Bug #2029199 “NULL pointer dereference on CS35L41 HDA AMP” : Bugs : linux package : Ubuntu

Kai-Heng Feng (kaihengfeng) on 2023-08-01

Changed in linux-oem-6.1 (Ubuntu):
status:	New → Invalid
Changed in linux-oem-6.1 (Ubuntu Lunar):
status:	New → Invalid
Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	New → Confirmed
importance:	Undecided → High
Changed in linux (Ubuntu):
status:	New → Confirmed
Changed in linux (Ubuntu Jammy):
status:	New → Won't Fix
Changed in linux (Ubuntu Lunar):
status:	New → Confirmed
importance:	Undecided → High

Kai-Heng Feng (kaihengfeng) on 2023-08-01

tags:

added: oem-priority originate-from-2028335 stella

Stefan Bader (smb) on 2023-08-03

Changed in linux (Ubuntu Lunar):
status:	Confirmed → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-10:

#1

This bug is awaiting verification that the linux/6.2.0-30.30 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux' to 'verification-done-lunar-linux'. If the problem still exists, change the tag 'verification-needed-lunar-linux' to 'verification-failed-lunar-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-v2 verification-needed-lunar-linux

Anthony Wong (anthonywong) on 2023-08-11

Changed in linux-oem-6.1 (Ubuntu Jammy):
assignee:	nobody → Kai-Heng Feng (kaihengfeng)

Kai-Heng Feng (kaihengfeng) on 2023-08-15

tags:

added: verification-done-lunar-linux
removed: verification-needed-lunar-linux

Kai-Heng Feng (kaihengfeng) on 2023-08-17

Changed in linux-oem-6.1 (Ubuntu Jammy):
assignee:	Kai-Heng Feng (kaihengfeng) → nobody

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-22:

#2

This bug is awaiting verification that the linux-oem-6.1/6.1.0-1021.21 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-oem-6.1' to 'verification-done-jammy-linux-oem-6.1'. If the problem still exists, change the tag 'verification-needed-jammy-linux-oem-6.1' to 'verification-failed-jammy-linux-oem-6.1'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-oem-6.1-v2 verification-needed-jammy-linux-oem-6.1

Kai-Heng Feng (kaihengfeng) on 2023-08-25

tags:

added: verification-done-jammy-linux-oem-6.1
removed: verification-needed-jammy-linux-oem-6.1

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-08-30:

#3

This bug is awaiting verification that the linux-nvidia-6.2/6.2.0-1010.10 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-nvidia-6.2' to 'verification-done-jammy-linux-nvidia-6.2'. If the problem still exists, change the tag 'verification-needed-jammy-linux-nvidia-6.2' to 'verification-failed-jammy-linux-nvidia-6.2'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-nvidia-6.2-v2 verification-needed-jammy-linux-nvidia-6.2

Timo Aaltonen (tjaalton) on 2023-08-31

Changed in linux-oem-6.5 (Ubuntu):
status:	New → Invalid
Changed in linux-oem-6.5 (Ubuntu Lunar):
status:	New → Invalid
Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	Confirmed → Fix Committed

Timo Aaltonen (tjaalton) on 2023-09-01

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	New → Fix Committed

Timo Aaltonen (tjaalton) on 2023-09-01

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	Fix Committed → New

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-09-05:

#4

Download full text (44.8 KiB)

This bug was fixed in the package linux-oem-6.1 - 6.1.0-1021.21

---------------
linux-oem-6.1 (6.1.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.1: 6.1.0-1021.21 -proposed tracker (LP: #2030428)

* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper

  * Jammy update: v6.1.46 upstream stable release (LP: #2032632)
    - gcc-plugins: Reorganize gimple includes for GCC 13
    - Revert "loongarch/cpu: Switch to arch_cpu_finalize_init()"
    - tpm: Disable RNG for all AMD fTPMs
    - tpm: Add a helper for checking hwrng enabled
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
    - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
    - wifi: rtw89: fix 8852AE disconnection caused by RX full flags
    - selftests: forwarding: Set default IPv6 traceroute utility
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - selftests: mptcp: join: fix 'delete and re-add' test
    - selftests: mptcp: join: fix 'implicit EP' test
    - mptcp: avoid bogus reset on fallback close
    - mptcp: fix disconnect vs accept race
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - net: mana: Fix MANA VF unload when hardware is unresponsive
    - riscv/kexec: load initrd high in available memory
    - riscv,mmio: Fix readX()-to-delay() ordering
    - riscv/kexec: handle R_RISCV_CALL_PLT relocation type
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - drm/amdgpu: add S/G display parameter
    - drm/amd: Disable S/G for APUs when 64GB or more host memory
    - drm/amd/display: limit DPIA link rate to HBR3
    - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings
    - drm/amd/pm: expose swctf threshold setting for legacy powerplay
    - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock
      settings
    - drm/amd/pm: avoid unintentional shutdown due to temperature momentary
      fluctuation
    - drm/amd/display: Handle virtual hardware detect
    - drm/amd/display: Add function for validate and update new stream
    - drm/amd/display: Handle seamless boot stream
    - drm/amd/display: Update OTG instance in the commit stream
    - drm/amd/display: Avoid ABM when ODM combine is e...

This bug was fixed in the package linux-oem-6.1 - 6.1.0-1021.21

---------------
linux-oem-6.1 (6.1.0-1021.21) jammy; urgency=medium

* jammy/linux-oem-6.1: 6.1.0-1021.21 -proposed tracker (LP: #2030428)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

* Jammy update: v6.1.46 upstream stable release (LP: #2032632)
    - gcc-plugins: Reorganize gimple includes for GCC 13
    - Revert "loongarch/cpu: Switch to arch_cpu_finalize_init()"
    - tpm: Disable RNG for all AMD fTPMs
    - tpm: Add a helper for checking hwrng enabled
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
    - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
    - wifi: rtw89: fix 8852AE disconnection caused by RX full flags
    - selftests: forwarding: Set default IPv6 traceroute utility
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - selftests: mptcp: join: fix 'delete and re-add' test
    - selftests: mptcp: join: fix 'implicit EP' test
    - mptcp: avoid bogus reset on fallback close
    - mptcp: fix disconnect vs accept race
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - net: mana: Fix MANA VF unload when hardware is unresponsive
    - riscv/kexec: load initrd high in available memory
    - riscv,mmio: Fix readX()-to-delay() ordering
    - riscv/kexec: handle R_RISCV_CALL_PLT relocation type
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - drm/amdgpu: add S/G display parameter
    - drm/amd: Disable S/G for APUs when 64GB or more host memory
    - drm/amd/display: limit DPIA link rate to HBR3
    - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings
    - drm/amd/pm: expose swctf threshold setting for legacy powerplay
    - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock
      settings
    - drm/amd/pm: avoid unintentional shutdown due to temperature momentary
      fluctuation
    - drm/amd/display: Handle virtual hardware detect
    - drm/amd/display: Add function for validate and update new stream
    - drm/amd/display: Handle seamless boot stream
    - drm/amd/display: Update OTG instance in the commit stream
    - drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
    - drm/amd/display: Use update plane and stream routine for DCN32x
    - drm/amd/display: Disable phantom OTG after enable for plane disable
    - drm/amd/display: Retain phantom plane/stream if validation fails
    - drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set
    - drm/amd/display: trigger timing sync only if TG is running
    - io_uring: correct check for O_TMPFILE
    - iio: cros_ec: Fix the allocation size for cros_ec_command
    - iio: frequency: admv1013: propagate errors from regulator_get_voltage()
    - iio: adc: ad7192: Fix ac excitation feature
    - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match
    - binder: fix memory leak in binder_init()
    - misc: rtsx: judge ASPM Mode to set PETXCFG Reg
    - usb-storage: alauda: Fix uninit-value in alauda_check_media()
    - usb: dwc3: Properly handle processing of pending events
    - USB: Gadget: core: Help prevent panic during UVC unconfigure
    - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none
    - usb: typec: tcpm: Fix response to vsafe0V event
    - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment
    - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines
    - x86/sev: Do not try to parse for the CC blob on non-AMD hardware
    - x86/speculation: Add cpu_show_gds() prototype
    - x86: Move gds_ucode_mitigated() declaration to header
    - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
    - iio: core: Prevent invalid memory access when there is no parent
    - interconnect: qcom: Add support for mask-based BCMs
    - interconnect: qcom: sm8450: add enable_mask for bcm nodes
    - selftests/rseq: Fix build with undefined __weak
    - selftests: forwarding: Add a helper to skip test when using veth pairs
    - selftests: forwarding: ethtool: Skip when using veth pairs
    - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs
    - selftests: forwarding: hw_stats_l3_gre: Skip when using veth pairs
    - selftests: forwarding: Skip test when no interfaces are specified
    - selftests: forwarding: Switch off timeout
    - selftests: forwarding: tc_flower: Relax success criterion
    - net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
    - bpf, sockmap: Fix map type error in sock_map_del_link
    - bpf, sockmap: Fix bug that strp_done cannot be called
    - mISDN: Update parameter type of dsp_cmx_send()
    - macsec: use DEV_STATS_INC()
    - mptcp: fix the incorrect judgment for msk->cb_flags
    - net/packet: annotate data-races around tp->status
    - net/smc: Use correct buffer sizes when switching between TCP and SMC
    - tcp: add missing family to tcp_set_ca_state() tracepoint
    - tunnels: fix kasan splat when generating ipv4 pmtu error
    - xsk: fix refcount underflow in error path
    - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - dccp: fix data-race around dp->dccps_mss_cache
    - drivers: net: prevent tun_build_skb() to exceed the packet size limit
    - drivers: vxlan: vnifilter: free percpu vni stats on error path
    - iavf: fix potential races for FDIR filters
    - IB/hfi1: Fix possible panic during hotplug remove
    - drm/rockchip: Don't spam logs in atomic check
    - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
    - RDMA/umem: Set iova in ODP flow
    - net: tls: avoid discarding data on record close
    - net: marvell: prestera: fix handling IPv4 routes with nhid
    - net: phy: at803x: remove set/get wol callbacks for AR8032
    - net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on
      driver remove
    - net: hns3: refactor hclge_mac_link_status_wait for interface reuse
    - net: hns3: add wait until mac link down
    - net: hns3: fix deadlock issue when externel_lb and reset are executed
      together
    - nexthop: Fix infinite nexthop dump when using maximum nexthop ID
    - nexthop: Make nexthop bucket dump more efficient
    - nexthop: Fix infinite nexthop bucket dump when using maximum nexthop ID
    - net: hns3: fix strscpy causing content truncation issue
    - dmaengine: mcf-edma: Fix a potential un-allocated memory access
    - dmaengine: owl-dma: Modify mismatched function name
    - net/mlx5: Allow 0 for total host VFs
    - net/mlx5: LAG, Check correct bucket when modifying LAG
    - net/mlx5: Skip clock update work when device is in error state
    - net/mlx5: Reload auxiliary devices in pci error handlers
    - ibmvnic: Enforce stronger sanity checks on login response
    - ibmvnic: Unmap DMA login rsp buffer on send login fail
    - ibmvnic: Handle DMA unmapping of login buffs in release functions
    - ibmvnic: Do partial reset on login failure
    - ibmvnic: Ensure login failure recovery is safe from other resets
    - gpio: ws16c48: Fix off-by-one error in WS16C48 resource region extent
    - gpio: sim: mark the GPIO chip as a one that can sleep
    - btrfs: wait for actual caching progress during allocation
    - btrfs: don't stop integrity writeback too early
    - btrfs: properly clear end of the unreserved range in cow_file_range
    - btrfs: exit gracefully if reloc roots don't match
    - btrfs: reject invalid reloc tree root keys with stack dump
    - btrfs: set cache_block_group_error if we find an error
    - nvme-tcp: fix potential unbalanced freeze & unfreeze
    - nvme-rdma: fix potential unbalanced freeze & unfreeze
    - netfilter: nf_tables: report use refcount overflow
    - scsi: core: Fix legacy /proc parsing buffer overflow
    - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
    - scsi: ufs: renesas: Fix private allocation
    - scsi: 53c700: Check that command slot is not NULL
    - scsi: snic: Fix possible memory leak if device_add() fails
    - scsi: core: Fix possible memory leak if device_add() fails
    - scsi: fnic: Replace return codes in fnic_clean_pending_aborts()
    - scsi: qedi: Fix firmware halt over suspend and resume
    - scsi: qedf: Fix firmware halt over suspend and resume
    - platform/x86: serial-multi-instantiate: Auto detect IRQ resource for CSC3551
    - ACPI: scan: Create platform device for CS35L56
    - alpha: remove __init annotation from exported page_is_ram()
    - sch_netem: fix issues in netem_change() vs get_dist_table()
    - drm/amd/pm/smu7: move variables to where they are used
    - Linux 6.1.46
    - upstream stable to v6.1.46

