Bug #1992033 “focal/linux-azure-cvm: 5.4.0-1095.101+cvm1 -propos...” : Series regression-testing : Bugs : Kernel SRU Workflow

Luke Nowakowski-Krijger (lukenow) on 2022-10-06

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2022.10.10-1
description:	updated
tags:	added: kernel-sru-derivative-of-1992037

Luke Nowakowski-Krijger (lukenow) on 2022-10-06

Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-06

Changed in linux-azure-cvm (Ubuntu Focal):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-06

description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-06

tags:	added: kernel-jira-issue-ksru-5157
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-25

description:

updated

Marcelo Cerri (mhcerri) on 2022-10-28

summary:

- focal/linux-azure-cvm: <version to be filled> -proposed tracker
+ focal/linux-azure-cvm: 5.4.0-1092.97+cvm2 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-28

description:

updated

Andy Whitcroft (apw) on 2022-10-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-28

description:

updated

Andy Whitcroft (apw) on 2022-10-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-28

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-28

description:

updated

Marcelo Cerri (mhcerri) on 2022-10-31

summary:

- focal/linux-azure-cvm: 5.4.0-1092.97+cvm2 -proposed tracker
+ focal/linux-azure-cvm: 5.4.0-1095.101+cvm1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Andy Whitcroft (apw) on 2022-10-31

tags:	added: kernel-signing-bot
Changed in canonical-signing-jobs:
assignee:	nobody → Andy Whitcroft (apw)
importance:	Undecided → Medium
importance explanation:	unset → unset
status explanation:	unset → # title kernel 1992033 validate --publications ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14059092 ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14059090 ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14059091 ~canonical-kernel-team/+archive/ubuntu/ppa-ps/+sourcepub/14059114 ~canonical-kernel-team/+archive/ubuntu/ppa-ps/+sourcepub/14059115 copy --from ppa:canonical-kernel-team/ubuntu/ppa --from-suite focal --sources linux-restricted-modules-azure-cvm/5.4.0-1095.101+cvm1 linux-azure-cvm/5.4.0-1095.101+cvm1 linux-meta-azure-cvm/5.4.0.1095.85 --from ppa:canonical-kernel-team/ubuntu/ppa-ps --from-suite focal --sources linux-restricted-generate-azure-cvm/5.4.0-1095.101+cvm1 linux-restricted-signatures-azure-cvm/5.4.0-1095.101+cvm1/signing --to ppa:canonical-signing/ubuntu/primary --to-suite focal copy --from ppa:canonical-signing/ubuntu/primary --from-suite focal --sources linux-restricted-modules-azure-cvm/5.4.0-1095.101+cvm1 linux-azure-cvm/5.4.0-1095.101+cvm1 linux-meta-azure-cvm/5.4.0.1095.85 linux-restricted-signatures-azure-cvm/5.4.0-1095.101+cvm1 --to ubuntu --to-suite focal-proposed delete --from ppa:canonical-signing/ubuntu/primary --from-suite focal --sources linux-restricted-modules-azure-cvm/5.4.0-1095.101+cvm1 linux-azure-cvm/5.4.0-1095.101+cvm1 linux-meta-azure-cvm/5.4.0.1095.85 linux-restricted-generate-azure-cvm/5.4.0-1095.101+cvm1 linux-restricted-signatures-azure-cvm/5.4.0-1095.101+cvm1
status:	New → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

Changed in canonical-signing-jobs:
status:	Triaged → Incomplete
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Andy Whitcroft (apw) on 2022-10-31

Changed in canonical-signing-jobs:
status:	Incomplete → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-10-31

description:

updated

Marcelo Cerri (mhcerri) on 2022-11-08

tags:

added: boot-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-08

description:	updated
Changed in canonical-signing-jobs:
status:	Triaged → Confirmed
description:	updated

Andy Whitcroft (apw) on 2022-11-08

Changed in canonical-signing-jobs:
status:	Confirmed → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Andy Whitcroft (apw) on 2022-11-09

Changed in canonical-signing-jobs:
importance explanation:	unset → Successful
status:	In Progress → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-15

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-11-15:

#1

Download full text (32.6 KiB)

