This bug was fixed in the package linux-oem-6.8 - 6.8.0-1024.24
---------------
linux-oem-6.8 (6.8.0-1024.24) noble; urgency=medium
* noble/linux-oem-6.8: 6.8.0-1024.24 -proposed tracker (LP: #2098231)
[ Ubuntu: 6.8.0-56.58 ]
* noble/linux: 6.8.0-56.58 -proposed tracker (LP: #2098244)
* Noble update: upstream stable patchset 2024-07-19 (LP: #2073603)
- Revert "drm: Make drivers depends on DRM_DW_HDMI"
- Revert "UBUNTU: [Config] Drivers now depend on DRM_DW_HDMI"
* drm/amd/display: Add check for granularity in dml ceil/floor helpers
(LP: #2098080)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers
* optimized default EPP for GNR family (LP: #2097554)
- cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids
* Incorrect LAPIC/x2APIC parsing order (LP: #2097455)
- x86/acpi: Fix LAPIC/x2APIC parsing order
* MGLRU: page allocation failure on NUMA-enabled systems (LP: #2097214)
- mm/vmscan: wake up flushers conditionally to avoid cgroup OOM
* Upstream commit 65357e2c164a: "RDMA/mana_ib: set node_guid" applied
incorrectly (LP: #2096885)
- Revert "RDMA/mana_ib: set node_guid"
* AppArmor early policy load not funcitoning (LP: #2095370)
- SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [67/90]: userns - add the
ability to reference a global variable for a feature value"
* apparmor unconfined profile blocks pivot_root (LP: #2067900)
- SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [81/90]: apparmor: convert
easy
uses of unconfined() to label_mediates()"
* CVE-2024-50117
- drm/amd: Guard against bad data for ATIF ACPI method
* CVE-2024-56582
- btrfs: fix use-after-free in btrfs_encoded_read_endio()
* CVE-2024-53165
- sh: intc: Fix use-after-free bug in register_intc_controller()
* CVE-2024-53156
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
* CVE-2024-56663
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
* CVE-2024-56614
- xsk: fix OOB map writes when deleting elements
* VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
(LP: #2097389)
- PCI: Batch BAR sizing operations
* Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
- Revert "PCI/MSI: Provide stubs for IMS functions"
- gfs2: Revert "introduce qd_bh_get_or_undo"
- gfs2: qd_check_sync cleanups
- gfs2: Revert "ignore negated quota changes"
- Revert "powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2"
- tracing: Have saved_cmdlines arrays all in one allocation
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call
- ata: ahci: Add mask_port_map module parameter
- ASoC: tas2781: mark dvc_tlv with __maybe_unused
- scsi: sd: Do not repeat the starting disk message
- bootconfig: Fix the kerneldoc of _xbc_exit()
- perf sched: Move start_work_mutex and work_done_wait_mutex initialization
to
perf_sched__replay()
- perf sched: Fix memory leak in perf_sched__map()
- perf sched: Move curr_thread initialization to perf_sched__map()
- perf sched: Move curr_pid and cpu_last_switched initialization to
perf_sched__{lat|map|replay}()
- libsubcmd: Don't free the usage string
- selftests: Introduce Makefile variable to list shared bash scripts
- jbd2: fix kernel-doc for j_transaction_overhead_buffers
- lib/build_OID_registry: avoid non-destructive substitution for Perl <
5.13.2
compat
- drm/amd/display: Remove a redundant check in authenticated_dp
- drm/amd/display: Revert "Check HDCP returned status"
- zram: don't free statically defined names
- x86/amd_nb: Add new PCI IDs for AMD family 0x1a
- rtnetlink: change nlk->cb_mutex role
- rtnetlink: add RTNL_FLAG_DUMP_UNLOCKED flag
- mpls: no longer hold RTNL in mpls_netconf_dump_devconf()
- phonet: no longer hold RTNL in route_dumpit()
- rcu/nocb: Make IRQs disablement symmetric
- HID: asus: add ROG Ally N-Key ID and keycodes
- HID: asus: add ROG Z13 lightbar
- hid-asus: add ROG Ally X prod ID to quirk list
- scsi: Revert "scsi: sd: Do not repeat the starting disk message"
- btrfs: fix uninitialized pointer free in add_inode_ref()
- btrfs: fix uninitialized pointer free on read_alloc_one_name() error
- ksmbd: fix user-after-free from session log off
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
- mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
- net: enetc: remove xdp_drops statistic from enetc_xdp_drop()
- net: enetc: block concurrent XDP transmissions during ring reconfiguration
