linux 5.4.0-207.227 source package in Ubuntu

Changelog

linux (5.4.0-207.227) focal; urgency=medium

  * focal/linux: 5.4.0-207.227 -proposed tracker (LP: #2095347)

  * Remove "ftrace: Fix possible use-after-free issue in ftrace_location()" bad
    commit from focal (LP: #2095348)
    - Revert "ftrace: Fix possible use-after-free issue in ftrace_location()"

linux (5.4.0-206.226) focal; urgency=medium

  * focal/linux: 5.4.0-206.226 -proposed tracker (LP: #2093785)

  * nouveau keeps showing `disp: ctrl 00000080` and crippling the system
    (LP: #2078011)
    - drm/nouveau/disp/gv100-: halt NV_PDISP_FE_RM_INTR_STAT_CTRL_DISP_ERROR
      storms
    - drm/nouveau/kms/gv100-: move window ownership setup into modesetting path
    - drm/nouveau/kms/gv100-: avoid sending a core update until the first modeset

  * CVE-2024-43863
    - drm/vmwgfx: Fix a deadlock in dma buf fence polling

  * CVE-2024-40911
    - wifi: cfg80211: Lock wiphy in cfg80211_get_station

  * CVE-2024-35896
    - netfilter: validate user input for expected length
    - netfilter: complete validation of user input

  * CVE-2023-52458
    - block: add check that partition length needs to be aligned with block size

  * kernel:nft "Could not process rule: Device or resource busy" on unreferenced
    chain (LP: #2089699)
    - SAUCE: netfilter: nf_tables: Fix EBUSY on deleting unreferenced chain

  * CVE-2024-35887
    - lockdep: Add preemption enabled/disabled assertion APIs
    - timers: Don't block on ->expiry_lock for TIMER_IRQSAFE timers
    - Documentation: Remove bogus claim about del_timer_sync()
    - ARM: spear: Do not use timer namespace for timer_shutdown() function
    - clocksource/drivers/arm_arch_timer: Do not use timer namespace for
      timer_shutdown() function
    - clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown()
      function
    - timers: Get rid of del_singleshot_timer_sync()
    - timers: Replace BUG_ON()s
    - timers: Rename del_timer() to timer_delete()
    - Documentation: Replace del_timer/del_timer_sync()
    - timers: Silently ignore timers with a NULL function
    - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode
    - timers: Add shutdown mechanism to the internal functions
    - timers: Provide timer_shutdown[_sync]()
    - timers: Update the documentation to reflect on the new timer_shutdown() API
    - ax25: fix use-after-free bugs caused by ax25_ds_del_timer

  * CVE-2024-40965
    - clk: Add a devm variant of clk_rate_exclusive_get()
    - clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get()
    - i2c: lpi2c: Avoid calling clk_get_rate during transfer

  * CVE-2024-40982
    - ssb: Fix potential NULL pointer dereference in ssb_device_uevent()

  * CVE-2024-41066
    - ibmvnic: Add tx check to prevent skb leak

  * CVE-2024-42252
    - closures: Change BUG_ON() to WARN_ON()

  * CVE-2024-46731
    - drm/amd/pm: fix the Out-of-bounds read warning

  * Focal update: v5.4.286 upstream stable release (LP: #2089558)
    - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-
      excavator
    - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
    - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards
    - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion
    - ARM: dts: rockchip: fix rk3036 acodec node
    - ARM: dts: rockchip: drop grf reference from rk3036 hdmi
    - ARM: dts: rockchip: Fix the spi controller on rk3036
    - ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin
    - enetc: simplify the return expression of enetc_vf_set_mac_addr()
    - net: enetc: set MAC address to the VF net_device
    - can: c_can: fix {rx,tx}_errors statistics
    - media: stb0899_algo: initialize cfr before using it
    - media: dvb_frontend: don't play tricks with underflow values
    - media: adv7604: prevent underflow condition when reporting colorspace
    - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init()
    - pwm: imx-tpm: Use correct MODULO value for EPWM mode
    - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
    - dm cache: correct the number of origin blocks to match the target length
    - dm cache: optimize dirty bit checking with find_next_bit when resizing
    - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t
      overflow
    - mtd: rawnand: protect access to rawnand devices while in suspend
    - spi: fix use-after-free of the add_lock mutex
    - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
      uvc_parse_format
    - fs/proc: fix compile warning about variable 'vmcore_mmap_ops'
    - USB: serial: qcserial: add support for Sierra Wireless EM86xx
    - USB: serial: option: add Fibocom FG132 0x0112 composition
    - USB: serial: option: add Quectel RG650V
    - irqchip/gic-v3: Force propagation of the active state with a read-back
    - ALSA: usb-audio: Support jack detection on Dell dock
    - ALSA: usb-audio: Add quirks for Dell WD19 dock
    - NFSD: Fix NFSv4's PUTPUBFH operation
    - ALSA: usb-audio: Add endianness annotations
    - 9p: Avoid creating multiple slab caches with the same name
    - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
    - bpf: use kvzmalloc to allocate BPF verifier environment
    - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML
    - powerpc/powernv: Free name on error in opal_event_init()
    - fs: Fix uninitialized value issue in from_kuid and from_kgid
    - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
    - md/raid10: improve code of mrdev in raid10_sync_request
    - mm: clarify a confusing comment for remap_pfn_range()
    - mm: fix ambiguous comments for better code readability
    - mm/memory.c: make remap_pfn_range() reject unaligned addr
    - mm: add remap_pfn_range_notrack
    - 9p: fix slab cache name creation for real
    - Linux 5.4.286

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-47674
    - mm: avoid leaving partial pfn mappings around in error case