* Jammy update: v6.1.45 upstream stable release (LP: #2032631)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - net: ipa: only reset hashed tables when supported
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mm-venice-gw7903: disable disp_blk_ctrl
    - arm64: dts: imx8mm-venice-gw7904: disable disp_blk_ctrl
    - arm64: dts: phycore-imx8mm: Label typo-fix of VPU
    - arm64: dts: phycore-imx8mm: Correction in gpio-line-names
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - arm64: dts: freescale: Fix VPU G2 clock
    - firmware: smccc: Fix use of uninitialised results structure
    - lib/bitmap: workaround const_eval test build failure
    - firmware: arm_scmi: Fix chan_free cleanup on SMC
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - erofs: fix wrong primary bvec selection on deduplicated extents
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set
    - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_reserved_mem
    - net: annotate data-race around sk->sk_txrehash
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: annotate data-races around sk->sk_mark
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net: annotate data-races around sk->sk_priority
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - ice: Fix RDMA VSI removal during queue rebuild
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - bnxt_en: Fix page pool logic for page size >= 64K
    - bnxt_en: Fix max_mtu setting for multi-buf XDP
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp_metrics: annotate data-races around tm->tcpm_stamp
    - tcp_metrics: annotate data-races around tm->tcpm_lock
    - tcp_metrics: annotate data-races around tm->tcpm_vals[]
    - tcp_metrics: annotate data-races around tm->tcpm_net
    - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
    - rust: allocator: Prevent mis-aligned allocation
    - scsi: zfcp: Defer fc_rport blocking until after ADISC response
    - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices
    - libceph: fix potential hang in ceph_osdc_notify()
    - USB: zaurus: Add ID for A-300/B-500/C-700
    - ceph: defer stopping mdsc delayed_work
    - firmware: arm_scmi: Drop OF node reference in the transport channel setup
    - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
    - exfat: release s_lock before calling dir_emit()
    - mtd: spinand: toshiba: Fix ecc_get_status
    - mtd: rawnand: meson: fix OOB available bytes for ECC
    - bpf: Disable preemption in bpf_perf_event_output
    - arm64: dts: stratix10: fix incorrect I2C property for SCL signal
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
    - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
    - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
    - rbd: prevent busy loop when requesting exclusive lock
    - bpf: Disable preemption in bpf_event_output
    - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
    - arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE
    - arm64/fpsimd: Clear SME state in the target task when setting the VL
    - arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems
    - open: make RESOLVE_CACHED correctly test for O_TMPFILE
    - drm/ttm: check null pointer before accessing when swapping
    - drm/i915: Fix premature release of request's reusable memory
    - drm/i915/gt: Cleanup aux invalidation registers
    - clk: imx93: Propagate correct error in imx93_clocks_probe()
    - bpf, cpumap: Make sure kthread is running before map update returns
    - file: reinstate f_pos locking optimization for regular files
    - mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
    - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list()
    - fs/sysv: Null check to prevent null-ptr-deref bug
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
    - debugobjects: Recheck debug_objects_enabled before reporting
    - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
    - fs: Protect reconfiguration of sb read-write from racing writes
    - ext2: Drop fragment support
    - btrfs: remove BUG_ON()'s in add_new_free_space()
    - f2fs: fix to do sanity check on direct node in truncate_dnode()
    - io_uring: annotate offset timeout races
    - mtd: rawnand: omap_elm: Fix incorrect type in assignment
    - mtd: rawnand: rockchip: fix oobfree offset and description
    - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts
    - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
    - powerpc/mm/altmap: Fix altmap boundary check
    - drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning
    - drm/amd/display: Ensure that planes are in the same order
    - drm/amd/display: skip CLEAR_PAYLOAD_ID_TABLE if device mst_en is 0
    - selftests/rseq: Play nice with binaries statically linked against glibc
      2.35+
    - f2fs: fix to set flush_merge opt and show noflush_merge
    - f2fs: don't reset unchangable mount option in f2fs_remount()
    - arm64/ptrace: Don't enable SVE when setting streaming SVE
    - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2
    - drm/amdgpu: Remove unnecessary domain argument
    - drm/amdgpu: Use apt name for FW reserved region
    - Revert "drm/i915: Disable DC states for all commits"
    - Linux 6.1.45
    - upstream stable to v6.1.45

* Jammy update: v6.1.44 upstream stable release (LP: #2030861)
    - xen/netback: Fix buffer overrun triggered by unusual packet
    - Linux 6.1.44
    - upstream stable to v6.1.44

* Jammy update: v6.1.43 upstream stable release (LP: #2030860)
    - netfilter: nf_tables: fix underflow in object reference counter
    - netfilter: nf_tables: fix underflow in chain reference counter
    - platform/x86/amd/pmf: Notify OS power slider update
    - platform/x86/amd/pmf: reduce verbosity of apmf_get_system_params
    - ovl: fix null pointer dereference in ovl_permission()
    - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
    - blk-mq: Fix stall due to recursive flush plug
    - powerpc/pseries/vas: Hold mmap_mutex after mmap lock during window close
    - KVM: s390: pv: fix index value of replaced ASCE
    - io_uring: don't audit the capability check in io_uring_create()
    - gpio: tps68470: Make tps68470_gpio_output() always set the initial value
    - pwm: Add a stub for devm_pwmchip_add()
    - gpio: mvebu: Make use of devm_pwmchip_add
    - gpio: mvebu: fix irq domain leak
    - btrfs: fix race between quota disable and relocation
    - i2c: Delete error messages for failed memory allocations
    - i2c: Improve size determinations
    - i2c: nomadik: Remove unnecessary goto label
    - i2c: nomadik: Use devm_clk_get_enabled()
    - i2c: nomadik: Remove a useless call in the remove function
    - MIPS: Loongson: Move arch cflags to MIPS top level Makefile
    - MIPS: Loongson: Fix build error when make modules_install
    - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
    - PCI/ASPM: Factor out pcie_wait_for_retrain()
    - PCI/ASPM: Avoid link retraining race
    - PCI: rockchip: Remove writes to unused registers
    - PCI: rockchip: Fix window mapping and address translation for endpoint
    - PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
    - drm/amd/display: add FB_DAMAGE_CLIPS support
    - drm/amd/display: Check if link state is valid
    - drm/amd/display: Rework context change check
    - drm/amd/display: Enable new commit sequence only for DCN32x
    - drm/amd/display: Copy DC context in the commit streams
    - drm/amd/display: Include surface of unaffected streams
    - drm/amd/display: Use min transition for all SubVP plane add/remove
    - drm/amd/display: add ODM case when looking for first split pipe
    - drm/amd/display: use low clocks for no plane configs
    - drm/amd/display: fix unbounded requesting for high pixel rate modes on
      dcn315
    - drm/amd/display: add pixel rate based CRB allocation support
    - drm/amd/display: fix dcn315 single stream crb allocation
    - drm/amd/display: Update correct DCN314 register header
    - drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt
    - drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix
    - drm/ttm: Don't print error message if eviction was interrupted
    - drm/ttm: Don't leak a resource on eviction error
    - n_tty: Rename tail to old_tail in n_tty_read()
    - tty: fix hang on tty device with no_room set
    - drm/ttm: never consider pinned BOs for eviction&swap
    - KVM: arm64: Condition HW AF updates on config option
    - arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2
    - mptcp: introduce 'sk' to replace 'sock->sk' in mptcp_listen()
    - mptcp: do not rely on implicit state check in mptcp_listen()
    - tracing/probes: Add symstr type for dynamic events
    - tracing/probes: Fix to avoid double count of the string length on the array
    - tracing: Allow synthetic events to pass around stacktraces
    - Revert "tracing: Add "(fault)" name injection to kernel probes"
    - tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if
      fails
    - test_maple_tree: test modifications while iterating
    - maple_tree: add __init and __exit to test module
    - maple_tree: fix 32 bit mas_next testing
    - drm/amd/display: Rework comments on dc file
    - drm/amd/display: fix dc/core/dc.c kernel-doc
    - drm/amd/display: Add FAMS validation before trying to use it
    - drm/amd/display: update extended blank for dcn314 onwards
    - drm/amd/display: Fix possible underflow for displays with large vblank
    - drm/amd/display: Prevent vtotal from being set to 0
    - phy: phy-mtk-dp: Fix an error code in probe()
    - phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc
    - phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend
    - phy: qcom-snps-femto-v2: properly enable ref clock
    - soundwire: qcom: update status correctly with mask
    - media: staging: atomisp: select V4L2_FWNODE
    - media: amphion: Fix firmware path to match linux-firmware
    - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
    - iavf: fix potential deadlock on allocation failure
    - iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED
    - net: phy: marvell10g: fix 88x3310 power up
    - net: hns3: fix the imp capability bit cannot exceed 32 bits issue
    - net: hns3: fix wrong tc bandwidth weight data issue
    - net: hns3: fix wrong bw weight of disabled tc issue
    - vxlan: calculate correct header length for GPE
    - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
    - vxlan: fix GRO with VXLAN-GPE
    - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
    - atheros: fix return value check in atl1_tso()
    - ethernet: atheros: fix return value check in atl1e_tso_csum()
    - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
      temporary address
    - ice: Fix memory management in ice_ethtool_fdir.c
    - bonding: reset bond's flags when down link is P2P device
    - team: reset team's flags when down link is P2P device
    - octeontx2-af: Removed unnecessary debug messages.
    - octeontx2-af: Fix hash extraction enable configuration
    - net: stmmac: Apply redundant write work around on 4.xx too
    - platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
    - x86/traps: Fix load_unaligned_zeropad() handling for shared TDX memory
    - igc: Fix Kernel Panic during ndo_tx_timeout callback
    - netfilter: nft_set_rbtree: fix overlap expiration walk
    - mm: suppress mm fault logging if fatal signal already pending
    - net/sched: mqprio: refactor nlattr parsing to a separate function
    - net/sched: mqprio: add extack to mqprio_parse_nlattr()
    - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
    - benet: fix return value check in be_lancer_xmit_workarounds()
    - tipc: check return value of pskb_trim()
    - tipc: stop tipc crypto on failure in tipc_node_create
    - RDMA/mlx4: Make check for invalid flags stricter
    - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
    - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
    - RDMA/irdma: Add missing read barriers
    - RDMA/irdma: Fix data race on CQP completion stats
    - RDMA/irdma: Fix data race on CQP request done
    - RDMA/mthca: Fix crash when polling CQ for shared QPs
    - RDMA/bnxt_re: Prevent handling any completions after qp destroy
    - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
    - cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()
    - cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws()
    - ASoC: fsl_spdif: Silence output on stop
    - block: Fix a source code comment in include/uapi/linux/blkzoned.h
    - smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request
    - drm/i915: Fix an error handling path in igt_write_huge()
    - xenbus: check xen_domain in xenbus_probe_initcall
    - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
    - dm raid: clean up four equivalent goto tags in raid_ctr()
    - dm raid: protect md_stop() with 'reconfig_mutex'
    - drm/amd: Fix an error handling mistake in psp_sw_init()
    - drm/amd/display: Unlock on error path in
      dm_handle_mst_sideband_msg_ready_event()
    - RDMA/irdma: Fix op_type reporting in CQEs
    - RDMA/irdma: Report correct WC error
    - drm/msm: Switch idr_lock to spinlock
    - drm/msm: Disallow submit with fence id 0
    - ublk_drv: move ublk_get_device_from_id into ublk_ctrl_uring_cmd
    - ublk: fail to start device if queue setup is interrupted
    - ublk: fail to recover device if queue setup is interrupted
    - ata: pata_ns87415: mark ns87560_tf_read static
    - ring-buffer: Fix wrong stat of cpu_buffer->read
    - tracing: Fix warning in trace_buffered_event_disable()
    - Revert "usb: gadget: tegra-xudc: Fix error check in
      tegra_xudc_powerdomain_init()"
    - usb: gadget: call usb_gadget_check_config() to verify UDC capability
    - USB: gadget: Fix the memory leak in raw_gadget driver
    - usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
    - KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
    - KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
    - KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid
    - serial: qcom-geni: drop bogus runtime pm state update
    - serial: 8250_dw: Preserve original value of DLF register
    - serial: sifive: Fix sifive_serial_console_setup() section
    - USB: serial: option: support Quectel EM060K_128
    - USB: serial: option: add Quectel EC200A module support
    - USB: serial: simple: add Kaufmann RKS+CAN VCP
    - USB: serial: simple: sort driver entries
    - can: gs_usb: gs_can_close(): add missing set of CAN state to
      CAN_STATE_STOPPED
    - usb: typec: Set port->pd before adding device for typec_port
    - usb: typec: Iterate pds array when showing the pd list
    - usb: typec: Use sysfs_emit_at when concatenating the string
    - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
    - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
    - usb: dwc3: don't reset device side if dwc3 was configured as host-only
    - usb: misc: ehset: fix wrong if condition
    - usb: ohci-at91: Fix the unhandle interrupt when resume
    - USB: quirks: add quirk for Focusrite Scarlett
    - usb: cdns3: fix incorrect calculation of ep_buf_size when more than one
      config
    - usb: xhci-mtk: set the dma max_seg_size
    - Revert "usb: xhci: tegra: Fix error check"
    - Documentation: security-bugs.rst: update preferences when dealing with the
      linux-distros group
    - Documentation: security-bugs.rst: clarify CVE handling
    - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
    - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
    - tty: n_gsm: fix UAF in gsm_cleanup_mux
    - Revert "xhci: add quirk for host controllers that don't update endpoint DCS"
    - ALSA: hda/realtek: Support ASUS G713PV laptop
    - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
    - hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature
    - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
    - btrfs: account block group tree when calculating global reserve size
    - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
    - btrfs: check for commit error at btrfs_attach_transaction_barrier()
    - x86/MCE/AMD: Decrement threshold_bank refcount when removing threshold
      blocks
    - file: always lock position for FMODE_ATOMIC_POS
    - nfsd: Remove incorrect check in nfsd4_validate_stateid
    - ACPI/IORT: Remove erroneous id_count check in iort_node_get_rmr_info()
    - tpm_tis: Explicitly check for error code
    - irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
    - irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation
    - locking/rtmutex: Fix task->pi_waiters integrity
    - proc/vmcore: fix signedness bug in read_from_oldmem()
    - xen: speed up grant-table reclaim
    - virtio-net: fix race between set queues and probe
    - net: dsa: qca8k: fix search_and_insert wrong handling of new rule
    - net: dsa: qca8k: fix broken search_and_del
    - net: dsa: qca8k: fix mdb add/del case with 0 VID
    - selftests: mptcp: join: only check for ip6tables if needed
    - soundwire: fix enumeration completion
    - Revert "um: Use swap() to make code cleaner"
    - LoongArch: BPF: Fix check condition to call lu32id in move_imm()
    - LoongArch: BPF: Enable bpf_probe_read{, str}() on LoongArch
    - s390/dasd: fix hanging device after quiesce/resume
    - s390/dasd: print copy pair message only for the correct error
    - ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
    - arm64/sme: Set new vector length before reallocating
    - PM: sleep: wakeirq: fix wake irq arming
    - ceph: never send metrics if disable_send_metrics is set
    - drm/i915/dpt: Use shmem for dpt objects
    - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
    - rbd: make get_lock_owner_info() return a single locker or NULL
    - rbd: harden get_lock_owner_info() a bit
    - rbd: retrieve and check lock owner twice before blocklisting
    - drm/amd/display: set per pipe dppclk to 0 when dpp is off
    - tracing: Fix trace_event_raw_event_synth() if else statement
    - drm/amd/display: perform a bounds check before filling dirty rectangles
    - drm/amd/display: Write to correct dirty_rect
    - ACPI: processor: perflib: Use the "no limit" frequency QoS
    - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
    - cpufreq: intel_pstate: Drop ACPI _PSS states table patching
    - mptcp: ensure subflow is unhashed before cleaning the backlog
    - selftests: mptcp: sockopt: use 'iptables-legacy' if available
    - test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation
    - dma-buf: keep the signaling time of merged fences v3
    - dma-buf: fix an error pointer vs NULL bug
    - Linux 6.1.43
    - upstream stable to v6.1.43

