Bug #2028746 “Fix UBSAN in Intel EDAC driver” : Bugs : linux package : Ubuntu

Kai-Heng Feng (kaihengfeng) on 2023-07-26

Changed in linux (Ubuntu Jammy):
status:	New → Won't Fix
Changed in linux (Ubuntu Lunar):
status:	New → Confirmed
Changed in linux-oem-6.1 (Ubuntu):
status:	New → Invalid
Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	New → Confirmed
Changed in linux-oem-6.1 (Ubuntu Lunar):
status:	New → Invalid
Changed in linux-oem-6.1 (Ubuntu Jammy):
importance:	Undecided → Low
Changed in linux (Ubuntu Lunar):
importance:	Undecided → Low

Kai-Heng Feng (kaihengfeng) on 2023-07-26

tags:

added: oem-priority originate-from-1990358 somerville

Stefan Bader (smb) on 2023-08-03

Changed in linux (Ubuntu Lunar):
status:	Confirmed → Fix Committed
Changed in linux (Ubuntu):
status:	New → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-10:

#1

This bug is awaiting verification that the linux-oem-6.5/6.5.0-1002.2 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-oem-6.5' to 'verification-done-jammy-linux-oem-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-oem-6.5' to 'verification-failed-jammy-linux-oem-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-oem-6.5-v2 verification-needed-jammy-linux-oem-6.5

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-10:

#2

This bug is awaiting verification that the linux/6.2.0-30.30 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux' to 'verification-done-lunar-linux'. If the problem still exists, change the tag 'verification-needed-lunar-linux' to 'verification-failed-lunar-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-v2 verification-needed-lunar-linux

Kai-Heng Feng (kaihengfeng) on 2023-08-15

tags:

added: verification-done-lunar-linux
removed: verification-needed-lunar-linux

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-22:

#3

This bug is awaiting verification that the linux-oem-6.1/6.1.0-1021.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-oem-6.1' to 'verification-done-jammy-linux-oem-6.1'. If the problem still exists, change the tag 'verification-needed-jammy-linux-oem-6.1' to 'verification-failed-jammy-linux-oem-6.1'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-oem-6.1-v2 verification-needed-jammy-linux-oem-6.1

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-30:

#4

This bug is awaiting verification that the linux-nvidia-6.2/6.2.0-1010.10 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-nvidia-6.2' to 'verification-done-jammy-linux-nvidia-6.2'. If the problem still exists, change the tag 'verification-needed-jammy-linux-nvidia-6.2' to 'verification-failed-jammy-linux-nvidia-6.2'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-nvidia-6.2-v2 verification-needed-jammy-linux-nvidia-6.2

Timo Aaltonen (tjaalton) on 2023-08-31

Changed in linux-oem-6.5 (Ubuntu):
status:	New → Invalid
Changed in linux-oem-6.5 (Ubuntu Lunar):
status:	New → Invalid

Timo Aaltonen (tjaalton) on 2023-08-31

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	New → Fix Committed

Timo Aaltonen (tjaalton) on 2023-09-01

Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	Confirmed → Fix Committed

Kai-Heng Feng (kaihengfeng) on 2023-09-04

tags:

added: verification-done-jammy-linux-oem-6.1 verification-done-jammy-linux-oem-6.5
removed: verification-needed-jammy-linux-oem-6.1 verification-needed-jammy-linux-oem-6.5

Timo Aaltonen (tjaalton) on 2023-09-05

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-05:

#5

Download full text (44.8 KiB)

This bug was fixed in the package linux-oem-6.1 - 6.1.0-1021.21

---------------
linux-oem-6.1 (6.1.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.1: 6.1.0-1021.21 -proposed tracker (LP: #2030428)

* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper

  * Jammy update: v6.1.46 upstream stable release (LP: #2032632)
    - gcc-plugins: Reorganize gimple includes for GCC 13
    - Revert "loongarch/cpu: Switch to arch_cpu_finalize_init()"
    - tpm: Disable RNG for all AMD fTPMs
    - tpm: Add a helper for checking hwrng enabled
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
    - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
    - wifi: rtw89: fix 8852AE disconnection caused by RX full flags
    - selftests: forwarding: Set default IPv6 traceroute utility
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - selftests: mptcp: join: fix 'delete and re-add' test
    - selftests: mptcp: join: fix 'implicit EP' test
    - mptcp: avoid bogus reset on fallback close
    - mptcp: fix disconnect vs accept race
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - net: mana: Fix MANA VF unload when hardware is unresponsive
    - riscv/kexec: load initrd high in available memory
    - riscv,mmio: Fix readX()-to-delay() ordering
    - riscv/kexec: handle R_RISCV_CALL_PLT relocation type
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - drm/amdgpu: add S/G display parameter
    - drm/amd: Disable S/G for APUs when 64GB or more host memory
    - drm/amd/display: limit DPIA link rate to HBR3
    - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings
    - drm/amd/pm: expose swctf threshold setting for legacy powerplay
    - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock
      settings
    - drm/amd/pm: avoid unintentional shutdown due to temperature momentary
      fluctuation
    - drm/amd/display: Handle virtual hardware detect
    - drm/amd/display: Add function for validate and update new stream
    - drm/amd/display: Handle seamless boot stream
    - drm/amd/display: Update OTG instance in the commit stream
    - drm/amd/display: Avoid ABM when ODM combine is e...

