned from sctp_auth_asoc_init_active_key
    - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
    - net: rds: don't hold sock lock when cancelling work from
      rds_tcp_reset_callbacks()
    - bnx2x: fix potential memory leak in bnx2x_tpa_stop()
    - net/ieee802154: reject zero-sized raw_sendmsg()
    - once: add DO_ONCE_SLOW() for sleepable contexts
    - net: mvpp2: fix mvpp2 debugfs leak
    - drm: bridge: adv7511: fix CEC power down control register offset
    - drm/mipi-dsi: Detach devices when removing the host
    - platform/chrome: fix double-free in chromeos_laptop_prepare()
    - platform/chrome: fix memory corruption in ioctl
    - platform/x86: msi-laptop: Fix old-ec check for backlight registering
    - platform/x86: msi-laptop: Fix resource cleanup
    - drm: fix drm_mipi_dbi build errors
    - drm/bridge: megachips: Fix a null pointer dereference bug
    - ASoC: rsnd: Add check for rsnd_mod_power_on
    - ALSA: hda: beep: Simplify keep-power-at-enable behavior
    - drm/omap: dss: Fix refcount leak bugs
    - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
    - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
    - drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
    - ALSA: dmaengine: increment buffer pointer atomically
    - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
    - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
    - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
    - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
    - ALSA: hda/hdmi: Don't skip notification handling during PM operation
    - memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
    - memory: of: Fix refcount leak bug in of_get_ddr_timings()
    - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
    - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
    - ARM: dts: turris-omnia: Fix mpp26 pin name and comment
    - ARM: dts: kirkwood: lsxl: fix serial line
    - ARM: dts: kirkwood: lsxl: remove first ethernet port
    - ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
    - ARM: Drop CMDLINE_* dependency on ATAGS
    - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
    - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
    - iio: adc: at91-sama5d2_adc: check return status for pressure and touch
    - iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
    - iio: inkern: only release the device node when done with it
    - iio: ABI: Fix wrong format of differential capacitance channel ABI.
    - clk: meson: Hold reference returned by of_get_parent()
    - clk: oxnas: Hold reference returned by of_get_parent()
    - clk: berlin: Add of_node_put() for of_get_parent()
    - clk: tegra: Fix refcount leak in tegra210_clock_init
    - clk: tegra: Fix refcount leak in tegra114_clock_init
    - clk: tegra20: Fix refcount leak in tegra20_clock_init
    - HSI: omap_ssi: Fix refcount leak in ssi_probe
    - HSI: omap_ssi_port: Fix dma_map_sg error check
    - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
    - tty: xilinx_uartps: Fix the ignore_status
    - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
    - RDMA/rxe: Fix "kernel NULL pointer dereference" error
    - RDMA/rxe: Fix the error caused by qp->sk
    - misc: ocxl: fix possible refcount leak in afu_ioctl()
    - dyndbg: fix module.dyndbg handling
    - dyndbg: let query-modname override actual module name
    - mtd: devices: docg3: check the return value of devm_ioremap() in the probe
    - RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
    - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
    - ata: fix ata_id_has_devslp()
    - ata: fix ata_id_has_ncq_autosense()
    - ata: fix ata_id_has_dipm()
    - mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
    - md/raid5: Ensure stripe_fill happens on non-read IO with journal
    - xhci: Don't show warning for reinit on known broken suspend
    - usb: gadget: function: fix dangling pnp_string in f_printer.c
    - drivers: serial: jsm: fix some leaks in probe
    - tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
    - phy: qualcomm: call clk_disable_unprepare in the error handling
    - staging: vt6655: fix some erroneous memory clean-up loops
    - firmware: google: Test spinlock on panic path to avoid lockups
    - serial: 8250: Fix restoring termios speed after suspend
    - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
    - fsi: core: Check error number after calling ida_simple_get
    - mfd: intel_soc_pmic: Fix an error handling path in
      intel_soc_pmic_i2c_probe()
    - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
    - mfd: lp8788: Fix an error handling path in lp8788_probe()
    - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
      lp8788_irq_init()
    - mfd: fsl-imx25: Fix check for platform_get_irq() errors
    - mfd: sm501: Add check for platform_driver_register()
    - clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
    - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
      __cleanup()
    - spmi: pmic-arb: correct duplicate APID to PPID mapping logic
    - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
    - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
    - clk: ast2600: BCLK comes from EPLL
    - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
    - powerpc/math_emu/efp: Include module.h
    - powerpc/sysdev/fsl_msi: Add missing of_node_put()
    - powerpc/pci_dn: Add missing of_node_put()
    - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
    - x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
    - powerpc/64s: Fix GENERIC_CPU build flags for PPC970 / G5
    - powerpc: Fix SPE Power ISA properties for e500v1 platforms
    - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
    - iommu/omap: Fix buffer overflow in debugfs
    - crypto: akcipher - default implementation for setting a private key
    - crypto: ccp - Release dma channels before dmaengine unrgister
    - iommu/iova: Fix module config properly
    - kbuild: remove the target in signal traps when interrupted
    - crypto: cavium - prevent integer overflow loading firmware
    - f2fs: fix race condition on setting FI_NO_EXTENT flag
    - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
    - MIPS: BCM47XX: Cast memcmp() of function to (void *)
    - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
    - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to
      avoid crash
    - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
    - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
    - bpftool: Clear errno after libcap's checks
    - openvswitch: Fix double reporting of drops in dropwatch
    - openvswitch: Fix overreporting of drops in dropwatch
    - tcp: annotate data-race around tcp_md5sig_pool_populated
    - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
    - xfrm: Update ipcomp_scratches with NULL when freed
    - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
    - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
    - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    - can: bcm: check the result of can_send() in bcm_can_tx()
    - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
    - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
    - wifi: rt2x00: set VGC gain for both chains of MT7620
    - wifi: rt2x00: set SoC wmac clock register
    - wifi: rt2x00: correctly set BBP register 86 for MT7620
    - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
    - Bluetooth: L2CAP: Fix user-after-free
    - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
    - drm: Use size_t type for len variable in drm_copy_field()
    - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
    - drm/amd/display: fix overflow on MIN_I64 definition
    - drm/vc4: vec: Fix timings for VEC modes
    - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
    - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
      autoloading
    - drm/amdgpu: fix initial connector audio value
    - mmc: sdhci-msm: add compatible string check for sdm670
    - ARM: dts: imx7d-sdb: config the max pressure for tsc2046
    - ARM: dts: imx6q: add missing properties for sram
    - ARM: dts: imx6dl: add missing properties for sram
    - ARM: dts: imx6qp: add missing properties for sram
    - ARM: dts: imx6sl: add missing properties for sram
    - ARM: dts: imx6sll: add missing properties for sram
    - ARM: dts: imx6sx: add missing properties for sram
    - btrfs: scrub: try to fix super block errors
    - clk: zynqmp: Fix stack-out-of-bounds in strncpy`
    - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
    - clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
    - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
    - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
    - power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
    - staging: vt6655: fix potential memory leak
    - ata: libahci_platform: Sanity check the DT child nodes number
    - bcache: fix set_at_max_writeback_rate() for multiple attached devices
    - HID: roccat: Fix use-after-free in roccat_read()
    - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
    - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
    - usb: musb: Fix musb_gadget.c rxstate overflow bug
    - Revert "usb: storage: Add quirk for Samsung Fit flash"
    - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
    - nvme: copy firmware_rev on each init
    - nvmet-tcp: add bounds check on Transfer Tag
    - usb: idmouse: fix an uninit-value in idmouse_open
    - clk: bcm2835: Make peripheral PLLC critical
    - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
    - net: ieee802154: return -EINVAL for unknown addr type
    - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
    - net/ieee802154: don't warn zero-sized raw_sendmsg()
    - ext4: continue to expand file system when the target size doesn't reach
    - efi: libstub: drop pointless get_memory_map() call
    - inet: fully convert sk->sk_rx_dst to RCU rules
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - Linux 5.4.220

* Focal update: v5.4.219 upstream stable release (LP: #1996804)
    - Linux 5.4.219

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 20 Jan 2023 15:39:15 +0100

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-08:

#10

Download full text (57.5 KiB)

This bug was fixed in the package linux - 5.15.0-60.66

---------------
linux (5.15.0-60.66) jammy; urgency=medium

* jammy/linux: 5.15.0-60.66 -proposed tracker (LP: #2003450)

* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key

linux (5.15.0-59.65) jammy; urgency=medium

* jammy/linux: 5.15.0-59.65 -proposed tracker (LP: #2001801)

* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

* CVE-2022-47940
- ksmbd: validate length in smb2_write()

  * Fix iosm: WWAN cannot build the connection (DW5823e) (LP: #1998115)
    - net: wwan: iosm: fix driver not working with INTEL_IOMMU disabled
    - [Config] CONFIG_IOSM update annotations on arm64 armhf ppc64el s390x

* support for same series backports versioning numbers (LP: #1993563)
- [Packaging] sameport -- add support for sameport versioning

  * [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later
    (LP: #1999528)
    - [DEP-8] Fix regression suite to run on lowlatency

* Micron NVME storage failure [1344,5407] (LP: #1998883)
- nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH

  * Jammy update: v5.15.78 upstream stable release (LP: #1998843)
    - scsi: lpfc: Rework MIB Rx Monitor debug info logic
    - serial: ar933x: Deassert Transmit Enable on ->rs485_config()
    - KVM: x86: Trace re-injected exceptions
    - KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1)
    - drm/amd/display: explicitly disable psr_feature_enable appropriately
    - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
    - HID: playstation: add initial DualSense Edge controller support
    - KVM: x86: Protect the unused bits in MSR exiting flags
    - KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
    - KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - RDMA/hns: Remove magic number
    - RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx()
    - RDMA/hns: Disable local invalidate operation
    - NFSv4: Fix a potential state reclaim deadlock
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
    - NFSv4.2: Fixup CLONE dest file size for zero-length count
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - net: dsa: fall back to default tagger if we can't load the one from DT
    - nfc: fdp: Fix potential memory leak in fdp_nci_send()
    - nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_...