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-38588
    - ftrace: Fix possible use-after-free issue in ftrace_location()

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50265
    - ocfs2: remove entry once instead of null-ptr-dereference in
      ocfs2_xa_remove()

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50267
    - USB: serial: io_edgeport: fix use after free in debug printk

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50269
    - usb: musb: sunxi: Fix accessing an released usb phy

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2021-47469
    - spi: Fix deadlock when adding SPI controllers on SPI buses

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50273
    - btrfs: reinitialize delayed ref list after deleting it from the list

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-53066
    - nfs: Fix KMSAN warning in decode_getfattr_attrs()

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50278
    - dm cache: fix potential out-of-bounds access on the first resume

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50279
    - dm cache: fix out-of-bounds access to the dirty bitset when resizing

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50282
    - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50287
    - media: v4l2-tpg: prevent the risk of a division by zero

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50290
    - media: cx24116: prevent overflows on SNR calculus

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-53061
    - media: s5p-jpeg: prevent buffer overflows

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-53063
    - media: dvbdev: prevent the risk of out of memory access

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50296
    - net: hns3: fix kernel crash when uninstalling driver

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50299
    - sctp: properly validate chunk size in sctp_sf_ootb()

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50301
    - security/keys: fix slab-out-of-bounds in key_task_permission

  * Focal update: v5.4.286 upstream stable release (LP: #2089558) //
    CVE-2024-50302
    - HID: core: zero-initialize the report buffer

  * Add list of source files to linux-buildinfo (LP: #2086606)
    - [Packaging] Sort build dependencies alphabetically
    - [Packaging] Add list of used source files to buildinfo package

