Bug #2048555 “jammy/linux-gcp-6.2: 6.2.0-1021.23~22.04.1 -propos...” : Series certification-testing : Bugs : Kernel SRU Workflow

Thadeu Lima de Souza Cascardo (cascardo) on 2024-01-08

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-s2023.10.30-1
description:	updated
description:	updated
tags:	added: kernel-sru-backport-of-2048556
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-08

Changed in linux-gcp-6.2 (Ubuntu Jammy):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged
description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-08

tags:	added: kernel-jira-issue-ksru-10782
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-15

description:

updated

Masahiro Yamada (myamada) on 2024-01-16

summary:

- jammy/linux-gcp-6.2: <version to be filled> -proposed tracker
+ jammy/linux-gcp-6.2: 6.2.0-1021.23~22.04.1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-16

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-16

tags:	added: kernel-jira-in-review
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-19

tags:

removed: kernel-jira-in-review

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-19

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:	updated
description:	updated

Revision history for this message

Ubuntu Kernel Ancillary Bot (ubuntu-kernel-ancillary-bot) wrote on 2024-01-20: ABI testing

#1

amd64/gcp canonical-certs.pem unchanged
amd64/gcp canonical-revoked-certs.pem unchanged
amd64/gcp fwinfo unchanged
amd64/gcp modules unchanged
amd64/gcp retpoline unchanged
arm64/gcp canonical-certs.pem unchanged
arm64/gcp canonical-revoked-certs.pem unchanged
arm64/gcp fwinfo unchanged
arm64/gcp modules unchanged
arm64/gcp retpoline unchanged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-01-20: Kernel requires additional signoff

#2

linux-image name changes detected, review variant/flavour changes; kernel-signoff required.

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-20

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-22

description:

updated

Andy Whitcroft (apw) on 2024-01-23

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-23

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-23

description:

updated

Thadeu Lima de Souza Cascardo (cascardo) on 2024-01-24

tags:

added: regression-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-24

description:

updated

Andy Whitcroft (apw) on 2024-01-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-01-24

description:

updated

Roxana Nicolescu (roxanan) on 2024-02-08

tags:

added: verification-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-08

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2024-02-08:

#3

Download full text (40.0 KiB)

This bug was fixed in the package linux-gcp-6.2 - 6.2.0-1021.23~22.04.1

---------------
linux-gcp-6.2 (6.2.0-1021.23~22.04.1) jammy; urgency=medium

* jammy/linux-gcp-6.2: 6.2.0-1021.23~22.04.1 -proposed tracker (LP: #2048555)

[ Ubuntu: 6.2.0-1021.23 ]

  * lunar/linux-gcp: 6.2.0-1021.23 -proposed tracker (LP: #2048556)
  * Packaging resync (LP: #1786013)
    - [Packaging] remove helper scripts
  * lunar/linux: 6.2.0-40.41 -proposed tracker (LP: #2048568)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * CVE-2024-0193
    - netfilter: nf_tables: skip set commit for deleted/destroyed sets
  * CVE-2023-6606
    - smb: client: fix OOB in smbCalcSize()
  * CVE-2023-6817
    - netfilter: nft_set_pipapo: skip inactive elements during set walk
  * CVE-2023-6932
    - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
  * CVE-2023-6931
    - perf: Fix perf_event_validate_size()
    - perf: Fix perf_event_validate_size() lockdep splat

[ Ubuntu: 6.2.0-1020.22 ]

  * lunar/linux-gcp: 6.2.0-1020.22 -proposed tracker (LP: #2041544)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
  * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451)
  * USB bus error after upgrading to proposed kernel on lunar and jammy
    (LP: #2043197)
    - USB: core: Fix oversight in SuperSpeed initialization
  * Include cifs.ko in linux-modules package (LP: #2042546)
    - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list
  * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557)
  * CVE-2023-25775
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL
  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read
  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-39193
    - netfilter: xt_sctp: validate the flag_info count
  * CVE-2023-39192
    - netfilter: xt_u32: validate user space input
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads
  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup
  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe
  * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884)
    - ACPI: thermal: Drop nocrt parameter
    - module: Expose module_init_layout_section()...

This bug was fixed in the package linux-gcp-6.2 - 6.2.0-1021.23~22.04.1

---------------
linux-gcp-6.2 (6.2.0-1021.23~22.04.1) jammy; urgency=medium

* jammy/linux-gcp-6.2: 6.2.0-1021.23~22.04.1 -proposed tracker (LP: #2048555)

[ Ubuntu: 6.2.0-1021.23 ]