This bug was fixed in the package linux-oem-6.1 - 6.1.0-1021.21

---------------
linux-oem-6.1 (6.1.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.1: 6.1.0-1021.21 -proposed tracker (LP: #2030428)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

* Jammy update: v6.1.46 upstream stable release (LP: #2032632)
    - gcc-plugins: Reorganize gimple includes for GCC 13
    - Revert "loongarch/cpu: Switch to arch_cpu_finalize_init()"
    - tpm: Disable RNG for all AMD fTPMs
    - tpm: Add a helper for checking hwrng enabled
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
    - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
    - wifi: rtw89: fix 8852AE disconnection caused by RX full flags
    - selftests: forwarding: Set default IPv6 traceroute utility
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - selftests: mptcp: join: fix 'delete and re-add' test
    - selftests: mptcp: join: fix 'implicit EP' test
    - mptcp: avoid bogus reset on fallback close
    - mptcp: fix disconnect vs accept race
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - net: mana: Fix MANA VF unload when hardware is unresponsive
    - riscv/kexec: load initrd high in available memory
    - riscv,mmio: Fix readX()-to-delay() ordering
    - riscv/kexec: handle R_RISCV_CALL_PLT relocation type
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - drm/amdgpu: add S/G display parameter
    - drm/amd: Disable S/G for APUs when 64GB or more host memory
    - drm/amd/display: limit DPIA link rate to HBR3
    - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings
    - drm/amd/pm: expose swctf threshold setting for legacy powerplay
    - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock
      settings
    - drm/amd/pm: avoid unintentional shutdown due to temperature momentary
      fluctuation
    - drm/amd/display: Handle virtual hardware detect
    - drm/amd/display: Add function for validate and update new stream
    - drm/amd/display: Handle seamless boot stream
    - drm/amd/display: Update OTG instance in the commit stream
    - drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
    - drm/amd/display: Use update plane and stream routine for DCN32x
    - drm/amd/display: Disable phantom OTG after enable for plane disable
    - drm/amd/display: Retain phantom plane/stream if validation fails
    - drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set
    - drm/amd/display: trigger timing sync only if TG is running
    - io_uring: correct check for O_TMPFILE
    - iio: cros_ec: Fix the allocation size for cros_ec_command
    - iio: frequency: admv1013: propagate errors from regulator_get_voltage()
    - iio: adc: ad7192: Fix ac excitation feature
    - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match
    - binder: fix memory leak in binder_init()
    - misc: rtsx: judge ASPM Mode to set PETXCFG Reg
    - usb-storage: alauda: Fix uninit-value in alauda_check_media()
    - usb: dwc3: Properly handle processing of pending events
    - USB: Gadget: core: Help prevent panic during UVC unconfigure
    - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none
    - usb: typec: tcpm: Fix response to vsafe0V event
    - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment
    - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines
    - x86/sev: Do not try to parse for the CC blob on non-AMD hardware
    - x86/speculation: Add cpu_show_gds() prototype
    - x86: Move gds_ucode_mitigated() declaration to header
    - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
    - iio: core: Prevent invalid memory access when there is no parent
    - interconnect: qcom: Add support for mask-based BCMs
    - interconnect: qcom: sm8450: add enable_mask for bcm nodes
    - selftests/rseq: Fix build with undefined __weak
    - selftests: forwarding: Add a helper to skip test when using veth pairs
    - selftests: forwarding: ethtool: Skip when using veth pairs
    - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs
    - selftests: forwarding: hw_stats_l3_gre: Skip when using veth pairs
    - selftests: forwarding: Skip test when no interfaces are specified
    - selftests: forwarding: Switch off timeout
    - selftests: forwarding: tc_flower: Relax success criterion
    - net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
    - bpf, sockmap: Fix map type error in sock_map_del_link
    - bpf, sockmap: Fix bug that strp_done cannot be called
    - mISDN: Update parameter type of dsp_cmx_send()
    - macsec: use DEV_STATS_INC()
    - mptcp: fix the incorrect judgment for msk->cb_flags
    - net/packet: annotate data-races around tp->status
    - net/smc: Use correct buffer sizes when switching between TCP and SMC
    - tcp: add missing family to tcp_set_ca_state() tracepoint
    - tunnels: fix kasan splat when generating ipv4 pmtu error
    - xsk: fix refcount underflow in error path
    - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - dccp: fix data-race around dp->dccps_mss_cache
    - drivers: net: prevent tun_build_skb() to exceed the packet size limit
    - drivers: vxlan: vnifilter: free percpu vni stats on error path
    - iavf: fix potential races for FDIR filters
    - IB/hfi1: Fix possible panic during hotplug remove
    - drm/rockchip: Don't spam logs in atomic check
    - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
    - RDMA/umem: Set iova in ODP flow
    - net: tls: avoid discarding data on record close
    - net: marvell: prestera: fix handling IPv4 routes with nhid
    - net: phy: at803x: remove set/get wol callbacks for AR8032
    - net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on
      driver remove
    - net: hns3: refactor hclge_mac_link_status_wait for interface reuse
    - net: hns3: add wait until mac link down
    - net: hns3: fix deadlock issue when externel_lb and reset are executed
      together
    - nexthop: Fix infinite nexthop dump when using maximum nexthop ID
    - nexthop: Make nexthop bucket dump more efficient
    - nexthop: Fix infinite nexthop bucket dump when using maximum nexthop ID
    - net: hns3: fix strscpy causing content truncation issue
    - dmaengine: mcf-edma: Fix a potential un-allocated memory access
    - dmaengine: owl-dma: Modify mismatched function name
    - net/mlx5: Allow 0 for total host VFs
    - net/mlx5: LAG, Check correct bucket when modifying LAG
    - net/mlx5: Skip clock update work when device is in error state
    - net/mlx5: Reload auxiliary devices in pci error handlers
    - ibmvnic: Enforce stronger sanity checks on login response
    - ibmvnic: Unmap DMA login rsp buffer on send login fail
    - ibmvnic: Handle DMA unmapping of login buffs in release functions
    - ibmvnic: Do partial reset on login failure
    - ibmvnic: Ensure login failure recovery is safe from other resets
    - gpio: ws16c48: Fix off-by-one error in WS16C48 resource region extent
    - gpio: sim: mark the GPIO chip as a one that can sleep
    - btrfs: wait for actual caching progress during allocation
    - btrfs: don't stop integrity writeback too early
    - btrfs: properly clear end of the unreserved range in cow_file_range
    - btrfs: exit gracefully if reloc roots don't match
    - btrfs: reject invalid reloc tree root keys with stack dump
    - btrfs: set cache_block_group_error if we find an error
    - nvme-tcp: fix potential unbalanced freeze & unfreeze
    - nvme-rdma: fix potential unbalanced freeze & unfreeze
    - netfilter: nf_tables: report use refcount overflow
    - scsi: core: Fix legacy /proc parsing buffer overflow
    - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
    - scsi: ufs: renesas: Fix private allocation
    - scsi: 53c700: Check that command slot is not NULL
    - scsi: snic: Fix possible memory leak if device_add() fails
    - scsi: core: Fix possible memory leak if device_add() fails
    - scsi: fnic: Replace return codes in fnic_clean_pending_aborts()
    - scsi: qedi: Fix firmware halt over suspend and resume
    - scsi: qedf: Fix firmware halt over suspend and resume
    - platform/x86: serial-multi-instantiate: Auto detect IRQ resource for CSC3551
    - ACPI: scan: Create platform device for CS35L56
    - alpha: remove __init annotation from exported page_is_ram()
    - sch_netem: fix issues in netem_change() vs get_dist_table()
    - drm/amd/pm/smu7: move variables to where they are used
    - Linux 6.1.46
    - upstream stable to v6.1.46

