Kernel SRU Workflow

jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker

Series prepare-package-generate
Bug #2026450

Bug #2026450 reported by Thadeu Lima de Souza Cascardo on 2023-07-07

This bug affects 1 person

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Invalid	Medium	Canonical Kernel Team
Boot-testing	Fix Released	Medium	Unassigned
Certification-testing	Invalid	Medium	Unassigned
New-review	Fix Released	Medium	Andy Whitcroft
Prepare-package	Fix Released	Medium	Tim Gardner
Prepare-package-generate	Fix Released	Medium	Tim Gardner
Prepare-package-lrg	Fix Released	Medium	Tim Gardner
Prepare-package-lrm	Fix Released	Medium	Tim Gardner
Prepare-package-lrs	Fix Released	Medium	Tim Gardner
Prepare-package-meta	Fix Released	Medium	Tim Gardner
Prepare-package-signed	Fix Released	Medium	Tim Gardner
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Ubuntu Stable Release Updates Team
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Tim Gardner
canonical-signing-jobs
Task00	Fix Released	Medium	Andy Whitcroft
linux-aws-5.19 (Ubuntu)
Jammy	Fix Released	Medium	Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
built:
  from: f5d77cd4140e8f8a
  route-entry: 2
delta:
  promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
  promote-to-security: []
  promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
  boot-testing-requested: true
  proposed-announcement-sent: true
  proposed-testing-requested: true
  stream-from-cycle: true
issue: KSRU-8369
kernel-stable-master-bug: 2026456
packages:
  generate: linux-generate-aws-5.19
  lrg: linux-restricted-generate-aws-5.19
  lrm: linux-restricted-modules-aws-5.19
  lrs: linux-restricted-signatures-aws-5.19
  main: linux-aws-5.19
  meta: linux-meta-aws-5.19
  signed: linux-signed-aws-5.19
phase: Complete
phase-changed: Monday, 24. July 2023 21:09 UTC
reason: {}
synthetic:
  :promote-to-as-proposed: Invalid
variant: debs
versions:
  lrm: 5.19.0-1029.30~22.04.1
  main: 5.19.0-1029.30~22.04.1
  meta: 5.19.0.1029.30~22.04.13
  signed: 5.19.0-1029.30~22.04.1
~~:
  clamps:
    new-review: f5d77cd4140e8f8a
    promote-to-proposed: f5d77cd4140e8f8a
    self: 5.19.0-1029.30~22.04.1
    sru-review: f5d77cd4140e8f8a

See original description

Tags:

CVE References

Thadeu Lima de Souza Cascardo (cascardo) on 2023-07-07

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-s2023.06.12-1
description:	updated
tags:	added: kernel-sru-derivative-of-2026456
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-07

Changed in linux-aws-5.19 (Ubuntu Jammy):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged
description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

tags:	added: kernel-jira-issue-ksru-8369
tags:	added: kernel-jira-issue-ksru-8404
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

tags:

added: kernel-jira-issue-ksru-8649
removed: kernel-jira-issue-ksru-8369

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

description:	updated
tags:	added: kernel-jira-issue-ksru-8369 removed: kernel-jira-issue-ksru-8404

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-11

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-12

description:

updated

Tim Gardner (timg-tpi) on 2023-07-13

summary:

- jammy/linux-aws-5.19: <version to be filled> -proposed tracker
+ jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Tim Gardner (timg-tpi) on 2023-07-13

summary:

- jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker
+ jammy/linux-aws-5.19: 5.19.0-1028.29~22.04.2 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Tim Gardner (timg-tpi) on 2023-07-13

summary:

- jammy/linux-aws-5.19: 5.19.0-1028.29~22.04.2 -proposed tracker
+ jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-13

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:	updated
description:	updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-15

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-15

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2023-07-17:

VT: All cloud specific bugs verified. Tagging as passed.

tags:

added: verification-testing-passed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-17

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-18

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-07-24:

Download full text (245.7 KiB)

This bug was fixed in the package linux-aws-5.19 - 5.19.0-1029.30~22.04.1

---------------
linux-aws-5.19 (5.19.0-1029.30~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker
(LP: #2026450)

  * CVE-2023-2640 // CVE-2023-32629
    - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
      ovl_do_(set|remove)xattr"
    - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
      trusted.overlayfs.* xattrs"
    - SAUCE: overlayfs: default to userxattr when mounted from non initial user
      namespace

* CVE-2023-35001
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval

* CVE-2023-31248
- netfilter: nf_tables: do not ignore genmask when looking up chain by id

* CVE-2023-3389
- io_uring: hold uring mutex around poll removal

* CVE-2023-3390
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

* CVE-2023-3141
- memstick: r592: Fix UAF bug in r592_remove due to race condition

* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb

* CVE-2022-48502
- fs/ntfs3: Check fields while reading

* Packaging resync (LP: #1786013)
- [Packaging] update update.conf

linux-aws-5.19 (5.19.0-1028.29~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1028.29~22.04.1 -proposed tracker
(LP: #2024028)

[ Ubuntu: 5.19.0-1028.29 ]

  * kinetic/linux-aws: 5.19.0-1028.29 -proposed tracker (LP: #2024029)
  * kinetic/linux: 5.19.0-46.47 -proposed tracker (LP: #2024043)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
  * CVE-2023-2430
    - io_uring/msg_ring: fix missing lock on overflow for IOPOLL
  * cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
    - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
  * Some INVLPG implementations can leave Global translations unflushed when
    PCIDs are enabled (LP: #2023220)
    - x86/mm: Avoid incomplete Global INVLPG flushes
  * kinetic/linux: 5.19.0-45.46 -proposed tracker (LP: #2023057)
  * Kinetic update: upstream stable patchset 2023-05-23 (LP: #2020599)
    - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"

linux-aws-5.19 (5.19.0-1027.28~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1027.28~22.04.1 -proposed tracker
(LP: #2019810)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis

[ Ubuntu: 5.19.0-1027.28 ]

This bug was fixed in the package linux-aws-5.19 - 5.19.0-1029.30~22.04.1

---------------
linux-aws-5.19 (5.19.0-1029.30~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1029.30~22.04.1 -proposed tracker
    (LP: #2026450)

* CVE-2023-35001
    - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval

* CVE-2023-31248
    - netfilter: nf_tables: do not ignore genmask when looking up chain by id

* CVE-2023-3389
    - io_uring: hold uring mutex around poll removal

* CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

* CVE-2023-3141
    - memstick: r592: Fix UAF bug in r592_remove due to race condition

* CVE-2023-3090
    - ipvlan:Fix out-of-bounds caused by unclear skb->cb

* CVE-2022-48502
    - fs/ntfs3: Check fields while reading

* Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

linux-aws-5.19 (5.19.0-1028.29~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1028.29~22.04.1 -proposed tracker
    (LP: #2024028)

[ Ubuntu: 5.19.0-1028.29 ]

linux-aws-5.19 (5.19.0-1027.28~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1027.28~22.04.1 -proposed tracker
    (LP: #2019810)

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis

[ Ubuntu: 5.19.0-1027.28 ]

* kinetic/linux-aws: 5.19.0-1027.28 -proposed tracker (LP: #2019811)
  * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
    - [Config]: Assume PCI_MESON disabled in annotations
  * kinetic/linux: 5.19.0-44.45 -proposed tracker (LP: #2019827)
  * Linux 5.19 amdgpu: NULL pointer on GCN2 and invalid load on GCN1
    (LP: #2018470)
    - drm/amdgpu: Fix for BO move issue
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * conntrack mark is not advertised via netlink (LP: #2016269)
    - netfilter: ctnetlink: revert to dumping mark regardless of event type
  * 5.19 not reporting cgroups v1 blkio.throttle.io_serviced  (LP: #2016186)
    - SAUCE: blk-throttle: Fix io statistics for cgroup v1
  * [SRU] Backport request for hpwdt from upstream 6.1 to Jammy (LP: #2008751)
    - watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems.
    - watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
    - [Config] Add arm64 option to CONFIG_HP_WATCHDOG
  * vmwgfx fails to reserve graphics buffer on aarch64 leading to blank display
    (LP: #2007001)
    - SAUCE: Revert "video/aperture: Disable and unregister sysfb devices via
      aperture helpers"
  * Ubuntu 22.04 raise abnormal NIC MSI-X requests with larger CPU cores (256)
    (LP: #2012335)
    - ice: Allow operation with reduced device MSI-X
  * Dell: Enable speaker mute hotkey LED indicator (LP: #2015972)
    - platform/x86: dell-laptop: Register ctl-led for speaker-mute
  * [SRU]With "Performance per Watt (DAPC)" enabled in the BIOS, Bootup time is
    taking longer than expected (LP: #2008527)
    - cpufreq: ACPI: Defer setting boost MSRs
  * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
    - [Config] arm64: Enable PCI_MESON module
  * Kinetic update: upstream stable patchset 2023-05-08 (LP: #2018948)
    - HID: asus: use spinlock to protect concurrent accesses
    - HID: asus: use spinlock to safely schedule workers
    - powerpc/mm: Rearrange if-else block to avoid clang warning
    - ARM: OMAP2+: Fix memory leak in realtime_counter_init()
    - arm64: dts: qcom: qcs404: use symbol names for PCIe resets
    - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
    - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
    - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
    - arm64: dts: imx8m: Align SoC unique ID node unit address
    - ARM: zynq: Fix refcount leak in zynq_early_slcr_init
    - arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
    - arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
    - arm64: dts: qcom: sc7180: correct SPMI bus address cells
    - arm64: dts: qcom: sc7280: correct SPMI bus address cells
    - arm64: dts: meson-gx: Fix Ethernet MAC address unit name
    - arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
    - arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
    - arm64: dts: msm8992-bullhead: add memory hole region
    - arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size
    - arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem
    - arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
    - arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY
    - arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges
    - arm64: dts: qcom: ipq8074: fix Gen3 PCIe node
    - arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names
    - arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
    - ARM: OMAP1: call platform_device_put() in error case in
      omap1_dm_timer_init()
    - ARM: bcm2835_defconfig: Enable the framebuffer
    - ARM: s3c: fix s3c64xx_set_timer_source prototype
    - arm64: dts: ti: k3-j7200: Fix wakeup pinmux range
    - ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
    - ARM: imx: Call ida_simple_remove() for ida_simple_get
    - arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
    - arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
    - arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
    - arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names
      property
    - arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
    - arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node
      name
    - arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name
    - arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names
    - arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
    - arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name
    - arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
    - locking/rwsem: Disable preemption in all down_read*() and up_read() code
      paths
    - arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
    - arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
    - ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
    - ARM: dts: imx7s: correct iomuxc gpr mux controller cells
    - arm64: dts: mt8192: Fix CPU map for single-cluster SoC
    - arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
    - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
    - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
    - blk-mq: correct stale comment of .get_budget
    - arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM
      and MPSS memory regions
    - s390/dasd: Fix potential memleak in dasd_eckd_init()
    - sched/rt: pick_next_rt_entity(): check list_entry
    - x86/perf/zhaoxin: Add stepping check for ZXC
    - KEYS: asymmetric: Fix ECDSA use via keyctl uapi
    - arm64: dts: qcom: pmk8350: Specify PBS register for PON
    - arm64: dts: qcom: pmk8350: Use the correct PON compatible
    - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
    - wifi: rsi: Fix memory leak in rsi_coex_attach()
    - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: fix memory leak in lbs_init_adapter()
    - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: rtlwifi: Fix global-out-of-bounds bug in
      _rtl8812ae_phy_set_txpower_limit()
    - libbpf: Fix btf__align_of() by taking into account field offsets
    - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
    - wifi: ipw2200: fix memory leak in ipw_wdev_init()
    - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
    - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
    - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
    - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
    - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
    - crypto: x86/ghash - fix unaligned access in ghash_setkey()
    - ACPICA: Drop port I/O validation for some regions
    - genirq: Fix the return type of kstat_cpu_irqs_sum()
    - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
    - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
    - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
    - lib/mpi: Fix buffer overrun when SG is too long
    - crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
    - ACPICA: nsrepair: handle cases without a return value correctly
    - thermal/drivers/tsens: Drop msm8976-specific defines
    - thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
    - thermal/drivers/tsens: fix slope values for msm8939
    - thermal/drivers/tsens: limit num_sensors to 9 for msm8939
    - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
    - wifi: orinoco: check return value of hermes_write_wordrec()
    - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback
      function
    - ath9k: htc: clean up statistics macros
    - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
    - wifi: ath9k: Fix potential stack-out-of-bounds write in
      ath9k_wmi_rsp_callback()
    - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
    - wifi: cfg80211: Fix extended KCK key length check in
      nl80211_set_rekey_data()
    - ACPI: battery: Fix missing NUL-termination with large strings
    - crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
    - crypto: essiv - Handle EBUSY correctly
    - crypto: seqiv - Handle EBUSY correctly
    - powercap: fix possible name leak in powercap_register_zone()
    - x86/microcode: Print previous version of microcode after reload
    - x86/microcode: Add a parameter to microcode_check() to store CPU
      capabilities
    - x86/microcode: Check CPU capabilities after late microcode update correctly
    - x86/microcode: Adjust late loading result reporting message
    - crypto: xts - Handle EBUSY correctly
    - leds: led-class: Add missing put_device() to led_put()
    - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware
    - bpftool: profile online CPUs instead of possible
    - net/mlx5: Enhance debug print in page allocation failure
    - irqchip: Fix refcount leak in platform_irqchip_probe
    - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
    - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
    - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
    - s390/mem_detect: fix detect_memory() error handling
    - s390/vmem: fix empty page tables cleanup under KASAN
    - net: add sock_init_data_uid()
    - tun: tun_chr_open(): correctly initialize socket uid
    - tap: tap_open(): correctly initialize socket uid
    - OPP: fix error checking in opp_migrate_dentry()
    - Bluetooth: L2CAP: Fix potential user-after-free
    - Bluetooth: hci_qca: get wakeup status from serdev device handle
    - s390/ap: fix status returned by ap_aqic()
    - s390/ap: fix status returned by ap_qact()
    - libbpf: Fix alen calculation in libbpf_nla_dump_errormsg()
    - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
    - crypto: rsa-pkcs1pad - Use akcipher_request_complete
    - m68k: /proc/hardware should depend on PROC_FS
    - RISC-V: time: initialize hrtimer based broadcast clock event device
    - wifi: iwl3945: Add missing check for create_singlethread_workqueue
    - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
    - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
    - selftests/bpf: Fix out-of-srctree build
    - ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models
    - ACPI: resource: Do IRQ override on all TongFang GMxRGxx
    - crypto: crypto4xx - Call dma_unmap_page when done
    - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
    - thermal/drivers/hisi: Drop second sensor hi3660
    - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
      bus error
    - bpf: Fix global subprog context argument resolution logic
    - irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts
    - irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts
    - selftests/net: Interpret UDP_GRO cmsg data as an int value
    - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
    - net: bcmgenet: fix MoCA LED control
    - sefltests: netdevsim: wait for devlink instance after netns removal
    - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
    - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
    - drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec
    - [Config] updateconfigs for DRM_MXSFB
    - drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
    - drm/bridge: megachips: Fix error handling in i2c_register_driver()
    - drm/vkms: Fix memory leak in vkms_init()
    - drm/vkms: Fix null-ptr-deref in vkms_release()
    - drm/vc4: dpi: Add option for inverting pixel clock and output enable
    - drm/vc4: dpi: Fix format mapping for RGB565
    - drm: tidss: Fix pixel format definition
    - gpu: ipu-v3: common: Add of_node_put() for reference returned by
      of_graph_get_port_by_id()
    - hwmon: (ftsteutates) Fix scaling of measurements
    - drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
    - pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
    - pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
    - pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
    - drm/vc4: hvs: Set AXI panic modes
    - drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
    - drm/vc4: hdmi: Correct interlaced timings again
    - drm/msm: clean event_thread->worker in case of an error
    - scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription
    - scsi: qla2xxx: Fix exchange oversubscription
    - scsi: qla2xxx: Fix exchange oversubscription for management commands
    - ASoC: fsl_sai: initialize is_dsp_mode flag
    - drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
    - ALSA: hda/ca0132: minor fix for allocation size
    - drm/msm/gem: Add check for kmalloc
    - drm/msm/dpu: Disallow unallocated resources to be returned
    - drm/bridge: lt9611: fix sleep mode setup
    - drm/bridge: lt9611: fix HPD reenablement
    - drm/bridge: lt9611: fix polarity programming
    - drm/bridge: lt9611: fix programming of video modes
    - drm/bridge: lt9611: fix clock calculation
    - drm/bridge: lt9611: pass a pointer to the of node
    - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
    - drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags
    - drm/msm/dsi: Allow 2 CTRLs on v2.5.0
    - drm/msm: use strscpy instead of strncpy
    - drm/msm/dpu: Add check for cstate
    - drm/msm/dpu: Add check for pstates
    - drm/msm/mdp5: Add check for kzalloc
    - pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback()
    - pinctrl: mediatek: Initialize variable pullen and pullup to zero
    - pinctrl: mediatek: Initialize variable *buf to zero
    - gpu: host1x: Don't skip assigning syncpoints to channels
    - drm/tegra: firewall: Check for is_addr_reg existence in IMM check
    - drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update()
    - drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
    - drm/mediatek: Use NULL instead of 0 for NULL pointer
    - drm/mediatek: Drop unbalanced obj unref
    - drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
    - drm/mediatek: Clean dangling pointer on bind error path
    - ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
    - gpio: vf610: connect GPIO label to dev name
    - spi: dw_bt1: fix MUX_MMIO dependencies
    - ASoC: mchp-spdifrx: fix controls which rely on rsr register
    - ASoC: mchp-spdifrx: fix return value in case completion times out
    - ASoC: mchp-spdifrx: fix controls that works with completion mechanism
    - ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
    - ASoC: rsnd: fixup #endif position
    - ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
    - ASoC: dt-bindings: meson: fix gx-card codec node regex
    - hwmon: (ltc2945) Handle error case in ltc2945_value_store
    - drm/amdgpu: fix enum odm_combine_mode mismatch
    - scsi: mpt3sas: Fix a memory leak
    - scsi: aic94xx: Add missing check for dma_map_single()
    - HID: multitouch: Add quirks for flipped axes
    - HID: retain initial quirks set up when creating HID devices
    - ASoC: codecs: lpass: fix incorrect mclk rate
    - spi: bcm63xx-hsspi: Fix multi-bit mode setting
    - hwmon: (mlxreg-fan) Return zero speed for broken fan
    - ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init
    - dm: remove flush_scheduled_work() during local_exit()
    - nfs4trace: fix state manager flag printing
    - NFS: fix disabling of swap
    - spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
    - ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
    - HID: bigben: use spinlock to protect concurrent accesses
    - HID: bigben_worker() remove unneeded check on report_field
    - HID: bigben: use spinlock to safely schedule workers
    - hid: bigben_probe(): validate report count
    - drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt()
    - nfsd: fix race to check ls_layouts
    - cifs: Fix lost destroy smbd connection when MR allocate failed
    - cifs: Fix warning and UAF when destroy the MR list
    - gfs2: jdata writepage fix
    - perf llvm: Fix inadvertent file creation
    - leds: led-core: Fix refcount leak in of_led_get()
    - perf inject: Use perf_data__read() for auxtrace
    - perf intel-pt: Do not try to queue auxtrace data on pipe
    - perf tools: Fix auto-complete on aarch64
    - sparc: allow PM configs for sparc32 COMPILE_TEST
    - printf: fix errname.c list
    - objtool: add UACCESS exceptions for __tsan_volatile_read/write
    - mfd: cs5535: Don't build on UML
    - mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
    - dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0
    - [Config] updateconfigs for HISI_DMA
    - dmaengine: HISI_DMA should depend on ARCH_HISI
    - iio: light: tsl2563: Do not hardcode interrupt trigger type
    - usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
    - i2c: designware: fix i2c_dw_clk_rate() return size to be u32
    - soundwire: cadence: Don't overflow the command FIFOs
    - driver core: fix potential null-ptr-deref in device_add()
    - kobject: modify kobject_get_path() to take a const *
    - kobject: Fix slab-out-of-bounds in fill_kobj_path()
    - alpha/boot/tools/objstrip: fix the check for ELF header
    - media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible()
    - coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR
    - coresight: cti: Prevent negative values of enable count
    - coresight: cti: Add PM runtime call in enable_store
    - ACPI: resource: Add helper function acpi_dev_get_memory_resources()
    - usb: typec: intel_pmc_mux: Use the helper acpi_dev_get_memory_resources()
    - usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count
    - PCI/IOV: Enlarge virtfn sysfs name buffer
    - PCI: switchtec: Return -EFAULT for copy_to_user() errors
    - tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
    - tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown()
    - serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
    - Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in
      set_protocol"
    - eeprom: idt_89hpesx: Fix error handling in idt_init()
    - applicom: Fix PCI device refcount leak in applicom_init()
    - firmware: stratix10-svc: add missing gen_pool_destroy() in
      stratix10_svc_drv_probe()
    - VMCI: check context->notify_page after call to get_user_pages_fast() to
      avoid GPF
    - misc/mei/hdcp: Use correct macros to initialize uuid_le
    - driver core: fix resource leak in device_add()
    - drivers: base: transport_class: fix possible memory leak
    - drivers: base: transport_class: fix resource leak when
      transport_add_device() fails
    - firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
    - fotg210-udc: Add missing completion handler
    - dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
    - usb: early: xhci-dbc: Fix a potential out-of-bound memory access
    - tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
    - RDMA/cxgb4: add null-ptr-check after ip_dev_find()
    - usb: musb: mediatek: don't unregister something that wasn't registered
    - usb: gadget: configfs: Restrict symlink creation is UDC already binded
    - iommu/vt-d: Set No Execute Enable bit in PASID table entry
    - power: supply: remove faulty cooling logic
    - RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()
    - usb: max-3421: Fix setting of I/O pins
    - RDMA/irdma: Cap MSIX used to online CPUs + 1
    - serial: fsl_lpuart: fix RS485 RTS polariy inverse issue
    - tty: serial: imx: Handle RS485 DE signal active high
    - tty: serial: imx: disable Ageing Timer interrupt request irq
    - dmaengine: dw-edma: Fix readq_ch() return value truncation
    - phy: rockchip-typec: fix tcphy_get_mode error case
    - iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
    - iommu: Fix error unwind in iommu_group_alloc()
    - dmaengine: sf-pdma: pdma_desc memory leak fix
    - dmaengine: dw-axi-dmac: Do not dereference NULL structure
    - iommu/vt-d: Fix error handling in sva enable/disable paths
    - iommu/vt-d: Allow to use flush-queue when first level is default
    - IB/hfi1: Fix math bugs in hfi1_can_pin_pages()
    - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
    - remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
    - media: ti: cal: fix possible memory leak in cal_ctx_create()
    - media: platform: ti: Add missing check for devm_regulator_get
    - powerpc: Remove linker flag from KBUILD_AFLAGS
    - s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64
    - builddeb: clean generated package content
    - media: max9286: Fix memleak in max9286_v4l2_register()
    - media: ov2740: Fix memleak in ov2740_init_controls()
    - media: ov5675: Fix memleak in ov5675_init_controls()
    - media: i2c: ov772x: Fix memleak in ov772x_probe()
    - media: i2c: imx219: Split common registers from mode tables
    - media: i2c: imx219: Fix binning for RAW8 capture
    - media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
    - media: v4l2-jpeg: ignore the unknown APP14 marker
    - media: imx-jpeg: Apply clk_bulk api instead of operating specific clk
    - media: i2c: ov7670: 0 instead of -EINVAL was returned
    - media: usb: siano: Fix use after free bugs caused by do_submit_urb
    - media: saa7134: Use video_unregister_device for radio_dev
    - rpmsg: glink: Avoid infinite loop on intent for missing channel
    - udf: Define EFSCORRUPTED error code
    - ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
    - blk-iocost: fix divide by 0 error in calc_lcoefs()
    - trace/blktrace: fix memory leak with using debugfs_lookup()
    - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
    - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()
    - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
    - rcu: Suppress smp_processor_id() complaint in
      synchronize_rcu_expedited_wait()
    - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
    - wifi: ath11k: debugfs: fix to work with multiple PCI devices
    - thermal: intel: Fix unsigned comparison with less than zero
    - timers: Prevent union confusion from unexpected restart_syscall()
    - x86/bugs: Reset speculation control settings on init
    - wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-
      of-bounds
    - wifi: mt7601u: fix an integer underflow
    - inet: fix fast path in __inet_hash_connect()
    - ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB
    - ice: add missing checks for PF vsi type
    - ACPI: Don't build ACPICA with '-Os'
    - thermal: intel: intel_pch: Add support for Wellsburg PCH
    - clocksource: Suspend the watchdog temporarily when high read latency
      detected
    - crypto: hisilicon: Wipe entire pool on error
    - net: bcmgenet: Add a check for oversized packets
    - m68k: Check syscall_trace_enter() return code
    - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj()
    - tools/power/x86/intel-speed-select: Add Emerald Rapid quirk
    - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
    - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
    - net/mlx5: fw_tracer: Fix debug print
    - coda: Avoid partial allocation of sig_inputArgs
    - uaccess: Add minimum bounds check on kernel buffer size
    - s390/idle: mark arch_cpu_idle() noinstr
    - time/debug: Fix memory leak with using debugfs_lookup()
    - PM: domains: fix memory leak with using debugfs_lookup()
    - PM: EM: fix memory leak with using debugfs_lookup()
    - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
    - hv_netvsc: Check status in SEND_RNDIS_PKT completion message
    - scm: add user copy checks to put_cmsg()
    - drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h
      write
    - drm/amd/display: Fix potential null-deref in dm_resume
    - drm/omap: dsi: Fix excessive stack usage
    - HID: Add Mapping for System Microphone Mute
    - drm/tiny: ili9486: Do not assume 8-bit only SPI controllers
    - drm/radeon: free iio for atombios when driver shutdown
    - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
    - Revert "fbcon: don't lose the console font across generic->chip driver
      switch"
    - drm: amd: display: Fix memory leakage
    - drm/msm/dsi: Add missing check for alloc_ordered_workqueue
    - docs/scripts/gdb: add necessary make scripts_gdb step
    - ASoC: soc-compress: Reposition and add pcm_mutex
    - ASoC: kirkwood: Iterate over array indexes instead of using pointer math
    - regulator: max77802: Bounds check regulator id against opmode
    - regulator: s5m8767: Bounds check id indexing into arrays
    - gfs2: Improve gfs2_make_fs_rw error handling
    - hwmon: (coretemp) Simplify platform device handling
    - pinctrl: at91: use devm_kasprintf() to avoid potential leaks
    - scsi: snic: Fix memory leak with using debugfs_lookup()
    - HID: logitech-hidpp: Don't restart communication if not necessary
    - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
    - dm thin: add cond_resched() to various workqueue loops
    - dm cache: add cond_resched() to various workqueue loops
    - nfsd: zero out pointers after putting nfsd_files on COPY setup error
    - drm/shmem-helper: Revert accidental non-GPL export
    - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
    - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
    - block: don't allow multiple bios for IOCB_NOWAIT issue
    - rtc: pm8xxx: fix set-alarm race
    - ipmi:ssif: resend_msg() cannot fail
    - ipmi_ssif: Rename idle state and check
    - s390/extmem: return correct segment type in __segment_load()
    - s390: discard .interp section
    - s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
    - s390/kprobes: fix current_kprobe never cleared after kprobes reenter
    - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
    - btrfs: hold block group refcount during async discard
    - locking/rwsem: Prevent non-first waiter from spinning in down_write()
      slowpath
    - ksmbd: fix wrong data area length for smb2 lock request
    - ksmbd: do not allow the actual frame length to be smaller than the rfc1002
      length
    - ARM: dts: exynos: correct HDMI phy compatible in Exynos4
    - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
    - fs: hfsplus: fix UAF issue in hfsplus_put_super
    - exfat: fix reporting fs error when reading dir beyond EOF
    - exfat: fix unexpected EOF while reading dir
    - exfat: redefine DIR_DELETED as the bad cluster number
    - exfat: fix inode->i_blocks for non-512 byte sector size device
    - fs: dlm: don't set stop rx flag after node reset
    - fs: dlm: move sending fin message into state change handling
    - fs: dlm: send FIN ack back in right cases
    - f2fs: fix information leak in f2fs_move_inline_dirents()
    - f2fs: fix cgroup writeback accounting with fs-layer encryption
    - ocfs2: fix defrag path triggering jbd2 ASSERT
    - ocfs2: fix non-auto defrag path not working issue
    - selftests/landlock: Skip overlayfs tests when not supported
    - selftests/landlock: Test ptrace as much as possible with Yama
    - udf: Truncate added extents on failed expansion
    - udf: Do not bother merging very long extents
    - udf: Do not update file length for failed writes to inline files
    - udf: Preserve link count of system files
    - udf: Detect system inodes linked into directory hierarchy
    - udf: Fix file corruption when appending just after end of preallocated
      extent
    - RDMA/siw: Fix user page pinning accounting
    - KVM: Destroy target device if coalesced MMIO unregistration fails
    - KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
    - KVM: SVM: Fix potential overflow in SEV's send|receive_update_data()
    - KVM: SVM: hyper-v: placate modpost section mismatch error
    - KVM: s390: disable migration mode when dirty tracking is disabled
    - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows)
    - x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
    - x86/reboot: Disable virtualization in an emergency if SVM is supported
    - x86/reboot: Disable SVM, not just VMX, when stopping CPUs
    - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic
    - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe
      range
    - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter
    - x86/microcode/AMD: Add a @cpu parameter to the reloading functions
    - x86/microcode/AMD: Fix mixed steppings support
    - x86/speculation: Allow enabling STIBP with legacy IBRS
    - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
    - brd: return 0/-error from brd_insert_page()
    - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
    - irqdomain: Fix association race
    - irqdomain: Fix disassociation race
    - irqdomain: Look for existing mapping only once
    - irqdomain: Drop bogus fwspec-mapping error handling
    - irqdomain: Fix domain registration race
    - crypto: qat - fix out-of-bounds read
    - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
    - io_uring: mark task TASK_RUNNING before handling resume/task work
    - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
    - io_uring/rsrc: disallow multi-source reg buffers
    - io_uring: remove MSG_NOSIGNAL from recvmsg
    - io_uring/poll: allow some retries for poll triggering spuriously
    - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
    - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
    - jbd2: fix data missing when reusing bh which is ready to be checkpointed
    - ext4: optimize ea_inode block expansion
    - ext4: refuse to create ea block when umounted
    - mtd: spi-nor: sfdp: Fix index value for SCCR dwords
    - mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
    - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
    - dm: send just one event on resize, not two
    - dm: add cond_resched() to dm_wq_work()
    - wifi: rtl8xxxu: Use a longer retry limit of 48
    - wifi: ath11k: allow system suspend to survive ath11k
    - wifi: cfg80211: Fix use after free for wext
    - qede: fix interrupt coalescing configuration
    - thermal: intel: powerclamp: Fix cur_state for multi package system
    - dm flakey: fix logic when corrupting a bio
    - dm flakey: don't corrupt the zero page
    - dm flakey: fix a bug with 32-bit highmem systems
    - ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
    - ARM: dts: exynos: correct TMU phandle in Exynos4210
    - ARM: dts: exynos: correct TMU phandle in Exynos4
    - ARM: dts: exynos: correct TMU phandle in Odroid XU3 family
    - ARM: dts: exynos: correct TMU phandle in Exynos5250
    - ARM: dts: exynos: correct TMU phandle in Odroid XU
    - ARM: dts: exynos: correct TMU phandle in Odroid HC1
    - fuse: add inode/permission checks to fileattr_get/fileattr_set
    - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
    - ceph: update the time stamps and try to drop the suid/sgid
    - alpha: fix FEN fault handling
    - dax/kmem: Fix leak of memory-hotplug resources
    - mips: fix syscall_get_nr
    - media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
    - remoteproc/mtk_scp: Move clk ops outside send_lock
    - docs: gdbmacros: print newest record
    - mm: memcontrol: deprecate charge moving
    - mm/thp: check and bail out if page in deferred queue already
    - ktest.pl: Give back console on Ctrt^C on monitor
    - ktest.pl: Fix missing "end_monitor" when machine check fails
    - ktest.pl: Add RUN_TIMEOUT option with default unlimited
    - ring-buffer: Handle race between rb_move_tail and rb_check_pages
    - tools/bootconfig: fix single & used for logical condition
    - scsi: qla2xxx: Fix link failure in NPIV environment
    - scsi: qla2xxx: Check if port is online before sending ELS
    - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
    - scsi: qla2xxx: Remove unintended flag clearing
    - scsi: qla2xxx: Fix erroneous link down
    - scsi: qla2xxx: Remove increment of interface err cnt
    - scsi: ses: Don't attach if enclosure has no components
    - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
    - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
    - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
    - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
    - RISC-V: add a spin_shadow_stack declaration
    - riscv: mm: fix regression due to update_mmu_cache change
    - riscv: jump_label: Fixup unaligned arch_static_branch function
    - riscv, mm: Perform BPF exhandler fixup on page fault
    - riscv: ftrace: Remove wasted nops for !RISCV_ISA_C
    - riscv: ftrace: Reduce the detour code size to half
    - MIPS: DTS: CI20: fix otg power gpio
    - PCI/PM: Observe reset delay irrespective of bridge_d3
    - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
    - PCI: Avoid FLR for AMD FCH AHCI adapters
    - iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode
    - vfio/type1: prevent underflow of locked_vm via exec()
    - vfio/type1: track locked_vm per dma
    - vfio/type1: restore locked_vm
    - drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
    - drm/radeon: Fix eDP for single-display iMac11,2
    - drm/edid: fix AVI infoframe aspect ratio handling
    - qede: avoid uninitialized entries in coal_entry array
    - arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY
    - wifi: ath9k: use proper statements in conditionals
    - kbuild: Port silent mode detection to future gnu make.
    - arm64: dts: qcom: sm6350: Fix up the ramoops node
    - arm64: dts: mediatek: mt8192: Fix systimer 13 MHz clock description
    - arm64: dts: mediatek: mt8195: Fix systimer 13 MHz clock description
    - x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC
    - arm64: dts: meson-gxl: jethub-j80: Fix WiFi MAC address node
    - arm64: dts: meson-gxl: jethub-j80: Fix Bluetooth MAC node name
    - arm64: tegra: Fix duplicate regulator on Jetson TX1
    - arm64: dts: mediatek: mt8192: Mark scp_adsp clock as broken
    - arm64: dts: meson: radxa-zero: allow usb otg mode
    - arm64: dts: mt8195: Fix CPU map for single-cluster SoC
    - arm64: dts: mediatek: mt7986: Fix watchdog compatible
    - ARM: dts: stm32: Update part number NVMEM description on stm32mp131
    - blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait
    - blk-mq: Fix potential io hung for shared sbitmap per tagset
    - arm64: dts: qcom: sm8350: drop incorrect cells from serial
    - arm64: dts: qcom: msm8953: correct TLMM gpio-ranges
    - block: Fix io statistics for cgroup in throttle path
    - wifi: mt76: mt7915: add missing of_node_put()
    - wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host
    - wifi: mt76: mt7915: check return value before accessing free_block_num
    - wifi: mt76: mt7915: drop always true condition of __mt7915_reg_addr()
    - wifi: mt76: mt7915: fix unintended sign extension of mt7915_hw_queue_read()
    - wifi: rtw89: 8852c: rfk: correct DACK setting
    - wifi: rtw89: 8852c: rfk: correct DPK settings
    - wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init()
    - libbpf: Fix invalid return address register in s390
    - kselftest/arm64: Fix syscall-abi for systems without 128 bit SME
    - workqueue: Protects wq_unbound_cpumask with wq_pool_attach_mutex
    - s390/early: fix sclp_early_sccb variable lifetime
    - s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue()
    - x86/signal: Fix the value returned by strict_sas_size()
    - wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie()
    - wifi: rtw89: Add missing check for alloc_workqueue
    - s390/bpf: Add expoline to tail calls
    - wifi: iwlwifi: mei: fix compilation errors in rfkill()
    - kselftest/arm64: Fix enumeration of systems without 128 bit SME
    - can: rcar_canfd: Fix R-Car V3U GAFLCFG field accesses
    - wifi: mt76: mt7915: call mt7915_mcu_set_thermal_throttling() only after
      init_work
    - wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit
    - wifi: mt76: add memory barrier to SDIO queue kick
    - cpufreq: davinci: Fix clk use after free
    - net: ipa: generic command param fix
    - crypto: octeontx2 - Fix objects shared between several modules
    - tools/lib/thermal: Fix thermal_sampling_exit()
    - selftests/bpf: Fix map_kptr test.
    - net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()
    - net: lan966x: Fix possible deadlock inside PTP
    - net/mlx4_en: Introduce flexible array to silence overflow warning
    - drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()
    - drm/vc4: hvs: SCALER_DISPBKGND_AUTOHS is only valid on HVS4
    - scsi: qla2xxx: edif: Fix clang warning
    - scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096
    - habanalabs: bugs fixes in timestamps buff alloc
    - dt-bindings: display: mediatek: Fix the fallback for mediatek,mt8186-disp-
      ccorr
    - ASoC: topology: Properly access value coming from topology file
    - regmap: apply reg_base and reg_downshift for single register ops
    - hwmon: (asus-ec-sensors) add missing mutex path
    - [Config] updateconfigs for SND_HDA_CTL_DEV_ID
    - ALSA: hda: Fix the control element identification for multiple codecs
    - ASoC: qcom: q6apm-lpass-dai: unprepare stream if its already prepared
    - ASoC: qcom: q6apm-dai: fix race condition while updating the position
      pointer
    - ASoC: qcom: q6apm-dai: Add SNDRV_PCM_INFO_BATCH flag
    - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
    - NFSD: copy the whole verifier in nfsd_copy_write_verifier
    - cifs: use tcon allocation functions even for dummy tcon
    - tools/tracing/rtla: osnoise_hist: use total duration for average calculation
    - perf test bpf: Skip test if kernel-debuginfo is not present
    - perf record: Fix segfault with --overwrite and --max-size
    - RDMA/hns: Fix refcount leak in hns_roce_mmap
    - mei: pxp: Use correct macros to initialize uuid_le
    - misc: fastrpc: Fix an error handling path in fastrpc_rpmsg_probe()
    - driver core: location: Free struct acpi_pld_info *pld before return false
    - PCI: mt7621: Delay phy ports initialization
    - driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links
    - mtd: mtdpart: Don't create platform device that'll never probe
    - usb: host: fsl-mph-dr-of: reuse device_set_of_node_from_dev
    - PCI: Fix dropping valid root bus resources with .end = zero
    - dmaengine: ptdma: check for null desc before calling pt_cmd_callback
    - RDMA/rxe: Fix missing memory barriers in rxe_queue.h
    - media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in
      imx7_csi_init()
    - media: camss: csiphy-3ph: avoid undefined behavior
    - media: drivers/media/v4l2-core/v4l2-h264 : add detection of null pointers
    - rpmsg: glink: Release driver_override
    - block: clear bio->bi_bdev when putting a bio back in the cache
    - block: be a bit more careful in checking for NULL bdev while polling
    - ipmi: ipmb: Fix the MODULE_PARM_DESC associated to 'retry_time_ms'
    - io_uring: Replace 0-length array with flexible array
    - io_uring: fix fget leak when fs don't support nowait buffered read
    - scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
    - scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()
    - scsi: mpi3mr: Remove unnecessary memcpy() to alltgt_info->dmi
    - ksmbd: fix possible memory leak in smb2_lock()
    - f2fs: fix kernel crash due to null io->bio
    - KVM: VMX: Fix crash due to uninitialized current_vmcs
    - KVM: x86: Purge "highest ISR" cache when updating APICv state
    - KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled
    - KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID
    - KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target
    - virt/sev-guest: Return -EIO if certificate buffer is not large enough
    - ima: fix error handling logic when file measurement failed
    - irqdomain: Refactor __irq_domain_alloc_irqs()
    - irqdomain: Fix mapping-creation race
    - mm/damon/paddr: fix missing folio_put()
    - cxl/pmem: Fix nvdimm registration races
    - cpuidle: add ARCH_SUSPEND_POSSIBLE dependencies
    - hwmon: (peci/cputemp) Fix off-by-one in coretemp_label allocation
    - hwmon: (nct6775) Fix incorrect parenthesization in nct6775_write_fan_div()
    - ARM: dts: qcom: sdx65: Add Qcom SMMU-500 as the fallback for IOMMU node
    - [Config] updateconfigs for HUGETLB_PAGE_OPTIMIZE_VMEMMAP_DEFAULT_ON
    - arm64: mm: hugetlb: Disable HUGETLB_PAGE_OPTIMIZE_VMEMMAP
    - panic: fix the panic_print NMI backtrace setting
    - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list
    - scsi: aacraid: Allocate cmd_priv with scsicmd
    - riscv: Avoid enabling interrupts in die()
    - PCI: Unify delay handling for reset and resume
    - bus: mhi: ep: Only send -ENOTCONN status if client driver is available
    - bus: mhi: ep: Move chan->lock to the start of processing queued ch ring
    - bus: mhi: ep: Save channel state locally during suspend and resume
    - iommu/vt-d: Fix PASID directory pointer coherency
    - vfio/type1: exclude mdevs from VFIO_UPDATE_VADDR
    - drm/i915: Don't use stolen memory for ring buffers with LLC
    - drm/i915: Don't use BAR mappings for ring buffers with LLC
  * CVE-2022-4269
    - act_mirred: use the backlog for nested calls to mirred ingress
    - net/sched: act_mirred: better wording on protection against excessive stack
      growth
  * CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * CVE-2023-1859
    - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
      condition
  * CVE-2023-1670
    - xirc2ps_cs: Fix use after free bug in xirc2ps_detach
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