* Jammy update: v6.1.42 upstream stable release (LP: #2030859)
    - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
    - ALSA: hda/realtek - remove 3k pull low procedure
    - ALSA: hda/realtek: Add quirk for Clevo NS70AU
    - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
    - maple_tree: set the node limit when creating a new root node
    - maple_tree: fix node allocation testing on 32 bit
    - keys: Fix linking a duplicate key to a keyring's assoc_array
    - perf probe: Add test for regression introduced by switch to
      die_get_decl_file()
    - btrfs: fix warning when putting transaction with qgroups enabled after abort
    - fuse: revalidate: don't invalidate if interrupted
    - fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT
    - btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
    - btrfs: zoned: fix memory leak after finding block group with super blocks
    - fuse: ioctl: translate ENOSYS in outarg
    - btrfs: fix race between balance and cancel/pause
    - selftests: tc: set timeout to 15 minutes
    - selftests: tc: add 'ct' action kconfig dep
    - regmap: Drop initial version of maximum transfer length fixes
    - of: Preserve "of-display" device name for compatibility
    - regmap: Account for register length in SMBus I/O limits
    - arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
    - can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout
    - can: bcm: Fix UAF in bcm_proc_show()
    - can: gs_usb: gs_can_open(): improve error handling
    - selftests: tc: add ConnTrack procfs kconfig
    - dma-buf/dma-resv: Stop leaking on krealloc() failure
    - drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
    - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
    - drm/amdgpu/pm: make mclk consistent for smu 13.0.7
    - drm/client: Fix memory leak in drm_client_target_cloned
    - drm/client: Fix memory leak in drm_client_modeset_probe
    - drm/amd/display: only accept async flips for fast updates
    - drm/amd/display: Disable MPC split by default on special asic
    - drm/amd/display: check TG is non-null before checking if enabled
    - drm/amd/display: Keep PHY active for DP displays on DCN31
    - ASoC: fsl_sai: Disable bit clock with transmitter
    - ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master
      mode"
    - ASoC: tegra: Fix ADX byte map
    - ASoC: rt5640: Fix sleep in atomic context
    - ASoC: cs42l51: fix driver to properly autoload with automatic module loading
    - ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
    - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
    - ASoC: qdsp6: audioreach: fix topology probe deferral
    - ASoC: tegra: Fix AMX byte map
    - ASoC: codecs: wcd938x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix missing mbhc init error handling
    - ASoC: codecs: wcd934x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix codec initialisation race
    - ASoC: codecs: wcd938x: fix soundwire initialisation race
    - ext4: correct inline offset when handling xattrs in inode body
    - drm/radeon: Fix integer overflow in radeon_cs_parser_init
    - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
    - quota: Properly disable quotas when add_dquot_ref() fails
    - quota: fix warning in dqgrab()
    - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
    - ovl: check type and offset of struct vfsmount in ovl_entry
    - udf: Fix uninitialized array access for some pathnames
    - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
    - MIPS: dec: prom: Address -Warray-bounds warning
    - FS: JFS: Fix null-ptr-deref Read in txBegin
    - FS: JFS: Check for read-only mounted filesystem in txBegin
    - ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569
    - rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
    - rcu: Mark additional concurrent load from ->cpu_no_qs.b.exp
    - sched/fair: Don't balance task to its current running CPU
    - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
      range
    - bpf: Print a warning only if writing to unprivileged_bpf_disabled.
    - bpf: Address KCSAN report on bpf_lru_list
    - bpf: tcp: Avoid taking fast sock lock in iterator
    - wifi: ath11k: add support default regdb while searching board-2.bin for
      WCN6855
    - wifi: mac80211_hwsim: Fix possible NULL dereference
    - spi: dw: Add compatible for Intel Mount Evans SoC
    - wifi: ath11k: fix memory leak in WMI firmware stats
    - net: ethernet: litex: add support for 64 bit stats
    - devlink: report devlink_port_type_warn source device
    - wifi: wext-core: Fix -Wstringop-overflow warning in
      ioctl_standard_iw_point()
    - wifi: iwlwifi: Add support for new PCI Id
    - wifi: iwlwifi: mvm: avoid baid size integer overflow
    - wifi: iwlwifi: pcie: add device id 51F1 for killer 1675
    - igb: Fix igb_down hung on surprise removal
    - net: hns3: fix strncpy() not using dest-buf length as length issue
    - ASoC: amd: acp: fix for invalid dai id handling in acp_get_byte_count()
    - ASoC: codecs: wcd938x: fix mbhc impedance loglevel
    - ASoC: codecs: wcd938x: fix dB range for HPHL and HPHR
    - ASoC: qcom: q6apm: do not close GPR port before closing graph
    - sched/fair: Use recent_used_cpu to test p->cpus_ptr
    - sched/psi: Fix avgs_work re-arm in psi_avgs_work()
    - sched/psi: Rearrange polling code in preparation
    - sched/psi: Rename existing poll members in preparation
    - sched/psi: Extract update_triggers side effect
    - sched/psi: Allow unprivileged polling of N*2s period
    - sched/psi: use kernfs polling functions for PSI trigger polling
    - pinctrl: renesas: rzv2m: Handle non-unique subnode names
    - pinctrl: renesas: rzg2l: Handle non-unique subnode names
    - spi: bcm63xx: fix max prepend length
    - fbdev: imxfb: warn about invalid left/right margin
    - fbdev: imxfb: Removed unneeded release_mem_region
    - perf build: Fix library not found error when using CSLIBS
    - btrfs: be a bit more careful when setting mirror_num_ret in btrfs_map_block
    - spi: s3c64xx: clear loopback bit after loopback test
    - kallsyms: Improve the performance of kallsyms_lookup_name()
    - kallsyms: Correctly sequence symbols when CONFIG_LTO_CLANG=y
    - kallsyms: strip LTO-only suffixes from promoted global functions
    - dsa: mv88e6xxx: Do a final check before timing out
    - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
    - bridge: Add extack warning when enabling STP in netns.
    - net: ethernet: mtk_eth_soc: handle probe deferral
    - cifs: fix mid leak during reconnection after timeout threshold
    - ASoC: SOF: ipc3-dtrace: uninitialized data in dfsentry_trace_filter_write()
    - net: sched: cls_matchall: Undo tcf_bind_filter in case of failure after
      mall_set_parms
    - net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode
    - net: sched: cls_u32: Undo refcount decrement in case update failed
    - net: sched: cls_bpf: Undo tcf_bind_filter in case of an error
    - net: dsa: microchip: ksz8: Separate static MAC table operations for code
      reuse
    - net: dsa: microchip: ksz8: Make ksz8_r_sta_mac_table() static
    - net: dsa: microchip: ksz8_r_sta_mac_table(): Avoid using error code for
      empty entries
    - net: dsa: microchip: correct KSZ8795 static MAC table access
    - iavf: Fix use-after-free in free_netdev
    - iavf: Fix out-of-bounds when setting channels on remove
    - iavf: use internal state to free traffic IRQs
    - iavf: Move netdev_update_features() into watchdog task
    - iavf: send VLAN offloading caps once after VFR
    - iavf: make functions static where possible
    - iavf: Wait for reset in callbacks which trigger it
    - iavf: fix a deadlock caused by rtnl and driver's lock circular dependencies
    - iavf: fix reset task race with iavf_remove()
    - security: keys: Modify mismatched function name
    - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
    - bpf: Fix subprog idx logic in check_max_stack_depth
    - bpf: Repeat check_max_stack_depth for async callbacks
    - bpf, arm64: Fix BTI type used for freplace attached functions
    - igc: Avoid transmit queue timeout for XDP
    - igc: Prevent garbled TX queue with XDP ZEROCOPY
    - net: ipv4: use consistent txhash in TIME_WAIT and SYN_RECV
    - tcp: annotate data-races around tcp_rsk(req)->txhash
    - tcp: annotate data-races around tcp_rsk(req)->ts_recent
    - net: ipv4: Use kfree_sensitive instead of kfree
    - net:ipv6: check return value of pskb_trim()
    - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
    - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
    - llc: Don't drop packet from non-root netns.
    - ALSA: hda/realtek: Fix generic fixup definition for cs35l41 amp
    - netfilter: nf_tables: fix spurious set element insertion failure
    - netfilter: nf_tables: can't schedule in nft_chain_validate
    - netfilter: nf_tables: skip bound chain in netns release path
    - Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync
    - Bluetooth: hci_event: call disconnect callback before deleting conn
    - Bluetooth: ISO: fix iso_conn related locking and validity issues
    - Bluetooth: hci_sync: Avoid use-after-free in dbg for
      hci_remove_adv_monitor()
    - tcp: annotate data-races around tp->tcp_tx_delay
    - tcp: annotate data-races around tp->tsoffset
    - tcp: annotate data-races around tp->keepalive_time
    - tcp: annotate data-races around tp->keepalive_intvl
    - tcp: annotate data-races around tp->keepalive_probes
    - tcp: annotate data-races around icsk->icsk_syn_retries
    - tcp: annotate data-races around tp->linger2
    - tcp: annotate data-races around rskq_defer_accept
    - tcp: annotate data-races around tp->notsent_lowat
    - tcp: annotate data-races around icsk->icsk_user_timeout
    - tcp: annotate data-races around fastopenq.max_qlen
    - net: phy: prevent stale pointer dereference in phy_init()
    - jbd2: recheck chechpointing non-dirty buffer
    - tracing/histograms: Return an error if we fail to add histogram to hist_vars
      list
    - drm/ttm: fix bulk_move corruption when adding a entry
    - spi: dw: Remove misleading comment for Mount Evans SoC
    - kallsyms: add kallsyms_seqs_of_names to list of special symbols
    - scripts/kallsyms.c Make the comment up-to-date with current implementation
    - scripts/kallsyms: update the usage in the comment block
    - bpf: allow precision tracking for programs with subprogs
    - bpf: stop setting precise in current state
    - bpf: aggressively forget precise markings during state checkpointing
    - selftests/bpf: make test_align selftest more robust
    - selftests/bpf: Workaround verification failure for
      fexit_bpf2bpf/func_replace_return_code
    - selftests/bpf: Fix sk_assign on s390x
    - drm/amd/display: use max_dsc_bpp in amdgpu_dm
    - drm/amd/display: fix some coding style issues
    - drm/dp_mst: Clear MSG_RDY flag before sending new message
    - drm/amd/display: force connector state when bpc changes during compliance
    - drm/amd/display: Clean up errors & warnings in amdgpu_dm.c
    - drm/amd/display: fix linux dp link lost handled only one time
    - drm/amd/display: Add polling method to handle MST reply packet
    - Linux 6.1.42
    - upstream stable to v6.1.42

* Jammy update: v6.1.41 upstream stable release (LP: #2030858)
    - Linux 6.1.41
    - upstream stable to v6.1.41

* NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
    - ASoC: cs35l41: Refactor error release code
    - ALSA: cs35l41: Add shared boost feature
    - ASoC: dt-bindings: cirrus,cs35l41: Document CS35l41 shared boost
    - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
    - ALSA: hda: cs35l41: Enable Amp High Pass Filter
    - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
    - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
    - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
      load
    - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
      suspending.
    - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
    - ALSA: hda: cs35l41: Move Play and Pause into separate functions
    - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
    - ALSA: hda: cs35l41: Use pre and post playback hooks
    - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
    - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
    - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback

* Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
    - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
    - video/aperture: use generic code to figure out the vga default device
    - drm/aperture: Remove primary argument
    - video/aperture: Only kick vgacon when the pdev is decoding vga
    - video/aperture: Move vga handling to pci function
    - video/aperture: Drop primary argument
    - video/aperture: Only remove sysfb on the default vga pci device
    - fbdev: Simplify fb_is_primary_device for x86
    - video/aperture: Provide a VGA helper for gma500 and internal use

* Fix UBSAN in Intel EDAC driver (LP: #2028746)
    - EDAC/skx_common: Enable EDAC support for the "near" memory
    - EDAC/skx_common: Delete duplicated and unreachable code
    - EDAC/i10nm: Add Intel Emerald Rapids server support
    - EDAC/i10nm: Make more configurations CPU model specific
    - EDAC/i10nm: Add Intel Granite Rapids server support
    - EDAC/i10nm: Skip the absent memory controllers

* CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

* CVE-2023-4273
    - exfat: check if filename entries exceeds max filename length

* CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().