* lunar/linux-gcp: 6.2.0-1021.23 -proposed tracker (LP: #2048556)
  * Packaging resync (LP: #1786013)
    - [Packaging] remove helper scripts
  * lunar/linux: 6.2.0-40.41 -proposed tracker (LP: #2048568)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * CVE-2024-0193
    - netfilter: nf_tables: skip set commit for deleted/destroyed sets
  * CVE-2023-6606
    - smb: client: fix OOB in smbCalcSize()
  * CVE-2023-6817
    - netfilter: nft_set_pipapo: skip inactive elements during set walk
  * CVE-2023-6932
    - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
  * CVE-2023-6931
    - perf: Fix perf_event_validate_size()
    - perf: Fix perf_event_validate_size() lockdep splat

[ Ubuntu: 6.2.0-1020.22 ]

* lunar/linux-gcp: 6.2.0-1020.22 -proposed tracker (LP: #2041544)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
  * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451)
  * USB bus error after upgrading to proposed kernel on lunar and jammy
    (LP: #2043197)
    - USB: core: Fix oversight in SuperSpeed initialization
  * Include cifs.ko in linux-modules package (LP: #2042546)
    - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list
  * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557)
  * CVE-2023-25775
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL
  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read
  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-39193
    - netfilter: xt_sctp: validate the flag_info count
  * CVE-2023-39192
    - netfilter: xt_u32: validate user space input
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads
  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup
  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe
  * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884)
    - ACPI: thermal: Drop nocrt parameter
    - module: Expose module_init_layout_section()
    - arm64: module-plts: inline linux/moduleloader.h
    - arm64: module: Use module_init_layout_section() to spot init sections
    - ARM: module: Use module_init_layout_section() to spot init sections
    - lockdep: fix static memory detection even more
    - parisc: Cleanup mmap implementation regarding color alignment
    - parisc: sys_parisc: parisc_personality() is called from asm code
    - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc
    - kallsyms: Fix kallsyms_selftest failure
    - module/decompress: use vmalloc() for zstd decompression workspace
    - Upstream stable to v6.1.51, v6.4.14
    - erofs: ensure that the post-EOF tails are all zeroed
    - ksmbd: fix wrong DataOffset validation of create context
    - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
    - ksmbd: replace one-element array with flex-array member in struct
      smb2_ea_info
    - ksmbd: reduce descriptor size if remaining bytes is less than request size
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - ALSA: usb-audio: Fix init call orders for UAC1
    - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
    - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
    - HID: wacom: remove the battery when the EKR is off
    - staging: rtl8712: fix race condition
    - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
      condition
    - wifi: mt76: mt7921: do not support one stream on secondary antenna only
    - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
    - serial: qcom-geni: fix opp vote on shutdown
    - serial: sc16is7xx: fix broken port 0 uart init
    - serial: sc16is7xx: fix bug when first setting GPIO direction
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
    - tcpm: Avoid soft reset when partner does not support get_status
    - dt-bindings: sc16is7xx: Add property to change GPIO function
    - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
    - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
    - usb: typec: tcpci: clear the fault status bit
    - pinctrl: amd: Don't show `Invalid config param` errors
    - wifi: rtw88: usb: kill and free rx urbs on probe failure
    - Upstream stable to v6.1.52, v6.4.15
  * Lunar update: upstream stable patchset 2023-10-18 (LP: #2039742)
    - NFSv4.2: fix error handling in nfs42_proc_getxattr
    - NFSv4: fix out path in __nfs4_get_acl_uncached
    - xprtrdma: Remap Receive buffers after a reconnect
    - drm/ast: Use drm_aperture_remove_conflicting_pci_framebuffers
    - fbdev/radeon: use pci aperture helpers
    - PCI: acpiphp: Reassign resources on bridge if necessary
    - MIPS: cpu-features: Enable octeon_cache by cpu_type
    - MIPS: cpu-features: Use boot_cpu_type for CPU type based features
    - jbd2: remove t_checkpoint_io_list
    - jbd2: remove journal_clean_one_cp_list()
    - jbd2: fix a race when checking checkpoint buffer busy
    - can: raw: fix receiver memory leak
    - can: raw: fix lockdep issue in raw_release()
    - s390/zcrypt: remove unnecessary (void *) conversions
    - s390/zcrypt: fix reply buffer calculations for CCA replies
    - drm/i915: Add the gen12_needs_ccs_aux_inv helper
    - drm/i915/gt: Ensure memory quiesced before invalidation
    - drm/i915/gt: Poll aux invalidation register bit on invalidation
    - drm/i915/gt: Support aux invalidation on all engines
    - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
    - tracing: Fix memleak due to race between current_tracer and trace
    - octeontx2-af: SDP: fix receive link config
    - devlink: move code to a dedicated directory
    - devlink: add missing unregister linecard notification
    - net: dsa: felix: fix oversize frame dropping for always closed tc-taprio
      gates
    - sock: annotate data-races around prot->memory_pressure
    - dccp: annotate data-races in dccp_poll()
    - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
    - mlxsw: pci: Set time stamp fields also when its type is MIRROR_UTC
    - mlxsw: reg: Fix SSPR register layout
    - mlxsw: Fix the size of 'VIRT_ROUTER_MSB'
    - selftests: mlxsw: Fix test failure on Spectrum-4
