Ubuntu
linux package

Bionic update: upstream stable patchset 2022-12-01

Bug #1998542 reported by Kamal Mostafa on 2022-12-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Bionic	Fix Released	Medium	Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

upstream stable patchset 2022-12-01
from git://git.kernel.org/

Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
x86/cpufeature: Add facility to check for min microcode revisions
x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header
x86/devicetable: Move x86 specific macro out of generic code
x86/cpu: Add consistent CPU match macros
x86/cpu: Add a steppings field to struct x86_cpu_id
x86/entry: Remove skip_r11rcx
x86/cpufeatures: Move RETPOLINE flags to word 11
x86/bugs: Report AMD retbleed vulnerability
x86/bugs: Add AMD retbleed= boot parameter
x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
x86/entry: Add kernel IBRS implementation
x86/bugs: Optimize SPEC_CTRL MSR writes
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
x86/bugs: Report Intel retbleed vulnerability
entel_idle: Disable IBRS during long idle
x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
x86/speculation: Add LFENCE to RSB fill sequence
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
x86/speculation: Fix firmware entry SPEC_CTRL handling
x86/speculation: Fix SPEC_CTRL write on SMT state change
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
x86/speculation: Remove x86_spec_ctrl_mask
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
KVM: VMX: Fix IBRS handling after vmexit
x86/speculation: Fill RSB on vmexit for IBRS
x86/common: Stamp out the stepping madness
x86/cpu/amd: Enumerate BTC_NO
x86/bugs: Add Cannon lake to RETBleed affected CPU list
x86/speculation: Disable RRSBA behavior
x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
x86/speculation: Add RSB VM Exit protections
UBUNTU: Upstream stable to v4.14.297, v4.19.263
ocfs2: clear dinode links count in case of error
ocfs2: fix BUG when iput after ocfs2_mknod fails
x86/microcode/AMD: Apply the patch early on every logical thread
ata: ahci-imx: Fix MODULE_ALIAS
ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
KVM: arm64: vgic: Fix exit condition in scan_its_table()
UBUNTU: [Config] updateconfigs for ARM64_ERRATUM_1742098
arm64: errata: Remove AES hwcap for COMPAT tasks
r8152: add PID for the Lenovo OneLink+ Dock
btrfs: fix processing of delayed data refs during backref walking
ACPI: extlog: Handle multiple records
HID: magicmouse: Do not set BTN_MOUSE on double report
net/atm: fix proc_mpc_write incorrect return value
net: hns: fix possible memory leak in hnae_ae_register()
iommu/vt-d: Clean up si_domain in the init_dmars() error path
media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
ACPI: video: Force backlight native for more TongFang devices
ALSA: Use del_timer_sync() before freeing timer
ALSA: au88x0: use explicitly signed char
USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
usb: dwc3: gadget: Don't set IMI for no_interrupt
usb: bdc: change state when port disconnected
usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller
xhci: Remove device endpoints from bandwidth list when freeing the device
tools: iio: iio_utils: fix digit calculation
iio: light: tsl2583: Fix module unloading
fbdev: smscufx: Fix several use-after-free bugs
mac802154: Fix LQI recording
drm/msm/hdmi: fix memory corruption with too many bridges
mmc: core: Fix kernel panic when remove non-standard SDIO card
kernfs: fix use-after-free in __kernfs_remove
s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
Xen/gntdev: don't ignore kernel unmapping error
xen/gntdev: Prevent leaking grants
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
net: ieee802154: fix error return code in dgram_bind()
drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
arc: iounmap() arg is volatile
ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
x86/unwind/orc: Fix unreliable stack dump with gcov
amd-xgbe: fix the SFP compliance codes check for DAC cables
amd-xgbe: add the bit rate quirk for Molex cables
kcm: annotate data-races around kcm->rx_psock
kcm: annotate data-races around kcm->rx_wait
net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
tcp: fix indefinite deferral of RTO with SACK reneging
can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path
PM: hibernate: Allow hybrid sleep to work with s2idle
media: vivid: s_fbuf: add more sanity checks
media: vivid: dev->bitmap_cap wasn't freed in all cases
media: v4l2-dv-timings: add sanity checks for blanking values
media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
i40e: Fix ethtool rx-flow-hash setting for X722
i40e: Fix flow-type by setting GL_HASH_INSET registers
net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
PM: domains: Fix handling of unavailable/disabled idle states
ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
ALSA: aoa: Fix I2S device accounting
openvswitch: switch from WARN to pr_warn
net: ehea: fix possible memory leak in ehea_register_port()
can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive
media: venus: dec: Handle the case where find_format fails
Makefile.debug: re-enable debug info for .S files
drm/msm/dsi: fix memory corruption with too many bridges
perf auxtrace: Fix address filter symbol name match for modules
net: netsec: fix error handling in netsec_register_mdio()
net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
i40e: Fix VF hang when reset is triggered on another VF
UBUNTU: Upstream stable to v4.14.298, v4.19.264