linux-aws-5.19 (5.19.0-1026.27~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1026.27~22.04.1 -proposed tracker
    (LP: #2019589)

* Packaging resync (LP: #1786013)
    - [Packaging] update variants

[ Ubuntu: 5.19.0-1026.27 ]

* kinetic/linux-aws: 5.19.0-1026.27 -proposed tracker (LP: #2019590)
  * kinetic/linux: 5.19.0-43.44 -proposed tracker (LP: #2019606)
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * CVE-2023-30456
    - KVM: nVMX: add missing consistency checks for CR0 and CR4
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

linux-aws-5.19 (5.19.0-1025.26~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1025.26~22.04.1 -proposed tracker
    (LP: #2016484)

[ Ubuntu: 5.19.0-1025.26 ]

* kinetic/linux-aws: 5.19.0-1025.26 -proposed tracker (LP: #2016485)
  * kinetic/linux: 5.19.0-42.43 -proposed tracker (LP: #2016503)
  *  selftest: fib_tests: Always cleanup before exit  (LP: #2015956)
    - selftest: fib_tests: Always cleanup before exit
  * Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
    - [Debian] autoreconstruct - fix restoration of execute permissions
  * Kinetic update: upstream stable patchset 2023-04-10 (LP: #2015812)
    - drm/etnaviv: don't truncate physical page address
    - wifi: rtl8xxxu: gen2: Turn on the rate control
    - drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink
    - clk: mxl: Switch from direct readl/writel based IO to regmap based IO
    - clk: mxl: Remove redundant spinlocks
    - clk: mxl: Add option to override gate clks
    - clk: mxl: Fix a clk entry by adding relevant flags
    - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
    - clk: mxl: syscon_node_to_regmap() returns error pointers
    - random: always mix cycle counter in add_latent_entropy()
    - KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
    - KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
    - can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
    - powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
    - powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
    - powerpc/64s/radix: Fix RWX mapping with relocated kernel
    - uaccess: Add speculation barrier to copy_from_user()
    - wifi: mwifiex: Add missing compatible string for SD8787
    - audit: update the mailing list in MAINTAINERS
    - ext4: Fix function prototype mismatch for ext4_feat_ktype
    - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
      child qdiscs"
    - bpf: add missing header file include
    - wifi: ath11k: fix warning in dma_free_coherent() of memory chunks while
      recovery
    - sched/psi: Stop relying on timer_pending() for poll_work rescheduling
    - docs: perf: Fix PMU instance name of hisi-pcie-pmu
    - randstruct: disable Clang 15 support
    - ionic: refactor use of ionic_rx_fill()
    - Fix XFRM-I support for nested ESP tunnels
    - arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
    - ARM: dts: rockchip: add power-domains property to dp node on rk3288
    - HID: elecom: add support for TrackBall 056E:011C
    - ACPI: NFIT: fix a potential deadlock during NFIT teardown
    - btrfs: send: limit number of clones and allocated memory size
    - ASoC: rt715-sdca: fix clock stop prepare timeout issue
    - IB/hfi1: Assign npages earlier
    - neigh: make sure used and confirmed times are valid
    - HID: core: Fix deadloop in hid_apply_multiplier.
    - x86/cpu: Add Lunar Lake M
    - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
    - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().
    - vc_screen: don't clobber return value in vcs_read
    - scripts/tags.sh: fix incompatibility with PCRE2
    - usb: dwc3: pci: add support for the Intel Meteor Lake-M
    - USB: serial: option: add support for VW/Skoda "Carstick LTE"
    - usb: gadget: u_serial: Add null pointer check in gserial_resume
    - USB: core: Don't hold device lock while reading the "descriptors" sysfs file
  * Kinetic update: upstream stable patchset 2023-04-06 (LP: #2015511)
    - ARM: dts: imx: Fix pca9547 i2c-mux node name
    - ARM: dts: vf610: Fix pca9548 i2c-mux node names
    - arm64: dts: freescale: Fix pca954x i2c-mux node names
    - arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI
    - firmware: arm_scmi: Clear stale xfer->hdr.status
    - bpf: Skip task with pid=1 in send_signal_common()
    - erofs/zmap.c: Fix incorrect offset calculation
    - blk-cgroup: fix missing pd_online_fn() while activating policy
    - HID: playstation: sanity check DualSense calibration data.
    - dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
    - cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
    - extcon: usbc-tusb320: fix kernel-doc warning
    - net: fix NULL pointer in skb_segment_list
    - net: mctp: purge receive queues on sk destruction
    - firewire: fix memory leak for payload of request subaction to IEC 61883-1
      FCP region
    - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
    - ASoC: Intel: bytcht_es8316: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_rt5640: Drop reference count of ACPI device after use
    - ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
    - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]() helpers
    - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
    - bpf: Fix to preserve reg parent/live fields when copying range info
    - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
    - arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
    - drm/vc4: hdmi: make CEC adapter name unique
    - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
      SCSI_SCAN_TARGET_PRESENT"
    - vhost/net: Clear the pending messages when the backend is removed
    - WRITE is "data source", not destination...
    - READ is "data destination", not source...
    - fix iov_iter_bvec() "direction" argument
    - fix "direction" argument of iov_iter_kvec()
    - ice: Prevent set_channel from changing queues while RDMA active
    - qede: execute xdp_do_flush() before napi_complete_done()
    - virtio-net: execute xdp_do_flush() before napi_complete_done()
    - dpaa_eth: execute xdp_do_flush() before napi_complete_done()
    - dpaa2-eth: execute xdp_do_flush() before napi_complete_done()
    - sfc: correctly advertise tunneled IPv6 segmentation
    - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
    - block, bfq: replace 0/1 with false/true in bic apis
    - block, bfq: fix uaf for bfqq in bic_set_bfqq()
    - netrom: Fix use-after-free caused by accept on already connected socket
    - drm/i915/guc: Fix locking when searching for a hung request
    - drm/i915/adlp: Fix typo for reference clock
    - netfilter: br_netfilter: disable sabotage_in hook after first suppression
    - squashfs: harden sanity check in squashfs_read_xattr_id_table
    - net: phy: meson-gxl: Add generic dummy stubs for MMD register access
    - ip/ip6_gre: Fix changing addr gen mode not generating IPv6 link local
      address
    - ip/ip6_gre: Fix non-point-to-point tunnel not generating IPv6 link local
      address
    - riscv: kprobe: Fixup kernel panic when probing an illegal position
    - igc: return an error if the mac type is unknown in
      igc_ptp_systim_to_hwtstamp()
    - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
    - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
    - selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
    - selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
    - selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
      benchmarking
    - virtio-net: Keep stop() to follow mirror sequence of open()
    - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
    - efi: fix potential NULL deref in efi_mem_reserve_persistent
    - i2c: designware-pci: Add new PCI IDs for AMD NAVI GPU
    - i2c: mxs: suppress probe-deferral error message
    - scsi: target: core: Fix warning on RT kernels
    - perf/x86/intel: Add Emerald Rapids
    - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
    - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
    - i2c: rk3x: fix a bunch of kernel-doc warnings
    - platform/x86: gigabyte-wmi: add support for B450M DS3H WIFI-CF
    - net/x25: Fix to not accept on connected socket
    - drm/amd/display: Fix timing not changning when freesync video is enabled
    - iio: adc: stm32-dfsdm: fill module aliases
    - usb: dwc3: qcom: enable vbus override when in OTG dr-mode
    - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
    - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
    - fbcon: Check font dimension limits
    - net: qrtr: free memory on error path in radix_tree_insert()
    - watchdog: diag288_wdt: do not use stack buffers for hardware data
    - watchdog: diag288_wdt: fix __diag288() inline assembly
    - ALSA: hda/realtek: Add Acer Predator PH315-54
    - efi: Accept version 2 of memory attributes table
    - iio: hid: fix the retval in accel_3d_capture_sample
    - iio: hid: fix the retval in gyro_3d_capture_sample
    - iio: adc: berlin2-adc: Add missing of_node_put() in error path
    - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
    - iio: imu: fxos8700: fix ACCEL measurement range selection
    - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
    - iio: imu: fxos8700: fix IMU data bits returned to user space
    - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
    - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
    - iio: imu: fxos8700: fix incorrect ODR mode readback
    - iio: imu: fxos8700: fix failed initialization ODR mode assignment
    - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
    - iio: imu: fxos8700: fix MAGN sensor scale and unit
    - nvmem: qcom-spmi-sdam: fix module autoloading
    - parisc: Fix return code of pdc_iodc_print()
    - parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case
    - riscv: disable generation of unwind tables
    - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
    - usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints
    - kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()
    - x86/debug: Fix stack recursion caused by wrongly ordered DR7 accesses
    - fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
    - mm/swapfile: add cond_resched() in get_swap_pages()
    - highmem: round down the address passed to kunmap_flush_on_unmap()
    - Squashfs: fix handling and sanity checking of xattr_ids count
    - drm/i915: Fix potential bit_17 double-free
    - nvmem: core: initialise nvmem->id early
    - nvmem: core: remove nvmem_config wp_gpio
    - nvmem: core: fix cell removal on error
    - serial: 8250_dma: Fix DMA Rx completion race
    - serial: 8250_dma: Fix DMA Rx rearm race
    - phy: qcom-qmp-combo: fix memleak on probe deferral
    - phy: qcom-qmp-usb: fix memleak on probe deferral
    - phy: qcom-qmp-combo: fix broken power on
    - phy: qcom-qmp-combo: fix runtime suspend
    - iio:adc:twl6030: Enable measurement of VAC
    - powerpc/imc-pmu: Revert nest_init_lock to being a mutex
    - fs/ntfs3: Validate attribute data and valid sizes
    - ovl: Use "buf" flexible array for memcpy() destination
    - fbdev: smscufx: fix error handling code in ufx_usb_probe
    - f2fs: fix to do sanity check on i_extra_isize in is_alive()
    - wifi: brcmfmac: Check the count value of channel spec to prevent out-of-
      bounds reads
    - gfs2: Cosmetic gfs2_dinode_{in,out} cleanup
    - gfs2: Always check inode size of inline inodes
    - bpf: Skip invalid kfunc call in backtrack_insn
    - ASoC: Intel: sof_es8336: Drop reference count of ACPI device after use
    - ASoC: Intel: avs: Implement PCI shutdown
    - bpf: Add missing btf_put to register_btf_id_dtor_kfuncs
    - arm64: dts: imx8mm-verdin: Do not power down eth-phy
    - vhost-scsi: unbreak any layout for response
    - skb: Do mix page pool and page referenced frags in GRO
    - net: wwan: t7xx: Fix Runtime PM initialization
    - fscache: Use wait_on_bit() to wait for the freeing of relinquished volume
    - drm/i915: Fix request ref counting during error capture & debugfs dump
    - drm/i915: Fix up locking around dumping requests lists
    - ALSA: firewire-motu: fix unreleased lock warning in hwdep device
    - sctp: do not check hb_timer.expires when resetting hb_timer
    - can: mcp251xfd: mcp251xfd_ring_set_ringparam(): assign missing
      tx_obj_num_coalesce_irq
    - rtc: sunplus: fix format string for printing resource
    - certs: Fix build error when PKCS#11 URI contains semicolon
    - hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap()
    - ARM: dts: imx7d-smegw01: Fix USB host over-current polarity
    - can: isotp: split tx timer into transmission and timeout
    - can: isotp: handle wait_event_interruptible() return values
    - iio: adc: xilinx-ams: fix devm_krealloc() return value check
    - iio: imx8qxp-adc: fix irq flood when call imx8qxp_adc_read_raw()
    - nvmem: brcm_nvram: Add check for kzalloc
    - nvmem: sunxi_sid: Always use 32-bit MMIO reads
    - Revert "mm: kmemleak: alloc gray object for reserved region with direct map"
    - mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()
    - usb: typec: ucsi: Don't attempt to resume the ports before they exist
    - usb: gadget: udc: do not clear gadget driver.bus
    - mm/uffd: fix pte marker when fork() without fork event
    - migrate: hugetlb: check for hugetlb shared PMD in node migration
    - drm/i915: Avoid potential vm use-after-free
    - nvmem: core: fix device node refcounting
    - powerpc/64s/radix: Fix crash with unaligned relocated kernel
    - powerpc/64s: Fix local irq disable when PMIs are disabled
    - btrfs: limit device extents to the device size
    - btrfs: zlib: zero-initialize zlib workspace
    - ALSA: hda/realtek: Add Positivo N14KP6-TG
    - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
    - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Elitebook, 645 G9
    - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
      trace_pipe_raw
    - of/address: Return an error when no valid dma-ranges are found
    - can: j1939: do not wait 250 ms if the same addr was already claimed
    - xfrm: compat: change expression for switch in xfrm_xlate64
    - IB/hfi1: Restore allocated resources on failed copyout
    - xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
    - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
    - RDMA/irdma: Fix potential NULL-ptr-dereference
    - RDMA/usnic: use iommu_map_atomic() under spin_lock()
    - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
    - net: phylink: move phy_device_free() to correctly release phy device
    - bonding: fix error checking in bond_debug_reregister()
    - net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY
    - ionic: clean interrupt before enabling queue to avoid credit race
    - uapi: add missing ip/ipv6 header dependencies for linux/stddef.h
    - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
    - net: dsa: mt7530: don't change PVC_EG_TAG when CPU port becomes VLAN-aware
    - net: mscc: ocelot: fix VCAP filters not matching on MAC with "protocol
      802.1Q"
    - net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change
    - net/mlx5: Bridge, fix ageing of peer FDB entries
    - net/mlx5e: IPoIB, Show unknown speed instead of error
    - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
    - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
    - net/mlx5: Serialize module cleanup with reload and remove
    - igc: Add ndo_tx_timeout support
    - rds: rds_rm_zerocopy_callback() use list_first_entry()
    - selftests: forwarding: lib: quote the sysctl values
    - ALSA: pci: lx6464es: fix a debug loop
    - riscv: stacktrace: Fix missing the first frame
    - ASoC: topology: Return -ENOMEM on memory allocation failure
    - pinctrl: mediatek: Fix the drive register definition of some Pins
    - pinctrl: aspeed: Fix confusing types in return value
    - pinctrl: single: fix potential NULL dereference
    - spi: dw: Fix wrong FIFO level setting for long xfers
    - pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
    - cifs: Fix use-after-free in rdata->read_into_pages()
    - net: USB: Fix wrong-direction WARNING in plusb.c
    - mptcp: be careful on subflow status propagation on errors
    - btrfs: free device in btrfs_close_devices for a single device filesystem
    - usb: core: add quirk for Alcor Link AK9563 smartcard reader
    - usb: typec: altmodes/displayport: Fix probe pin assign check
    - clk: ingenic: jz4760: Update M/N/OD calculation algorithm
    - ceph: flush cap releases when the session is flushed
    - riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte
    - powerpc/64s/interrupt: Fix interrupt exit race with security mitigation
      switch
    - rtmutex: Ensure that the top waiter is always woken up
    - arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
    - arm64: dts: meson-g12-common: Make mmc host controller interrupts level-
      sensitive
    - arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
    - Fix page corruption caused by racy check in __free_pages
    - drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
    - drm/i915: Initialize the obj flags for shmem objects
    - drm/i915: Fix VBT DSI DVO port handling
    - x86/speculation: Identify processors vulnerable to SMT RSB predictions
    - KVM: x86: Mitigate the cross-thread return address predictions bug
    - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions
    - hv_netvsc: Allocate memory in netvsc_dma_map() with GFP_ATOMIC
    - xfrm: annotate data-race around use_time
    - of: Make OF framebuffer device names unique
    - cpufreq: qcom-hw: Fix cpufreq_driver->get() for non-LMH systems
    - net: microchip: sparx5: fix PTP init/deinit not checking all ports
    - drm/virtio: exbuf->fence_fd unmodified on interrupted wait
    - ice: Fix disabling Rx VLAN filtering with port VLAN enabled
    - ice: switch: fix potential memleak in ice_add_adv_recipe()
    - net/mlx5e: Fix crash unsetting rx-vlan-filter in switchdev mode
    - txhash: fix sk->sk_txrehash default
    - selftests: Fix failing VXLAN VNI filtering test
    - arm64: dts: rockchip: fix input enable pinconf on rk3399
    - arm64: dts: rockchip: set sdmmc0 speed to sd-uhs-sdr50 on rock-3a
    - ASoC: tas5805m: rework to avoid scheduling while atomic.
    - ASoC: tas5805m: add missing page switch.
    - ASoC: fsl_sai: fix getting version from VERID
    - mptcp: do not wait for bare sockets' timeout
    - selftests: mptcp: allow more slack for slow test-case
    - selftests: mptcp: stop tests earlier
    - riscv: kprobe: Fixup misaligned load text
    - tracing: Fix TASK_COMM_LEN in trace event format file
    - drm/i915: Move fd_install after last use of fence
    - mptcp: fix locking for in-kernel listener creation
    - ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
    - ASoC: Intel: sof_cs42l42: always set dpcm_capture for amplifiers
    - selftests/bpf: Verify copy_register_state() preserves parent/live fields
    - ALSA: hda: Do not unset preset when cleaning up codec
    - bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself
    - ASoC: cs42l56: fix DT probe
    - tools/virtio: fix the vringh test for virtio ring changes
    - net/rose: Fix to not accept on connected socket
    - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
    - drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED
    - net: sched: sch: Bounds check priority
    - s390/decompressor: specify __decompress() buf len to avoid overflow
    - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
    - drm/amd/display: Properly handle additional cases where DCN is not supported
    - platform/x86: touchscreen_dmi: Add Chuwi Vi8 (CWI501) DMI match
    - nvmem: core: add error handling for dev_set_name
    - nvmem: core: fix cleanup after dev_set_name()
    - nvmem: core: fix registration vs use race
    - nvmem: core: fix return value
    - aio: fix mremap after fork null-deref
    - drm/amd/display: Fail atomic_check early on normalize_zpos error
    - tcp: Fix listen() regression in 5.15.88.
    - mmc: jz4740: Work around bug on JZ4760(B)
    - mmc: sdio: fix possible resource leaks in some error paths
    - mmc: mmc_spi: fix error handling in mmc_spi_probe()
    - ALSA: hda/conexant: add a new hda codec SN6180
    - ALSA: hda/realtek - fixed wrong gpio assigned
    - sched/psi: Fix use-after-free in ep_remove_wait_queue()
    - hugetlb: check for undefined shift on 32 bit architectures
    - of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem
    - net: Fix unwanted sign extension in netdev_stats_to_stats64()
    - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
    - ixgbe: allow to increase MTU to 3K with XDP enabled
    - i40e: add double of VLAN header when computing the max MTU
    - net: bgmac: fix BCM5358 support by setting correct flags
    - net: ethernet: ti: am65-cpsw: Add RX DMA Channel Teardown Quirk
    - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
    - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
    - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
    - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
    - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
    - bnxt_en: Fix mqprio and XDP ring checking logic
    - net: stmmac: Restrict warning on disabling DMA store and fwd mode
    - ixgbe: add double of VLAN header when computing the max MTU
    - ipv6: Fix datagram socket connection with DSCP.
    - ipv6: Fix tcp socket connection with DSCP.
    - nilfs2: fix underflow in second superblock position calculations
    - mm/filemap: fix page end in filemap_get_read_batch
    - drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
    - net/sched: act_ctinfo: use percpu stats
    - i40e: Add checking for null for nlmsg_find_attr()
    - kvm: initialize all of the kvm_debugregs structure before sending it to
      userspace
    - alarmtimer: Prevent starvation by small intervals and SIG_IGN
    - ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
    - net: sched: sch: Fix off by one in htb_activate_prios()
    - platform/x86/amd: pmc: add CONFIG_SERIO dependency
    - kasan: fix Oops due to missing calls to kasan_arch_is_ready()
    - fbdev: Fix invalid page access after closing deferred I/O devices
    - drm/vmwgfx: Stop accessing buffer objects which failed init
    - drm/vmwgfx: Do not drop the reference to the handle too soon
    - gpio: sim: fix a memory leak
    - coredump: Move dump_emit_page() to kill unused warning
    - drm/vc4: crtc: Increase setup cost in core clock calculation to handle
      extreme reduced blanking
    - ice: fix lost multicast packets in promisc mode
    - ice: xsk: Fix cleaning of XDP_TX frames
    - tracing: Make trace_define_field_ext() static
    - net: use a bounce buffer for copying skb->mark
    - igb: conditionalize I2C bit banging on external thermal sensor support
    - igb: Fix PPS input and output using 3rd and 4th SDP
  * cm32181 module error blocking suspend (LP: #1988346) // Kinetic update:
    upstream stable patchset 2023-04-06 (LP: #2015511)
    - iio: light: cm32181: Fix PM support on system with 2 I2C resources
  * kernel: fix __clear_user() inline assembly constraints (LP: #2013088)
    - s390/uaccess: add missing earlyclobber annotations to __clear_user()
  * expoline.o is packaged unconditionally for s390x (LP: #2013209)
    - [Packaging] Copy expoline.o only when produced by the build
  * Fix selftests/ftracetests/Meta-selftests (LP: #2006453)
    - selftests/ftrace: Fix bash specific "==" operator
  * No HDMI audio under 5.19.0-35 & -37 (regression from -32) (LP: #2009136)
    - ALSA: memalloc: Try dma_alloc_noncontiguous() at first
    - ALSA: memalloc: Drop special handling of GFP for CONTINUOUS allocation
    - ALSA: vx: Drop superfluous GFP setup
    - ALSA: pdaudiocf: Drop superfluous GFP setup
    - ASoC: Intel: sst: Switch to standard device pages
    - ALSA: memalloc: Workaround for Xen PV
  * Intel E810 NICs driver in causing hangs when booting and bonds configured
    (LP: #2004262)
    - ice: avoid bonding causing auxiliary plug/unplug under RTNL lock
  * Kinetic update: upstream stable patchset 2023-04-04 (LP: #2015288)
    - memory: tegra: Remove clients SID override programming
    - memory: atmel-sdramc: Fix missing clk_disable_unprepare in
      atmel_ramc_probe()
    - memory: mvebu-devbus: Fix missing clk_disable_unprepare in
      mvebu_devbus_probe()
    - dmaengine: ti: k3-udma: Do conditional decrement of
      UDMA_CHAN_RT_PEER_BCNT_REG
    - arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property
    - ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency'
    - ARM: dts: imx7d-pico: Use 'clock-frequency'
    - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
    - arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux
    - ARM: imx: add missing of_node_put()
    - HID: intel_ish-hid: Add check for ishtp_dma_tx_map
    - arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity
    - soc: imx8m: Fix incorrect check for of_clk_get_by_name()
    - reset: uniphier-glue: Fix possible null-ptr-deref
    - EDAC/highbank: Fix memory leak in highbank_mc_probe()
    - firmware: arm_scmi: Harden shared memory access in fetch_response
    - firmware: arm_scmi: Harden shared memory access in fetch_notification
    - tomoyo: fix broken dependency on *.conf.default
    - RDMA/core: Fix ib block iterator counter overflow
    - IB/hfi1: Reject a zero-length user expected buffer
    - IB/hfi1: Reserve user expected TIDs
    - IB/hfi1: Fix expected receive setup error exit issues
    - IB/hfi1: Immediately remove invalid memory from hardware
    - IB/hfi1: Remove user expected buffer invalidate race
    - affs: initialize fsdata in affs_truncate()
    - PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe()
    - arm64: dts: qcom: msm8992: Don't use sfpb mutex
    - arm64: dts: qcom: msm8992-libra: Fix the memory map
    - phy: ti: fix Kconfig warning and operator precedence
    - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
    - ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60
    - amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
    - amd-xgbe: Delay AN timeout during KR training
    - bpf: Fix pointer-leak due to insufficient speculative store bypass
      mitigation
    - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
      rockchip_usb2phy_power_on()
    - net: nfc: Fix use-after-free in local_cleanup()
    - net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
    - net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()
    - sch_htb: Avoid grafting on htb_destroy_class_offload when destroying htb
    - gpio: mxc: Protect GPIO irqchip RMW with bgpio spinlock
    - gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
    - pinctrl: rockchip: fix reading pull type on rk3568
    - net: stmmac: Fix queue statistics reading
    - net/sched: sch_taprio: fix possible use-after-free
    - l2tp: Serialize access to sk_user_data with sk_callback_lock
    - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
    - l2tp: convert l2tp_tunnel_list to idr
    - l2tp: close all race conditions in l2tp_tunnel_register()
    - net: usb: sr9700: Handle negative len
    - net: mdio: validate parameter addr in mdiobus_get_phy()
    - HID: check empty report_list in hid_validate_values()
    - HID: check empty report_list in bigben_probe()
    - net: stmmac: fix invalid call to mdiobus_get_phy()
    - pinctrl: rockchip: fix mux route data for rk3568
    - HID: revert CHERRY_MOUSE_000C quirk
    - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
    - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
    - Bluetooth: Fix possible deadlock in rfcomm_sk_state_change
    - net: ipa: disable ipa interrupt during suspend
    - net/mlx5: E-switch, Fix setting of reserved fields on
      MODIFY_SCHEDULING_ELEMENT
    - net: mlx5: eliminate anonymous module_init & module_exit
    - drm/panfrost: fix GENERIC_ATOMIC64 dependency
    - dmaengine: Fix double increment of client_count in dma_chan_get()
    - net: macb: fix PTP TX timestamp failure due to packet padding
    - virtio-net: correctly enable callback during start_xmit
    - l2tp: prevent lockdep issue in l2tp_tunnel_register()
    - HID: betop: check shape of output reports
    - cifs: fix potential deadlock in cache_refresh_path()
    - dmaengine: xilinx_dma: call of_node_put() when breaking out of
      for_each_child_of_node()
    - phy: phy-can-transceiver: Skip warning if no "max-bitrate"
    - drm/amd/display: fix issues with driver unload
    - nvme-pci: fix timeout request state check
    - tcp: avoid the lookup process failing to get sk in ehash table
    - ptdma: pt_core_execute_cmd() should use spinlock
    - device property: fix of node refcount leak in
      fwnode_graph_get_next_endpoint()
    - w1: fix deadloop in __w1_remove_master_device()
    - w1: fix WARNING after calling w1_process()
    - driver core: Fix test_async_probe_init saves device in wrong array
    - selftests/net: toeplitz: fix race on tpacket_v3 block close
    - net: dsa: microchip: ksz9477: port map correction in ALU table entry
      register
    - thermal/core: Remove duplicate information when an error occurs
    - thermal/core: Rename 'trips' to 'num_trips'
    - thermal: Validate new state in cur_state_store()
    - thermal/core: fix error code in __thermal_cooling_device_register()
    - thermal: core: call put_device() only after device_register() fails
    - net: stmmac: enable all safety features by default
    - tcp: fix rate_app_limited to default to 1
    - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
    - cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
    - kcsan: test: don't put the expect array on the stack
    - cpufreq: Add SM6375 to cpufreq-dt-platdev blocklist
    - ASoC: fsl_micfil: Correct the number of steps on SX controls
    - net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem
    - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
    - s390/debug: add _ASM_S390_ prefix to header guard
    - s390: expicitly align _edata and _end symbols on page boundary
    - perf/x86/msr: Add Emerald Rapids
    - perf/x86/intel/uncore: Add Emerald Rapids
    - cpufreq: armada-37xx: stop using 0 as NULL pointer
    - ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
    - ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
    - spi: spidev: remove debug messages that access spidev->spi without locking
    - KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
    - scsi: hisi_sas: Set a port invalid only if there are no devices attached
      when refreshing port id
    - r8152: add vendor/device ID pair for Microsoft Devkit
    - platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
    - platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
    - lockref: stop doing cpu_relax in the cmpxchg loop
    - firmware: coreboot: Check size of table entry and use flex-array
    - drm/i915: Remove unused variable
    - x86: ACPI: cstate: Optimize C3 entry on AMD CPUs
    - panic: Separate sysctl logic from CONFIG_SMP
    - exit: Put an upper limit on how often we can oops
    - exit: Expose "oops_count" to sysfs
    - exit: Allow oops_limit to be disabled
    - panic: Consolidate open-coded panic_on_warn checks
    - panic: Introduce warn_limit
    - panic: Expose "warn_count" to sysfs
    - docs: Fix path paste-o for /sys/kernel/warn_count
    - exit: Use READ_ONCE() for all oops/warn limit reads
    - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
    - drm/amdgpu: complete gfxoff allow signal during suspend without delay
    - scsi: hpsa: Fix allocation size for scsi_host_alloc()
    - module: Don't wait for GOING modules
    - tracing: Make sure trace_printk() can output as soon as it can be used
    - trace_events_hist: add check for return value of 'create_hist_field'
    - ftrace/scripts: Update the instructions for ftrace-bisect.sh
    - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
    - i2c: mv64xxx: Remove shutdown method from driver
    - i2c: mv64xxx: Add atomic_xfer method to driver
    - ksmbd: add max connections parameter
    - ksmbd: do not sign response to session request for guest login
    - ksmbd: downgrade ndr version error message to debug
    - ksmbd: limit pdu length size according to connection status
    - KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
    - KVM: arm64: GICv4.1: Fix race with doorbell on VPE activation/deactivation
    - thermal: intel: int340x: Protect trip temperature from concurrent updates
    - ipv6: fix reachability confirmation with proxy_ndp
    - ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
    - EDAC/device: Respect any driver-supplied workqueue polling value
    - EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
    - net: mana: Fix IRQ name - add PCI and queue number
    - scsi: ufs: core: Fix devfreq deadlocks
    - i2c: designware: use casting of u64 in clock multiplication to avoid
      overflow
    - netlink: prevent potential spectre v1 gadgets
    - net: fix UaF in netns ops registration error path
    - drm/i915/selftest: fix intel_selftest_modify_policy argument types
    - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
    - netfilter: nft_set_rbtree: skip elements in transaction from garbage
      collection
    - netlink: annotate data races around nlk->portid
    - netlink: annotate data races around dst_portid and dst_group
    - netlink: annotate data races around sk_state
    - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
    - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
    - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
    - netrom: Fix use-after-free of a listening socket.
    - net/sched: sch_taprio: do not schedule in taprio_reset()
    - sctp: fail if no bound addresses can be used for a given scope
    - riscv/kprobe: Fix instruction simulation of JALR
    - nvme: fix passthrough csi check
    - gpio: mxc: Unlock on error path in mxc_flip_edge()
    - net: ravb: Fix lack of register setting after system resumed for Gen3
    - net: ravb: Fix possible hang if RIS2_QFF1 happen
    - net: mctp: mark socks as dead on unhash, prevent re-add
    - thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type()
    - net/tg3: resolve deadlock in tg3_reset_task() during EEH
    - net: mdio-mux-meson-g12a: force internal PHY off on mux switch
    - treewide: fix up files incorrectly marked executable
    - tools: gpio: fix -c option of gpio-event-mon
    - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
      mode"
    - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
    - netfilter: conntrack: unify established states for SCTP paths
    - perf/x86/amd: fix potential integer overflow on shift of a int
    - dmaengine: qcom: gpi: Set link_rx bit on GO TRE for rx operation
    - soc: imx: imx8mp-blk-ctrl: enable global pixclk with HDMI_TX_PHY PD
    - arm64: dts: verdin-imx8mm: fix dahlia audio playback
    - arm64: dts: verdin-imx8mm: fix dev board audio playback
    - soc: imx: imx8mp-blk-ctrl: don't set power device name
    - arm64: dts: imx8mp: Fix missing GPC Interrupt
    - arm64: dts: imx8mp: Fix power-domain typo
    - reset: ti-sci: honor TI_SCI_PROTOCOL setting when not COMPILE_TEST
    - firmware: arm_scmi: Fix virtio channels cleanup on shutdown
    - interconnect: qcom: msm8996: Provide UFS clocks to A2NoC
    - interconnect: qcom: msm8996: Fix regmap max_register values
    - RDMA/rxe: Fix inaccurate constants in rxe_type_info
    - RDMA/rxe: Prevent faulty rkey generation
    - drm/msm/gpu: Fix potential double-free
    - bpf: hash map, avoid deadlock with suitable hash mask
    - net: lan966x: add missing fwnode_handle_put() for ports node
