Your message dated Sat, 09 May 2026 08:32:06 +0000
with message-id <[email protected]>
and subject line Bug#1113728: fixed in linux 6.12.86-1
has caused the Debian Bug report #1113728,
regarding linux-image-6.19.6+deb14+1-amd64: version ordering preventing latest
kernel being selected on reboot
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1113728: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113728
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: linux
Version: 6.19.6-2
Severity: normal
Dear Maintainer,
The recent kernel update on Forky caused some issue during upgrade that
the latest kernel `linux-image-6.19.6+deb14+1-amd64' is not the default
after rebooting and the previous kernel `linux-image-6.19.6+deb14-amd64'
is still selected. See also a user report[1] and my response[2] as well
as other people's analysis on how the kernel sequence is
determined[3][4].
I would suggest using a better naming scheme or change the way how
kernels are sorted to ensure the later kernel versions have higher
precedence and selected by default in Grub. Manually selecting a kernel
in Grub can be cumbersome for average users.
[1] https://lists.debian.org/debian-user/2026/03/msg00246.html
[2] https://lists.debian.org/debian-user/2026/03/msg00248.html
[3] https://lists.debian.org/debian-user/2026/03/msg00251.html
[4] https://lists.debian.org/debian-user/2026/03/msg00252.html
-- System Information:
Debian Release: forky/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (200, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.19.6+deb14+1-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages linux-image-6.19.6+deb14+1-amd64 depends on:
ii initramfs-tools [linux-initramfs-tool] 0.150
ii kmod 34.2-2+b1
ii linux-base 4.15
ii linux-base-6.19.6+deb14+1-amd64 6.19.6-2
ii linux-binary-6.19.6+deb14+1-amd64 6.19.6-2
ii linux-modules-6.19.6+deb14+1-amd64 6.19.6-2
Versions of packages linux-image-6.19.6+deb14+1-amd64 recommends:
ii apparmor 4.1.6-3
Versions of packages linux-image-6.19.6+deb14+1-amd64 suggests:
pn debian-kernel-handbook <none>
pn firmware-linux-free <none>
ii grub-pc 2.14-2
pn linux-doc-6.19 <none>
Versions of packages linux-image-6.19.6+deb14+1-amd64 is related to:
pn firmware-amd-graphics <none>
pn firmware-atheros <none>
pn firmware-bnx2 <none>
pn firmware-bnx2x <none>
pn firmware-brcm80211 <none>
pn firmware-cavium <none>
pn firmware-cirrus <none>
pn firmware-intel-graphics <none>
pn firmware-intel-misc <none>
pn firmware-intel-sound <none>
pn firmware-ipw2x00 <none>
pn firmware-ivtv <none>
pn firmware-iwlwifi <none>
pn firmware-libertas <none>
pn firmware-marvell-prestera <none>
pn firmware-mediatek <none>
pn firmware-misc-nonfree <none>
pn firmware-myricom <none>
pn firmware-netronome <none>
pn firmware-netxen <none>
pn firmware-nvidia-graphics <none>
pn firmware-qcom-soc <none>
pn firmware-qlogic <none>
pn firmware-realtek <none>
pn firmware-samsung <none>
pn firmware-siano <none>
pn firmware-ti-connectivity <none>
pn xen-hypervisor <none>
-- no debconf information
--
Regards,
Xiyue Deng
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: linux
Source-Version: 6.12.86-1
Done: Salvatore Bonaccorso <[email protected]>
We believe that the bug you reported is fixed in the latest version of
linux, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated linux package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 08 May 2026 08:54:02 +0200
Source: linux
Architecture: source
Version: 6.12.86-1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Kernel Team <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 1113728
Changes:
linux (6.12.86-1) trixie-security; urgency=high
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.86
- ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES
- ALSA: usb-audio: Avoid false E-MU sample-rate notifications
- ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch
- usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable()
- usb: chipidea: otg: not wait vbus drop if use role_switch
- usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS
change
- ALSA: usb-audio: Evaluate packsize caps at the right place