This bug was fixed in the package linux - 5.15.0-60.66

---------------
linux (5.15.0-60.66) jammy; urgency=medium

* jammy/linux: 5.15.0-60.66 -proposed tracker (LP: #2003450)

* Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux (5.15.0-59.65) jammy; urgency=medium

* jammy/linux: 5.15.0-59.65 -proposed tracker (LP: #2001801)

* Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

* CVE-2022-47940
    - ksmbd: validate length in smb2_write()

* Fix iosm: WWAN cannot build the connection (DW5823e) (LP: #1998115)
    - net: wwan: iosm: fix driver not working with INTEL_IOMMU disabled
    - [Config] CONFIG_IOSM update annotations on arm64 armhf ppc64el s390x

* support for same series backports versioning numbers (LP: #1993563)
    - [Packaging] sameport -- add support for sameport versioning

* [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later
    (LP: #1999528)
    - [DEP-8] Fix regression suite to run on lowlatency

* Micron NVME storage failure [1344,5407] (LP: #1998883)
    - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH

* Jammy update: v5.15.78 upstream stable release (LP: #1998843)
    - scsi: lpfc: Rework MIB Rx Monitor debug info logic
    - serial: ar933x: Deassert Transmit Enable on ->rs485_config()
    - KVM: x86: Trace re-injected exceptions
    - KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1)
    - drm/amd/display: explicitly disable psr_feature_enable appropriately
    - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
    - HID: playstation: add initial DualSense Edge controller support
    - KVM: x86: Protect the unused bits in MSR exiting flags
    - KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
    - KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - RDMA/hns: Remove magic number
    - RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx()
    - RDMA/hns: Disable local invalidate operation
    - NFSv4: Fix a potential state reclaim deadlock
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
    - NFSv4.2: Fixup CLONE dest file size for zero-length count
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - net: dsa: fall back to default tagger if we can't load the one from DT
    - nfc: fdp: Fix potential memory leak in fdp_nci_send()
    - nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: netlink notifier might race to release objects
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING in __ip_vs_cleanup_batch()
    - ipvs: fix WARNING in ip_vs_app_net_cleanup()
    - rose: Fix NULL pointer dereference in rose_send_frame()
    - mISDN: fix possible memory leak in mISDN_register_device()
    - isdn: mISDN: netjet: fix wrong check of device registration
    - btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
    - btrfs: fix inode list leak during backref walking at find_parent_nodes()
    - btrfs: fix ulist leaks in error paths of qgroup self tests
    - netfilter: ipset: enforce documented limit to prevent allocating huge memory
    - Bluetooth: virtio_bt: Use skb_put to set length
    - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
    - Bluetooth: L2CAP: Fix memory leak in vhci_write
    - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
    - ibmvnic: Free rwi on reset success
    - stmmac: dwmac-loongson: fix invalid mdio_node
    - net/smc: Fix possible leaked pernet namespace in smc_init()
    - net, neigh: Fix null-ptr-deref in neigh_table_clear()
    - ipv6: fix WARNING in ip6_route_net_exit_late()
    - vsock: fix possible infinite sleep in vsock_connectible_wait_data()
    - drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
    - drm/msm/hdmi: fix IRQ lifetime
    - video/fbdev/stifb: Implement the stifb_fillrect() function
    - fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards
    - mtd: parsers: bcm47xxpart: print correct offset on read error
    - mtd: parsers: bcm47xxpart: Fix halfblock reads
    - s390/uaccess: add missing EX_TABLE entries to __clear_user()
    - s390/cio: fix out-of-bounds access on cio_ignore free
    - media: rkisp1: Don't pass the quantization to rkisp1_csm_config()
    - media: rkisp1: Initialize color space on resizer sink and source pads
    - media: rkisp1: Use correct macro for gradient registers
    - media: rkisp1: Zero v4l2_subdev_format fields in when validating links
    - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: dvb-frontends/drxk: initialize err to 0
    - media: meson: vdec: fix possible refcount leak in vdec_probe()
    - media: v4l: subdev: Fail graciously when getting try data for NULL state
    - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
    - scsi: core: Restrict legal sdev_state transitions via sysfs
    - HID: saitek: add madcatz variant of MMO7 mouse device ID
    - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case
    - i2c: xiic: Add platform module alias
    - efi/tpm: Pass correct address to memblock_reserve
    - clk: qcom: Update the force mem core bit for GPU clocks
    - ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
    - arm64: dts: imx8: correct clock order
    - arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers
    - block: Fix possible memory leak for rq_wb on add_disk failure
    - firmware: arm_scmi: Suppress the driver's bind attributes
    - firmware: arm_scmi: Make Rx chan_setup fail on memory errors
    - firmware: arm_scmi: Fix devres allocation device in virtio transport
    - arm64: dts: juno: Add thermal critical trip points
    - i2c: piix4: Fix adapter not be removed in piix4_remove()
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
    - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
    - af_unix: Fix memory leaks of the whole sk due to OOB skb.
    - fscrypt: stop using keyrings subsystem for fscrypt_master_key
    - fscrypt: fix keyring memory leak on mount failure
    - btrfs: fix lost file sync on direct IO write with nowait and dsync iocb
    - btrfs: fix tree mod log mishandling of reallocated nodes
    - btrfs: fix type of parameter generation in btrfs_get_dentry
    - ftrace: Fix use-after-free for dynamic ftrace_ops
    - tcp/udp: Make early_demux back namespacified.
    - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
    - kprobe: reverse kp->flags when arm_kprobe failed
    - ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
    - tools/nolibc/string: Fix memcmp() implementation
    - tracing/histogram: Update document for KEYS_MAX size
    - capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
    - fuse: add file_modified() to fallocate
    - efi: random: reduce seed size to 32 bytes
    - efi: random: Use 'ACPI reclaim' memory for random seed
    - arm64: entry: avoid kprobe recursion
    - perf/x86/intel: Fix pebs event constraints for ICL
    - perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
    - perf/x86/intel: Fix pebs event constraints for SPR
    - parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
    - parisc: Export iosapic_serial_irq() symbol for serial port driver
    - parisc: Avoid printing the hardware path twice
    - ext4: fix warning in 'ext4_da_release_space'
    - ext4: fix BUG_ON() when directory entry has invalid rec_len
    - x86/syscall: Include asm/ptrace.h in syscall_wrapper header
    - KVM: x86: Mask off reserved bits in CPUID.80000006H
    - KVM: x86: Mask off reserved bits in CPUID.8000001AH
    - KVM: x86: Mask off reserved bits in CPUID.80000008H
    - KVM: x86: Mask off reserved bits in CPUID.80000001H
    - KVM: x86: Mask off reserved bits in CPUID.8000001FH
    - KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable
    - KVM: arm64: Fix bad dereference on MTE-enabled systems
    - KVM: x86: emulator: em_sysexit should update ctxt->mode
    - KVM: x86: emulator: introduce emulator_recalc_and_set_mode
    - KVM: x86: emulator: update the emulation mode after rsm
    - KVM: x86: emulator: update the emulation mode after CR0 write
    - tee: Fix tee_shm_register() for kernel TEE drivers
    - ext4,f2fs: fix readahead of verity data
    - cifs: fix regression in very old smb1 mounts
    - drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
    - drm/rockchip: dsi: Force synchronous probe
    - drm/i915/sdvo: Filter out invalid outputs more sensibly
    - drm/i915/sdvo: Setup DDC fully before output init
    - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
    - Linux 5.15.78

* Fix AMD-PState driver for Genoa CPU (LP: #1998106)
    - Documentation: amd-pstate: add tracer tool introduction
    - Documentation: amd-pstate: grammar and sentence structure updates
    - Documentation: amd-pstate: Add unit test introduction
    - cpufreq: amd-pstate: cpufreq: amd-pstate: reset MSR_AMD_PERF_CTL register at
      init
    - cpufreq: amd-pstate: change amd-pstate driver to be built-in type
    - cpufreq: amd-pstate: add amd-pstate driver parameter for mode selection
    - Documentation: amd-pstate: add driver working mode introduction
    - Documentation: add amd-pstate kernel command line options

* Mediatek WLAN RZ616(MT7922) SAR table control (LP: #1997200)
    - mt76: mt7921: add .set_sar_specs support
    - mt76: add 6 GHz band support in mt76_sar_freq_ranges
    - mt76: mt7921: introduce ACPI SAR support
    - mt76: connac: add support for limiting to maximum regulatory Tx power
    - mt76: move sar utilities to mt76-core module
    - mt76: mt7921: honor mt76_connac_mcu_set_rate_txpower return value in
      mt7921_config
    - mt76: mt7921: introduce ACPI SAR config in tx power
    - wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()

* [22.04/Jammy] Replace SAUCE AMD DP tunneling patch by upstream version
    (LP: #1989944)
    - Revert "UBUNTU: SAUCE: thunderbolt: Add DP out resource when DP tunnel is
      discovered."
    - thunderbolt: Add DP OUT resource when DP tunnel is discovered

* Jammy update: v5.15.77 upstream stable release (LP: #1997981)
    - NFSv4: Fix free of uninitialized nfs4_label on referral lookup.
    - NFSv4: Add an fattr allocation to _nfs4_discover_trunking()
    - can: j1939: transport: j1939_session_skb_drop_old():
      spin_unlock_irqrestore() before kfree_skb()
    - can: kvaser_usb: Fix possible completions during init_completion
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
    - ALSA: au88x0: use explicitly signed char
    - ALSA: rme9652: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: gadget: uvc: fix sg handling in error case
    - usb: gadget: uvc: fix sg handling during video encode
    - usb: dwc3: gadget: Stop processing more requests on IMI
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - mtd: rawnand: marvell: Use correct logic for nand-keep-config
    - xhci: Add quirk to reset host back to default state at shutdown
    - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - iio: temperature: ltc2983: allocate iio channels once
    - iio: adxl372: Fix unsafe buffer attributes
    - fbdev: smscufx: Fix several use-after-free bugs
    - cpufreq: intel_pstate: Read all MSRs on the target CPU
    - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores
    - fs/binfmt_elf: Fix memory leak in load_elf_binary()
    - exec: Copy oldsighand->action under spin-lock
    - mac802154: Fix LQI recording
    - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
    - drm/amdgpu: disallow gfxoff until GC IP blocks complete s2idle resume
    - drm/msm/dsi: fix memory corruption with too many bridges
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - drm/msm/dp: fix IRQ lifetime
    - coresight: cti: Fix hang in cti_disable_hw()
    - mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
    - mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus
    - counter: microchip-tcb-capture: Handle Signal1 read and Synapse
    - kernfs: fix use-after-free in __kernfs_remove
    - pinctrl: Ingenic: JZ4755 bug fixes
    - ARC: mm: fix leakage of memory allocated for PTE
    - perf auxtrace: Fix address filter symbol name match for modules
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - s390/pci: add missing EX_TABLE entries to
      __pcistg_mio_inuser()/__pcilg_mio_inuser()
    - Revert "scsi: lpfc: Resolve some cleanup issues following SLI path
      refactoring"
    - Revert "scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()"
    - Revert "scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup()"
    - Revert "scsi: lpfc: SLI path split: Refactor SCSI paths"
    - Revert "scsi: lpfc: SLI path split: Refactor fast and slow paths to native
      SLI4"
    - Revert "scsi: lpfc: SLI path split: Refactor lpfc_iocbq"
    - mmc: block: Remove error check of hw_reset on reset
    - ethtool: eeprom: fix null-deref on genl_info in dump
    - net: ieee802154: fix error return code in dgram_bind()
    - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
    - media: atomisp: prevent integer overflow in sh_css_set_black_frame()
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - KVM: selftests: Fix number of pages for memory slot in
      memslot_modification_stress_test
    - ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
    - perf: Fix missing SIGTRAPs
    - sched/core: Fix comparison in sched_group_cookie_match()
    - arc: iounmap() arg is volatile
    - mtd: rawnand: intel: Add missing of_node_put() in ebu_nand_probe()
    - ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap()
    - tipc: fix a null-ptr-deref in tipc_topsrv_accept
    - net: netsec: fix error handling in netsec_register_mdio()
    - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
    - net: hinic: fix memory leak when reading function table
    - net: hinic: fix the issue of CMDQ memory leaks
    - net: hinic: fix the issue of double release MBOX callback of VF
    - net: macb: Specify PHY PM management done by MAC
    - nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - drm/i915/dp: Reset frl trained flag before restarting FRL training
    - atlantic: fix deadlock at aq_nic_stop
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: minor optimization in tcp_add_backlog()
    - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - net-memcg: avoid stalls when under memory pressure
    - drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - media: vivid: set num_in/outputs to 0 if not supported
    - perf vendor events power10: Fix hv-24x7 metric events
    - ipv6: ensure sane device mtu in tunnels
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix VF hang when reset is triggered on another VF
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics
    - net: fec: limit register access on i.MX6UL
    - net: ethernet: ave: Fix MAC to be in charge of PHY PM
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - net: bcmsysport: Indicate MAC is in charge of PHY PM
    - nh: fix scope used to find saddr when adding non gw nh
    - net: broadcom: bcm4908enet: remove redundant variable bytes
    - net: broadcom: bcm4908_enet: update TX stats after actual transmission
    - netdevsim: remove dir in nsim_dev_debugfs_init() when creating ports dir
      failed
    - net/mlx5e: Do not increment ESN when updating IPsec ESN state
    - net/mlx5e: Extend SKB room check to include PTP-SQ
    - net/mlx5: Fix possible use-after-free in async command interface
    - net/mlx5: Print more info on pci error handlers
    - net/mlx5: Update fw fatal reporter state on PCI handlers successful recover
    - net/mlx5: Fix crash during sync firmware reset
    - net: do not sense pfmemalloc status in skb_append_pagefrags()
    - kcm: do not sense pfmemalloc status in kcm_sendpage()
    - net: enetc: survive memory pressure without crashing
    - arm64: Add AMPERE1 to the Spectre-BHB affected list
    - scsi: sd: Revert "scsi: sd: Remove a local variable"
    - can: rcar_canfd: fix channel specific IRQ handling for RZ/G2L
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - serial: core: move RS485 configuration tasks from drivers into core
    - serial: Deassert Transmit Enable on probe in driver-specific way
    - Linux 5.15.77