    - net: dsa: mt7530: fix handling of 802.1X PAE frames
    - net: bgmac: Fix return value check for fixed_phy_register()
    - net: bcmgenet: Fix return value check for fixed_phy_register()
    - net: validate veth and vxcan peer ifindexes
    - ipv4: fix data-races around inet->inet_id
    - ice: fix receive buffer size miscalculation
    - Revert "ice: Fix ice VF reset during iavf initialization"
    - ice: Fix NULL pointer deref during VF reset
    - selftests: bonding: do not set port down before adding to bond
    - can: isotp: fix support for transmission of SF without flow control
    - igb: Avoid starting unnecessary workqueues
    - igc: Fix the typo in the PTM Control macro
    - net/sched: fix a qdisc modification with ambiguous command request
    - i40e: fix potential NULL pointer dereferencing of pf->vf
      i40e_sync_vsi_filters()
    - netfilter: nf_tables: flush pending destroy work before netlink notifier
    - netfilter: nf_tables: fix out of memory error handling
    - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
    - bonding: fix macvlan over alb bond support
    - KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs
    - ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x
    - ASoC: cs35l41: Correct amp_gain_tlv values
    - ibmveth: Use dcbf rather than dcbfl
    - wifi: mac80211: limit reorder_buf_filtered to avoid UBSAN warning
    - platform/x86: ideapad-laptop: Add support for new hotkeys found on ThinkBook
      14s Yoga ITL
    - NFSv4: Fix dropped lock for racing OPEN and delegation return
    - clk: Fix slab-out-of-bounds error in devm_clk_release()
    - mm,ima,kexec,of: use memblock_free_late from ima_free_kexec_buffer
    - shmem: fix smaps BUG sleeping while atomic
    - ALSA: ymfpci: Fix the missing snd_card_free() call at probe error
    - mm/gup: handle cont-PTE hugetlb pages correctly in gup_must_unshare() via
      GUP-fast
    - mm: add a call to flush_cache_vmap() in vmap_pfn()
    - mm: memory-failure: fix unexpected return value in soft_offline_page()
    - NFS: Fix a use after free in nfs_direct_join_group()
    - nfsd: Fix race to FREE_STATEID and cl_revoked
    - selinux: set next pointer before attaching to list
    - batman-adv: Trigger events for auto adjusted MTU
    - batman-adv: Don't increase MTU when set by user
    - batman-adv: Do not get eth header before batadv_check_management_packet
    - batman-adv: Fix TT global entry leak when client roamed back
    - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
    - batman-adv: Hold rtnl lock during MTU update via netlink
    - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
    - riscv: Handle zicsr/zifencei issue between gcc and binutils
    - riscv: Fix build errors using binutils2.37 toolchains
    - radix tree: remove unused variable
    - of: unittest: Fix EXPECT for parse_phandle_with_args_map() test
    - of: dynamic: Refactor action prints to not use "%pOF" inside devtree_lock
    - pinctrl: amd: Mask wake bits on probe again
    - media: vcodec: Fix potential array out-of-bounds in encoder queue_setup
    - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root
      bus
    - drm/vmwgfx: Fix shader stage validation
    - drm/display/dp: Fix the DP DSC Receiver cap size
    - x86/fpu: Invalidate FPU state correctly on exec()
    - hwmon: (aquacomputer_d5next) Add selective 200ms delay after sending ctrl
      report
    - nfs: use vfs setgid helper
    - nfsd: use vfs setgid helper
    - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
    - sched/cpuset: Bring back cpuset_mutex
    - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
    - cgroup/cpuset: Iterate only if DEADLINE tasks are present
    - sched/deadline: Create DL BW alloc, free & check overflow interface
    - cgroup/cpuset: Free DL BW in case can_attach() fails
    - ublk: remove check IO_URING_F_SQE128 in ublk_ch_uring_cmd
    - can: raw: add missing refcount for memory leak fix
    - madvise:madvise_free_pte_range(): don't use mapcount() against large folio
      for sharing check
    - scsi: snic: Fix double free in snic_tgt_create()
    - scsi: core: raid_class: Remove raid_component_add()
    - clk: Fix undefined reference to `clk_rate_exclusive_{get,put}'
    - pinctrl: renesas: rzg2l: Fix NULL pointer dereference in
      rzg2l_dt_subnode_to_map()
    - pinctrl: renesas: rzv2m: Fix NULL pointer dereference in
      rzv2m_dt_subnode_to_map()
    - pinctrl: renesas: rza2: Add lock around
      pinctrl_generic{{add,remove}_group,{add,remove}_function}
    - dma-buf/sw_sync: Avoid recursive lock during fence signal
    - gpio: sim: dispose of irq mappings before destroying the irq_sim domain
    - gpio: sim: pass the GPIO device's software node to irq domain
    - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ
    - maple_tree: disable mas_wr_append() when other readers are possible
    - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG
    - tg3: Use slab_build_skb() when needed
    - Upstream stable to v6.1.50, v6.4.13
  * CVE-2023-42754
    - ipv4: fix null-deref in ipv4_link_failure
  * Remove duplication of devm_pwmchip_add function definition (LP: #2039542)
    - Revert "pwm: Add a stub for devm_pwmchip_add()"
  * Lunar update: upstream stable patchset 2023-10-11 (LP: #2039110)
    - selftests: forwarding: tc_actions: cleanup temporary files when test is
      aborted
    - net/smc: replace mutex rmbs_lock and sndbufs_lock with rw_semaphore
    - net: phy: at803x: Use devm_regulator_get_enable_optional()
    - net: phy: at803x: fix the wol setting functions
    - drm/amdgpu: fix calltrace warning in amddrm_buddy_fini
    - drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
    - drm/amdgpu: fix memory leak in mes self test
    - ASoC: Intel: sof_sdw: add quirk for MTL RVP
    - ASoC: Intel: sof_sdw: add quirk for LNL RVP
    - PCI: tegra194: Fix possible array out of bounds access
    - ASoC: SOF: amd: Add pci revision id check