-- Timo Aaltonen <timo.aaltonen@canonical.com>  Tue, 22 Aug 2023 14:39:16 +0300

Changed in linux-oem-6.1 (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-06:

#5

This bug is awaiting verification that the linux-starfive/6.2.0-1004.5 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-starfive' to 'verification-done-lunar-linux-starfive'. If the problem still exists, change the tag 'verification-needed-lunar-linux-starfive' to 'verification-failed-lunar-linux-starfive'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-starfive-v2 verification-needed-lunar-linux-starfive

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-09:

#6

This bug is awaiting verification that the linux-aws-6.2/6.2.0-1013.13~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws-6.2' to 'verification-done-jammy-linux-aws-6.2'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-6.2' to 'verification-failed-jammy-linux-aws-6.2'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws-6.2-v2 verification-needed-jammy-linux-aws-6.2

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-09-12:

#7

This bug is awaiting verification that the linux-azure/6.2.0-1013.13 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-lunar-linux-azure' to 'verification-done-lunar-linux-azure'. If the problem still exists, change the tag 'verification-needed-lunar-linux-azure' to 'verification-failed-lunar-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-lunar-linux-azure-v2 verification-needed-lunar-linux-azure

Timo Aaltonen (tjaalton) on 2023-09-19

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-10-03:

#8

Download full text (62.8 KiB)

This bug was fixed in the package linux-oem-6.5 - 6.5.0-1004.4

---------------
linux-oem-6.5 (6.5.0-1004.4) jammy; urgency=medium

* jammy/linux-oem-6.5: 6.5.0-1004.4 -proposed tracker (LP: #2036238)

  * Infiniate systemd loop when power off the machine with multiple MD RAIDs
    (LP: #2036184)
    - SAUCE: md: do not _put wrong device in md_seq_next

  * dell-uart-backlight fails to communicate with the scalar IC somtimes.
    (LP: #2035299)
    - SAUCE: platform/x86: dell-uart-backlight: add small delay after write
      command

[ Ubuntu: 6.5.0-6.6 ]

  * mantic/linux: 6.5.0-6.6 -proposed tracker (LP: #2035595)
  * Mantic update: v6.5.3 upstream stable release (LP: #2035588)
    - drm/amd/display: ensure async flips are only accepted for fast updates
    - cpufreq: intel_pstate: set stale CPU frequency to minimum
    - tpm: Enable hwrng only for Pluton on AMD CPUs
    - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
    - Revert "fuse: in fuse_flush only wait if someone wants the return code"
    - Revert "f2fs: clean up w/ sbi->log_sectors_per_block"
    - Revert "PCI: tegra194: Enable support for 256 Byte payload"
    - Revert "net: macsec: preserve ingress frame ordering"
    - reiserfs: Check the return value from __getblk()
    - splice: always fsnotify_access(in), fsnotify_modify(out) on success
    - splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice
    - splice: fsnotify_access(in), fsnotify_modify(out) on success in tee
    - eventfd: prevent underflow for eventfd semaphores
    - fs: Fix error checking for d_hash_and_lookup()
    - iomap: Remove large folio handling in iomap_invalidate_folio()
    - tmpfs: verify {g,u}id mount options correctly
    - selftests/harness: Actually report SKIP for signal tests
    - vfs, security: Fix automount superblock LSM init problem, preventing NFS sb
      sharing
    - ARM: ptrace: Restore syscall restart tracing
    - ARM: ptrace: Restore syscall skipping for tracers
    - btrfs: zoned: skip splitting and logical rewriting on pre-alloc write
    - erofs: release ztailpacking pclusters properly
    - locking/arch: Avoid variable shadowing in local_try_cmpxchg()
    - refscale: Fix uninitalized use of wait_queue_head_t
    - clocksource: Handle negative skews in "skew is too large" messages
    - powercap: arm_scmi: Remove recursion while parsing zones
    - OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate()
    - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
    - selftests/resctrl: Add resctrl.h into build deps
    - selftests/resctrl: Don't leak buffer in fill_cache()
    - selftests/resctrl: Unmount resctrl FS if child fails to run benchmark
    - selftests/resctrl: Close perf value read fd on errors
    - sched/fair: remove util_est boosting
    - arm64/ptrace: Clean up error handling path in sve_set_common()
    - sched/psi: Select KERNFS as needed
    - cpuidle: teo: Update idle duration estimate when choosing shallower state
    - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved
    - arm64/fpsimd: Only provide the length to cpufeature for xCR registers
    - sched/rt: Fix sysctl_sched_rr_timeslice in...

This bug was fixed in the package linux-oem-6.5 - 6.5.0-1004.4

---------------
linux-oem-6.5 (6.5.0-1004.4) jammy; urgency=medium

* jammy/linux-oem-6.5: 6.5.0-1004.4 -proposed tracker (LP: #2036238)

* Infiniate systemd loop when power off the machine with multiple MD RAIDs
    (LP: #2036184)
    - SAUCE: md: do not _put wrong device in md_seq_next

* dell-uart-backlight fails to communicate with the scalar IC somtimes.
    (LP: #2035299)
    - SAUCE: platform/x86: dell-uart-backlight: add small delay after write
      command

[ Ubuntu: 6.5.0-6.6 ]

