Focal update: v5.4.232 upstream stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Luke Nowakowski-Krijger |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v5.4.232 upstream stable release
from git://git.
clk: generalize devm_clk_get() a bit
clk: Provide new devm_clk helpers for prepared and enabled clocks
memory: atmel-sdramc: Fix missing clk_disable_
memory: mvebu-devbus: Fix missing clk_disable_
ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
ARM: imx27: Retrieve the SYSCTRL base address from devicetree
ARM: imx31: Retrieve the IIM base address from devicetree
ARM: imx35: Retrieve the IIM base address from devicetree
ARM: imx: add missing of_node_put()
HID: intel_ish-hid: Add check for ishtp_dma_tx_map
EDAC/highbank: Fix memory leak in highbank_mc_probe()
tomoyo: fix broken dependency on *.conf.default
RDMA/core: Fix ib block iterator counter overflow
IB/hfi1: Reject a zero-length user expected buffer
IB/hfi1: Reserve user expected TIDs
IB/hfi1: Fix expected receive setup error exit issues
affs: initialize fsdata in affs_truncate()
amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
amd-xgbe: Delay AN timeout during KR training
bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation
phy: rockchip-inno-usb2: Fix missing clk_disable_
net: nfc: Fix use-after-free in local_cleanup()
net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
net/sched: sch_taprio: fix possible use-after-free
net: fix a concurrency bug in l2tp_tunnel_
l2tp: Serialize access to sk_user_data with sk_callback_lock
l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
net: usb: sr9700: Handle negative len
net: mdio: validate parameter addr in mdiobus_get_phy()
HID: check empty report_list in hid_validate_
HID: check empty report_list in bigben_probe()
net: stmmac: fix invalid call to mdiobus_get_phy()
HID: revert CHERRY_MOUSE_000C quirk
usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
net: mlx5: eliminate anonymous module_init & module_exit
drm/panfrost: fix GENERIC_ATOMIC64 dependency
dmaengine: Fix double increment of client_count in dma_chan_get()
net: macb: fix PTP TX timestamp failure due to packet padding
HID: betop: check shape of output reports
dmaengine: xilinx_dma: use devm_platform_
dmaengine: xilinx_dma: Fix devm_platform_
dmaengine: xilinx_dma: call of_node_put() when breaking out of for_each_
tcp: avoid the lookup process failing to get sk in ehash table
w1: fix deadloop in __w1_remove_
w1: fix WARNING after calling w1_process()
driver core: Fix test_async_
net: dsa: microchip: ksz9477: port map correction in ALU table entry register
tcp: fix rate_app_limited to default to 1
cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
ASoC: fsl_micfil: Correct the number of steps on SX controls
drm: Add orientation quirk for Lenovo ideapad D330-10IGL
s390/debug: add _ASM_S390_ prefix to header guard
cpufreq: armada-37xx: stop using 0 as NULL pointer
ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
spi: spidev: remove debug messages that access spidev->spi without locking
KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id
platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
lockref: stop doing cpu_relax in the cmpxchg loop
mmc: sdhci-esdhc-imx: clear pending interrupt and halt cqhci
mmc: sdhci-esdhc-imx: disable the CMD CRC check for standard tuning
mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
fs: reiserfs: remove useless new_opts in reiserfs_remount
Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
scsi: hpsa: Fix allocation size for scsi_host_alloc()
module: Don't wait for GOING modules
tracing: Make sure trace_printk() can output as soon as it can be used
trace_events_hist: add check for return value of 'create_hist_field'
ftrace/scripts: Update the instructions for ftrace-bisect.sh
cifs: Fix oops due to uncleared server->smbd_conn in reconnect
KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
thermal: intel: int340x: Protect trip temperature from concurrent updates
ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
EDAC/device: Respect any driver-supplied workqueue polling value
EDAC/qcom: Do not pass llcc_driv_data as edac_device_
netlink: prevent potential spectre v1 gadgets
net: fix UaF in netns ops registration error path
netfilter: nft_set_rbtree: skip elements in transaction from garbage collection
netlink: annotate data races around nlk->portid
netlink: annotate data races around dst_portid and dst_group
netlink: annotate data races around sk_state
ipv4: prevent potential spectre v1 gadget in ip_metrics_
ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_
netrom: Fix use-after-free of a listening socket.