    - drm/stm: ltdc: fix late dereference check
    - drm: rcar-du: remove R-Car H3 ES1.* workarounds
    - ASoC: amd: vangogh: Add check for acp config flags in vangogh platform
    - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings
    - ASoC: Intel: sof_sdw_rt_sdca_jack_common: test SOF_JACK_JDSRC in _exit
    - ASoC: Intel: sof_sdw: Add support for Rex soundwire
    - iopoll: Call cpu_relax() in busy loops
    - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion
    - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
    - accel/habanalabs: add pci health check during heartbeat
    - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL
      Keyboard
    - iommu/amd: Introduce Disable IRTE Caching Support
    - drm/amdgpu: install stub fence into potential unused fence pointers
    - drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz
    - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
    - drm/amd/display: Skip DPP DTO update if root clock is gated
    - drm/amd/display: Enable dcn314 DPP RCO
    - ASoC: SOF: core: Free the firmware trace before calling snd_sof_shutdown()
    - HID: intel-ish-hid: ipc: Add Arrow Lake PCI device ID
    - ALSA: hda/realtek: Add quirks for ROG ALLY CS35l41 audio
    - smb: client: fix warning in cifs_smb3_do_mount()
    - cifs: fix session state check in reconnect to avoid use-after-free issue
    - serial: stm32: Ignore return value of uart_remove_one_port() in .remove()
    - led: qcom-lpg: Fix resource leaks in for_each_available_child_of_node()
      loops
    - media: v4l2-mem2mem: add lock to protect parameter num_rdy
    - media: camss: set VFE bpl_alignment to 16 for sdm845 and sm8250
    - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
    - usb: gadget: uvc: queue empty isoc requests if no video buffer is available
    - media: platform: mediatek: vpu: fix NULL ptr dereference
    - thunderbolt: Read retimer NVM authentication status prior
      tb_retimer_set_inbound_sbtx()
    - usb: chipidea: imx: don't request QoS for imx8ulp
    - usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
    - gfs2: Fix possible data races in gfs2_show_options()
    - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
    - thunderbolt: Add Intel Barlow Ridge PCI ID
    - thunderbolt: Limit Intel Barlow Ridge USB3 bandwidth
    - firewire: net: fix use after free in fwnet_finish_incoming_packet()
    - watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub)
    - Bluetooth: L2CAP: Fix use-after-free
    - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
    - ceph: try to dump the msgs when decoding fails
    - drm/amdgpu: Fix potential fence use-after-free v2
    - fs/ntfs3: Enhance sanity check while generating attr_list
    - fs: ntfs3: Fix possible null-pointer dereferences in mi_read()
    - fs/ntfs3: Mark ntfs dirty when on-disk struct is corrupted
    - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
    - ALSA: hda: fix a possible null-pointer dereference due to data race in
      snd_hdac_regmap_sync()
    - ALSA: hda/realtek: Add quirk for ASUS ROG GX650P
    - ALSA: hda/realtek: Add quirk for ASUS ROG GA402X
    - ALSA: hda/realtek: Add quirk for ASUS ROG GZ301V
    - powerpc/kasan: Disable KCOV in KASAN code
    - Bluetooth: MGMT: Use correct address for memcpy()
    - ring-buffer: Do not swap cpu_buffer during resize process
    - igc: read before write to SRRCTL register
    - drm/amd/display: save restore hdcp state when display is unplugged from mst
      hub
    - drm/amd/display: phase3 mst hdcp for multiple displays
    - drm/amd/display: fix access hdcp_workqueue assert
    - fbdev/hyperv-fb: Do not set struct fb_info.apertures
    - btrfs: move out now unused BG from the reclaim list
    - btrfs: fix use-after-free of new block group that became unused
    - virtio-mmio: don't break lifecycle of vm_dev
    - vduse: Use proper spinlock for IRQ injection
    - vdpa/mlx5: Fix mr->initialized semantics
    - vdpa/mlx5: Delete control vq iotlb in destroy_mr only when necessary
    - cifs: fix potential oops in cifs_oplock_break
    - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
    - i2c: hisi: Only handle the interrupt of the driver's transfer
    - i2c: tegra: Fix i2c-tegra DMA config option processing
    - fbdev: mmp: fix value check in mmphw_probe()
    - powerpc/rtas_flash: allow user copy to flash block cache objects
    - vdpa: Add features attr to vdpa_nl_policy for nlattr length check
    - vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check
    - vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check
    - vdpa: Enable strict validation for netlinks ops
    - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
    - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
      platforms
    - btrfs: fix incorrect splitting in btrfs_drop_extent_map_range
    - btrfs: fix BUG_ON condition in btrfs_cancel_balance
    - i2c: designware: Correct length byte validation logic
    - i2c: designware: Handle invalid SMBus block data response length value
    - net: xfrm: Fix xfrm_address_filter OOB read
    - net: af_key: fix sadb_x_filter validation
    - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
    - xfrm: fix slab-use-after-free in decode_session6
    - ip6_vti: fix slab-use-after-free in decode_session6
    - ip_vti: fix potential slab-use-after-free in decode_session6
    - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH
    - virtio_net: notify MAC address change on device initialization
    - virtio-net: set queues after driver_ok
    - net: pcs: Add missing put_device call in miic_create
    - net: phy: fix IRQ-based wake-on-lan over hibernate / power off
    - selftests: mirror_gre_changes: Tighten up the TTL test match
    - drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs
    - net: macb: In ZynqMP resume always configure PS GTR for non-wakeup source
    - octeon_ep: cancel tx_timeout_task later in remove sequence