This bug was fixed in the package linux-azure-cvm - 5.4.0-1095.101+cvm1

---------------
linux-azure-cvm (5.4.0-1095.101+cvm1) focal; urgency=medium

* focal/linux-azure-cvm: 5.4.0-1095.101+cvm1 -proposed tracker (LP: #1992033)

[ Ubuntu: 5.4.0-1095.101 ]

  * focal/linux-azure: 5.4.0-1095.101 -proposed tracker (LP: #1992037)
  * ubuntu_bpf failed to build on F-azure-5.4 / B-azure-5.4 ( error:
    ‘bpf_object_open_opts’ undeclared) (LP: #1990794)
    - Revert "bpf, testing: Add selftest to read/write sockaddr from user space"
  * CVE-2022-42719
    - mac80211: mlme: find auth challenge directly
    - wifi: mac80211: don't parse mbssid in assoc response
    - wifi: mac80211: fix MBSSID parsing use-after-free
  * iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
    (LP: #1983656)
    - iavf: Fix set max MTU size with port VLAN and jumbo frames
    - i40e: Fix VF set max MTU size
  * fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
    (LP: #1990800)
    - SAUCE: selftests/net: skipping tests for older ip command releases
  * CVE-2022-29901
    - Revert "x86/speculation: Add RSB VM Exit protections"
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Remove skip_r11rcx
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - intel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
    - KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
    - KVM: VMX: Flatten __vmx_vcpu_run()
    - KVM: VMX: Convert launched argument to flags
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protect...

This bug was fixed in the package linux-azure-cvm - 5.4.0-1095.101+cvm1

---------------
linux-azure-cvm (5.4.0-1095.101+cvm1) focal; urgency=medium

* focal/linux-azure-cvm: 5.4.0-1095.101+cvm1 -proposed tracker (LP: #1992033)

[ Ubuntu: 5.4.0-1095.101 ]