- LoongArch: Add spectre boundry for syscall dispatch table
- drm/nouveau: fix u32 overflow in pushbuf reloc bounds check
- leds: qcom-lpg: Check for array overflow when selecting the high
resolution
- greybus: gb-beagleplay: bound bootloader receive buffering
- greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()
- misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()
- ibmasm: fix OOB reads in command_file_write due to missing size checks
- ibmasm: fix heap over-read in ibmasm_send_i2o_message()
- driver core: Don't let a device probe until it's ready
- drm/nouveau: fix nvkm_device leak on aperture removal failure
- kbuild: rust: allow `clippy::uninlined_format_args`
- firmware: google: framebuffer: Do not mark framebuffer as busy
- arm64/mm: Enable batched TLB flush in unmap_hotplug_range()
- padata: Fix pd UAF once and for all (CVE-2025-38584)
- padata: Remove comment for reorder_work
- rust: init: fix `clippy::undocumented_unsafe_blocks` warnings
- drm/amdgpu: Use vmemdup_array_user in amdgpu_bo_create_list_entry_array
- drm/amdgpu: Limit BO list entry count to prevent resource exhaustion
(CVE-2026-23468)
- device property: Make modifications of fwnode "flags" thread safe
- ocfs2: split transactions in dio completion to avoid credit exhaustion
- zram: do not forget to endio for partial discard requests
- wifi: rtw88: check for PCI upstream bridge existence
- vfio/cdx: Serialize VFIO_DEVICE_SET_IRQS with a per-device mutex
- vfio/cdx: Fix NULL pointer dereference in interrupt trigger path
- um: drivers: call kernel_strrchr() explicitly in cow_user.c
- spi: imx: fix use-after-free on unbind
- spi: ch341: fix memory leaks on probe failures
- mm/memory_hotplug: fix hwpoisoned large folio handling in
do_migrate_range()
- crypto: pcrypt - Fix handling of MAY_BACKLOG requests
- of: unittest: fix use-after-free in of_unittest_changeset()
- of: unittest: fix use-after-free in testdrv_probe()
- hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt
- media: amphion: Fix race between m2m job_abort and device_run
- ALSA: control: Validate buf_len before strnlen() in
snd_ctl_elem_init_enum_names()
- net: caif: clear client service pointer on teardown
- net: strparser: fix skb_head leak in strp_abort_strp()
- media: mtk-jpeg: fix use-after-free in release path due to uncancelled
work
- crypto: atmel-sha204a - Fix OTP sysfs read and error handling
- PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown
- Revert "ALSA: usb: Increase volume range that triggers a warning"
- PCI: epf-mhi: Return 0, not remaining timeout, when eDMA ops complete
- lib/ts_kmp: fix integer overflow in pattern length calculation
- media: i2c: imx219: Check return value of devm_gpiod_get_optional() in
imx219_probe()
- net: qrtr: ns: Fix use-after-free in driver remove()
- ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()
- ALSA: aoa: i2sbus: fix OF node lifetime handling
- ALSA: ctxfi: Add fallback to default RSR for S/PDIF
- ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes
- erofs: fix the out-of-bounds nameoff handling for trailing dirents
- jbd2: fix deadlock in jbd2_journal_cancel_revoke()
- md/raid10: fix deadlock with check operation and nowait requests
- mfd: stpmic1: Attempt system shutdown twice in case PMIC is confused
- mtd: docg3: fix use-after-free in docg3_release()
- nvme-pci: add NVME_QUIRK_DISABLE_WRITE_ZEROES for Kingston OM3SGP4
- nvme: respect NVME_QUIRK_DISABLE_WRITE_ZEROES when wzsl is set
- parisc: _llseek syscall is only available for 32-bit userspace
- remoteproc: xlnx: Only access buffer information if IPI is buffered
- sched: Use u64 for bandwidth ratio calculations
- rbd: fix null-ptr-deref when device_add_disk() fails
- block: fix zone write plugs refcount handling in
disk_zone_wplug_schedule_bio_work()
- io_uring/timeout: check unused sqe fields
- iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned()
- io_uring/poll: fix signed comparison in io_poll_get_ownership()
- io_uring/poll: ensure EPOLL_ONESHOT is propagated for EPOLL_URING_WAKE
- ALSA: core: Fix potential data race at fasync handling