- net: enetc: disable Tx BD rings after they are empty
- net: enetc: disable NAPI after all rings are disabled
- net: enetc: add missing static descriptor and inline keyword
- posix-clock: Fix missing timespec64 check in pc_clock_settime()
- udp: Compute L4 checksum as usual when not segmenting the skb
- arm64: probes: Remove broken LDR (literal) uprobe support
- arm64: probes: Fix simulate_ldr*_literal()
- arm64: probes: Fix uprobes for big-endian kernels
- net: macb: Avoid 20s boot delay by skipping MDIO bus registration for
fixed-
link PHY
- net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
- maple_tree: correct tree corruption on spanning store
- nilfs2: propagate directory read errors from nilfs_find_entry()
- fat: fix uninitialized variable
- mm/mremap: fix move_normal_pmd/retract_page_tables race
- mm/swapfile: skip HugeTLB pages for unuse_vma
- mm/damon/tests/sysfs-kunit.h: fix memory leak in
damon_sysfs_test_add_targets()
- tcp: fix mptcp DSS corruption due to large pmtu xmit
- net: fec: Move `fec_ptp_read()` to the top of the file
- net: fec: Remove duplicated code
- mptcp: prevent MPC handshake on port-based signal endpoints
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices
- s390/sclp: Deactivate sclp after all its users
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
- KVM: s390: gaccess: Check if guest address is in memslot
- KVM: s390: Change virtual to physical address access in diag 0x258 handler
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag
- x86/entry: Have entry_ibpb() invalidate return predictions
- x86/bugs: Skip RSB fill at VMEXIT
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
- io_uring/sqpoll: close race on waiting for sqring entries
- blk-mq: setup queue ->tag_set before initializing hctx
- ublk: don't allow user copy for unprivileged device
- selftest: hid: add the missing tests directory
- Input: xpad - add support for MSI Claw A1M
- scsi: mpi3mr: Correct a test in mpi3mr_sas_port_add()
- scsi: mpi3mr: Validate SAS port assignments
- scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down
- scsi: ufs: core: Fix the issue of ICU failure
- scsi: ufs: core: Requeue aborted request
- drm/radeon: Fix encoder->possible_clones
- drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation
- drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible
mode
- drm/xe/xe_sync: initialise ufence.signalled
- drm/xe/ufence: ufence can be signaled right after wait_woken
- drm/vmwgfx: Cleanup kms setup without 3d
- drm/vmwgfx: Handle surface check failure correctly
- drm/amdgpu/pm: Fix code alignment issue
- drm/amdgpu/smu13: always apply the powersave optimization
- drm/amdgpu/swsmu: Only force workload setup on init
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: hid-sensors: Fix an error handling path in
_hid_sensor_set_report_latency()
- iio: light: veml6030: fix ALS sensor resolution
- iio: light: veml6030: fix IIO device retrieval from embedded device
- iio: light: opt3001: add missing full-scale range value
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig
- iio: light: bu27008: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: resolver: ad2s1210 add missing select REGMAP in Kconfig
- iio: pressure: bm1390: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- iio: adc: ti-lmp92064: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in
Kconfig
- iio: resolver: ad2s1210: add missing select (TRIGGERED_)BUFFER in Kconfig
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
- Bluetooth: Call iso_exit() on module unload
- Bluetooth: Remove debugfs directory on module init failure
- Bluetooth: ISO: Fix multiple init when debugfs is disabled
- Bluetooth: btusb: Fix not being able to reconnect after suspend
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001
- vt: prevent kernel-infoleak in con_font_get()
- xhci: tegra: fix checked USB2 port number
- xhci: Fix incorrect stream context type macro
- xhci: Mitigate failed set dequeue pointer commands
- USB: serial: option: add support for Quectel EG916Q-GL
- USB: serial: option: add Telit FN920C04 MBIM compositions
- usb: typec: qcom-pmic-typec: fix sink status being overwritten with RP_DEF
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG
- misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for EEPROM
device
- misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for OTP device
- serial: imx: Update mctrl old_status on RTSD interrupt
- parport: Proper fix for array out-of-bounds access
- x86/resctrl: Annotate get_mem_config() functions as __init
- x86/apic: Always explicitly disarm TSC-deadline timer
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load
- x86/entry_32: Do not clobber user EFLAGS.ZF
- x86/entry_32: Clear CPU buffers after register restore in NMI return
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
- x86/bugs: Use code segment selector for VERW operand
- pinctrl: intel: platform: fix error path in device_for_each_child_node()
- pinctrl: ocelot: fix system hang on level based interrupts
- pinctrl: stm32: check devm_kasprintf() returned value
- pinctrl: apple: check devm_kasprintf() returned value
- irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
- irqchip/sifive-plic: Unmask interrupt in plic_irq_enable()
- serial: qcom-geni: fix polled console initialisation
- serial: qcom-geni: revert broken hibernation support
- serial: qcom-geni: fix shutdown race
- serial: qcom-geni: fix dma rx cancellation
- serial: qcom-geni: fix receiver enable
- mm: vmscan.c: fix OOM on swap stress test
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne
1000 G2
- Upstream stable to v6.6.57, v6.11.5
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301)
- Revert "perf callchain: Fix stitch LBR memory leaks"
- ASoC: amd: acp: add ZSC control register programming sequence
- virtio: rename virtio_config_enabled to virtio_config_core_enabled
- virtio: allow driver to disable the configure change notification
- virtio-net: synchronize operstate with admin state on up/down
- virtio-net: synchronize probe with ndo_set_features
- wifi: rtw89: limit the PPDU length for VHT rate to 0x40000
- af_unix: Don't call skb_get() for OOB skb.
- af_unix: Remove single nest in manage_oob().
- af_unix: Rename unlinked_skb in manage_oob().
- af_unix: Move spin_lock() in manage_oob().
- iommu/amd: Move allocation of the top table into v1_alloc_pgtable
- iommu/amd: Set the pgsize_bitmap correctly
- drm/xe: Move and export xe_hw_engine lookup.
- drm/msm/dp: rename wide_bus_en to wide_bus_supported
- drm/msm/dp: enable widebus on all relevant chipsets
- bpf, arm64: Fix tailcall hierarchy
- libbpf: Don't take direct pointers into BTF data from st_ops
- s390/entry: Move early program check handler to entry.S
- selftests/bpf: fix to avoid __msg tag de-duplication by clang
- libbpf: Ensure new BTF objects inherit input endianness
- PCI: dwc: ep: Rename dw_pcie_ep_exit() to dw_pcie_ep_deinit()
- PCI: qcom-ep: Enable controller resources like PHY only after refclk is
available
- net: ravb: Fix maximum TX frame size for GbEth devices
- ravb: Make it clear the information relates to maximum frame size
- net: ravb: Fix R-Car RX frame size limit
- netfilter: nf_tables: missing objects with no memcg accounting
- PCI: dra7xx: Fix error handling when IRQ request fails in probe
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
- intel_idle: fix ACPI _CST matching for newer Xeon platforms
- wifi: mt76: mt7925: fix a potential association failure upon resuming
- cifs: Remove intermediate object of failed create reparse call
- drm/amd/display: Disable replay if VRR capability is false
- drm/amd/display: Fix VRR cannot enable
- l2tp: free sessions using rcu
- net: skbuff: sprinkle more __GFP_NOWARN on ingress allocs
- nvme: fix metadata handling in nvme-passthrough
- wifi: wilc1000: Do not operate uninitialized hardware during
suspend/resume
- x86/apic: Remove logical destination mode for 64-bit
- pmdomain: core: Use dev_name() instead of kobject_get_path() in debugfs
- drm/xe: Name and document Wa_14019789679
- drm/xe: Add timeout to preempt fences
- drm/amd/display: Fix possible overflow in integer multiplication
- ext4: fix error message when rejecting the default hash
- power: supply: Drop use_cnt check from
power_supply_property_is_writeable()
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8
- drm/xe: Generate oob before compiling anything
- clk: qcom: gcc-sc8180x: Register QUPv3 RCGs for DFS on sc8180x
- drm/amd/display: Restore Optimized pbn Value if Failed to Disable DSC