* focal/linux-azure: 5.4.0-1095.101 -proposed tracker (LP: #1992037)
  * ubuntu_bpf failed to build on F-azure-5.4 / B-azure-5.4 ( error:
    ‘bpf_object_open_opts’ undeclared) (LP: #1990794)
    - Revert "bpf, testing: Add selftest to read/write sockaddr from user space"
  * CVE-2022-42719
    - mac80211: mlme: find auth challenge directly
    - wifi: mac80211: don't parse mbssid in assoc response
    - wifi: mac80211: fix MBSSID parsing use-after-free
  * iavf: SR-IOV VFs error with no traffic flow when MTU greater than 1500
    (LP: #1983656)
    - iavf: Fix set max MTU size with port VLAN and jumbo frames
    - i40e: Fix VF set max MTU size
  * fib_nexthop_nongw.sh from ubuntu_kernel_selftests failed on B-5.4
    (LP: #1990800)
    - SAUCE: selftests/net: skipping tests for older ip command releases
  * CVE-2022-29901
    - Revert "x86/speculation: Add RSB VM Exit protections"
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Remove skip_r11rcx
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - intel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
    - KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
    - KVM: VMX: Flatten __vmx_vcpu_run()
    - KVM: VMX: Convert launched argument to flags
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protections
  * ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
    systems (LP: #1990985)
    - ACPI: processor_idle: Skip dummy wait if kernel is in guest
    - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel
      systems
  * cgroup: all controllers mounted when using 'cgroup_no_v1=' (LP: #1988584)
    - cgroup-v1: add disabled controller check in cgroup1_parse_param()
  * Focal update: v5.4.212 upstream stable release (LP: #1991156)
    - audit: fix potential double free on error path from fsnotify_add_inode_mark
    - parisc: Fix exception handler for fldw and fstw instructions
    - kernel/sys_ni: add compat entry for fadvise64_64
    - usb: cdns3: Fix issue for clear halt endpoint
    - pinctrl: amd: Don't save/restore interrupt status and wake status bits
    - sched/deadline: Unthrottle PI boosted threads while enqueuing
    - sched/deadline: Fix stale throttling on de-/boosted tasks
    - sched/deadline: Fix priority inheritance with multiple scheduling classes
    - kernel/sched: Remove dl_boosted flag comment
    - xfrm: fix refcount leak in __xfrm_policy_check()
    - SUNRPC: RPC level errors should set task->tk_rpc_status
    - rose: check NULL rose_loopback_neigh->loopback
    - net/mlx5e: Properly disable vlan strip on non-UL reps
    - net: moxa: get rid of asymmetry in DMA mapping/unmapping
    - bonding: 802.3ad: fix no transmission of LACPDUs
    - net: ipvtap - add __init/__exit annotations to module init/exit funcs
    - netfilter: ebtables: reject blobs that don't provide all entry points
    - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
    - netfilter: nft_payload: report ERANGE for too long offset and length
    - netfilter: nft_payload: do not truncate csum_offset and csum_type
    - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
    - netfilter: nft_tunnel: restrict it to netdev family
    - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
    - net: Fix data-races around netdev_tstamp_prequeue.
    - ratelimit: Fix data-races in ___ratelimit().
    - net: Fix a data-race around sysctl_tstamp_allow_data.
    - net: Fix a data-race around sysctl_net_busy_poll.
    - net: Fix a data-race around sysctl_net_busy_read.
    - net: Fix a data-race around netdev_budget.
    - net: Fix a data-race around netdev_budget_usecs.
    - net: Fix a data-race around sysctl_somaxconn.
    - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
    - btrfs: fix silent failure when deleting root reference
    - btrfs: replace: drop assert for suspended replace
    - btrfs: add info when mount fails due to stale replace target
    - btrfs: check if root is readonly while setting security xattr
    - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
    - loop: Check for overflow while configuring loop
    - asm-generic: sections: refactor memory_intersects
    - s390: fix double free of GS and RI CBs on fork() failure
    - ACPI: processor: Remove freq Qos request for all CPUs
    - mm/hugetlb: fix hugetlb not supporting softdirty tracking
    - md: call __md_stop_writes in md_stop
    - perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
    - scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
    - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
    - s390/mm: do not trigger write fault when vma does not allow VM_WRITE
    - x86/bugs: Add "unknown" reporting for MMIO Stale Data
    - kbuild: Fix include path in scripts/Makefile.modpost
    - Bluetooth: L2CAP: Fix build errors in some archs
    - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
    - udmabuf: Set the DMA mask for the udmabuf device (v2)
    - media: pvrusb2: fix memory leak in pvr_probe
    - HID: hidraw: fix memory leak in hidraw_release()
    - fbdev: fb_pm2fb: Avoid potential divide by zero error
    - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is
      dead
    - bpf: Don't redirect packets with invalid pkt_len
    - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
    - btrfs: introduce btrfs_lookup_match_dir
    - btrfs: do not pin logs too early during renames
    - btrfs: unify lookup return value when dir entry is missing
    - drm/amd/display: Avoid MPC infinite loop
    - drm/amd/display: clear optc underflow before turn off odm clock
    - neigh: fix possible DoS due to net iface start/stop loop
    - s390/hypfs: avoid error message under KVM
    - drm/amd/display: Fix pixel clock programming
    - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
    - btrfs: tree-checker: check for overlapping extent items