- ALSA: caiaq: Fix control_put() result and cache rollback
- ALSA: caiaq: Handle probe errors properly
- ALSA: 6fire: Fix input volume change detection
- ALSA: pcmtest: fix reference leak on failed device registration
- ALSA: pcmtest: Fix resource leaks in module init error paths
- iio: adc: ad7768-1: fix one-shot mode data acquisition
- rxrpc: Fix memory leaks in rxkad_verify_response()
- rxrpc: Fix rxkad crypto unalignment handling
- rxrpc: Fix re-decryption of RESPONSE packets
- tools/accounting: handle truncated taskstats netlink messages
- arm64: dts: marvell: uDPU: add ethernet aliases
- net: qrtr: ns: Free the node during ctrl_cmd_bye()
- net: rds: fix MR cleanup on copy error
- net: txgbe: fix firmware version check
- net/smc: avoid early lgr access in smc_clc_wait_msg
- net: ks8851: Reinstate disabling of BHs around IRQ handler
- netconsole: avoid out-of-bounds access on empty string in trim_newline()
- net: ks8851: Avoid excess softirq scheduling
- drm/arcpgu: fix device node leak
- RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
- ipv4: icmp: validate reply type before using icmp_pointers
- libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()
- extract-cert: Wrap key_pass with '#ifdef USE_PKCS11_ENGINE'
- tpm: avoid -Wunused-but-set-variable
- LoongArch: Show CPU vulnerabilites correctly
- power: supply: axp288_charger: Do not cancel work before initializing it
- hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()
- randomize_kstack: Maintain kstack_offset per task
- mmc: block: use single block write in retry
- mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration
- arm64: dts: ti: am62-verdin: Enable pullup for eMMC data pins
- xfs: fix a resource leak in xfs_alloc_buftarg()
- firmware: google: framebuffer: Do not unregister platform device
- crypto: talitos - fix SEC1 32k ahash request limitation
- crypto: talitos - rename first/last to first_desc/last_desc
- pwm: imx-tpm: Count the number of enabled channels in probe
- tpm: Fix auth session leak in tpm2_get_random() error path
- tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
- tpm: tpm_tis: add error logging for data transfer
- tpm: tpm_tis: stop transmit if retries are exhausted
- rtc: ntxec: fix OF node reference imbalance
- mm/damon/core: use time_in_range_open() for damos quota window start
- userfaultfd: allow registration of ranges below mmap_min_addr
- KVM: x86: Defer non-architectural deliver of exception payload to
userspace read
- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state
- KVM: nSVM: Sync NextRIP to cached vmcb12 after VMRUN of L2
- KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2
- KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0
- KVM: SVM: Explicitly mark vmcb01 dirty after modifying VMCB intercepts
- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode
- KVM: nSVM: Use vcpu->arch.cr2 when updating vmcb12 on nested #VMEXIT
- KVM: nSVM: Always inject a #GP if mapping VMCB12 fails on nested VMRUN
- KVM: nSVM: Clear GIF on nested #VMEXIT(INVALID)
- KVM: nSVM: Clear EVENTINJ fields in vmcb12 on nested #VMEXIT
- KVM: nSVM: Clear tracking of L1->L2 NMI and soft IRQ on nested #VMEXIT
- KVM: nSVM: Add missing consistency check for EFER, CR0, CR4, and CS
- KVM: nSVM: Add missing consistency check for nCR3 validity
- KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1
- KVM: nSVM: Always intercept VMMCALL when L2 is active
- io_uring/poll: fix multishot recv missing EOF on wakeup race
- perf annotate: Use jump__delete when freeing LoongArch jumps
- ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access
- ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()
- mtd: spi-nor: sst: Fix write enable before AAI sequence
- amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2
- md/raid5: fix soft lockup in retry_aligned_read()
- md/raid5: validate payload size before accessing journal metadata
- check-uapi: link into shared objects
- HID: apple: ensure the keyboard backlight is off if suspending
- inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails
- x86/cpu: Disable FRED when PTI is forced on
- wifi: rtl8xxxu: fix potential use of uninitialized value