* RCU stalls (LP: #1991951)
    - [Config] Harmonize RCU_CPU_STALL_TIMEOUT

* Jammy update: v5.15.76 upstream stable release (LP: #1997113)
    - r8152: add PID for the Lenovo OneLink+ Dock
    - arm64/mm: Consolidate TCR_EL1 fields
    - usb: gadget: uvc: consistently use define for headerlen
    - usb: gadget: uvc: use on returned header len in video_encode_isoc_sg
    - usb: gadget: uvc: rework uvcg_queue_next_buffer to uvcg_complete_buffer
    - usb: gadget: uvc: giveback vb2 buffer on req complete
    - usb: gadget: uvc: improve sg exit condition
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - perf/x86/intel/pt: Relax address filter validation
    - btrfs: enhance unsupported compat RO flags handling
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
    - cpufreq: qcom: fix writes in read-only memory region
    - i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - hwmon/coretemp: Handle large core ID value
    - ata: ahci-imx: Fix MODULE_ALIAS
    - x86/resctrl: Fix min_cbm_bits for AMD
    - cpufreq: qcom: fix memory leak in error path
    - drm/amdgpu: fix sdma doorbell init ordering on APUs
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - kvm: Add support for arch compat vm ioctls
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - media: ipu3-imgu: Fix NULL pointer dereference in active selection access
    - media: mceusb: set timeout to at least timeout provided
    - media: venus: dec: Handle the case where find_format fails
    - x86/topology: Fix multiple packages shown on a single-package system
    - x86/topology: Fix duplicated core ID within a package
    - btrfs: fix processing of delayed data refs during backref walking
    - btrfs: fix processing of delayed tree block refs during backref walking
    - drm/vc4: Add module dependency on hdmi-codec
    - ACPI: extlog: Handle multiple records
    - tipc: Fix recognition of trial period
    - tipc: fix an information leak in tipc_topsrv_kern_subscr
    - i40e: Fix DMA mappings leak
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - sfc: Change VF mac via PF as first preference if available.
    - net/atm: fix proc_mpc_write incorrect return value
    - net: phy: dp83867: Extend RX strap quirk for SGMII mode
    - net: phylink: add mac_managed_pm in phylink_config structure
    - scsi: lpfc: Fix memory leak in lpfc_create_port()
    - udp: Update reuse->has_conns under reuseport_lock.
    - cifs: Fix xid leak in cifs_create()
    - cifs: Fix xid leak in cifs_copy_file_range()
    - cifs: Fix xid leak in cifs_flock()
    - cifs: Fix xid leak in cifs_ses_add_channel()
    - dm: remove unnecessary assignment statement in alloc_dev()
    - net: hsr: avoid possible NULL deref in skb_clone()
    - ionic: catch NULL pointer issue on reconfig
    - netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
    - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
    - nvme-hwmon: kmalloc the NVME SMART log buffer
    - nvmet: fix workqueue MEM_RECLAIM flushing dependency
    - net: sched: cake: fix null pointer access issue when cake_init() fails
    - net: sched: delete duplicate cleanup of backlog and qlen
    - net: sched: sfb: fix null pointer access issue when sfb_init() fails
    - sfc: include vport_id in filter spec hash and equal()
    - wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
    - net: hns: fix possible memory leak in hnae_ae_register()
    - net: sched: fix race condition in qdisc_graft()
    - net: phy: dp83822: disable MDI crossover status change interrupt
    - iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - fs: dlm: fix invalid derefence of sb_lvbptr
    - arm64: mte: move register initialization to C
    - ksmbd: handle smb2 query dir request for OutputBufferLength that is too
      small
    - ksmbd: fix incorrect handling of iterate_dir
    - tracing: Simplify conditional compilation code in tracing_set_tracer()
    - tracing: Do not free snapshot if tracer is on cmdline
    - mmc: sdhci-tegra: Use actual clock rate for SW tuning correction
    - perf: Skip and warn on unknown format 'configN' attrs
    - ACPI: video: Force backlight native for more TongFang devices
    - x86/Kconfig: Drop check for -mabi=ms for CONFIG_EFI_STUB
    - Makefile.debug: re-enable debug info for .S files
    - mmc: core: Add SD card quirk for broken discard
    - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
    - Linux 5.15.76

* UBSAN: array-index-out-of-bounds in
    /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41
    (LP: #1970074) // Jammy update: v5.15.76 upstream stable release
    (LP: #1997113)
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS

* Jammy update: v5.15.75 upstream stable release (LP: #1996825)
    - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
    - ALSA: oss: Fix potential deadlock at unregistration
    - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
    - ALSA: usb-audio: Fix potential memory leaks
    - ALSA: usb-audio: Fix NULL dererence at error path
    - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
    - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
    - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
    - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
    - mtd: rawnand: atmel: Unmap streaming DMA mappings
    - io_uring/net: don't update msg_name if not provided
    - hv_netvsc: Fix race between VF offering and VF association message from host
    - cifs: destage dirty pages before re-reading them for cache=none
    - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
    - iio: dac: ad5593r: Fix i2c read protocol requirements
    - iio: ltc2497: Fix reading conversion results
    - iio: adc: ad7923: fix channel readings for some variants
    - iio: pressure: dps310: Refactor startup procedure
    - iio: pressure: dps310: Reset chip after timeout
    - xhci: dbc: Fix memory leak in xhci_alloc_dbc()
    - usb: add quirks for Lenovo OneLink+ Dock
    - can: kvaser_usb: Fix use of uninitialized completion
    - can: kvaser_usb_leaf: Fix overread with an invalid command
    - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
    - can: kvaser_usb_leaf: Fix CAN state after restart
    - mmc: sdhci-sprd: Fix minimum clock limit
    - i2c: designware: Fix handling of real but unexpected device interrupts
    - fs: dlm: fix race between test_bit() and queue_work()
    - fs: dlm: handle -EBUSY first in lock arg validation
    - HID: multitouch: Add memory barriers
    - quota: Check next/prev free block number after reading from quota file
    - platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure
    - ASoC: wcd9335: fix order of Slimbus unprepare/disable
    - ASoC: wcd934x: fix order of Slimbus unprepare/disable
    - hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
    - net: thunderbolt: Enable DMA paths only after rings are enabled
    - regulator: qcom_rpm: Fix circular deferral regression
    - arm64: topology: move store_cpu_topology() to shared code
    - riscv: topology: fix default topology reporting
    - RISC-V: Make port I/O string accessors actually work
    - parisc: fbdev/stifb: Align graphics memory size to 4MB
    - riscv: Make VM_WRITE imply VM_READ
    - riscv: always honor the CONFIG_CMDLINE_FORCE when parsing dtb
    - riscv: Pass -mno-relax only on lld < 15.0.0
    - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - nvmem: core: Fix memleak in nvmem_register()
    - nvme-multipath: fix possible hang in live ns resize with ANA access
    - nvme-pci: set min_align_mask before calculating max_hw_sectors
    - dmaengine: mxs: use platform_driver_register
    - drm/virtio: Check whether transferred 2D BO is shmem
    - drm/virtio: Unlock reservations on virtio_gpu_object_shmem_init() error
    - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
    - drm/udl: Restore display mode on resume
    - [Config] updateconfigs for ARM64_ERRATUM_2441007
    - arm64: errata: Add Cortex-A55 to the repeat tlbi list
    - mm/damon: validate if the pmd entry is present before accessing
    - mm/mmap: undo ->mmap() when arch_validate_flags() fails
    - xen/gntdev: Prevent leaking grants
    - xen/gntdev: Accommodate VMA splitting
    - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
    - serial: 8250: Let drivers request full 16550A feature probing
    - serial: 8250: Request full 16550A feature probing for OxSemi PCIe devices
    - powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain
    - powerpc/boot: Explicitly disable usage of SPE instructions
    - slimbus: qcom-ngd: use correct error in message of pdr_add_lookup() failure
    - slimbus: qcom-ngd: cleanup in probe error path
    - scsi: qedf: Populate sysfs attributes for vport
    - gpio: rockchip: request GPIO mux to pinctrl when setting direction
    - pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
    - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
    - ksmbd: fix endless loop when encryption for response fails
    - ksmbd: Fix wrong return value and message length check in smb2_ioctl()
    - ksmbd: Fix user namespace mapping
    - fs: record I_DIRTY_TIME even if inode already has I_DIRTY_INODE
    - btrfs: fix race between quota enable and quota rescan ioctl
    - btrfs: set generation before calling btrfs_clean_tree_block in
      btrfs_init_new_buffer
    - f2fs: complete checkpoints during remount
    - f2fs: flush pending checkpoints when freezing super
    - f2fs: increase the limit for reserve_root
    - f2fs: fix to do sanity check on destination blkaddr during recovery
    - f2fs: fix to do sanity check on summary info
    - hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
    - hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero
    - jbd2: wake up journal waiters in FIFO order, not LIFO
    - jbd2: fix potential buffer head reference count leak
    - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
    - jbd2: add miss release buffer head in fc_do_one_pass()
    - ext4: avoid crash when inline data creation follows DIO write
    - ext4: fix null-ptr-deref in ext4_write_info
    - ext4: make ext4_lazyinit_thread freezable
    - ext4: fix check for block being out of directory size
    - ext4: don't increase iversion counter for ea_inodes
    - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
    - ext4: place buffer head allocation before handle start
    - ext4: fix dir corruption when ext4_dx_add_entry() fails
    - ext4: fix miss release buffer head in ext4_fc_write_inode
    - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
    - ext4: fix potential memory leak in ext4_fc_record_regions()
    - ext4: update 'state->fc_regions_size' after successful memory allocation
    - livepatch: fix race between fork and KLP transition
    - ftrace: Properly unset FTRACE_HASH_FL_MOD
    - ring-buffer: Allow splice to read previous partially read pages
    - ring-buffer: Have the shortest_full queue be the shortest not longest
    - ring-buffer: Check pending waiters when doing wake ups as well
    - ring-buffer: Add ring_buffer_wake_waiters()
    - ring-buffer: Fix race between reset page and reading page
    - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
    - tracing: Wake up ring buffer waiters on closing of the file
    - tracing: Wake up waiters when tracing is disabled
    - tracing: Add ioctl() to force ring buffer waiters to wake up
    - tracing: Move duplicate code of trace_kprobe/eprobe.c into header
    - tracing: Add "(fault)" name injection to kernel probes
    - tracing: Fix reading strings from synthetic events
    - thunderbolt: Explicitly enable lane adapter hotplug events at startup
    - efi: libstub: drop pointless get_memory_map() call
    - media: cedrus: Set the platform driver data earlier
    - media: cedrus: Fix endless loop in cedrus_h265_skip_bits()
    - blk-wbt: call rq_qos_add() after wb_normal is initialized
    - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
    - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
    - KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02
    - KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
    - staging: greybus: audio_helper: remove unused and wrong debugfs usage
    - drm/nouveau/kms/nv140-: Disable interlacing
    - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
    - drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
    - drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
    - drm/i915: Fix watermark calculations for gen12+ CCS+CC modifier
    - drm/amd/display: Fix vblank refcount in vrr transition
    - smb3: must initialize two ACL struct fields to zero
    - selinux: use "grep -E" instead of "egrep"
    - ima: fix blocking of security.ima xattrs of unsupported algorithms
    - userfaultfd: open userfaultfds with O_RDONLY
    - ntfs3: rework xattr handlers and switch to POSIX ACL VFS helpers
    - thermal: cpufreq_cooling: Check the policy first in
      cpufreq_cooling_register()
    - sh: machvec: Use char[] for section boundaries
    - MIPS: SGI-IP27: Free some unused memory
    - MIPS: SGI-IP27: Fix platform-device leak in bridge_platform_create()
    - ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd()
    - ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
    - objtool: Preserve special st_shndx indexes in elf_update_symbol
    - nfsd: Fix a memory leak in an error handling path
    - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
    - wifi: rtlwifi: 8192de: correct checking of IQK reload
    - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
    - leds: lm3601x: Don't use mutex after it was destroyed
    - bpf: Fix reference state management for synchronous callbacks
    - wifi: mac80211: allow bw change during channel switch in mesh
    - bpftool: Fix a wrong type cast in btf_dumper_int
    - spi: mt7621: Fix an error message in mt7621_spi_probe()
    - x86/resctrl: Fix to restore to original value when re-enabling hardware
      prefetch register
    - xsk: Fix backpressure mechanism on Tx
    - bpf: Disable preemption when increasing per-cpu map_locked
    - bpf: Propagate error from htab_lock_bucket() to userspace
    - bpf: Use this_cpu_{inc|dec|inc_return} for bpf_task_storage_busy
    - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
    - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
    - wifi: rtw88: add missing destroy_workqueue() on error path in
      rtw_core_init()
    - selftests/xsk: Avoid use-after-free on ctx
    - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
    - spi: qup: add missing clk_disable_unprepare on error in
      spi_qup_pm_resume_runtime()
    - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
    - spi: meson-spicc: do not rely on busy flag in pow2 clk ops
    - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
    - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
    - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
    - wifi: mt76: sdio: fix transmitting packet hangs
    - wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
      mt7615_sta_set_decap_offload
    - wifi: mt76: mt7915: do not check state before configuring implicit beamform
    - Bluetooth: RFCOMM: Fix possible deadlock on socket shutdown/release
    - net: fs_enet: Fix wrong check in do_pd_setup
    - bpf: Ensure correct locking around vulnerable function find_vpid()
    - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
    - netfilter: conntrack: fix the gc rescheduling delay
    - netfilter: conntrack: revisit the gc initial rescheduling bias
    - wifi: ath11k: fix number of VHT beamformee spatial streams
    - x86/microcode/AMD: Track patch allocation size explicitly
    - x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
    - spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
    - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
    - skmsg: Schedule psock work if the cached skb exists on the psock
    - i2c: mlxbf: support lock mechanism
    - Bluetooth: hci_core: Fix not handling link timeouts propertly
    - xfrm: Reinject transport-mode packets through workqueue
    - netfilter: nft_fib: Fix for rpath check with VRF devices
    - spi: s3c64xx: Fix large transfers with DMA
    - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
    - vhost/vsock: Use kvmalloc/kvfree for larger packets.
    - eth: alx: take rtnl_lock on resume
    - sctp: handle the error returned from sctp_auth_asoc_init_active_key
    - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
    - spi: Ensure that sg_table won't be used after being freed
    - hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase mp2888
      controller
    - net: rds: don't hold sock lock when cancelling work from
      rds_tcp_reset_callbacks()
    - bnx2x: fix potential memory leak in bnx2x_tpa_stop()
    - net: wwan: iosm: Call mutex_init before locking it
    - net/ieee802154: reject zero-sized raw_sendmsg()
    - once: add DO_ONCE_SLOW() for sleepable contexts
    - net: mvpp2: fix mvpp2 debugfs leak
    - drm: bridge: adv7511: fix CEC power down control register offset
    - drm: bridge: adv7511: unregister cec i2c device after cec adapter
    - drm/bridge: Avoid uninitialized variable warning
    - drm/mipi-dsi: Detach devices when removing the host
    - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
    - drm/bridge: parade-ps8640: Fix regulator supply order
    - drm/dp_mst: fix drm_dp_dpcd_read return value checks
    - drm:pl111: Add of_node_put() when breaking out of
      for_each_available_child_of_node()
    - ASoC: mt6359: fix tests for platform_get_irq() failure
    - platform/chrome: fix double-free in chromeos_laptop_prepare()
    - platform/chrome: fix memory corruption in ioctl
    - ASoC: tas2764: Allow mono streams
    - ASoC: tas2764: Drop conflicting set_bias_level power setting
    - ASoC: tas2764: Fix mute/unmute
    - platform/x86: msi-laptop: Fix old-ec check for backlight registering
    - platform/x86: msi-laptop: Fix resource cleanup
    - platform/chrome: cros_ec_typec: Correct alt mode index
    - drm/amdgpu: add missing pci_disable_device() in
      amdgpu_pmops_runtime_resume()
    - drm/bridge: megachips: Fix a null pointer dereference bug
    - ASoC: rsnd: Add check for rsnd_mod_power_on
    - ALSA: hda: beep: Simplify keep-power-at-enable behavior
    - drm/bochs: fix blanking
    - drm/omap: dss: Fix refcount leak bugs
    - drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()
    - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
    - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
    - drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
    - drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa()
    - drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()
    - ASoC: codecs: tx-macro: fix kcontrol put
    - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
    - ALSA: dmaengine: increment buffer pointer atomically
    - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
    - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
    - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
    - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
    - ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
    - ALSA: hda/hdmi: Don't skip notification handling during PM operation
    - memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
    - memory: of: Fix refcount leak bug in of_get_ddr_timings()
    - memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
    - locks: fix TOCTOU race when granting write lease
    - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
    - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
    - ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus
    - ARM: dts: turris-omnia: Fix mpp26 pin name and comment
    - ARM: dts: kirkwood: lsxl: fix serial line
    - ARM: dts: kirkwood: lsxl: remove first ethernet port
    - ia64: export memory_add_physaddr_to_nid to fix cxl build error
    - soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
    - arm64: dts: ti: k3-j7200: fix main pinmux range
    - ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
    - ARM: Drop CMDLINE_* dependency on ATAGS
    - ext4: don't run ext4lazyinit for read-only filesystems
    - arm64: ftrace: fix module PLTs with mcount
    - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
    - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
    - iio: adc: at91-sama5d2_adc: check return status for pressure and touch
    - iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
    - iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume
    - iio: inkern: only release the device node when done with it
    - iio: inkern: fix return value in devm_of_iio_channel_get_by_name()
    - iio: ABI: Fix wrong format of differential capacitance channel ABI.
    - iio: magnetometer: yas530: Change data type of hard_offsets to signed
    - RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey
    - usb: common: debug: Check non-standard control requests
    - clk: meson: Hold reference returned by of_get_parent()
    - clk: oxnas: Hold reference returned by of_get_parent()
    - clk: qoriq: Hold reference returned by of_get_parent()
    - clk: berlin: Add of_node_put() for of_get_parent()
    - clk: sprd: Hold reference returned by of_get_parent()
    - clk: tegra: Fix refcount leak in tegra210_clock_init
    - clk: tegra: Fix refcount leak in tegra114_clock_init
    - clk: tegra20: Fix refcount leak in tegra20_clock_init
    - HSI: omap_ssi: Fix refcount leak in ssi_probe
    - HSI: omap_ssi_port: Fix dma_map_sg error check
    - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
    - tty: xilinx_uartps: Fix the ignore_status
    - media: meson: vdec: add missing clk_disable_unprepare on error in
      vdec_hevc_start()
    - media: uvcvideo: Fix memory leak in uvc_gpio_parse
    - media: uvcvideo: Use entity get_cur in uvc_ctrl_set
    - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
    - RDMA/rxe: Fix "kernel NULL pointer dereference" error
    - RDMA/rxe: Fix the error caused by qp->sk
    - misc: ocxl: fix possible refcount leak in afu_ioctl()
    - fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
    - dmaengine: hisilicon: Disable channels when unregister hisi_dma
    - dmaengine: hisilicon: Fix CQ head update
    - dmaengine: hisilicon: Add multi-thread support for a DMA channel
    - dyndbg: fix static_branch manipulation
    - dyndbg: fix module.dyndbg handling
    - dyndbg: let query-modname override actual module name
    - dyndbg: drop EXPORTed dynamic_debug_exec_queries
    - clk: qcom: sm6115: Select QCOM_GDSC
    - mtd: devices: docg3: check the return value of devm_ioremap() in the probe
    - phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference returned by
      of_get_parent()
    - phy: phy-mtk-tphy: fix the phy type setting issue
    - mtd: rawnand: intel: Read the chip-select line from the correct OF node
    - mtd: rawnand: intel: Remove undocumented compatible string
    - mtd: rawnand: fsl_elbc: Fix none ECC mode
    - RDMA/irdma: Align AE id codes to correct flush code and event
    - RDMA/srp: Fix srp_abort()
    - RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
    - RDMA/siw: Fix QP destroy to wait for all references dropped.
    - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
    - ata: fix ata_id_has_devslp()
    - ata: fix ata_id_has_ncq_autosense()
    - ata: fix ata_id_has_dipm()
    - mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
    - md/raid5: Ensure stripe_fill happens on non-read IO with journal
    - md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
    - RDMA/cm: Use SLID in the work completion as the DLID in responder side
    - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
    - xhci: Don't show warning for reinit on known broken suspend
    - usb: gadget: function: fix dangling pnp_string in f_printer.c
    - drivers: serial: jsm: fix some leaks in probe
    - serial: 8250: Toggle IER bits on only after irq has been set up
    - tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
    - phy: qualcomm: call clk_disable_unprepare in the error handling
    - staging: vt6655: fix some erroneous memory clean-up loops
    - slimbus: qcom-ngd-ctrl: allow compile testing without QCOM_RPROC_COMMON
    - firmware: google: Test spinlock on panic path to avoid lockups
    - serial: 8250: Fix restoring termios speed after suspend
    - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
    - scsi: iscsi: Rename iscsi_conn_queue_work()
    - scsi: iscsi: Add recv workqueue helpers
    - scsi: iscsi: Run recv path from workqueue
    - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
    - clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
    - clk: qcom: gcc-sm6115: Override default Alpha PLL regs
    - RDMA/rxe: Fix resize_finish() in rxe_queue.c
    - fsi: core: Check error number after calling ida_simple_get
    - mfd: intel_soc_pmic: Fix an error handling path in
      intel_soc_pmic_i2c_probe()
    - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
    - mfd: lp8788: Fix an error handling path in lp8788_probe()
    - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
      lp8788_irq_init()
    - mfd: fsl-imx25: Fix check for platform_get_irq() errors
    - mfd: sm501: Add check for platform_driver_register()
    - clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
    - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
      __cleanup()
    - usb: mtu3: fix failed runtime suspend in host only mode
    - spmi: pmic-arb: correct duplicate APID to PPID mapping logic
    - clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
    - clk: baikal-t1: Fix invalid xGMAC PTP clock divider
    - clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
    - clk: baikal-t1: Add SATA internal ref clock buffer
    - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
    - clk: imx: scu: fix memleak on platform_device_add() fails
    - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
    - clk: ast2600: BCLK comes from EPLL
    - mailbox: mpfs: fix handling of the reg property
    - mailbox: mpfs: account for mbox offsets while sending
    - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
    - powerpc/configs: Properly enable PAPR_SCM in pseries_defconfig
    - powerpc/math_emu/efp: Include module.h
    - powerpc/sysdev/fsl_msi: Add missing of_node_put()
    - powerpc/pci_dn: Add missing of_node_put()
    - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
    - powerpc: Fix fallocate and fadvise64_64 compat parameter combination
    - x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
    - powerpc/64s: Fix GENERIC_CPU build flags for PPC970 / G5
    - powerpc: Fix SPE Power ISA properties for e500v1 platforms
    - powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
    - powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
    - crypto: sahara - don't sleep when in softirq
    - crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
    - hwrng: arm-smccc-trng - fix NO_ENTROPY handling
    - cgroup: Honor caller's cgroup NS when resolving path
    - hwrng: imx-rngc - Moving IRQ handler registering after
      imx_rngc_irq_mask_clear()
    - crypto: qat - fix default value of WDT timer
    - crypto: hisilicon/qm - fix missing put dfx access
    - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
    - iommu/omap: Fix buffer overflow in debugfs
    - crypto: akcipher - default implementation for setting a private key
    - crypto: ccp - Release dma channels before dmaengine unrgister
    - crypto: inside-secure - Change swab to swab32
    - crypto: qat - fix DMA transfer direction
    - cifs: return correct error in ->calc_signature()
    - iommu/iova: Fix module config properly
    - tracing: kprobe: Fix kprobe event gen test module on exit
    - tracing: kprobe: Make gen test module work in arm and riscv
    - tracing/osnoise: Fix possible recursive locking in stop_per_cpu_kthreads
    - kbuild: remove the target in signal traps when interrupted
    - kbuild: rpm-pkg: fix breakage when V=1 is used
    - crypto: marvell/octeontx - prevent integer overflows
    - crypto: cavium - prevent integer overflow loading firmware
    - thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
    - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
    - f2fs: fix race condition on setting FI_NO_EXTENT flag
    - f2fs: fix to account FS_CP_DATA_IO correctly
    - selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
    - fs: dlm: fix race in lowcomms
    - rcu: Avoid triggering strict-GP irq-work when RCU is idle
    - rcu: Back off upon fill_page_cache_func() allocation failure
    - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
    - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
    - ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address
    - cpufreq: intel_pstate: Add Tigerlake support in no-HWP mode
    - MIPS: BCM47XX: Cast memcmp() of function to (void *)
    - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
    - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to
      avoid crash
    - ARM: decompressor: Include .data.rel.ro.local
    - ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for StorageD3Enable
    - x86/entry: Work around Clang __bdos() bug
    - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
    - NFSD: fix use-after-free on source server when doing inter-server copy
    - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
    - bpftool: Clear errno after libcap's checks
    - ice: set tx_tstamps when creating new Tx rings via ethtool
    - net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
    - openvswitch: Fix double reporting of drops in dropwatch
    - openvswitch: Fix overreporting of drops in dropwatch
    - tcp: annotate data-race around tcp_md5sig_pool_populated
    - x86/mce: Retrieve poison range from hardware
    - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
    - thunderbolt: Add back Intel Falcon Ridge end-to-end flow control workaround
    - xfrm: Update ipcomp_scratches with NULL when freed
    - iavf: Fix race between iavf_close and iavf_reset_task
    - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
    - Bluetooth: btintel: Mark Intel controller to support LE_STATES quirk
    - regulator: core: Prevent integer underflow
    - wifi: mt76: mt7921: reset msta->airtime_ac while clearing up hw value
    - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
    - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    - can: bcm: check the result of can_send() in bcm_can_tx()
    - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
    - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
    - wifi: rt2x00: set VGC gain for both chains of MT7620
    - wifi: rt2x00: set SoC wmac clock register
    - wifi: rt2x00: correctly set BBP register 86 for MT7620
    - hwmon: (sht4x) do not overflow clamping operation on 32-bit platforms
    - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
    - Bluetooth: L2CAP: Fix user-after-free
    - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
    - drm: Use size_t type for len variable in drm_copy_field()
    - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
    - drm/komeda: Fix handling of atomic commits in the atomic_commit_tail hook
    - gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()
    - drm/amd/display: fix overflow on MIN_I64 definition
    - udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
    - drm: bridge: dw_hdmi: only trigger hotplug event on link change
    - ALSA: usb-audio: Register card at the last interface
    - drm/vc4: vec: Fix timings for VEC modes
    - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
    - platform/chrome: cros_ec: Notify the PM of wake events during resume
    - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
      autoloading
    - ASoC: SOF: pci: Change DMI match info to support all Chrome platforms
    - drm/amdgpu: fix initial connector audio value
    - drm/meson: reorder driver deinit sequence to fix use-after-free bug
    - drm/meson: explicitly remove aggregate driver at module unload time
    - mmc: sdhci-msm: add compatible string check for sdm670
    - drm/dp: Don't rewrite link config when setting phy test pattern
    - drm/amd/display: Remove interface for periodic interrupt 1
    - ARM: dts: imx7d-sdb: config the max pressure for tsc2046
    - ARM: dts: imx6q: add missing properties for sram
    - ARM: dts: imx6dl: add missing properties for sram
    - ARM: dts: imx6qp: add missing properties for sram
    - ARM: dts: imx6sl: add missing properties for sram
    - ARM: dts: imx6sll: add missing properties for sram
    - ARM: dts: imx6sx: add missing properties for sram
    - kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
    - arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply
    - btrfs: dump extra info if one free space cache has more bitmaps than it
      should
    - btrfs: scrub: try to fix super block errors
    - btrfs: don't print information about space cache or tree every remount
    - ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
    - clk: zynqmp: Fix stack-out-of-bounds in strncpy`
    - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
    - media: platform: fix some double free in meson-ge2d and mtk-jpeg and s5p-mfc
    - clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
    - usb: host: xhci-plat: suspend and resume clocks
    - usb: host: xhci-plat: suspend/resume clks for brcm
    - dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow
    - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
    - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
    - iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT device to
      identity
    - power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
    - staging: vt6655: fix potential memory leak
    - blk-throttle: prevent overflow while calculating wait time
    - ata: libahci_platform: Sanity check the DT child nodes number
    - bcache: fix set_at_max_writeback_rate() for multiple attached devices
    - soundwire: cadence: Don't overwrite msg->buf during write commands
    - soundwire: intel: fix error handling on dai registration issues
    - HID: roccat: Fix use-after-free in roccat_read()
    - eventfd: guard wake_up in eventfd fs calls as well
    - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
    - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
    - usb: musb: Fix musb_gadget.c rxstate overflow bug
    - arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to USB nodes
    - usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination error after
      resume bug
    - Revert "usb: storage: Add quirk for Samsung Fit flash"
    - staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
    - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
    - scsi: tracing: Fix compile error in trace_array calls when TRACING is
      disabled
    - ext2: Use kvmalloc() for group descriptor array
    - nvme: copy firmware_rev on each init
    - nvmet-tcp: add bounds check on Transfer Tag
    - usb: idmouse: fix an uninit-value in idmouse_open
    - clk: bcm2835: Make peripheral PLLC critical
    - clk: bcm2835: Round UART input clock up
    - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
    - io_uring: correct pinned_vm accounting
    - io_uring/rw: fix short rw error handling
    - io_uring/rw: fix error'ed retry return values
    - io_uring/rw: fix unexpected link breakage
    - mm: hugetlb: fix UAF in hugetlb_handle_userfault
    - net: ieee802154: return -EINVAL for unknown addr type
    - ALSA: usb-audio: Fix last interface check for registration
    - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
    - [Config] updateconfigs for MDIO_BITBANG
    - net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
    - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
    - net/ieee802154: don't warn zero-sized raw_sendmsg()
    - drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n
    - Kconfig.debug: simplify the dependency of DEBUG_INFO_DWARF4/5
    - Kconfig.debug: add toolchain checks for DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT
    - lib/Kconfig.debug: Add check for non-constant .{s,u}leb128 support to DWARF5
    - [Config] updateconfigs for AS_HAS_NON_CONST_LEB128
    - ext4: continue to expand file system when the target size doesn't reach
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - gcov: support GCC 12.1 and newer compilers
    - io-wq: Fix memory leak in worker creation
    - Linux 5.15.75