    - lib/vdso: Let do_coarse() return 0 to simplify the callsite
    - lib/vdso: Mark do_hres() and do_coarse() as __always_inline
    - kprobes: don't call disarm_kprobe() for disabled kprobes
    - net/af_packet: check len when min_header_len equals to 0
    - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
    - Linux 5.4.212
  * Focal update: v5.4.211 upstream stable release (LP: #1990190)
    - Makefile: link with -z noexecstack --no-warn-rwx-segments
    - x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments
    - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
    - ALSA: bcd2000: Fix a UAF bug on the error path of probing
    - igc: Remove _I_PHY_ID checking
    - wifi: mac80211_hwsim: fix race condition in pending packet
    - wifi: mac80211_hwsim: add back erroneously removed cast
    - wifi: mac80211_hwsim: use 32-bit skb cookie
    - add barriers to buffer_uptodate and set_buffer_uptodate
    - HID: wacom: Only report rotation for art pen
    - HID: wacom: Don't register pad_input for touch switch
    - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
    - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
    - KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
    - KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
    - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks
    - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP
    - mm/mremap: hold the rmap lock in write mode when moving page table entries.
    - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
    - ALSA: hda/cirrus - support for iMac 12,1 model
    - ALSA: hda/realtek: Add quirk for another Asus K42JZ model
    - tty: vt: initialize unicode screen buffer
    - vfs: Check the truncate maximum size in inode_newsize_ok()
    - fs: Add missing umask strip in vfs_tmpfile
    - thermal: sysfs: Fix cooling_device_stats_setup() error code path
    - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
    - usbnet: Fix linkwatch use-after-free on disconnect
    - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
    - parisc: Fix device names in /proc/iomem
    - parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode
    - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
    - drm/nouveau: fix another off-by-one in nvbios_addr
    - drm/amdgpu: Check BO's requested pinning domains against its
      preferred_domains
    - iio: light: isl29028: Fix the warning in isl29028_remove()
    - fuse: limit nsec
    - serial: mvebu-uart: uart2 error bits clearing
    - md-raid10: fix KASAN warning
    - ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr()
    - PCI: Add defines for normal and subtractive PCI bridges
    - powerpc/fsl-pci: Fix Class Code of PCIe Root Port
    - powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E
    - powerpc/powernv: Avoid crashing if rng is NULL
    - MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - coresight: Clear the connection field properly
    - USB: HCD: Fix URB giveback issue in tasklet function
    - ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC
    - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
    - netfilter: nf_tables: fix null deref due to zeroed list head
    - epoll: autoremove wakers even more aggressively
    - x86: Handle idle=nomwait cmdline properly for x86_idle
    - arm64: Do not forget syscall when starting a new thread.
    - arm64: fix oops in concurrently setting insn_emulation sysctls
    - ext2: Add more validity checks for inode counts
    - genirq: Don't return error on missing optional irq_request_resources()
    - wait: Fix __wait_event_hrtimeout for RT/DL tasks
    - ARM: dts: imx6ul: add missing properties for sram
    - ARM: dts: imx6ul: change operating-points to uint32-matrix
    - ARM: dts: imx6ul: fix csi node compatible
    - ARM: dts: imx6ul: fix lcdif node compatible
    - ARM: dts: imx6ul: fix qspi node compatible
    - spi: synquacer: Add missing clk_disable_unprepare()
    - ARM: OMAP2+: display: Fix refcount leak bug
    - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
    - ACPI: PM: save NVS memory for Lenovo G40-45
    - ACPI: LPSS: Fix missing check in register_device_clock()
    - arm64: dts: qcom: ipq8074: fix NAND node name
    - arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
    - ARM: shmobile: rcar-gen2: Increase refcount for new reference
    - PM: hibernate: defer device probing when resuming from hibernation
    - selinux: Add boundary check in put_entry()
    - spi: spi-rspi: Fix PIO fallback on RZ platforms
    - ARM: findbit: fix overflowing offset
    - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
    - ARM: bcm: Fix refcount leak in bcm_kona_smc_init
    - x86/pmem: Fix platform-device leak in error path
    - ARM: dts: ast2500-evb: fix board compatible
    - ARM: dts: ast2600-evb: fix board compatible
    - soc: fsl: guts: machine variable might be unset
    - ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg
    - ARM: OMAP2+: Fix refcount leak in omapdss_init_of
    - ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
    - cpufreq: zynq: Fix refcount leak in zynq_get_revision
    - soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register
    - ARM: dts: qcom: pm8841: add required thermal-sensor-cells
    - bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe()
    - arm64: dts: mt7622: fix BPI-R64 WPS button
    - erofs: avoid consecutive detection for Highmem memory
    - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
    - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
    - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
    - thermal/tools/tmon: Include pthread and time headers in tmon.h
    - dm: return early from dm_pr_call() if DM device is suspended
    - ath10k: do not enforce interrupt trigger type
    - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