  * Focal update: v5.4.285 upstream stable release (LP: #2089233)
    - usbnet: ipheth: fix carrier detection in modes 1 and 4
    - net: ethernet: use ip_hdrlen() instead of bit shift
    - net: phy: vitesse: repair vsc73xx autonegotiation
    - scripts: kconfig: merge_config: config files: add a trailing newline
    - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
      Puma
    - ice: fix accounting for filters shared by multiple VSIs
    - net/mlx5e: Add missing link modes to ptys2ethtool_map
    - net: ftgmac100: Enable TX interrupt to avoid TX timeout
    - soundwire: stream: Revert "soundwire: stream: fix programming slave ports
      for non-continous port maps"
    - selftests: breakpoints: Fix a typo of function name
    - ASoC: allow module autoloading for table db1200_pids
    - ALSA: hda/realtek - Fixed ALC256 headphone no sound
    - ALSA: hda/realtek - FIxed ALC285 headphone no sound
    - pinctrl: at91: make it work with current gpiolib
    - microblaze: don't treat zero reserved memory regions as error
    - net: ftgmac100: Ensure tx descriptor updates are visible
    - wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room()
    - ASoC: tda7419: fix module autoloading
    - drm: komeda: Fix an issue related to normalized zpos
    - spi: bcm63xx: Enable module autoloading
    - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency
    - USB: serial: pl2303: add device id for Macrosilicon MS3020
    - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe()
    - wifi: ath9k: fix parameter check in ath9k_init_debug()
    - wifi: ath9k: Remove error checks when creating debugfs entries
    - fs: explicitly unregister per-superblock BDIs
    - mount: warn only once about timestamp range expiration
    - fs/namespace: fnic: Switch to use %ptTd
    - mount: handle OOM on mnt_warn_timestamp_expiry
    - can: j1939: use correct function name in comment
    - netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire
    - netfilter: nf_tables: reject element expiration with no timeout
    - netfilter: nf_tables: reject expiration higher than timeout
    - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan()
    - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors
    - mac80211: parse radiotap header when selecting Tx queue
    - Bluetooth: btusb: Fix not handling ZPL/short-transfer
    - net: tipc: avoid possible garbage value
    - block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator()
    - block, bfq: don't break merge chain in bfq_split_bfqq()
    - spi: ppc4xx: handle irq_of_parse_and_map() errors
    - spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ
    - ARM: dts: imx7d-zii-rmu2: fix Ethernet PHY pinctrl property
    - ARM: versatile: fix OF node leak in CPUs prepare
    - reset: berlin: fix OF node leak in probe() error path
    - clocksource/drivers/qcom: Add missing iounmap() on errors in
      msm_dt_timer_init()
    - hwmon: (max16065) Fix overflows seen when writing limits
    - mtd: slram: insert break after errors in parsing the map
    - hwmon: (ntc_thermistor) fix module autoloading
    - power: supply: axp20x_battery: allow disabling battery charging
    - power: supply: axp20x_battery: Remove design from min and max voltage
    - power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense
    - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe()
    - mtd: powernv: Add check devm_kasprintf() returned value
    - drm/stm: Fix an error handling path in stm_drm_platform_probe()
    - drm/amdgpu: Replace one-element array with flexible-array member
    - drm/amdgpu: properly handle vbios fake edid sizing
    - drm/radeon: Replace one-element array with flexible-array member
    - drm/radeon: properly handle vbios fake edid sizing
    - drm/rockchip: vop: Allow 4096px width scaling
    - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode
    - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets
    - drm/msm: Fix incorrect file name output in adreno_request_fw()
    - drm/msm/a5xx: disable preemption in submits by default
    - drm/msm/a5xx: properly clear preemption records on resume
    - drm/msm/a5xx: fix races in preemption evaluation stage
    - ipmi: docs: don't advertise deprecated sysfs entries
    - drm/msm: fix %s null argument error
    - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind()
    - xen: use correct end address of kernel for conflict checking
    - xen/swiotlb: add alignment check for dma buffers
    - selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c
    - selftests/bpf: Fix compiling flow_dissector.c with musl-libc
    - selftests/bpf: Fix compiling tcp_rtt.c with musl-libc
    - selftests/bpf: Fix error compiling test_lru_map.c
    - xz: cleanup CRC32 edits from 2018
    - kthread: add kthread_work tracepoints
    - kthread: fix task state in kthread worker if being frozen
    - ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard
    - smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso
    - ext4: avoid negative min_clusters in find_group_orlov()
    - ext4: return error on ext4_find_inline_entry
    - nilfs2: determine empty node blocks as corrupted
    - bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit
    - perf sched timehist: Fix missing free of session in perf_sched__timehist()
    - perf sched timehist: Fixed timestamp error when unable to confirm event
      sched_in time
    - perf time-utils: Fix 32-bit nsec parsing
    - clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228
    - PCI: xilinx-nwl: Fix register misspelling
    - pinctrl: single: fix missing error code in pcs_probe()
    - clk: ti: dra7-atl: Fix leak of of_nodes
    - pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function
    - watchdog: imx_sc_wdt: Don't disable WDT in suspend
    - RDMA/hns: Optimize hem allocation performance
    - riscv: Fix fp alignment bug in perf_callchain_user()
    - f2fs: enhance to update i_mode and acl atomically in f2fs_setattr()
    - f2fs: fix typo
    - f2fs: fix to update i_ctime in __f2fs_setxattr()
    - f2fs: remove unneeded check condition in __f2fs_setxattr()
    - f2fs: reduce expensive checkpoint trigger frequency
    - iio: adc: ad7606: fix oversampling gpio array
    - iio: adc: ad7606: fix standby gpio state to match the documentation
    - coresight: tmc: sg: Do not leak sg_table
    - net: qrtr: Update packets cloning when broadcasting
    - netfilter: ctnetlink: compile ctnetlink_label_size with
      CONFIG_NF_CONNTRACK_EVENTS
    - Remove *.orig pattern from .gitignore
    - soc: versatile: integrator: fix OF node leak in probe() error path
    - drm/amd/display: Round calculated vtotal
    - USB: appledisplay: close race between probe and completion handler
    - USB: misc: cypress_cy7c63: check for short transfer
    - USB: class: CDC-ACM: fix race between get_serial and set_serial
    - tty: rp2: Fix reset with non forgiving PCIe host bridges
    - drbd: Fix atomicity violation in drbd_uuid_set_bm()
    - drbd: Add NULL check for net_conf to prevent dereference in state validation
    - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
    - wifi: rtw88: 8822c: Fix reported RX band width
    - debugobjects: Fix conditions in fill_pool()
    - f2fs: prevent possible int overflow in dir_block_index()
    - f2fs: avoid potential int overflow in sanity_check_area_boundary()
    - hwrng: mtk - Use devm_pm_runtime_enable
    - fs: Fix file_set_fowner LSM hook inconsistencies
    - nfs: fix memory leak in error path of nfs4_do_reclaim
    - ASoC: meson: axg: extract sound card utils
    - [Config] updateconfigs for SND_MESON_CARD_UTILS
    - PCI: xilinx-nwl: Use irq_data_get_irq_chip_data()
    - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler
    - soc: versatile: realview: fix memory leak during device remove
    - soc: versatile: realview: fix soc_dev leak during device remove
    - usb: yurex: Replace snprintf() with the safer scnprintf() variant
    - USB: misc: yurex: fix race between read and write
    - pps: remove usage of the deprecated ida_simple_xx() API
    - pps: add an error check in parport_attach
    - mm: only enforce minimum stack gap size if it's sensible
    - i2c: aspeed: Update the stop sw state when the bus recovery occurs
    - i2c: isch: Add missed 'else'
    - usb: yurex: Fix inconsistent locking bug in yurex_read()
    - mailbox: rockchip: fix a typo in module autoloading
    - Minor fixes to the CAIF Transport drivers Kconfig file
    - drivers: net: Fix Kconfig indentation, continued
    - ieee802154: Fix build error
    - net/mlx5: Added cond_resched() to crdump collection
    - netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
    - net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq()
    - Bluetooth: btmrvl_sdio: Refactor irq wakeup
    - Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq()
    - ipv4: ip_gre: Fix drops of small packets in ipgre_xmit
    - ALSA: hda/realtek: Fix the push button function for the ALC257
    - ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs
    - ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin
    - wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats()
    - ice: Adjust over allocation of memory in ice_sched_add_root_node() and
      ice_sched_add_node()
    - net: hisilicon: hip04: fix OF node leak in probe()
    - net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info()
    - net: hisilicon: hns_mdio: fix OF node leak in probe()
    - ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails
    - ACPICA: Fix memory leak if acpi_ps_get_next_field() fails
    - net: sched: consistently use rcu_replace_pointer() in taprio_change()
    - wifi: rtw88: select WANT_DEV_COREDUMP
    - ACPI: EC: Do not release locks during operation region accesses
    - net: mvpp2: Increase size of queue_name buffer
    - ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR).
    - ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
    - tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process
    - ACPICA: iasl: handle empty connection_node
    - proc: add config & param to block forcing mem writes