    - block/rnbd-clt: fix wrong max ID in ida_alloc_max
    - usb: ucsi: Ensure connector delayed work items are flushed
    - netfilter: conntrack: handle tcp challenge acks during connection reuse
    - net/mlx5e: Avoid false lock dependency warning on tc_ht even more
    - net/mlx5e: Set decap action based on attr for sample
    - dmaengine: tegra: Fix memory leak in terminate_all()
    - net: sched: gred: prevent races when adding offloads to stats
    - usb: dwc3: fix extcon dependency
    - bnxt: Do not read past the end of test names
    - btrfs: zoned: enable metadata over-commit for non-ZNS setup
    - vfio/type1: Respect IOMMU reserved regions in vfio_test_domain_fgsp()
    - kvm/vfio: Fix potential deadlock on vfio group_lock
    - ftrace: Export ftrace_free_filter() to modules
    - riscv: fix -Wundef warning for CONFIG_RISCV_BOOT_SPINWAIT
    - regulator: dt-bindings: samsung,s2mps14: add lost samsung,ext-control-gpios
    - i2c: designware: Fix unbalanced suspended flag
    - iavf: schedule watchdog immediately when changing primary MAC
    - tracing/osnoise: Use built-in RCU list checking
    - gpio: ep93xx: Fix port F hwirq numbers in handler
    - net: mctp: add an explicit reference from a mctp_sk_key to sock
    - net: mctp: move expiry timer delete to unhash
    - net: mctp: hold key reference when looking up a general key
    - riscv: Move call to init_cpu_topology() to later initialization stage
    - Partially revert "perf/arm-cmn: Optimise DTC counter accesses"
    - x86/sev: Add SEV-SNP guest feature negotiation support
    - acpi: Fix suspend with Xen PV
  * CVE-2023-1075
    - net/tls: tls_is_tx_ready() checked list_entry
  * devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute
    (KeyError: 'flavour') (LP: #1937133)
    - selftests: net: devlink_port_split.py: skip test if no suitable device
      available
  * Connection timeout due to conntrack limits (LP: #2011616)
    - netfilter: conntrack: adopt safer max chain length
  * Kinetic update: upstream stable patchset 2023-03-27 (LP: #2012977)
    - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
    - pNFS/filelayout: Fix coalescing test for single DS
    - tools/virtio: initialize spinlocks in vring_test.c
    - virtio_pci: modify ENOENT to EINVAL
    - vduse: Validate vq_num in vduse_validate_config()
    - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
    - r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down()
    - RDMA/srp: Move large values to a new enum for gcc13
    - btrfs: always report error in run_one_delayed_ref()
    - x86/asm: Fix an assembler warning with current binutils
    - f2fs: let's avoid panic if extent_tree is not created
    - perf/x86/rapl: Treat Tigerlake like Icelake
    - fbdev: omapfb: avoid stack overflow warning
    - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
    - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
    - wifi: mac80211: sdata can be NULL during AMPDU start
    - Add exception protection processing for vd in axi_chan_handle_err function
    - zonefs: Detect append writes at invalid locations
    - nilfs2: fix general protection fault in nilfs_btree_insert()
    - efi: fix userspace infinite retry read efivars after EFI runtime services
      page fault
    - ALSA: hda/realtek: fix mute/micmute LEDs don't work for a HP platform
    - hugetlb: unshare some PMDs when splitting VMAs
    - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
    - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
    - eventfd: provide a eventfd_signal_mask() helper
    - xhci-pci: set the dma max_seg_size
    - usb: xhci: Check endpoint is valid before dereferencing it
    - xhci: Fix null pointer dereference when host dies
    - xhci: Add update_hub_device override for PCI xHCI hosts
    - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
    - usb: acpi: add helper to check port lpm capability using acpi _DSM
    - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
    - prlimit: do_prlimit needs to have a speculation check
    - USB: serial: option: add Quectel EM05-G (GR) modem
    - USB: serial: option: add Quectel EM05-G (CS) modem
    - USB: serial: option: add Quectel EM05-G (RS) modem
    - USB: serial: option: add Quectel EC200U modem
    - USB: serial: option: add Quectel EM05CN (SG) modem
    - USB: serial: option: add Quectel EM05CN modem
    - staging: vchiq_arm: fix enum vchiq_status return types
    - USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
    - misc: fastrpc: Don't remove map on creater_process and device_release
    - misc: fastrpc: Fix use-after-free race condition for maps
    - usb: core: hub: disable autosuspend for TI TUSB8041
    - comedi: adv_pci1760: Fix PWM instruction handling
    - ACPI: PRM: Check whether EFI runtime is available
    - mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
    - mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
    - btrfs: do not abort transaction on failure to write log tree when syncing
      log
    - btrfs: fix race between quota rescan and disable leading to NULL pointer
      deref
    - cifs: do not include page data when checking signature
    - thunderbolt: Use correct function to calculate maximum USB3 link rate
    - riscv: dts: sifive: fu740: fix size of pcie 32bit memory
    - bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and
      PERF_BPF_EVENT_PROG_UNLOAD
    - tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
    - tty: fix possible null-ptr-defer in spk_ttyio_release
    - USB: serial: cp210x: add SCALANCE LPE-9000 device id
    - usb: cdns3: remove fetched trb from cache before dequeuing
    - usb: host: ehci-fsl: Fix module alias
    - usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
    - usb: typec: altmodes/displayport: Add pin assignment helper
    - usb: typec: altmodes/displayport: Fix pin assignment calculation
    - usb: gadget: g_webcam: Send color matching descriptor per frame
    - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
    - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
    - dt-bindings: phy: g12a-usb2-phy: fix compatible string documentation
    - dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string documentation
    - serial: pch_uart: Pass correct sg to dma_unmap_sg()
    - dmaengine: lgm: Move DT parsing after initialization
    - dmaengine: tegra210-adma: fix global intr clear
    - dmaengine: idxd: Let probe fail when workqueue cannot be enabled
    - serial: amba-pl011: fix high priority character transmission in rs486 mode
    - serial: atmel: fix incorrect baudrate setup
    - gsmi: fix null-deref in gsmi_get_variable
    - mei: me: add meteor lake point M DID
    - drm/i915: re-disable RC6p on Sandy Bridge
    - drm/i915/display: Check source height is > 0
    - drm/amd/display: Fix set scaling doesn's work
    - drm/amd/display: Calculate output_color_space after pixel encoding
      adjustment
    - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
    - fs/ntfs3: Fix attr_punch_hole() null pointer derenference
    - arm64: efi: Execute runtime services from a dedicated stack
    - efi: rt-wrapper: Add missing include
    - x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
    - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
    - block: mq-deadline: Rename deadline_is_seq_writes()
    - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
    - soc: qcom: apr: Make qcom,protection-domain optional again
    - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
    - serial: stm32: Merge hard IRQ and threaded IRQ handling into single IRQ
      handler
    - misc: fastrpc: Fix use-after-free and race in fastrpc_map_find
    - btrfs: fix missing error handling when logging directory items
    - thunderbolt: Disable XDomain lane 1 only in software connection manager
    - thunderbolt: Do not report errors if on-board retimers are found
    - thunderbolt: Do not call PM runtime functions in tb_retimer_scan()
    - mptcp: explicitly specify sock family at subflow creation time
    - mptcp: netlink: respect v4/v6-only sockets
    - usb: musb: fix error return code in omap2430_probe()
    - USB: gadget: Add ID numbers to configfs-gadget driver names
    - arm64: dts: imx8mp: correct usb clocks
    - dmaengine: idxd: Prevent use after free on completion memory
    - dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable
    - mei: bus: fix unlink on bus in error path
    - VMCI: Use threaded irqs instead of tasklets
    - ARM: omap1: fix !ARCH_OMAP1_ANY link failures
    - drm/amdgpu: Correct the power calcultion for Renior/Cezanne.
    - drm/i915: Allow switching away via vga-switcheroo if uninitialized
    - octeontx2-pf: Avoid use of GFP_KERNEL in atomic context
    - octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt
  * Kinetic update: upstream stable patchset 2023-03-21 (LP: #2012438)
    - ALSA: control-led: use strscpy in set_led_id()
    - ALSA: hda/realtek - Turn on power early
    - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
    - KVM: arm64: Fix S1PTW handling on RO memslots
    - KVM: arm64: nvhe: Fix build with profile optimization
    - selftests: kvm: Fix a compile error in selftests/kvm/rseq_test.c
    - efi: tpm: Avoid READ_ONCE() for accessing the event log
    - docs: Fix the docs build with Sphinx 6.0
    - net: stmmac: add aux timestamps fifo clearance wait
    - perf auxtrace: Fix address filter duplicate symbol selection
    - s390/kexec: fix ipl report address for kdump
    - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
    - s390/cpum_sf: add READ_ONCE() semantics to compare and swap loops
    - s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
    - drm/virtio: Fix GEM handle creation UAF
    - drm/i915/gt: Reset twice
    - cifs: Fix uninitialized memory read for smb311 posix symlink create
    - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present
    - platform/surface: aggregator: Ignore command messages not intended for us
    - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting
    - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint
    - drm/msm/adreno: Make adreno quirks not overwrite each other
    - dt-bindings: msm: dsi-controller-main: Fix power-domain constraint
    - dt-bindings: msm: dsi-controller-main: Fix description of core clock
    - dt-bindings: msm: dsi-phy-28nm: Add missing qcom, dsi-phy-regulator-ldo-mode
    - platform/x86: ideapad-laptop: Add Legion 5 15ARH05 DMI id to
      set_fn_lock_led_list[]
    - drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux
      transfer
    - dt-bindings: msm/dsi: Don't require vdds-supply on 10nm PHY
    - dt-bindings: msm/dsi: Don't require vcca-supply on 14nm PHY
    - platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight during
      probe
    - ixgbe: fix pci device refcount leak
    - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
    - usb: ulpi: defer ulpi_register on ulpi_read_id timeout
    - iommu/iova: Fix alloc iova overflows issue
    - iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe()
    - sched/core: Fix use-after-free bug in dup_user_cpus_ptr()
    - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
      function.
    - powerpc/imc-pmu: Fix use of mutex in IRQs disabled section
    - x86/boot: Avoid using Intel mnemonics in AT&T syntax asm
    - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
    - x86/resctrl: Fix task CLOSID/RMID update race
    - regulator: da9211: Use irq handler when ready
    - scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile
    - scsi: ufs: core: WLUN suspend SSU/enter hibern8 fail recovery
    - ASoC: wm8904: fix wrong outputs volume after power reactivation
    - ALSA: usb-audio: Make sure to stop endpoints before closing EPs
    - ALSA: usb-audio: Relax hw constraints for implicit fb sync
    - tipc: fix unexpected link reset due to discovery messages
    - octeontx2-af: Fix LMAC config in cgx_lmac_rx_tx_enable
    - hvc/xen: lock console list traversal
    - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
    - af_unix: selftest: Fix the size of the parameter to connect()
    - tools/nolibc: restore mips branch ordering in the _start block
    - tools/nolibc: fix the O_* fcntl/open macro definitions for riscv
    - net/sched: act_mpls: Fix warning during failed attribute validation
    - net/mlx5: Fix ptp max frequency adjustment range
    - net/mlx5e: Don't support encap rules with gbp option
    - perf build: Properly guard libbpf includes
    - igc: Fix PPS delta between two synchronized end-points
    - platform/surface: aggregator: Add missing call to ssam_request_sync_free()
    - KVM: x86: Do not return host topology information from
      KVM_GET_SUPPORTED_CPUID
    - arm64: atomics: remove LL/SC trampolines
    - arm64: cmpxchg_double*: hazard against entire exchange variable
    - efi: fix NULL-deref in init error path
    - io_uring/io-wq: free worker if task_work creation is canceled
    - io_uring/io-wq: only free worker if it was allocated for creation
    - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
    - pinctrl: amd: Add dynamic debugging for active GPIOs
    - arm64: mte: Fix double-freeing of the temporary tag storage during coredump
    - elfcore: Add a cprm parameter to elf_core_extra_{phdrs,data_size}
    - cpufreq: amd-pstate: fix kernel hang issue while amd-pstate unregistering
    - drm/i915: Reserve enough fence slot for i915_vma_unbind_async
    - drm/i915: Fix potential context UAFs
    - cifs: do not query ifaces on smb1 mounts
    - ASoC: rt9120: Make dev PM runtime bind AsoC component PM
    - platform/x86: int3472/discrete: Ensure the clk/power enable pins are in
      output mode
    - platform/x86: asus-wmi: Don't load fan curves without fan
    - drm/msm: another fix for the headless Adreno GPU
    - arm64/signal: Always allocate SVE signal frames on SME only systems
    - arm64/signal: Always accept SVE signal frames on SME only systems
    - arm64/mm: add pud_user_exec() check in pud_user_accessible_page()
    - arm64: ptrace: Use ARM64_SME to guard the SME register enumerations
    - arm64/mm: fix incorrect file_map_count for invalid pmd
    - iavf/iavf_main: actually log ->src mask when talking about it
    - x86/pat: Fix pat_x_mtrr_type() for MTRR disabled case
    - scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
    - ASoC: Intel: fix sof-nau8825 link failure
    - drm/msm/dpu: Fix some kernel-doc comments
    - drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path
    - mtd: cfi: allow building spi-intel standalone
    - stmmac: dwmac-mediatek: remove the dwmac_fix_mac_speed
    - sched/core: Fix arch_scale_freq_tick() on tickless systems
    - net/mlx5: check attr pointer validity before dereferencing it
    - net/mlx5e: TC, Keep mod hdr actions after mod hdr alloc
    - net/mlx5: Fix command stats access after free
    - net/mlx5e: Verify dev is present for fix features ndo
    - net/mlx5e: IPoIB, Block queue count configuration when sub interfaces are
      present
    - net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent
    - net/mlx5e: IPoIB, Fix child PKEY interface stats on rx path
    - octeontx2-pf: Fix resource leakage in VF driver unbind
    - net: lan966x: check for ptp to be enabled in lan966x_ptp_deinit()
    - net: hns3: fix wrong use of rss size during VF rss config
    - bnxt: make sure we return pages to the pool
    - platform/x86/amd: Fix refcount leak in amd_pmc_probe
  * Kinetic update: upstream stable patchset 2023-03-20 (LP: #2012307)
    - parisc: Align parisc MADV_XXX constants with all other architectures
    - x86/fpu: Take task_struct* in copy_sigframe_from_user_to_xstate()
    - x86/fpu: Add a pkru argument to copy_uabi_from_kernel_to_xstate().
    - x86/fpu: Add a pkru argument to copy_uabi_to_xstate()
    - x86/fpu: Allow PKRU to be (once again) written by ptrace.
    - x86/fpu: Emulate XRSTOR's behavior if the xfeatures PKRU bit is not set
    - selftests/vm/pkeys: Add a regression test for setting PKRU through ptrace
    - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
      driver-specific way"
    - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
    - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
    - Revert "SUNRPC: Use RMW bitops in single-threaded hot paths"
    - ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle
  * Kinetic update: upstream stable patchset 2023-03-06 (LP: #2009546)
    - usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
    - cifs: fix oops during encryption
    - nvme-pci: fix doorbell buffer value endianness
    - nvme-pci: fix mempool alloc size
    - nvme-pci: fix page size checks
    - ACPI: resource: do IRQ override on LENOVO IdeaPad
    - ACPI: resource: do IRQ override on XMG Core 15
    - ACPI: resource: do IRQ override on Lenovo 14ALC7
    - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
    - ata: ahci: Fix PCS quirk application for suspend
    - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
    - nvmet: don't defer passthrough commands with trivial effects to the
      workqueue
    - fs/ntfs3: Validate BOOT record_size
    - fs/ntfs3: Add overflow check for attribute size
    - fs/ntfs3: Validate data run offset
    - fs/ntfs3: Add null pointer check to attr_load_runs_vcn
    - fs/ntfs3: Fix memory leak on ntfs_fill_super() error path
    - fs/ntfs3: Add null pointer check for inode operations
    - fs/ntfs3: Validate attribute name offset
    - fs/ntfs3: Validate buffer length while parsing index
    - fs/ntfs3: Validate resident attribute name
    - fs/ntfs3: Fix slab-out-of-bounds read in run_unpack
    - soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15
    - fs/ntfs3: Validate index root when initialize NTFS security
    - fs/ntfs3: Use __GFP_NOWARN allocation at wnd_init()
    - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_fill_super()
    - fs/ntfs3: Delete duplicate condition in ntfs_read_mft()
    - fs/ntfs3: Fix slab-out-of-bounds in r_page
    - objtool: Fix SEGFAULT
    - powerpc/rtas: avoid device tree lookups in rtas_os_term()
    - powerpc/rtas: avoid scheduling in rtas_os_term()
    - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
    - HID: plantronics: Additional PIDs for double volume key presses quirk
    - pstore: Properly assign mem_type property
    - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
    - hfsplus: fix bug causing custom uid and gid being unable to be assigned with
      mount
    - binfmt: Fix error return code in load_elf_fdpic_binary()
    - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
    - ALSA: line6: correct midi status byte when receiving data from podxt
    - ALSA: line6: fix stack overflow in line6_midi_transmit
    - pnode: terminate at peers of source
    - mfd: mt6360: Add bounds checking in Regmap read/write call-backs
    - md: fix a crash in mempool_free
    - mm, compaction: fix fast_isolate_around() to stay within boundaries
    - f2fs: should put a page when checking the summary info
    - f2fs: allow to read node block after shutdown
    - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
    - tpm: acpi: Call acpi_put_table() to fix memory leak
    - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
    - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
    - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
    - kcsan: Instrument memcpy/memset/memmove with newer Clang
    - media: stv0288: use explicitly signed char
    - soc: qcom: Select REMAP_MMIO for LLCC driver
    - kest.pl: Fix grub2 menu handling for rebooting
    - ktest.pl minconfig: Unset configs instead of just removing them
    - jbd2: use the correct print format
    - perf/x86/intel/uncore: Disable I/O stacks to PMU mapping on ICX-D
    - perf/x86/intel/uncore: Clear attr_update properly
    - arm64: dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
    - mmc: sdhci-sprd: Disable CLK_AUTO when the clock is less than 400K
    - btrfs: fix resolving backrefs for inline extent followed by prealloc
    - ARM: ux500: do not directly dereference __iomem
    - arm64: dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive strength
    - selftests: Use optional USERCFLAGS and USERLDFLAGS
    - PM/devfreq: governor: Add a private governor_data for governor
    - cpufreq: Init completion before kobject_init_and_add()
    - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
    - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
    - fs: dlm: fix sock release if listen fails
    - fs: dlm: retry accept() until -EAGAIN or error returns
    - mptcp: remove MPTCP 'ifdef' in TCP SYN cookies
    - dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort
    - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
    - dm thin: Use last transaction's pmd->root when commit failed
    - dm thin: resume even if in FAIL mode
    - dm thin: Fix UAF in run_timer_softirq()
    - dm integrity: Fix UAF in dm_integrity_dtr()
    - dm clone: Fix UAF in clone_dtr()
    - dm cache: Fix UAF in destroy()
    - dm cache: set needs_check flag after aborting metadata
    - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
    - perf/core: Call LSM hook after copying perf_event_attr
    - of/kexec: Fix reading 32-bit "linux,initrd-{start,end}" values
    - KVM: VMX: Resume guest immediately when injecting #GP on ECREATE
    - KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check fails
    - KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1
    - x86/microcode/intel: Do not retry microcode reloading on the APs
    - ftrace/x86: Add back ftrace_expected for ftrace bug reports
    - x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
    - x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
    - tracing: Fix race where eprobes can be called before the event
    - tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
    - tracing/hist: Fix wrong return value in parse_action_params()
    - tracing/probes: Handle system names with hyphens
    - tracing: Fix infinite loop in tracing_read_pipe on overflowed
      print_trace_line
    - staging: media: tegra-video: fix chan->mipi value on error
    - staging: media: tegra-video: fix device_node use after free
    - ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod
    - media: dvb-core: Fix double free in dvb_register_device()
    - cifs: fix confusing debug message
    - cifs: fix missing display of three mount options
    - rtc: ds1347: fix value written to century register
    - block: mq-deadline: Do not break sequential write streams to zoned HDDs
    - md/bitmap: Fix bitmap chunk size overflow issues
    - efi: Add iMac Pro 2017 to uefi skip cert quirk
    - wifi: wilc1000: sdio: fix module autoloading
    - ASoC: jz4740-i2s: Handle independent FIFO flush bits
    - ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()
    - ipmi: fix long wait in unload when IPMI disconnect
    - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
    - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
    - ipmi: fix use after free in _ipmi_destroy_user()
    - PCI: Fix pci_device_is_present() for VFs by checking PF
    - PCI/sysfs: Fix double free in error path
    - riscv: stacktrace: Fixup ftrace_graph_ret_addr retp argument
    - riscv: mm: notify remote harts about mmu cache updates
    - crypto: n2 - add missing hash statesize
    - driver core: Fix bus_type.match() error handling in __driver_attach()
    - phy: qcom-qmp-combo: fix sc8180x reset
    - iommu/amd: Fix ivrs_acpihid cmdline parsing code
    - remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
    - parisc: led: Fix potential null-ptr-deref in start_task()
    - device_cgroup: Roll back to original exceptions after copy failure
    - drm/connector: send hotplug uevent on connector cleanup
    - drm/i915/dsi: fix VBT send packet port selection for dual link DSI
    - drm/ingenic: Fix missing platform_driver_unregister() call in
      ingenic_drm_init()
    - ext4: silence the warning when evicting inode with dioread_nolock
    - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
      infinite loop
    - ext4: remove trailing newline from ext4_msg() message
    - fs: ext4: initialize fsdata in pagecache_write()
    - ext4: fix use-after-free in ext4_orphan_cleanup
    - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
    - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
    - ext4: add helper to check quota inums
    - ext4: fix bug_on in __es_tree_search caused by bad quota inode
    - ext4: fix reserved cluster accounting in __es_remove_extent()
    - ext4: check and assert if marking an no_delete evicting inode dirty
    - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
    - ext4: fix leaking uninitialized memory in fast-commit journal
    - ext4: fix uninititialized value in 'ext4_evict_inode'
    - ext4: init quota for 'old.inode' in 'ext4_rename'
    - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
    - ext4: fix error code return to user-space in ext4_get_branch()
    - ext4: avoid BUG_ON when creating xattrs
    - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
    - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
    - ext4: initialize quota before expanding inode in setproject ioctl
    - ext4: avoid unaccounted block allocation when expanding inode
    - ext4: allocate extended attribute value in vmalloc area
    - drm/amdgpu: handle polaris10/11 overlap asics (v2)
    - block: mq-deadline: Fix dd_finish_request() for zoned devices
    - tracing: Fix issue of missing one synthetic field
    - ext4: use ext4_debug() instead of jbd_debug()
    - ext4: introduce EXT4_FC_TAG_BASE_LEN helper
    - ext4: factor out ext4_fc_get_tl()
    - ext4: fix potential out of bound read in ext4_fc_replay_scan()
    - ext4: disable fast-commit of encrypted dir operations
    - ext4: don't set up encryption key during jbd2 transaction
    - ext4: add missing validation of fast-commit record lengths
    - ext4: fix unaligned memory access in ext4_fc_reserve_space()
    - ext4: fix off-by-one errors in fast-commit block filling
    - ARM: renumber bits related to _TIF_WORK_MASK
    - phy: qcom-qmp-combo: fix out-of-bounds clock access
    - btrfs: replace strncpy() with strscpy()
    - btrfs: fix extent map use-after-free when handling missing device in
      read_one_chunk
    - x86/MCE/AMD: Clear DFR errors found in THR handler
    - media: s5p-mfc: Fix to handle reference queue during finishing
    - media: s5p-mfc: Clear workbit to handle error condition
    - media: s5p-mfc: Fix in register read and write for H264
    - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
    - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
      data
    - ravb: Fix "failed to switch device to config mode" message during unbind
    - ext4: goto right label 'failed_mount3a'
    - ext4: correct inconsistent error msg in nojournal mode
    - mbcache: automatically delete entries from cache on freeing
    - ext4: fix deadlock due to mbcache entry corruption
    - SUNRPC: ensure the matching upcall is in-flight upon downcall
    - btrfs: fix an error handling path in btrfs_defrag_leaves()
    - bpf: pull before calling skb_postpull_rcsum()
    - drm/panfrost: Fix GEM handle creation ref-counting
    - netfilter: nf_tables: consolidate set description
    - netfilter: nf_tables: add function to create set stateful expressions
    - netfilter: nf_tables: perform type checking for existing sets
    - vmxnet3: correctly report csum_level for encapsulated packet
    - netfilter: nf_tables: honor set timeout and garbage collection updates
    - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
    - nfsd: shut down the NFSv4 state objects before the filecache
    - net: hns3: add interrupts re-initialization while doing VF FLR
    - net: hns3: fix miss L3E checking for rx packet
    - net: hns3: fix VF promisc mode not update when mac table full
    - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
    - net: dsa: mv88e6xxx: depend on PTP conditionally
    - nfc: Fix potential resource leaks
    - vdpa_sim: fix possible memory leak in vdpasim_net_init() and
      vdpasim_blk_init()
    - vhost/vsock: Fix error handling in vhost_vsock_init()
    - vringh: fix range used in iotlb_translate()
    - vhost: fix range used in translate_desc()
    - vdpa_sim: fix vringh initialization in vdpasim_queue_ready()
    - net/mlx5: E-Switch, properly handle ingress tagged packets on VST
    - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
    - net/mlx5: Avoid recovery in probe flows
    - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
    - net/mlx5e: Always clear dest encap in neigh-update-del
    - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
    - net: amd-xgbe: add missed tasklet_kill
    - net: ena: Fix toeplitz initial hash value
    - net: ena: Don't register memory info on XDP exchange
    - net: ena: Account for the number of processed bytes in XDP
    - net: ena: Use bitmask to indicate packet redirection
    - net: ena: Fix rx_copybreak value update
    - net: ena: Set default value for RX interrupt moderation
    - net: ena: Update NUMA TPH hint register upon NUMA node update
    - net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe
    - RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device
    - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
    - drm/meson: Reduce the FIFO lines held when AFBC is not used
    - filelock: new helper: vfs_inode_has_locks
    - ceph: switch to vfs_inode_has_locks() to fix file lock bug
    - gpio: sifive: Fix refcount leak in sifive_gpio_probe
    - net: sched: atm: dont intepret cls results when asked to drop
    - net: sched: cbq: dont intepret cls results when asked to drop
    - net: sparx5: Fix reading of the MAC address
    - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
    - netfilter: ipset: Rework long task execution when adding/deleting entries
    - perf tools: Fix resources leak in perf_data__open_dir()
    - drm/imx: ipuv3-plane: Fix overlay plane width
    - fs/ntfs3: don't hold ni_lock when calling truncate_setsize()
    - drivers/net/bonding/bond_3ad: return when there's no aggregator
    - octeontx2-pf: Fix lmtst ID used in aura free
    - usb: rndis_host: Secure rndis_query check against int overflow
    - perf stat: Fix handling of --for-each-cgroup with --bpf-counters to match
      non BPF mode
    - drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
    - caif: fix memory leak in cfctrl_linkup_request()
    - udf: Fix extension of the last extent in the file
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071 tablet
    - nvme: fix multipath crash caused by flush request when blktrace is enabled
    - io_uring: check for valid register opcode earlier
    - nvmet: use NVME_CMD_EFFECTS_CSUPP instead of open coding it
    - nvme: also return I/O command effects from nvme_command_effects
    - btrfs: check superblock to ensure the fs was not modified at thaw time
    - x86/kexec: Fix double-free of elf header buffer
    - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
    - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
    - block: don't allow splitting of a REQ_NOWAIT bio
    - io_uring: fix CQ waiting timeout handling
    - thermal: int340x: Add missing attribute for data rate base
    - riscv: uaccess: fix type of 0 variable on error in get_user()
    - riscv, kprobes: Stricter c.jr/c.jalr decoding
    - drm/i915/gvt: fix gvt debugfs destroy
    - drm/i915/gvt: fix vgpu debugfs clean in remove
    - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
    - ksmbd: fix infinite loop in ksmbd_conn_handler_loop()
    - ksmbd: check nt_len to be at least CIFS_ENCPWD_SIZE in
      ksmbd_decode_ntlmssp_auth_blob
    - Revert "ACPI: PM: Add support for upcoming AMD uPEP HID AMDI007"
    - mptcp: dedicated request sock for subflow in v6
    - mptcp: use proper req destructor for IPv6
    - ext4: don't allow journal inode to have encrypt flag
    - btrfs: make thaw time super block check to also verify checksum
    - mbcache: Avoid nesting of cache->c_list_lock under bit locks
    - efi: random: combine bootloader provided RNG seed with RNG protocol output
    - drm/mgag200: Fix PLL setup for G200_SE_A rev >=4
    - futex: Fix futex_waitv() hrtimer debug object leak on kcalloc error
    - rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
    - mm/mempolicy: fix memory leak in set_mempolicy_home_node system call
    - block: Do not reread partition table on exclusively open device
    - arm64: dts: qcom: sdm850-samsung-w737: correct I2C12 pins drive strength
    - EDAC/mc_sysfs: Increase legacy channel support to 12
    - ext2: unbugger ext2_empty_dir()
    - bpf: Resolve fext program type when checking map compatibility
    - mptcp: netlink: fix some error return code
    - ima: Fix hash dependency to correct algorithm
    - KVM: x86: fix APICv/x2AVIC disabled when vm reboot by itself
    - powerpc/ftrace: fix syscall tracing on PPC64_ELF_ABI_V1
    - arm64: dts: mediatek: mt8195-demo: fix the memory size of node secmon
    - drm/amdgpu: fix mmhub register base coding error
    - mtd: spi-nor: gigadevice: gd25q256: replace gd25q256_default_init with
      gd25q256_post_bfpt
    - ima: Fix memory leak in __ima_inode_hash()
    - crypto: ccree,hisilicon - Fix dependencies to correct algorithm
    - RISC-V: kexec: Fix memory leak of fdt buffer
    - riscv: Fixup compile error with !MMU
    - RISC-V: kexec: Fix memory leak of elf header buffer
    - bus: mhi: host: Fix race between channel preparation and M0 event
    - test_kprobes: Fix implicit declaration error of test_kprobes
    - remoteproc: imx_dsp_rproc: Add mutex protection for workqueue
    - remoteproc: imx_rproc: Correct i.MX93 DRAM mapping
    - parisc: Add missing FORCE prerequisites in Makefile
    - ext4: journal_path mount options should follow links
    - drm/i915: improve the catch-all evict to handle lock contention
    - drm/i915/migrate: Account for the reserved_space
    - cifs: fix interface count calculation during refresh
    - cifs: refcount only the selected iface during interface update
    - usb: dwc3: gadget: Ignore End Transfer delay on teardown
    - ice: xsk: do not use xdp_return_frame() on tx_buf->raw_buf
    - net: vrf: determine the dst using the original ifindex for multicast
    - mptcp: fix lockdep false positive
    - net: lan966x: Fix configuration of the PCS
    - bnxt_en: Simplify bnxt_xdp_buff_init()
    - bnxt_en: Fix XDP RX path
    - bnxt_en: Fix first buffer size calculations for XDP multi-buffer
    - bnxt_en: Fix HDS and jumbo thresholds for RX packets
    - vdpa/mlx5: Fix rule forwarding VLAN to TIR
    - vdpa/mlx5: Fix wrong mac address deletion
    - vhost-vdpa: fix an iotlb memory leak
    - virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
    - vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove
    - vdpasim: fix memory leak when freeing IOTLBs
    - net/mlx5: Fix io_eq_size and event_eq_size params validation
    - net/mlx5: Fix RoCE setting at HCA level
    - net/mlx5e: CT: Fix ct debugfs folder name
    - net/mlx5e: Set geneve_tlv_option_0_exist when matching on geneve option
    - net/mlx5: Lag, fix failure to cancel delayed bond work
    - vxlan: Fix memory leaks in error path
    - drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
    - qed: allow sleep in qed_mcp_trace_dump()
    - usb: dwc3: xilinx: include linux/gpio/consumer.h
    - net: dsa: tag_qca: fix wrong MGMT_DATA2 size
    - vhost_vdpa: fix the crash in unmap a large memory
    - of/fdt: run soc memory setup when early_init_dt_scan_memory fails
  * CVE-2022-36280
    - drm/vmwgfx: Validate the box size for the snooped cursor
  * CVE-2023-1118
    - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()