* [SRU] Ubuntu 22.04 - NVMe TCP - Host fails to reconnect to target after
    link down/link up sequence (LP: #1989990)
    - nvme-fabrics: parse nvme connect Linux error codes
    - nvme-tcp: handle number of queue changes
    - nvme-rdma: handle number of queue changes
    - nvmet: expose max queues to configfs

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 20 Jan 2023 14:42:28 +0100

Changed in linux (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-08:

#11

Download full text (32.9 KiB)

This bug was fixed in the package linux - 5.19.0-31.32

---------------
linux (5.19.0-31.32) kinetic; urgency=medium

* kinetic/linux: 5.19.0-31.32 -proposed tracker (LP: #2003423)

  * amdgpu: framebuffer is destroyed and the screen freezes with unsupported IP
    blocks (LP: #2003524)
    - drm/amd: Delay removal of the firmware framebuffer

* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key

linux (5.19.0-30.31) kinetic; urgency=medium

* kinetic/linux: 5.19.0-30.31 -proposed tracker (LP: #2001756)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.02)

* Add some ACPI device IDs for Intel HID device (LP: #1995453)
- platform/x86/intel/hid: Add some ACPI device IDs

  * Fix iosm: WWAN cannot build the connection (DW5823e) (LP: #1998115)
    - net: wwan: iosm: fix driver not working with INTEL_IOMMU disabled
    - [Config] CONFIG_IOSM update annotations on arm64 armhf ppc64el s390x riscv64

  * BPF_[AND|OR|XOR|FETCH|XCHG|CMPXCHG] in net:test_bpf.sh from
    ubuntu_kernel_selftests failed on K-5.19 P9 (LP: #2001618)
    - powerpc/bpf/64: add support for BPF_ATOMIC bitwise operations
    - powerpc/bpf/64: add support for atomic fetch operations
    - powerpc/bpf/64: Add instructions for atomic_[cmp]xchg

  * [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later
    (LP: #1999528)
    - [DEP-8] Fix regression suite to run on lowlatency

  * Kinetic update: upstream stable patchset 2022-12-15 (LP: #1999828)
    - serial: ar933x: Deassert Transmit Enable on ->rs485_config()
    - KVM: x86: Trace re-injected exceptions
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - RDMA/hns: Disable local invalidate operation
    - NFSv4: Fix a potential state reclaim deadlock
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
    - NFSv4.2: Fixup CLONE dest file size for zero-length count
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - net: dsa: fall back to default tagger if we can't load the one from DT
    - nfc: fdp: Fix potential memory leak in fdp_nci_send()
    - nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: netlink notifier might race to release objects
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING i...

