Jammy update: v6.1.34 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-oem-6.1 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v6.1.34 upstream stable release
from git://git.
Linux 6.1.34
Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE"
wifi: rtw88: correct PS calculation for SUPPORTS_DYNAMIC_PS
wifi: rtw89: correct PS calculation for SUPPORTS_DYNAMIC_PS
ext4: only check dquot_initializ
Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled"
ksmbd: check the validation of pdu_size in ksmbd_conn_
ksmbd: fix out-of-bound read in parse_lease_state()
ksmbd: fix out-of-bound read in deassemble_
vhost_vdpa: support PACKED when setting-getting vring_base
vhost: support PACKED when setting-getting vring_base
vduse: avoid empty string for dev name
riscv: fix kprobe __user string arg print fault issue
soundwire: stream: Add missing clear of alloc_slave_rt
eeprom: at24: also select REGMAP
riscv: mm: Ensure prot of VM_WRITE and VM_EXEC must be readable
i2c: sprd: Delete i2c adapter in .remove's error path
gpio: sim: fix memory corruption when adding named lines and unnamed hogs
firmware: arm_ffa: Set handle field to zero in memory descriptor
i2c: mv64xxx: Fix reading invalid status value in atomic mode
arm64: dts: imx8mn-beacon: Fix SPI CS pinmux
blk-mq: fix blk_mq_hw_ctx active request accounting
ASoC: simple-card-utils: fix PCM constraint error check
ASoC: mediatek: mt8195: fix use-after-free in driver remove path
ASoC: mediatek: mt8195-afe-pcm: Convert to platform remove callback returning void
arm64: dts: imx8-ss-dma: assign default clock rate for lpuarts
arm64: dts: imx8qm-mek: correct GPIOs for USDHC2 CD and WP signals
arm64: dts: qcom: sc7180-lite: Fix SDRAM freq for misidentified sc7180-lite boards
ASoC: codecs: wsa881x: do not set can_multi_write flag
ASoC: codecs: wsa883x: do not set can_multi_write flag
ARM: dts: at91: sama7g5ek: fix debounce delay property for shdwc
ARM: at91: pm: fix imbalanced reference counter for ethernet devices
arm64: dts: qcom: sc8280xp: Flush RSC sleep & wake votes
mm: page_table_check: Ensure user pages are not slab pages
mm: page_table_check: Make it dependent on EXCLUSIVE_
usb: usbfs: Use consistent mmap functions
usb: usbfs: Enforce page requirements for mmap
pinctrl: meson-axg: add missing GPIOA_18 gpio group
soc: qcom: icc-bwmon: fix incorrect error code passed to dev_err_probe()
virtio_net: use control_buf for coalesce params
rbd: get snapshot context after exclusive lock is ensured to be held
rbd: move RBD_OBJ_
tee: amdtee: Add return_origin to 'struct tee_cmd_load_ta'
Bluetooth: hci_qca: fix debugfs registration
Bluetooth: fix debugfs registration
Bluetooth: Fix use-after-free in hci_remove_
s390/dasd: Use correct lock while counting channel queue length
ceph: fix use-after-free bug for inodes when flushing capsnaps
selftests: mptcp: update userspace pm subflow tests
selftests: mptcp: update userspace pm addr tests
mptcp: update userspace pm infos
mptcp: add address into userspace pm list
mptcp: only send RM_ADDR in nl_cmd_remove
can: j1939: avoid possible use-after-free when j1939_can_
can: j1939: change j1939_netdev_lock type to mutex
can: j1939: j1939_sk_
wifi: iwlwifi: mvm: Fix -Warray-bounds bug in iwl_mvm_
drm/amd/display: Reduce sdp bw after urgent to 90%
drm/amd/pm: Fix power context allocation in SMU13
drm/amdgpu: change reserved vram info print
drm/amdgpu: fix xclk freq on CHIP_STONEY
drm/amd/pm: conditionally disable pcie lane switching for some sienna_cichlid SKUs
drm/i915/gt: Use the correct error value when kernel_context() fails
ALSA: hda/realtek: Add quirks for Asus ROG 2024 laptops using CS35L41
ALSA: hda/realtek: Add Lenovo P3 Tower platform
ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
ALSA: ice1712,ice1724: fix the kcontrol->id initialization
ALSA: hda/realtek: Add quirk for Clevo NS50AU
ALSA: cmipci: Fix kctl->id initialization
ALSA: gus: Fix kctl->id initialization
ALSA: ymfpci: Fix kctl->id initialization
ALSA: hda: Fix kctl->id initialization
Input: fix open count when closing inhibited device
Input: psmouse - fix OOB access in Elantech protocol
Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
batman-adv: Broken sync while rescheduling delayed work
bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
bnxt_en: Prevent kernel panic when receiving unexpected PHC_UPDATE event
bnxt_en: Skip firmware fatal error recovery if chip is not accessible
bnxt_en: Query default VLAN before VNIC setup on a VF
bnxt_en: Don't issue AP reset during ethtool's reset operation
net: bcmgenet: Fix EEE implementation
lib: cpu_rmap: Fix potential use-after-free in irq_cpu_
drm/amdgpu: fix Null pointer dereference error in amdgpu_
bpf: Add extra path pointer check to d_path helper
net: sched: fix possible refcount leak in tc_chain_
net: sched: act_police: fix sparse errors in tcf_police_dump()
net: sched: move rtm_tca_policy declaration to include file
drm/i915/selftests: Add some missing error propagation
drm/i915/selftests: Stop using kthread_stop()
net: sched: add rcu annotations around qdisc->
rfs: annotate lockless accesses to RFS sock flow table
rfs: annotate lockless accesses to sk->sk_rxhash
tcp: gso: really support BIG TCP
ipv6: rpl: Fix Route of Death.
