Skipped "net: tls, update curr on splice as well" because it is already applied as CVE-2024-0646.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-0646 ** Changed in: linux (Ubuntu Mantic) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2051584 Title: Mantic update: upstream stable patchset 2024-01-29 Status in linux package in Ubuntu: Invalid Status in linux source package in Mantic: Fix Committed Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: upstream stable patchset 2024-01-29 Ported from the following upstream stable relases: v6.1.67, v6.6.6 v6.1.68, v6.6.7 from git://git.kernel.org/ UBUNTU: Upstream stable to v6.1.67, v6.6.6 vdpa/mlx5: preserve CVQ vringh index hrtimers: Push pending hrtimers away from outgoing CPU earlier i2c: designware: Fix corrupted memory seen in the ISR netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test zstd: Fix array-index-out-of-bounds UBSAN warning tg3: Move the [rt]x_dropped counters to tg3_napi tg3: Increment tx_dropped in tg3_tso_bug() kconfig: fix memory leak from range properties drm/amdgpu: correct chunk_ptr to a pointer to chunk. x86: Introduce ia32_enabled() x86/coco: Disable 32-bit emulation by default on TDX and SEV x86/entry: Convert INT 0x80 emulation to IDTENTRY x86/entry: Do not allow external 0x80 interrupts x86/tdx: Allow 32-bit emulation by default dt: dt-extract-compatibles: Handle cfile arguments in generator function dt: dt-extract-compatibles: Don't follow symlinks when walking tree platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code of: dynamic: Fix of_reconfig_get_state_change() return value documentation platform/x86: wmi: Skip blocks with zero instances ipv6: fix potential NULL deref in fib6_add() octeontx2-pf: Add missing mutex lock in otx2_get_pauseparam octeontx2-af: Check return value of nix_get_nixlf before using nixlf hv_netvsc: rndis_filter needs to select NLS r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE r8152: Add RTL8152_INACCESSIBLE checks to more loops r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() mlxbf-bootctl: correctly identify secure boot with development keys platform/mellanox: Add null pointer checks for devm_kasprintf() platform/mellanox: Check devm_hwmon_device_register_with_groups() return value arcnet: restoring support for multiple Sohard Arcnet cards octeontx2-pf: consider both Rx and Tx packet stats for adaptive interrupt coalescing net: stmmac: fix FPE events losing xsk: Skip polling event check for unbound socket octeontx2-af: fix a use-after-free in rvu_npa_register_reporters i40e: Fix unexpected MFS warning message iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero tcp: fix mid stream window clamp. ionic: fix snprintf format length warning ionic: Fix dim work handling in split interrupt mode ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() net: atlantic: Fix NULL dereference of skb pointer in net: hns: fix wrong head when modify the tx feature when sending packets net: hns: fix fake link up on xge port octeontx2-af: Adjust Tx credits when MCS external bypass is disabled octeontx2-af: Fix mcs sa cam entries size octeontx2-af: Fix mcs stats register address octeontx2-af: Add missing mcs flr handler call octeontx2-af: Update Tx link register range dt-bindings: interrupt-controller: Allow #power-domain-cells netfilter: nf_tables: fix 'exist' matching on bigendian arches netfilter: nf_tables: validate family when identifying table via handle netfilter: xt_owner: Fix for unsafe access of sk->sk_socket tcp: do not accept ACK of bytes we never sent bpf: sockmap, updating the sg structure should also update curr psample: Require 'CAP_NET_ADMIN' when joining "packets" group drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group mm/damon/sysfs: eliminate potential uninitialized variable warning tee: optee: Fix supplicant based device enumeration RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm RDMA/irdma: Do not modify to SQD on error RDMA/irdma: Add wait for suspend on SQD arm64: dts: rockchip: Expand reg size of vdec node for RK3328 arm64: dts: rockchip: Expand reg size of vdec node for RK3399 ASoC: fsl_sai: Fix no frame sync clock issue on i.MX8MP RDMA/rtrs-srv: Do not unconditionally enable irq RDMA/rtrs-clt: Start hb after path_up RDMA/rtrs-srv: Check return values while processing info request RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight RDMA/rtrs-clt: Fix the max_send_wr setting RDMA/rtrs-clt: Remove the warnings for req in_use check RDMA/bnxt_re: Correct module description string RDMA/irdma: Refactor error handling in create CQP RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() hwmon: (acpi_power_meter) Fix 4.29 MW bug ASoC: codecs: lpass-tx-macro: set active_decimator correct default value hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz RDMA/irdma: Avoid free the non-cqp_request scratch drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 ARM: dts: imx6ul-pico: Describe the Ethernet PHY clock tracing: Fix a warning when allocating buffered events fails scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt ARM: dts: imx28-xea: Pass the 'model' property riscv: fix misaligned access handling of C.SWSP and C.SDSP md: don't leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() rethook: Use __rcu pointer for rethook::handler kprobes: consistent rcu api usage for kretprobe holder ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA nvme-pci: Add sleep quirk for Kingston drives io_uring: fix mutex_unlock with unreferenced ctx ALSA: usb-audio: Add Pioneer DJM-450 mixer controls ALSA: pcm: fix out-of-bounds in snd_pcm_state_names ALSA: hda/realtek: add new Framework laptop to quirks ALSA: hda/realtek: Add Framework laptop 16 to quirks ring-buffer: Test last update in 32bit version of __rb_time_read() nilfs2: fix missing error check for sb_set_blocksize call nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() cgroup_freezer: cgroup_freezing: Check if not frozen checkstack: fix printed address tracing: Always update snapshot buffer size tracing: Disable snapshot buffer when stopping instance tracers tracing: Fix incomplete locking when disabling buffered events tracing: Fix a possible race when disabling buffered events packet: Move reference count in packet_sock to atomic_long_t r8169: fix rtl8125b PAUSE frames blasting when suspended regmap: fix bogus error on regcache_sync success platform/surface: aggregator: fix recv_buf() return value hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write mm: fix oops when filemap_map_pmd() without prealloc_pte powercap: DTPM: Fix missing cpufreq_cpu_put() calls md/raid6: use valid sector values to determine if an I/O should wait on the reshape arm64: dts: mediatek: mt7622: fix memory node warning check arm64: dts: mediatek: mt8183-kukui-jacuzzi: fix dsi unnecessary cells properties arm64: dts: mediatek: cherry: Fix interrupt cells for MT6360 on I2C7 arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names arm64: dts: mediatek: mt8195: Fix PM suspend/resume with venc clocks arm64: dts: mediatek: mt8183: Fix unit address for scp reserved memory arm64: dts: mediatek: mt8183: Move thermal-zones to the root node arm64: dts: mediatek: mt8183-evb: Fix unit_address_vs_reg warning on ntc coresight: etm4x: Remove bogous __exit annotation for some functions hwtracing: hisi_ptt: Add dummy callback pmu::read() misc: mei: client.c: return negative error code in mei_cl_write misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write LoongArch: BPF: Don't sign extend memory load operand LoongArch: BPF: Don't sign extend function return value ring-buffer: Force absolute timestamp on discard of event tracing: Set actual size after ring buffer resize tracing: Stop current tracer when resizing buffer parisc: Reduce size of the bug_table on 64-bit kernel by half parisc: Fix asm operand number out of range build error in bug table arm64: dts: mediatek: add missing space before { arm64: dts: mt8183: kukui: Fix underscores in node names x86/sev: Fix kernel crash due to late update to read-only ghcb_version gpiolib: sysfs: Fix error handling on failed export drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 usb: gadget: f_hid: fix report descriptor allocation serial: 8250_dw: Add ACPI ID for Granite Rapids-D UART parport: Add support for Brainboxes IX/UC/PX parallel cards cifs: Fix non-availability of dedup breaking generic/304 Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1" smb: client: fix potential NULL deref in parse_dfs_referrals() ARM: PL011: Fix DMA support serial: sc16is7xx: address RX timeout interrupt errata serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt serial: 8250_omap: Add earlycon support for the AM654 UART controller devcoredump: Send uevent once devcd is ready x86/CPU/AMD: Check vendor in the AMD microcode callback USB: gadget: core: adjust uevent timing on gadget