See original description

Tags:

Kamal Mostafa (kamalmostafa) on 2022-12-01

Changed in linux (Ubuntu):
status:	New → Confirmed
tags:	added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
status:	Confirmed → Invalid
Changed in linux (Ubuntu Bionic):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Kamal Mostafa (kamalmostafa)

Kamal Mostafa (kamalmostafa) on 2022-12-01

description:

updated

Stefan Bader (smb) on 2022-12-02

Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-08:

Download full text (22.0 KiB)

This bug was fixed in the package linux - 4.15.0-204.215

---------------
linux (4.15.0-204.215) bionic; urgency=medium

* bionic/linux: 4.15.0-204.215 -proposed tracker (LP: #2003522)

* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key

linux (4.15.0-203.214) bionic; urgency=medium

* bionic/linux: 4.15.0-203.214 -proposed tracker (LP: #2001876)

* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

This bug was fixed in the package linux - 4.15.0-204.215

---------------
linux (4.15.0-204.215) bionic; urgency=medium

* bionic/linux: 4.15.0-204.215 -proposed tracker (LP: #2003522)

* Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key

linux (4.15.0-203.214) bionic; urgency=medium

* bionic/linux: 4.15.0-203.214 -proposed tracker (LP: #2001876)

* Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

* Bionic update: upstream stable patchset 2022-12-01 (LP: #1998542)
    - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
    - x86/cpufeature: Add facility to check for min microcode revisions
    - x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h>
      header
    - x86/devicetable: Move x86 specific macro out of generic code
    - x86/cpu: Add consistent CPU match macros
    - x86/cpu: Add a steppings field to struct x86_cpu_id
    - x86/entry: Remove skip_r11rcx
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
      spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - entel_idle: Disable IBRS during long idle
    - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
    - x86/speculation: Add LFENCE to RSB fill sequence
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/speculation: Disable RRSBA behavior
    - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - x86/speculation: Add RSB VM Exit protections
    - ocfs2: clear dinode links count in case of error
    - ocfs2: fix BUG when iput after ocfs2_mknod fails
    - x86/microcode/AMD: Apply the patch early on every logical thread
    - ata: ahci-imx: Fix MODULE_ALIAS
    - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
    - KVM: arm64: vgic: Fix exit condition in scan_its_table()
    - [Config] updateconfigs for ARM64_ERRATUM_1742098
    - arm64: errata: Remove AES hwcap for COMPAT tasks
    - r8152: add PID for the Lenovo OneLink+ Dock
    - btrfs: fix processing of delayed data refs during backref walking
    - ACPI: extlog: Handle multiple records
    - HID: magicmouse: Do not set BTN_MOUSE on double report
    - net/atm: fix proc_mpc_write incorrect return value
    - net: hns: fix possible memory leak in hnae_ae_register()
    - iommu/vt-d: Clean up si_domain in the init_dmars() error path
    - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
    - ACPI: video: Force backlight native for more TongFang devices
    - ALSA: Use del_timer_sync() before freeing timer
    - ALSA: au88x0: use explicitly signed char
    - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
    - usb: dwc3: gadget: Don't set IMI for no_interrupt
    - usb: bdc: change state when port disconnected
    - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
      controller
    - xhci: Remove device endpoints from bandwidth list when freeing the device
    - tools: iio: iio_utils: fix digit calculation
    - iio: light: tsl2583: Fix module unloading
    - fbdev: smscufx: Fix several use-after-free bugs
    - mac802154: Fix LQI recording
    - drm/msm/hdmi: fix memory corruption with too many bridges
    - mmc: core: Fix kernel panic when remove non-standard SDIO card
    - kernfs: fix use-after-free in __kernfs_remove
    - s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
    - Xen/gntdev: don't ignore kernel unmapping error
    - xen/gntdev: Prevent leaking grants
    - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
    - net: ieee802154: fix error return code in dgram_bind()
    - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
    - arc: iounmap() arg is volatile
    - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
    - x86/unwind/orc: Fix unreliable stack dump with gcov
    - amd-xgbe: fix the SFP compliance codes check for DAC cables
    - amd-xgbe: add the bit rate quirk for Molex cables
    - kcm: annotate data-races around kcm->rx_psock
    - kcm: annotate data-races around kcm->rx_wait
    - net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
    - tcp: fix indefinite deferral of RTO with SACK reneging
    - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error
      path
    - PM: hibernate: Allow hybrid sleep to work with s2idle
    - media: vivid: s_fbuf: add more sanity checks
    - media: vivid: dev->bitmap_cap wasn't freed in all cases
    - media: v4l2-dv-timings: add sanity checks for blanking values
    - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
    - i40e: Fix ethtool rx-flow-hash setting for X722
    - i40e: Fix flow-type by setting GL_HASH_INSET registers
    - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
    - PM: domains: Fix handling of unavailable/disabled idle states
    - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
    - ALSA: aoa: Fix I2S device accounting
    - openvswitch: switch from WARN to pr_warn
    - net: ehea: fix possible memory leak in ehea_register_port()
    - can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global
      FIFO receive
    - media: venus: dec: Handle the case where find_format fails
    - Makefile.debug: re-enable debug info for .S files
    - drm/msm/dsi: fix memory corruption with too many bridges
    - perf auxtrace: Fix address filter symbol name match for modules
    - net: netsec: fix error handling in netsec_register_mdio()
    - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
    - i40e: Fix VF hang when reset is triggered on another VF

* Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650)
    - of: fdt: fix off-by-one error in unflatten_dt_nodes()
    - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
    - drm/meson: Correct OSD1 global alpha value
    - parisc: ccio-dma: Add missing iounmap in error path in ccio_probe()
    - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
    - ASoC: nau8824: Fix semaphore unbalance at error paths
    - regulator: pfuze100: Fix the global-out-of-bounds access in
      pfuze100_regulator_probe()
    - ALSA: hda/sigmatel: Keep power up while beep is enabled
    - net: usb: qmi_wwan: add Quectel RM520N
    - MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
    - mksysmap: Fix the mismatch of 'L0' symbols in System.map
    - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
    - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
    - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
    - USB: core: Fix RST error in hub.c
    - USB: serial: option: add Quectel BG95 0x0203 composition
    - USB: serial: option: add Quectel RM520N
    - ALSA: hda/tegra: set depop delay for tegra
    - ALSA: hda: add Intel 5 Series / 3400 PCI DID
    - mm/slub: fix to return errno if kmalloc() fails
    - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
    - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
    - netfilter: nf_conntrack_irc: Tighten matching on DCC message
    - iavf: Fix cached head and tail value for iavf_get_tx_pending
    - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
    - net: team: Unsync device addresses on ndo_stop
    - MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
    - of: mdio: Add of_node_put() when breaking out of for_each_xx
    - netfilter: ebtables: fix memory leak when blob is malformed
    - can: gs_usb: gs_can_open(): fix race dev->can.state condition
    - perf kcore_copy: Do not check /proc/modules is unchanged
    - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
    - serial: Create uart_xmit_advance()
    - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
    - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
    - Drivers: hv: Never allocate anything besides framebuffer from framebuffer
      memory region
    - ext4: make directory inode spreading reflect flexbg size
    - nvmet: fix a use-after-free
    - i40e: Fix VF set max MTU size
    - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
    - perf jit: Include program header in ELF files
    - workqueue: don't skip lockdep work dependency in cancel_work_sync()
    - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
    - mm/page_alloc: fix race condition between build_all_zonelists and page
      allocation
    - mm: prevent page_frag_alloc() from corrupting the memory
    - mm/migrate_device.c: flush TLB while holding PTL
    - soc: sunxi: sram: Actually claim SRAM regions
    - soc: sunxi: sram: Fix debugfs info for A64 SRAM C
    - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
      suspend/resume time"
    - Input: melfas_mip4 - fix return value check in mip4_probe()
    - usbnet: Fix memory leak in usbnet_disconnect()
    - selftests: Fix the if conditions of in test_extra_filter()
    - uas: add no-uas quirk for Hiksemi usb_disk
    - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS
    - uas: ignore UAS for Thinkplus chips
    - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
    - ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
    - nvme: add new line after variable declatation
    - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
    - clk: iproc: Minor tidy up of iproc pll data structures
    - clk: iproc: Do not rely on node name for correct PLL setup
    - Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
    - ARM: fix function graph tracer and unwinder dependencies
    - [Config] updateconfigs for UNWINDER_ARM
    - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
    - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API
      failure
    - ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
    - net/ieee802154: fix uninit value bug in dgram_sendmsg
    - um: Cleanup syscall_handler_t cast in syscalls_32.h
    - um: Cleanup compiler warning in arch/x86/um/tls_32.c
    - usb: mon: make mmapped memory read only
    - USB: serial: ftdi_sio: fix 300 bps rate for SIO
    - mmc: core: Replace with already defined values for readability
    - mmc: core: Terminate infinite loop in SD-UHS voltage switch
    - rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
    - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
    - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
    - ceph: don't truncate file in atomic_open
    - random: clamp credited irq bits to maximum mixed
    - ALSA: hda: Fix position reporting on Poulsbo
    - USB: serial: qcserial: add new usb-id for Dell branded EM7455
    - random: restore O_NONBLOCK support
    - random: avoid reading two cache lines on irq randomness
    - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
