Kinetic update: upstream stable patchset 2023-06-09
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
| Kinetic |
Fix Committed
|
Medium
|
Kamal Mostafa | ||
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2023-06-09
from git://git.
xfrm: Allow transport-mode states with AF_UNSPEC selector
drm/panfrost: Don't sync rpm suspension after mmu flushing
cifs: Move the in_send statistic to __smb_send_rqst()
drm/meson: fix 1px pink line on GXM when scaling video overlay
clk: HI655X: select REGMAP instead of depending on it
docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate
scsi: mpt3sas: Fix NULL pointer access in mpt3sas_
ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
netfilter: nft_nat: correct length for loading protocol registers
netfilter: nft_masq: correct length for loading protocol registers
netfilter: nft_redir: correct length for loading protocol registers
netfilter: nft_redir: correct value of inet type `.maxattrs`
scsi: core: Fix a procfs host directory removal regression
tcp: tcp_make_synack() can be called from process context
nfc: pn533: initialize struct pn533_out_arg properly
ipvlan: Make skb->skb_iif track skb->dev for l3s mode
i40e: Fix kernel crash during reboot when adapter is in recovery mode
vdpa_sim: not reset state in vdpasim_queue_ready
vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready
PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
drm/i915/display: clean up comments
net/smc: fix NULL sndbuf_desc in smc_cdc_
qed/qed_dev: guard against a possible division by zero
net: dsa: mt7530: remove now incorrect comment regarding port 5
net: dsa: mt7530: set PLL frequency and trgmii only when trgmii is used
loop: Fix use-after-free issues
net: tunnels: annotate lockless accesses to dev->needed_
net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
net/smc: fix deadlock triggered by cancel_
net: usb: smsc75xx: Limit packet length to skb->len
drm/bridge: Fix returned array size name for atomic_
block: null_blk: Fix handling of fake timeout request
nvme: fix handling single range discard request
nvmet: avoid potential UAF in nvmet_req_
block: sunvdc: add check for mdesc_grab() returning NULL
ice: xsk: disable txq irq before flushing hw
net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
ravb: avoid PHY being resumed when interface is not up
sh_eth: avoid PHY being resumed when interface is not up
ipv4: Fix incorrect table ID in IOCTL path
net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
net/iucv: Fix size of interrupt data
qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
ethernet: sun: add check for the mdesc_grab()
bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change
bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
hwmon: (adt7475) Display smoothing attributes in correct order
hwmon: (adt7475) Fix masking of hysteresis registers
hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition
hwmon: (ina3221) return prober error code
hwmon: (ucd90320) Add minimum delay between bus accesses
hwmon: tmp512: drop of_match_ptr for ID table
kconfig: Update config changed flag before calling callback
hwmon: (adm1266) Set `can_sleep` flag for GPIO chip
hwmon: (ltc2992) Set `can_sleep` flag for GPIO chip
media: m5mols: fix off-by-one loop termination error
mmc: atmel-mci: fix race between stop command and start of next command
jffs2: correct logic when creating a hole in jffs2_write_begin
ext4: fail ext4_iget if special inode unallocated
ext4: update s_journal_inum if it changes after journal replay
ext4: fix task hung in ext4_xattr_
drm/amdkfd: Fix an illegal memory access
net/9p: fix bug in client create for .L
sh: intc: Avoid spurious sizeof-pointer-div warning
drm/amd/display: fix shift-out-of-bounds in CalculateVMAndR
ext4: fix possible double unlock when moving a directory
tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted
serial: 8250_em: Fix UART port type
serial: 8250_fsl: fix handle_irq locking
firmware: xilinx: don't make a sleepable memory allocation from an atomic context
s390/ipl: add missing intersection check to ipl_report handling
interconnect: fix mem leak when freeing nodes
interconnect: exynos: fix node leak in probe PM QoS error path
tracing: Make splice_read available again
tracing: Check field value in hist_field_name()
tracing: Make tracepoint lockdep check actually test something
cifs: Fix smb2_set_
ALSA: hda: intel-dsp-config: add MTL PCI id
ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
Revert "riscv: mm: notify remote harts about mmu cache updates"
riscv: asid: Fixup stale TLB entry cause application crash
drm/shmem-helper: Remove another errant put in error path
drm/sun4i: fix missing component unbind on bind errors
drm/amd/pm: Fix sienna cichlid incorrect OD volage after resume
mptcp: fix possible deadlock in subflow_
mptcp: add ro_after_init for tcp{,v6}
mptcp: avoid setting TCP_CLOSE state twice
mptcp: fix lockdep false positive in mptcp_pm_
ftrace: Fix invalid address access in lookup_rec() when index is 0
nvme-pci: add NVME_QUIRK_
mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
mmc: sdhci_am654: lower power-on failed message severity
fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
trace/hwlat: Do not wipe the contents of per-cpu thread data
net: phy: nxp-c45-tja11xx: fix MII_BASIC_
cpuidle: psci: Iterate backwards over list in psci_pd_remove()
x86/mce: Make sure logged MCEs are processed after sysfs update
x86/mm: Fix use of uninitialized buffer in sme_enable()
x86/resctrl: Clear staged_config[] before and after it is used
drm/i915/active: Fix misuse of non-idle barriers as fence trackers
PCI/DPC: Await readiness of secondary bus after reset
HID: core: Provide new max_buffer_size attribute to over-ride the default
HID: uhid: Over-ride the default maximum data buffer value with our own
perf: Fix check before add_event_
scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD
wifi: nl80211: fix NULL-ptr deref in offchan check
selftests: fix LLVM build for i386 and x86_64
vhost-vdpa: free iommu domain after last use during cleanup
block: do not reverse request order when flushing plug list
mlxsw: spectrum: Fix incorrect parsing depth after reload
net/mlx5e: Don't cache tunnel offloads capability
net/mlx5: Fix setting ec_function bit in MANAGE_PAGES
net/mlx5: E-switch, Fix missing set of split_count when forward to ovs internal port
net/mlx5e: Fix cleanup null-ptr deref on encap lock
net/mlx5: Set BREAK_FW_WAIT flag first when removing driver
veth: Fix use after free in XDP_REDIRECT
net: dsa: don't error out when drivers return ETH_DATA_LEN in .port_max_mtu()
net: atlantic: Fix crash when XDP is enabled but no program is loaded
i825xx: sni_82596: use eth_hw_addr_set()
serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it
drm/ttm: Fix a NULL pointer dereference
interconnect: fix icc_provider_del() error handling
interconnect: qcom: rpm: fix probe child-node error handling
interconnect: exynos: fix registration race
md: select BLOCK_LEGACY_
ocfs2: fix data corruption after failed write
vp_vdpa: fix the crash in hot unplug with vp_vdpa
mm: teach mincore_hugetlb about pte markers
powerpc/boot: Don't always pass -mcpu=powerpc when building 32-bit uImage
trace/hwlat: Do not start per-cpu thread if it is already running
ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent
fbdev: Fix incorrect page mapping clearance at fb_deferred_
ASoC: qcom: q6prm: fix incorrect clk_root passed to ADSP
UBUNTU: Upstream stable to v5.15.104, v6.1.21
interconnect: qcom: osm-l3: fix icc_onecell_data allocation
perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_
perf: fix perf_event_
