Public bug reported:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v6.1.57 upstream stable release
from git://git.kernel.org/
Linux 6.1.57
xen/events: replace evtchn_rwlock with RCU
ipv6: remove one read_lock()/read_unlock() pair in rt6_check_neigh()
btrfs: file_remove_privs needs an exclusive lock in direct io write
netlink: remove the flex array from struct nlmsghdr
btrfs: fix fscrypt name leak after failure to join log transaction
btrfs: fix an error handling path in btrfs_rename()
vrf: Fix lockdep splat in output path
ipv6: remove nexthop_fib6_nh_bh()
parisc: Restore __ldcw_align for PA-RISC 2.0 processors
ksmbd: fix uaf in smb20_oplock_break_ack
ksmbd: fix race condition between session lookup and expire
x86/sev: Use the GHCB protocol when available for SNP CPUID requests
RDMA/mlx5: Fix NULL string error
RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation
RDMA/siw: Fix connection failure handling
RDMA/srp: Do not call scsi_done() from srp_abort()
RDMA/uverbs: Fix typo of sizeof argument
RDMA/cma: Fix truncation compilation warning in make_cma_ports
RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
gpio: pxa: disable pinctrl calls for MMP_GPIO
gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config()
IB/mlx4: Fix the size of a buffer in add_port_entries()
of: dynamic: Fix potential memory leak in of_changeset_action()
RDMA/core: Require admin capabilities to set system parameters
dm zoned: free dmz->ddev array in dmz_put_zoned_devices
parisc: Fix crash with nr_cpus=1 option
smb: use kernel_connect() and kernel_bind()
intel_idle: add Emerald Rapids Xeon support
HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit
HID: sony: remove duplicate NULL check before calling usb_free_urb()
netlink: annotate data-races around sk->sk_err
netlink: Fix potential skb memleak in netlink_ack
netlink: split up copies in the ack construction
sctp: update hb timer immediately after users change hb_interval
sctp: update transport state when processing a dupcook packet
tcp: fix delayed ACKs for MSS boundary condition
tcp: fix quick-ack counting to count actual ACKs of new data
tipc: fix a potential deadlock on &tx->lock
net: stmmac: dwmac-stm32: fix resume on STM32 MCU
ipv4: Set offload_failed flag in fibmatch results
netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
netfilter: nf_tables: Deduplicate nft_register_obj audit logs
selftests: netfilter: Extend nft_audit.sh
selftests: netfilter: Test nf_tables audit logging
netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp
ibmveth: Remove condition to recompute TCP header checksum.
net: ethernet: ti: am65-cpsw: Fix error code in am65_cpsw_nuss_init_tx_chns()
net: nfc: llcp: Add lock when modifying device list
net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
ipv6: tcp: add a missing nf_reset_ct() in 3WHS handling
net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent
ptp: ocp: Fix error handling in ptp_ocp_device_init
ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
neighbour: fix data-races around n->output
neighbour: switch to standard rcu, instead of rcu_bh
neighbour: annotate lockless accesses to n->nud_state
bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup
net: fix possible store tearing in neigh_periodic_work()
modpost: add missing else to the "of" check
bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
bpf, sockmap: Do not inc copied_seq when PEEK flag set
bpf: tcp_read_skb needs to pop skb regardless of seq
NFSv4: Fix a nfs4_state_manager() race
ima: rework CONFIG_IMA dependency block
scsi: target: core: Fix deadlock due to recursive locking
ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
regulator/core: regulator_register: set device->class earlier
iommu/mediatek: Fix share pgtable for iova over 4GB
perf/x86/amd: Do not WARN() on every IRQ
wifi: mac80211: fix potential key use-after-free
regmap: rbtree: Fix wrong register marked as in-cache when creating new node
perf/x86/amd/core: Fix overflow reset on hotplug
wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
drivers/net: process the result of hdlc_open() and add call of hdlc_close() in
uhdlc_close()
Bluetooth: ISO: Fix handling of listen for unicast
Bluetooth: Delete unused hci_req_prepare_suspend() declaration
regulator: mt6358: split ops for buck and linear range LDO regulators
regulator: mt6358: Use linear voltage helpers for single range regulators
regulator: mt6358: Drop *_SSHUB regulators
bpf: Fix tr dereferencing
leds: Drop BUG_ON check for LED_COLOR_ID_MULTI
wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
wifi: cfg80211: add missing kernel-doc for cqm_rssi_work
wifi: cfg80211: fix cqm_config access race
wifi: cfg80211: add a work abstraction with special semantics
wifi: cfg80211: move wowlan disable under locks
wifi: cfg80211: hold wiphy lock in auto-disconnect
wifi: iwlwifi: mvm: Fix a memory corruption issue
wifi: iwlwifi: dbg_ini: fix structure packing
erofs: fix memory leak of LZMA global compressed deduplication
ubi: Refuse attaching if mtd's erasesize is 0
HID: sony: Fix a potential memory leak in sony_probe()
arm64: errata: Add Cortex-A520 speculative unprivileged load workaround
arm64: Add Cortex-A520 CPU part definition
drm/amd: Fix logic error in sienna_cichlid_update_pcie_parameters()
drm/amd: Fix detection of _PR3 on the PCIe root port
net: prevent rewrite of msg_name in sock_sendmsg()
net: replace calls to sock->ops->connect() with kernel_connect()
PCI: qcom: Fix IPQ8074 enumeration
md/raid5: release batch_last before waiting for another stripe_head
wifi: mwifiex: Fix tlv_buf_left calculation
Bluetooth: hci_sync: Fix handling of HCI_QUIRK_STRICT_DUPLICATE_FILTER
Bluetooth: hci_codec: Fix leaking content of local_codecs
qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
mptcp: userspace pm allow creating id 0 subflow
net: ethernet: mediatek: disable irq before schedule napi
vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
iommu/vt-d: Avoid memory allocation in iommu_suspend()
scsi: zfcp: Fix a double put in zfcp_port_enqueue()
i40e: fix the wrong PTP frequency calculation
hwmon: (nzxt-smart2) add another USB ID
hwmon: (nzxt-smart2) Add device id
block: fix use-after-free of q->q_usage_counter
rbd: take header_rwsem in rbd_dev_refresh() only when updating
rbd: decouple parent info read-in from updating rbd_dev
rbd: decouple header read-in from updating rbd_dev->header
rbd: move rbd_dev_refresh() definition
iommu/arm-smmu-v3: Avoid constructing invalid range commands
iommu/arm-smmu-v3: Set TTL invalidation hint better
drm/amd/display: Adjust the MST resume flow
arm64: cpufeature: Fix CLRBHB and BC detection
net: release reference to inet6_dev pointer
net: change accept_ra_min_rtr_lft to affect all RA lifetimes
net: add sysctl accept_ra_min_rtr_lft
arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path
Revert "NFSv4: Retry LOCK on OLD_STATEID during delegation return"
btrfs: use struct fscrypt_str instead of struct qstr
btrfs: setup qstr from dentrys using fscrypt helper
btrfs: use struct qstr instead of name and namelen pairs
ring-buffer: Fix bytes info in per_cpu buffer stats
ring-buffer: remove obsolete comment for free_buffer_page()
mm: page_alloc: fix CMA and HIGHATOMIC landing on the wrong buddy list
mm/page_alloc: leave IRQs enabled for per-cpu page allocations
mm/page_alloc: always remove pages from temporary list
mm: mempolicy: keep VMA walk if both MPOL_MF_STRICT and MPOL_MF_MOVE are
specified
mm/mempolicy: convert migrate_page_add() to migrate_folio_add()
mm/mempolicy: convert queue_pages_pte_range() to queue_folios_pte_range()
mm/mempolicy: convert queue_pages_pmd() to queue_folios_pmd()
mm/memory: add vm_normal_folio()
NFSv4: Fix a state manager thread deadlock regression
NFS: rename nfs_client_kset to nfs_kset
NFS: Cleanup unused rpc_clnt variable
ata: libata-scsi: Fix delayed scsi_rescan_device() execution
scsi: Do not attempt to rescan suspended devices
scsi: core: Improve type safety of scsi_rescan_device()