linux-aws-5.19 (5.19.0-1024.25~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1024.25~22.04.1 -proposed tracker
    (LP: #2016632)

* CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

[ Ubuntu: 5.19.0-1024.25 ]

* kinetic/linux-aws: 5.19.0-1024.25 -proposed tracker (LP: #2016633)
  * CVE-2023-1829
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * kinetic/linux: 5.19.0-41.42 -proposed tracker (LP: #2016651)
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
  * CVE-2023-0386
    - ovl: fail on invalid uid/gid mapping at copy up

linux-aws-5.19 (5.19.0-1023.24~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1023.24~22.04.1 -proposed tracker
    (LP: #2011857)

[ Ubuntu: 5.19.0-1023.24 ]

* kinetic/linux-aws: 5.19.0-1023.24 -proposed tracker (LP: #2011858)
  * kinetic/linux: 5.19.0-40.41 -proposed tracker (LP: #2012668)
  * CVE-2023-0468
    - io_uring: fix tw losing poll events
    - io_uring: make poll refs more robust
  * Regression in ext4 during online resize (LP: #2003816)
    - ext4: fix bad checksum after online resize
    - ext4: fix corruption when online resizing a 1K bigalloc fs
    - ext4: fix corrupt backup group descriptors after online resize
  * kinetic/linux: 5.19.0-39.40 -proposed tracker (LP: #2011876)
  * CVE-2023-26545
    - net: mpls: fix stale pointer if allocation fails during device rename
  * CVE-2023-1032
    - net: avoid double iput when sock_alloc_file fails
  * CVE-2022-41218 // CVE-2022-41218 is assigned to those bugs above.
    - media: dvb-core: Fix UAF due to refcount races at releasing
  * CVE-2023-1281
    - net/sched: tcindex: update imperfect hash filters respecting rcu
  * linux: CONFIG_SERIAL_8250_MID=y (LP: #2009283)
    - [Config] enable CONFIG_SERIAL_8250_MID=y
  * apply the latest TDX attestation driver from Intel (LP: #2009437)
    - Revert "UBUNTU: SAUCE: selftests: tdx: Test GetReport TDX attestation
      feature"
    - Revert "UBUNTU: SAUCE: x86/tdx: Add TDX Guest attestation interface driver"
    - x86/tdx: Add a wrapper to get TDREPORT0 from the TDX Module
    - virt: Add TDX guest driver
    - selftests/tdx: Test TDX attestation GetReport support
    - [Config] enable TDX attestation driver as module by default
  * cpufreq: intel_pstate: Update Balance performance EPP for Sapphire Rapids
    (LP: #2008519)
    - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids
  * Fail to output sound to external monitor which connects via docking station
    (LP: #2009024)
    - [Config] Enable CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM
  * Fix mediatek wifi driver crash when loading wrong SAR table (LP: #2009118)
    - wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read
  * CVE-2022-47929
    - net: sched: disallow noqueue for qdisc classes
  * Intel graphic driver is not probing[8086:468b] (LP: #1990242)
    - drm/i915: Add new ADL-S pci id
  * Some QHD panels fail to refresh when PSR2 enabled (LP: #2009014)
    - drm/i915/psr: Use full update In case of area calculation fails
    - drm/i915: Ensure damage clip area is within pipe area
    - SAUCE: drm/i915/psr: Use calculated io and fast wake lines
  * overlayfs mounts as R/O over idmapped mount (LP: #2009065)
    - SAUCE: overlayfs: handle idmapped mounts in ovl_do_(set|remove)xattr
  * Kinetic update: upstream stable patchset 2023-02-28 (LP: #2008832)
    - usb: musb: remove extra check in musb_gadget_vbus_draw
    - arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
    - arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable
    - arm64: dts: qcom: msm8996: Add MSM8996 Pro support
    - arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables
    - arm64: dts: qcom: msm8996: fix GPU OPP table
    - ARM: dts: qcom: apq8064: fix coresight compatible
    - arm64: dts: qcom: sdm630: fix UART1 pin bias
    - arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias
    - arm64: dts: qcom: msm8916: Drop MSS fallback compatible
    - objtool, kcsan: Add volatile read/write instrumentation to whitelist
    - ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
    - ARM: dts: stm32: Fix AV96 WLAN regulator gpio property
    - drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static
    - arm64: dts: qcom: pm660: Use unique ADC5_VCOIN address in node name
    - arm64: dts: qcom: sm8250: correct LPASS pin pull down
    - soc: qcom: llcc: make irq truly optional
    - arm64: dts: qcom: sm8150: fix UFS PHY registers
    - arm64: dts: qcom: sm8250: fix UFS PHY registers
    - arm64: dts: qcom: sm8350: fix UFS PHY registers
    - arm64: dts: qcom: sm8250: drop bogus DP PHY clock
    - soc: qcom: apr: Add check for idr_alloc and of_property_read_string_index
    - arm64: dts: qcom: sm6125: fix SDHCI CQE reg names
    - arm: dts: spear600: Fix clcd interrupt
    - soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe
    - soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe
    - arm64: mm: kfence: only handle translation faults
    - perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()
    - perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()
    - perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
    - arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node
    - arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node
    - ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes
    - arm64: dts: mt6779: Fix devicetree build warnings
    - arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators
    - arm64: dts: mt2712e: Fix unit address for pinctrl node
    - arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names
    - arm64: dts: mt2712-evb: Fix usb vbus regulators unit names
    - arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings
    - arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name
    - ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port
    - ARM: dts: turris-omnia: Add ethernet aliases
    - ARM: dts: turris-omnia: Add switch port 6 node
    - arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC
    - seccomp: Move copy_seccomp() to no failure path.
    - pstore/ram: Fix error return code in ramoops_probe()
    - ARM: mmp: fix timer_read delay
    - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
    - tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init()
    - tpm/tpm_crb: Fix error message in __crb_relinquish_locality()
    - ovl: remove privs in ovl_copyfile()
    - ovl: remove privs in ovl_fallocate()
    - sched/uclamp: Fix relationship between uclamp and migration margin
    - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
    - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
    - sched/core: Introduce sched_asym_cpucap_active()
    - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
    - cpuidle: dt: Return the correct numbers of parsed idle states
    - alpha: fix TIF_NOTIFY_SIGNAL handling
    - alpha: fix syscall entry in !AUDUT_SYSCALL case
    - x86/sgx: Reduce delay and interference of enclave release
    - PM: hibernate: Fix mistake in kerneldoc comment
    - fs: don't audit the capability check in simple_xattr_list()
    - cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut()
    - selftests/ftrace: event_triggers: wait longer for test_event_enable
    - perf: Fix possible memleak in pmu_dev_alloc()
    - lib/debugobjects: fix stat count and optimize debug_objects_mem_init
    - platform/x86: huawei-wmi: fix return value calculation
    - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
    - proc: fixup uptime selftest
    - lib/fonts: fix undefined behavior in bit shift for get_default_font
    - ocfs2: fix memory leak in ocfs2_stack_glue_init()
    - MIPS: vpe-mt: fix possible memory leak while module exiting
    - MIPS: vpe-cmp: fix possible memory leak while module exiting
    - selftests/efivarfs: Add checking of the test return value
    - PNP: fix name memory leak in pnp_alloc_dev()
    - perf/x86/intel/uncore: Fix reference count leak in sad_cfg_iio_topology()
    - perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()
    - perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
    - perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box()
    - platform/chrome: cros_usbpd_notify: Fix error handling in
      cros_usbpd_notify_init()
    - thermal: core: fix some possible name leaks in error paths
    - irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
    - irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init()
    - EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
    - NFSD: Finish converting the NFSv2 GETACL result encoder
    - nfsd: don't call nfsd_file_put from client states seqfile display
    - genirq/irqdesc: Don't try to remove non-existing sysfs files
    - cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
    - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
    - lib/notifier-error-inject: fix error when writing -errno to debugfs file
    - debugfs: fix error when writing negative value to atomic_t debugfs file
    - rapidio: fix possible name leaks when rio_add_device() fails
    - rapidio: rio: fix possible name leak in rio_register_mport()
    - clocksource/drivers/sh_cmt: Access registers according to spec
    - mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem
    - mips: ralink: mt7621: soc queries and tests as functions
    - mips: ralink: mt7621: do not use kzalloc too early
    - futex: Resend potentially swallowed owner death notification
    - cpu/hotplug: Make target_store() a nop when target == state
    - cpu/hotplug: Do not bail-out in DYING/STARTING sections
    - clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in
      dmtimer_systimer_init_clock()
    - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
    - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
    - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
    - x86/xen: Fix memory leak in xen_init_lock_cpu()
    - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
    - PM: runtime: Do not call __rpm_callback() from rpm_idle()
    - platform/chrome: cros_ec_typec: Cleanup switch handle return paths
    - platform/chrome: cros_ec_typec: zero out stale pointers
    - platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
    - platform/x86: intel_scu_ipc: fix possible name leak in
      __intel_scu_ipc_register()
    - MIPS: BCM63xx: Add check for NULL for clk in clk_enable
    - MIPS: OCTEON: warn only once if deprecated link status is being used
    - lockd: set other missing fields when unlocking files
    - fs: sysv: Fix sysv_nblocks() returns wrong value
    - rapidio: fix possible UAF when kfifo_alloc() fails
    - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
    - relay: fix type mismatch when allocating memory in relay_create_buf()
    - hfs: Fix OOB Write in hfs_asc2mac
    - rapidio: devices: fix missing put_device in mport_cdev_open
    - platform/mellanox: mlxbf-pmc: Fix event typo
    - wifi: ath9k: hif_usb: fix memory leak of urbs in
      ath9k_hif_usb_dealloc_tx_urbs()
    - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
    - wifi: rtl8xxxu: Fix reading the vendor of combo chips
    - drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge
    - libbpf: Fix use-after-free in btf_dump_name_dups
    - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn()
    - ata: libata: fix NCQ autosense logic
    - ipmi: kcs: Poll OBF briefly to reduce OBE latency
    - drm/amdgpu/powerplay/psm: Fix memory leak in power state init
    - media: v4l2-ctrls: Fix off-by-one error in integer menu control check
    - media: coda: jpeg: Add check for kmalloc
    - media: adv748x: afe: Select input port when initializing AFE
    - media: i2c: ad5820: Fix error path
    - venus: pm_helpers: Fix error check in vcodec_domains_get()
    - soreuseport: Fix socket selection for SO_INCOMING_CPU.
    - media: exynos4-is: don't rely on the v4l2_async_subdev internals
    - libbpf: Btf dedup identical struct test needs check for nested
      structs/arrays
    - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
    - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
      {leaf,usbcan}_cmd_can_error_event
    - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
    - can: kvaser_usb_leaf: Set Warning state even without bus errors
    - can: kvaser_usb_leaf: Fix improved state not being reported
    - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
    - can: kvaser_usb_leaf: Fix bogus restart events
    - can: kvaser_usb: Add struct kvaser_usb_busparams
    - can: kvaser_usb: Compare requested bittiming parameters with actual
      parameters in do_set_{,data}_bittiming
    - drm/rockchip: lvds: fix PM usage counter unbalance in poweron
    - clk: renesas: r9a06g032: Repair grave increment error
    - spi: Update reference to struct spi_controller
    - drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure
    - drm/msm/hdmi: drop unused GPIO support
    - drm/msm/hdmi: use devres helper for runtime PM management
    - bpf: Fix slot type check in check_stack_write_var_off
    - media: vivid: fix compose size exceed boundary
    - media: platform: exynos4-is: fix return value check in fimc_md_probe()
    - bpf: propagate precision in ALU/ALU64 operations
    - bpf: propagate precision across all frames, not just the last one
    - clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs
    - mtd: Fix device name leak when register device failed in add_mtd_device()
    - Input: joystick - fix Kconfig warning for JOYSTICK_ADC
    - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
    - media: camss: Clean up received buffers on failed start of streaming
    - net, proc: Provide PROC_FS=n fallback for proc_create_net_single_write()
    - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
    - bfq: fix waker_bfqq inconsistency crash
    - drm/radeon: Add the missed acpi_put_table() to fix memory leak
    - drm/mediatek: Modify dpi power on/off sequence.
    - ASoC: pxa: fix null-pointer dereference in filter()
    - nvmet: only allocate a single slab for bvecs
    - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
    - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
    - nvme: return err on nvme_init_non_mdts_limits fail
    - regulator: qcom-rpmh: Fix PMR735a S3 regulator spec
    - drm/fourcc: Fix vsub/hsub for Q410 and Q401
    - integrity: Fix memory leakage in keyring allocation error path
    - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
    - block: clear ->slave_dir when dropping the main slave_dir reference
    - wifi: ath10k: Fix return value in ath10k_pci_init()
    - drm/msm/a6xx: Fix speed-bin detection vs probe-defer
    - mtd: lpddr2_nvm: Fix possible null-ptr-deref
    - Input: elants_i2c - properly handle the reset GPIO when power is off
    - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
    - media: solo6x10: fix possible memory leak in solo_sysfs_init()
    - media: platform: exynos4-is: Fix error handling in fimc_md_init()
    - media: videobuf-dma-contig: use dma_mmap_coherent
    - mtd: spi-nor: hide jedec_id sysfs attribute if not present
    - mtd: spi-nor: Fix the number of bytes for the dummy cycles
    - bpf: Move skb->len == 0 checks into __bpf_redirect
    - HID: hid-sensor-custom: set fixed size for custom attributes
    - pinctrl: k210: call of_node_put()
    - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
    - ALSA: seq: fix undefined behavior in bit shift for
      SNDRV_SEQ_FILTER_USE_EVENT
    - regulator: core: use kfree_const() to free space conditionally
    - clk: rockchip: Fix memory leak in rockchip_clk_register_pll()
    - drm/amdgpu: fix pci device refcount leak
    - bonding: fix link recovery in mode 2 when updelay is nonzero
    - mtd: maps: pxa2xx-flash: fix memory leak in probe
    - drbd: remove call to memset before free device/resource/connection
    - drbd: destroy workqueue when drbd device was freed
    - ASoC: qcom: Add checks for devm_kcalloc
    - media: vimc: Fix wrong function called when vimc_init() fails
    - media: imon: fix a race condition in send_packet()
    - clk: imx8mn: rename vpu_pll to m7_alt_pll
    - clk: imx: replace osc_hdmi with dummy
    - clk: imx8mn: fix imx8mn_sai2_sels clocks list
    - clk: imx8mn: fix imx8mn_enet_phy_sels clocks list
    - pinctrl: pinconf-generic: add missing of_node_put()
    - media: dvb-core: Fix ignored return value in dvb_register_frontend()
    - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
    - media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC
    - drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe()
    - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
    - ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd
    - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
    - NFSv4.2: Fix a memory stomp in decode_attr_security_label
    - NFSv4.2: Fix initialisation of struct nfs4_label
    - NFSv4: Fix a credential leak in _nfs4_discover_trunking()
    - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
    - NFS: Fix an Oops in nfs_d_automount()
    - ALSA: asihpi: fix missing pci_disable_device()
    - wifi: iwlwifi: mvm: fix double free on tx path.
    - ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
    - drm/amd/pm/smu11: BACO is supported when it's in BACO state
    - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
    - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
    - drm/amdkfd: Fix memory leakage
    - ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe
    - netfilter: conntrack: set icmpv6 redirects as RELATED
    - Input: wistron_btns - disable on UML
    - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
    - bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes
    - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress redirect
    - bonding: uninitialized variable in bond_miimon_inspect()
    - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
    - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
      fails
    - wifi: mt76: mt7921: fix reporting of TX AGGR histogram
    - wifi: mt76: fix coverity overrun-call in mt76_get_txpower()
    - regulator: core: fix module refcount leak in set_supply()
    - clk: qcom: lpass-sc7180: Fix pm_runtime usage
    - clk: qcom: clk-krait: fix wrong div2 functions
    - hsr: Add a rcu-read lock to hsr_forward_skb().
    - hsr: Avoid double remove of a node.
    - hsr: Disable netpoll.
    - hsr: Synchronize sending frames to have always incremented outgoing seq nr.
    - hsr: Synchronize sequence number updates.
    - configfs: fix possible memory leak in configfs_create_dir()
    - regulator: core: fix resource leak in regulator_register()
    - hwmon: (jc42) Convert register access and caching to regmap/regcache
    - hwmon: (jc42) Restore the min/max/critical temperatures on resume
    - bpf, sockmap: fix race in sock_map_free()
    - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
    - media: saa7164: fix missing pci_disable_device()
    - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
    - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
    - SUNRPC: Fix missing release socket in rpc_sockname()
    - NFSv4.x: Fail client initialisation if state manager thread can't run
    - riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC
    - mmc: alcor: fix return value check of mmc_add_host()
    - mmc: moxart: fix return value check of mmc_add_host()
    - mmc: mxcmmc: fix return value check of mmc_add_host()
    - mmc: pxamci: fix return value check of mmc_add_host()
    - mmc: rtsx_pci: fix return value check of mmc_add_host()
    - mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()
    - mmc: toshsd: fix return value check of mmc_add_host()
    - mmc: vub300: fix return value check of mmc_add_host()
    - mmc: wmt-sdmmc: fix return value check of mmc_add_host()
    - mmc: atmel-mci: fix return value check of mmc_add_host()
    - mmc: omap_hsmmc: fix return value check of mmc_add_host()
    - mmc: meson-gx: fix return value check of mmc_add_host()
    - mmc: via-sdmmc: fix return value check of mmc_add_host()
    - mmc: wbsd: fix return value check of mmc_add_host()
    - mmc: mmci: fix return value check of mmc_add_host()
    - mmc: renesas_sdhi: alway populate SCC pointer
    - memstick/ms_block: Add check for alloc_ordered_workqueue
    - mmc: core: Normalize the error handling branch in sd_read_ext_regs()
    - regulator: qcom-labibb: Fix missing of_node_put() in
      qcom_labibb_regulator_probe()
    - media: c8sectpfe: Add of_node_put() when breaking out of loop
    - media: coda: Add check for dcoda_iram_alloc
    - media: coda: Add check for kmalloc
    - clk: samsung: Fix memory leak in _samsung_clk_register_pll()
    - spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
    - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
    - wifi: rtl8xxxu: Fix the channel width reporting
    - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
    - blktrace: Fix output non-blktrace event when blk_classic option enabled
    - bpf: Do not zero-extend kfunc return values
    - clk: socfpga: Fix memory leak in socfpga_gate_init()
    - net: vmw_vsock: vmci: Check memcpy_from_msg()
    - net: defxx: Fix missing err handling in dfx_init()
    - net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload()
    - net: stmmac: fix possible memory leak in stmmac_dvr_probe()
    - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
    - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
      and find_dup_cset_prop()
    - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: farsync: Fix kmemleak when rmmods farsync
    - net/tunnel: wait until all sk_user_data reader finish before releasing the
      sock
    - net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave()
    - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
    - net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave()
    - af_unix: call proto_unregister() in the error path in af_unix_init()
    - net: amd-xgbe: Fix logic around active and passive cables
    - net: amd-xgbe: Check only the minimum speed for active/passive cables
    - can: tcan4x5x: Remove invalid write in clear_interrupts
    - can: m_can: Call the RAM init directly from m_can_chip_config
    - can: tcan4x5x: Fix use of register error status mask
    - net: lan9303: Fix read error execution path
    - ntb_netdev: Use dev_kfree_skb_any() in interrupt context
    - sctp: sysctl: make extra pointers netns aware
    - Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS
    - Bluetooth: btintel: Fix missing free skb in btintel_setup_combined()
    - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
    - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
    - stmmac: fix potential division by 0
    - i40e: Fix the inability to attach XDP program on downed interface
    - net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error
      path
    - crypto: hisilicon/qm - fix missing destroy qp_idr
    - crypto: sun8i-ss - use dma_addr instead u32
    - crypto: nitrox - avoid double free on error path in nitrox_sriov_init()
    - scsi: core: Fix a race between scsi_done() and scsi_timeout()
    - apparmor: Use pointer to struct aa_label for lbs_cred
    - PCI: dwc: Fix n_fts[] array overrun
    - RDMA/core: Fix order of nldev_exit call
    - PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled
    - f2fs: Fix the race condition of resize flag between resizefs
    - crypto: rockchip - do not do custom power management
    - crypto: rockchip - do not store mode globally
    - crypto: rockchip - add fallback for cipher
    - crypto: rockchip - add fallback for ahash
    - crypto: rockchip - better handle cipher key
    - crypto: rockchip - remove non-aligned handling
    - crypto: rockchip - rework by using crypto_engine
    - apparmor: Fix memleak in alloc_ns()
    - f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
    - f2fs: fix normal discard process
    - f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super()
    - RDMA/irdma: Report the correct link speed
    - scsi: qla2xxx: Fix set-but-not-used variable warnings
    - RDMA/siw: Fix immediate work request flush to completion queue
    - IB/mad: Don't call to function that might sleep while in atomic context
    - RDMA/restrack: Release MR restrack when delete
    - RDMA/core: Make sure "ib_port" is valid when access sysfs node
    - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
    - RDMA/siw: Set defined status for work completion with undefined status
    - scsi: scsi_debug: Fix a warning in resp_write_scat()
    - crypto: ccree - Remove debugfs when platform_driver_register failed
    - crypto: cryptd - Use request context instead of stack for sub-request
    - crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set()
    - RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
    - RDMA/hns: Fix ext_sge num error when post send
    - PCI: Check for alloc failure in pci_request_irq()
    - RDMA/hfi: Decrease PCI device reference count in error path
    - crypto: ccree - Make cc_debugfs_global_fini() available for module init
      function
    - RDMA/hns: fix memory leak in hns_roce_alloc_mr()
    - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
      failed
    - dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq
    - dt-bindings: visconti-pcie: Fix interrupts array max constraints
    - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
    - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
    - padata: Always leave BHs disabled when running ->parallel()
    - padata: Fix list iterator in padata_do_serial()
    - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
    - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
    - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
    - scsi: efct: Fix possible memleak in efct_device_init()
    - scsi: scsi_debug: Fix a warning in resp_verify()
    - scsi: scsi_debug: Fix a warning in resp_report_zones()
    - scsi: fcoe: Fix possible name leak when device_register() fails
    - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
    - scsi: ipr: Fix WARNING in ipr_init()
    - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
    - scsi: snic: Fix possible UAF in snic_tgt_create()
    - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
    - f2fs: avoid victim selection from previous victim section
    - RDMA/nldev: Fix failure to send large messages
    - crypto: amlogic - Remove kcalloc without check
    - crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe()
    - riscv/mm: add arch hook arch_clear_hugepage_flags
    - RDMA/hfi1: Fix error return code in parse_platform_config()
    - RDMA/srp: Fix error return code in srp_parse_options()
    - orangefs: Fix sysfs not cleanup when dev init failed
    - RDMA/hns: Fix AH attr queried by query_qp
    - RDMA/hns: Fix PBL page MTR find
    - RDMA/hns: Fix page size cap from firmware
    - RDMA/hns: Fix error code of CMD
    - crypto: img-hash - Fix variable dereferenced before check 'hdev->req'
    - hwrng: amd - Fix PCI device refcount leak
    - hwrng: geode - Fix PCI device refcount leak
    - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
    - RISC-V: Align the shadow stack
    - drivers: dio: fix possible memory leak in dio_init()
    - serial: tegra: Read DMA status before terminating
    - serial: 8250_bcm7271: Fix error handling in brcmuart_init()
    - class: fix possible memory leak in __class_register()
    - vfio: platform: Do not pass return buffer to ACPI _RST method
    - uio: uio_dmem_genirq: Fix missing unlock in irq configuration
    - uio: uio_dmem_genirq: Fix deadlock between irq config and handling
    - usb: fotg210-udc: Fix ages old endianness issues
    - staging: vme_user: Fix possible UAF in tsi148_dma_list_add
    - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
    - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
    - usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails
    - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
    - extcon: usbc-tusb320: Factor out extcon into dedicated functions
    - extcon: usbc-tusb320: Add USB TYPE-C support
    - extcon: usbc-tusb320: Update state on probe even if no IRQ pending
    - serial: amba-pl011: avoid SBSA UART accessing DMACR register
    - serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
    - serial: stm32: move dma_request_chan() before clk_prepare_enable()