    - Input: xpad - add supported devices as contributed on github
    - Input: xpad - fix wireless 360 controller breaking after suspend
    - random: use expired timer rather than wq for mixing fast pool
    - ALSA: oss: Fix potential deadlock at unregistration
    - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
    - ALSA: usb-audio: Fix potential memory leaks
    - ALSA: usb-audio: Fix NULL dererence at error path
    - iio: dac: ad5593r: Fix i2c read protocol requirements
    - fs: dlm: fix race between test_bit() and queue_work()
    - fs: dlm: handle -EBUSY first in lock arg validation
    - HID: multitouch: Add memory barriers
    - quota: Check next/prev free block number after reading from quota file
    - regulator: qcom_rpm: Fix circular deferral regression
    - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
    - parisc: fbdev/stifb: Align graphics memory size to 4MB
    - UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
    - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
    - fbdev: smscufx: Fix use-after-free in ufx_ops_open()
    - nilfs2: fix use-after-free bug of struct nilfs_root
    - ext4: fix null-ptr-deref in ext4_write_info
    - ext4: make ext4_lazyinit_thread freezable
    - ext4: place buffer head allocation before handle start
    - livepatch: fix race between fork and KLP transition
    - ftrace: Properly unset FTRACE_HASH_FL_MOD
    - ring-buffer: Allow splice to read previous partially read pages
    - ring-buffer: Check pending waiters when doing wake ups as well
    - ring-buffer: Fix race between reset page and reading page
    - KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
    - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
    - gcov: support GCC 12.1 and newer compilers
    - selinux: use "grep -E" instead of "egrep"
    - sh: machvec: Use char[] for section boundaries
    - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
    - wifi: mac80211: allow bw change during channel switch in mesh
    - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
    - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
    - spi: qup: add missing clk_disable_unprepare on error in
      spi_qup_pm_resume_runtime()
    - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
    - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
    - net: fs_enet: Fix wrong check in do_pd_setup
    - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
    - netfilter: nft_fib: Fix for rpath check with VRF devices
    - spi: s3c64xx: Fix large transfers with DMA
    - vhost/vsock: Use kvmalloc/kvfree for larger packets.
    - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
    - net: rds: don't hold sock lock when cancelling work from
      rds_tcp_reset_callbacks()
    - bnx2x: fix potential memory leak in bnx2x_tpa_stop()
    - drm/mipi-dsi: Detach devices when removing the host
    - platform/x86: msi-laptop: Fix old-ec check for backlight registering
    - platform/x86: msi-laptop: Fix resource cleanup
    - drm/bridge: megachips: Fix a null pointer dereference bug
    - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
    - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
    - ALSA: dmaengine: increment buffer pointer atomically
    - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
    - memory: of: Fix refcount leak bug in of_get_ddr_timings()
    - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
    - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
    - ARM: dts: turris-omnia: Fix mpp26 pin name and comment
    - ARM: dts: kirkwood: lsxl: fix serial line
    - ARM: dts: kirkwood: lsxl: remove first ethernet port
    - ARM: Drop CMDLINE_* dependency on ATAGS
    - ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
    - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
    - iio: inkern: only release the device node when done with it
    - iio: ABI: Fix wrong format of differential capacitance channel ABI.
    - clk: oxnas: Hold reference returned by of_get_parent()
    - clk: tegra: Fix refcount leak in tegra210_clock_init
    - clk: tegra: Fix refcount leak in tegra114_clock_init
    - clk: tegra20: Fix refcount leak in tegra20_clock_init
    - HSI: omap_ssi: Fix refcount leak in ssi_probe
    - HSI: omap_ssi_port: Fix dma_map_sg error check
    - media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
    - tty: xilinx_uartps: Fix the ignore_status
    - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
    - RDMA/rxe: Fix "kernel NULL pointer dereference" error
    - RDMA/rxe: Fix the error caused by qp->sk
    - dyndbg: fix module.dyndbg handling
    - dyndbg: let query-modname override actual module name
    - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
    - ata: fix ata_id_has_devslp()
    - ata: fix ata_id_has_ncq_autosense()
    - ata: fix ata_id_has_dipm()
    - md/raid5: Ensure stripe_fill happens on non-read IO with journal
    - xhci: Don't show warning for reinit on known broken suspend
    - usb: gadget: function: fix dangling pnp_string in f_printer.c