This bug was fixed in the package linux - 5.19.0-31.32

---------------
linux (5.19.0-31.32) kinetic; urgency=medium

* kinetic/linux: 5.19.0-31.32 -proposed tracker (LP: #2003423)

* amdgpu: framebuffer is destroyed and the screen freezes with unsupported IP
    blocks (LP: #2003524)
    - drm/amd: Delay removal of the firmware framebuffer

* Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux (5.19.0-30.31) kinetic; urgency=medium

* kinetic/linux: 5.19.0-30.31 -proposed tracker (LP: #2001756)

* Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.02)

* Add some ACPI device IDs for Intel HID device (LP: #1995453)
    - platform/x86/intel/hid: Add some ACPI device IDs

* Fix iosm: WWAN cannot build the connection (DW5823e) (LP: #1998115)
    - net: wwan: iosm: fix driver not working with INTEL_IOMMU disabled
    - [Config] CONFIG_IOSM update annotations on arm64 armhf ppc64el s390x riscv64

* BPF_[AND|OR|XOR|FETCH|XCHG|CMPXCHG] in net:test_bpf.sh from
    ubuntu_kernel_selftests failed on K-5.19 P9 (LP: #2001618)
    - powerpc/bpf/64: add support for BPF_ATOMIC bitwise operations
    - powerpc/bpf/64: add support for atomic fetch operations
    - powerpc/bpf/64: Add instructions for atomic_[cmp]xchg

* [DEP-8] Run ADT regression suite for lowlatency kernels Jammy and later
    (LP: #1999528)
    - [DEP-8] Fix regression suite to run on lowlatency

* Kinetic update: upstream stable patchset 2022-12-15 (LP: #1999828)
    - serial: ar933x: Deassert Transmit Enable on ->rs485_config()
    - KVM: x86: Trace re-injected exceptions
    - RDMA/cma: Use output interface for net_dev check
    - IB/hfi1: Correctly move list in sc_disable()
    - RDMA/hns: Disable local invalidate operation
    - NFSv4: Fix a potential state reclaim deadlock
    - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
    - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
    - SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
    - NFSv4.2: Fixup CLONE dest file size for zero-length count
    - nfs4: Fix kmemleak when allocate slot failed
    - net: dsa: Fix possible memory leaks in dsa_loop_init()
    - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
    - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
    - net: dsa: fall back to default tagger if we can't load the one from DT
    - nfc: fdp: Fix potential memory leak in fdp_nci_send()
    - nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
    - nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
    - nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
    - net: fec: fix improper use of NETDEV_TX_BUSY
    - ata: pata_legacy: fix pdc20230_set_piomode()
    - net: sched: Fix use after free in red_enqueue()
    - net: tun: fix bugs for oversize packet when napi frags enabled
    - netfilter: nf_tables: netlink notifier might race to release objects
    - netfilter: nf_tables: release flow rule object from commit path
    - ipvs: use explicitly signed chars
    - ipvs: fix WARNING in __ip_vs_cleanup_batch()
    - ipvs: fix WARNING in ip_vs_app_net_cleanup()
    - rose: Fix NULL pointer dereference in rose_send_frame()
    - mISDN: fix possible memory leak in mISDN_register_device()
    - isdn: mISDN: netjet: fix wrong check of device registration
    - btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
    - btrfs: fix inode list leak during backref walking at find_parent_nodes()
    - btrfs: fix ulist leaks in error paths of qgroup self tests
    - netfilter: ipset: enforce documented limit to prevent allocating huge memory
    - Bluetooth: virtio_bt: Use skb_put to set length
    - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
    - Bluetooth: L2CAP: Fix memory leak in vhci_write
    - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
    - ibmvnic: Free rwi on reset success
    - stmmac: dwmac-loongson: fix invalid mdio_node
    - net/smc: Fix possible leaked pernet namespace in smc_init()
    - net, neigh: Fix null-ptr-deref in neigh_table_clear()
    - ipv6: fix WARNING in ip6_route_net_exit_late()
    - vsock: fix possible infinite sleep in vsock_connectible_wait_data()
    - media: rkisp1: Don't pass the quantization to rkisp1_csm_config()
    - media: rkisp1: Initialize color space on resizer sink and source pads
    - media: rkisp1: Use correct macro for gradient registers
    - media: rkisp1: Zero v4l2_subdev_format fields in when validating links
    - media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
    - media: dvb-frontends/drxk: initialize err to 0
    - media: meson: vdec: fix possible refcount leak in vdec_probe()
    - media: v4l: subdev: Fail graciously when getting try data for NULL state
    - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
    - scsi: core: Restrict legal sdev_state transitions via sysfs
    - HID: saitek: add madcatz variant of MMO7 mouse device ID
    - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case
    - i2c: xiic: Add platform module alias
    - efi/tpm: Pass correct address to memblock_reserve
    - clk: qcom: Update the force mem core bit for GPU clocks
    - ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
    - arm64: dts: imx8: correct clock order
    - arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers
    - arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers
    - block: Fix possible memory leak for rq_wb on add_disk failure
    - firmware: arm_scmi: Suppress the driver's bind attributes
    - firmware: arm_scmi: Make Rx chan_setup fail on memory errors
    - firmware: arm_scmi: Fix devres allocation device in virtio transport
    - arm64: dts: juno: Add thermal critical trip points
    - i2c: piix4: Fix adapter not be removed in piix4_remove()
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
    - fscrypt: stop using keyrings subsystem for fscrypt_master_key
    - fscrypt: fix keyring memory leak on mount failure
    - btrfs: fix lost file sync on direct IO write with nowait and dsync iocb
    - btrfs: fix tree mod log mishandling of reallocated nodes
    - btrfs: fix type of parameter generation in btrfs_get_dentry
    - ftrace: Fix use-after-free for dynamic ftrace_ops
    - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
    - kprobe: reverse kp->flags when arm_kprobe failed
    - ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
    - tools/nolibc/string: Fix memcmp() implementation
    - tracing/histogram: Update document for KEYS_MAX size
    - capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
    - fuse: add file_modified() to fallocate
    - efi: random: reduce seed size to 32 bytes
    - efi: random: Use 'ACPI reclaim' memory for random seed
    - arm64: entry: avoid kprobe recursion
    - perf/x86/intel: Fix pebs event constraints for ICL
    - perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
    - perf/x86/intel: Fix pebs event constraints for SPR
    - parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
    - parisc: Export iosapic_serial_irq() symbol for serial port driver
    - parisc: Avoid printing the hardware path twice
    - ext4: fix warning in 'ext4_da_release_space'
    - ext4: fix BUG_ON() when directory entry has invalid rec_len
    - x86/syscall: Include asm/ptrace.h in syscall_wrapper header
    - KVM: x86: Mask off reserved bits in CPUID.80000006H
    - KVM: x86: Mask off reserved bits in CPUID.8000001AH
    - KVM: x86: Mask off reserved bits in CPUID.80000008H
    - KVM: x86: Mask off reserved bits in CPUID.80000001H
    - KVM: x86: Mask off reserved bits in CPUID.8000001FH
    - KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable
    - KVM: arm64: Fix bad dereference on MTE-enabled systems
    - KVM: x86: emulator: em_sysexit should update ctxt->mode
    - KVM: x86: emulator: introduce emulator_recalc_and_set_mode
    - KVM: x86: emulator: update the emulation mode after rsm
    - KVM: x86: emulator: update the emulation mode after CR0 write
    - tee: Fix tee_shm_register() for kernel TEE drivers
    - ext4,f2fs: fix readahead of verity data
    - cifs: fix regression in very old smb1 mounts
    - drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
    - drm/rockchip: dsi: Force synchronous probe
    - drm/i915/sdvo: Filter out invalid outputs more sensibly
    - drm/i915/sdvo: Setup DDC fully before output init
    - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
    - usb: dwc3: gadget: Don't delay End Transfer on delayed_status
    - RDMA/hns: Fix NULL pointer problem in free_mr_init()
    - docs/process/howto: Replace C89 with C11
    - RDMA/rxe: Fix mr leak in RESPST_ERR_RNR
    - tools/nolibc: Fix missing strlen() definition and infinite loop with gcc-12
    - ata: palmld: fix return value check in palmld_pata_probe()
    - net: lan966x: Fix the MTU calculation
    - net: lan966x: Adjust maximum frame size when vlan is enabled/disabled
    - net: lan966x: Fix FDMA when MTU is changed
    - net: lan966x: Fix unmapping of received frames using FDMA
    - bridge: Fix flushing of dynamic FDB entries
    - iio: adc: stm32-adc: fix channel sampling time init
    - drm/vc4: hdmi: Check the HSM rate at runtime_resume
    - hwrng: bcm2835 - use hwrng_msleep() instead of cpu_relax()
    - drm/amdkfd: Fix type of reset_type parameter in hqd_destroy() callback
    - drm/amdgpu: Program GC registers through RLCG interface in gfx_v11/gmc_v11
    - nvme-pci: disable write zeroes on various Kingston SSD
    - bio: safeguard REQ_ALLOC_CACHE bio put
    - clk: rs9: Fix I2C accessors
    - arm64: dts: imx8mm: Enable CPLD_Dn pull down resistor on MX8Menlo
    - clk: renesas: r8a779g0: Fix HSCIF parent clocks
    - arm64: dts: verdin-imx8mp: fix ctrl_sleep_moci
    - arm64: dts: imx8mm: remove otg1/2 power domain dependency on hsio
    - arm64: dts: imx8mm: correct usb power domains
    - arm64: dts: imx8mn: remove otg1 power domain dependency on hsio
    - arm64: dts: imx8mn: Correct the usb power domain
    - drm/rockchip: dw_hdmi: filter regulator -EPROBE_DEFER error messages
    - drm/rockchip: fix fbdev on non-IOMMU devices
    - drm/i915: stop abusing swiotlb_max_segment
    - blk-mq: Fix kmemleak in blk_mq_init_allocated_queue
    - firmware: arm_scmi: Fix deferred_tx_wq release on error paths
    - clk: renesas: r8a779g0: Add SASYNCPER clocks
    - btrfs: fix a memory allocation failure test in btrfs_submit_direct
    - ACPI: NUMA: Add CXL CFMWS 'nodes' to the possible nodes set
    - tracing/fprobe: Fix to check whether fprobe is registered correctly
    - fprobe: Check rethook_alloc() return in rethook initialization
    - fuse: fix readdir cache race
    - net/ulp: remove SOCK_SUPPORT_ZC from tls sockets
    - ARM: dts: imx6dl-yapp4: Do not allow PM to switch PU regulator off on Q/QP
    - net: remove SOCK_SUPPORT_ZC from sockmap
    - net: also flag accepted sockets supporting msghdr originated zerocopy
    - ext4: update the backup superblock's at the end of the online resize
    - x86/tdx: Prepare for using "INFO" call for a second purpose
    - x86/tdx: Panic on bad configs that #VE on "private" memory access
    - KVM: VMX: Fold vmx_supported_debugctl() into vcpu_supported_debugctl()
    - KVM: VMX: Ignore guest CPUID for host userspace writes to DEBUGCTL
    - KVM: Initialize gfn_to_pfn_cache locks in dedicated helper
    - KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache
    - KVM: arm64: Fix SMPRI_EL1/TPIDR2_EL0 trapping on VHE
    - drm/amdgpu: disable GFXOFF during compute for GFX11