    - serial: pch: Fix PCI device refcount leak in pch_request_dma()
    - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
    - tty: serial: altera_uart_{r,t}x_chars() need only uart_port
    - serial: altera_uart: fix locking in polling mode
    - serial: sunsab: Fix error handling in sunsab_init()
    - test_firmware: fix memory leak in test_firmware_init()
    - misc: ocxl: fix possible name leak in ocxl_file_register_afu()
    - ocxl: fix pci device refcount leak when calling get_function_0()
    - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
    - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault
      and gru_handle_user_call_os
    - firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
    - cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
    - cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()
    - iio: temperature: ltc2983: make bulk write buffer DMA-safe
    - iio: adis: add '__adis_enable_irq()' implementation
    - counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update
    - coresight: trbe: remove cpuhp instance node before remove cpuhp state
    - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
    - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
    - usb: gadget: f_hid: fix refcount leak on error path
    - drivers: mcb: fix resource leak in mcb_probe()
    - mcb: mcb-parse: fix error handing in chameleon_parse_gdd()
    - chardev: fix error handling in cdev_device_add()
    - i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe
    - staging: rtl8192u: Fix use after free in ieee80211_rx()
    - staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor()
    - vme: Fix error not catched in fake_init()
    - gpiolib: cdev: fix NULL-pointer dereferences
    - gpiolib: protect the GPIO device against being dropped while in use by user-
      space
    - i2c: mux: reg: check return value after calling platform_get_resource()
    - i2c: ismt: Fix an out-of-bounds bug in ismt_access()
    - usb: storage: Add check for kcalloc
    - tracing/hist: Fix issue of losting command info in error_log
    - ksmbd: Fix resource leak in ksmbd_session_rpc_open()
    - samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe()
    - thermal/drivers/imx8mm_thermal: Validate temperature range
    - thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2
    - thermal/drivers/qcom/lmh: Fix irq handler return value
    - fbdev: ssd1307fb: Drop optional dependency
    - fbdev: pm2fb: fix missing pci_disable_device()
    - fbdev: via: Fix error in via_core_init()
    - fbdev: vermilion: decrease reference count in error path
    - fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe()
    - fbdev: geode: don't build on UML
    - fbdev: uvesafb: don't build on UML
    - fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
    - HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
    - HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
    - power: supply: fix residue sysfs file in error handle route of
      __power_supply_register()
    - perf trace: Return error if a system call doesn't exist
    - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
    - perf trace: Handle failure when trace point folder is missed
    - perf symbol: correction while adjusting symbol
    - power: supply: z2_battery: Fix possible memleak in z2_batt_probe()
    - HSI: omap_ssi_core: Fix error handling in ssi_init()
    - power: supply: ab8500: Fix error handling in ab8500_charger_init()
    - power: supply: fix null pointer dereferencing in
      power_supply_get_battery_info
    - perf stat: Refactor __run_perf_stat() common code
    - perf stat: Do not delay the workload with --delay
    - RDMA/siw: Fix pointer cast warning
    - fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
    - fs/ntfs3: Harden against integer overflows
    - iommu/sun50i: Fix reset release
    - iommu/sun50i: Consider all fault sources for reset
    - iommu/sun50i: Fix R/W permission check
    - iommu/sun50i: Fix flush size
    - iommu/rockchip: fix permission bits in page table entries v2
    - phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices
    - include/uapi/linux/swab: Fix potentially missing __always_inline
    - pwm: tegra: Improve required rate calculation
    - fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs
    - dmaengine: idxd: Fix crc_val field for completion record
    - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
    - rtc: cmos: Fix event handler registration ordering issue
    - rtc: cmos: Fix wake alarm breakage
    - rtc: cmos: fix build on non-ACPI platforms
    - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
    - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
    - rtc: cmos: Eliminate forward declarations of some functions
    - rtc: cmos: Rename ACPI-related functions
    - rtc: cmos: Disable ACPI RTC event on removal
    - rtc: snvs: Allow a time difference on clock register read
    - rtc: pcf85063: Fix reading alarm
    - iommu/amd: Fix pci device refcount leak in ppr_notifier()
    - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe()
    - macintosh: fix possible memory leak in macio_add_one_device()
    - macintosh/macio-adb: check the return value of ioremap()
    - powerpc/52xx: Fix a resource leak in an error handling path
    - cxl: Fix refcount leak in cxl_calc_capp_routing
    - powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds
    - powerpc/xive: add missing iounmap() in error path in
      xive_spapr_populate_irq_data()
    - powerpc/perf: callchain validate kernel stack pointer bounds
    - powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in
      of_fsl_spi_probe()
    - powerpc/hv-gpci: Fix hv_gpci event list
    - selftests/powerpc: Fix resource leaks
    - iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY
    - pwm: sifive: Call pwm_sifive_update_clock() while mutex is held
    - pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm
    - pwm: mediatek: always use bus clock for PWM on MT7622
    - remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()
    - remoteproc: qcom: q6v5: Fix potential null-ptr-deref in
      q6v5_wcss_init_mmio()
    - remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove
    - remoteproc: qcom_q6v5_pas: detach power domains on remove
    - remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in
      adsp_alloc_memory_region()
    - remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in
      q6v5_wcss_qcs404_power_on()
    - powerpc/pseries/eeh: use correct API for error log size
    - mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ
    - mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe()
    - mfd: pm8008: Remove driver data structure pm8008_data
    - mfd: pm8008: Fix return value check in pm8008_probe()
    - netfilter: flowtable: really fix NAT IPv6 offload
    - rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe()
    - rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe()
    - rtc: pcf85063: fix pcf85063_clkout_control
    - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
    - net: macsec: fix net device access prior to holding a lock
    - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
      spin_lock_irqsave()
    - block, bfq: fix possible uaf for 'bfqq->bic'
    - net: enetc: avoid buffer leaks on xdp_do_redirect() failure
    - nfc: pn533: Clear nfc_target before being used
    - unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg()
    - r6040: Fix kmemleak in probe and remove
    - igc: Enhance Qbv scheduling by using first flag bit
    - igc: Use strict cycles for Qbv scheduling
    - igc: Add checking for basetime less than zero
    - igc: allow BaseTime 0 enrollment for Qbv
    - igc: recalculate Qbv end_time by considering cycle time
    - igc: Lift TAPRIO schedule restriction
    - igc: Set Qbv start_time and end_time to end_time if not being configured in
      GCL
    - rtc: mxc_v2: Add missing clk_disable_unprepare()
    - selftests: devlink: fix the fd redirect in dummy_reporter_test
    - openvswitch: Fix flow lookup to use unmasked key
    - soc: mediatek: pm-domains: Fix the power glitch issue
    - arm64: dts: mt8183: Fix Mali GPU clock
    - skbuff: Account for tail adjustment during pull operations
    - mailbox: mpfs: read the system controller's status
    - mailbox: arm_mhuv2: Fix return value check in mhuv2_probe()
    - mailbox: zynq-ipi: fix error handling while device_register() fails
    - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
    - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
    - myri10ge: Fix an error handling path in myri10ge_probe()
    - net: stream: purge sk_error_queue in sk_stream_kill_queues()
    - HID: amd_sfh: Add missing check for dma_alloc_coherent
    - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
    - arm64: make is_ttbrX_addr() noinstr-safe
    - video: hyperv_fb: Avoid taking busy spinlock on panic path
    - x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
    - binfmt_misc: fix shift-out-of-bounds in check_special_flags
    - fs: jfs: fix shift-out-of-bounds in dbAllocAG
    - udf: Avoid double brelse() in udf_rename()
    - jfs: Fix fortify moan in symlink
    - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
    - ACPICA: Fix error code path in acpi_ds_call_control_method()
    - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
    - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
    - acct: fix potential integer overflow in encode_comp_t()
    - hfs: fix OOB Read in __hfs_brec_find
    - drm/etnaviv: add missing quirks for GC300
    - media: imx-jpeg: Disable useless interrupt to avoid kernel panic
    - brcmfmac: return error when getting invalid max_flowrings from dongle
    - wifi: ath9k: verify the expected usb_endpoints are present
    - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
    - ASoC: codecs: rt298: Add quirk for KBL-R RVP platform
    - ipmi: fix memleak when unload ipmi driver
    - drm/amd/display: prevent memory leak
    - Revert "drm/amd/display: Limit max DSC target bpp for specific monitors"
    - qed (gcc13): use u16 for fid to be big enough
    - bpf: make sure skb->len != 0 when redirecting to a tunneling device
    - net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
    - hamradio: baycom_epp: Fix return type of baycom_send_packet()
    - wifi: brcmfmac: Fix potential shift-out-of-bounds in
      brcmf_fw_alloc_request()
    - igb: Do not free q_vector unless new one was allocated
    - drm/amdgpu: Fix type of second parameter in trans_msg() callback
    - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
    - s390/ctcm: Fix return type of ctc{mp,}m_tx()
    - s390/netiucv: Fix return type of netiucv_tx()
    - s390/lcs: Fix return type of lcs_start_xmit()
    - drm/msm: Use drm_mode_copy()
    - drm/rockchip: Use drm_mode_copy()
    - drm/sti: Use drm_mode_copy()
    - drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid()
    - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
    - md/raid1: stop mdx_raid1 thread when raid1 array run failed
    - drm/amd/display: fix array index out of bound error in bios parser
    - net: add atomic_long_t to net_device_stats fields
    - ipv6/sit: use DEV_STATS_INC() to avoid data-races
    - mrp: introduce active flags to prevent UAF when applicant uninit
    - ppp: associate skb with a device at tx
    - bpf: Prevent decl_tag from being referenced in func_proto arg
    - ethtool: avoiding integer overflow in ethtool_phys_id()
    - media: dvb-frontends: fix leak of memory fw
    - media: dvbdev: adopts refcnt to avoid UAF
    - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
    - blk-mq: fix possible memleak when register 'hctx' failed
    - drm/amd/display: Use the largest vready_offset in pipe group
    - libbpf: Avoid enum forward-declarations in public API in C++ mode
    - regulator: core: fix use_count leakage when handling boot-on
    - wifi: mt76: do not run mt76u_status_worker if the device is not running
    - mmc: f-sdh30: Add quirks for broken timeout clock capability
    - mmc: renesas_sdhi: better reset from HS400 mode
    - media: si470x: Fix use-after-free in si470x_int_in_callback()
    - clk: st: Fix memory leak in st_of_quadfs_setup()
    - crypto: hisilicon/hpre - fix resource leak in remove process
    - scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs
    - scsi: ufs: Reduce the START STOP UNIT timeout
    - scsi: elx: libefc: Fix second parameter type in state callbacks
    - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
    - drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
    - drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
    - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
    - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
    - KVM: selftests: Fix build regression by using accessor function
    - hwmon: (jc42) Fix missing unlock on error in jc42_write()
    - ALSA: hda: add snd_hdac_stop_streams() helper
    - ASoC: Intel: Skylake: Fix driver hang during shutdown
    - ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in
      mt8173_rt5650_rt5514_dev_probe()
    - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
      __graph_for_each_link()
    - ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in
      rockchip_pdm_runtime_resume()
    - ASoC: mediatek: mt8183: fix refcount leak in
      mt8183_mt6358_ts3a227_max98357_dev_probe()
    - ASoC: wm8994: Fix potential deadlock
    - ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in
      rk_spdif_runtime_resume()
    - ASoC: rt5670: Remove unbalanced pm_runtime_put()
    - drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern
    - LoadPin: Ignore the "contents" argument of the LSM hooks
    - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
    - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
      values in perf_quiet_option()
    - afs: Fix lost servers_outstanding count
    - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
    - ALSA: usb-audio: add the quirk for KT0206 device
    - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
    - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
    - usb: cdnsp: fix lack of ZLP for ep0
    - usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq
    - arm64: dts: qcom: sm8250: fix USB-DP PHY registers
    - usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode
    - usb: dwc3: core: defer probe on ulpi_read_id timeout
    - xhci: Prevent infinite loop in transaction errors recovery for streams
    - HID: wacom: Ensure bootloader PID is usable in hidraw mode
    - HID: mcp2221: don't connect hidraw
    - loop: Fix the max_loop commandline argument treatment when it is set to 0
    - 9p: set req refcount to zero to avoid uninitialized usage
    - security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
    - reiserfs: Add missing calls to reiserfs_security_free()
    - iio: fix memory leak in iio_device_register_eventset()
    - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
    - iio: adc128s052: add proper .data members in adc128_of_match table
    - regulator: core: fix deadlock on regulator enable
    - floppy: Fix memory leak in do_floppy_init()
    - gcov: add support for checksum field
    - fbdev: fbcon: release buffer when fbcon_do_set_font() failed
    - ovl: fix use inode directly in rcu-walk mode
    - btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
    - scsi: qla2xxx: Fix crash when I/O abort times out
    - net: stmmac: fix errno when create_singlethread_workqueue() fails
    - media: dvbdev: fix build warning due to comments
    - media: dvbdev: fix refcnt bug
    - extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is
      registered
    - mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code
    - pwm: tegra: Fix 32 bit build
    - staging: r8188eu: fix led register settings
    - arm64: dts: renesas: r8a779g0: Fix HSCIF0 "brg_int" clock
    - memory: renesas-rpc-if: Clear HS bit during hardware initialization
    - firmware: ti_sci: Fix polled mode during system suspend
    - arm64: dts: qcom: sc7180-trogdor-homestar: fully configure secondary I2S
      pins
    - arm64: dts: qcom: sm8450: fix UFS PHY registers
    - arm64: dts: qcom: sm6350: drop bogus DP PHY clock
    - arm64: dts: qcom: pm6350: Include header for KEY_POWER
    - arm64: dts: renesas: r9a09g011: Fix unit address format error
    - dt-bindings: pwm: fix microchip corePWM's pwm-cells
    - arm64: dts: mt7986: fix trng node name
    - drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init()
    - arm64: dts: ti: k3-j721s2: Fix the interrupt ranges property for main & wkup
      gpio intr
    - arm64: dts: mediatek: mt8195: Fix CPUs capacity-dmips-mhz
    - arm64: dts: mt7896a: Fix unit_address_vs_reg warning for oscillator
    - soc: apple: sart: Stop casting function pointer signatures
    - soc: apple: rtkit: Stop casting function pointer signatures
    - drivers/perf: hisi: Fix some event id for hisi-pcie-pmu
    - arch: arm64: apple: t8103: Use standard "iommu" node name
    - sched/uclamp: Fix fits_capacity() check in feec()
    - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
    - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
      condition
    - sched/psi: Fix possible missing or delayed pending event
    - x86/split_lock: Add sysctl to control the misery mode
    - selftests: cgroup: fix unsigned comparison with less than zero
    - cpufreq: qcom-hw: Fix the frequency returned by cpufreq_driver->get()
    - mailbox: pcc: Reset pcc_chan_count to zero in case of PCC probe failure
    - ACPI: pfr_telemetry: use ACPI_FREE() to free acpi_object
    - ACPI: pfr_update: use ACPI_FREE() to free acpi_object
    - NFSD: Finish converting the NFSv3 GETACL result encoder
    - ocfs2: fix memory leak in ocfs2_mount_volume()
    - erofs: Fix pcluster memleak when its block address is zero
    - erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails
    - NFSD: pass range end to vfs_fsync_range() instead of count
    - ipc: fix memory leak in init_mqueue_fs()
    - wifi: ath11k: fix firmware assert during bandwidth change for peer sta
    - libbpf: Fix memory leak in parse_usdt_arg()
    - selftest/bpf: Fix memory leak in kprobe_multi_test
    - selftests/bpf: Fix error failure of case test_xdp_adjust_tail_grow
    - selftest/bpf: Fix error usage of ASSERT_OK in xdp_adjust_tail.c
    - libbpf: Use elf_getshdrnum() instead of e_shnum
    - libbpf: Deal with section with no data gracefully
    - ASoC: Intel: avs: Fix potential RX buffer overflow
    - drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe
    - Input: iqs7222 - set all ULP entry masks by default
    - Input: iqs7222 - drop unused device node references
    - Input: iqs7222 - report malformed properties
    - Input: iqs7222 - protect against undefined slider size
    - media: amphion: reset instance if it's aborted before codec header parsed
    - media: mediatek: vcodec: fix h264 cavlc bitstream fail
    - drm/i915: Fix compute pre-emption w/a to apply to compute engines
    - media: i2c: hi846: Fix memory leak in hi846_parse_dt()
    - media: i2c: ov5648: Free V4L2 fwnode data on unbind
    - clk: renesas: r8a779a0: Fix SD0H clock name
    - ASoC: dt-bindings: rt5682: Set sound-dai-cells to 1
    - dw9768: Enable low-power probe on ACPI
    - drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
    - drm/msm/mdp5: stop overriding drvdata
    - bpf: Clobber stack slot when writing over spilled PTR_TO_BTF_ID
    - drm/msm/dpu1: Account for DSC's bits_per_pixel having 4 fractional bits
    - drm/msm/dsi: Remove useless math in DSC calculations
    - drm/msm/dsi: Remove repeated calculation of slice_per_intf
    - drm/msm/dsi: Use DIV_ROUND_UP instead of conditional increment on modulo
    - drm/msm/dsi: Reuse earlier computed dsc->slice_chunk_size
    - drm/msm/dsi: Appropriately set dsc->mux_word_size based on bpc
    - media: rkvdec: Add required padding
    - clk: qcom: gcc-ipq806x: use parent_data for the last remaining entry
    - clk: qcom: dispcc-sm6350: Add CLK_OPS_PARENT_ENABLE to pixel&byte src
    - mtd: core: fix possible resource leak in init_mtd()
    - clk: renesas: r8a779f0: Fix SCIF parent clocks
    - virt/sev-guest: Add a MODULE_ALIAS
    - wifi: rtw89: use u32_encode_bits() to fill MAC quota value
    - drm: rcar-du: Drop leftovers dependencies from Kconfig
    - drbd: use blk_queue_max_discard_sectors helper
    - dt-bindings: pinctrl: update uart/mmc bindings for MT7986 SoC
    - pinctrl: mediatek: fix the pinconf register offset of some pins
    - wifi: iwlwifi: mei: make sure ownership confirmed message is sent
    - wifi: iwlwifi: mei: don't send SAP commands if AMT is disabled
    - wifi: iwlwifi: mei: fix tx DHCP packet for devices with new Tx API
    - wifi: iwlwifi: mei: avoid blocking sap messages handling due to rtnl lock
    - wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone
    - module: Fix NULL vs IS_ERR checking for module_get_next_page
    - wifi: rtw89: Fix some error handling path in rtw89_core_sta_assoc()
    - net: ethernet: mtk_eth_soc: do not overwrite mtu configuration running reset
      routine
    - media: amphion: add lock around vdec_g_fmt
    - media: amphion: apply vb2_queue_error instead of setting manually
    - media: amphion: Fix error handling in vpu_driver_init()
    - net: ethernet: mtk_eth_soc: fix RSTCTRL_PPE{0,1} definitions
    - clk: imx93: correct the flexspi1 clock setting
    - HID: i2c: let RMI devices decide what constitutes wakeup event
    - clk: imx93: unmap anatop base in error handling path
    - clk: imx93: correct enet clock
    - clk: imx: imxrt1050: fix IMXRT1050_CLK_LCDIF_APB offsets
    - wifi: rtw89: fix physts IE page check
    - ASoC: Intel: avs: Lock substream before snd_pcm_stop()
    - drm/i915/guc: make default_lists const data
    - mtd: core: Fix refcount error in del_mtd_device()
    - media: imx: imx7-media-csi: Clear BIT_MIPI_DOUBLE_CMPNT for <16b formats
    - x86/boot: Skip realmode init code when running as Xen PV guest
    - media: amphion: try to wakeup vpu core to avoid failure
    - media: amphion: cancel vpu before release instance
    - media: amphion: lock and check m2m_ctx in event handler
    - media: mediatek: vcodec: Fix getting NULL pointer for dst buffer
    - media: mediatek: vcodec: Fix h264 set lat buffer error
    - media: mediatek: vcodec: Setting lat buf to lat_list when lat decode error
    - media: mediatek: vcodec: Core thread depends on core_list
    - NFSv4.2: Always decode the security label
    - wifi: plfxlc: fix potential memory leak in __lf_x_usb_enable_rx()
    - wifi: rtl8xxxu: Fix use after rcu_read_unlock in rtl8xxxu_bss_info_changed
    - clk: mediatek: fix dependency of MT7986 ADC clocks
    - amdgpu/nv.c: Corrected typo in the video capabilities resolution
    - drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs
    - clk: visconti: Fix memory leak in visconti_register_pll()
    - wifi: mac80211: fix memory leak in ieee80211_if_add()
    - wifi: mt76: mt7915: fix mt7915_mac_set_timing()
    - wifi: mt76: mt7915: fix reporting of TX AGGR histogram
    - mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2()
    - dt-bindings: clock: Add resets for LPASS audio clock controller for SC7280
    - dt-bindings: clock: Add support for external MCLKs for LPASS on SC7280
    - clk: qcom: lpass: Add support for resets & external mclk for SC7280
    - pinctrl: thunderbay: fix possible memory leak in
      thunderbay_build_functions()
    - bpftool: Fix memory leak in do_build_table_cb
    - mmc: litex_mmc: ensure `host->irq == 0` if polling
    - ipvs: use u64_stats_t for the per-cpu counters
    - net: setsockopt: fix IPV6_UNICAST_IF option for connected sockets
    - net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in
      am65_cpsw_nuss_ndo_slave_open()
    - crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF
    - fortify: Do not cast to "unsigned char"
    - f2fs: allow to set compression for inlined file
    - f2fs: fix the assign logic of iocb
    - RDMA/irdma: Fix inline for multiple SGE's
    - RDMA/irdma: Fix RQ completion opcode
    - RDMA/irdma: Do not request 2-level PBLEs for CQ alloc
    - RDMA/rxe: Fix mr->map double free
    - RDMA/hns: Fix incorrect sge nums calculation
    - RDMA/irdma: Initialize net_type before checking it
    - scsi: ufs: core: Fix the polling implementation
    - f2fs: set zstd compress level correctly
    - f2fs: fix to enable compress for newly created file if extension matches
    - crypto: qat - fix error return code in adf_probe
    - RDMA: Disable IB HW for UML
    - PCI: vmd: Fix secondary bus reset for Intel bridges
    - RDMA/hns: Fix the gid problem caused by free mr
    - RDMA/hns: Fix XRC caps on HIP08
    - RISC-V: Fix unannoted hardirqs-on in return to userspace slow-path
    - RISC-V: Fix MEMREMAP_WB for systems with Svpbmt
    - riscv: Fix crash during early errata patching
    - f2fs: fix iostat parameter for discard
    - riscv: Fix P4D_SHIFT definition for 3-level page table mode
    - interconnect: qcom: sc7180: fix dropped const of qcom_icc_bcm
    - usb: typec: tipd: Fix typec_unregister_port error paths
    - usb: musb: omap2430: Fix probe regression for missing resources
    - USB: gadget: Fix use-after-free during usb config switch
    - tracing/user_events: Fix call print_fmt leak
    - usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe()
    - thermal/drivers/k3_j72xx_bandgap: Fix the debug print message
    - led: qcom-lpg: Fix sleeping in atomic
    - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
    - power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
    - perf off_cpu: Fix a typo in BTF tracepoint name, it should be
      'btf_trace_sched_switch'
    - ftrace: Allow WITH_ARGS flavour of graph tracer with shadow call stack
    - phy: marvell: phy-mvebu-a3700-comphy: Reset COMPHY registers before USB 3.0
      power on
    - iommu/s390: Fix duplicate domain attachments
    - iommu/sun50i: Implement .iotlb_sync_map
    - phy: usb: Use slow clock for wake enabled suspend
    - phy: usb: Fix clock imbalance for suspend/resume
    - pwm: tegra: Ensure the clock rate is not less than needed
    - rtc: rzn1: Check return value in rzn1_rtc_probe
    - rtc: class: Fix potential memleak in devm_rtc_allocate_device()
    - iommu/mediatek: Check return value after calling platform_get_resource()
    - kprobes: Fix check for probe enabled in kill_kprobe()
    - iommu/mediatek: Add platform_device_put for recovering the device refcnt
    - iommu/mediatek: Use component_match_add
    - iommu/mediatek: Add error path for loop of mm_dts_parse
    - iommu/mediatek: Validate number of phandles associated with "mediatek,larbs"
    - mfd: axp20x: Do not sleep in the power off handler
    - selftests/bpf: Select CONFIG_FUNCTION_ERROR_INJECTION
    - mctp: serial: Fix starting value for frame check sequence
    - mctp: Remove device type check at unregister
    - ASoC: sof_es8336: fix possible use-after-free in sof_es8336_remove()
    - ALSA: hda/hdmi: fix i915 silent stream programming flow
    - ALSA: hda/hdmi: set default audio parameters for KAE silent-stream
    - ALSA: hda/hdmi: fix stream-id config keep-alive for rt suspend
    - lkdtm: cfi: Make PAC test work with GCC 7 and 8
    - drm/amd/pm: avoid large variable on kernel stack
    - MIPS: ralink: mt7621: avoid to init common ralink reset controller
    - perf test: Fix "all PMU test" to skip parametrized events
    - Input: iqs7222 - avoid sending empty SYN_REPORT events
    - dt-bindings: input: iqs7222: Reduce 'linux,code' to optional
    - dt-bindings: input: iqs7222: Correct minimum slider size
    - dt-bindings: input: iqs7222: Add support for IQS7222A v1.13+
    - Input: iqs7222 - trim force communication command
    - Input: iqs7222 - add support for IQS7222A v1.13+
    - arm64: dts: qcom: sm6350: fix USB-DP PHY registers
    - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock
    - clk: imx: imx8mp: add shared clk gate for usb suspend clk
    - iio: addac: ad74413r: fix integer promotion bug in
      ad74413_get_input_current_offset()
    - mm/gup: disallow FOLL_FORCE|FOLL_WRITE on hugetlb mappings
  * kinetic/linux: 5.19.0-38.39 -proposed tracker (LP: #2012088)
  * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
    - NFS: Correct timing for assigning access cache timestamp