* mantic/linux: 6.5.0-6.6 -proposed tracker (LP: #2035595)
  * Mantic update: v6.5.3 upstream stable release (LP: #2035588)
    - drm/amd/display: ensure async flips are only accepted for fast updates
    - cpufreq: intel_pstate: set stale CPU frequency to minimum
    - tpm: Enable hwrng only for Pluton on AMD CPUs
    - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
    - Revert "fuse: in fuse_flush only wait if someone wants the return code"
    - Revert "f2fs: clean up w/ sbi->log_sectors_per_block"
    - Revert "PCI: tegra194: Enable support for 256 Byte payload"
    - Revert "net: macsec: preserve ingress frame ordering"
    - reiserfs: Check the return value from __getblk()
    - splice: always fsnotify_access(in), fsnotify_modify(out) on success
    - splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice
    - splice: fsnotify_access(in), fsnotify_modify(out) on success in tee
    - eventfd: prevent underflow for eventfd semaphores
    - fs: Fix error checking for d_hash_and_lookup()
    - iomap: Remove large folio handling in iomap_invalidate_folio()
    - tmpfs: verify {g,u}id mount options correctly
    - selftests/harness: Actually report SKIP for signal tests
    - vfs, security: Fix automount superblock LSM init problem, preventing NFS sb
      sharing
    - ARM: ptrace: Restore syscall restart tracing
    - ARM: ptrace: Restore syscall skipping for tracers
    - btrfs: zoned: skip splitting and logical rewriting on pre-alloc write
    - erofs: release ztailpacking pclusters properly
    - locking/arch: Avoid variable shadowing in local_try_cmpxchg()
    - refscale: Fix uninitalized use of wait_queue_head_t
    - clocksource: Handle negative skews in "skew is too large" messages
    - powercap: arm_scmi: Remove recursion while parsing zones
    - OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate()
    - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
    - selftests/resctrl: Add resctrl.h into build deps
    - selftests/resctrl: Don't leak buffer in fill_cache()
    - selftests/resctrl: Unmount resctrl FS if child fails to run benchmark
    - selftests/resctrl: Close perf value read fd on errors
    - sched/fair: remove util_est boosting
    - arm64/ptrace: Clean up error handling path in sve_set_common()
    - sched/psi: Select KERNFS as needed
    - cpuidle: teo: Update idle duration estimate when choosing shallower state
    - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved
    - arm64/fpsimd: Only provide the length to cpufeature for xCR registers
    - sched/rt: Fix sysctl_sched_rr_timeslice intial value
    - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
    - selftests/futex: Order calls to futex_lock_pi
    - irqchip/loongson-eiointc: Fix return value checking of eiointc_index
    - ACPI: x86: s2idle: Post-increment variables when getting constraints
    - ACPI: x86: s2idle: Fix a logic error parsing AMD constraints table
    - thermal/of: Fix potential uninitialized value access
    - cpufreq: amd-pstate-ut: Remove module parameter access
    - cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver
    - tools/nolibc: arch-*.h: add missing space after ','
    - tools/nolibc: fix up startup failures for -O0 under gcc < 11.1.0
    - x86/efistub: Fix PCI ROM preservation in mixed mode
    - cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit()
    - cpufreq: tegra194: add online/offline hooks
    - cpufreq: tegra194: remove opp table in exit hook
    - selftests/bpf: Fix bpf_nf failure upon test rerun
    - libbpf: only reset sec_def handler when necessary
    - bpftool: use a local copy of perf_event to fix accessing :: Bpf_cookie
    - bpftool: Define a local bpf_perf_link to fix accessing its fields
    - bpftool: Use a local copy of BPF_LINK_TYPE_PERF_EVENT in pid_iter.bpf.c
    - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
    - libbpf: Fix realloc API handling in zero-sized edge cases
    - bpf: Clear the probe_addr for uprobe
    - bpf: Fix an error around PTR_UNTRUSTED
    - bpf: Fix an error in verifying a field in a union
    - crypto: qat - change value of default idle filter
    - tcp: tcp_enter_quickack_mode() should be static
    - hwrng: nomadik - keep clock enabled while hwrng is registered
    - hwrng: pic32 - use devm_clk_get_enabled
    - regmap: maple: Use alloc_flags for memory allocations
    - regmap: rbtree: Use alloc_flags for memory allocations
    - wifi: mt76: mt7996: fix header translation logic
    - wifi: mt76: mt7915: fix background radar event being blocked
    - wifi: mt76: mt7915: rework tx packets counting when WED is active
    - wifi: mt76: mt7915: rework tx bytes counting when WED is active
    - wifi: mt76: mt7921: fix non-PSC channel scan fail
    - wifi: mt76: mt7996: fix bss wlan_idx when sending bss_info command
    - wifi: mt76: mt7996: use correct phy for background radar event
    - wifi: mt76: mt7996: fix WA event ring size
    - udp: re-score reuseport groups when connected sockets are present
    - bpf: reject unhashed sockets in bpf_sk_assign
    - wifi: mt76: mt7915: fix command timeout in AP stop period
    - wifi: mt76: mt7915: fix capabilities in non-AP mode
    - wifi: mt76: mt7915: remove VHT160 capability on MT7915
    - wifi: mt76: testmode: add nla_policy for MT76_TM_ATTR_TX_LENGTH
    - spi: tegra20-sflash: fix to check return value of platform_get_irq() in
      tegra_sflash_probe()
    - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
      in case of OOM
    - can: tcan4x5x: Remove reserved register 0x814 from writable table
    - wifi: mt76: mt7915: fix tlv length of mt7915_mcu_get_chan_mib_info
    - wifi: mt76: mt7915: fix power-limits while chan_switch
    - wifi: rtw89: Fix loading of compressed firmware
    - wifi: mwifiex: Fix OOB and integer underflow when rx packets
    - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
    - wifi: ath11k: fix band selection for ppdu received in channel 177 of 5 GHz
    - wifi: ath12k: fix memcpy array overflow in ath12k_peer_assoc_h_he()
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
    - power: supply: qcom_pmi8998_charger: fix uninitialized variable
    - spi: mpc5xxx-psc: Fix unsigned expression compared with zero
    - crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390
    - bpf: fix bpf_dynptr_slice() to stop return an ERR_PTR.
    - kbuild: rust_is_available: remove -v option
    - kbuild: rust_is_available: fix version check when CC has multiple arguments
    - kbuild: rust_is_available: add check for `bindgen` invocation
    - kbuild: rust_is_available: fix confusion when a version appears in the path
    - crypto: stm32 - Properly handle pm_runtime_get failing
    - crypto: api - Use work queue in crypto_destroy_instance
    - Bluetooth: ISO: Add support for connecting multiple BISes
    - Bluetooth: ISO: do not emit new LE Create CIS if previous is pending
    - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
    - Bluetooth: ISO: Fix not checking for valid CIG/CIS IDs
    - Bluetooth: hci_conn: Fix not allowing valid CIS ID
    - Bluetooth: hci_conn: Fix hci_le_set_cig_params
    - Bluetooth: Fix potential use-after-free when clear keys
    - Bluetooth: hci_sync: Don't double print name in add/remove adv_monitor
    - Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor()
    - Bluetooth: hci_conn: Always allocate unique handles
    - Bluetooth: hci_event: drop only unbound CIS if Set CIG Parameters fails
    - net: tcp: fix unexcepted socket die when snd_wnd is 0
    - net: pcs: lynx: fix lynx_pcs_link_up_sgmii() not doing anything in fixed-
      link mode
    - libbpf: Set close-on-exec flag on gzopen
    - selftests/bpf: Fix repeat option when kfunc_call verification fails
    - selftests/bpf: Clean up fmod_ret in bench_rename test script
    - net: hns3: move dump regs function to a separate file
    - net: hns3: Support tlv in regs data for HNS3 PF driver
    - net: hns3: fix wrong rpu tln reg issue
    - net-memcg: Fix scope of sockmem pressure indicators
    - ice: ice_aq_check_events: fix off-by-one check when filling buffer
    - crypto: caam - fix unchecked return value error
    - hwrng: iproc-rng200 - Implement suspend and resume calls
    - lwt: Fix return values of BPF xmit ops
    - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
    - usb: typec: tcpm: set initial svdm version based on pd revision
    - usb: typec: bus: verify partner exists in typec_altmode_attention
    - USB: core: Unite old scheme and new scheme descriptor reads
    - USB: core: Change usb_get_device_descriptor() API
    - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
    - scripts/gdb: fix 'lx-lsmod' show the wrong size
    - nmi_backtrace: allow excluding an arbitrary CPU
    - watchdog/hardlockup: avoid large stack frames in watchdog_hardlockup_check()
    - fs: ocfs2: namei: check return value of ocfs2_add_entry()
    - net: lan966x: Fix return value check for vcap_get_rule()
    - net: annotate data-races around sk->sk_lingertime
    - hwmon: (asus-ec-sensosrs) fix mutex path for X670E Hero
    - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
    - wifi: mwifiex: Fix missed return in oob checks failed path
    - wifi: rtw89: 8852b: rfk: fine tune IQK parameters to improve performance on
      2GHz band
    - selftests: memfd: error out test process when child test fails
    - samples/bpf: fix bio latency check with tracepoint
    - samples/bpf: fix broken map lookup probe
    - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
    - wifi: ath9k: protect WMI command response buffer replacement with a lock
    - bpf: Fix a bpf_kptr_xchg() issue with local kptr
    - wifi: mac80211: fix puncturing bitmap handling in CSA
    - wifi: nl80211/cfg80211: add forgotten nla_policy for BSS color attribute
    - mac80211: make ieee80211_tx_info padding explicit
    - bpf: Fix check_func_arg_reg_off bug for graph root/node
    - wifi: mwifiex: avoid possible NULL skb pointer dereference
    - Bluetooth: hci_conn: Consolidate code for aborting connections
    - Bluetooth: ISO: Notify user space about failed bis connections
    - Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync
    - Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync
    - Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early
    - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
    - arm64: mm: use ptep_clear() instead of pte_clear() in clear_flush()
    - net/mlx5: Dynamic cyclecounter shift calculation for PTP free running clock
    - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
    - ice: avoid executing commands on other ports when driving sync
    - octeontx2-pf: fix page_pool creation fail for rings > 32k
    - net: arcnet: Do not call kfree_skb() under local_irq_disable()
    - kunit: Fix checksum tests on big endian CPUs
    - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
    - mlxsw: i2c: Limit single transaction buffer size
    - mlxsw: core_hwmon: Adjust module label names based on MTCAP sensor counter
    - crypto: qat - fix crypto capability detection for 4xxx
    - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
    - octeontx2-pf: Fix PFC TX scheduler free
    - octeontx2-af: CN10KB: fix PFC configuration
    - cteonxt2-pf: Fix backpressure config for multiple PFC priorities to work
      simultaneously
    - sfc: Check firmware supports Ethernet PTP filter
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
    - pds_core: protect devlink callbacks from fw_down state
    - pds_core: no health reporter in VF
    - pds_core: no reset command for VF
    - pds_core: check for work queue before use
    - pds_core: pass opcode to devcmd_wait
    - netrom: Deny concurrent connect().
    - drm/bridge: tc358764: Fix debug print parameter order
    - ASoC: soc-compress: Fix deadlock in soc_compr_open_fe
    - ASoC: cs43130: Fix numerator/denominator mixup
    - drm: bridge: dw-mipi-dsi: Fix enable/disable of DSI controller
    - quota: factor out dquot_write_dquot()
    - quota: rename dquot_active() to inode_quota_active()
    - quota: add new helper dquot_active()
    - quota: fix dqput() to follow the guarantees dquot_srcu should provide
    - drm/amd/display: Do not set drr on pipe commit
    - drm/hyperv: Fix a compilation issue because of not including screen_info.h
    - ASoC: stac9766: fix build errors with REGMAP_AC97
    - soc: qcom: ocmem: Fix NUM_PORTS & NUM_MACROS macros
    - arm64: defconfig: enable Qualcomm MSM8996 Global Clock Controller as built-
      in
    - arm64: dts: qcom: sm8150: use proper DSI PHY compatible
    - arm64: dts: qcom: sm6350: Fix ZAP region
    - Revert "arm64: dts: qcom: msm8996: rename labels for HDMI nodes"
    - arm64: dts: qcom: sm8250: correct dynamic power coefficients
    - arm64: dts: qcom: sm8450: correct crypto unit address
    - arm64: dts: qcom: msm8916-l8150: correct light sensor VDDIO supply
    - arm64: dts: qcom: sm8250-edo: Add gpio line names for TLMM
    - arm64: dts: qcom: sm8250-edo: Add GPIO line names for PMIC GPIOs
    - arm64: dts: qcom: sm8250-edo: Rectify gpio-keys
    - arm64: dts: qcom: sc8280xp-crd: Correct vreg_misc_3p3 GPIO
    - arm64: dts: qcom: sc8280xp: Add missing SCM interconnect
    - arm64: dts: qcom: msm8939: Drop "qcom,idle-state-spc" compatible
    - arm64: dts: qcom: msm8939: Add missing 'cache-unified' to L2
    - arm64: dts: qcom: msm8996: Add missing interrupt to the USB2 controller
    - arm64: dts: qcom: sdm845-tama: Set serial indices and stdout-path
    - arm64: dts: qcom: sm8350: Fix CPU idle state residency times
    - arm64: dts: qcom: sm8350: Add missing LMH interrupts to cpufreq
    - arm64: dts: qcom: sc8180x: Fix cluster PSCI suspend param
    - arm64: dts: qcom: sm8350: Use proper CPU compatibles
    - arm64: dts: qcom: pm8350: fix thermal zone name
    - arm64: dts: qcom: pm8350b: fix thermal zone name
    - arm64: dts: qcom: pmr735b: fix thermal zone name
    - arm64: dts: qcom: pmk8350: fix ADC-TM compatible string
    - arm64: dts: qcom: sm8450-hdk: remove pmr735b PMIC inclusion
    - arm64: dts: qcom: sm8250: Mark PCIe hosts as DMA coherent
    - arm64: dts: qcom: minor whitespace cleanup around '='
    - arm64: dts: qcom: sm8250: Mark SMMUs as DMA coherent
    - ARM: dts: stm32: Add missing detach mailbox for emtrion emSBC-Argon
    - ARM: dts: stm32: Add missing detach mailbox for Odyssey SoM
    - ARM: dts: stm32: Add missing detach mailbox for DHCOM SoM
    - ARM: dts: stm32: Add missing detach mailbox for DHCOR SoM
    - firmware: ti_sci: Use system_state to determine polling
    - drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
    - ARM: dts: BCM53573: Drop nonexistent "default-off" LED trigger
    - ARM: dts: BCM53573: Drop nonexistent #usb-cells
    - ARM: dts: BCM53573: Add cells sizes to PCIe node
    - ARM: dts: BCM53573: Use updated "spi-gpio" binding properties
    - arm64: tegra: Add missing alias for NVIDIA IGX Orin
    - arm64: tegra: Fix HSUART for Jetson AGX Orin
    - arm64: dts: qcom: sm8250-sony-xperia: correct GPIO keys wakeup again
    - arm64: dts: qcom: pm6150l: Add missing short interrupt
    - arm64: dts: qcom: pm660l: Add missing short interrupt
    - arm64: dts: qcom: pmi8950: Add missing OVP interrupt
    - arm64: dts: qcom: pmi8994: Add missing OVP interrupt
    - arm64: dts: qcom: sc8180x: Add missing 'cache-unified' to L3
    - arm64: tegra: Fix HSUART for Smaug
    - drm/etnaviv: fix dumping of active MMU context
    - block: cleanup queue_wc_store
    - block: don't allow enabling a cache on devices that don't support it
    - blk-flush: fix rq->flush.seq for post-flush requests
    - x86/mm: Fix PAT bit missing from page protection modify mask
    - drm/bridge: anx7625: Use common macros for DP power sequencing commands
    - drm/bridge: anx7625: Use common macros for HDCP capabilities
    - ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split)
    - ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split)
    - drm: adv7511: Fix low refresh rate register for ADV7533/5
    - ARM: dts: BCM53573: Fix Ethernet info for Luxul devices
    - arm64: dts: qcom: sdm845: Add missing RPMh power domain to GCC
    - arm64: dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
    - arm64: dts: qcom: sc8180x: Fix LLCC reg property
    - arm64: dts: qcom: msm8996-gemini: fix touchscreen VIO supply
    - arm64: dts: qcom: sc8180x-pmics: add missing qcom,spmi-gpio fallbacks
    - arm64: dts: qcom: sc8180x-pmics: add missing gpio-ranges
    - arm64: dts: qcom: sc8180x-pmics: align SPMI PMIC Power-on node name with
      dtschema
    - arm64: dts: qcom: sc8180x-pmics: align LPG node name with dtschema
    - dt-bindings: arm: msm: kpss-acc: Make the optional reg truly optional
    - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
    - drm/amdgpu: Use seq_puts() instead of seq_printf()
    - arm64: dts: rockchip: Fix PCIe regulators on Radxa E25
    - arm64: dts: rockchip: Enable SATA on Radxa E25
    - ASoC: loongson: drop of_match_ptr for OF device id
    - ASoC: fsl: fsl_qmc_audio: Fix snd_pcm_format_t values handling
    - md: restore 'noio_flag' for the last mddev_resume()
    - md/raid10: factor out dereference_rdev_and_rrdev()
    - md/raid10: use dereference_rdev_and_rrdev() to get devices
    - md/md-bitmap: remove unnecessary local variable in backlog_store()
    - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
    - drm/msm: Update dev core dump to not print backwards
    - drm/tegra: dpaux: Fix incorrect return value of platform_get_irq
    - of: unittest: fix null pointer dereferencing in
      of_unittest_find_node_by_name()
    - arm64: dts: qcom: sm8150: Fix the I2C7 interrupt
    - drm/ast: report connection status on Display Port.
    - ARM: dts: BCM53573: Fix Tenda AC9 switch CPU port
    - drm/armada: Fix off-by-one error in armada_overlay_get_property()
    - drm/repaper: Reduce temporary buffer size in repaper_fb_dirty()
    - drm/panel: simple: Add missing connector type and pixel format for AUO
      T215HVN01
    - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
    - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
    - drm/msm/dpu: increase memtype count to 16 for sm8550
    - drm/msm/dpu: inline DSC_BLK and DSC_BLK_1_2 macros
    - drm/msm/dpu: fix DSC 1.2 block lengths
    - drm/msm/dpu1: Rename sm8150_dspp_blk to sdm845_dspp_blk
    - drm/msm/dpu: Define names for unnamed sblks
    - drm/msm/dpu: fix DSC 1.2 enc subblock length
    - arm64: dts: qcom: sm8550-mtp: Add missing supply for L1B regulator
    - soc: qcom: smem: Fix incompatible types in comparison
    - drm/msm/mdp5: Don't leak some plane state
    - firmware: meson_sm: fix to avoid potential NULL pointer dereference
    - drm/msm/dpu: fix the irq index in dpu_encoder_phys_wb_wait_for_commit_done
    - arm64: dts: ti: k3-j784s4-evm: Correct Pin mux offset for ospi
    - arm64: dts: ti: k3-j721s2: correct pinmux offset for ospi
    - smackfs: Prevent underflow in smk_set_cipso()
    - drm/amdgpu: Sort the includes in amdgpu/amdgpu_drv.c
    - drm/amdgpu: Move vram, gtt & flash defines to amdgpu_ ttm & _psp.h
    - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
    - drm/msm/a2xx: Call adreno_gpu_init() earlier
    - drm/msm/a6xx: Fix GMU lockdep splat
    - ASoC: SOF: Intel: hda-mlink: fix off-by-one error
    - ASoC: SOF: Intel: fix u16/32 confusion in LSDIID
    - drm/mediatek: Fix uninitialized symbol
    - audit: fix possible soft lockup in __audit_inode_child()
    - block/mq-deadline: use correct way to throttling write requests
    - io_uring: fix drain stalls by invalid SQE
    - block: move the BIO_CLONED checks out of __bio_try_merge_page
    - block: move the bi_vcnt check out of __bio_try_merge_page
    - block: move the bi_size overflow check in __bio_try_merge_page
    - block: move the bi_size update out of __bio_try_merge_page
    - block: don't pass a bio to bio_try_merge_hw_seg
    - block: make bvec_try_merge_hw_page() non-static
    - bio-integrity: create multi-page bvecs in bio_integrity_add_page()
    - drm/mediatek: dp: Add missing error checks in mtk_dp_parse_capabilities
    - arm64: dts: ti: k3-j784s4-evm: Correct Pin mux offset for ADC
    - arm64: dts: ti: k3-j784s4: Fix interrupt ranges for wkup & main gpio
    - bus: ti-sysc: Fix build warning for 64-bit build
    - drm/mediatek: Remove freeing not dynamic allocated memory