net/sched: sch_taprio: do not schedule in taprio_reset()
sctp: fail if no bound addresses can be used for a given scope
net: ravb: Fix possible hang if RIS2_QFF1 happen
thermal: intel: int340x: Add locking to int340x_
net/tg3: resolve deadlock in tg3_reset_task() during EEH
net/phy/mdio-i2c: Move header file to include/linux/mdio
net: xgene: Move shared header file into include/linux
net: mdio-mux-
Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode"
nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
block: fix and cleanup bio_check_ro
x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
netfilter: conntrack: unify established states for SCTP paths
perf/x86/amd: fix potential integer overflow on shift of a int
clk: Fix pointer casting to prevent oops in devm_clk_release()
x86/asm: Fix an assembler warning with current binutils
ARM: dts: imx: Fix pca9547 i2c-mux node name
bpf: Skip task with pid=1 in send_signal_
blk-cgroup: fix missing pd_online_fn() while activating policy
dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
sysctl: add a new register_
panic: unset panic_on_warn inside panic()
mm: kasan: do not panic if both panic_on_warn and kasan_multishot set
exit: Add and use make_task_dead.
objtool: Add a missing comma to avoid string concatenation
hexagon: Fix function name in die()
h8300: Fix build errors from do_exit() to make_task_dead() transition
csky: Fix function name in csky_alignment() and die()
ia64: make IA64_MCA_RECOVERY bool instead of tristate
exit: Put an upper limit on how often we can oops
exit: Expose "oops_count" to sysfs
exit: Allow oops_limit to be disabled
panic: Consolidate open-coded panic_on_warn checks
panic: Introduce warn_limit
panic: Expose "warn_count" to sysfs
docs: Fix path paste-o for /sys/kernel/
exit: Use READ_ONCE() for all oops/warn limit reads
ipv6: ensure sane device mtu in tunnels
Bluetooth: fix null ptr deref on hci_sync_
usb: host: xhci-plat: add wakeup entry at sysfs
Revert "xprtrdma: Fix regbuf data not freed in rpcrdma_
Linux 5.4.231
UBUNTU: Upstream stable to v5.4.231
firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region
bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
ALSA: hda/via: Avoid potential array out-of-bound in add_secret_
arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
scsi: Revert "scsi: core: map PQ=1, PDT=other values to SCSI_SCAN_
WRITE is "data source", not destination...
fix iov_iter_bvec() "direction" argument
fix "direction" argument of iov_iter_kvec()
netrom: Fix use-after-free caused by accept on already connected socket
netfilter: br_netfilter: disable sabotage_in hook after first suppression
squashfs: harden sanity check in squashfs_
net: phy: meson-gxl: Add generic dummy stubs for MMD register access
can: j1939: fix errant WARN_ON_ONCE in j1939_session_
ata: libata: Fix sata_down_
selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy benchmarking
virtio-net: Keep stop() to follow mirror sequence of open()
net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
efi: fix potential NULL deref in efi_mem_
scsi: target: core: Fix warning on RT kernels
scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
i2c: rk3x: fix a bunch of kernel-doc warnings
net/x25: Fix to not accept on connected socket
iio: adc: stm32-dfsdm: fill module aliases
usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
usb: dwc3: qcom: enable vbus override when in OTG dr-mode
usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_
vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
Input: i8042 - move __initconst to fix code styling warning
Input: i8042 - merge quirk tables
Input: i8042 - add TUXEDO devices to i8042 quirk tables
Input: i8042 - add Clevo PCX0DX to i8042 quirk table
fbcon: Check font dimension limits
watchdog: diag288_wdt: do not use stack buffers for hardware data
watchdog: diag288_wdt: fix __diag288() inline assembly
efi: Accept version 2 of memory attributes table
iio: hid: fix the retval in accel_3d_
iio: adc: berlin2-adc: Add missing of_node_put() in error path
iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
parisc: Fix return code of pdc_iodc_print()
parisc: Wire up PTRACE_
riscv: disable generation of unwind tables
mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
fpga: stratix10-soc: Fix return value check in s10_ops_
mm/swapfile: add cond_resched() in get_swap_pages()
Squashfs: fix handling and sanity checking of xattr_ids count
nvmem: core: fix cell removal on error
mm: swap: properly update readahead statistics in unuse_pte_range()
xprtrdma: Fix regbuf data not freed in rpcrdma_