linux-aws-5.19 (5.19.0-1022.23~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1022.23~22.04.1 -proposed tracker
    (LP: #2011999)

[ Ubuntu: 5.19.0-1022.23 ]

* kinetic/linux-aws: 5.19.0-1022.23 -proposed tracker (LP: #2011996)
  * NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
    - NFS: Correct timing for assigning access cache timestamp

linux-aws-5.19 (5.19.0-1021.22~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1021.22~22.04.1 -proposed tracker
    (LP: #2008286)

* Packaging resync (LP: #1786013)
    - [Packaging] update variants

* dependency on crda obsolete according to Debian (LP: #1958918)
    - [Packaging] aws-5.19: crda|wireless crda is obsolete

[ Ubuntu: 5.19.0-1021.22 ]

* kinetic/linux-aws: 5.19.0-1021.22 -proposed tracker (LP: #2008287)
  * kinetic/linux: 5.19.0-37.38 -proposed tracker (LP: #2008305)
  * XPS 9320 screen flicker on UHD panel 3840x2400 (LP: #2007516)
    - SAUCE: drm/i915/display/psr: Disable PSR2 sel fetch on panel SHP 5457
  * Fix speaker mute hotkey doesn't work on Dell G16 series (LP: #2003161)
    - platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010 table
  * net:cmsg_ipv6.sh from ubuntu_kernel_selftests failed with K-5.19
    (LP: #2000709)
    - selftest: net: Improve IPV6_TCLASS/IPV6_HOPLIMIT tests apparmor
      compatibility
  * rtcpie in timers from ubuntu_kernel_selftests randomly failing
    (LP: #1814234)
    - SAUCE: selftest: rtcpie: Force passing unreliable subtest
  * CVE-2023-0469
    - io_uring/filetable: fix file reference underflow
  * Improve arp_ndisc_evict_nocarrier.sh test result processing (LP: #2006546)
    - selftests: net: return non-zero for failures reported in
      arp_ndisc_evict_nocarrier
  * Make cm32181 sensor work after system suspend (LP: #1981773)
    - iio: light: cm32181: Add PM support
  * Fix Thunderbolt device hotplug fail when connect via thunderbolt dock
    (LP: #1991366)
    - PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
    - PCI: Pass available buses even if the bridge is already configured
    - PCI: Move pci_assign_unassigned_root_bus_resources()
    - PCI: Fix whitespace and indentation
    - PCI: Fix typo in pci_scan_child_bus_extend()
  * arp_ndisc_evict_nocarrier.sh in net from ubuntu_kernel_selftests failed on
    J-oem-5.17 / K (LP: #1968310)
    - selftests: net: fix cleanup_v6() for arp_ndisc_evict_nocarrier
  * Screen freeze after resuming from suspend (nvme0: I/O timeout)
    (LP: #1996048)
    - PCI: vmd: Disable MSI remapping after suspend
  * RaptorLake: Fix the Screen is shaking by onboard HDMI port in mirror mode
    (LP: #1993561)
    - drm/i915/display: Drop check for doublescan mode in modevalid
    - drm/i915/display: Prune Interlace modes for Display >=12
  * udpgro_frglist.sh in net from ubuntu_kernel_selftests failed with K-5.19
    (Missing nat6to4 helper) (LP: #2000708)
    - selftests/net: mv bpf/nat6to4.c to net folder
  * selftests/.../nat6to4  breaks the selftests build (LP: #1996536)
    - selftests: net: Add cross-compilation support for BPF programs
    - selftests: net: Fix O=dir builds
  * CVE-2023-0266 // CVE-2023-0266 was assigned for this issue.
    - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
  * CVE-2022-4382
    - USB: gadgetfs: Fix race between mounting and unmounting
  * CVE-2022-2196
    - KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
  * ubuntu_kernel_selftests: net:udpgso_bench.sh failed (LP: #1951447)
    - selftests: net: udpgso_bench: Fix racing bug between the rx/tx programs
  * Kinetic update: upstream stable patchset 2023-02-02 (LP: #2004602)
    - clk: generalize devm_clk_get() a bit
    - clk: Provide new devm_clk helpers for prepared and enabled clocks
    - mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse()
    - arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4
      series
    - arm: dts: rockchip: fix node name for hym8563 rtc
    - arm: dts: rockchip: remove clock-frequency from rtc
    - ARM: dts: rockchip: fix ir-receiver node names
    - arm64: dts: rockchip: fix ir-receiver node names
    - ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name
    - fs: use acquire ordering in __fget_light()
    - ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels
    - ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
    - ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register
    - spi: mediatek: Fix DEVAPC Violation at KO Remove
    - ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188
    - ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine
      transitions
    - 9p/fd: Use P9_HDRSZ for header size
    - regulator: slg51000: Wait after asserting CS pin
    - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
    - btrfs: send: avoid unaligned encoded writes when attempting to clone range
    - ASoC: soc-pcm: Add NULL check in BE reparenting
    - regulator: twl6030: fix get status of twl6032 regulators
    - fbcon: Use kzalloc() in fbcon_prepare_logo()
    - usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer
    - 9p/xen: check logical size for buffer size
    - net: usb: qmi_wwan: add u-blox 0x1342 composition
    - mm/khugepaged: take the right locks for page table retraction
    - mm/khugepaged: fix GUP-fast interaction by sending IPI
    - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
    - cifs: fix use-after-free caused by invalid pointer `hostname`
    - xen/netback: do some code cleanup
    - xen/netback: don't call kfree_skb() with interrupts disabled
    - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
    - soundwire: intel: Initialize clock stop timeout
    - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
    - memcg: fix possible use-after-free in memcg_write_event_control()
    - mm/gup: fix gup_pud_range() for dax
    - Bluetooth: btusb: Add debug message for CSR controllers
    - Bluetooth: Fix crash when replugging CSR fake controllers
    - net: mana: Fix race on per-CQ variable napi work_done
    - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
    - drm/vmwgfx: Don't use screen objects when SEV is active
    - drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend
    - drm/shmem-helper: Remove errant put in error path
    - drm/shmem-helper: Avoid vm_open error paths
    - net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
    - HID: usbhid: Add ALWAYS_POLL quirk for some mice
    - HID: hid-lg4ff: Add check for empty lbuf
    - HID: core: fix shift-out-of-bounds in hid_report_raw_event
    - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
    - can: af_can: fix NULL pointer dereference in can_rcv_filter
    - clk: Fix pointer casting to prevent oops in devm_clk_release()
    - gpiolib: fix memory leak in gpiochip_setup_dev()
    - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
      first one
    - drm/vmwgfx: Fix race issue calling pin_user_pages
    - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
    - ca8210: Fix crash by zero initializing data
    - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
      mark
    - drm/bridge: ti-sn65dsi86: Fix output polarity setting bug
    - gpio: amd8111: Fix PCI device reference count leak
    - e1000e: Fix TX dispatch condition
    - igb: Allocate MSI-X vector when testing
    - net: broadcom: Add PTP_1588_CLOCK_OPTIONAL dependency for BCMGENET under
      ARCH_BCM2835
    - drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420
    - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
    - vmxnet3: correctly report encapsulated LRO packet
    - vmxnet3: use correct intrConf reference when using extended queues
    - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
    - Bluetooth: Fix not cleanup led when bt_init fails
    - net: dsa: ksz: Check return value
    - net: dsa: hellcreek: Check return value
    - net: dsa: sja1105: Check return value
    - selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload
    - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
    - net: encx24j600: Add parentheses to fix precedence
    - net: encx24j600: Fix invalid logic in reading of MISTAT register
    - net: mdiobus: fwnode_mdiobus_register_phy() rework error handling
    - net: mdiobus: fix double put fwnode in the error path
    - octeontx2-pf: Fix potential memory leak in otx2_init_tc()
    - xen-netfront: Fix NULL sring after live migration
    - net: mvneta: Prevent out of bounds read in mvneta_config_rss()
    - i40e: Fix not setting default xps_cpus after reset
    - i40e: Fix for VF MAC address 0
    - i40e: Disallow ip4 and ip6 l4_4_bytes
    - NFC: nci: Bounds check struct nfc_target arrays
    - nvme initialize core quirks before calling nvme_init_subsystem
    - gpio/rockchip: fix refcount leak in rockchip_gpiolib_register()
    - net: stmmac: fix "snps,axi-config" node property parsing
    - ip_gre: do not report erspan version on GRE interface
    - net: microchip: sparx5: Fix missing destroy_workqueue of mact_queue
    - net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
    - net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
    - net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
    - net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
    - tipc: Fix potential OOB in tipc_link_proto_rcv()
    - ipv4: Fix incorrect route flushing when source address is deleted
    - ipv4: Fix incorrect route flushing when table ID 0 is used
    - net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
    - tipc: call tipc_lxc_xmit without holding node_read_lock
    - ethernet: aeroflex: fix potential skb leak in greth_init_rings()
    - dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and
      dpaa2_switch_acl_entry_remove()
    - net: phy: mxl-gpy: fix version reporting
    - net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq()
    - ipv6: avoid use-after-free in ip6_fragment()
    - net: thunderbolt: fix memory leak in tbnet_open()
    - net: mvneta: Fix an out of bounds check
    - macsec: add missing attribute validation for offload
    - s390/qeth: fix use-after-free in hsci
    - can: esd_usb: Allow REC and TEC to return to zero
    - io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
    - madvise: use zap_page_range_single for madvise dontneed
    - drm/i915: Remove non-existent pipes from bigjoiner pipe mask
    - arm64: dts: rockchip: Fix gmac failure of rgmii-id from rk3566-roc-pc
    - arm64: dts: rockchip: Fix i2c3 pinctrl on rk3566-roc-pc
    - arm64: dts: rockchip: remove i2c5 from rk3566-roc-pc
    - arm64: dts: rockchip: fix node name for hym8563 rtc
    - ARM: dts: rockchip: fix adc-keys sub node names
    - arm64: dts: rockchip: fix adc-keys sub node names
    - LoongArch: Makefile: Use "grep -E" instead of "egrep"
    - LoongArch: Combine acpi_boot_table_init() and acpi_boot_init()
    - LoongArch: Set _PAGE_DIRTY only if _PAGE_MODIFIED is set in
      {pmd,pte}_mkwrite()
    - net/mlx5: Lag, avoid lockdep warnings
    - hugetlb: don't delete vma_lock in hugetlb MADV_DONTNEED processing
    - crypto: ccp - Add a quirk to firmware update
    - soundwire: dmi-quirks: add remapping for HP Omen 16-k0005TX
    - platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
    - platform/x86: asus-wmi: Add support for ROG X13 tablet mode
    - fscache: Fix oops due to race with cookie_lru and use_cookie
    - tmpfs: fix data loss from failed fallocate
    - selftests/tls: Fix tls selftests dependency to correct algorithm
    - drm/amd/display: fix array index out of bound error in DCN32 DML
    - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
    - ARM: 9278/1: kfence: only handle translation faults
    - netfilter: conntrack: fix using __this_cpu_add in preemptible
    - net: ethernet: ti: am65-cpsw: Fix RGMII configuration at SPEED_10
    - inet: ping: use hlist_nulls rcu iterator during lookup
    - Bluetooth: Remove codec id field in vendor codec definition
    - Bluetooth: Fix support for Read Local Supported Codecs V2
    - nfp: correct desc type when header dma len is 4096
    - net: microchip: sparx5: correctly free skb in xmit
    - net: wwan: iosm: fix memory leak in ipc_mux_init()
    - ravb: Fix potential use-after-free in ravb_rx_gbeth()
    - bonding: get correct NA dest address
    - net: dsa: mv88e6xxx: accept phy-mode = "internal" for internal PHY ports
    - drm/amdgpu/vcn: update vcn4 fw shared data structure
    - x86/vdso: Conditionally export __vdso_sgx_enter_enclave()
    - ASoC: fsl_micfil: explicitly clear software reset bit
    - ASoC: fsl_micfil: explicitly clear CHnF flags
    - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
    - libbpf: Use page size as max_entries when probing ring buffer map
    - pinctrl: meditatek: Startup with the IRQs disabled
    - can: sja1000: fix size of OCR_MODE_MASK define
    - can: mcba_usb: Fix termination command argument
    - net: fec: don't reset irq coalesce settings to defaults on "ip link up"
    - ASoC: cs42l51: Correct PGA Volume minimum value
    - perf: Fix perf_pending_task() UaF
    - nvme-pci: clear the prp2 field when not used
    - ASoC: ops: Correct bounds check for second channel on SX controls
    - net: fec: properly guard irq coalesce setup
    - libbpf: Fix uninitialized warning in btf_dump_dump_type_data
    - udf: Discard preallocation before extending file with a hole
    - udf: Fix preallocation discarding at indirect extent boundary
    - udf: Do not bother looking for prealloc extents if i_lenExtents matches
      i_size
    - udf: Fix extending file within last block
    - usb: gadget: uvc: Prevent buffer overflow in setup handler
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
    - USB: serial: f81232: fix division by zero on line-speed change
    - USB: serial: f81534: fix division by zero on line-speed change
    - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
    - igb: Initialize mailbox message for VF reset
    - usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system
      for Raptor Lake
    - selftests: net: Use "grep -E" instead of "egrep"
    - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
    - PCI: mt7621: Add sentinel to quirks table
    - kallsyms: Make module_kallsyms_on_each_symbol generally available
    - ftrace: Add support to resolve module symbols in ftrace_lookup_symbols
    - bpf: Rename __bpf_kprobe_multi_cookie_cmp to bpf_kprobe_multi_addrs_cmp
    - bpf: Take module reference on kprobe_multi link
    - selftests/bpf: Add load_kallsyms_refresh function
    - selftests/bpf: Add bpf_testmod_fentry_* functions
    - selftests/bpf: Add kprobe_multi check to module attach test
    - selftests/bpf: Add kprobe_multi kmod attach api tests
    - usb: typec: ucsi: Resume in separate work
    - KEYS: encrypted: fix key instantiation with user-provided data
  * Kinetic update: upstream stable patchset 2023-02-02 (LP: #2004602) //
    net:fcnal-test.sh 'nettest' command not found on F/K (LP: #2006391)
    - selftests/net: Find nettest in current directory
  * CVE-2023-23559
    - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
  * CVE-2023-0045
    - x86/bugs: Flush IBP in ib_prctl_set()