* Kinetic update: upstream stable patchset 2022-12-07 (LP: #1999079)
    - can: j1939: transport: j1939_session_skb_drop_old():
      spin_unlock_irqrestore() before kfree_skb()
    - can: kvaser_usb: Fix possible completions during init_completion
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
    - ALSA: au88x0: use explicitly signed char
    - ALSA: rme9652: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: gadget: uvc: fix sg handling in error case
    - usb: gadget: uvc: fix sg handling during video encode
    - usb: dwc3: gadget: Stop processing more requests on IMI
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - mtd: rawnand: marvell: Use correct logic for nand-keep-config
    - xhci: Add quirk to reset host back to default state at shutdown
    - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - iio: temperature: ltc2983: allocate iio channels once
    - iio: adxl372: Fix unsafe buffer attributes
    - fbdev: smscufx: Fix several use-after-free bugs
    - cpufreq: intel_pstate: Read all MSRs on the target CPU
    - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores
    - fs/binfmt_elf: Fix memory leak in load_elf_binary()
    - exec: Copy oldsighand->action under spin-lock
    - mac802154: Fix LQI recording
    - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
    - drm/amdgpu: disallow gfxoff until GC IP blocks complete s2idle resume
    - drm/msm/dsi: fix memory corruption with too many bridges
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - drm/msm/dp: fix IRQ lifetime
    - coresight: cti: Fix hang in cti_disable_hw()
    - mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
    - mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus
    - counter: microchip-tcb-capture: Handle Signal1 read and Synapse
    - kernfs: fix use-after-free in __kernfs_remove
    - pinctrl: Ingenic: JZ4755 bug fixes
    - ARC: mm: fix leakage of memory allocated for PTE
    - perf auxtrace: Fix address filter symbol name match for modules
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - s390/pci: add missing EX_TABLE entries to
      __pcistg_mio_inuser()/__pcilg_mio_inuser()
    - mmc: block: Remove error check of hw_reset on reset
    - ethtool: eeprom: fix null-deref on genl_info in dump
    - net: ieee802154: fix error return code in dgram_bind()
    - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
    - media: atomisp: prevent integer overflow in sh_css_set_black_frame()
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - KVM: selftests: Fix number of pages for memory slot in
      memslot_modification_stress_test
    - ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
    - perf: Fix missing SIGTRAPs
    - sched/core: Fix comparison in sched_group_cookie_match()
    - arc: iounmap() arg is volatile
    - mtd: rawnand: intel: Add missing of_node_put() in ebu_nand_probe()
    - ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap()
    - tipc: fix a null-ptr-deref in tipc_topsrv_accept
    - net: netsec: fix error handling in netsec_register_mdio()
    - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
    - net: hinic: fix memory leak when reading function table
    - net: hinic: fix the issue of CMDQ memory leaks
    - net: hinic: fix the issue of double release MBOX callback of VF
    - net: macb: Specify PHY PM management done by MAC
    - nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - drm/i915/dp: Reset frl trained flag before restarting FRL training
    - atlantic: fix deadlock at aq_nic_stop
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - net-memcg: avoid stalls when under memory pressure
    - drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - media: vivid: set num_in/outputs to 0 if not supported
    - perf vendor events power10: Fix hv-24x7 metric events
    - ipv6: ensure sane device mtu in tunnels
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix VF hang when reset is triggered on another VF
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics
    - net: fec: limit register access on i.MX6UL
    - net: ethernet: ave: Fix MAC to be in charge of PHY PM
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - net: bcmsysport: Indicate MAC is in charge of PHY PM
    - nh: fix scope used to find saddr when adding non gw nh
    - net: broadcom: bcm4908_enet: update TX stats after actual transmission
    - netdevsim: remove dir in nsim_dev_debugfs_init() when creating ports dir
      failed
    - net/mlx5e: Do not increment ESN when updating IPsec ESN state
    - net/mlx5e: Extend SKB room check to include PTP-SQ
    - net/mlx5: Fix possible use-after-free in async command interface
    - net/mlx5: Update fw fatal reporter state on PCI handlers successful recover
    - net/mlx5: Fix crash during sync firmware reset
    - net: do not sense pfmemalloc status in skb_append_pagefrags()
    - kcm: do not sense pfmemalloc status in kcm_sendpage()
    - net: enetc: survive memory pressure without crashing
    - arm64: Add AMPERE1 to the Spectre-BHB affected list
    - can: rcar_canfd: fix channel specific IRQ handling for RZ/G2L
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
    - ALSA: hda/realtek: Add another HP ZBook G9 model quirks
    - usb: gadget: uvc: limit isoc_sg to super speed gadgets
    - usb: gadget: uvc: fix dropped frame after missed isoc
    - usb: gadget: aspeed: Fix probe regression
    - usb: dwc3: gadget: Force sending delayed status during soft disconnect
    - usb: typec: ucsi: Check the connection on resume
    - usb: typec: ucsi: acpi: Implement resume callback
    - usb: dwc3: Don't switch OTG -> peripheral if extcon is present
    - mtd: rawnand: tegra: Fix PM disable depth imbalance in probe
    - mtd: parsers: bcm47xxpart: Fix halfblock reads
    - iio: adxl367: Fix unsafe buffer attributes
    - fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards
    - drm/amdgpu: Fix VRAM BO swap issue
    - drm/i915: Extend Wa_1607297627 to Alderlake-P
    - drm/amdgpu: Remove ATC L2 access for MMHUB 2.1.x
    - drm/amdgpu: fix pstate setting issue
    - drm/amdkfd: update gfx1037 Lx cache setting
    - drm/amdkfd: correct the cache info for gfx1036
    - drm/msm: fix use-after-free on probe deferral
    - drm/msm/hdmi: fix IRQ lifetime
    - drm/msm/dp: fix memory corruption with too many bridges
    - drm/msm/dp: fix bridge lifetime
    - mmc: queue: Cancel recovery work on cleanup
    - mmc: core: Fix WRITE_ZEROES CQE handling
    - counter: 104-quad-8: Fix race getting function mode and direction
    - mm/uffd: fix vma check on userfault for wp
    - mm: migrate: fix return value if all subpages of THPs are migrated
      successfully
    - mm,madvise,hugetlb: fix unexpected data loss with MADV_DONTNEED on hugetlbfs
    - mm/huge_memory: do not clobber swp_entry_t during THP split
    - s390/cio: fix out-of-bounds access on cio_ignore free
    - s390/uaccess: add missing EX_TABLE entries to __clear_user()
    - ACPI: PCC: Fix unintentional integer overflow
    - powerpc/64s/interrupt: Fix clear of PACA_IRQS_HARD_DIS when returning to
      soft-masked context
    - media: amphion: release m2m ctx when releasing vpu instance
    - media: ov8865: Fix an error handling path in ov8865_probe()
    - media: sun6i-csi: Add a Kconfig dependency on RESET_CONTROLLER
    - media: sun4i-csi: Add a Kconfig dependency on RESET_CONTROLLER
    - media: sun8i-di: Add a Kconfig dependency on RESET_CONTROLLER
    - media: sun8i-rotate: Add a Kconfig dependency on RESET_CONTROLLER
    - media: cedrus: Add a Kconfig dependency on RESET_CONTROLLER
    - drm/msm/a6xx: Replace kcalloc() with kvzalloc()
    - drm/msm/dp: add atomic_check to bridge ops
    - drm/msm/dp: cleared DP_DOWNSPREAD_CTRL register before start link training
    - ASoC: codec: tlv320adc3xxx: add GPIOLIB dependency
    - pinctrl: qcom: Avoid glitching lines when we first mux to output
    - spi: qup: support using GPIO as chip select line
    - x86/fpu: Configure init_fpstate attributes orderly
    - x86/fpu: Fix the init_fpstate size check with the actual size
    - x86/fpu: Exclude dynamic states from init_fpstate
    - bpf: prevent decl_tag from being referenced in func_proto
    - mtd: rawnand: intel: Remove unused nand_pa member from ebu_nand_cs
    - mtd: rawnand: intel: Use devm_platform_ioremap_resource_byname()
    - ASoC: codecs: tlv320adc3xxx: Wrap adc3xxx_i2c_remove() in __exit_p()
    - spi: aspeed: Fix window offset of CE1
    - net: lan966x: Fix the rx drop counter
    - x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
    - amd-xgbe: Yellow carp devices do not need rrc
    - drm/i915/dgfx: Keep PCI autosuspend control 'on' by default on all dGPU
    - net: lan966x: Stop replacing tx dcbs and dcbs_buf when changing MTU
    - mptcp: set msk local address earlier
    - netdevsim: fix memory leak in nsim_bus_dev_new()
    - net/mlx5: Wait for firmware to enable CRS before pci_restore_state
    - net/mlx5: DR, Fix matcher disconnect error flow
    - net/mlx5e: Update restore chain id for slow path packets
    - net/mlx5e: TC, Reject forwarding from internal port to internal port
    - riscv: mm: add missing memcpy in kasan_init

* Virtual GPU driver packaging regression (LP: #1996112)
    - [Packaging] Reintroduce VM DRM drivers into modules

* Fix AMD-PState driver for Genoa CPU (LP: #1998106)
    - Documentation: amd-pstate: Add unit test introduction
    - cpufreq: amd-pstate: cpufreq: amd-pstate: reset MSR_AMD_PERF_CTL register at
      init
    - cpufreq: amd-pstate: change amd-pstate driver to be built-in type
    - cpufreq: amd-pstate: add amd-pstate driver parameter for mode selection
    - Documentation: amd-pstate: add driver working mode introduction
    - Documentation: add amd-pstate kernel command line options