    - drm/mipi-dbi: align max_chunk to 2 in spi_transfer
    - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
    - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function
    - drm: adv7511: override i2c address of cec before accessing it
    - i2c: Fix a potential use after free
    - media: tw686x: Register the irq at the end of probe
    - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
      il4965_rs_fill_link_cmd()
    - drm: bridge: adv7511: Add check for mipi_dsi_driver_register
    - drm/mcde: Fix refcount leak in mcde_dsi_bind
    - media: hdpvr: fix error value returns in hdpvr_read
    - drm/vc4: plane: Remove subpixel positioning check
    - drm/vc4: plane: Fix margin calculations for the right/bottom edges
    - drm/vc4: dsi: Correct DSI divider calculations
    - crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE
    - drm/rockchip: vop: Don't crash for invalid duplicate_state()
    - drm/rockchip: Fix an error handling path rockchip_dp_probe()
    - drm/mediatek: dpi: Remove output format of YUV
    - drm/mediatek: dpi: Only enable dpi after the bridge is enabled
    - drm: bridge: sii8620: fix possible off-by-one
    - drm/msm/mdp5: Fix global state lock backoff
    - crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq
    - media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment
    - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
    - drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed.
    - tcp: make retransmitted SKB fit into the send window
    - libbpf: Fix the name of a reused map
    - selftests: timers: valid-adjtimex: build fix for newer toolchains
    - selftests: timers: clocksource-switch: fix passing errors from child
    - fs: check FMODE_LSEEK to control internal pipe splicing
    - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
    - wifi: p54: Fix an error handling path in p54spi_probe()
    - wifi: p54: add missing parentheses in p54_flush()
    - selftests/bpf: fix a test for snprintf() overflow
    - can: pch_can: do not report txerr and rxerr during bus-off
    - can: rcar_can: do not report txerr and rxerr during bus-off
    - can: sja1000: do not report txerr and rxerr during bus-off
    - can: hi311x: do not report txerr and rxerr during bus-off
    - can: sun4i_can: do not report txerr and rxerr during bus-off
    - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
    - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
    - can: usb_8dev: do not report txerr and rxerr during bus-off
    - can: error: specify the values of data[5..7] of CAN error frames
    - can: pch_can: pch_can_error(): initialize errc before using it
    - Bluetooth: hci_intel: Add check for platform_driver_register
    - i2c: cadence: Support PEC for SMBus block read
    - i2c: mux-gpmux: Add of_node_put() when breaking out of loop
    - wifi: wil6210: debugfs: fix uninitialized variable use in
      `wil_write_file_wmi()`
    - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
    - wifi: libertas: Fix possible refcount leak in if_usb_probe()
    - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
    - crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
    - iavf: Fix max_rate limiting
    - netdevsim: Avoid allocation warnings triggered from user space
    - net: rose: fix netdev reference changes
    - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
    - clk: renesas: r9a06g032: Fix UART clkgrp bitsel
    - mtd: maps: Fix refcount leak in of_flash_probe_versatile
    - mtd: maps: Fix refcount leak in ap_flash_init
    - mtd: rawnand: meson: Fix a potential double free issue
    - HID: cp2112: prevent a buffer overflow in cp2112_xfer()
    - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
    - mtd: partitions: Fix refcount leak in parse_redboot_of
    - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path
    - fpga: altera-pr-ip: fix unsigned comparison with less than zero
    - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
    - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
    - usb: xhci: tegra: Fix error check
    - clk: mediatek: reset: Fix written reset bit offset
    - misc: rtsx: Fix an error handling path in rtsx_pci_probe()
    - driver core: fix potential deadlock in __driver_attach
    - clk: qcom: clk-krait: unlock spin after mux completion
    - usb: host: xhci: use snprintf() in xhci_decode_trb()
    - clk: qcom: ipq8074: fix NSS port frequency tables
    - clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
    - clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
    - soundwire: bus_type: fix remove and shutdown support
    - intel_th: Fix a resource leak in an error handling path
    - intel_th: msu-sink: Potential dereference of null pointer
    - intel_th: msu: Fix vmalloced buffers
    - staging: rtl8192u: Fix sleep in atomic context bug in
      dm_fsync_timer_callback
    - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
    - memstick/ms_block: Fix some incorrect memory allocation
    - memstick/ms_block: Fix a memory leak
    - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
    - scsi: smartpqi: Fix DMA direction for RAID requests
    - usb: gadget: udc: amd5536 depends on HAS_DMA
    - RDMA/hns: Fix incorrect clearing of interrupt status register
    - RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
    - RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
    - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
    - mmc: cavium-octeon: Add of_node_put() when breaking out of loop
    - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
    - HID: alps: Declare U1_UNICORN_LEGACY support
    - PCI: tegra194: Fix Root Port interrupt handling
    - PCI: tegra194: Fix link up retry sequence
    - USB: serial: fix tty-port initialized comments