    - [Config] updateconfigs to select PROC_MEM_ALWAYS_FORCE
    - nfp: Use IRQF_NO_AUTOEN flag in request_irq()
    - signal: Replace BUG_ON()s
    - ALSA: hdsp: Break infinite MIDI input flush loop
    - x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments()
    - power: reset: brcmstb: Do not go into infinite loop if reset fails
    - ata: sata_sil: Rename sil_blacklist to sil_quirks
    - jfs: UBSAN: shift-out-of-bounds in dbFindBits
    - drm/printer: Allow NULL data in devcoredump printer
    - scsi: aacraid: Rearrange order of struct aac_srb_unit
    - drm/radeon/r100: Handle unknown family in r100_cp_init_microcode()
    - of/irq: Refer to actual buffer size in of_irq_parse_one()
    - ext4: ext4_search_dir should return a proper error
    - spi: s3c64xx: fix timeout counters in flush_fifo
    - selftests: breakpoints: use remaining time to check if suspend succeed
    - selftests: vDSO: fix vDSO symbols lookup for powerpc64
    - i2c: xiic: Wait for TX empty to avoid missed TX NAKs
    - firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp()
    - spi: bcm63xx: Fix module autoloading
    - perf/core: Fix small negative period being ignored
    - parisc: Fix itlb miss handler for 64-bit programs
    - drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS
    - ALSA: core: add isascii() check to card ID generator
    - ext4: propagate errors from ext4_find_extent() in ext4_insert_range()
    - ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space()
    - ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit()
    - parisc: Fix 64-bit userspace syscall path
    - parisc: Fix stack start for ADDR_NO_RANDOMIZE personality
    - of/irq: Support #msi-cells=<0> in of_msi_get_domain
    - mm: krealloc: consider spare memory for __GFP_ZERO
    - ocfs2: fix the la space leak when unmounting an ocfs2 volume
    - ocfs2: fix uninit-value in ocfs2_get_block()
    - riscv: define ILLEGAL_POINTER_VALUE for 64bit
    - clk: rockchip: fix error for unknown clocks
    - media: sun4i_csi: Implement link validate for sun4i_csi subdev
    - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags
    - iio: magnetometer: ak8975: Fix reading for ak099xx sensors
    - tomoyo: fallback to realpath if symlink's pathname does not exist
    - rtc: at91sam9: fix OF node leak in probe() error path
    - Input: adp5589-keys - fix adp5589_gpio_get_value()
    - ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[]
    - ACPI: resource: Add Asus ExpertBook B2502CVA to
      irq1_level_low_skip_override[]
    - gpio: davinci: fix lazy disable
    - i2c: qcom-geni: Let firmware specify irq trigger flags
    - i2c: qcom-geni: Grow a dev pointer to simplify code
    - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq()
    - arm64: Add Cortex-715 CPU part definition
    - arm64: cputype: Add Neoverse-N3 definitions
    - arm64: errata: Expand speculative SSBS workaround once more
    - nfsd: use ktime_get_seconds() for timestamps
    - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds
    - clk: qcom: rpmh: Simplify clk_rpmh_bcm_send_cmd()
    - clk: qcom: clk-rpmh: Fix overflow in BCM vote
    - r8169: Fix spelling mistake: "tx_underun" -> "tx_underrun"
    - ACPI: battery: Simplify battery hook locking
    - ext4: fix inode tree inconsistency caused by ENOMEM
    - net: ethernet: cortina: Drop TSO support
    - tracing: Remove precision vsnprintf() check from print event
    - drm/crtc: fix uninitialized variable use even harder
    - tracing: Have saved_cmdlines arrays all in one allocation
    - virtio_console: fix misc probe bugs
    - Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
    - bpf: Check percpu map value size first
    - s390/facility: Disable compile time optimization for decompressor code
    - s390/mm: Add cond_resched() to cmm_alloc/free_pages()
    - ext4: nested locking for xattr inode
    - s390/cpum_sf: Remove WARN_ON_ONCE statements
    - ktest.pl: Avoid false positives with grub2 skip regex
    - clk: bcm: bcm53573: fix OF node leak in init
    - PCI: Add ACS quirk for Qualcomm SA8775P
    - i2c: i801: Use a different adapter-name for IDF adapters
    - PCI: Mark Creative Labs EMU20k2 INTx masking as broken
    - media: videobuf2-core: clear memory related fields in
      __vb2_plane_dmabuf_put()
    - usb: chipidea: udc: enable suspend interrupt after usb reset
    - usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the
      Crashkernel Scenario
    - tools/iio: Add memory allocation failure check for trigger_name
    - driver core: bus: Return -EIO instead of 0 when show/store invalid bus
      attribute
    - ice: fix VLAN replay after reset
    - SUNRPC: Fix integer overflow in decode_rc_list()
    - tcp: fix to allow timestamp undo if no retransmits were sent
    - tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe
    - gpio: aspeed: Add the flush write to ensure the write complete.
    - gpio: aspeed: Use devm_clk api to manage clock source
    - net: ibm: emac: mal: fix wrong goto
    - net: annotate lockless accesses to sk->sk_ack_backlog
    - net: annotate lockless accesses to sk->sk_max_ack_backlog
    - sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start
    - locking/lockdep: Fix bad recursion pattern
    - locking/lockdep: Rework lockdep_lock
    - locking/lockdep: Avoid potential access of invalid memory in lock_class
    - lockdep: fix deadlock issue between lockdep and rcu
    - HID: plantronics: Workaround for an unexcepted opposite volume key
    - Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant"
    - usb: dwc3: core: Stop processing of pending events if controller is halted
    - usb: xhci: Fix problem with xhci resume from suspend
    - usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip
    - hid: intel-ish-hid: Fix uninitialized variable 'rv' in
      ish_fw_xfer_direct_dma
    - arm64: probes: Fix simulate_ldr*_literal()
    - tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
    - tracing/kprobes: Fix symbol counting logic by looking at modules as well
    - PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
    - fat: fix uninitialized variable
    - s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
    - KVM: s390: Change virtual to physical address access in diag 0x258 handler
    - x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET
    - drm/vmwgfx: Handle surface check failure correctly
    - iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
    - iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig
    - iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - iio: hid-sensors: Fix an error handling path in
      _hid_sensor_set_report_latency()
    - iio: light: opt3001: add missing full-scale range value
    - iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - Bluetooth: Remove debugfs directory on module init failure
    - Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001
    - xhci: Fix incorrect stream context type macro
    - USB: serial: option: add support for Quectel EG916Q-GL
    - USB: serial: option: add Telit FN920C04 MBIM compositions
    - x86/resctrl: Annotate get_mem_config() functions as __init
    - x86/apic: Always explicitly disarm TSC-deadline timer
    - mac80211: Fix NULL ptr deref for injected rate info
    - RDMA/bnxt_re: Fix incorrect AVID type in WQE structure
    - ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin
    - RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP
    - ipv4: give an IPv4 dev to blackhole_netdev
    - RDMA/bnxt_re: Return more meaningful error
    - drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation
    - macsec: don't increment counters for an unrelated SA
    - net: ethernet: aeroflex: fix potential memory leak in
      greth_start_xmit_gbit()
    - genetlink: hold RCU in genlmsg_mcast()
    - arm64:uprobe fix the uprobe SWBP_INSN in big-endian
    - KVM: s390: gaccess: Check if guest address is in memslot
    - jfs: Fix sanity check in dbMount
    - net: usb: usbnet: fix name regression
    - r8169: avoid unsolicited interrupts
    - posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
    - ALSA: hda/realtek: Update default depop procedure
    - ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[]
    - ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid
      detection issue
    - ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593
    - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event
    - selinux: improve error checking in sel_write_load()
    - arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse warning
    - cgroup: Fix potential overflow issue when checking max_depth
    - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
    - mac80211: do drv_reconfig_complete() before restarting all
    - mac80211: Add support to trigger sta disconnect on hardware restart
    - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed
    - ASoC: cs42l51: Fix some error handling paths in cs42l51_probe()
    - dt-bindings: gpu: Convert Samsung Image Rotator to dt-schema
    - gtp: simplify error handling code in 'gtp_encap_enable()'
    - gtp: allow -1 to be specified as file description from userspace
    - net: support ip generic csum processing in skb_csum_hwoffload_help
    - net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension
    - drivers/misc: ti-st: Remove unneeded variable in st_tty_open
    - firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state()
    - net: amd: mvme147: Fix probe banner message
    - misc: sgi-gru: Don't disable preemption in GRU driver
    - usbip: tools: Fix detach_port() invalid port error path
    - usb: phy: Fix API devm_usb_put_phy() can not release the phy
    - xhci: Fix Link TRB DMA in command ring stopped completion event
    - Revert "driver core: Fix uevent_show() vs driver detach race"
    - riscv: Remove unused GENERATING_ASM_OFFSETS
    - Revert "drm/mipi-dsi: Set the fwnode for mipi_dsi_device"
    - vt: prevent kernel-infoleak in con_font_get()
    - mac80211: always have ieee80211_sta_restart()
    - mm: krealloc: Fix MTE false alarm in __do_krealloc
    - Linux 5.4.285