unbind cifs: Fix flushing, invalidation and file size with copy_file_range() cifs: Fix flushing, invalidation and file size with FICLONE MIPS: kernel: Clear FPU states when setting up kernel threads KVM: s390/mm: Properly reset no-dat KVM: SVM: Update EFER software model on CR0 trap for SEV-ES MIPS: Loongson64: Reserve vgabios memory on boot MIPS: Loongson64: Handle more memory types passed from firmware MIPS: Loongson64: Enable DMA noncoherent support riscv: Kconfig: Add select ARM_AMBA to SOC_STARFIVE UBUNTU: [Config] updateconfigs after enabling ARM_AMBA on riscv drm/i915: Skip some timing checks on BXT/GLK DSI transcoders scsi: sd: Fix sshdr use in sd_suspend_common() nouveau: use an rwlock for the event lock. modpost: fix section mismatch message for RELA drm/amdgpu: Do not program VF copy regs in mmhub v1.8 under SRIOV (v2) drm/amdgpu: finalizing mem_partitions at the end of GMC v9 sw_fini dm-crypt: start allocating with MAX_ORDER r8152: Hold the rtnl_lock for all of reset net: tls, update curr on splice as well net: dsa: microchip: provide a list of valid protocols for xmit handler net/smc: fix missing byte order conversion in CLC handshake RDMA/core: Fix uninit-value access in ib_get_eth_speed() ARM: dts: imx6q: skov: fix ethernet clock regression ARM: dts: rockchip: Fix sdmmc_pwren's pinmux setting for RK3128 ARM: dts: bcm2711-rpi-400: Fix delete-node of led_act firmware: arm_scmi: Extend perf protocol ops to get number of domains firmware: arm_scmi: Extend perf protocol ops to get information of a domain firmware: arm_scmi: Fix frequency truncation by promoting multiplier type firmware: arm_scmi: Simplify error path in scmi_dvfs_device_opps_add() RDMA/irdma: Ensure iWarp QP queue memory is OS paged aligned RDMA/irdma: Fix support for 64k pages io_uring/kbuf: Fix an NULL vs IS_ERR() bug in io_alloc_pbuf_ring() io_uring/kbuf: check for buffer list readiness after NULL check arm64: dts: imx8-ss-lsio: Add PWM interrupts arm64: dts: freescale: imx8-ss-lsio: Fix #pwm-cells arm64: dts: imx93: correct mediamix power arm64: dts: imx8-apalis: set wifi regulator to always-on arm64: dts: rockchip: Fix eMMC Data Strobe PD on rk3588 scripts/gdb: fix lx-device-list-bus and lx-device-list-class ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA ALSA: hda/realtek: Apply quirk for ASUS UM3504DA ALSA: hda/realtek: fix speakers on XPS 9530 (2023) ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly leds: trigger: netdev: fix RTNL handling to prevent potential deadlock nfp: flower: fix for take a mutex lock in soft irq context and rcu lock workqueue: Make sure that wq_unbound_cpumask is never empty drivers/base/cpu: crash data showing should depends on KEXEC_CORE mm/memory_hotplug: add missing mem_hotplug_lock mm/memory_hotplug: fix error handling in add_memory_resource() drm/atomic-helpers: Invoke end_fb_access while owning plane state drm/i915/mst: Fix .mode_valid_ctx() return values drm/i915/mst: Reject modes that require the bigjoiner arm64: dts: mt7986: change cooling trips arm64: dts: mt7986: define 3W max power to both SFP on BPI-R3 arm64: dts: mt7986: fix emmc hs400 mode without uboot initialization arm64: dts: mediatek: mt8186: fix clock names for power domains arm64: dts: mediatek: mt8186: Change gpu speedbin nvmem cell name coresight: Fix crash when Perf and sysfs modes are used concurrently coresight: ultrasoc-smb: Fix sleep while close preempt in enable_smb coresight: ultrasoc-smb: Config SMB buffer before register sink coresight: ultrasoc-smb: Fix uninitialized before use buf_hw_base ASoC: ops: add correct range check for limiting volume nvmem: Do not expect fixed layouts to grab a layout driver serial: ma35d1: Validate console index before assignment powerpc/ftrace: Fix stack teardown in ftrace_no_trace perf metrics: Avoid segv if default metricgroup isn't set ASoC: qcom: sc8280xp: Limit speaker digital volumes gcc-plugins: randstruct: Update code comment in relayout_struct() drm/amdgpu: Fix refclk reporting for SMU v13.0.6 drm/amdgpu: Add bootloader status check drm/amdgpu: Add bootloader wait for PSP v13 drm/amdgpu: Restrict bootloader wait to SMUv13.0.6 drm/amdgpu: update retry times for psp vmbx wait drm/amdgpu: update retry times for psp BL wait drm/amdgpu: Restrict extended wait to PSP v13.0.6 UBUNTU: Upstream stable to v6.1.68, v6.6.7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2051584/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