    - platform/olpc: Fix uninitialized data in debugfs write
    - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
    - RDMA/rxe: Fix error unwind in rxe_create_qp()
    - null_blk: fix ida error handling in null_add_dev()
    - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
    - ext4: recover csum seed of tmp_inode after migrating to extents
    - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
    - opp: Fix error check in dev_pm_opp_attach_genpd()
    - ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe
    - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
    - ASoC: codecs: da7210: add check for i2c_add_driver
    - ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe
    - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
    - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
    - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
    - profiling: fix shift too large makes kernel panic
    - tty: n_gsm: fix non flow control frames during mux flow off
    - tty: n_gsm: fix packet re-transmission without open control channel
    - tty: n_gsm: fix race condition in gsmld_write()
    - remoteproc: qcom: wcnss: Fix handling of IRQs
    - vfio/ccw: Do not change FSM state in subchannel event
    - tty: n_gsm: fix wrong T1 retry count handling
    - tty: n_gsm: fix DM command
    - tty: n_gsm: fix missing corner cases in gsmld_poll()
    - iommu/exynos: Handle failed IOMMU device registration properly
    - rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
    - kfifo: fix kfifo_to_user() return type
    - mfd: t7l66xb: Drop platform disable callback
    - mfd: max77620: Fix refcount leak in max77620_initialise_fps
    - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop
    - s390/zcore: fix race when reading from hardware system area
    - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
    - fuse: Remove the control interface for virtio-fs
    - ASoC: audio-graph-card: Add of_node_put() in fail path
    - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
      armada_37xx_wdt_probe()
    - video: fbdev: amba-clcd: Fix refcount leak bugs
    - video: fbdev: sis: fix typos in SiS_GetModeID()
    - powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32
    - powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
      alias
    - powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader
    - powerpc/xive: Fix refcount leak in xive_get_max_prio
    - powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address
    - perf symbol: Fail to read phdr workaround
    - kprobes: Forbid probing on trampoline and BPF code areas
    - powerpc/pci: Fix PHB numbering when using opal-phbid
    - genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO
    - scripts/faddr2line: Fix vmlinux detection on arm64
    - x86/numa: Use cpumask_available instead of hardcoded NULL check
    - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
    - tools/thermal: Fix possible path truncations
    - video: fbdev: vt8623fb: Check the size of screen before memset_io()
    - video: fbdev: arkfb: Check the size of screen before memset_io()
    - video: fbdev: s3fb: Check the size of screen before memset_io()
    - scsi: zfcp: Fix missing auto port scan and thus missing target ports
    - scsi: qla2xxx: Fix discovery issues in FC-AL topology
    - scsi: qla2xxx: Turn off multi-queue for 8G adapters
    - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
    - x86/olpc: fix 'logical not is only applied to the left hand side'
    - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
    - kexec, KEYS, s390: Make use of built-in and secondary keyring for signature
      verification
    - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
    - btrfs: reset block group chunk force if we have to wait
    - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
    - ext4: make sure ext4_append() always allocates new block
    - ext4: fix use-after-free in ext4_xattr_set_entry
    - ext4: update s_overhead_clusters in the superblock during an on-line resize
    - ext4: fix extent status tree race in writeback error recovery path
    - ext4: correct max_inline_xattr_value_size computing
    - ext4: correct the misjudgment in ext4_iget_extra_inode
    - intel_th: pci: Add Raptor Lake-S CPU support
    - intel_th: pci: Add Raptor Lake-S PCH support
    - intel_th: pci: Add Meteor Lake-P support
    - dm raid: fix address sanitizer warning in raid_resume
    - dm raid: fix address sanitizer warning in raid_status
    - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
    - dm writecache: set a default MAX_WRITEBACK_JOBS
    - ACPI: CPPC: Do not prevent CPPC from working in the future
    - timekeeping: contribute wall clock to rng on time change
    - firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
    - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
    - btrfs: reject log replay if there is unsupported RO compat flag
    - KVM: Add infrastructure and macro to mark VM as bugged
    - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq
    - KVM: x86: Avoid theoretical NULL pointer dereference in
      kvm_irq_delivery_to_apic_fast()
    - tcp: fix over estimation in sk_forced_mem_schedule()
    - scsi: sg: Allow waiting for commands to complete on removed device
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
    - net/9p: Initialize the iounit field during fid creation
    - net_sched: cls_route: disallow handle of 0
    - ALSA: info: Fix llseek return value when using callback
    - rds: add missing barrier to release_refill
    - ata: libata-eh: Add missing command name
    - mmc: pxamci: Fix another error handling path in pxamci_probe()
    - mmc: pxamci: Fix an error handling path in pxamci_probe()
    - btrfs: fix lost error handling when looking up extended ref on log replay