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50228
    - mm: shmem: fix data-race in shmem_getattr()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50230
    - nilfs2: fix kernel bug due to missing clearing of checked flag

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50218
    - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50229
    - nilfs2: fix potential deadlock with newly created symlinks

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50233
    - staging: iio: frequency: ad9832: fix division by zero in
      ad9832_calc_freqreg()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50234
    - wifi: iwlegacy: Clear stale interrupts before resuming device

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50236
    - wifi: ath10k: Fix memory leak in management tx

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50237
    - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50251
    - netfilter: nft_payload: sanitize offset and length before calling
      skb_checksum()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50262
    - bpf: Fix out-of-bounds write in trie_get_next_key()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-53059
    - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50142
    - xfrm: validate new SA's prefixlen using SA family when sel.family is unset

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50116
    - nilfs2: fix kernel bug due to missing clearing of buffer delay flag

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50117
    - drm/amd: Guard against bad data for ATIF ACPI method

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50205
    - ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50127
    - net: sched: fix use-after-free in taprio_change()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50167
    - be2net: fix potential memory leak in be_xmit()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50168
    - net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50131
    - tracing: Consider the NULL character when validating the event length

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50143
    - udf: fix uninit-value use in udf_get_fileshortad

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50134
    - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real
      VLA

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50194
    - arm64: probes: Fix uprobes for big-endian kernels

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50148
    - Bluetooth: bnep: fix wild-memory-access in proto_unregister

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50150
    - usb: typec: altmode should keep reference to parent

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50151
    - smb: client: fix OOBs when building SMB2_IOCTL request

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50171
    - net: systemport: fix potential memory leak in bcm_sysport_xmit()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50202
    - nilfs2: propagate directory read errors from nilfs_find_entry()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50074
    - parport: Proper fix for array out-of-bounds access

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50082
    - blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-40953
    - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50199
    - mm/swapfile: skip HugeTLB pages for unuse_vma

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50099
    - arm64: probes: Remove broken LDR (literal) uprobe support

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50195
    - posix-clock: Fix missing timespec64 check in pc_clock_settime()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50096
    - nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50024
    - net: Fix an unsafe loop on the list

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49878
    - resource: fix region_intersects() vs add_memory_driver_managed()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50033
    - slip: make slhc_remember() more robust against malicious packets

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50035
    - ppp: fix ppp_async_encode() illegal access

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50039
    - net/sched: accept TCA_STAB only for root qdisc

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50040
    - igb: Do not bring the device up after non-fatal error

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50044
    - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50045
    - netfilter: br_netfilter: fix panic with metadata_dst skb