* Jammy update: v6.1.45 upstream stable release (LP: #2032631)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - net: ipa: only reset hashed tables when supported
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mm-venice-gw7903: disable disp_blk_ctrl
    - arm64: dts: imx8mm-venice-gw7904: disable disp_blk_ctrl
    - arm64: dts: phycore-imx8mm: Label typo-fix of VPU
    - arm64: dts: phycore-imx8mm: Correction in gpio-line-names
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - arm64: dts: freescale: Fix VPU G2 clock
    - firmware: smccc: Fix use of uninitialised results structure
    - lib/bitmap: workaround const_eval test build failure
    - firmware: arm_scmi: Fix chan_free cleanup on SMC
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - erofs: fix wrong primary bvec selection on deduplicated extents
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set
    - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_reserved_mem
    - net: annotate data-race around sk->sk_txrehash
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: annotate data-races around sk->sk_mark
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net: annotate data-races around sk->sk_priority
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - ice: Fix RDMA VSI removal during queue rebuild
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - bnxt_en: Fix page pool logic for page size >= 64K
    - bnxt_en: Fix max_mtu setting for multi-buf XDP
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp_metrics: annotate data-races around tm->tcpm_stamp
    - tcp_metrics: annotate data-races around tm->tcpm_lock
    - tcp_metrics: annotate data-races around tm->tcpm_vals[]
    - tcp_metrics: annotate data-races around tm->tcpm_net
    - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
    - rust: allocator: Prevent mis-aligned allocation
    - scsi: zfcp: Defer fc_rport blocking until after ADISC response
    - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices
    - libceph: fix potential hang in ceph_osdc_notify()
    - USB: zaurus: Add ID for A-300/B-500/C-700
    - ceph: defer stopping mdsc delayed_work
    - firmware: arm_scmi: Drop OF node reference in the transport channel setup
    - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
    - exfat: release s_lock before calling dir_emit()
    - mtd: spinand: toshiba: Fix ecc_get_status
    - mtd: rawnand: meson: fix OOB available bytes for ECC
    - bpf: Disable preemption in bpf_perf_event_output
    - arm64: dts: stratix10: fix incorrect I2C property for SCL signal
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
    - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
    - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
    - rbd: prevent busy loop when requesting exclusive lock
    - bpf: Disable preemption in bpf_event_output
    - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
    - arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE
    - arm64/fpsimd: Clear SME state in the target task when setting the VL
    - arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems
    - open: make RESOLVE_CACHED correctly test for O_TMPFILE
    - drm/ttm: check null pointer before accessing when swapping
    - drm/i915: Fix premature release of request's reusable memory
    - drm/i915/gt: Cleanup aux invalidation registers
    - clk: imx93: Propagate correct error in imx93_clocks_probe()
    - bpf, cpumap: Make sure kthread is running before map update returns
    - file: reinstate f_pos locking optimization for regular files
    - mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
    - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list()
    - fs/sysv: Null check to prevent null-ptr-deref bug
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
    - debugobjects: Recheck debug_objects_enabled before reporting
    - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
    - fs: Protect reconfiguration of sb read-write from racing writes
    - ext2: Drop fragment support
    - btrfs: remove BUG_ON()'s in add_new_free_space()
    - f2fs: fix to do sanity check on direct node in truncate_dnode()
    - io_uring: annotate offset timeout races
    - mtd: rawnand: omap_elm: Fix incorrect type in assignment
    - mtd: rawnand: rockchip: fix oobfree offset and description
    - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts
    - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
    - powerpc/mm/altmap: Fix altmap boundary check
    - drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning
    - drm/amd/display: Ensure that planes are in the same order
    - drm/amd/display: skip CLEAR_PAYLOAD_ID_TABLE if device mst_en is 0
    - selftests/rseq: Play nice with binaries statically linked against glibc
      2.35+
    - f2fs: fix to set flush_merge opt and show noflush_merge
    - f2fs: don't reset unchangable mount option in f2fs_remount()
    - arm64/ptrace: Don't enable SVE when setting streaming SVE
    - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2
    - drm/amdgpu: Remove unnecessary domain argument
    - drm/amdgpu: Use apt name for FW reserved region
    - Revert "drm/i915: Disable DC states for all commits"
    - Linux 6.1.45
    - upstream stable to v6.1.45