tracing/hwlat: Replace sched_setaffinity with set_cpus_
serial: fsl_lpuart: Fix comment typo
tty: serial: fsl_lpuart: switch to new dmaengine_
tty: serial: fsl_lpuart: fix race on RX DMA shutdown
UBUNTU: [Config] updateconfigs for SERIAL_
serial: 8250: SERIAL_
net: tls: fix possible race condition between do_tls_
power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
power: supply: da9150: Fix use after free bug in da9150_
ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl
ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes
xsk: Add missing overflow check in xdp_umem_reg
iavf: fix inverted Rx hash condition leading to disabled hash
iavf: fix non-tunneled IPv6 UDP packet type and hashing
intel/igbvf: free irq on the error path in igbvf_request_
igbvf: Regard vf reset nack as success
igc: fix the validation logic for taprio's gate list
i2c: imx-lpi2c: check only for enabled interrupt flags
i2c: hisi: Only use the completion interrupt to finish the transfer
scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
net: dsa: b53: mmap: fix device tree support
net: usb: smsc95xx: Limit packet length to skb->len
qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
net: phy: Ensure state transitions are processed from phy_stop()
net: mdio: fix owner field for mdio buses registered using device-tree
net: mdio: fix owner field for mdio buses registered using ACPI
drm/i915/gt: perform uc late init after probe error injection
net: qcom/emac: Fix use after free bug in emac_remove due to race condition
net/ps3_gelic_net: Fix RX sk_buff length
net/ps3_gelic_net: Use dma_mapping_error
octeontx2-vf: Add missing free for alloc_percpu
bootconfig: Fix testcase to increase max node
keys: Do not cache key in task struct if key is requested from kernel thread
iavf: fix hang on reboot with ice
i40e: fix flow director packet filter programming
bpf: Adjust insufficient default bpf_jit_limit
net/mlx5e: Set uplink rep as NETNS_LOCAL
net/mlx5: Fix steering rules cleanup
net/mlx5: Read the TC mapping of all priorities on ETS query
net/mlx5: E-Switch, Fix an Oops in error handling code
net: dsa: tag_brcm: legacy: fix daisy-chained switches
atm: idt77252: fix kmemleak when rmmod idt77252
erspan: do not use skb_mac_header() in ndo_start_xmit()
net/sonic: use dma_mapping_error() for error check
nvme-tcp: fix nvme_tcp_term_pdu to match spec
hvc/xen: prevent concurrent accesses to the shared ring
ksmbd: add low bound validation to FSCTL_SET_ZERO_DATA
ksmbd: add low bound validation to FSCTL_QUERY_
ksmbd: fix possible refcount leak in smb2_open()
gve: Cache link_speed value from device
net: dsa: mt7530: move enabling disabling core clock to mt7530_pll_setup()
net: dsa: mt7530: move lowering TRGMII driving to mt7530_setup()
net: dsa: mt7530: move setting ssc_delta to PHY_INTERFACE_
net: mdio: thunder: Add missing fwnode_handle_put()
Bluetooth: btqcomsmd: Fix command timeout after setting BD address
Bluetooth: L2CAP: Fix responding with wrong PDU type
platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up
hwmon: fix potential sensor registration fail if of_node is missing
hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
scsi: qla2xxx: Synchronize the IOCB count to be in order
scsi: qla2xxx: Perform lockless command completion in abort path
uas: Add US_FL_NO_
thunderbolt: Use scale field when allocating USB3 bandwidth
thunderbolt: Call tb_check_quirks() after initializing adapters
thunderbolt: Disable interrupt auto clear for rings
thunderbolt: Add missing UNSET_INBOUND_SBTX for retimer access
thunderbolt: Use const qualifier for `ring_interrupt
thunderbolt: Rename shadowed variables bit to interrupt_bit and auto_clear_bit
ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable
riscv: Bump COMMAND_LINE_SIZE value to 1024
drm/cirrus: NULL-check pipe->plane.
HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
ca8210: fix mac_len negative array access
HID: intel-ish-hid: ipc: Fix potential use-after-free in work function
m68k: Only force 030 bus error if PC not in exception table
selftests/bpf: check that modifier resolves after pointer
scsi: target: iscsi: Fix an error message in iscsi_check_key()
scsi: hisi_sas: Check devm_add_action() return value
scsi: ufs: core: Add soft dependency on governor_
scsi: lpfc: Check kzalloc() in lpfc_sli4_
scsi: lpfc: Avoid usage of list iterator variable after loop
scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
net: usb: qmi_wwan: add Telit 0x1080 composition
sh: sanitize the flags on sigreturn
cifs: empty interface list when server doesn't support query interfaces
cifs: print session id while listing open files
scsi: core: Add BLIST_SKIP_
usb: dwc2: fix a devres leak in hw_enable upon suspend resume
usb: gadget: u_audio: don't let userspace block driver unbind
efi: sysfb_efi: Fix DMI quirks not working for simpledrm
mm/slab: Fix undefined init_cache_
fscrypt: destroy keyring after security_
fsverity: Remove WQ_UNBOUND from fsverity read workqueue
lockd: set file_lock start and end when decoding nlm4 testargs
arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name
igb: revert rtnl_lock() that causes deadlock
dm thin: fix deadlock when swapping to thin device
usb: typec: tcpm: fix warning when handle discover_identity message
usb: cdns3: Fix issue with using incorrect PCI device function
usb: cdnsp: Fixes issue with redundant Status Stage
usb: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver
usb: chipdea: core: fix return -EINVAL if request role is the same with current role
usb: chipidea: core: fix possible concurrent when switch role
usb: ucsi: Fix NULL pointer deref in ucsi_connector_
kfence: avoid passing -g for test
ksmbd: set FILE_NAMED_STREAMS attribute in FS_ATTRIBUTE_
ksmbd: return STATUS_
ksmbd: return unsupported error on smb1 mount
wifi: mac80211: fix qos on mesh interfaces
nilfs2: fix kernel-infoleak in nilfs_ioctl_
drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found
drm/meson: fix missing component unbind on bind errors
drm/amdgpu/nv: Apply ASPM quirk on Intel ADL + AMD Navi
drm/i915/active: Fix missing debug object activation
drm/i915: Preserve crtc_state-
riscv: mm: Fix incorrect ASID argument when flushing TLB
UBUNTU: [Config] updateconfigs for TOOLCHAIN_
riscv: Handle zicsr/zifencei issues between clang and binutils
tee: amdtee: fix race condition in amdtee_open_session
firmware: arm_scmi: Fix device node validation for mailbox transport
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_
dm stats: check for and propagate alloc_percpu failure
dm crypt: add cond_resched() to dmcrypt_write()
dm crypt: avoid accessing uninitialized tasklet
sched/fair: sanitize vruntime of entity being placed
sched/fair: Sanitize vruntime of entity being migrated
mm: kfence: fix using kfence_metadata without initialization in show_object()
interconnect: qcom: qcm2290: Fix MASTER_
mptcp: refactor passive socket initialization
mptcp: use the workqueue to destroy unaccepted sockets
mptcp: fix UaF in listener shutdown
arm64: dts: qcom: sm8450: Mark UFS controller as cache coherent
ARM: dts: imx6sll: e70k02: fix usbotg1 pinctrl
NFS: Fix /proc/PID/io read_bytes for buffered reads
iavf: do not track VLAN 0 filters
i2c: mxs: ensure that DMA buffers are safe for DMA
net: stmmac: Fix for mismatched host/device DMA address width
mlxsw: core_thermal: Fix fan speed in maximum cooling state
drm/i915/guc: Fix missing ecodes
net: usb: lan78xx: Limit packet length to skb->len
ice: check if VF exists before mode check
net/mlx5e: Block entering switchdev mode with ns inconsistency
Bluetooth: HCI: Fix global-
perf/x86/amd/core: Always clear status for idx
x86/fpu/xstate: Prevent false-positive warning in __copy_
usb: dwc2: drd: fix inconsistent mode if role-switch-
btrfs: zoned: fix btrfs_can_
Bluetooth: Fix race condition in hci_cmd_sync_clear
usb: dwc3: gadget: Add 1ms delay after end transfer command without IOC
usb: ucsi_acpi: Increase the command completion timeout
Revert "kasan: drop skip_kasan_poison variable in free_pages_prepare"
arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent
arm64: dts: qcom: sm8150: Fix the iommu mask used for PCIe controllers
soc: qcom: llcc: Fix slice configuration values for SC8280XP
bus: imx-weim: fix branch condition evaluates to a garbage value
UBUNTU: Upstream stable to v5.15.105, v6.1.22
| Changed in linux (Ubuntu): | |
| status: | New → Confirmed |
| tags: | added: kernel-stable-tracking-bug |
| Changed in linux (Ubuntu): | |
| status: | Confirmed → Invalid |
| Changed in linux (Ubuntu Kinetic): | |
| status: | New → Triaged |
| status: | Triaged → In Progress |
| importance: | Undecided → Medium |
| assignee: | nobody → Kamal Mostafa (kamalmostafa) |
| description: | updated |
| description: | updated |
| Changed in linux (Ubuntu Kinetic): | |
| status: | In Progress → Confirmed |
| status: | Confirmed → Fix Committed |