linux-aws-5.19 (5.19.0-1020.21~22.04.1) jammy; urgency=medium

* jammy/linux-aws-5.19: 5.19.0-1020.21~22.04.1 -proposed tracker
    (LP: #2004283)

* Kinetic update: upstream stable patchset 2023-01-27 (LP: #2004051)
    - [Config] aws-5.19: Update configs after rebase

[ Ubuntu: 5.19.0-1020.21 ]

* kinetic/linux-aws: 5.19.0-1020.21 -proposed tracker (LP: #2004284)
  * Kinetic update: upstream stable patchset 2023-01-27 (LP: #2004051)
    - [Config] Update configs after rebase
  * cma alloc failure in large 5.15 arm instances (LP: #1990167)
    - [Config] aws: Disable CONFIG_CMA for arm64
  * RDMA Back port DMA buffer fix (LP: #2004807)
    - RDMA/core: Fix ib block iterator counter overflow
  * kinetic/linux: 5.19.0-35.36 -proposed tracker (LP: #2004652)
  * CVE-2023-0461
    - SAUCE: Fix inet_csk_listen_start after CVE-2023-0461
  * kinetic/linux: 5.19.0-34.35 -proposed tracker (LP: #2004299)
  * LXD containers using shiftfs on ZFS or TMPFS broken on 5.15.0-48.54
    (LP: #1990849)
    - [SAUCE] shiftfs: fix -EOVERFLOW inside the container
  * Kinetic update: upstream stable patchset 2023-01-27 (LP: #2004051)
    - ASoC: fsl_sai: use local device pointer
    - serial: Add rs485_supported to uart_port
    - serial: fsl_lpuart: Fill in rs485_supported
    - x86/sgx: Create utility to validate user provided offset and length
    - x86/sgx: Add overflow check in sgx_validate_offset_length()
    - binder: validate alloc->mm in ->mmap() handler
    - ceph: Use kcalloc for allocating multiple elements
    - ceph: fix NULL pointer dereference for req->r_session
    - wifi: mac80211: fix memory free error when registering wiphy fail
    - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
    - riscv: dts: sifive unleashed: Add PWM controlled LEDs
    - audit: fix undefined behavior in bit shift for AUDIT_BIT
    - wifi: airo: do not assign -1 to unsigned char
    - wifi: mac80211: Fix ack frame idr leak when mesh has no route
    - wifi: ath11k: Fix QCN9074 firmware boot on x86
    - spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run
    - selftests/bpf: Add verifier test for release_reference()
    - Revert "net: macsec: report real_dev features when HW offloading is enabled"
    - platform/x86: ideapad-laptop: Disable touchpad_switch
    - platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2 2-in-1
    - platform/x86/intel/pmt: Sapphire Rapids PMT errata fix
    - scsi: ibmvfc: Avoid path failures during live migration
    - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
    - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
    - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
    - arm64/syscall: Include asm/ptrace.h in syscall_wrapper header.
    - nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked
    - Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10
      properly""
    - ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue
    - RISC-V: vdso: Do not add missing symbols to version section in linker script
    - MIPS: pic32: treat port as signed integer
    - xfrm: fix "disable_policy" on ipv4 early demux
    - xfrm: replay: Fix ESN wrap around for GSO
    - af_key: Fix send_acquire race with pfkey_register
    - ARM: dts: am335x-pcm-953: Define fixed regulators in root node
    - ASoC: hdac_hda: fix hda pcm buffer overflow issue
    - ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
    - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
    - x86/hyperv: Restore VP assist page after cpu offlining/onlining
    - scsi: storvsc: Fix handling of srb_status and capacity change events
    - ASoC: max98373: Add checks for devm_kcalloc
    - regulator: core: fix kobject release warning and memory leak in
      regulator_register()
    - spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld()
    - regulator: core: fix UAF in destroy_regulator()
    - bus: sunxi-rsb: Remove the shutdown callback
    - bus: sunxi-rsb: Support atomic transfers
    - tee: optee: fix possible memory leak in optee_register_device()
    - ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
    - selftests: mptcp: fix mibit vs mbit mix up
    - net: liquidio: simplify if expression
    - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-
      CAN-15975]
    - net: dsa: sja1105: disallow C45 transactions on the BASE-TX MDIO bus
    - nfc/nci: fix race with opening and closing
    - net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
    - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
    - netfilter: conntrack: Fix data-races around ct mark
    - netfilter: nf_tables: do not set up extensions for end interval
    - iavf: Fix a crash during reset task
    - iavf: Do not restart Tx queues after reset task failure
    - iavf: Fix race condition between iavf_shutdown and iavf_remove
    - ARM: mxs: fix memory leak in mxs_machine_init()
    - ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
    - net: ethernet: mtk_eth_soc: fix error handling in mtk_open()
    - net/mlx4: Check retval of mlx4_bitmap_init
    - net: mvpp2: fix possible invalid pointer dereference
    - net/qla3xxx: fix potential memleak in ql3xxx_send()
    - octeontx2-af: debugsfs: fix pci device refcount leak
    - net: pch_gbe: fix pci device refcount leak while module exiting
    - nfp: fill splittable of devlink_port_attrs correctly
    - nfp: add port from netdev validation for EEPROM access
    - macsec: Fix invalid error code set
    - Drivers: hv: vmbus: fix double free in the error path of
      vmbus_add_channel_work()
    - Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
    - netfilter: ipset: regression in ip_set_hash_ip.c
    - net/mlx5: Do not query pci info while pci disabled
    - net/mlx5: Fix FW tracer timestamp calculation
    - net/mlx5: Fix handling of entry refcount when command is not issued to FW
    - tipc: set con sock in tipc_conn_alloc
    - tipc: add an extra conn_get in tipc_conn_alloc
    - tipc: check skb_linearize() return value in tipc_disc_rcv()
    - xfrm: Fix oops in __xfrm_state_delete()
    - xfrm: Fix ignored return value in xfrm6_init()
    - net: wwan: iosm: use ACPI_FREE() but not kfree() in ipc_pcie_read_bios_cfg()
    - sfc: fix potential memleak in __ef100_hard_start_xmit()
    - net: sparx5: fix error handling in sparx5_port_open()
    - net: sched: allow act_ct to be built without NF_NAT
    - NFC: nci: fix memory leak in nci_rx_data_packet()
    - regulator: twl6030: re-add TWL6032_SUBCLASS
    - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
    - dma-buf: fix racing conflict of dma_heap_add()
    - netfilter: ipset: restore allowing 64 clashing elements in hash:net,iface
    - netfilter: flowtable_offload: add missing locking
    - fs: do not update freeing inode i_io_list
    - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
    - ipv4: Fix error return code in fib_table_insert()
    - arcnet: fix potential memory leak in com20020_probe()
    - s390/dasd: fix no record found for raw_track_access
    - nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
    - nfc: st-nci: fix memory leaks in EVT_TRANSACTION
    - nfc: st-nci: fix incorrect sizing calculations in EVT_TRANSACTION
    - net: enetc: cache accesses to &priv->si->hw
    - net: enetc: preserve TX ring priority across reconfiguration
    - octeontx2-pf: Add check for devm_kcalloc
    - octeontx2-af: Fix reference count issue in rvu_sdp_init()
    - net: thunderx: Fix the ACPI memory leak
    - s390/crashdump: fix TOD programmable field size
    - lib/vdso: use "grep -E" instead of "egrep"
    - [Config] updateconfigs for CC_HAS_ASM_GOTO_TIED_OUTPUT
    - init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
    - nios2: add FORCE for vmlinuz.gz
    - KVM: arm64: pkvm: Fixup boot mode to reflect that the kernel resumes from
      EL1
    - usb: dwc3: exynos: Fix remove() function
    - usb: cdnsp: Fix issue with Clear Feature Halt Endpoint
    - usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1
    - ext4: fix use-after-free in ext4_ext_shift_extents
    - arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency
    - iio: light: apds9960: fix wrong register for gesture gain
    - iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails
    - bus: ixp4xx: Don't touch bit 7 on IXP42x
    - usb: dwc3: gadget: conditionally remove requests
    - usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
    - usb: dwc3: gadget: Clear ep descriptor last
    - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
    - gcov: clang: fix the buffer overflow issue
    - mm: vmscan: fix extreme overreclaim and swap floods
    - KVM: x86: nSVM: leave nested mode on vCPU free
    - KVM: x86: forcibly leave nested mode on vCPU reset
    - KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in
      use
    - KVM: x86: add kvm_leave_nested
    - KVM: x86: remove exit_int_info warning in svm_handle_exit
    - x86/tsx: Add a feature bit for TSX control MSR support
    - x86/pm: Add enumeration check before spec MSRs save/restore setup
    - x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
    - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
    - ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
    - tools: iio: iio_generic_buffer: Fix read size
    - serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
    - Input: goodix - try resetting the controller when no config is set
    - Input: soc_button_array - add use_low_level_irq module parameter
    - Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[]
    - Input: i8042 - apply probe defer to more ASUS ZenBook models
    - ASoC: stm32: dfsdm: manage cb buffers cleanup
    - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
    - xen/platform-pci: add missing free_irq() in error path
    - platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr()
    - platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
    - drm/amdgpu: disable BACO support on more cards
    - zonefs: fix zone report size in __zonefs_io_error()
    - platform/x86: hp-wmi: Ignore Smart Experience App event
    - platform/x86: ideapad-laptop: Fix interrupt storm on fn-lock toggle on some
      Yoga laptops
    - [Config] updateconfigs for INET_TABLE_PERTURB_ORDER
    - tcp: configurable source port perturb table size
    - net: usb: qmi_wwan: add Telit 0x103a composition
    - scsi: iscsi: Fix possible memory leak when device_register() failed
    - gpu: host1x: Avoid trying to use GART on Tegra20
    - dm integrity: flush the journal on suspend
    - dm integrity: clear the journal on suspend
    - fuse: lock inode unconditionally in fuse_fallocate()
    - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute
    - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute
    - wifi: wilc1000: validate number of channels
    - btrfs: free btrfs_path before copying root refs to userspace
    - btrfs: free btrfs_path before copying fspath to userspace
    - btrfs: free btrfs_path before copying subvol info to userspace
    - btrfs: zoned: fix missing endianness conversion in sb_write_pointer
    - btrfs: use kvcalloc in btrfs_get_dev_zone_info
    - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
    - drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN
    - drm/amdgpu: Enable Aldebaran devices to report CU Occupancy
    - drm/amdgpu: always register an MMU notifier for userptr
    - drm/i915: fix TLB invalidation for Gen12 video and compute engines
    - wifi: cfg80211: Fix bitrates overflow issue
    - spi: tegra210-quad: Don't initialise DMA if not supported
    - s390/zcrypt: fix warning about field-spanning write
    - selftests/net: give more time to udpgro bg processes to complete startup
    - ACPI: video: Add backlight=native DMI quirk for Dell G15 5515
    - drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01
    - s390: always build relocatable kernel
    - nvme: quiet user passthrough command errors
    - net: wwan: iosm: fix kernel test robot reported errors
    - drm/amdgpu: Drop eviction lock when allocating PT BO
    - arm64: dts: rockchip: fix quartz64-a bluetooth configuration
    - power: supply: ip5xxx: Fix integer overflow in current_now calculation
    - power: supply: ab8500: Defer thermal zone probe
    - arm64: dts: rockchip: Fix Pine64 Quartz4-B PMIC interrupt
    - regulator: rt5759: fix OOB in validate_desc()
    - spi: tegra210-quad: Fix duplicate resource error
    - selftests: mptcp: gives slow test-case more time
    - selftests: mptcp: run mptcp_sockopt from a new netns
    - bonding: fix ICMPv6 header handling when receiving IPv6 messages
    - drm/i915: Fix warn in intel_display_power_*_domain() functions
    - net/mlx5: SF: Fix probing active SFs during driver probe phase
    - net/mlx5: cmdif, Print info on any firmware cmd failure to tracepoint
    - net/mlx5: E-Switch, Set correctly vport destination
    - net/mlx5e: Offload rule only when all encaps are valid
    - net: phy: at803x: fix error return code in at803x_probe()
    - zonefs: Fix race between modprobe and mount
    - tsnep: Fix rotten packets
    - blk-mq: fix queue reference leak on blk_mq_alloc_disk_for_queue failure
    - test_kprobes: fix implicit declaration error of test_kprobes
    - net: ethernet: mtk_eth_soc: fix resource leak in error path
    - net: dm9051: Fix missing dev_kfree_skb() in dm9051_loop_rx()
    - s390/ap: fix memory leak in ap_init_qci_info()
    - fscache: fix OOB Read in __fscache_acquire_volume
    - net: wwan: t7xx: Fix the ACPI memory leak
    - virtio_net: Fix probe failed when modprobe virtio_net
    - can: gs_usb: remove dma allocations
    - cifs: fix missing unlock in cifs_file_copychunk_range()
    - cifs: Use after free in debug code
    - iio: adc: aspeed: Remove the trim valid dts property.
    - dt-bindings: iio: adc: Remove the property "aspeed,trim-data-valid"
    - mm/damon/sysfs-schemes: skip stats update if the scheme directory is removed
    - virt/sev-guest: Prevent IV reuse in the SNP guest driver
    - zonefs: Fix active zone accounting
    - spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock
    - spi: spi-imx: spi_imx_transfer_one(): check for DMA transfer first
    - mm/cgroup/reclaim: fix dirty pages throttling on cgroup v1
    - KVM: x86/mmu: Fix race condition in direct_page_fault
    - KVM: x86/xen: Only do in-kernel acceleration of hypercalls for guest CPL0
    - KVM: x86/xen: Validate port number in SCHEDOP_poll
    - drm/i915/gvt: Get reference to KVM iff attachment to VM is successful
    - KVM: Update gfn_to_pfn_cache khva when it moves within the same page
    - mm: fix unexpected changes to {failslab|fail_page_alloc}.attr
    - mm: correctly charge compressed memory to its memcg
    - LoongArch: Clear FPU/SIMD thread info flags for kernel thread
    - LoongArch: Set _PAGE_DIRTY only if _PAGE_WRITE is set in {pmd,pte}_mkdirty()
    - ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table
    - ASoC: Intel: soc-acpi: add ES83x6 support to IceLake
    - ASoC: hda: intel-dsp-config: add ES83x6 quirk for IceLake
    - ASoC: SOF: ipc3-topology: use old pipeline teardown flow with SOF2.1 and
      older
    - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context"
    - Revert "tty: n_gsm: replace kicktimer with delayed_work"
    - ASoC: sof_es8336: reduce pop noise on speaker
    - pinctrl: qcom: sc8280xp: Rectify UFS reset pins
    - platform/x86: thinkpad_acpi: Enable s2idle quirk for 21A1 machine type
    - platform/x86: ideapad-laptop: Add module parameters to match DMI quirk
      tables
    - block: make blk_set_default_limits() private
    - scsi: mpi3mr: Suppress command reply debug prints
    - btrfs: free btrfs_path before copying inodes to userspace
    - btrfs: do not modify log tree while holding a leaf from fs tree locked
    - drm/i915/ttm: never purge busy objects
    - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
    - drm/amdgpu/psp: don't free PSP buffers on suspend
    - drm/amd/amdgpu: reserve vm invalidation engine for firmware
    - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly
      when the edid is read"
    - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
    - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
    - iio: health: afe4403: Fix oob read in afe4403_read_raw
    - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
    - iio: light: rpr0521: add missing Kconfig dependencies
    - bpf, perf: Use subprog name when reporting subprog ksymbol
    - scripts/faddr2line: Fix regression in name resolution on ppc64le
    - ARM: at91: rm9200: fix usb device clock id
    - libbpf: Handle size overflow for ringbuf mmap
    - hwmon: (ltc2947) fix temperature scaling
    - hwmon: (ina3221) Fix shunt sum critical calculation
    - hwmon: (i5500_temp) fix missing pci_disable_device()
    - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
    - bpf: Do not copy spin lock field from user in bpf_selem_alloc
    - nvmem: rmem: Fix return value check in rmem_read()
    - of: property: decrement node refcount in of_fwnode_get_reference_args()
    - ixgbevf: Fix resource leak in ixgbevf_init_module()
    - i40e: Fix error handling in i40e_init_module()
    - fm10k: Fix error handling in fm10k_init_module()
    - iavf: Fix error handling in iavf_init_module()
    - e100: Fix possible use after free in e100_xmit_prepare
    - net/mlx5: DR, Fix uninitialized var warning
    - net/mlx5: Fix uninitialized variable bug in outlen_write()
    - net/mlx5e: Fix use-after-free when reverting termination table
    - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
    - can: cc770: cc770_isa_probe(): add missing free_cc770dev()
    - can: etas_es58x: es58x_init_netdev(): free netdev when register_candev()
    - can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
    - can: m_can: Add check for devm_clk_get
    - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
    - aquantia: Do not purge addresses when setting the number of rings
    - wifi: cfg80211: fix buffer overflow in elem comparison
    - wifi: cfg80211: don't allow multi-BSSID in S1G
    - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
    - net: phy: fix null-ptr-deref while probe() failed
    - net: ethernet: ti: am65-cpsw: fix error handling in am65_cpsw_nuss_probe()
    - net: net_netdev: Fix error handling in ntb_netdev_init_module()
    - net/9p: Fix a potential socket leak in p9_socket_open
    - net: ethernet: nixge: fix NULL dereference
    - net: wwan: iosm: fix kernel test robot reported error
    - net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type
    - dsa: lan9303: Correct stat name
    - tipc: re-fetch skb cb after tipc_msg_validate
    - net: hsr: Fix potential use-after-free
    - net: mdiobus: fix unbalanced node reference count
    - afs: Fix fileserver probe RTT handling
    - net: tun: Fix use-after-free in tun_detach()
    - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
    - sctp: fix memory leak in sctp_stream_outq_migrate()
    - net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
    - hwmon: (coretemp) Check for null before removing sysfs attrs
    - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
    - riscv: vdso: fix section overlapping under some conditions
    - riscv: mm: Proper page permissions after initmem free
    - ALSA: dice: fix regression for Lexicon I-ONIX FW810S
    - error-injection: Add prompt for function error injection
    - tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep"
    - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
    - x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
    - pinctrl: intel: Save and restore pins in "direct IRQ" mode
    - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
    - net: stmmac: Set MAC's flow control register to reflect current settings
    - mmc: mmc_test: Fix removal of debugfs file
    - mmc: core: Fix ambiguous TRIM and DISCARD arg
    - mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
    - mmc: sdhci-sprd: Fix no reset data and command after voltage switch
    - mmc: sdhci: Fix voltage switch delay
    - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame
    - drm/amdgpu: enable Vangogh VCN indirect sram mode
    - drm/i915: Fix negative value passed as remaining time
    - drm/i915: Never return 0 if not all requests retired
    - tracing/osnoise: Fix duration type
    - tracing: Fix race where histograms can be called before the event
    - tracing: Free buffers when a used dynamic event is removed
    - io_uring: cmpxchg for poll arm refs release
    - io_uring/poll: fix poll_refs race with cancelation
    - ASoC: ops: Fix bounds check for _sx controls
    - pinctrl: single: Fix potential division by zero
    - riscv: Sync efi page table's kernel mappings before switching
    - riscv: fix race when vmap stack overflow
    - riscv: kexec: Fixup irq controller broken in kexec crash path
    - nvme: fix SRCU protection of nvme_ns_head list
    - iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
    - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
    - mm: migrate: fix THP's mapcount on isolation
    - Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is
      enabled
    - ipv4: Handle attempt to delete multipath route when fib_info contains an nh
      reference
    - ipv4: Fix route deletion when nexthop info is not specified
    - i2c: npcm7xx: Fix error handling in npcm_i2c_init()
    - i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
    - ACPI: HMAT: remove unnecessary variable initialization
    - ACPI: HMAT: Fix initiator registration for single-initiator systems
    - Revert "clocksource/drivers/riscv: Events are stopped during CPU suspend"
    - char: tpm: Protect tpm_pm_suspend with locks
    - Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
    - ipc/sem: Fix dangling sem_array access in semtimedop race
    - clk: samsung: exynos7885: Correct "div4" clock parents
    - libbpf: Use correct return pointer in attach_raw_tp
    - clocksource/drivers/arm_arch_timer: Fix XGene-1 TVAL register math error
    - clk: qcom: gcc-sc8280xp: add cxo as parent for three ufs ref clks
    - vfs: fix copy_file_range() averts filesystem freeze protection
    - net: wwan: iosm: fix crash in peek throughput test
    - net: wwan: iosm: fix incorrect skb length
    - mptcp: don't orphan ssk in mptcp_close()
    - mptcp: fix sleep in atomic at close time
    - hwmon: (asus-ec-sensors) Add checks for devm_kcalloc
    - ASoC: tlv320adc3xxx: Fix build error for implicit function declaration
    - mm/damon/sysfs: fix wrong empty schemes assumption under online tuning in
      damon_sysfs_set_schemes()
    - i2c: Restore initial power state if probe fails
    - i2c: qcom-geni: fix error return code in geni_i2c_gpi_xfer
    - powerpc/bpf/32: Fix Oops on tail call tests
  * 5.15.0-58.64 breaks xen bridge networking (pvh domU) (LP: #2002889)
    - xen/netback: fix build warning
  * NFS: client permission error after adding user to permissible group
    (LP: #2003053)
    - NFS: Clear the file access cache upon login
    - NFS: Judge the file access cache's timestamp in rcu path
    - NFS: Fix up a sparse warning
  * cmsg_so_mark.sh / cmsg_time.sh / cmsg_ipv6.sh in net from
    ubuntu_kernel_selftests hang with non-amd64 (LP: #2000667)
    - selftests: net: fix cmsg_so_mark.sh test hang
  * Set explicit CC in the headers package (LP: #1999750)
    - [Packaging] Set explicit CC in the headers package
  * powerpc-build in ubuntu_kernel_selftests failed on P9 with K-5.19
    (LP: #2000772)
    - selftests/powerpc: Avoid GCC 12 uninitialised variable warning
  * [SRU] SoF for RPL platform support (LP: #1992714)
    - ASoC: SOC: Intel: introduce cl_init callback
    - ASoC: SOF: Intel: add MeteorLake machines
    - ASoC: SOF: Intel: Add support for MeteorLake (MTL)
    - ASoC: Intel: common: add ACPI matching tables for Raptor Lake
    - ASoC: SOF: Intel: pci-tgl: use RPL specific firmware definitions
    - [Config] Enable SND_SOC_SOF_METEORLAKE as module
  * Rear Audio port sometimes has no audio output after reboot(Cirrus Logic)
    (LP: #1998905)
    - ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock.
  * Fix SUT can't displayed after resume from WB/CB with dGFX
    installed(FR:6/10)[RX6300][RX6500]  (LP: #1999836)
    - drm/amd/display: No display after resume from WB/CB
  * commit cf58599cded35cf4affed1e659c0e2c742d3fda7 seems to be missing in
    kinetic master to remove "hio" reference from Makefile (LP: #1999556)
    - Ubuntu: remove leftover reference to ubuntu/hio driver
  * Add additional Mediatek MT7922 BT device ID (LP: #1998885)
    - Bluetooth: btusb: Add a new VID/PID 0489/e0f2 for MT7922
  * Mute/mic LEDs no function on a HP platfrom (LP: #1998882)
    - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook
  * CVE-2023-0461
    - net/ulp: prevent ULP without clone op from entering the LISTEN status
    - net/ulp: use consistent error code when blocking ULP
  * CVE-2023-0179
    - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
  * CVE-2022-20369
    - NFSD: fix use-after-free in __nfs42_ssc_open()
  * Kinetic update: upstream stable patchset 2023-01-23 (LP: #2003753)
    - ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in
      wm5102_probe"
    - ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in
      wm5110_probe"
    - ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in
      wm8997_probe"
    - ASoC: mt6660: Keep the pm_runtime enables before component stuff in
      mt6660_i2c_probe
    - ASoC: rt1019: Fix the TDM settings
    - ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK
    - spi: intel: Fix the offset to get the 64K erase opcode
    - ASoC: codecs: jz4725b: add missed Line In power control bit
    - ASoC: codecs: jz4725b: fix reported volume for Master ctl
    - ASoC: codecs: jz4725b: use right control for Capture Volume
    - ASoC: codecs: jz4725b: fix capture selector naming
    - ASoC: Intel: sof_sdw: add quirk variant for LAPBC710 NUC15
    - selftests/futex: fix build for clang
    - selftests/intel_pstate: fix build for ARCH=x86_64
    - ASoC: rt1308-sdw: add the default value of some registers
    - drm/amd/display: Remove wrong pipe control lock
    - ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[]
    - RDMA/efa: Add EFA 0xefa2 PCI ID
    - btrfs: raid56: properly handle the error when unable to find the missing
      stripe