    - netfilter: nf_tables: fix false-positive lockdep splat
    - ipvs: fix racy memcpy in proc_do_sync_threshold
    - net: phy: broadcom: stub c45 read/write for 54810
    - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - net: openvswitch: reject negative ifindex
    - iavf: fix FDIR rule fields masks validation
    - i40e: fix misleading debug logs
    - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
    - sfc: don't unregister flow_indr if it was never registered
    - sock: Fix misuse of sk_under_memory_pressure()
    - net: do not allow gso_size to be set to GSO_BY_FRAGS
    - qede: fix firmware halt over suspend and resume
    - ice: Block switchdev mode when ADQ is active and vice versa
    - bus: ti-sysc: Flush posted write on enable before reset
    - arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict
    - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4
    - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK 4C+
    - ARM: dts: imx: align LED node names with dtschema
    - ARM: dts: imx6: phytec: fix RTC interrupt level
    - arm64: dts: imx8mm: Drop CSI1 PHY reference clock configuration
    - ARM: dts: imx: Set default tuning step for imx6sx usdhc
    - arm64: dts: imx93: Fix anatop node size
    - ASoC: rt5665: add missed regulator_bulk_disable
    - ASoC: meson: axg-tdm-formatter: fix channel slot allocation
    - ALSA: hda/realtek: Add quirks for HP G11 Laptops
    - soc: aspeed: uart-routing: Use __sysfs_match_string
    - soc: aspeed: socinfo: Add kfree for kstrdup
    - ALSA: hda/realtek - Remodified 3k pull low procedure
    - riscv: uaccess: Return the number of bytes effectively not copied
    - serial: 8250: Fix oops for port->pm on uart_change_pm()
    - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
      interfaces.
    - cifs: Release folio lock on fscache read hit.
    - virtio-net: Zero max_tx_vq field for VIRTIO_NET_CTRL_MQ_HASH_CONFIG case
    - arm64: dts: rockchip: Fix Wifi/Bluetooth on ROCK Pi 4 boards
    - blk-crypto: dynamically allocate fallback profile
    - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
    - mmc: block: Fix in_flight[issue_type] value error
    - drm/qxl: fix UAF on handle creation
    - drm/i915/sdvo: fix panel_type initialization
    - drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7
    - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG
    - drm/amd/display: disable RCO for DCN314
    - zsmalloc: allow only one active pool compaction context
    - sched/fair: unlink misfit task from cpu overutilized
    - sched/fair: Remove capacity inversion detection
    - drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV
      register
    - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
      state
    - arm64/ptrace: Ensure that SME is set up for target when writing SSVE state
    - drm/amdgpu: keep irq count in amdgpu_irq_disable_all
    - drm/nouveau/disp: fix use-after-free in error handling of
      nouveau_connector_create
    - net: fix the RTO timer retransmitting skb every 1ms if linear option is
      enabled
    - mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
    - rust: macros: vtable: fix `HAS_*` redefinition (`gen_const_name`)
    - media: mtk-jpeg: Set platform driver data earlier
    - xfrm: delete offloaded policy
    - xfrm: don't skip free of empty state in acquire policy
    - ARM: dts: imx: Set default tuning step for imx7d usdhc
    - smb: client: fix null auth
    - mmc: sunplus: fix return value check of mmc_add_host()
    - Upstream stable to v6.1.47, v6.4.12
  * Lunar update: upstream stable patchset 2023-10-10 (LP: #2038969)
    - tpm: Disable RNG for all AMD fTPMs
    - tpm: Add a helper for checking hwrng enabled
    - ksmbd: validate command request size
    - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
    - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()
    - wifi: rtw89: fix 8852AE disconnection caused by RX full flags
    - selftests: forwarding: Set default IPv6 traceroute utility
    - wireguard: allowedips: expand maximum node depth
    - mmc: moxart: read scr register without changing byte order
    - ipv6: adjust ndisc_is_useropt() to also return true for PIO
    - selftests: mptcp: join: fix 'delete and re-add' test
    - selftests: mptcp: join: fix 'implicit EP' test
    - mptcp: avoid bogus reset on fallback close
    - mptcp: fix disconnect vs accept race
    - dmaengine: pl330: Return DMA_PAUSED when transaction is paused
    - net: mana: Fix MANA VF unload when hardware is unresponsive
    - riscv/kexec: load initrd high in available memory
    - riscv,mmio: Fix readX()-to-delay() ordering
    - riscv/kexec: handle R_RISCV_CALL_PLT relocation type
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G
    - drm/nouveau/gr: enable memory loads on helper invocation on all channels
    - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues
    - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
    - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()
    - drm/amd/display: check attr flag before set cursor degamma on DCN3+
    - drm/amd/display: limit DPIA link rate to HBR3
    - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology
    - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100
    - radix tree test suite: fix incorrect allocation size for pthreads
    - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
    - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings
    - drm/amd/pm: expose swctf threshold setting for legacy powerplay
    - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock
      settings
    - drm/amd/pm: avoid unintentional shutdown due to temperature momentary
      fluctuation
    - io_uring: correct check for O_TMPFILE
    - iio: cros_ec: Fix the allocation size for cros_ec_command
    - iio: frequency: admv1013: propagate errors from regulator_get_voltage()
    - iio: adc: ad7192: Fix ac excitation feature
    - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match