* Jammy update: v6.1.44 upstream stable release (LP: #2030861)
    - xen/netback: Fix buffer overrun triggered by unusual packet
    - Linux 6.1.44
    - upstream stable to v6.1.44

* Jammy update: v6.1.43 upstream stable release (LP: #2030860)
    - netfilter: nf_tables: fix underflow in object reference counter
    - netfilter: nf_tables: fix underflow in chain reference counter
    - platform/x86/amd/pmf: Notify OS power slider update
    - platform/x86/amd/pmf: reduce verbosity of apmf_get_system_params
    - ovl: fix null pointer dereference in ovl_permission()
    - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
    - blk-mq: Fix stall due to recursive flush plug
    - powerpc/pseries/vas: Hold mmap_mutex after mmap lock during window close
    - KVM: s390: pv: fix index value of replaced ASCE
    - io_uring: don't audit the capability check in io_uring_create()
    - gpio: tps68470: Make tps68470_gpio_output() always set the initial value
    - pwm: Add a stub for devm_pwmchip_add()
    - gpio: mvebu: Make use of devm_pwmchip_add
    - gpio: mvebu: fix irq domain leak
    - btrfs: fix race between quota disable and relocation
    - i2c: Delete error messages for failed memory allocations
    - i2c: Improve size determinations
    - i2c: nomadik: Remove unnecessary goto label
    - i2c: nomadik: Use devm_clk_get_enabled()
    - i2c: nomadik: Remove a useless call in the remove function
    - MIPS: Loongson: Move arch cflags to MIPS top level Makefile
    - MIPS: Loongson: Fix build error when make modules_install
    - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
    - PCI/ASPM: Factor out pcie_wait_for_retrain()
    - PCI/ASPM: Avoid link retraining race
    - PCI: rockchip: Remove writes to unused registers
    - PCI: rockchip: Fix window mapping and address translation for endpoint
    - PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
    - drm/amd/display: add FB_DAMAGE_CLIPS support
    - drm/amd/display: Check if link state is valid
    - drm/amd/display: Rework context change check
    - drm/amd/display: Enable new commit sequence only for DCN32x
    - drm/amd/display: Copy DC context in the commit streams
    - drm/amd/display: Include surface of unaffected streams
    - drm/amd/display: Use min transition for all SubVP plane add/remove
    - drm/amd/display: add ODM case when looking for first split pipe
    - drm/amd/display: use low clocks for no plane configs
    - drm/amd/display: fix unbounded requesting for high pixel rate modes on
      dcn315
    - drm/amd/display: add pixel rate based CRB allocation support
    - drm/amd/display: fix dcn315 single stream crb allocation
    - drm/amd/display: Update correct DCN314 register header
    - drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt
    - drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix
    - drm/ttm: Don't print error message if eviction was interrupted
    - drm/ttm: Don't leak a resource on eviction error
    - n_tty: Rename tail to old_tail in n_tty_read()
    - tty: fix hang on tty device with no_room set
    - drm/ttm: never consider pinned BOs for eviction&swap
    - KVM: arm64: Condition HW AF updates on config option
    - arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2
    - mptcp: introduce 'sk' to replace 'sock->sk' in mptcp_listen()
    - mptcp: do not rely on implicit state check in mptcp_listen()
    - tracing/probes: Add symstr type for dynamic events
    - tracing/probes: Fix to avoid double count of the string length on the array
    - tracing: Allow synthetic events to pass around stacktraces
    - Revert "tracing: Add "(fault)" name injection to kernel probes"
    - tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if
      fails
    - test_maple_tree: test modifications while iterating
    - maple_tree: add __init and __exit to test module
    - maple_tree: fix 32 bit mas_next testing
    - drm/amd/display: Rework comments on dc file
    - drm/amd/display: fix dc/core/dc.c kernel-doc
    - drm/amd/display: Add FAMS validation before trying to use it
    - drm/amd/display: update extended blank for dcn314 onwards
    - drm/amd/display: Fix possible underflow for displays with large vblank
    - drm/amd/display: Prevent vtotal from being set to 0
    - phy: phy-mtk-dp: Fix an error code in probe()
    - phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc
    - phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend
    - phy: qcom-snps-femto-v2: properly enable ref clock
    - soundwire: qcom: update status correctly with mask
    - media: staging: atomisp: select V4L2_FWNODE
    - media: amphion: Fix firmware path to match linux-firmware
    - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
    - iavf: fix potential deadlock on allocation failure
    - iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED
    - net: phy: marvell10g: fix 88x3310 power up
    - net: hns3: fix the imp capability bit cannot exceed 32 bits issue
    - net: hns3: fix wrong tc bandwidth weight data issue
    - net: hns3: fix wrong bw weight of disabled tc issue
    - vxlan: calculate correct header length for GPE
    - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
    - vxlan: fix GRO with VXLAN-GPE
    - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
    - atheros: fix return value check in atl1_tso()
    - ethernet: atheros: fix return value check in atl1e_tso_csum()
    - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
      temporary address
    - ice: Fix memory management in ice_ethtool_fdir.c
    - bonding: reset bond's flags when down link is P2P device
    - team: reset team's flags when down link is P2P device
    - octeontx2-af: Removed unnecessary debug messages.
    - octeontx2-af: Fix hash extraction enable configuration
    - net: stmmac: Apply redundant write work around on 4.xx too
    - platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
    - x86/traps: Fix load_unaligned_zeropad() handling for shared TDX memory
    - igc: Fix Kernel Panic during ndo_tx_timeout callback
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - mm: suppress mm fault logging if fatal signal already pending
    - net/sched: mqprio: refactor nlattr parsing to a separate function
    - net/sched: mqprio: add extack to mqprio_parse_nlattr()
    - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
    - benet: fix return value check in be_lancer_xmit_workarounds()
    - tipc: check return value of pskb_trim()
    - tipc: stop tipc crypto on failure in tipc_node_create
    - RDMA/mlx4: Make check for invalid flags stricter
    - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
    - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
    - RDMA/irdma: Add missing read barriers