    - NFSv4: Retry LOCK on OLD_STATEID during delegation return
    - ACPI: x86: Add another system to quirk list for forcing StorageD3Enable
    - firmware: arm_scmi: Cleanup the core driver removal callback
    - i2c: tegra: Allocate DMA memory for DMA engine
    - i2c: i801: add lis3lv02d's I2C address for Vostro 5568
    - drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid
    - btrfs: remove pointless and double ulist frees in error paths of qgroup
      tests
    - x86/cpu: Add several Intel server CPU model numbers
    - ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" ->
      "Route"
    - KVM: x86/pmu: Do not speculatively query Intel GP PMCs that don't exist yet
    - hugetlbfs: don't delete error page from pagecache
    - arm64: dts: qcom: sa8155p-adp: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8150-xperia-kumano: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8250-xperia-edo: Specify which LDO modes are allowed
    - arm64: dts: qcom: sm8350-hdk: Specify which LDO modes are allowed
    - spi: stm32: Print summary 'callbacks suppressed' message
    - ARM: dts: at91: sama7g5: fix signal name of pin PB2
    - ASoC: core: Fix use-after-free in snd_soc_exit()
    - ASoC: tas2770: Fix set_tdm_slot in case of single slot
    - ASoC: tas2764: Fix set_tdm_slot in case of single slot
    - ARM: at91: pm: avoid soft resetting AC DLL
    - serial: 8250: omap: Fix missing PM runtime calls for omap8250_set_mctrl()
    - serial: 8250_omap: remove wait loop from Errata i202 workaround
    - serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in omap8250_remove()
    - serial: 8250: omap: Flush PM QOS work on remove
    - serial: imx: Add missing .thaw_noirq hook
    - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
    - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
    - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
    - pinctrl: rockchip: list all pins in a possible mux route for PX30
    - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
    - block: sed-opal: kmalloc the cmd/resp buffers
    - bpf: Fix memory leaks in __check_func_call
    - arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
    - siox: fix possible memory leak in siox_device_add()
    - parport_pc: Avoid FIFO port location truncation
    - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
    - drm/vc4: kms: Fix IS_ERR() vs NULL check for vc4_kms
    - drm/panel: simple: set bpc field for logic technologies displays
    - drm/drv: Fix potential memory leak in drm_dev_init()
    - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
    - arm64: dts: imx8mm: Fix NAND controller size-cells
    - arm64: dts: imx8mn: Fix NAND controller size-cells
    - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
    - ata: libata-transport: fix error handling in ata_tport_add()
    - ata: libata-transport: fix error handling in ata_tlink_add()
    - ata: libata-transport: fix error handling in ata_tdev_add()
    - nfp: change eeprom length to max length enumerators
    - MIPS: fix duplicate definitions for exported symbols
    - MIPS: Loongson64: Add WARN_ON on kexec related kmalloc failed
    - bpf: Initialize same number of free nodes for each pcpu_freelist
    - net: bgmac: Drop free_netdev() from bgmac_enet_remove()
    - mISDN: fix possible memory leak in mISDN_dsp_element_register()
    - net: hinic: Fix error handling in hinic_module_init()
    - net: stmmac: ensure tx function is not running in stmmac_xdp_release()
    - soc: imx8m: Enable OCOTP clock before reading the register
    - net: liquidio: release resources when liquidio driver open failed
    - mISDN: fix misuse of put_device() in mISDN_register_device()
    - net: macvlan: Use built-in RCU list checking
    - net: caif: fix double disconnect client in chnl_net_open()
    - bnxt_en: Remove debugfs when pci_register_driver failed
    - net: mhi: Fix memory leak in mhi_net_dellink()
    - net: dsa: make dsa_master_ioctl() see through port_hwtstamp_get() shims
    - xen/pcpu: fix possible memory leak in register_pcpu()
    - net: ionic: Fix error handling in ionic_init_module()
    - net: ena: Fix error handling in ena_init()
    - net: hns3: fix setting incorrect phy link ksettings for firmware in
      resetting process
    - bridge: switchdev: Fix memory leaks when changing VLAN protocol
    - drbd: use after free in drbd_create_device()
    - platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
      virtualized
    - platform/surface: aggregator: Do not check for repeated unsequenced packets
    - cifs: add check for returning value of SMB2_close_init
    - net: ag71xx: call phylink_disconnect_phy if ag71xx_hw_enable() fail in
      ag71xx_open()
    - net/x25: Fix skb leak in x25_lapb_receive_frame()
    - cifs: Fix wrong return value checking when GETFLAGS
    - net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init()
      and sparx5_start()
    - net: thunderbolt: Fix error handling in tbnet_init()
    - cifs: add check for returning value of SMB2_set_info_init
    - ftrace: Fix the possible incorrect kernel message
    - ftrace: Optimize the allocation for mcount entries
    - ftrace: Fix null pointer dereference in ftrace_add_mod()
    - ring_buffer: Do not deactivate non-existant pages
    - tracing: Fix memory leak in tracing_read_pipe()
    - tracing/ring-buffer: Have polling block on watermark
    - tracing: Fix memory leak in test_gen_synth_cmd() and
      test_empty_synth_event()
    - tracing: Fix wild-memory-access in register_synth_event()
    - tracing: Fix race where eprobes can be called before the event
    - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
      kprobe_event_gen_test_exit()
    - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
      kprobe_event_gen_test_exit()
    - drm/amd/display: Add HUBP surface flip interrupt handler
    - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
    - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
    - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
    - Revert "usb: dwc3: disable USB core PHY management"
    - slimbus: qcom-ngd: Fix build error when CONFIG_SLIM_QCOM_NGD_CTRL=y &&
      CONFIG_QCOM_RPROC_COMMON=m
    - slimbus: stream: correct presence rate frequencies
    - speakup: fix a segfault caused by switching consoles
    - USB: bcma: Make GPIO explicitly optional
    - USB: serial: option: add Sierra Wireless EM9191
    - USB: serial: option: remove old LARA-R6 PID
    - USB: serial: option: add u-blox LARA-R6 00B modem
    - USB: serial: option: add u-blox LARA-L6 modem
    - USB: serial: option: add Fibocom FM160 0x0111 composition
    - usb: add NO_LPM quirk for Realforce 87U Keyboard
    - usb: chipidea: fix deadlock in ci_otg_del_timer
    - usb: cdns3: host: fix endless superspeed hub port reset
    - usb: typec: mux: Enter safe mode only when pins need to be reconfigured
    - iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
    - iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
    - iio: adc: mp2629: fix wrong comparison of channel
    - iio: adc: mp2629: fix potential array out of bound access
    - iio: pressure: ms5611: changed hardcoded SPI speed to value limited
    - dm ioctl: fix misbehavior if list_versions races with module loading
    - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
    - serial: 8250: Flush DMA Rx on RLSI
    - serial: 8250_lpss: Configure DMA also w/o DMA filter
    - Input: iforce - invert valid length check when fetching device IDs
    - maccess: Fix writing offset in case of fault in
      strncpy_from_kernel_nofault()
    - net: phy: marvell: add sleep time after enabling the loopback bit
    - scsi: zfcp: Fix double free of FSF request when qdio send fails
    - iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging entries
    - iommu/vt-d: Set SRE bit only when hardware has SRS cap
    - firmware: coreboot: Register bus in module init
    - mmc: core: properly select voltage range without power cycle
    - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
      timeout
    - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
    - docs: update mediator contact information in CoC doc
    - misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
    - perf/x86/intel/pt: Fix sampling using single range output
    - nvme: restrict management ioctls to admin
    - nvme: ensure subsystem reset is single threaded
    - serial: 8250_lpss: Use 16B DMA burst with Elkhart Lake
    - perf: Improve missing SIGTRAP checking
    - ring-buffer: Include dropped pages in counting dirty patches
    - tracing: Fix warning on variable 'struct trace_array'
    - net: use struct_group to copy ip/ipv6 header addresses
    - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
    - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
    - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
    - Input: i8042 - fix leaking of platform device on module removal
    - macvlan: enforce a consistent minimal mtu
    - tcp: cdg: allow tcp_cdg_release() to be called multiple times
    - kcm: avoid potential race in kcm_tx_work
    - kcm: close race conditions on sk_receive_queue
    - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
    - gfs2: Check sb_bsize_shift after reading superblock
    - gfs2: Switch from strlcpy to strscpy
    - 9p/trans_fd: always use O_NONBLOCK read/write
    - wifi: wext: use flex array destination for memcpy()
    - mm: fs: initialize fsdata passed to write_begin/write_end interface
    - net/9p: use a dedicated spinlock for trans_fd
    - ntfs: fix use-after-free in ntfs_attr_find()
    - ntfs: fix out-of-bounds read in ntfs_attr_find()
    - ntfs: check overflow when iterating ATTR_RECORDs
    - drm/msm/gpu: Fix crash during system suspend after unbind
    - spi: tegra210-quad: Fix combined sequence
    - ASoC: rt5682s: Fix the TDM Tx settings
    - selftests/kexec: fix build for ARCH=x86_64
    - ASoC: Intel: sof_rt5682: Add quirk for Rex board
    - ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16
      Gen 4+ ARA to the Quirks List
    - ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table
    - drm/amdgpu: Adjust MES polling timeout for sriov
    - platform/x86: thinkpad_acpi: Fix reporting a non present second fan on some
      models
    - drm/scheduler: fix fence ref counting
    - cxl/mbox: Add a check on input payload size
    - SUNRPC: Fix crasher in gss_unwrap_resp_integ()
    - drm/rockchip: vop2: fix null pointer in plane_atomic_disable
    - drm/rockchip: vop2: disable planes when disabling the crtc
    - ksefltests: pidfd: Fix wait_states: Test terminated by timeout
    - powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec
    - block: blk_add_rq_to_plug(): clear stale 'last' after flush
    - firmware: arm_scmi: Make tx_prepare time out eventually
    - drm/amd/display: Ignore Cable ID Feature
    - drm/amdgpu: set fb_modifiers_not_supported in vkms
    - drm/amd: Fail the suspend if resources can't be evicted
    - cxl/pmem: Use size_add() against integer overflow
    - tools/testing/cxl: Fix some error exits
    - arm64/mm: fold check for KFENCE into can_set_direct_map()
    - arm64: fix rodata=full again
    - KVM: SVM: remove dead field from struct svm_cpu_data
    - KVM: SVM: do not allocate struct svm_cpu_data dynamically
    - KVM: SVM: restore host save area from assembly
    - KVM: SVM: move MSR_IA32_SPEC_CTRL save/restore to assembly
    - arm64: dts: qcom: sc7280: Add the reset reg for lpass audiocc on SC7280
    - ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N
    - arm64: dts: qcom: sm8250: Disable the not yet supported cluster idle state
    - tty: serial: fsl_lpuart: don't break the on-going transfer when global reset
    - bnxt_en: refactor bnxt_cancel_reservations()
    - bnxt_en: fix the handling of PCIE-AER
    - mtd: onenand: omap2: add dependency on GPMC
    - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent
    - sctp: clear out_curr if all frag chunks of current msg are pruned
    - erofs: clean up .read_folio() and .readahead() in fscache mode
    - io_uring: calculate CQEs from the user visible value
    - pinctrl: mediatek: common-v2: Fix bias-disable for PULL_PU_PD_RSEL_TYPE
    - selftests/bpf: Fix test_progs compilation failure in 32-bit arch
    - arm64: dts: imx8mm-tqma8mqml-mba8mx: Fix USB DR
    - cifs: Fix connections leak when tlink setup failed
    - ata: libata-core: do not issue non-internal commands once EH is pending
    - net: phy: dp83867: Fix SGMII FIFO depth for non OF devices
    - mctp i2c: don't count unused / invalid keys for flow release
    - octeon_ep: delete unnecessary napi rollback under set_queues_err in
      octep_open()
    - octeon_ep: ensure octep_get_link_status() successfully before
      octep_link_up()
    - octeon_ep: fix potential memory leak in octep_device_setup()
    - octeon_ep: ensure get mac address successfully before eth_hw_addr_set()
    - erofs: fix missing xas_retry() in fscache mode
    - mlxsw: Avoid warnings when not offloaded FDB entry with IPv6 is removed
    - net: hns3: fix incorrect hw rss hash type of rx packet
    - net: hns3: fix return value check bug of rx copybreak
    - netfs: Fix missing xas_retry() calls in xarray iteration
    - netfs: Fix dodgy maths
    - net: dsa: don't leak tagger-owned storage on switch driver unbind
    - net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
    - s390: avoid using global register for current_stack_pointer
    - netdevsim: Fix memory leak of nsim_dev->fa_cookie
    - rethook: fix a potential memleak in rethook_alloc()
    - drm/amd/pm: fix SMU13 runpm hang due to unintentional workaround
    - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
    - drm/amd/display: Fix invalid DPIA AUX reply causing system hang
    - drm/amd/display: Fix access timeout to DPIA AUX at boot time
    - drm/amd/display: Support parsing VRAM info v3.0 from VBIOS
    - usb: dwc3: Do not get extcon device when usb-role-switch is used
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV7000
    - usb: typec: tipd: Prevent uninitialized event{1,2} in IRQ handler
    - iio: accel: bma400: Ensure VDDIO is enable defore reading the chip ID.
    - iio: pressure: ms5611: fixed value compensation bug
    - ceph: avoid putting the realm twice when decoding snaps fails
    - s390/dcssblk: fix deadlock when adding a DCSS
    - blk-cgroup: properly pin the parent in blkcg_css_online
    - x86/fpu: Drop fpregs lock before inheriting FPU permissions
    - ASoC: SOF: topology: No need to assign core ID if token parsing failed
    - perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and
      throttling
    - net: usb: smsc95xx: fix external PHY reset
    - tracing: Fix potential null-pointer-access of entry in list 'tr->err_log'
    - arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud
    - KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()
    - netlink: Bounds-check struct nlmsgerr creation
    - bpf: Prevent bpf program recursion for raw tracepoint probes
  * Fix RPL-S support on powercap/intel_rapl (LP: #1990161)
    - powercap: intel_rapl: Add support for RAPTORLAKE_P
    - powercap: intel_rapl: Add support for RAPTORLAKE_S
  * Kinetic update: upstream stable patchset 2023-01-04 (LP: #2001726)
    - drm/amdkfd: handle CPU fault on COW mapping
    - drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
    - hwspinlock: qcom: correct MMIO max register for newer SoCs
    - phy: stm32: fix an error code in probe
    - wifi: cfg80211: silence a sparse RCU warning
    - wifi: cfg80211: fix memory leak in query_regdb_file()
    - soundwire: qcom: reinit broadcast completion
    - soundwire: qcom: check for outanding writes before doing a read
    - bpf, verifier: Fix memory leak in array reallocation for stack state
    - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
    - wifi: mac80211: Set TWT Information Frame Disabled bit as 1
    - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
      FILE
    - HID: hyperv: fix possible memory leak in mousevsc_probe()
    - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
    - bpf: Fix sockmap calling sleepable function in teardown path
    - bpf, sock_map: Move cancel_work_sync() out of sock lock
    - bpf: Add helper macro bpf_for_each_reg_in_vstate
    - bpf: Fix wrong reg type conversion in release_reference()
    - net: gso: fix panic on frag_list with mixed head alloc types
    - macsec: delete new rxsc when offload fails
    - macsec: fix secy->n_rx_sc accounting
    - macsec: fix detection of RXSCs when toggling offloading
    - macsec: clear encryption keys from the stack after setting up offload
    - octeontx2-pf: NIX TX overwrites SQ_CTX_HW_S[SQ_INT]
    - net: tun: Fix memory leaks of napi_get_frags
    - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
    - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
    - net: fman: Unregister ethernet device on removal
    - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
    - phy: ralink: mt7621-pci: add sentinel to quirks table
    - KVM: s390: pv: don't allow userspace to set the clock under PV
    - net: lapbether: fix issue of dev reference count leakage in
      lapbeth_device_event()
    - hamradio: fix issue of dev reference count leakage in bpq_device_event()
    - net: wwan: iosm: fix memory leak in ipc_wwan_dellink
    - net: wwan: mhi: fix memory leak in mhi_mbim_dellink
    - drm/vc4: Fix missing platform_unregister_drivers() call in
      vc4_drm_register()
    - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
    - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
    - can: af_can: fix NULL pointer dereference in can_rx_register()
    - net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable()
    - net: broadcom: Fix BCMGENET Kconfig
    - tipc: fix the msg->req tlv len check in
      tipc_nl_compat_name_table_dump_header
    - dmaengine: pxa_dma: use platform_get_irq_optional
    - dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
    - dmaengine: ti: k3-udma-glue: fix memory leak when register device fail
    - net: lapbether: fix issue of invalid opcode in lapbeth_open()
    - drivers: net: xgene: disable napi when register irq failed in
      xgene_enet_open()
    - perf stat: Fix printing os->prefix in CSV metrics output
    - perf tools: Add the include/perf/ directory to .gitignore
    - netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()
    - netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
    - net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
    - net: nixge: disable napi when enable interrupts failed in nixge_open()
    - net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg
    - net/mlx5: Bridge, verify LAG state when adding bond to bridge
    - net/mlx5: Allow async trigger completion execution on single CPU systems
    - net/mlx5e: E-Switch, Fix comparing termination table instance
    - net: cpsw: disable napi in cpsw_ndo_open()
    - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
    - stmmac: intel: Update PCH PTP clock rate from 200MHz to 204.8MHz
    - mctp: Fix an error handling path in mctp_init()
    - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
      cxgb4vf_open()
    - stmmac: dwmac-loongson: fix missing pci_disable_msi() while module exiting
    - stmmac: dwmac-loongson: fix missing pci_disable_device() in
      loongson_dwmac_probe()
    - stmmac: dwmac-loongson: fix missing of_node_put() while module exiting
    - net: phy: mscc: macsec: clear encryption keys when freeing a flow
    - net: atlantic: macsec: clear encryption keys from the stack
    - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
    - net: mv643xx_eth: disable napi when init rxq or txq failed in
      mv643xx_eth_open()
    - ethernet: tundra: free irq when alloc ring failed in tsi108_open()
    - net: macvlan: fix memory leaks of macvlan_common_newlink
    - riscv: process: fix kernel info leakage
    - riscv: vdso: fix build with llvm
    - riscv: fix reserved memory setup
    - arm64: efi: Fix handling of misaligned runtime regions and drop warning
    - MIPS: jump_label: Fix compat branch range check
    - mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
    - mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
    - mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA
    - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
    - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
    - ALSA: hda: fix potential memleak in 'add_widget_node'
    - ALSA: hda/realtek: Add Positivo C6300 model quirk
    - ALSA: usb-audio: Yet more regression for for the delayed card registration
    - ALSA: usb-audio: Add quirk entry for M-Audio Micro
    - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
    - vmlinux.lds.h: Fix placement of '.data..decrypted' section
    - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
    - nilfs2: fix deadlock in nilfs_count_free_blocks()
    - nilfs2: fix use-after-free bug of ns_writer on remount
    - drm/i915/dmabuf: fix sg_table handling in map_dma_buf
    - drm/amdgpu: disable BACO on special BEIGE_GOBY card
    - btrfs: fix match incorrectly in dev_args_match_device
    - btrfs: selftests: fix wrong error check in btrfs_free_dummy_root()
    - btrfs: zoned: initialize device's zone info for seeding
    - mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
    - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
    - mm/damon/dbgfs: check if rm_contexts input is for a real context
    - mm/memremap.c: map FS_DAX device memory as decrypted
    - mm/shmem: use page_mapping() to detect page cache for uffd continue
    - can: j1939: j1939_send_one(): fix missing CAN header initialization
    - dmaengine: at_hdmac: Fix at_lli struct definition
    - dmaengine: at_hdmac: Don't start transactions at tx_submit level
    - dmaengine: at_hdmac: Start transfer for cyclic channels in issue_pending
    - dmaengine: at_hdmac: Fix premature completion of desc in issue_pending
    - dmaengine: at_hdmac: Do not call the complete callback on
      device_terminate_all
    - dmaengine: at_hdmac: Protect atchan->status with the channel lock
    - dmaengine: at_hdmac: Fix concurrency problems by removing atc_complete_all()
    - dmaengine: at_hdmac: Fix concurrency over descriptor
    - dmaengine: at_hdmac: Free the memset buf without holding the chan lock
    - dmaengine: at_hdmac: Fix concurrency over the active list
    - dmaengine: at_hdmac: Fix descriptor handling when issuing it to hardware
    - dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors
    - dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
    - dmaengine: at_hdmac: Fix impossible condition
    - dmaengine: at_hdmac: Check return code of dma_async_device_register
    - drm/amdkfd: Migrate in CPU page fault use current mm
    - net: tun: call napi_schedule_prep() to ensure we own a napi
    - x86/cpu: Restore AMD's DE_CFG MSR after resume
    - drm/i915/gvt: Add missing vfio_unregister_group_dev() call
    - KVM: debugfs: Return retval of simple_attr_open() if it fails
    - HID: wacom: Fix logic used for 3rd barrel switch emulation
    - ALSA: arm: pxa: pxa2xx-ac97-lib: fix return value check of
      platform_get_irq()
    - spi: mediatek: Fix package division error
    - drm/vc4: hdmi: Fix HSM clock too low on Pi4
    - PCI: hv: Fix the definition of vector in hv_compose_msi_msg()
    - KVM: s390: pci: Fix allocation size of aift kzdev elements
    - drm/i915/psr: Send update also on invalidate
    - drm/i915: Do not set cache_dirty for DGFX
    - dt-bindings: net: tsnep: Fix typo on generic nvmem property
    - dmanegine: idxd: reformat opcap output to match bitmap_parse() input
    - dmaengine: idxd: Fix max batch size for Intel IAA
    - dmaengine: idxd: fix RO device state error after been disabled/reset
    - dmaengine: stm32-dma: fix potential race between pause and resume
    - net: ethernet: mtk-star-emac: disable napi when connect and start PHY failed
      in mtk_star_enable()
    - octeontx2-pf: Fix SQE threshold checking
    - perf stat: Fix crash with --per-node --metric-only in CSV mode
    - net: wwan: iosm: fix invalid mux header type
    - net/mlx5e: Add missing sanity checks for max TX WQE size
    - ice: Fix spurious interrupt during removal of trusted VF
    - iavf: Fix VF driver counting VLAN 0 filters
    - ALSA: memalloc: Don't fall back for SG-buffer with IOMMU
    - eth: sp7021: drop free_netdev() from spl2sw_init_netdev()
    - mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI
    - ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
    - drm/amdgpu: workaround for TLB seq race
    - drm/amdkfd: Fix error handling in criu_checkpoint
    - drm/amdkfd: Fix error handling in kfd_criu_restore_events
    - btrfs: zoned: clone zoned device info when cloning a device
    - net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload
    - spi: intel: Use correct mask for flash and protected regions
    - dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual
      Addressing
    - can: isotp: fix tx state handling for echo tx processing
    - can: rcar_canfd: Add missing ECC error checks for channels 2-7
    - KVM: x86: use a separate asm-offsets.c file
    - KVM: SVM: replace regs argument of __svm_vcpu_run() with vcpu_svm
    - KVM: SVM: adjust register allocation for __svm_vcpu_run()
    - KVM: SVM: retrieve VMCB from assembly
    - KVM: SVM: move guest vmsave/vmload back to assembly
  * AMD Rembrandt: DP tunneling fails with Thunderbolt monitors
    (LP: #1983143) // Kinetic update: upstream stable patchset 2023-01-04
    (LP: #2001726)
    - thunderbolt: Add DP OUT resource when DP tunnel is discovered
  * CVE-2022-47520
    - wifi: wilc1000: validate pairwise and authentication suite offsets
  * CVE-2022-3545
    - nfp: fix use-after-free in area_cache_get()

-- Tim Gardner <tim.gardner@canonical.com>  Thu, 13 Jul 2023 10:50:12 -0600

Changed in linux-aws-5.19 (Ubuntu Jammy):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-07-24

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2023-07-24: Workflow done!

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status:	In Progress → Fix Committed

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2023-09-11

Changed in kernel-sru-workflow:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.