    - binder: fix memory leak in binder_init()
    - misc: rtsx: judge ASPM Mode to set PETXCFG Reg
    - usb-storage: alauda: Fix uninit-value in alauda_check_media()
    - usb: dwc3: Properly handle processing of pending events
    - USB: Gadget: core: Help prevent panic during UVC unconfigure
    - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none
    - usb: typec: tcpm: Fix response to vsafe0V event
    - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment
    - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
    - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines
    - x86/sev: Do not try to parse for the CC blob on non-AMD hardware
    - x86/speculation: Add cpu_show_gds() prototype
    - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
    - iio: core: Prevent invalid memory access when there is no parent
    - interconnect: qcom: Add support for mask-based BCMs
    - interconnect: qcom: sm8450: add enable_mask for bcm nodes
    - selftests/rseq: Fix build with undefined __weak
    - selftests: forwarding: Add a helper to skip test when using veth pairs
    - selftests: forwarding: ethtool: Skip when using veth pairs
    - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs
    - selftests: forwarding: hw_stats_l3_gre: Skip when using veth pairs
    - selftests: forwarding: Skip test when no interfaces are specified
    - selftests: forwarding: Switch off timeout
    - selftests: forwarding: tc_flower: Relax success criterion
    - net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
    - bpf, sockmap: Fix map type error in sock_map_del_link
    - bpf, sockmap: Fix bug that strp_done cannot be called
    - mISDN: Update parameter type of dsp_cmx_send()
    - macsec: use DEV_STATS_INC()
    - mptcp: fix the incorrect judgment for msk->cb_flags
    - net/packet: annotate data-races around tp->status
    - tcp: add missing family to tcp_set_ca_state() tracepoint
    - tunnels: fix kasan splat when generating ipv4 pmtu error
    - xsk: fix refcount underflow in error path
    - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
    - dccp: fix data-race around dp->dccps_mss_cache
    - drivers: net: prevent tun_build_skb() to exceed the packet size limit
    - drivers: vxlan: vnifilter: free percpu vni stats on error path
    - iavf: fix potential races for FDIR filters
    - IB/hfi1: Fix possible panic during hotplug remove
    - drm/rockchip: Don't spam logs in atomic check
    - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
    - RDMA/umem: Set iova in ODP flow
    - net: tls: avoid discarding data on record close
    - net: marvell: prestera: fix handling IPv4 routes with nhid
    - net: phy: at803x: remove set/get wol callbacks for AR8032
    - net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on
      driver remove
    - net: hns3: refactor hclge_mac_link_status_wait for interface reuse
    - net: hns3: add wait until mac link down
    - net: hns3: fix deadlock issue when externel_lb and reset are executed
      together
    - nexthop: Fix infinite nexthop dump when using maximum nexthop ID
    - nexthop: Make nexthop bucket dump more efficient
    - nexthop: Fix infinite nexthop bucket dump when using maximum nexthop ID
    - net: hns3: fix strscpy causing content truncation issue
    - dmaengine: mcf-edma: Fix a potential un-allocated memory access
    - dmaengine: owl-dma: Modify mismatched function name
    - net/mlx5: Allow 0 for total host VFs
    - net/mlx5: LAG, Check correct bucket when modifying LAG
    - net/mlx5: Skip clock update work when device is in error state
    - net/mlx5: Reload auxiliary devices in pci error handlers
    - ibmvnic: Enforce stronger sanity checks on login response
    - ibmvnic: Unmap DMA login rsp buffer on send login fail
    - ibmvnic: Handle DMA unmapping of login buffs in release functions
    - ibmvnic: Do partial reset on login failure
    - ibmvnic: Ensure login failure recovery is safe from other resets
    - gpio: ws16c48: Fix off-by-one error in WS16C48 resource region extent
    - gpio: sim: mark the GPIO chip as a one that can sleep
    - btrfs: wait for actual caching progress during allocation
    - btrfs: don't stop integrity writeback too early
    - btrfs: properly clear end of the unreserved range in cow_file_range
    - btrfs: exit gracefully if reloc roots don't match
    - btrfs: reject invalid reloc tree root keys with stack dump
    - btrfs: set cache_block_group_error if we find an error
    - nvme-tcp: fix potential unbalanced freeze & unfreeze
    - nvme-rdma: fix potential unbalanced freeze & unfreeze
    - netfilter: nf_tables: report use refcount overflow
    - scsi: core: Fix legacy /proc parsing buffer overflow
    - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
    - scsi: ufs: renesas: Fix private allocation
    - scsi: 53c700: Check that command slot is not NULL
    - scsi: snic: Fix possible memory leak if device_add() fails
    - scsi: core: Fix possible memory leak if device_add() fails
    - scsi: fnic: Replace return codes in fnic_clean_pending_aborts()
    - scsi: qedi: Fix firmware halt over suspend and resume
    - scsi: qedf: Fix firmware halt over suspend and resume
    - platform/x86: serial-multi-instantiate: Auto detect IRQ resource for CSC3551
    - ACPI: scan: Create platform device for CS35L56
    - alpha: remove __init annotation from exported page_is_ram()
    - drm/amd/pm/smu7: move variables to where they are used
    - mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
    - cpuidle: psci: Move enabling OSI mode after power domains creation
    - zsmalloc: fix races between modifications of fullness and isolated
    - hugetlb: do not clear hugetlb dtor until allocating vmemmap
    - mm: memory-failure: fix potential unexpected return value from
      unpoison_memory()
    - mm: memory-failure: avoid false hwpoison page mapped error info
    - x86/linkage: Fix typo of BUILD_VDSO in asm/linkage.h