    - RDMA/irdma: Fix data race on CQP completion stats
    - RDMA/irdma: Fix data race on CQP request done
    - RDMA/mthca: Fix crash when polling CQ for shared QPs
    - RDMA/bnxt_re: Prevent handling any completions after qp destroy
    - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
    - cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()
    - cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()
    - ASoC: fsl_spdif: Silence output on stop
    - block: Fix a source code comment in include/uapi/linux/blkzoned.h
    - smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request
    - drm/i915: Fix an error handling path in igt_write_huge()
    - xenbus: check xen_domain in xenbus_probe_initcall
    - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
    - dm raid: clean up four equivalent goto tags in raid_ctr()
    - dm raid: protect md_stop() with 'reconfig_mutex'
    - drm/amd: Fix an error handling mistake in psp_sw_init()
    - drm/amd/display: Unlock on error path in
      dm_handle_mst_sideband_msg_ready_event()
    - RDMA/irdma: Fix op_type reporting in CQEs
    - RDMA/irdma: Report correct WC error
    - drm/msm: Switch idr_lock to spinlock
    - drm/msm: Disallow submit with fence id 0
    - ublk_drv: move ublk_get_device_from_id into ublk_ctrl_uring_cmd
    - ublk: fail to start device if queue setup is interrupted
    - ublk: fail to recover device if queue setup is interrupted
    - ata: pata_ns87415: mark ns87560_tf_read static
    - ring-buffer: Fix wrong stat of cpu_buffer->read
    - tracing: Fix warning in trace_buffered_event_disable()
    - Revert "usb: gadget: tegra-xudc: Fix error check in
      tegra_xudc_powerdomain_init()"
    - usb: gadget: call usb_gadget_check_config() to verify UDC capability
    - USB: gadget: Fix the memory leak in raw_gadget driver
    - usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
    - KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
    - KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
    - KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid
    - serial: qcom-geni: drop bogus runtime pm state update
    - serial: 8250_dw: Preserve original value of DLF register
    - serial: sifive: Fix sifive_serial_console_setup() section
    - USB: serial: option: support Quectel EM060K_128
    - USB: serial: option: add Quectel EC200A module support
    - USB: serial: simple: add Kaufmann RKS+CAN VCP
    - USB: serial: simple: sort driver entries
    - can: gs_usb: gs_can_close(): add missing set of CAN state to
      CAN_STATE_STOPPED
    - usb: typec: Set port->pd before adding device for typec_port
    - usb: typec: Iterate pds array when showing the pd list
    - usb: typec: Use sysfs_emit_at when concatenating the string
    - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
    - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
    - usb: dwc3: don't reset device side if dwc3 was configured as host-only
    - usb: misc: ehset: fix wrong if condition
    - usb: ohci-at91: Fix the unhandle interrupt when resume
    - USB: quirks: add quirk for Focusrite Scarlett
    - usb: cdns3: fix incorrect calculation of ep_buf_size when more than one
      config
    - usb: xhci-mtk: set the dma max_seg_size
    - Revert "usb: xhci: tegra: Fix error check"
    - Documentation: security-bugs.rst: update preferences when dealing with the
      linux-distros group
    - Documentation: security-bugs.rst: clarify CVE handling
    - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
    - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
    - tty: n_gsm: fix UAF in gsm_cleanup_mux
    - Revert "xhci: add quirk for host controllers that don't update endpoint DCS"
    - ALSA: hda/realtek: Support ASUS G713PV laptop
    - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
    - hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature
    - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
    - btrfs: account block group tree when calculating global reserve size
    - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
    - btrfs: check for commit error at btrfs_attach_transaction_barrier()
    - x86/MCE/AMD: Decrement threshold_bank refcount when removing threshold
      blocks
    - file: always lock position for FMODE_ATOMIC_POS
    - nfsd: Remove incorrect check in nfsd4_validate_stateid
    - ACPI/IORT: Remove erroneous id_count check in iort_node_get_rmr_info()
    - tpm_tis: Explicitly check for error code
    - irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
    - irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation
    - locking/rtmutex: Fix task->pi_waiters integrity
    - proc/vmcore: fix signedness bug in read_from_oldmem()
    - xen: speed up grant-table reclaim
    - virtio-net: fix race between set queues and probe
    - net: dsa: qca8k: fix search_and_insert wrong handling of new rule
    - net: dsa: qca8k: fix broken search_and_del
    - net: dsa: qca8k: fix mdb add/del case with 0 VID
    - selftests: mptcp: join: only check for ip6tables if needed
    - soundwire: fix enumeration completion
    - Revert "um: Use swap() to make code cleaner"
    - LoongArch: BPF: Fix check condition to call lu32id in move_imm()
    - LoongArch: BPF: Enable bpf_probe_read{, str}() on LoongArch
    - s390/dasd: fix hanging device after quiesce/resume
    - s390/dasd: print copy pair message only for the correct error
    - ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
    - arm64/sme: Set new vector length before reallocating
    - PM: sleep: wakeirq: fix wake irq arming
    - ceph: never send metrics if disable_send_metrics is set
    - drm/i915/dpt: Use shmem for dpt objects
    - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
    - rbd: make get_lock_owner_info() return a single locker or NULL
    - rbd: harden get_lock_owner_info() a bit
    - rbd: retrieve and check lock owner twice before blocklisting
    - drm/amd/display: set per pipe dppclk to 0 when dpp is off
    - tracing: Fix trace_event_raw_event_synth() if else statement
    - drm/amd/display: perform a bounds check before filling dirty rectangles
    - drm/amd/display: Write to correct dirty_rect
    - ACPI: processor: perflib: Use the "no limit" frequency QoS
    - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
    - cpufreq: intel_pstate: Drop ACPI _PSS states table patching
    - mptcp: ensure subflow is unhashed before cleaning the backlog
    - selftests: mptcp: sockopt: use 'iptables-legacy' if available
    - test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation
    - dma-buf: keep the signaling time of merged fences v3
    - dma-buf: fix an error pointer vs NULL bug
    - Linux 6.1.43
    - upstream stable to v6.1.43