    - tracing: Have filter accept "common_cpu" to be consistent
    - can: ems_usb: fix clang's -Wunaligned-access warning
    - apparmor: fix quiet_denied for file rules
    - apparmor: fix absroot causing audited secids to begin with =
    - apparmor: Fix failed mount permission check error message
    - apparmor: fix aa_label_asxprint return check
    - apparmor: fix overlapping attachment computation
    - apparmor: fix reference count leak in aa_pivotroot()
    - apparmor: Fix memleak in aa_simple_write_to_buffer()
    - Documentation: ACPI: EINJ: Fix obsolete example
    - NFSv4.1: Don't decrease the value of seq_nr_highest_sent
    - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
    - NFSv4: Fix races in the legacy idmapper upcall
    - NFSv4.1: RECLAIM_COMPLETE must handle EACCES
    - NFSv4/pnfs: Fix a use-after-free bug in open
    - can: mcp251x: Fix race condition on receive interrupt
    - sunrpc: fix expiry of auth creds
    - SUNRPC: Reinitialise the backchannel request buffers before reuse
    - devlink: Fix use-after-free after a failed reload
    - net: bgmac: Fix a BUG triggered by wrong bytes_compl
    - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
    - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
    - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
    - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
    - geneve: do not use RT_TOS for IPv6 flowlabel
    - plip: avoid rcu debug splat
    - vsock: Fix memory leak in vsock_connect()
    - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
    - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
    - tools/vm/slabinfo: use alphabetic order when two values are equal
    - tools build: Switch to new openssl API for test-libcrypto
    - NTB: ntb_tool: uninitialized heap data in tool_fn_write()
    - nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
    - xen/xenbus: fix return type in xenbus_file_read()
    - atm: idt77252: fix use-after-free bugs caused by tst_timer
    - dpaa2-eth: trace the allocated address instead of page struct
    - tee: add overflow check in register_shm_helper()
    - nios2: page fault et.al. are *not* restartable syscalls...
    - nios2: don't leave NULLs in sys_call_table[]
    - nios2: traced syscall does need to check the syscall number
    - nios2: fix syscall restart checks
    - nios2: restarts apply only to the first sigframe we build...
    - nios2: add force_successful_syscall_return()
    - iavf: Fix adminq error handling
    - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks
    - netfilter: nf_tables: really skip inactive sets when allocating name
    - powerpc/pci: Fix get_phb_number() locking
    - net: dsa: mv88e6060: prevent crash on an unused port
    - net: moxa: pass pdev instead of ndev to DMA functions
    - net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
    - ice: Ignore EEXIST when setting promisc mode
    - i40e: Fix to stop tx_timeout recovery if GLOBR fails
    - fec: Fix timer capture timing in `fec_ptp_enable_pps()`
    - igb: Add lock to avoid data race
    - gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file
    - locking/atomic: Make test_and_*_bit() ordered on failure
    - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
    - PCI: Add ACS quirk for Broadcom BCM5750x NICs
    - usb: cdns3 fix use-after-free at workaround 2
    - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
      uvcg_info
    - irqchip/tegra: Fix overflow implicit truncation warnings
    - drm/meson: Fix overflow implicit truncation warnings
    - usb: host: ohci-ppc-of: Fix refcount leak bug
    - usb: renesas: Fix refcount leak bug
    - vboxguest: Do not use devm for irq
    - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src
    - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
      input
    - gadgetfs: ep_io - wait until IRQ finishes
    - cxl: Fix a memory leak in an error handling path
    - PCI/ACPI: Guard ARM64-specific mcfg_quirks
    - um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups
    - selftests/kprobe: Do not test for GRP/ without event failures
    - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed
    - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown
    - drivers:md:fix a potential use-after-free bug
    - ext4: avoid remove directory when directory is corrupted
    - ext4: avoid resizing to a partial cluster size
    - lib/list_debug.c: Detect uninitialized lists
    - tty: serial: Fix refcount leak bug in ucc_uart.c
    - vfio: Clear the caps->buf to NULL after free
    - mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start
    - riscv: mmap with PROT_WRITE but no PROT_READ is invalid
    - RISC-V: Add fast call path of crash_kexec()
    - watchdog: export lockup_detector_reconfigure
    - powerpc/32: Don't always pass -mcpu=powerpc to the compiler
    - ALSA: core: Add async signal helpers
    - ALSA: timer: Use deferred fasync helper
    - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
    - smb3: check xattr value length earlier
    - powerpc/64: Init jump labels before parse_early_param()
    - video: fbdev: i740fb: Check the argument of i740_calc_vclk()
    - MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0
    - tracing/probes: Have kprobes and uprobes use $COMM too
    - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with
      netdev_warn_once()
    - can: j1939: j1939_session_destroy(): fix memory leak of skbs
    - btrfs: only write the sectors in the vertical stripe which has data stripes
    - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
    - Linux 5.4.211
  * CVE-2022-3028
    - af_key: Do not call xfrm_probe_algs in parallel
  * CVE-2022-2978
    - fs: fix UAF/GPF bug in nilfs_mdt_destroy
  * CVE-2022-40768
    - scsi: stex: Properly zero out the passthrough command structure