    - selftests: forwarding: bridge_mdb: Check iproute2 version
    - selftests: forwarding: tc_actions: Use ncat instead of nc
    - selftests: forwarding: bridge_mdb: Make test more robust
    - drm/bridge: it6505: Check power state with it6505->powered in IRQ handler
    - drm/nouveau: remove unused tu102_gr_load() function
    - Upstream stable to v6.1.46, v6.4.11
  * Lunar update: upstream stable patchset 2023-10-02 (LP: #2038236)
    - Upstream stable to v6.1.44, v6.4.9
    - net/mlx5: Free irqs only on shutdown callback
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mm-venice-gw7903: disable disp_blk_ctrl
    - arm64: dts: imx8mm-venice-gw7904: disable disp_blk_ctrl
    - arm64: dts: phycore-imx8mm: Label typo-fix of VPU
    - arm64: dts: phycore-imx8mm: Correction in gpio-line-names
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - arm64: dts: freescale: Fix VPU G2 clock
    - firmware: smccc: Fix use of uninitialised results structure
    - lib/bitmap: workaround const_eval test build failure
    - firmware: arm_scmi: Fix chan_free cleanup on SMC
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - erofs: fix wrong primary bvec selection on deduplicated extents
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set
    - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_reserved_mem
    - net: annotate data-race around sk->sk_txrehash
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: annotate data-races around sk->sk_mark
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net: annotate data-races around sk->sk_priority
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - ice: Fix RDMA VSI removal during queue rebuild
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - bnxt_en: Fix page pool logic for page size >= 64K
    - bnxt_en: Fix max_mtu setting for multi-buf XDP
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp_metrics: annotate data-races around tm->tcpm_stamp
    - tcp_metrics: annotate data-races around tm->tcpm_lock
    - tcp_metrics: annotate data-races around tm->tcpm_vals[]
    - tcp_metrics: annotate data-races around tm->tcpm_net
    - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
    - rust: allocator: Prevent mis-aligned allocation
    - scsi: zfcp: Defer fc_rport blocking until after ADISC response
    - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices
    - libceph: fix potential hang in ceph_osdc_notify()
    - USB: zaurus: Add ID for A-300/B-500/C-700
    - ceph: defer stopping mdsc delayed_work
    - firmware: arm_scmi: Drop OF node reference in the transport channel setup
    - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
    - exfat: release s_lock before calling dir_emit()
    - mtd: spinand: toshiba: Fix ecc_get_status
    - mtd: rawnand: meson: fix OOB available bytes for ECC
    - bpf: Disable preemption in bpf_perf_event_output
    - arm64: dts: stratix10: fix incorrect I2C property for SCL signal
    - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
    - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
    - rbd: prevent busy loop when requesting exclusive lock
    - bpf: Disable preemption in bpf_event_output
    - powerpc/ftrace: Create a dummy stackframe to fix stack unwind
    - arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE
    - arm64/fpsimd: Clear SME state in the target task when setting the VL
    - arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems
    - open: make RESOLVE_CACHED correctly test for O_TMPFILE
    - drm/ttm: check null pointer before accessing when swapping
    - drm/i915: Fix premature release of request's reusable memory
    - drm/i915/gt: Cleanup aux invalidation registers
    - clk: imx93: Propagate correct error in imx93_clocks_probe()
    - bpf, cpumap: Make sure kthread is running before map update returns
    - file: reinstate f_pos locking optimization for regular files
    - mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
    - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list()
    - fs/sysv: Null check to prevent null-ptr-deref bug
    - debugobjects: Recheck debug_objects_enabled before reporting
    - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
    - fs: Protect reconfiguration of sb read-write from racing writes
    - ext2: Drop fragment support
    - btrfs: remove BUG_ON()'s in add_new_free_space()
    - io_uring: annotate offset timeout races
    - mtd: rawnand: omap_elm: Fix incorrect type in assignment
    - mtd: rawnand: rockchip: fix oobfree offset and description
    - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts
    - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
    - powerpc/mm/altmap: Fix altmap boundary check
    - drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning
    - drm/amd/display: Ensure that planes are in the same order
    - drm/amd/display: skip CLEAR_PAYLOAD_ID_TABLE if device mst_en is 0
    - selftests/rseq: Play nice with binaries statically linked against glibc
      2.35+
    - arm64/ptrace: Don't enable SVE when setting streaming SVE
    - drm/amdgpu: Use apt name for FW reserved region
    - Revert "drm/i915: Disable DC states for all commits"
    - net/mlx5: Honor user input for migratable port fn attr
    - net/mlx5e: xsk: Fix crash on regular rq reactivation
    - net: stmmac: tegra: Properly allocate clock bulk data
    - net: gro: fix misuse of CB in udp socket lookup
    - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs
    - bnxt: don't handle XDP in netpoll
    - selftest: net: Assert on a proper value in so_incoming_cpu.c.
    - mtd: spinand: winbond: Fix ecc_get_status
    - smb: client: fix dfs link mount against w2k8
    - ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node
    - Upstream stable to v6.1.45, v6.4.10
  * CVE-2023-37453
    - USB: core: Unite old scheme and new scheme descriptor reads
    - USB: core: Change usb_get_device_descriptor() API
    - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