netfilter: nf_tables: out-of-bound check in chain blob
netfilter: ipset: Add schedule point in call_ad().
netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
netfilter: nft_bitwise: fix register tracking
selftests/bpf: Fix sockopt_sk selftest
selftests/bpf: Verify optval=NULL case
wifi: cfg80211: fix locking in sched scan stop work
qed/qede: Fix scheduling while atomic
wifi: mac80211: don't translate beacon/presp addrs
wifi: mac80211: mlme: fix non-inheritence element
wifi: cfg80211: reject bad AP MLD address
wifi: mac80211: use correct iftype HE cap
Bluetooth: L2CAP: Add missing checks for invalid DCID
Bluetooth: ISO: don't try to remove CIG if there are bound CIS left
Bluetooth: Fix l2cap_disconnec
Bluetooth: hci_sync: add lock to protect HCI_UNREGISTER
drm/i915: Use 18 fast wake AUX sync len
drm/i915: Explain the magic numbers for AUX SYNC/precharge length
net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
net: enetc: correct rx_bytes statistics of XDP
net: enetc: correct the statistics of rx bytes
net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
net/ipv6: fix bool/int mismatch for skip_notify_
bpf: Fix elem_size not being set for inner maps
bpf: Fix UAF in task local storage
net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294
net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
neighbour: fix unaligned access to pneigh_entry
bpf, sockmap: Avoid potential NULL dereference in sk_psock_
wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll
afs: Fix setting of mtime when creating a file/dir/symlink
spi: qup: Request DMA before enabling clocks
platform/surface: aggregator_
platform/surface: aggregator: Allow completion work-items to be executed in parallel
spi: mt65xx: make sure operations completed before unloading
net: sfp: fix state loss when updating state_hw_mask
scsi: megaraid_sas: Add flexible array member for SGLs
CVE References
Changed in linux-oem-6.1 (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
Changed in linux-oem-6.1 (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in linux-oem-6.1 (Ubuntu Jammy): | |
status: | New → In Progress |
Changed in linux-oem-6.1 (Ubuntu Jammy): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux-oem-6.1 - 6.1.0-1016.16
---------------
linux-oem-6.1 (6.1.0-1016.16) jammy; urgency=medium
* jammy/linux- oem-6.1: 6.1.0-1016.16 -proposed tracker (LP: #2024462)
* Jammy update: v6.1.34 upstream stable release (LP: #2024166) tabletsw: Add support for book mode in KIP psock_verdict_ data_ready( ) on_dev_ down t_req deadlock qdisc_sleeping tmplt_add( ) device_ recover_ vram
- scsi: megaraid_sas: Add flexible array member for SGLs
- net: sfp: fix state loss when updating state_hw_mask
- spi: mt65xx: make sure operations completed before unloading
- platform/surface: aggregator: Allow completion work-items to be executed in
parallel
- platform/surface: aggregator_
subsystem
- spi: qup: Request DMA before enabling clocks
- afs: Fix setting of mtime when creating a file/dir/symlink
- wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll
- bpf, sockmap: Avoid potential NULL dereference in
sk_
- neighbour: fix unaligned access to pneigh_entry
- net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods
- net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294
- bpf: Fix UAF in task local storage
- bpf: Fix elem_size not being set for inner maps
- net/ipv6: fix bool/int mismatch for skip_notify_
- net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
- net: enetc: correct the statistics of rx bytes
- net: enetc: correct rx_bytes statistics of XDP
- net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
- Bluetooth: hci_sync: add lock to protect HCI_UNREGISTER
- Bluetooth: Fix l2cap_disconnec
- Bluetooth: ISO: don't try to remove CIG if there are bound CIS left
- Bluetooth: L2CAP: Add missing checks for invalid DCID
- wifi: mac80211: use correct iftype HE cap
- wifi: cfg80211: reject bad AP MLD address
- wifi: mac80211: mlme: fix non-inheritence element
- wifi: mac80211: don't translate beacon/presp addrs
- qed/qede: Fix scheduling while atomic
- wifi: cfg80211: fix locking in sched scan stop work
- selftests/bpf: Verify optval=NULL case
- selftests/bpf: Fix sockopt_sk selftest
- netfilter: nft_bitwise: fix register tracking
- netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
- netfilter: ipset: Add schedule point in call_ad().
- netfilter: nf_tables: out-of-bound check in chain blob
- ipv6: rpl: Fix Route of Death.
- tcp: gso: really support BIG TCP
- rfs: annotate lockless accesses to sk->sk_rxhash
- rfs: annotate lockless accesses to RFS sock flow table
- net: sched: add rcu annotations around qdisc->
- drm/i915/selftests: Stop using kthread_stop()
- drm/i915/selftests: Add some missing error propagation
- net: sched: move rtm_tca_policy declaration to include file
- net: sched: act_police: fix sparse errors in tcf_police_dump()
- net: sched: fix possible refcount leak in tc_chain_
- bpf: Add extra path pointer check to d_path helper
- drm/amdgpu: fix Null pointer dereference error in amdgpu_
- lib: cpu_rmap: Fix potential use-after-free in i...