serial: 8250_dma: Fix DMA Rx completion race
serial: 8250_dma: Fix DMA Rx rearm race
powerpc/imc-pmu: Revert nest_init_lock to being a mutex
fbdev: smscufx: fix error handling code in ufx_usb_probe
f2fs: fix to do sanity check on i_extra_isize in is_alive()
wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads
iio:adc:twl6030: Enable measurement of VAC
btrfs: limit device extents to the device size
btrfs: zlib: zero-initialize zlib workspace
ALSA: emux: Avoid potential array out-of-bound in snd_emux_
tracing: Fix poll() and select() do not work on per_cpu trace_pipe and trace_pipe_raw
can: j1939: do not wait 250 ms if the same addr was already claimed
IB/hfi1: Restore allocated resources on failed copyout
IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
iommu: Add gfp parameter to iommu_ops::map
RDMA/usnic: use iommu_map_atomic() under spin_lock()
xfrm: fix bug with DSCP copy to v6 from v4 tunnel
bonding: fix error checking in bond_debug_
net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY
ionic: clean interrupt before enabling queue to avoid credit race
ice: Do not use WQ_MEM_RECLAIM flag for workqueue
rds: rds_rm_
selftests: forwarding: lib: quote the sysctl values
ALSA: pci: lx6464es: fix a debug loop
pinctrl: aspeed: Fix confusing types in return value
pinctrl: single: fix potential NULL dereference
pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
net: USB: Fix wrong-direction WARNING in plusb.c
usb: core: add quirk for Alcor Link AK9563 smartcard reader
usb: typec: altmodes/
ceph: flush cap releases when the session is flushed
riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte
arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
arm64: dts: meson-g12-common: Make mmc host controller interrupts level-sensitive
arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
nvme-pci: Move enumeration by class to be last in the table
bpf: Always return target ifindex in bpf_fib_lookup
migrate: hugetlb: check for hugetlb shared PMD in node migration
selftests/bpf: Verify copy_register_
ASoC: cs42l56: fix DT probe
tools/virtio: fix the vringh test for virtio ring changes
net/rose: Fix to not accept on connected socket
net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
net: sched: sch: Bounds check priority
s390/decompressor: specify __decompress() buf len to avoid overflow
nvme-fc: fix a missing queue put in nvmet_fc_
aio: fix mremap after fork null-deref
btrfs: free device in btrfs_close_devices for a single device filesystem
netfilter: nft_tproxy: restrict to prerouting hook
xfs: remove the xfs_efi_log_item_t typedef
xfs: remove the xfs_efd_log_item_t typedef
xfs: remove the xfs_inode_
xfs: factor out a xfs_defer_
xfs: merge the ->log_item defer op into ->create_intent
xfs: merge the ->diff_items defer op into ->create_intent
xfs: turn dfp_intent into a xfs_log_item
xfs: refactor xfs_defer_
xfs: log new intent items created as part of finishing recovered intent items
xfs: fix finobt btree block recovery ordering
xfs: proper replay of deferred ops queued during log recovery
xfs: xfs_defer_capture should absorb remaining block reservations
xfs: xfs_defer_capture should absorb remaining transaction reservation
xfs: clean up bmap intent item recovery checking
xfs: clean up xfs_bui_
xfs: fix an incore inode UAF in xfs_bui_recover
xfs: change the order in which child and parent defer ops are finished
xfs: periodically relog deferred intent items
xfs: expose the log push threshold
xfs: only relog deferred intent items if free space in the log gets low
xfs: fix missing CoW blocks writeback conversion retry
xfs: ensure inobt record walks always make forward progress
xfs: fix the forward progress assertion in xfs_iwalk_
xfs: prevent UAF in xfs_log_
xfs: sync lazy sb accounting on quiesce of read-only mounts
Revert "ipv4: Fix incorrect route flushing when source address is deleted"
ipv4: Fix incorrect route flushing when source address is deleted
mmc: sdio: fix possible resource leaks in some error paths
mmc: mmc_spi: fix error handling in mmc_spi_probe()
ALSA: hda/conexant: add a new hda codec SN6180
ALSA: hda/realtek - fixed wrong gpio assigned
sched/psi: Fix use-after-free in ep_remove_
hugetlb: check for undefined shift on 32 bit architectures
Revert "mm: Always release pages to the buddy allocator in memblock_
net: Fix unwanted sign extension in netdev_
revert "squashfs: harden sanity check in squashfs_
ixgbe: allow to increase MTU to 3K with XDP enabled
i40e: add double of VLAN header when computing the max MTU
net: bgmac: fix BCM5358 support by setting correct flags
sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.