* Jammy update: v6.1.42 upstream stable release (LP: #2030859)
    - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
    - ALSA: hda/realtek - remove 3k pull low procedure
    - ALSA: hda/realtek: Add quirk for Clevo NS70AU
    - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
    - maple_tree: set the node limit when creating a new root node
    - maple_tree: fix node allocation testing on 32 bit
    - keys: Fix linking a duplicate key to a keyring's assoc_array
    - perf probe: Add test for regression introduced by switch to
      die_get_decl_file()
    - btrfs: fix warning when putting transaction with qgroups enabled after abort
    - fuse: revalidate: don't invalidate if interrupted
    - fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT
    - btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
    - btrfs: zoned: fix memory leak after finding block group with super blocks
    - fuse: ioctl: translate ENOSYS in outarg
    - btrfs: fix race between balance and cancel/pause
    - selftests: tc: set timeout to 15 minutes
    - selftests: tc: add 'ct' action kconfig dep
    - regmap: Drop initial version of maximum transfer length fixes
    - of: Preserve "of-display" device name for compatibility
    - regmap: Account for register length in SMBus I/O limits
    - arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
    - can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout
    - can: bcm: Fix UAF in bcm_proc_show()
    - can: gs_usb: gs_can_open(): improve error handling
    - selftests: tc: add ConnTrack procfs kconfig
    - dma-buf/dma-resv: Stop leaking on krealloc() failure
    - drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
    - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
    - drm/amdgpu/pm: make mclk consistent for smu 13.0.7
    - drm/client: Fix memory leak in drm_client_target_cloned
    - drm/client: Fix memory leak in drm_client_modeset_probe
    - drm/amd/display: only accept async flips for fast updates
    - drm/amd/display: Disable MPC split by default on special asic
    - drm/amd/display: check TG is non-null before checking if enabled
    - drm/amd/display: Keep PHY active for DP displays on DCN31
    - ASoC: fsl_sai: Disable bit clock with transmitter
    - ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master
      mode"
    - ASoC: tegra: Fix ADX byte map
    - ASoC: rt5640: Fix sleep in atomic context
    - ASoC: cs42l51: fix driver to properly autoload with automatic module loading
    - ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
    - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
    - ASoC: qdsp6: audioreach: fix topology probe deferral
    - ASoC: tegra: Fix AMX byte map
    - ASoC: codecs: wcd938x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix missing mbhc init error handling
    - ASoC: codecs: wcd934x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix codec initialisation race
    - ASoC: codecs: wcd938x: fix soundwire initialisation race
    - ext4: correct inline offset when handling xattrs in inode body
    - drm/radeon: Fix integer overflow in radeon_cs_parser_init
    - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
    - quota: Properly disable quotas when add_dquot_ref() fails
    - quota: fix warning in dqgrab()
    - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
    - ovl: check type and offset of struct vfsmount in ovl_entry
    - udf: Fix uninitialized array access for some pathnames
    - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
    - MIPS: dec: prom: Address -Warray-bounds warning
    - FS: JFS: Fix null-ptr-deref Read in txBegin
    - FS: JFS: Check for read-only mounted filesystem in txBegin
    - ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569
    - rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
    - rcu: Mark additional concurrent load from ->cpu_no_qs.b.exp
    - sched/fair: Don't balance task to its current running CPU
    - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
      range
    - bpf: Print a warning only if writing to unprivileged_bpf_disabled.
    - bpf: Address KCSAN report on bpf_lru_list
    - bpf: tcp: Avoid taking fast sock lock in iterator
    - wifi: ath11k: add support default regdb while searching board-2.bin for
      WCN6855
    - wifi: mac80211_hwsim: Fix possible NULL dereference
    - spi: dw: Add compatible for Intel Mount Evans SoC
    - wifi: ath11k: fix memory leak in WMI firmware stats
    - net: ethernet: litex: add support for 64 bit stats
    - devlink: report devlink_port_type_warn source device
    - wifi: wext-core: Fix -Wstringop-overflow warning in
      ioctl_standard_iw_point()
    - wifi: iwlwifi: Add support for new PCI Id
    - wifi: iwlwifi: mvm: avoid baid size integer overflow
    - wifi: iwlwifi: pcie: add device id 51F1 for killer 1675
    - igb: Fix igb_down hung on surprise removal
    - net: hns3: fix strncpy() not using dest-buf length as length issue
    - ASoC: amd: acp: fix for invalid dai id handling in acp_get_byte_count()
    - ASoC: codecs: wcd938x: fix mbhc impedance loglevel
    - ASoC: codecs: wcd938x: fix dB range for HPHL and HPHR
    - ASoC: qcom: q6apm: do not close GPR port before closing graph
    - sched/fair: Use recent_used_cpu to test p->cpus_ptr
    - sched/psi: Fix avgs_work re-arm in psi_avgs_work()
    - sched/psi: Rearrange polling code in preparation
    - sched/psi: Rename existing poll members in preparation
    - sched/psi: Extract update_triggers side effect
    - sched/psi: Allow unprivileged polling of N*2s period
    - sched/psi: use kernfs polling functions for PSI trigger polling