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-38544
    - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50180
    - fbdev: sisfb: Fix strbuf array overflow

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50184
    - virtio_pmem: Check device status before requesting flush

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50059
    - ntb: ntb_hw_switchtec: Fix use after free vulnerability in
      switchtec_ntb_remove due to race condition

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50089
    - unicode: Don't special case ignorable code points

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49955
    - ACPI: battery: Fix possible crash when unregistering a battery hook

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49973
    - r8169: add tally counter fields added with RTL8125

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49975
    - uprobes: fix kernel info leak via "[uprobes]" vma

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49867
    - btrfs: wait for fixup workers before stopping cleaner kthread during umount

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49868
    - btrfs: fix a NULL pointer dereference when failed to start a new trasacntion

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49981
    - media: venus: fix use after free bug in venus_remove due to race condition

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49982
    - aoe: fix the potential use-after-free problem in more places

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49877
    - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49957
    - ocfs2: fix null-ptr-deref when journal load failed.

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49965
    - ocfs2: remove unreasonable unlock in ocfs2_read_blocks

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49966
    - ocfs2: cancel dqi_sync_work before freeing oinfo

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49958
    - ocfs2: reserve space for inline xattr before attaching reflink tree

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49959
    - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49879
    - drm: omapdrm: Add missing check for alloc_ordered_workqueue

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49882
    - ext4: fix double brelse() the buffer of the extents path

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49883
    - ext4: aovid use-after-free in ext4_ext_insert_extent()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49985
    - i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50006
    - ext4: fix i_data_sem unlock order in ext4_ind_migrate()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49892
    - drm/amd/display: Initialize get_bytes_per_element's default to 1

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49894
    - drm/amd/display: Fix index out of bounds in degamma hardware format
      translation

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49896
    - drm/amd/display: Check stream before comparing them

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49900
    - jfs: Fix uninit-value access of new_ea in ea_buffer

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49902
    - jfs: check if leafidx greater than num leaves per dmap tree

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49903
    - jfs: Fix uaf in dbFreeBits

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49924
    - fbdev: pxafb: Fix possible use after free in pxafb_task()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50007
    - ALSA: asihpi: Fix potential OOB array access

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50008
    - wifi: mwifiex: Fix memcpy() field-spanning write warning in
      mwifiex_cmd_802_11_scan_ext()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49995
    - tipc: guard against string buffer overrun

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49962
    - ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in
      acpi_db_convert_to_package()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49938
    - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47740
    - f2fs: Require FMODE_WRITE for atomic write ioctls

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49944
    - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49948
    - net: add more sanity checks to qdisc_pkt_len_init()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49949
    - net: avoid potential underflow in qdisc_pkt_len_init() with UFO

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49997
    - net: ethernet: lantiq_etop: fix memory disclosure

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49952
    - netfilter: nf_tables: prevent nf_skb_duplicated corruption

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-50179
    - ceph: remove the incorrect Fw reference check when dirtying pages

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49963
    - mailbox: bcm2835: Fix timeout during suspend mode

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-46849
    - ASoC: meson: axg-card: fix 'use-after-free'

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47679
    - vfs: fix race between evice_inodes() and find_inode()&iput()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49860
    - ACPI: sysfs: validate return type of _STR method

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47742
    - firmware_loader: Block path traversal

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47684
    - tcp: check skb is non-NULL in tcp_rto_delta_us()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47747
    - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race
      Condition

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47685
    - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47692
    - nfsd: return -EINVAL when namelen is 0

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47737
    - nfsd: call cache_put if xdr_reserve_space returns NULL

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2023-52917
    - ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47749
    - RDMA/cxgb4: Added NULL check for lookup_atid

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47696
    - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47756
    - PCI: keystone: Fix if-statement expression in ks_pcie_quirk()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47697
    - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47698
    - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47757
    - nilfs2: fix potential oob read in nilfs_btree_check_delete()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47699
    - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47701
    - ext4: avoid OOB when system.data xattr changes underneath the filesystem

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-49851
    - tpm: Clean up TPM space after command failure

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47723
    - jfs: fix out-of-bounds in dbNextAG() and diAlloc()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47706
    - block, bfq: fix possible UAF for bfqq->bic with merge chain

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47709
    - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47710
    - sock_map: Add a cond_resched() in sock_hash_free()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47712
    - wifi: wilc1000: fix potential RCU dereference issue in
      wilc_parse_join_bss_param

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47713
    - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47671
    - USB: usbtmc: prevent kernel-usb-infoleak

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-44931
    - gpio: prevent potential speculation leaks in gpio_device_get_desc()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-41016
    - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47670
    - ocfs2: add bounds checking to ocfs2_xattr_find_entry()

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-47672
    - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-46853
    - spi: nxp-fspi: fix the KASAN report out-of-bounds bug

  * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
    CVE-2024-46854
    - net: dpaa: Pad packets to ETH_ZLEN

linux (5.4.0-205.225) focal; urgency=medium

  * focal/linux: 5.4.0-205.225 -proposed tracker (LP: #2093621)

  * Hold IOPOLL locks when triggering io_uring's deferred work (LP: #2078659) //
    CVE-2023-21400
    - io_uring: remove extra check in __io_commit_cqring
    - io_uring: dont kill fasync under completion_lock
    - io_uring: ensure IOPOLL locks around deferred work

  * CVE-2024-40967
    - iopoll: introduce read_poll_timeout macro
    - iopoll: Introduce read_poll_timeout_atomic macro
    - serial: imx: Introduce timeout when waiting on transmitter empty

  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment

  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt

  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- Mehmet Basaran <email address hidden>  Mon, 20 Jan 2025 18:03:51 +0300