net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
bnxt_en: Fix mqprio and XDP ring checking logic
net: stmmac: Restrict warning on disabling DMA store and fwd mode
net: mpls: fix stale pointer if allocation fails during device rename
ixgbe: add double of VLAN header when computing the max MTU
ipv6: Fix datagram socket connection with DSCP.
ipv6: Fix tcp socket connection with DSCP.
i40e: Add checking for null for nlmsg_find_attr()
kvm: initialize all of the kvm_debugregs structure before sending it to userspace
nilfs2: fix underflow in second superblock position calculations
ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
net: sched: sch: Fix off by one in htb_activate_
iommu/amd: Pass gfp flags to iommu_map_page() in amd_iommu_map()
Linux 5.4.232
UBUNTU: Upstream stable to v5.4.232
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: kernel-stable-tracking-bug |
summary: |
- Focal update: upstream stable patchset 2023-03-14 + Focal update: v5.4.232 upstream stable release |
description: | updated |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in linux (Ubuntu Focal): | |
importance: | Undecided → Medium |
assignee: | nobody → Luke Nowakowski-Krijger (lukenow) |
status: | New → In Progress |
description: | updated |
Changed in linux (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package linux - 5.4.0-149.166
---------------
linux (5.4.0-149.166) focal; urgency=medium
* focal/linux: 5.4.0-149.166 -proposed tracker (LP: #2016591)
* Focal update: v5.4.233 upstream stable release (LP: #2015909) entropy( )
- dma-mapping: add generic helpers for mapping sgtable objects
- scatterlist: add generic wrappers for iterating over sgtable objects
- drm: etnaviv: fix common struct sg_table related issues
- drm/etnaviv: don't truncate physical page address
- wifi: rtl8xxxu: gen2: Turn on the rate control
- powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
- random: always mix cycle counter in add_latent_
- KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
- can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
- powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
- alarmtimer: Prevent starvation by small intervals and SIG_IGN
- drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
- mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
- uaccess: Add speculation barrier to copy_from_user()
- wifi: mwifiex: Add missing compatible string for SD8787
- ext4: Fix function prototype mismatch for ext4_feat_ktype
- Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
child qdiscs"
- bpf: add missing header file include
- Linux 5.4.233
* selftest: fib_tests: Always cleanup before exit (LP: #2015956)
- selftest: fib_tests: Always cleanup before exit
* fib_tests.sh in ubuntu_ kernel_ selftests was skipped silently on Focal
(LP: #2015440)
- selftests: Fix the executable permissions for fib_tests.sh
* Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
- [Debian] autoreconstruct - fix restoration of execute permissions
* kernel: fix __clear_user() inline assembly constraints (LP: #2013088)
- s390/uaccess: add missing earlyclobber annotations to __clear_user()
* i/o error if next unused loop device is queried (LP: #1856871)
- loop: fix I/O error on fsync() in detached loop devices
* CVE-2023-1075
- net/tls: tls_is_tx_ready() checked list_entry
* Focal update: v5.4.232 upstream stable release (LP: #2011625) dac_path( ) SCAN_TARGET_ PRESENT" read_xattr_ id_table
- firewire: fix memory leak for payload of request subaction to IEC 61883-1
FCP region
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
- ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_
- arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
- scsi: Revert "scsi: core: map PQ=1, PDT=other values to
SCSI_
- WRITE is "data source", not destination...
- fix iov_iter_bvec() "direction" argument
- fix "direction" argument of iov_iter_kvec()
- netrom: Fix use-after-free caused by accept on already connected socket
- netfilter: br_netfilter: disable sabotage_in hook after first suppression
- squashfs: harden sanity check in squashfs_
- net: phy: meson-gxl: Add generic dummy stubs for MMD register access
...