    - pinctrl: renesas: rzv2m: Handle non-unique subnode names
    - pinctrl: renesas: rzg2l: Handle non-unique subnode names
    - spi: bcm63xx: fix max prepend length
    - fbdev: imxfb: warn about invalid left/right margin
    - fbdev: imxfb: Removed unneeded release_mem_region
    - perf build: Fix library not found error when using CSLIBS
    - btrfs: be a bit more careful when setting mirror_num_ret in btrfs_map_block
    - spi: s3c64xx: clear loopback bit after loopback test
    - kallsyms: Improve the performance of kallsyms_lookup_name()
    - kallsyms: Correctly sequence symbols when CONFIG_LTO_CLANG=y
    - kallsyms: strip LTO-only suffixes from promoted global functions
    - dsa: mv88e6xxx: Do a final check before timing out
    - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
    - bridge: Add extack warning when enabling STP in netns.
    - net: ethernet: mtk_eth_soc: handle probe deferral
    - cifs: fix mid leak during reconnection after timeout threshold
    - ASoC: SOF: ipc3-dtrace: uninitialized data in dfsentry_trace_filter_write()
    - net: sched: cls_matchall: Undo tcf_bind_filter in case of failure after
      mall_set_parms
    - net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode
    - net: sched: cls_u32: Undo refcount decrement in case update failed
    - net: sched: cls_bpf: Undo tcf_bind_filter in case of an error
    - net: dsa: microchip: ksz8: Separate static MAC table operations for code
      reuse
    - net: dsa: microchip: ksz8: Make ksz8_r_sta_mac_table() static
    - net: dsa: microchip: ksz8_r_sta_mac_table(): Avoid using error code for
      empty entries
    - net: dsa: microchip: correct KSZ8795 static MAC table access
    - iavf: Fix use-after-free in free_netdev
    - iavf: Fix out-of-bounds when setting channels on remove
    - iavf: use internal state to free traffic IRQs
    - iavf: Move netdev_update_features() into watchdog task
    - iavf: send VLAN offloading caps once after VFR
    - iavf: make functions static where possible
    - iavf: Wait for reset in callbacks which trigger it
    - iavf: fix a deadlock caused by rtnl and driver's lock circular dependencies
    - iavf: fix reset task race with iavf_remove()
    - security: keys: Modify mismatched function name
    - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
    - bpf: Fix subprog idx logic in check_max_stack_depth
    - bpf: Repeat check_max_stack_depth for async callbacks
    - bpf, arm64: Fix BTI type used for freplace attached functions
    - igc: Avoid transmit queue timeout for XDP
    - igc: Prevent garbled TX queue with XDP ZEROCOPY
    - net: ipv4: use consistent txhash in TIME_WAIT and SYN_RECV
    - tcp: annotate data-races around tcp_rsk(req)->txhash
    - tcp: annotate data-races around tcp_rsk(req)->ts_recent
    - net: ipv4: Use kfree_sensitive instead of kfree
    - net:ipv6: check return value of pskb_trim()
    - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
    - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
    - llc: Don't drop packet from non-root netns.
    - ALSA: hda/realtek: Fix generic fixup definition for cs35l41 amp
    - netfilter: nf_tables: fix spurious set element insertion failure
    - netfilter: nf_tables: can't schedule in nft_chain_validate
    - netfilter: nf_tables: skip bound chain in netns release path
    - Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync
    - Bluetooth: hci_event: call disconnect callback before deleting conn
    - Bluetooth: ISO: fix iso_conn related locking and validity issues
    - Bluetooth: hci_sync: Avoid use-after-free in dbg for
      hci_remove_adv_monitor()
    - tcp: annotate data-races around tp->tcp_tx_delay
    - tcp: annotate data-races around tp->tsoffset
    - tcp: annotate data-races around tp->keepalive_time
    - tcp: annotate data-races around tp->keepalive_intvl
    - tcp: annotate data-races around tp->keepalive_probes
    - tcp: annotate data-races around icsk->icsk_syn_retries
    - tcp: annotate data-races around tp->linger2
    - tcp: annotate data-races around rskq_defer_accept
    - tcp: annotate data-races around tp->notsent_lowat
    - tcp: annotate data-races around icsk->icsk_user_timeout
    - tcp: annotate data-races around fastopenq.max_qlen
    - net: phy: prevent stale pointer dereference in phy_init()
    - jbd2: recheck chechpointing non-dirty buffer
    - tracing/histograms: Return an error if we fail to add histogram to hist_vars
      list
    - drm/ttm: fix bulk_move corruption when adding a entry
    - spi: dw: Remove misleading comment for Mount Evans SoC
    - kallsyms: add kallsyms_seqs_of_names to list of special symbols
    - scripts/kallsyms.c Make the comment up-to-date with current implementation
    - scripts/kallsyms: update the usage in the comment block
    - bpf: allow precision tracking for programs with subprogs
    - bpf: stop setting precise in current state
    - bpf: aggressively forget precise markings during state checkpointing
    - selftests/bpf: make test_align selftest more robust
    - selftests/bpf: Workaround verification failure for
      fexit_bpf2bpf/func_replace_return_code
    - selftests/bpf: Fix sk_assign on s390x
    - drm/amd/display: use max_dsc_bpp in amdgpu_dm
    - drm/amd/display: fix some coding style issues
    - drm/dp_mst: Clear MSG_RDY flag before sending new message
    - drm/amd/display: force connector state when bpc changes during compliance
    - drm/amd/display: Clean up errors & warnings in amdgpu_dm.c
    - drm/amd/display: fix linux dp link lost handled only one time
    - drm/amd/display: Add polling method to handle MST reply packet
    - Linux 6.1.42
    - upstream stable to v6.1.42