Upload details

Uploaded by:
Mehmet Basaran
Uploaded to:
Focal
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64 armhf arm64 ppc64el s390x i386 riscv64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
linux_5.4.0.orig.tar.gz 162.4 MiB 805f3ed93854317814c59caf2dbfd2097745685f95c8c18b509c9347dcc7d51f
linux_5.4.0-207.227.diff.gz 9.6 MiB ab6a9154e91cdc95a6f2cead5b6b8cb9b5269738a5510fcc7c3b87e51dda2b51
linux_5.4.0-207.227.dsc 7.2 KiB 441ef14c2fc67dbcca9a0f0bd8896fc3e411d0b67a59b0d4eeaf5657e19d4acc

Available diffs

View changes file

Binary packages built by this source

block-modules-5.4.0-207-generic-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

block-modules-5.4.0-207-generic-lpae-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

crypto-modules-5.4.0-207-generic-di: crypto modules

 This package contains crypto modules.

crypto-modules-5.4.0-207-generic-lpae-di: crypto modules

 This package contains crypto modules.

dasd-extra-modules-5.4.0-207-generic-di: DASD storage support -- extras
dasd-modules-5.4.0-207-generic-di: DASD storage support
fat-modules-5.4.0-207-generic-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fat-modules-5.4.0-207-generic-lpae-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fb-modules-5.4.0-207-generic-di: Framebuffer modules
firewire-core-modules-5.4.0-207-generic-di: Firewire (IEEE-1394) Support
floppy-modules-5.4.0-207-generic-di: Floppy driver support
fs-core-modules-5.4.0-207-generic-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-core-modules-5.4.0-207-generic-lpae-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-secondary-modules-5.4.0-207-generic-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

fs-secondary-modules-5.4.0-207-generic-lpae-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

input-modules-5.4.0-207-generic-di: Support for various input methods
input-modules-5.4.0-207-generic-lpae-di: Support for various input methods
ipmi-modules-5.4.0-207-generic-di: ipmi modules
ipmi-modules-5.4.0-207-generic-lpae-di: ipmi modules
kernel-image-5.4.0-207-generic-di: kernel image and system map
kernel-image-5.4.0-207-generic-lpae-di: kernel image and system map
linux-buildinfo-5.4.0-207-generic: Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-buildinfo-5.4.0-207-generic-lpae: Linux kernel buildinfo for version 5.4.0 on ARM (hard float) SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 ARM (hard float) SMP.
 .
 You likely do not want to install this package.

linux-buildinfo-5.4.0-207-lowlatency: Linux kernel buildinfo for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel buildinfo for version 5.4.0 on
 64 bit x86 SMP.
 .
 You likely do not want to install this package.

linux-cloud-tools-5.4.0-207: Linux kernel version specific cloud tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud tools for version 5.4.0-207 on
 64 bit x86.
 You probably want to install linux-cloud-tools-5.4.0-207-<flavour>.

linux-cloud-tools-5.4.0-207-generic: Linux kernel version specific cloud tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.4.0-207 on
 64 bit x86.

linux-cloud-tools-5.4.0-207-lowlatency: Linux kernel version specific cloud tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools for cloud for version 5.4.0-207 on
 64 bit x86.

linux-cloud-tools-common: Linux kernel version specific cloud tools for version 5.4.0

 This package provides the architecture independent parts for kernel
 version locked tools for cloud tools for version 5.4.0.

linux-doc: Linux kernel specific documentation for version 5.4.0

 This package provides the various documents in the 5.4.0 kernel
 Documentation/ subdirectory. These document kernel subsystems, APIs, device
 drivers, and so on. See
 /usr/share/doc/linux-doc/00-INDEX for a list of what is
 contained in each file.

linux-headers-5.4.0-207: Header files related to Linux kernel version 5.4.0

 This package provides kernel header files for version 5.4.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-207/debian.README.gz for details

linux-headers-5.4.0-207-generic: Linux kernel headers for version 5.4.0 on 64 bit x86 SMP

 This package provides kernel header files for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-207/debian.README.gz for details.

linux-headers-5.4.0-207-generic-lpae: Linux kernel headers for version 5.4.0 on ARM (hard float) SMP

 This package provides kernel header files for version 5.4.0 on
 ARM (hard float) SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-207/debian.README.gz for details.

linux-headers-5.4.0-207-lowlatency: Linux kernel headers for version 5.4.0 on 64 bit x86 SMP

 This package provides kernel header files for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-5.4.0-207/debian.README.gz for details.

linux-image-5.4.0-207-generic: Signed kernel image generic

 A kernel image for generic. This version of it is signed with
 Canonical's signing key.

linux-image-5.4.0-207-generic-dbgsym: Signed kernel image generic

 A link to the debugging symbols for the generic signed kernel.

linux-image-5.4.0-207-generic-lpae: Linux kernel image for version 5.4.0 on ARM (hard float) SMP

 This package contains the Linux kernel image for version 5.4.0 on
 ARM (hard float) SMP.
 .
 Supports Generic LPAE processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic-lpae meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-5.4.0-207-generic-lpae-dbgsym: Linux kernel debug image for version 5.4.0 on ARM (hard float) SMP

 This package provides the kernel debug image for version 5.4.0 on
 ARM (hard float) SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-image-unsigned-5.4.0-207-generic: Linux kernel image for version 5.4.0 on 64 bit x86 SMP

 This package contains the unsigned Linux kernel image for version 5.4.0 on
 64 bit x86 SMP.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.4.0-207-generic-dbgsym: Linux kernel debug image for version 5.4.0 on 64 bit x86 SMP