    - drivers: serial: jsm: fix some leaks in probe
    - phy: qualcomm: call clk_disable_unprepare in the error handling
    - firmware: google: Test spinlock on panic path to avoid lockups
    - serial: 8250: Fix restoring termios speed after suspend
    - fsi: core: Check error number after calling ida_simple_get
    - mfd: intel_soc_pmic: Fix an error handling path in
      intel_soc_pmic_i2c_probe()
    - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
    - mfd: lp8788: Fix an error handling path in lp8788_probe()
    - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
      lp8788_irq_init()
    - mfd: sm501: Add check for platform_driver_register()
    - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
      __cleanup()
    - spmi: pmic-arb: correct duplicate APID to PPID mapping logic
    - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
    - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
    - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
    - powerpc/math_emu/efp: Include module.h
    - powerpc/sysdev/fsl_msi: Add missing of_node_put()
    - powerpc/pci_dn: Add missing of_node_put()
    - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
    - powerpc: Fix SPE Power ISA properties for e500v1 platforms
    - iommu/omap: Fix buffer overflow in debugfs
    - iommu/iova: Fix module config properly
    - crypto: cavium - prevent integer overflow loading firmware
    - f2fs: fix race condition on setting FI_NO_EXTENT flag
    - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
    - MIPS: BCM47XX: Cast memcmp() of function to (void *)
    - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
    - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to
      avoid crash
    - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
    - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
    - openvswitch: Fix double reporting of drops in dropwatch
    - openvswitch: Fix overreporting of drops in dropwatch
    - tcp: annotate data-race around tcp_md5sig_pool_populated
    - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
    - xfrm: Update ipcomp_scratches with NULL when freed
    - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
    - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
    - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
    - can: bcm: check the result of can_send() in bcm_can_tx()
    - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
    - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
    - wifi: rt2x00: set SoC wmac clock register
    - wifi: rt2x00: correctly set BBP register 86 for MT7620
    - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
    - Bluetooth: L2CAP: Fix user-after-free
    - drm: Use size_t type for len variable in drm_copy_field()
    - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
    - drm/vc4: vec: Fix timings for VEC modes
    - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
      autoloading
    - drm/amdgpu: fix initial connector audio value
    - ARM: dts: imx7d-sdb: config the max pressure for tsc2046
    - ARM: dts: imx6q: add missing properties for sram
    - ARM: dts: imx6dl: add missing properties for sram
    - ARM: dts: imx6qp: add missing properties for sram
    - ARM: dts: imx6sl: add missing properties for sram
    - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
    - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
    - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
    - HID: roccat: Fix use-after-free in roccat_read()
    - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
    - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
    - usb: musb: Fix musb_gadget.c rxstate overflow bug
    - Revert "usb: storage: Add quirk for Samsung Fit flash"
    - usb: idmouse: fix an uninit-value in idmouse_open
    - perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
    - net: ieee802154: return -EINVAL for unknown addr type
    - net/ieee802154: don't warn zero-sized raw_sendmsg()
    - ext4: continue to expand file system when the target size doesn't reach
    - md: Replace snprintf with scnprintf
    - efi: libstub: drop pointless get_memory_map() call
    - inet: fully convert sk->sk_rx_dst to RCU rules
    - thermal: intel_powerclamp: Use first online CPU as control_cpu
    - mtd: rawnand: atmel: Unmap streaming DMA mappings
    - drm: bridge: adv7511: fix CEC power down control register offset
    - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
    - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
    - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
    - clk: berlin: Add of_node_put() for of_get_parent()
    - mtd: devices: docg3: check the return value of devm_ioremap() in the probe

-- Stefan Bader <stefan.bader@canonical.com>  Fri, 20 Jan 2023 16:01:55 +0100

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

Bionic update: upstream stable patchset 2022-12-01

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
linux package