    - drm/mediatek: Add cnt checking for coverity issue
    - arm64: dts: imx8mp-debix: remove unused fec pinctrl node
    - ARM: dts: qcom: ipq4019: correct SDHCI XO clock
    - arm64: dts: ti: k3-am62x-sk-common: Update main-i2c1 frequency
    - drm/mediatek: Fix potential memory leak if vmap() fail
    - drm/mediatek: Fix void-pointer-to-enum-cast warning
    - arm64: dts: qcom: apq8016-sbc: Fix ov5640 regulator supply names
    - arm64: dts: qcom: apq8016-sbc: Rename ov5640 enable-gpios to powerdown-gpios
    - arm64: dts: qcom: msm8998: Drop bus clock reference from MMSS SMMU
    - arm64: dts: qcom: msm8998: Add missing power domain to MMSS SMMU
    - ARM: dts: qcom: sdx65-mtp: Update the pmic used in sdx65
    - arm64: dts: qcom: msm8996: Fix dsi1 interrupts
    - arm64: dts: qcom: sc8280xp-x13s: Unreserve NC pins
    - drm/msm/a690: Switch to a660_gmu.bin
    - bus: ti-sysc: Fix cast to enum warning
    - block: uapi: Fix compilation errors using ioprio.h with C++
    - md/raid5-cache: fix a deadlock in r5l_exit_log()
    - md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()
    - firmware: cs_dsp: Fix new control name check
    - blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before
      init
    - md/raid0: Factor out helper for mapping and submitting a bio
    - md/raid0: Fix performance regression for large sequential writes
    - md: raid0: account for split bio in iostat accounting
    - ASoC: SOF: amd: clear dsp to host interrupt status
    - of: overlay: Call of_changeset_init() early
    - of: unittest: Fix overlay type in apply/revert check
    - ALSA: ac97: Fix possible error value of *rac97
    - ALSA: usb-audio: Attach legacy rawmidi after probing all UMP EPs
    - ALSA: ump: Fill group names for legacy rawmidi substreams
    - ALSA: ump: Don't create unused substreams for static blocks
    - ALSA: ump: Fix -Wformat-truncation warnings
    - ipmi:ssif: Add check for kstrdup
    - ipmi:ssif: Fix a memory leak when scanning for an adapter
    - clk: qcom: gpucc-sm6350: Introduce index-based clk lookup
    - clk: qcom: gpucc-sm6350: Fix clock source names
    - clk: qcom: gcc-sc8280xp: Add missing GDSC flags
    - dt-bindings: clock: qcom,gcc-sc8280xp: Add missing GDSCs
    - clk: qcom: gcc-sc8280xp: Add missing GDSCs
    - clk: qcom: gcc-sm7150: Add CLK_OPS_PARENT_ENABLE to sdcc2 rcg
    - clk: rockchip: rk3568: Fix PLL rate setting for 78.75MHz
    - PCI: apple: Initialize pcie->nvecs before use
    - PCI: qcom-ep: Switch MHI bus master clock off during L1SS
    - clk: qcom: gcc-sc8280xp: fix runtime PM imbalance on probe errors
    - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
    - iommufd: Fix locking around hwpt allocation
    - PCI/DOE: Fix destroy_work_on_stack() race
    - clk: qcom: dispcc-sc8280xp: Use ret registers on GDSCs
    - clk: sunxi-ng: Modify mismatched function name
    - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
    - EDAC/igen6: Fix the issue of no error events
    - ext4: correct grp validation in ext4_mb_good_group
    - ext4: avoid potential data overflow in next_linear_group
    - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
    - clk: qcom: fix some Kconfig corner cases
    - kvm/vfio: Prepare for accepting vfio device fd
    - kvm/vfio: ensure kvg instance stays around in kvm_vfio_group_add()
    - clk: qcom: reset: Use the correct type of sleep/delay based on length
    - clk: qcom: gcc-sm6350: Fix gcc_sdcc2_apps_clk_src
    - PCI: microchip: Correct the DED and SEC interrupt bit offsets
    - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
    - pinctrl: mcp23s08: check return value of devm_kasprintf()
    - PCI: Add locking to RMW PCI Express Capability Register accessors
    - PCI: Make link retraining use RMW accessors for changing LNKCTL
    - PCI: pciehp: Use RMW accessors for changing LNKCTL
    - PCI/ASPM: Use RMW accessors for changing LNKCTL
    - clk: qcom: gcc-sm8450: Use floor ops for SDCC RCGs
    - clk: qcom: gcc-qdu1000: Fix gcc_pcie_0_pipe_clk_src clock handling
    - clk: qcom: gcc-qdu1000: Fix clkref clocks handling
    - clk: imx: pllv4: Fix SPLL2 MULT range
    - clk: imx: imx8ulp: update SPLL2 type
    - clk: imx8mp: fix sai4 clock
    - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
    - powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE
    - vfio/type1: fix cap_migration information leak
    - nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()
    - nvdimm: Fix dereference after free in register_nvdimm_pmu()
    - powerpc/fadump: reset dump area size if fadump memory reserve fails
    - powerpc/perf: Convert fsl_emb notifier to state machine callbacks
    - pinctrl: mediatek: fix pull_type data for MT7981
    - pinctrl: mediatek: assign functions to configure pin bias on MT7986
    - drm/amdgpu: Use RMW accessors for changing LNKCTL
    - drm/radeon: Use RMW accessors for changing LNKCTL
    - net/mlx5: Use RMW accessors for changing LNKCTL
    - wifi: ath11k: Use RMW accessors for changing LNKCTL
    - wifi: ath12k: Use RMW accessors for changing LNKCTL
    - wifi: ath10k: Use RMW accessors for changing LNKCTL
    - NFSv4.2: Fix READ_PLUS smatch warnings
    - NFSv4.2: Fix READ_PLUS size calculations
    - NFSv4.2: Rework scratch handling for READ_PLUS (again)
    - PCI: layerscape: Add workaround for lost link capabilities during reset
    - powerpc: Don't include lppaca.h in paca.h
    - powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
    - nfs/blocklayout: Use the passed in gfp flags
    - powerpc/pseries: Fix hcall tracepoints with JUMP_LABEL=n
    - powerpc/mpc5xxx: Add missing fwnode_handle_put()
    - powerpc/iommu: Fix notifiers being shared by PCI and VIO buses
    - ext4: fix unttached inode after power cut with orphan file feature enabled
    - jfs: validate max amount of blocks before allocation.
    - SUNRPC: Fix the recent bv_offset fix
    - fs: lockd: avoid possible wrong NULL parameter
    - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
    - clk: qcom: Fix SM_GPUCC_8450 dependencies
    - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
    - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
    - pNFS: Fix assignment of xprtdata.cred
    - cgroup/cpuset: Inherit parent's load balance state in v2
    - RDMA/qedr: Remove a duplicate assignment in irdma_query_ah()
    - media: ov5640: fix low resolution image abnormal issue
    - media: i2c: imx290: drop format param from imx290_ctrl_update
    - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
    - media: i2c: tvp5150: check return value of devm_kasprintf()
    - media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
    - iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid
      unbind
    - iommu: rockchip: Fix directory table address encoding
    - drivers: usb: smsusb: fix error handling code in smsusb_init_device
    - media: dib7000p: Fix potential division by zero
    - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
    - media: cx24120: Add retval check for cx24120_message_send()
    - RDMA/siw: Fabricate a GID on tun and loopback devices
    - scsi: hisi_sas: Fix normally completed I/O analysed as failed
    - dt-bindings: extcon: maxim,max77843: restrict connector properties
    - media: amphion: reinit vpu if reqbufs output 0
    - media: amphion: add helper function to get id name
    - media: verisilicon: Fix TRY_FMT on encoder OUTPUT
    - media: mtk-jpeg: Fix use after free bug due to uncanceled work
    - media: amphion: decoder support display delay for all formats
    - media: rkvdec: increase max supported height for H.264
    - media: amphion: fix CHECKED_RETURN issues reported by coverity
    - media: amphion: fix REVERSE_INULL issues reported by coverity
    - media: amphion: fix UNINIT issues reported by coverity
    - media: amphion: fix UNUSED_VALUE issue reported by coverity
    - media: amphion: ensure the bitops don't cross boundaries
    - media: mediatek: vcodec: fix AV1 decode fail for 36bit iova
    - media: mediatek: vcodec: Return NULL if no vdec_fb is found
    - media: mediatek: vcodec: fix potential double free
    - media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init()
    - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
    - scsi: RDMA/srp: Fix residual handling
    - scsi: ufs: Fix residual handling
    - scsi: iscsi: Add length check for nlattr payload
    - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
    - scsi: be2iscsi: Add length check when parsing nlattrs
    - scsi: qla4xxx: Add length check when parsing nlattrs
    - iio: accel: adxl313: Fix adxl313_i2c_id[] table
    - serial: sprd: Assign sprd_port after initialized to avoid wrong access
    - serial: sprd: Fix DMA buffer leak issue
    - x86/APM: drop the duplicate APM_MINOR_DEV macro
    - RDMA/rxe: Move work queue code to subroutines
    - RDMA/rxe: Fix unsafe drain work queue code
    - RDMA/rxe: Fix rxe_modify_srq
    - RDMA/rxe: Fix incomplete state save in rxe_requester
    - scsi: qedf: Do not touch __user pointer in
      qedf_dbg_stop_io_on_error_cmd_read() directly
    - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
      directly
    - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
      directly
    - RDMA/irdma: Replace one-element array with flexible-array member
    - coresight: tmc: Explicit type conversions to prevent integer overflow
    - interconnect: qcom: qcm2290: Enable sync state
    - dma-buf/sync_file: Fix docs syntax
    - driver core: test_async: fix an error code
    - driver core: Call dma_cleanup() on the test_remove path
    - kernfs: add stub helper for kernfs_generic_poll()
    - extcon: cht_wc: add POWER_SUPPLY dependency
    - iommu/mediatek: Fix two IOMMU share pagetable issue
    - iommu/sprd: Add missing force_aperture
    - iommu: Remove kernel-doc warnings
    - bnxt_en: Update HW interface headers
    - bnxt_en: Share the bar0 address with the RoCE driver
    - RDMA/bnxt_re: Initialize Doorbell pacing feature
    - RDMA/bnxt_re: Fix max_qp count for virtual functions
    - RDMA/bnxt_re: Remove a redundant flag
    - RDMA/hns: Fix port active speed
    - RDMA/hns: Fix incorrect post-send with direct wqe of wr-list
    - RDMA/hns: Fix inaccurate error label name in init instance
    - RDMA/hns: Fix CQ and QP cache affinity
    - IB/uverbs: Fix an potential error pointer dereference
    - fsi: aspeed: Reset master errors after CFAM reset
    - iommu/qcom: Disable and reset context bank before programming
    - tty: serial: qcom-geni-serial: Poll primary sequencer irq status after
      cancel_tx
    - iommu/vt-d: Fix to flush cache of PASID directory table
    - platform/x86: dell-sysman: Fix reference leak
    - media: cec: core: add adap_nb_transmit_canceled() callback
    - media: cec: core: add adap_unconfigured() callback
    - media: go7007: Remove redundant if statement
    - media: venus: hfi_venus: Only consider sys_idle_indicator on V1
    - arm64: defconfig: Drop CONFIG_VIDEO_IMX_MEDIA
    - media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings
    - media: ipu3-cio2: rename cio2 bridge to ipu bridge and move out of ipu3
    - media: ipu-bridge: Do not use on stack memory for software_node.name field
    - docs: ABI: fix spelling/grammar in SBEFIFO timeout interface
    - USB: gadget: core: Add missing kerneldoc for vbus_work
    - USB: gadget: f_mass_storage: Fix unused variable warning
    - drivers: base: Free devm resources when unregistering a device
    - HID: input: Support devices sending Eraser without Invert
    - HID: nvidia-shield: Remove led_classdev_unregister in thunderstrike_create
    - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
    - media: ov5640: Fix initial RESETB state and annotate timings
    - media: Documentation: Fix [GS]_ROUTING documentation
    - media: ov2680: Remove auto-gain and auto-exposure controls
    - media: ov2680: Fix ov2680_bayer_order()
    - media: ov2680: Fix vflip / hflip set functions
    - media: ov2680: Remove VIDEO_V4L2_SUBDEV_API ifdef-s
    - media: ov2680: Don't take the lock for try_fmt calls
    - media: ov2680: Add ov2680_fill_format() helper function
    - media: ov2680: Fix ov2680_set_fmt() which == V4L2_SUBDEV_FORMAT_TRY not
      working
    - media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors
    - media: i2c: rdacm21: Fix uninitialized value
    - f2fs: fix spelling in ABI documentation
    - f2fs: fix to avoid mmap vs set_compress_option case
    - f2fs: don't reopen the main block device in f2fs_scan_devices
    - f2fs: check zone type before sending async reset zone command
    - f2fs: Only lfs mode is allowed with zoned block device feature
    - Revert "f2fs: fix to do sanity check on extent cache correctly"
    - f2fs: fix to account gc stats correctly
    - f2fs: fix to account cp stats correctly
    - cgroup:namespace: Remove unused cgroup_namespaces_init()
    - coresight: trbe: Allocate platform data per device
    - coresight: platform: acpi: Ignore the absence of graph
    - coresight: Fix memory leak in acpi_buffer->pointer
    - coresight: trbe: Fix TRBE potential sleep in atomic context
    - Revert "f2fs: do not issue small discard commands during checkpoint"
    - RDMA/irdma: Prevent zero-length STAG registration
    - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
    - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
    - interconnect: qcom: sm8450: Enable sync_state
    - interconnect: qcom: bcm-voter: Improve enable_mask handling
    - interconnect: qcom: bcm-voter: Use enable_maks for keepalive voting
    - dt-bindings: usb: samsung,exynos-dwc3: fix order of clocks on Exynos5433
    - dt-bindings: usb: samsung,exynos-dwc3: Fix Exynos5433 compatible
    - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
    - Documentation: devices.txt: Remove ttyIOC*
    - Documentation: devices.txt: Remove ttySIOC*
    - Documentation: devices.txt: Fix minors for ttyCPM*
    - amba: bus: fix refcount leak
    - Revert "IB/isert: Fix incorrect release of isert connection"
    - RDMA/siw: Balance the reference of cep->kref in the error path
    - RDMA/siw: Correct wrong debug message
    - RDMA/efa: Fix wrong resources deallocation order
    - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
    - nvmem: core: Return NULL when no nvmem layout is found
    - riscv: Require FRAME_POINTER for some configurations
    - f2fs: compress: fix to assign compress_level for lz4 correctly
    - HID: uclogic: Correct devm device reference for hidinput input_dev name
    - HID: multitouch: Correct devm device reference for hidinput input_dev name
    - HID: nvidia-shield: Reference hid_device devm allocation of input_dev name
    - platform/x86/amd/pmf: Fix a missing cleanup path
    - workqueue: fix data race with the pwq->stats[] increment
    - tick/rcu: Fix false positive "softirq work is pending" messages
    - x86/speculation: Mark all Skylake CPUs as vulnerable to GDS
    - tracing: Remove extra space at the end of hwlat_detector/mode
    - tracing: Fix race issue between cpu buffer write and swap
    - mm/pagewalk: fix bootstopping regression from extra pte_unmap()
    - mtd: rawnand: brcmnand: Fix mtd oobsize
    - dmaengine: idxd: Modify the dependence of attribute pasid_enabled
    - phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328
    - phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 recalc_rate
    - phy/rockchip: inno-hdmi: do not power on rk3328 post pll on reg write
    - rpmsg: glink: Add check for kstrdup
    - leds: aw200xx: Fix error code in probe()
    - leds: simatic-ipc-leds-gpio: Restore LEDS_CLASS dependency
    - leds: pwm: Fix error code in led_pwm_create_fwnode()
    - thermal/drivers/mediatek/lvts_thermal: Handle IRQ on all controllers
    - thermal/drivers/mediatek/lvts_thermal: Honor sensors in immediate mode
    - thermal/drivers/mediatek/lvts_thermal: Use offset threshold for IRQ
    - thermal/drivers/mediatek/lvts_thermal: Disable undesired interrupts
    - thermal/drivers/mediatek/lvts_thermal: Don't leave threshold zeroed
    - thermal/drivers/mediatek/lvts_thermal: Manage threshold between sensors
    - thermal/drivers/imx8mm: Suppress log message on probe deferral
    - leds: multicolor: Use rounded division when calculating color components
    - leds: Fix BUG_ON check for LED_COLOR_ID_MULTI that is always false
    - leds: trigger: tty: Do not use LED_ON/OFF constants, use
      led_blink_set_oneshot instead
    - mtd: spi-nor: Check bus width while setting QE bit
    - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
    - mfd: rk808: Make MFD_RK8XX tristate
    - mfd: rz-mtu3: Link time dependencies
    - um: Fix hostaudio build errors
    - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
    - dmaengine: idxd: Simplify WQ attribute visibility checks
    - dmaengine: idxd: Expose ATS disable knob only when WQ ATS is supported
    - dmaengine: idxd: Allow ATS disable update only for configurable devices
    - dmaengine: idxd: Fix issues with PRS disable sysfs knob
    - remoteproc: stm32: fix incorrect optional pointers
    - Drivers: hv: vmbus: Don't dereference ACPI root object handle
    - um: virt-pci: fix missing declaration warning
    - cpufreq: Fix the race condition while updating the transition_task of policy
    - virtio_vdpa: build affinity masks conditionally
    - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
    - net: deal with integer overflows in kmalloc_reserve()
    - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
    - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
      ip_set_hash_netportnet.c
    - netfilter: nft_exthdr: Fix non-linear header modification
    - netfilter: xt_u32: validate user space input
    - netfilter: xt_sctp: validate the flag_info count
    - skbuff: skb_segment, Call zero copy functions before using skbuff frags
    - drbd: swap bvec_set_page len and offset
    - gpio: zynq: restore zynq_gpio_irq_reqres/zynq_gpio_irq_relres callbacks
    - igb: set max size RX buffer when store bad packet is enabled
    - parisc: ccio-dma: Create private runway procfs root entry
    - PM / devfreq: Fix leak in devfreq_dev_release()
    - Multi-gen LRU: fix per-zone reclaim
    - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
    - virtio_pmem: add the missing REQ_OP_WRITE for flush bio
    - rcu: dump vmalloc memory info safely
    - printk: ringbuffer: Fix truncating buffer size min_t cast
    - scsi: core: Fix the scsi_set_resid() documentation
    - mm/vmalloc: add a safer version of find_vm_area() for debug
    - cpu/hotplug: Prevent self deadlock on CPU hot-unplug
    - media: i2c: ccs: Check rules is non-NULL
    - media: i2c: Add a camera sensor top level menu
    - PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
    - ipmi_si: fix a memleak in try_smi_init()
    - ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
    - riscv: Move create_tmp_mapping() to init sections
    - riscv: Mark KASAN tmp* page tables variables as static
    - XArray: Do not return sibling entries from xa_load()
    - io_uring: fix false positive KASAN warnings
    - io_uring: break iopolling on signal
    - io_uring/sqpoll: fix io-wq affinity when IORING_SETUP_SQPOLL is used
    - io_uring/net: don't overflow multishot recv
    - io_uring/net: don't overflow multishot accept
    - io_uring: break out of iowq iopoll on teardown
    - backlight/gpio_backlight: Compare against struct fb_info.device
    - backlight/bd6107: Compare against struct fb_info.device
    - backlight/lv5207lp: Compare against struct fb_info.device
    - drm/amd/display: register edp_backlight_control() for DCN301
    - xtensa: PMU: fix base address for the newer hardware
    - LoongArch: mm: Add p?d_leaf() definitions
    - powercap: intel_rapl: Fix invalid setting of Power Limit 4
    - powerpc/ftrace: Fix dropping weak symbols with older toolchains
    - i3c: master: svc: fix probe failure when no i3c device exist
    - io_uring: Don't set affinity on a dying sqpoll thread
    - arm64: csum: Fix OoB access in IP checksum code for negative lengths
    - ALSA: usb-audio: Fix potential memory leaks at error path for UMP open
    - ALSA: seq: Fix snd_seq_expand_var_event() call to user-space
    - ALSA: hda/cirrus: Fix broken audio on hardware with two CS42L42 codecs.