[ Ubuntu: 5.4.0-1094.100 ]

* CVE-2022-2602
    - SAUCE: io_uring/af_unix: defer registered files gc to io_uring release
    - SAUCE: io_uring/af_unix: fix memleak during unix GC
  * CVE-2022-41674
    - SAUCE: wifi: cfg80211: fix u8 overflow in
      cfg80211_update_notlisted_nontrans()
    - SAUCE: wifi: cfg80211/mac80211: reject bad MBSSID elements
    - SAUCE: wifi: cfg80211: ensure length byte is present before access
    - SAUCE: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - SAUCE: wifi: cfg80211: update hidden BSSes to avoid WARN_ON
  * CVE-2022-42721
    - SAUCE: wifi: cfg80211: avoid nontransmitted BSS list corruption
  * CVE-2022-42720
    - SAUCE: wifi: cfg80211: fix BSS refcounting bugs

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Mon, 31 Oct 2022 08:29:57 -0300

Changed in linux-azure-cvm (Ubuntu Focal):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-11-15

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-11-15: Workflow done!

#2

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-01-10

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Kernel SRU Workflow

focal/linux-azure-cvm: 5.4.0-1095.101+cvm1 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Marcelo Cerri
Prepare-package-lrg	Fix Released	Medium	Marcelo Cerri
Prepare-package-lrm	Fix Released	Medium	Marcelo Cerri
Prepare-package-lrs	Fix Released	Medium	Marcelo Cerri
Prepare-package-meta	Fix Released	Medium	Marcelo Cerri
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Invalid	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Invalid	Medium	Unassigned
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs	Fix Released	Medium	Andy Whitcroft
linux-azure-cvm (Ubuntu)
Focal	Fix Released	Medium	Unassigned