 This package provides the unsigned kernel debug image for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-image-unsigned-5.4.0-207-lowlatency: Linux kernel image for version 5.4.0 on 64 bit x86 SMP

 This package contains the unsigned Linux kernel image for version 5.4.0 on
 64 bit x86 SMP.
 .
 Supports Lowlatency processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-lowlatency meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-5.4.0-207-lowlatency-dbgsym: Linux kernel debug image for version 5.4.0 on 64 bit x86 SMP

 This package provides the unsigned kernel debug image for version 5.4.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-libc-dev: Linux Kernel Headers for development

 This package provides headers from the Linux kernel. These headers
 are used by the installed headers for GNU glibc and other system
 libraries. They are NOT meant to be used to build third-party modules for
 your kernel. Use linux-headers-* packages for that.

linux-modules-5.4.0-207-generic: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-5.4.0-207-generic-lpae: Linux kernel extra modules for version 5.4.0 on ARM (hard float) SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic LPAE processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic-lpae meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-5.4.0-207-lowlatency: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Lowlatency processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-lowlatency meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-modules-extra-5.4.0-207-generic: Linux kernel extra modules for version 5.4.0 on 64 bit x86 SMP

 This package contains the Linux kernel extra modules for version 5.4.0 on
 64 bit x86 SMP.
 .
 Also includes the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports Generic processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-generic meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-source-5.4.0: Linux kernel source for version 5.4.0 with Ubuntu patches

 This package provides the source code for the Linux kernel version
 5.4.0.
 .
 This package is mainly meant for other packages to use, in order to build
 custom flavours.
 .
 If you wish to use this package to create a custom Linux kernel, then it
 is suggested that you investigate the package kernel-package, which has
 been designed to ease the task of creating kernel image packages.
 .
 If you are simply trying to build third-party modules for your kernel,
 you do not want this package. Install the appropriate linux-headers
 package instead.

linux-tools-5.4.0-207: Linux kernel version specific tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-207 on
 64 bit x86.
 You probably want to install linux-tools-5.4.0-207-<flavour>.

linux-tools-5.4.0-207-generic: Linux kernel version specific tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-207 on
 64 bit x86.

linux-tools-5.4.0-207-generic-lpae: Linux kernel version specific tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-207 on
 ARM (hard float).

linux-tools-5.4.0-207-lowlatency: Linux kernel version specific tools for version 5.4.0-207

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0-207 on
 64 bit x86.

linux-tools-common: Linux kernel version specific tools for version 5.4.0

 This package provides the architecture independent parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 5.4.0.

linux-tools-host: Linux kernel VM host tools

 This package provides kernel tools useful for VM hosts.

linux-udebs-generic: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

linux-udebs-generic-lpae: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

md-modules-5.4.0-207-generic-di: Multi-device support (raid, device-mapper, lvm)
md-modules-5.4.0-207-generic-lpae-di: Multi-device support (raid, device-mapper, lvm)
message-modules-5.4.0-207-generic-di: Fusion and i2o storage modules

 This package containes the fusion and i2o storage modules.

mouse-modules-5.4.0-207-generic-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

mouse-modules-5.4.0-207-generic-lpae-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

multipath-modules-5.4.0-207-generic-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

multipath-modules-5.4.0-207-generic-lpae-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

nfs-modules-5.4.0-207-generic-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nfs-modules-5.4.0-207-generic-lpae-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nic-modules-5.4.0-207-generic-di: Network interface support
nic-modules-5.4.0-207-generic-lpae-di: Network interface support
nic-pcmcia-modules-5.4.0-207-generic-di: PCMCIA network interface support
nic-shared-modules-5.4.0-207-generic-di: nic shared modules

  This package contains modules which support nic modules

nic-shared-modules-5.4.0-207-generic-lpae-di: nic shared modules

  This package contains modules which support nic modules

nic-usb-modules-5.4.0-207-generic-di: USB network interface support
nic-usb-modules-5.4.0-207-generic-lpae-di: USB network interface support
parport-modules-5.4.0-207-generic-di: Parallel port support
parport-modules-5.4.0-207-generic-lpae-di: Parallel port support
pata-modules-5.4.0-207-generic-di: PATA support modules
pcmcia-modules-5.4.0-207-generic-di: PCMCIA Modules
pcmcia-storage-modules-5.4.0-207-generic-di: PCMCIA storage support
plip-modules-5.4.0-207-generic-di: PLIP (parallel port) networking support
plip-modules-5.4.0-207-generic-lpae-di: PLIP (parallel port) networking support
ppp-modules-5.4.0-207-generic-di: PPP (serial port) networking support
ppp-modules-5.4.0-207-generic-lpae-di: PPP (serial port) networking support
sata-modules-5.4.0-207-generic-di: SATA storage support
sata-modules-5.4.0-207-generic-lpae-di: SATA storage support
scsi-modules-5.4.0-207-generic-di: SCSI storage support
scsi-modules-5.4.0-207-generic-lpae-di: SCSI storage support
serial-modules-5.4.0-207-generic-di: Serial port support
storage-core-modules-5.4.0-207-generic-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

storage-core-modules-5.4.0-207-generic-lpae-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

usb-modules-5.4.0-207-generic-di: Core USB support
usb-modules-5.4.0-207-generic-lpae-di: Core USB support
virtio-modules-5.4.0-207-generic-di: VirtIO Modules

 Includes modules for VirtIO (virtual machine, generally kvm guests)

vlan-modules-5.4.0-207-generic-di: vlan modules

 This package contains vlan (8021.Q) modules.

vlan-modules-5.4.0-207-generic-lpae-di: vlan modules

 This package contains vlan (8021.Q) modules.