    - selftests/landlock: Fix a resource leak
    - media: dvb: symbol fixup for dvb_attach()
    - media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking interrupts
    - media: nxp: Fix wrong return pointer check in mxc_isi_crossbar_init()
    - Revert "scsi: qla2xxx: Fix buffer overrun"
    - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
    - PCI: Free released resource after coalescing
    - PCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation
    - PCI/PM: Only read PCI_PM_CTRL register when available
    - dt-bindings: PCI: qcom: Fix SDX65 compatible
    - ntb: Drop packets when qp link is down
    - ntb: Clean up tx tail index on link down
    - ntb: Fix calculation ntb_transport_tx_free_entry()
    - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
    - block: fix pin count management when merging same-page segments
    - block: don't add or resize partition on the disk with GENHD_FL_NO_PART
    - procfs: block chmod on /proc/thread-self/comm
    - parisc: Fix /proc/cpuinfo output for lscpu
    - misc: fastrpc: Pass proper scm arguments for static process init
    - drm/amd/display: Add smu write msg id fail retry process
    - bpf: Fix issue in verifying allow_ptr_leaks
    - dlm: fix plock lookup when using multiple lockspaces
    - dccp: Fix out of bounds access in DCCP error handler
    - x86/sev: Make enc_dec_hypercall() accept a size instead of npages
    - r8169: fix ASPM-related issues on a number of systems with NIC version from
      RTL8168h
    - X.509: if signature is unsupported skip validation
    - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
    - fsverity: skip PKCS#7 parser when keyring is empty
    - x86/MCE: Always save CS register on AMD Zen IF Poison errors
    - crypto: af_alg - Decrement struct key.usage in alg_set_by_key_serial()
    - platform/chrome: chromeos_acpi: print hex string for ACPI_TYPE_BUFFER
    - mmc: renesas_sdhi: register irqs before registering controller
    - pstore/ram: Check start of empty przs during init
    - arm64: sdei: abort running SDEI handlers during crash
    - regulator: dt-bindings: qcom,rpm: fix pattern for children
    - iov_iter: Fix iov_iter_extract_pages() with zero-sized entries
    - RISC-V: Add ptrace support for vectors
    - s390/dcssblk: fix kernel crash with list_add corruption
    - s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
    - s390/dasd: fix string length handling
    - HID: logitech-hidpp: rework one more time the retries attempts
    - crypto: stm32 - fix loop iterating through scatterlist for DMA
    - crypto: stm32 - fix MDMAT condition
    - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
    - of: property: fw_devlink: Add a devlink for panel followers
    - USB: core: Fix oversight in SuperSpeed initialization
    - x86/smp: Don't send INIT to non-present and non-booted CPUs
    - x86/sgx: Break up long non-preemptible delays in sgx_vepc_release()
    - x86/build: Fix linker fill bytes quirk/incompatibility for ld.lld
    - perf/x86/uncore: Correct the number of CHAs on EMR
    - media: ipu3-cio2: allow ipu_bridge to be a module again
    - Bluetooth: msft: Extended monitor tracking by address filter
    - Bluetooth: HCI: Introduce HCI_QUIRK_BROKEN_LE_CODED
    - serial: sc16is7xx: remove obsolete out_thread label
    - serial: sc16is7xx: fix regression with GPIO configuration
    - mm/memfd: sysctl: fix MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED
    - selftests/memfd: sysctl: fix MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED
    - memfd: do not -EACCES old memfd_create() users with vm.memfd_noexec=2
    - memfd: replace ratcheting feature from vm.memfd_noexec with hierarchy
    - memfd: improve userspace warnings for missing exec-related flags
    - revert "memfd: improve userspace warnings for missing exec-related flags".
    - drm/amd/display: Block optimize on consecutive FAMS enables
    - Linux 6.5.3
  * Mantic update: v6.5.2 upstream stable release (LP: #2035583)
    - drm/amdgpu: correct vmhub index in GMC v10/11
    - erofs: ensure that the post-EOF tails are all zeroed
    - ksmbd: fix wrong DataOffset validation of create context
    - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
    - ksmbd: replace one-element array with flex-array member in struct
      smb2_ea_info
    - ksmbd: reduce descriptor size if remaining bytes is less than request size
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - ALSA: usb-audio: Fix init call orders for UAC1
    - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
    - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
    - HID: wacom: remove the battery when the EKR is off
    - staging: rtl8712: fix race condition
    - wifi: mt76: mt7921: do not support one stream on secondary antenna only
    - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
    - wifi: rtw88: usb: kill and free rx urbs on probe failure
    - wifi: ath11k: Don't drop tx_status when peer cannot be found
    - wifi: ath11k: Cleanup mac80211 references on failure during tx_complete
    - serial: qcom-geni: fix opp vote on shutdown
    - serial: sc16is7xx: fix broken port 0 uart init
    - serial: sc16is7xx: fix bug when first setting GPIO direction
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
    - tcpm: Avoid soft reset when partner does not support get_status
    - dt-bindings: sc16is7xx: Add property to change GPIO function
    - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
    - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
    - usb: typec: tcpci: clear the fault status bit
    - pinctrl: amd: Don't show `Invalid config param` errors
    - Linux 6.5.2
  * Mantic update: v6.5.1 upstream stable release (LP: #2035581)
    - ACPI: thermal: Drop nocrt parameter
    - module: Expose module_init_layout_section()
    - arm64: module: Use module_init_layout_section() to spot init sections
    - ARM: module: Use module_init_layout_section() to spot init sections
    - ipv6: remove hard coded limitation on ipv6_pinfo
    - lockdep: fix static memory detection even more
    - kallsyms: Fix kallsyms_selftest failure
    - Linux 6.5.1
  * [23.10 FEAT] [SEC2352] pkey: support EP11 API ordinal 6 for secure guests
    (LP: #2029390)
    - s390/zcrypt_ep11misc: support API ordinal 6 with empty pin-blob
  * [23.10 FEAT] [SEC2341] pkey: support generation of keys of type
    PKEY_TYPE_EP11_AES (LP: #2028937)
    - s390/pkey: fix/harmonize internal keyblob headers
    - s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_GENSECK2 IOCTL
    - s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_CLR2SECK2 IOCTL
    - s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_KBLOB2PROTK[23]
    - s390/pkey: fix PKEY_TYPE_EP11_AES handling in PKEY_VERIFYKEY2 IOCTL
    - s390/pkey: fix PKEY_TYPE_EP11_AES handling for sysfs attributes
    - s390/paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
  * [23.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - kernel part
    (LP: #2003674)
    - KVM: s390: interrupt: Fix single-stepping into interrupt handlers
    - KVM: s390: interrupt: Fix single-stepping into program interrupt handlers
    - KVM: s390: interrupt: Fix single-stepping kernel-emulated instructions
    - KVM: s390: interrupt: Fix single-stepping userspace-emulated instructions
    - KVM: s390: interrupt: Fix single-stepping keyless mode exits
    - KVM: s390: selftests: Add selftest for single-stepping
    - s390/vfio-ap: no need to check the 'E' and 'I' bits in APQSW after TAPQ
    - s390/vfio-ap: clean up irq resources if possible
    - s390/vfio-ap: wait for response code 05 to clear on queue reset
    - s390/vfio-ap: allow deconfigured queue to be passed through to a guest
    - s390/vfio-ap: remove upper limit on wait for queue reset to complete
    - s390/vfio-ap: store entire AP queue status word with the queue object
    - s390/vfio-ap: use work struct to verify queue reset
    - s390/vfio-ap: handle queue state change in progress on reset
    - s390/vfio-ap: check for TAPQ response codes 0x35 and 0x36
    - s390/uv: export uv_pin_shared for direct usage
    - KVM: s390: export kvm_s390_pv*_is_protected functions
    - s390/vfio-ap: make sure nib is shared
    - KVM: s390: pv: relax WARN_ONCE condition for destroy fast
    - s390/uv: UV feature check utility
    - KVM: s390: Add UV feature negotiation
    - KVM: s390: pv: Allow AP-instructions for pv-guests
  * Make backlight module auto detect dell_uart_backlight (LP: #2008882)
    - SAUCE: ACPI: video: Dell AIO UART backlight detection
  * Avoid address overwrite in kernel_connect (LP: #2035163)
    - net: annotate data-races around sock->ops
    - net: Avoid address overwrite in kernel_connect
  * Include QCA WWAN 5G Qualcomm SDX62/DW5932e support (LP: #2035306)
    - bus: mhi: host: pci_generic: Add support for Dell DW5932e
  * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
    - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
    - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
    - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
      load
    - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
      suspending.
    - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
    - ALSA: hda: cs35l41: Move Play and Pause into separate functions
    - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
    - ALSA: hda: cs35l41: Use pre and post playback hooks
    - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
    - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
    - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
  * Enable ASPM for NVMe behind VMD (LP: #2034504)
    - Revert "UBUNTU: SAUCE: vmd: fixup bridge ASPM by driver name instead"
    - Revert "UBUNTU: SAUCE: PCI/ASPM: Enable LTR for endpoints behind VMD"
    - Revert "UBUNTU: SAUCE: PCI/ASPM: Enable ASPM for links under VMD domain"
    - SAUCE: PCI/ASPM: Allow ASPM override over FADT default
    - SAUCE: PCI: vmd: Mark ASPM override for device behind VMD bridge
  * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364)
    - [Config] Default to performance CPUFreq governor on riscv64
  * Enable Nezha board (LP: #1975592)
    - [Config] Enable CONFIG_REGULATOR_FIXED_VOLTAGE on riscv64
    - [Config] Build in D1 clock drivers on riscv64
    - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64
    - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64
    - [Config] Disable SUN50I_DE2_BUS on riscv64
    - [Config] Disable unneeded sunxi pinctrl drivers on riscv64
  * Enable Nezha board (LP: #1975592) // Enable StarFive VisionFive 2 board
    (LP: #2013232)
    - [Config] Enable CONFIG_SERIAL_8250_DW on riscv64
  * Enable StarFive VisionFive 2 board (LP: #2013232)
    - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64
    - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64
  * rcu_sched detected stalls on CPUs/tasks (LP: #1967130)
    - [Config] Enable virtually mapped stacks on riscv64
  * RISC-V kernel config is out of sync with other archs (LP: #1981437)
    - [Config] Sync riscv64 config with other architectures
  * Support for Intel Discrete Gale Peak2/BE200 (LP: #2028065)
    - Bluetooth: btintel: Add support for Gale Peak
    - Bluetooth: Add support for Gale Peak (8087:0036)
  * Missing BT IDs for support for Intel Discrete Misty Peak2/BE202
    (LP: #2033455)
    - SAUCE: Bluetooth: btusb: Add support for Intel Misty Peak - 8087:0038
  * Audio device fails to function randomly on Intel MTL platform: No CPC match
    in the firmware file's manifest (LP: #2034506)
    - ASoC: SOF: ipc4-topology: Add module parameter to ignore the CPC value
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Installation support for SMARC RZ/G2L platform (LP: #2030525)
    - [Config] build Renesas RZ/G2L USBPHY control driver statically
  * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226)
    - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64
  * Default module signing algo should be accelerated (LP: #2034061)
    - [Config] Default module signing algo should be accelerated
  * NEW SRU rustc linux kernel requirements (LP: #1993183)
    - [Packaging] re-enable Rust support
  * FATAL:credentials.cc(127)] Check failed: . : Permission denied (13)
    (LP: #2017980)
    - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS
  * update apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor4.0.0 [01/76]: add/use fns to print hash string hex value
    - SAUCE: apparmor4.0.0 [02/76]: rename SK_CTX() to aa_sock and make it an
      inline fn
    - SAUCE: apparmor4.0.0 [03/76]: patch to provide compatibility with v2.x net
      rules
    - SAUCE: apparmor4.0.0 [04/76]: add user namespace creation mediation
    - SAUCE: apparmor4.0.0 [05/76]: Add sysctls for additional controls of unpriv
      userns restrictions
    - SAUCE: apparmor4.0.0 [06/76]: af_unix mediation
    - SAUCE: apparmor4.0.0 [07/76]: Add fine grained mediation of posix mqueues
    - SAUCE: apparmor4.0.0 [08/76]: Stacking v38: LSM: Identify modules by more
      than name
    - SAUCE: apparmor4.0.0 [09/76]: Stacking v38: LSM: Add an LSM identifier for
      external use
    - SAUCE: apparmor4.0.0 [10/76]: Stacking v38: LSM: Identify the process
      attributes for each module
    - SAUCE: apparmor4.0.0 [11/76]: Stacking v38: LSM: Maintain a table of LSM
      attribute data
    - SAUCE: apparmor4.0.0 [12/76]: Stacking v38: proc: Use lsmids instead of lsm
      names for attrs
    - SAUCE: apparmor4.0.0 [13/76]: Stacking v38: integrity: disassociate
      ima_filter_rule from security_audit_rule
    - SAUCE: apparmor4.0.0 [14/76]: Stacking v38: LSM: Infrastructure management
      of the sock security
    - SAUCE: apparmor4.0.0 [15/76]: Stacking v38: LSM: Add the lsmblob data
      structure.
    - SAUCE: apparmor4.0.0 [16/76]: Stacking v38: LSM: provide lsm name and id
      slot mappings
    - SAUCE: apparmor4.0.0 [17/76]: Stacking v38: IMA: avoid label collisions with
      stacked LSMs
    - SAUCE: apparmor4.0.0 [18/76]: Stacking v38: LSM: Use lsmblob in
      security_audit_rule_match
    - SAUCE: apparmor4.0.0 [19/76]: Stacking v38: LSM: Use lsmblob in
      security_kernel_act_as
    - SAUCE: apparmor4.0.0 [20/76]: Stacking v38: LSM: Use lsmblob in
      security_secctx_to_secid
    - SAUCE: apparmor4.0.0 [21/76]: Stacking v38: LSM: Use lsmblob in
      security_secid_to_secctx
    - SAUCE: apparmor4.0.0 [22/76]: Stacking v38: LSM: Use lsmblob in
      security_ipc_getsecid
    - SAUCE: apparmor4.0.0 [23/76]: Stacking v38: LSM: Use lsmblob in
      security_current_getsecid
    - SAUCE: apparmor4.0.0 [24/70]: Stacking v38: LSM: Use lsmblob in
      security_inode_getsecid
    - SAUCE: apparmor4.0.0 [25/76]: Stacking v38: LSM: Use lsmblob in
      security_cred_getsecid
    - SAUCE: apparmor4.0.0 [26/76]: Stacking v38: LSM: Specify which LSM to
      display
    - SAUCE: apparmor4.0.0 [28/76]: Stacking v38: LSM: Ensure the correct LSM
      context releaser
    - SAUCE: apparmor4.0.0 [29/76]: Stacking v38: LSM: Use lsmcontext in
      security_secid_to_secctx
    - SAUCE: apparmor4.0.0 [30/76]: Stacking v38: LSM: Use lsmcontext in
      security_inode_getsecctx
    - SAUCE: apparmor4.0.0 [31/76]: Stacking v38: Use lsmcontext in
      security_dentry_init_security
    - SAUCE: apparmor4.0.0 [32/76]: Stacking v38: LSM: security_secid_to_secctx in
      netlink netfilter
    - SAUCE: apparmor4.0.0 [33/76]: Stacking v38: NET: Store LSM netlabel data in
      a lsmblob
    - SAUCE: apparmor4.0.0 [34/76]: Stacking v38: binder: Pass LSM identifier for
      confirmation
    - SAUCE: apparmor4.0.0 [35/76]: Stacking v38: LSM: security_secid_to_secctx
      module selection
    - SAUCE: apparmor4.0.0 [36/76]: Stacking v38: Audit: Keep multiple LSM data in
      audit_names
    - SAUCE: apparmor4.0.0 [37/76]: Stacking v38: Audit: Create audit_stamp
      structure
    - SAUCE: apparmor4.0.0 [38/76]: Stacking v38: LSM: Add a function to report
      multiple LSMs
    - SAUCE: apparmor4.0.0 [39/76]: Stacking v38: Audit: Allow multiple records in
      an audit_buffer
    - SAUCE: apparmor4.0.0 [40/76]: Stacking v38: Audit: Add record for multiple
      task security contexts
    - SAUCE: apparmor4.0.0 [41/76]: Stacking v38: audit: multiple subject lsm
      values for netlabel
    - SAUCE: apparmor4.0.0 [42/76]: Stacking v38: Audit: Add record for multiple
      object contexts
    - SAUCE: apparmor4.0.0 [43/76]: Stacking v38: netlabel: Use a struct lsmblob
      in audit data
    - SAUCE: apparmor4.0.0 [44/76]: Stacking v38: LSM: Removed scaffolding
      function lsmcontext_init
    - SAUCE: apparmor4.0.0 [45/76]: Stacking v38: AppArmor: Remove the exclusive
      flag
    - SAUCE: apparmor4.0.0 [46/76]: combine common_audit_data and
      apparmor_audit_data
    - SAUCE: apparmor4.0.0 [47/76]: setup slab cache for audit data
    - SAUCE: apparmor4.0.0 [48/76]: rename audit_data->label to
      audit_data->subj_label
    - SAUCE: apparmor4.0.0 [49/76]: pass cred through to audit info.
    - SAUCE: apparmor4.0.0 [50/76]: Improve debug print infrastructure
    - SAUCE: apparmor4.0.0 [51/76]: add the ability for profiles to have a
      learning cache
    - SAUCE: apparmor4.0.0 [52/76]: enable userspace upcall for mediation
    - SAUCE: apparmor4.0.0 [53/76]: cache buffers on percpu list if there is lock
      contention
    - SAUCE: apparmor4.0.0 [54/76]: advertise availability of exended perms
    - SAUCE: apparmor4.0.0 [56/76]: cleanup: provide separate audit messages for
      file and policy checks
    - SAUCE: apparmor4.0.0 [57/76]: prompt - lock down prompt interface
    - SAUCE: apparmor4.0.0 [58/76]: prompt - ref count pdb
    - SAUCE: apparmor4.0.0 [59/76]: prompt - allow controlling of caching of a
      prompt response
    - SAUCE: apparmor4.0.0 [60/76]: prompt - add refcount to audit_node in prep or
      reuse and delete
    - SAUCE: apparmor4.0.0 [61/76]: prompt - refactor to moving caching to
      uresponse
    - SAUCE: apparmor4.0.0 [62/76]: prompt - Improve debug statements
    - SAUCE: apparmor4.0.0 [63/76]: prompt - fix caching
    - SAUCE: apparmor4.0.0 [64/76]: prompt - rework build to use append fn, to
      simplify adding strings
    - SAUCE: apparmor4.0.0 [65/76]: prompt - refcount notifications
    - SAUCE: apparmor4.0.0 [66/76]: prompt - add the ability to reply with a
      profile name
    - SAUCE: apparmor4.0.0 [67/76]: prompt - fix notification cache when updating
    - SAUCE: apparmor4.0.0 [68/76]: prompt - add tailglob on name for cache
      support
    - SAUCE: apparmor4.0.0 [69/76]: prompt - allow profiles to set prompts as
      interruptible
    - SAUCE: apparmor4.0.0 [74/76]: advertise disconnected.path is available
    - SAUCE: apparmor4.0.0 [75/76]: fix invalid reference on profile->disconnected
    - SAUCE: apparmor4.0.0 [76/76]: add io_uring mediation
    - SAUCE: apparmor4.0.0: apparmor: Fix regression in mount mediation
  * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]
    apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic
    (LP: #2032602)
    - SAUCE: apparmor4.0.0 [70/76]: prompt - add support for advanced filtering of
      notifications
    - SAUCE: apparmor4.0.0 [71/76]: userns - add the ability to reference a global
      variable for a feature value
    - SAUCE: apparmor4.0.0 [72/76]: userns - make it so special unconfined
      profiles can mediate user namespaces
    - SAUCE: apparmor4.0.0 [73/76]: userns - allow restricting unprivileged
      change_profile
  * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update
    apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor4.0.0 [55/76]: fix profile verification and enable it
  * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
    default) (LP: #2016908) // update apparmor and LSM stacking patch set
    (LP: #2028253)
    - SAUCE: apparmor4.0.0 [27/76]: Stacking v38: Fix prctl() syscall with
      apparmor=0
  * Miscellaneous Ubuntu changes
    - SAUCE: fan: relax strict length validation in vxlan policy
    - [Config] update gcc version in annotations
    - [Config] update annotations after apply 6.5 stable updates
  * Miscellaneous upstream changes
    - fs/address_space: add alignment padding for i_map and i_mmap_rwsem to
      mitigate a false sharing.
    - mm/mmap: move vma operations to mm_struct out of the critical section of
      file mapping lock