* Jammy update: v6.1.41 upstream stable release (LP: #2030858)
    - Linux 6.1.41
    - upstream stable to v6.1.41

* NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
    - ASoC: cs35l41: Refactor error release code
    - ALSA: cs35l41: Add shared boost feature
    - ASoC: dt-bindings: cirrus,cs35l41: Document CS35l41 shared boost
    - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
    - ALSA: hda: cs35l41: Enable Amp High Pass Filter
    - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
    - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
    - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
      load
    - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
      suspending.
    - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
    - ALSA: hda: cs35l41: Move Play and Pause into separate functions
    - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
    - ALSA: hda: cs35l41: Use pre and post playback hooks
    - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
    - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
    - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback

* Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
    - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
    - video/aperture: use generic code to figure out the vga default device
    - drm/aperture: Remove primary argument
    - video/aperture: Only kick vgacon when the pdev is decoding vga
    - video/aperture: Move vga handling to pci function
    - video/aperture: Drop primary argument
    - video/aperture: Only remove sysfb on the default vga pci device
    - fbdev: Simplify fb_is_primary_device for x86
    - video/aperture: Provide a VGA helper for gma500 and internal use

* Fix UBSAN in Intel EDAC driver (LP: #2028746)
    - EDAC/skx_common: Enable EDAC support for the "near" memory
    - EDAC/skx_common: Delete duplicated and unreachable code
    - EDAC/i10nm: Add Intel Emerald Rapids server support
    - EDAC/i10nm: Make more configurations CPU model specific
    - EDAC/i10nm: Add Intel Granite Rapids server support
    - EDAC/i10nm: Skip the absent memory controllers

* CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

* CVE-2023-4273
    - exfat: check if filename entries exceeds max filename length

* CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().

-- Timo Aaltonen <timo.aaltonen@canonical.com>  Tue, 22 Aug 2023 14:39:16 +0300

Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-06:

#6

This bug is awaiting verification that the linux-starfive/6.2.0-1004.5 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-starfive' to 'verification-done-lunar-linux-starfive'. If the problem still exists, change the tag 'verification-needed-lunar-linux-starfive' to 'verification-failed-lunar-linux-starfive'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-starfive-v2 verification-needed-lunar-linux-starfive

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-09:

#7

This bug is awaiting verification that the linux-aws-6.2/6.2.0-1013.13~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws-6.2' to 'verification-done-jammy-linux-aws-6.2'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-6.2' to 'verification-failed-jammy-linux-aws-6.2'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws-6.2-v2 verification-needed-jammy-linux-aws-6.2

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-12:

#8

This bug is awaiting verification that the linux-azure/6.2.0-1013.13 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-azure' to 'verification-done-lunar-linux-azure'. If the problem still exists, change the tag 'verification-needed-lunar-linux-azure' to 'verification-failed-lunar-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-azure-v2 verification-needed-lunar-linux-azure

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-24:

#9

This bug is awaiting verification that the linux-azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-failed-jammy-linux-azure-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-azure-6.5-v2 verification-needed-jammy-linux-azure-6.5

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-24:

#10

This bug is awaiting verification that the linux-aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-6.5' to 'verification-failed-jammy-linux-aws-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws-6.5-v2 verification-needed-jammy-linux-aws-6.5

Ubuntu
linux package

Fix UBSAN in Intel EDAC driver

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
HWE Next	New	Undecided	Unassigned
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Jammy	Won't Fix	Undecided	Unassigned
Lunar	Fix Committed	Low	Unassigned
linux-oem-6.1 (Ubuntu)	Invalid	Undecided	Unassigned
Jammy	Fix Released	Low	Unassigned
Lunar	Invalid	Undecided	Unassigned
linux-oem-6.5 (Ubuntu)	Invalid	Undecided	Unassigned
Jammy	Fix Released	Undecided	Unassigned
Lunar	Invalid	Undecided	Unassigned

Ubuntulinux package

Fix UBSAN in Intel EDAC driver

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package