-- Masahiro Yamada <masahiro.yamada@canonical.com>  Tue, 16 Jan 2024 23:08:09 +0900

Changed in linux-gcp-6.2 (Ubuntu Jammy):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-09

description:

updated

Andy Whitcroft (apw) on 2024-02-12

tags:

added: kernel-accept-superseded-binaries

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-02-12

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2024-02-12: Workflow done!

#4

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2024-03-04

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released
description:	updated

Kernel SRU Workflow

jammy/linux-gcp-6.2: 6.2.0-1021.23~22.04.1 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Abi-testing	Fix Released	Medium	Unassigned
Automated-testing	Invalid	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
Kernel-signoff	Fix Released	Undecided	Roxana Nicolescu
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Masahiro Yamada
Prepare-package-generate	Fix Released	Medium	Masahiro Yamada
Prepare-package-lrg	Fix Released	Medium	Masahiro Yamada
Prepare-package-lrm	Fix Released	Medium	Masahiro Yamada
Prepare-package-lrs	Fix Released	Medium	Masahiro Yamada
Prepare-package-meta	Fix Released	Medium	Masahiro Yamada
Prepare-package-signed	Fix Released	Medium	Masahiro Yamada
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Canonical Security Team
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-gcp-6.2 (Ubuntu)
Jammy	Fix Released	Medium	Unassigned