[ Ubuntu: 6.5.0-5.5 ]

* mantic/linux: 6.5.0-5.5 -proposed tracker (LP: #2034546)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

[ Ubuntu: 6.5.0-4.4 ]

* mantic/linux: 6.5.0-4.4 -proposed tracker (LP: #2034042)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)

[ Ubuntu: 6.5.0-3.3 ]

* mantic/linux: 6.5.0-3.3 -proposed tracker (LP: #2033904)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.08.23)
  * [23.10] Please test secure-boot and lockdown on the early 6.5 kernel (s390x)
    (LP: #2026833)
    - [Packaging] re-enable signing for s390x
  * Miscellaneous upstream changes
    - module/decompress: use vmalloc() for zstd decompression workspace

-- Timo Aaltonen <timo.aaltonen@canonical.com>  Fri, 15 Sep 2023 19:06:55 +0300

Changed in linux-oem-6.5 (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-10-05:

#9

This bug was fixed in the package linux - 6.5.0-7.7

---------------
linux (6.5.0-7.7) mantic; urgency=medium

* mantic/linux: 6.5.0-7.7 -proposed tracker (LP: #2037611)

* kexec enable to load/kdump zstd compressed zimg (LP: #2037398)
- [Packaging] Revert arm64 image format to Image.gz

  * Mantic minimized/minimal cloud images do not receive IP address during
    provisioning (LP: #2036968)
    - [Config] Enable virtio-net as built-in to avoid race

  * Miscellaneous Ubuntu changes
    - SAUCE: Add mdev_set_iommu_device() kABI
    - [Config] update gcc version in annotations

-- Andrea Righi <email address hidden> Thu, 28 Sep 2023 10:19:24 +0200

Changed in linux (Ubuntu):
status:	Confirmed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-24:

#10

This bug is awaiting verification that the linux-azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-azure-6.5' to 'verification-failed-jammy-linux-azure-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-azure-6.5-v2 verification-needed-jammy-linux-azure-6.5

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-10-24:

#11

This bug is awaiting verification that the linux-aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-6.5' to 'verification-failed-jammy-linux-aws-6.5'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-aws-6.5-v2 verification-needed-jammy-linux-aws-6.5

Revision history for this message

Brian Murray (brian-murray) wrote on 2024-01-25:

#12

Ubuntu 23.04 (Lunar Lobster) has reached end of life, so this bug will not be fixed for that specific release.

Changed in linux (Ubuntu Lunar):
status:	Fix Committed → Won't Fix

Ubuntu
linux package

NULL pointer dereference on CS35L41 HDA AMP

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
HWE Next	New	Undecided	Unassigned
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Jammy	Won't Fix	Undecided	Unassigned
Lunar	Won't Fix	High	Unassigned
linux-oem-6.1 (Ubuntu)	Invalid	Undecided	Unassigned
Jammy	Fix Released	High	Unassigned
Lunar	Invalid	Undecided	Unassigned
linux-oem-6.5 (Ubuntu)	Invalid	Undecided	Unassigned
Jammy	Fix Released	Undecided	Unassigned
Lunar	Invalid	Undecided	Unassigned

Ubuntulinux package

NULL pointer dereference on CS35L41 HDA AMP

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package