scsi: sd: Do not issue commands to suspended disks on shutdown
scsi: sd: Differentiate system and runtime start/stop management
ata,scsi: do not issue START STOP UNIT on resume
mptcp: process pending subflow error on close
mptcp: move __mptcp_error_report in protocol.c
mptcp: annotate lockless accesses to sk->sk_err
mptcp: fix dangling connection hang-up
mptcp: rename timer related helper to less confusing names
ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates
ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol
spi: zynqmp-gqspi: fix clock imbalance on probe failure
** Affects: linux-oem-6.1 (Ubuntu)
Importance: Undecided
Status: Confirmed
** Affects: linux-oem-6.1 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Tags: kernel-stable-tracking-bug
** Changed in: linux-oem-6.1 (Ubuntu)
Status: New => Confirmed
** Tags added: kernel-stable-tracking-bug
** Also affects: linux-oem-6.1 (Ubuntu Jammy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-6.1 in Ubuntu.
https://bugs.launchpad.net/bugs/2039174
Title:
Jammy update: v6.1.57 upstream stable release
Status in linux-oem-6.1 package in Ubuntu:
Confirmed
Status in linux-oem-6.1 source package in Jammy:
New
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
v6.1.57 upstream stable release
from git://git.kernel.org/
Linux 6.1.57
xen/events: replace evtchn_rwlock with RCU
ipv6: remove one read_lock()/read_unlock() pair in rt6_check_neigh()
btrfs: file_remove_privs needs an exclusive lock in direct io write
netlink: remove the flex array from struct nlmsghdr
btrfs: fix fscrypt name leak after failure to join log transaction
btrfs: fix an error handling path in btrfs_rename()
vrf: Fix lockdep splat in output path
ipv6: remove nexthop_fib6_nh_bh()
parisc: Restore __ldcw_align for PA-RISC 2.0 processors
ksmbd: fix uaf in smb20_oplock_break_ack
ksmbd: fix race condition between session lookup and expire
x86/sev: Use the GHCB protocol when available for SNP CPUID requests
RDMA/mlx5: Fix NULL string error
RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation
RDMA/siw: Fix connection failure handling
RDMA/srp: Do not call scsi_done() from srp_abort()
RDMA/uverbs: Fix typo of sizeof argument
RDMA/cma: Fix truncation compilation warning in make_cma_ports
RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
gpio: pxa: disable pinctrl calls for MMP_GPIO
gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config()
IB/mlx4: Fix the size of a buffer in add_port_entries()
of: dynamic: Fix potential memory leak in of_changeset_action()
RDMA/core: Require admin capabilities to set system parameters
dm zoned: free dmz->ddev array in dmz_put_zoned_devices
parisc: Fix crash with nr_cpus=1 option
smb: use kernel_connect() and kernel_bind()
intel_idle: add Emerald Rapids Xeon support
HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit
HID: sony: remove duplicate NULL check before calling usb_free_urb()
netlink: annotate data-races around sk->sk_err
netlink: Fix potential skb memleak in netlink_ack
netlink: split up copies in the ack construction
sctp: update hb timer immediately after users change hb_interval
sctp: update transport state when processing a dupcook packet
tcp: fix delayed ACKs for MSS boundary condition
tcp: fix quick-ack counting to count actual ACKs of new data
tipc: fix a potential deadlock on &tx->lock
net: stmmac: dwmac-stm32: fix resume on STM32 MCU
ipv4: Set offload_failed flag in fibmatch results
netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
netfilter: nf_tables: Deduplicate nft_register_obj audit logs
selftests: netfilter: Extend nft_audit.sh
selftests: netfilter: Test nf_tables audit logging
netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp
ibmveth: Remove condition to recompute TCP header checksum.
net: ethernet: ti: am65-cpsw: Fix error code in am65_cpsw_nuss_init_tx_chns()
net: nfc: llcp: Add lock when modifying device list
net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
ipv6: tcp: add a missing nf_reset_ct() in 3WHS handling
net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent
ptp: ocp: Fix error handling in ptp_ocp_device_init
ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
neighbour: fix data-races around n->output
neighbour: switch to standard rcu, instead of rcu_bh
neighbour: annotate lockless accesses to n->nud_state
bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup
net: fix possible store tearing in neigh_periodic_work()
modpost: add missing else to the "of" check
bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
bpf, sockmap: Do not inc copied_seq when PEEK flag set
bpf: tcp_read_skb needs to pop skb regardless of seq
NFSv4: Fix a nfs4_state_manager() race
ima: rework CONFIG_IMA dependency block
scsi: target: core: Fix deadlock due to recursive locking
ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
regulator/core: regulator_register: set device->class earlier
iommu/mediatek: Fix share pgtable for iova over 4GB