- Revert "drm/amd/display: Skip Recompute DSC Params if no Stream on Link"
- pmdomain: core: Reduce debug summary table width
- fs/ntfs3: Do not call file_modified if collapse range failed
- fs/ntfs3: Optimize large writes into sparse file
- fs/ntfs3: Fix sparse warning in ni_fiemap
- fs/ntfs3: Refactor enum_rstbl to suppress static checker
- virtio_console: fix misc probe bugs
- ntfs3: Change to non-blocking allocation in ntfs_d_hash
- bpf: Call the missed btf_record_free() when map creation fails
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test
- bpf: Check percpu map value size first
- s390/facility: Disable compile time optimization for decompressor code
- s390/mm: Add cond_resched() to cmm_alloc/free_pages()
- bpf, x64: Fix a jit convergence issue
- ext4: nested locking for xattr inode
- s390/cpum_sf: Remove WARN_ON_ONCE statements
- ktest.pl: Avoid false positives with grub2 skip regex
- soundwire: intel_bus_common: enable interrupts before exiting reset
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
- clk: bcm: bcm53573: fix OF node leak in init
- PCI: Add ACS quirk for Qualcomm SA8775P
- i2c: i801: Use a different adapter-name for IDF adapters
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken
- RISC-V: Don't have MAX_PHYSMEM_BITS exceed phys_addr_t
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less
strict
- mfd: intel-lpss: Add Intel Arrow Lake-H LPSS PCI IDs
- mfd: intel-lpss: Rename SPI intel_lpss_platform_info structs
- mfd: intel-lpss: Add Intel Panther Lake LPSS PCI IDs
- riscv: Omit optimized string routines when using KASAN
- riscv: avoid Imbalance in RAS
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults
- PCI: qcom: Disable mirroring of DBI and iATU register space in BAR region
- PCI: endpoint: Assign PCI domain number for endpoint controllers
- soundwire: cadence: re-check Peripheral status with delayed_work
- riscv/kexec_file: Fix relocation type R_RISCV_ADD16 and R_RISCV_SUB16
unknown
- media: videobuf2-core: clear memory related fields in
__vb2_plane_dmabuf_put()
- remoteproc: imx_rproc: Use imx specific hook for find_loaded_rsc_table
- usb: chipidea: udc: enable suspend interrupt after usb reset
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the
Crashkernel Scenario
- xhci: dbc: Fix STALL transfer event handling
- usb: host: xhci-plat: Parse xhci-missing_cas_quirk and apply quirk
- comedi: ni_routing: tools: Check when the file could not be opened
- LoongArch: Fix memleak in pci_acpi_scan_root()
- netfilter: nf_nat: don't try nat source port reallocation for reverse dir
clash
- netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
- tools/iio: Add memory allocation failure check for trigger_name
- staging: vme_user: added bound check to geoid
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus
attribute
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in
lpfc_els_flush_cmd()
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to
KERN_WARNING
- NFSD: Mark filecache "down" if init fails
- nfsd: nfsd_destroy_serv() must call svc_destroy() even if
nfsd_startup_net()
failed
- ice: set correct dst VSI in only LAN filters
- ice: clear port vlan config during reset
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins
- ice: fix VLAN replay after reset
- SUNRPC: Fix integer overflow in decode_rc_list()
- tcp: fix to allow timestamp undo if no retransmits were sent
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out
- rxrpc: Fix uninitialised variable in rxrpc_send_data()
- selftests: net: no_forwarding: fix VID for $swp2 in one_bridge_two_pvids()
test
- Bluetooth: btusb: Don't fail external suspend requests
- net: phy: bcm84881: Fix some error handling paths
- Revert "net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled"
- net: ethernet: adi: adin1110: Fix some error handling path in
adin1110_read_fifo()
- net: dsa: b53: fix jumbo frame mtu check
- net: dsa: b53: fix max MTU for 1g switches
- net: dsa: b53: fix max MTU for BCM5325/BCM5365
- net: dsa: b53: allow lower MTUs on BCM5325/5365
- net: dsa: b53: fix jumbo frames on 10/100 ports
- drm/nouveau: pass cli to nouveau_channel_new() instead of drm+device
- nouveau/dmem: Fix privileged error in copy engine channel
- gpio: aspeed: Add the flush write to ensure the write complete.