- tcp: call sk_data_ready() after listener migration
- taskstats: set version in TGID exit notifications
- mfd: core: Preserve OF node when ACPI handle is present
- apparmor: use target task's context in apparmor_getprocattr()
- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers
- bus: mhi: host: pci_generic: Switch to async power up to avoid boot
delays
- can: ucan: fix devres lifetime
- crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit
- crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup
- crypto: atmel-ecc - Release client on allocation failure
- crypto: hisilicon - Fix dma_unmap_single() direction
- crypto: ccree - fix a memory leak in cc_mac_digest()
- crypto: atmel-tdes - fix DMA sync direction
- crypto: atmel-sha204a - Fix error codes in OTP reads
- crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path
- crypto: atmel-sha204a - Fix uninitialized data access on OTP read error
- crypto: nx - Fix packed layout in struct nx842_crypto_header
- dm mirror: fix integer overflow in create_dirty_log()
- ceph: only d_add() negative dentries when they are unhashed
- IB/core: Fix zero dmac race in neighbor resolution
- ktest: Fix the month in the name of the failure directory
- ntfs3: add buffer boundary checks to run_unpack()
- ntfs3: fix integer overflow in run_unpack() volume boundary check
- rtmutex: Use waiter::task instead of current in remove_waiter()
- scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails
- seg6: fix seg6 lwtunnel output redirect for L2 reduced encap mode
- smb: client: validate the whole DACL before rewriting it in cifsacl
(CVE-2026-31709)
- f2fs: fix UAF caused by decrementing sbi->nr_pages[] in
f2fs_write_end_io() (CVE-2026-31715)
- lib: test_hmm: evict device pages on file close to avoid use-after-free
- f2fs: fix to do sanity check on dcc->discard_cmd_cnt conditionally
- ksmbd: use msleep instaed of schedule_timeout_interruptible()
- ksmbd: replace connection list with hash table
- ksmbd: reset rcount per connection in ksmbd_conn_wait_idle_sess_id()
- thermal: core: Fix thermal zone governor cleanup issues
- wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor
- wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling
- wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()
- mm/migrate: factor out movable_ops page handling into
migrate_movable_ops_page()
- mm/migrate: move movable_ops page handling out of move_to_new_folio()
- mm: migrate: requeue destination folio on deferred split queue
- ALSA: aoa: Use guard() for mutex locks
- ALSA: aoa: i2sbus: clear stale prepared state
- mm/zsmalloc: copy KMSAN metadata in zs_page_migrate()
- media: rc: ttusbir: respect DMA coherency rules
- ALSA: aoa: Skip devices with no codecs in i2sbus_resume()
- media: rc: igorplugusb: heed coherency rules
- RDMA/mana_ib: Disable RX steering on RSS QP destroy
- block: relax pgmap check in bio_add_page for compatible zone device pages
- iio: frequency: admv1013: add dev variable
- iio: frequency: admv1013: fix NULL pointer dereference on str
- rxrpc: Fix potential UAF after skb_unshare() failure
- net: qrtr: ns: Limit the maximum server registration per node
- net: qrtr: ns: Limit the maximum number of lookups
- net: bridge: use a stable FDB dst snapshot in RCU readers
- net: mctp: fix don't require received header reserved bits to be zero
- net: qrtr: ns: Limit the total number of nodes
- spi: fix resource leaks on device setup failure
- mm: prevent droppable mappings from being locked
- crypto: authencesn - reject short ahash digests during instance creation
- net: bonding: fix use-after-free in bond_xmit_broadcast()
(CVE-2026-31419)
- driver core: Add kernel-doc for DEV_FLAG_COUNT enum value
- ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path
- ALSA: caiaq: Don't abort when no input device is available
- rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
- drm/amdgpu: fix zero-size GDS range init on RDNA4
- ALSA: caiaq: fix usb_dev refcount leak on probe failure
- net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels
- netfilter: reject zero shift in nft_bitwise
.