perf/x86/amd: Do not WARN() on every IRQ
wifi: mac80211: fix potential key use-after-free
regmap: rbtree: Fix wrong register marked as in-cache when creating new node
perf/x86/amd/core: Fix overflow reset on hotplug
wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
drivers/net: process the result of hdlc_open() and add call of hdlc_close()
in uhdlc_close()
Bluetooth: ISO: Fix handling of listen for unicast
Bluetooth: Delete unused hci_req_prepare_suspend() declaration
regulator: mt6358: split ops for buck and linear range LDO regulators
regulator: mt6358: Use linear voltage helpers for single range regulators
regulator: mt6358: Drop *_SSHUB regulators
bpf: Fix tr dereferencing
leds: Drop BUG_ON check for LED_COLOR_ID_MULTI
wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
wifi: cfg80211: add missing kernel-doc for cqm_rssi_work
wifi: cfg80211: fix cqm_config access race
wifi: cfg80211: add a work abstraction with special semantics
wifi: cfg80211: move wowlan disable under locks
wifi: cfg80211: hold wiphy lock in auto-disconnect
wifi: iwlwifi: mvm: Fix a memory corruption issue
wifi: iwlwifi: dbg_ini: fix structure packing
erofs: fix memory leak of LZMA global compressed deduplication
ubi: Refuse attaching if mtd's erasesize is 0
HID: sony: Fix a potential memory leak in sony_probe()
arm64: errata: Add Cortex-A520 speculative unprivileged load workaround
arm64: Add Cortex-A520 CPU part definition
drm/amd: Fix logic error in sienna_cichlid_update_pcie_parameters()
drm/amd: Fix detection of _PR3 on the PCIe root port
net: prevent rewrite of msg_name in sock_sendmsg()
net: replace calls to sock->ops->connect() with kernel_connect()
PCI: qcom: Fix IPQ8074 enumeration
md/raid5: release batch_last before waiting for another stripe_head
wifi: mwifiex: Fix tlv_buf_left calculation
Bluetooth: hci_sync: Fix handling of HCI_QUIRK_STRICT_DUPLICATE_FILTER
Bluetooth: hci_codec: Fix leaking content of local_codecs
qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
mptcp: userspace pm allow creating id 0 subflow
net: ethernet: mediatek: disable irq before schedule napi
vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
iommu/vt-d: Avoid memory allocation in iommu_suspend()
scsi: zfcp: Fix a double put in zfcp_port_enqueue()
i40e: fix the wrong PTP frequency calculation
hwmon: (nzxt-smart2) add another USB ID
hwmon: (nzxt-smart2) Add device id
block: fix use-after-free of q->q_usage_counter
rbd: take header_rwsem in rbd_dev_refresh() only when updating
rbd: decouple parent info read-in from updating rbd_dev
rbd: decouple header read-in from updating rbd_dev->header
rbd: move rbd_dev_refresh() definition
iommu/arm-smmu-v3: Avoid constructing invalid range commands
iommu/arm-smmu-v3: Set TTL invalidation hint better
drm/amd/display: Adjust the MST resume flow
arm64: cpufeature: Fix CLRBHB and BC detection
net: release reference to inet6_dev pointer
net: change accept_ra_min_rtr_lft to affect all RA lifetimes
net: add sysctl accept_ra_min_rtr_lft
arm64: Avoid repeated AA64MMFR1_EL1 register read on pagefault path
Revert "NFSv4: Retry LOCK on OLD_STATEID during delegation return"
btrfs: use struct fscrypt_str instead of struct qstr
btrfs: setup qstr from dentrys using fscrypt helper
btrfs: use struct qstr instead of name and namelen pairs
ring-buffer: Fix bytes info in per_cpu buffer stats
ring-buffer: remove obsolete comment for free_buffer_page()
mm: page_alloc: fix CMA and HIGHATOMIC landing on the wrong buddy list
mm/page_alloc: leave IRQs enabled for per-cpu page allocations
mm/page_alloc: always remove pages from temporary list
mm: mempolicy: keep VMA walk if both MPOL_MF_STRICT and MPOL_MF_MOVE are
specified
mm/mempolicy: convert migrate_page_add() to migrate_folio_add()
mm/mempolicy: convert queue_pages_pte_range() to queue_folios_pte_range()
mm/mempolicy: convert queue_pages_pmd() to queue_folios_pmd()
mm/memory: add vm_normal_folio()
NFSv4: Fix a state manager thread deadlock regression
NFS: rename nfs_client_kset to nfs_kset
NFS: Cleanup unused rpc_clnt variable
ata: libata-scsi: Fix delayed scsi_rescan_device() execution
scsi: Do not attempt to rescan suspended devices
scsi: core: Improve type safety of scsi_rescan_device()
scsi: sd: Do not issue commands to suspended disks on shutdown
scsi: sd: Differentiate system and runtime start/stop management
ata,scsi: do not issue START STOP UNIT on resume
mptcp: process pending subflow error on close
mptcp: move __mptcp_error_report in protocol.c
mptcp: annotate lockless accesses to sk->sk_err
mptcp: fix dangling connection hang-up
mptcp: rename timer related helper to less confusing names
ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates
ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol
spi: zynqmp-gqspi: fix clock imbalance on probe failure
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-oem-6.1/+bug/2039174/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