* Kinetic update: upstream stable patchset 2022-11-30 (LP: #1998398)
    - clk: tegra: Fix Tegra PWM parent clock
    - Revert "btrfs: call __btrfs_remove_free_space_cache_locked on cache load
      failure"
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
    - cpufreq: qcom: fix writes in read-only memory region
    - i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - hwmon/coretemp: Handle large core ID value
    - ata: ahci-imx: Fix MODULE_ALIAS
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
    - x86/resctrl: Fix min_cbm_bits for AMD
    - cpufreq: qcom: fix memory leak in error path
    - drm/amdgpu: fix sdma doorbell init ordering on APUs
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - kvm: Add support for arch compat vm ioctls
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - media: ipu3-imgu: Fix NULL pointer dereference in active selection access
    - media: mceusb: set timeout to at least timeout provided
    - media: venus: dec: Handle the case where find_format fails
    - x86/topology: Fix multiple packages shown on a single-package system
    - x86/topology: Fix duplicated core ID within a package
    - btrfs: fix processing of delayed data refs during backref walking
    - btrfs: fix processing of delayed tree block refs during backref walking
    - drm/vc4: Add module dependency on hdmi-codec
    - ACPI: extlog: Handle multiple records
    - tipc: Fix recognition of trial period
    - tipc: fix an information leak in tipc_topsrv_kern_subscr
    - i40e: Fix DMA mappings leak
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - sfc: Change VF mac via PF as first preference if available.
    - net/atm: fix proc_mpc_write incorrect return value
    - net: phy: dp83867: Extend RX strap quirk for SGMII mode
    - net: phylink: add mac_managed_pm in phylink_config structure
    - scsi: lpfc: Fix memory leak in lpfc_create_port()
    - udp: Update reuse->has_conns under reuseport_lock.
    - cifs: Fix xid leak in cifs_create()
    - cifs: Fix xid leak in cifs_copy_file_range()
    - cifs: Fix xid leak in cifs_flock()
    - cifs: Fix xid leak in cifs_ses_add_channel()
    - dm: remove unnecessary assignment statement in alloc_dev()
    - net: hsr: avoid possible NULL deref in skb_clone()
    - ionic: catch NULL pointer issue on reconfig
    - netfilter: nf_tables: relax NFTA_SET_ELEM_KEY_END set flags requirements
    - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
    - nvme-hwmon: kmalloc the NVME SMART log buffer
    - nvmet: fix workqueue MEM_RECLAIM flushing dependency
    - net: sched: cake: fix null pointer access issue when cake_init() fails
    - net: sched: delete duplicate cleanup of backlog and qlen
    - net: sched: sfb: fix null pointer access issue when sfb_init() fails
    - sfc: include vport_id in filter spec hash and equal()
    - wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
    - net: hns: fix possible memory leak in hnae_ae_register()
    - net: sched: fix race condition in qdisc_graft()
    - net: phy: dp83822: disable MDI crossover status change interrupt
    - iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - ACPI: video: Force backlight native for more TongFang devices
    - x86/Kconfig: Drop check for -mabi=ms for CONFIG_EFI_STUB
    - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
    - smb3: interface count displayed incorrectly
    - cpufreq: tegra194: Fix module loading
    - KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
    - KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
    - media: venus: Fix NV12 decoder buffer discovery on HFI_VERSION_1XX
    - drm/vc4: hdmi: Enforce the minimum rate at runtime_resume
    - net/smc: Fix an error code in smc_lgr_create()
    - net: stmmac: Enable mac_managed_pm phylink config
    - blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
    - net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe()
    - net: ethernet: mtk_eth_wed: add missing put_device() in mtk_wed_add_hw()
    - net: ethernet: mtk_eth_wed: add missing of_node_put()
    - ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed
    - cifs: Fix memory leak when build ntlmssp negotiate blob failed
    - netfilter: rpfilter/fib: Populate flowic_l3mdev field
    - netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
    - net: Fix return value of qdisc ingress handling on success
    - drbd: only clone bio if we have a backing device
    - wifi: mt76: mt7921e: fix random fw download fail

* Mediatek WLAN RZ616(MT7922) SAR table control (LP: #1997200)
    - mt76: add 6 GHz band support in mt76_sar_freq_ranges
    - mt76: mt7921: introduce ACPI SAR support
    - mt76: mt7921: introduce ACPI SAR config in tx power
    - wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()

* Kinetic update: upstream stable patchset 2022-11-14 (LP: #1996540)
    - scsi: qla2xxx: Fix response queue handler reading stale packets
    - Upstream stable to v5.15.74, v6.0.2
    - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
    - mmc: sdhci-msm: add compatible string check for sdm670
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - gcov: support GCC 12.1 and newer compilers
    - io-wq: Fix memory leak in worker creation
    - arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
    - serial: Deassert Transmit Enable on probe in driver-specific way
    - KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1)
    - drm/amd/display: Enable dpia support for dcn314
    - drm/amdgpu: Enable F32_WPTR_POLL_ENABLE in mqd
    - libbpf: Initialize err in probe_map_create
    - libbpf: Fix crash if SEC("freplace") programs don't have attach_prog_fd set
    - libbpf: Fix NULL pointer exception in API btf_dump__dump_type_data
    - drm/vc4: drv: Call component_unbind_all()
    - video/aperture: Disable and unregister sysfb devices via aperture helpers
    - drm/bridge: anx7625: Fix refcount bug in anx7625_parse_dt()
    - drm/i915/dg2: Bump up CDCLK for DG2
    - drm/panel: use 'select' for Ili9341 panel driver helpers
    - drm: fix drm_mipi_dbi build errors
    - ALSA: hda/hdmi: change type for the 'assigned' variable
    - ALSA: hda/hdmi: Fix the converter allocation for the silent stream
    - arm64: dts: qcom: sc7280: Cleanup the lpasscc node
    - arm64: dts: qcom: sc7280: Update lpasscore node
    - arm64: dts: qcom: pm8350c: Drop PWM reg declaration
    - arm64: dts: qcom: sc7180-trogdor: Keep pm6150_adc enabled for TZ
    - arm64: dts: qcom: sm8350-sagami: correct TS pin property
    - soc/tegra: fuse: Add missing of_node_put() in tegra_init_fuse()
    - arm64: dts: qcom: ipq8074: fix PCIe PHY serdes size
    - arm64: dts: qcom: sm8450: fix UFS PHY serdes size
    - arm64: dts: exynos: fix polarity of "enable" line of NFC chip in TM2
    - selftests/cpu-hotplug: Use return instead of exit
    - selftests/cpu-hotplug: Delete fault injection related code
    - selftests/cpu-hotplug: Reserve one cpu online at least
    - usb: common: usb-conn-gpio: Simplify some error message
    - HID: uclogic: Fix warning in uclogic_rdesc_template_apply
    - tty: xilinx_uartps: Check clk_enable return value
    - fpga: dfl-pci: Add IDs for Intel N6000, N6001 and C6100 cards
    - iio: Use per-device lockdep class for mlock
    - scsi: lpfc: Fix various issues reported by tools
    - phy: qcom-qmp-usb: disable runtime PM on unbind
    - block: Fix the enum blk_eh_timer_return documentation
    - RDMA/rxe: Set pd early in mr alloc routines
    - clk: imx8mp: tune the order of enet_qos_root_clk
    - libbpf: Ensure functions with always_inline attribute are inline
    - libbpf: Do not require executable permission for shared libraries
    - micrel: ksz8851: fixes struct pointer issue
    - net: ftmac100: fix endianness-related issues from 'sparse'
    - net: sched: cls_u32: Avoid memcpy() false-positive warning
    - libbpf: Fix overrun in netlink attribute iteration
    - ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support
    - ASoC: sunxi: sun4i-codec: set debugfs_prefix for CPU DAI component
    - ASoC: amd: yc: Add ASUS UM5302TA into DMI table
    - ASoC: amd: yc: Add Lenovo Yoga Slim 7 Pro X to quirks table
    - arm64: dts: qcom: sc7280-idp: correct ADC channel node name and unit address
    - ARM: orion: fix include path
    - hid: topre: Add driver fixing report descriptor
    - [Config] updateconfigs for HID_TOPRE
    - fsi: master-ast-cf: Fix missing of_node_put in fsi_master_acf_probe
    - dmaengine: dw-edma: Remove runtime PM support
    - HID: playstation: stop DualSense output work on remove.
    - HID: playstation: add initial DualSense Edge controller support
    - net: flag sockets supporting msghdr originated zerocopy
    - drm/amd/pm: disable cstate feature for gpu reset scenario
    - dm clone: Fix typo in block_device format specifier

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 20 Jan 2023 14:57:58 +0100

Changed in linux (Ubuntu Kinetic):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-10:

#12

This bug is awaiting verification that the linux-kvm/4.15.0-1136.141 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-bionic-linux-kvm

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-10:

#13

This bug is awaiting verification that the linux-aws/5.19.0-1020.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-kinetic' to 'verification-done-kinetic'. If the problem still exists, change the tag 'verification-needed-kinetic' to 'verification-failed-kinetic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-kinetic-linux-aws

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-10:

#14

This bug is awaiting verification that the linux-bluefield/5.4.0-1058.64 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-bluefield

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-10:

#15

This bug is awaiting verification that the linux-lowlatency-hwe-5.19/5.19.0-1017.18~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-lowlatency-hwe-5.19

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-11:

#16

This bug is awaiting verification that the linux-snapdragon/4.15.0-1146.156 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-bionic-linux-snapdragon

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-11:

#17

This bug is awaiting verification that the linux-azure/5.15.0-1034.41 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-azure

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-11:

#18

This bug is awaiting verification that the linux-aws/5.4.0-1097.105 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-aws

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-12:

#19

This bug is awaiting verification that the linux-azure/5.4.0-1104.110 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-azure

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-13:

#20

This bug is awaiting verification that the linux-azure/5.19.0-1021.22 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-kinetic' to 'verification-done-kinetic'. If the problem still exists, change the tag 'verification-needed-kinetic' to 'verification-failed-kinetic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-kinetic-linux-azure

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-13:

#21

This bug is awaiting verification that the linux-aws/5.15.0-1031.35 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-17:

#22

This bug is awaiting verification that the linux-raspi/5.15.0-1025.27 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-raspi

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-18:

#23

This bug is awaiting verification that the linux-raspi/5.19.0-1014.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-kinetic' to 'verification-done-kinetic'. If the problem still exists, change the tag 'verification-needed-kinetic' to 'verification-failed-kinetic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-kinetic-linux-raspi

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-18:

#24

This bug is awaiting verification that the linux-raspi/5.4.0-1081.92 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-raspi

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-18:

#25

This bug is awaiting verification that the linux-raspi2/4.15.0-1128.136 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-02-18

tags:

added: kernel-spammed-bionic-linux-raspi2

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-22:

#27

This bug is awaiting verification that the linux-realtime/5.15.0-1033.36 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-realtime

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-24:

#28

This bug is awaiting verification that the linux-xilinx-zynqmp/5.4.0-1022.26 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-focal-linux-xilinx-zynqmp

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-02-25:

#29

This bug is awaiting verification that the linux-azure-4.15/4.15.0-1162.177 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-bionic-linux-azure-4.15

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-03-03:

#30

This bug was fixed in the package linux - 6.1.0-16.16

---------------
linux (6.1.0-16.16) lunar; urgency=medium

* lunar/linux: 6.1.0-16.16 -proposed tracker (LP: #2008480)

* Packaging resync (LP: #1786013)
- debian/dkms-versions -- temporarily drop broken dkms

-- Andrea Righi <email address hidden> Fri, 24 Feb 2023 14:24:48 +0100

Changed in linux (Ubuntu):
status:	Triaged → Fix Released

Dimitri John Ledkov (xnox) on 2023-03-06

tags:	added: verification-done-bionic verification-done-focal verification-done-jammy verification-done-kinetic removed: verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-kinetic
tags:	added: kernel-stable-tracking-bug

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-03-13

tags:

removed: verification-done-jammy

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-03-16

tags:

removed: verification-done-focal

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-03-16

tags:

removed: verification-done-kinetic

Revision history for this message

Brian Murray (brian-murray) wrote on 2023-06-02: [linux-azure-fde/focal] verification still needed

#31

The fix for this bug has been awaiting testing feedback in the -proposed repository for focal for more than 90 days. Please test this fix and update the bug appropriately with the results. In the event that the fix for this bug is still not verified 15 days from now, the package will be removed from the -proposed repository.

tags:

added: removal-candidate

Ubuntu
linux package

Revoke & rotate to new signing key

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	Fix Released	High	Unassigned
Focal	Fix Released	High	Unassigned
Jammy	Fix Released	High	Unassigned
Kinetic	Fix Released	High	Unassigned

Ubuntulinux package

Revoke & rotate to new signing key

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package