[ Ben Hutchings ]
* Fix ordering of kernel version strings for multiple Debian revisions
(Closes: #1113728)
* rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
.
[ Salvatore Bonaccorso ]
* xfrm: esp: avoid in-place decrypt on shared skb frags
* rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
Checksums-Sha1:
4fde1397005d6cee29beb38a203be3f3cf5bea20 288306 linux_6.12.86-1.dsc
d3ada79b0c43803bb5f47a92b1301b2632586d4f 151247248 linux_6.12.86.orig.tar.xz
fc832a98addda060f326cb25325b20f0b373541f 1812972 linux_6.12.86-1.debian.tar.xz
60e6591527003428a39abbe3987536b3f581df4b 6923 linux_6.12.86-1_source.buildinfo
Checksums-Sha256:
fc5315f4946bc6749aa0bf1df9bf0901b3fe0344876e1e08e0bdf67556aeb106 288306
linux_6.12.86-1.dsc
74ae12a1a62311e096d05a0b006c8447d9007809b0b7604a643293914871982b 151247248
linux_6.12.86.orig.tar.xz
81d68f571ad15a2d4697a6552f2d8ac16b0b6942e453138a8ec58cc927d3673e 1812972
linux_6.12.86-1.debian.tar.xz
9cbe45e8cf58db4f49d515c05015d9efdcf1ff0d4d0b48beabf802d460941cfa 6923
linux_6.12.86-1_source.buildinfo
Files:
914b33321c5af8b16d552e2a240c8f24 288306 kernel optional linux_6.12.86-1.dsc
226b32053b554dde2373ff5a5bd318d7 151247248 kernel optional
linux_6.12.86.orig.tar.xz
bd70aa9ae2b6efa695beb4e4c589ac68 1812972 kernel optional
linux_6.12.86-1.debian.tar.xz
4bd4d6deb36744c6f01e6eea1cb7197d 6923 kernel optional
linux_6.12.86-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmn9inNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Em/0P/josPevlpDgn9imOHRsrONoz2hXPZnZj
t+Huhj4mvciynueJUl2mhoR1pIK0GpO2wlQsKWr++GOewtlcgM99C85Fh1bK/97c
O77ucp9eExIe1ItyXrcTapDQPVgInThAh3mcBLkCv77nWRJqV6cmjsC+AldLlIEv
gQvaVv7zaoi9zkavaxSV7xrud1Ptu8kHi3xT8mj8nU6uA5UE7CBzcsPcxhA6REbB
4IhSGQX19jLz45bYggcUyzwpkjR8QrKYneb22xH97v3lploV1BIjaXOFKM92qPfc
xm/s8y8VlfelVOelENyvwO0X5I2ef5lBSUcYwLk/HAnW8EDM3JZ7TeCRvNVQJu6q
TTorzeczyKs5S92ubGi5+wRJoKpit2A5IVoYRAkce0AE4ROfPvYkA5pR4yyjlekN
7F8woOHNQ067d98nTa+h22sJlk/3HrDbNVCQsXO/vuLWUGHZ5ymJlHrlZckc6Eq3
SnwuQ2R2kFx8gI/eRR1GcPHPDnfP9OqHm6Znm6DvFfHC5jR52O4b6q4PPE7uvbdA
okJf8qJ9kNcRqfVIZnlyJvdt+XrkkthOnBM5jn8QSGyS5JsiIXc5kXg97KiU9ghn
hkpuzffli6vVOHDe7swfZJxhC6zIGKp/zsaci/8/i4FRfc91Cfr/hCbyHQdQSgf2
dQ4FU/NJAGCm
=lI0G
-----END PGP SIGNATURE-----
pgpqJ_YFlWLYp.pgp
Description: PGP signature
--- End Message ---