- gpio: aspeed: Use devm_clk api to manage clock source
- powercap: intel_rapl_tpmi: Ignore minor version change
- ice: Fix netif_is_ice() in Safe Mode
- ice: Flush FDB entries before reset
- e1000e: change I219 (19) devices to ADP
- net: ibm: emac: mal: fix wrong goto
- btrfs: zoned: fix missing RCU locking in error message when loading zone
info
- sctp: ensure sk_state is set to CLOSED if hashing fails in
sctp_listen_start
- netfilter: fib: check correct rtable in vrf setups
- net: ibm: emac: mal: add dcr_unmap to _remove
- net: dsa: refuse cross-chip mirroring operations
- rtnetlink: Add bulk registration helpers for rtnetlink message handlers.
- vxlan: Handle error of rtnl_register_module().
- bridge: Handle error of rtnl_register_module().
- mctp: Handle error of rtnl_register_module().
- mpls: Handle error of rtnl_register_module().
- phonet: Handle error of rtnl_register_module().
- rcu/nocb: Fix rcuog wake-up from offline softirq
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h
- HID: multitouch: Add support for lenovo Y9000P Touchpad
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C
- hwmon: (ltc2991) Add missing dependency on REGMAP_I2C
- HID: plantronics: Workaround for an unexcepted opposite volume key
- Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant"
- usb: dwc3: core: Stop processing of pending events if controller is halted
- usb: xhci: Fix problem with xhci resume from suspend
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip
- usb: dwc3: re-enable runtime PM after failed resume
- usb: gadget: core: force synchronous registration
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in
ish_fw_xfer_direct_dma
- ACPI: resource: Make Asus ExpertBook B2402 matches cover more models
- ACPI: resource: Make Asus ExpertBook B2502 matches cover more models
- drm/amdkfd: Fix an eviction fence leak
- drm/amd/display: fix hibernate entry for DCN35+
- drm/xe/guc_submit: fix xa_store() error checking
- drm/i915/hdcp: fix connector refcounting
- drm/xe/ct: fix xa_store() error checking
- scsi: ufs: Use pre-calculated offsets in ufshcd_init_lrb()
- mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling
- mptcp: fallback when MPTCP opts are dropped after 1st data
- ata: libata: avoid superfluous disk spin down + spin up during hibernation
- OPP: fix error code in dev_pm_opp_set_config()
- net: dsa: lan9303: ensure chip reset and wait for READY status
- mptcp: pm: do not remove closing subflows
- powercap: intel_rapl_tpmi: Fix bogus register reading
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test
- selftests/rseq: Fix mm_cid test failure
- btrfs: split remaining space to discard in chunks
- btrfs: add cancellation points to trim loops
- fs/proc/kcore.c: allow translation of physical memory addresses
- io_uring/rw: fix cflags posting for single issue multishot read
- Upstream stable to v6.6.56, v6.11.1, v6.11.2, v6.11.3, v6.11.4
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50182
- secretmem: disable memfd_secret() if arch cannot set direct map
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50019
- kthread: unpark only parked kthread
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50096
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50020
- ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50021
- ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50022
- device-dax: correct pgoff align in dax_set_mapping()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50185
- mptcp: handle consistently DSS corruption
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50023
- net: phy: Remove LED entry from LEDs list on unregister
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50024
- net: Fix an unsafe loop on the list
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50186
- net: explicitly clear the sk pointer, when pf->create fails
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50025
- scsi: fnic: Move flush_work initialization out of if block
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50026
- scsi: wd33c93: Don't use stale scsi_pointer value
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50027
- thermal: core: Free tzp copy along with the thermal zone
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50028
- thermal: core: Reference count the zone in thermal_zone_get_by_id()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50029
- Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50030
- drm/xe/ct: prevent UAF in send_recv()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50187
- drm/vc4: Stop the active perfmon before being destroyed
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50031
- drm/v3d: Stop the active perfmon before being destroyed
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50189
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50033
- slip: make slhc_remember() more robust against malicious packets
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50035
- ppp: fix ppp_async_encode() illegal access
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50036
- net: do not delay dst_entries_add() in dst_release()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50038
- netfilter: xtables: avoid NFPROTO_UNSPEC where needed
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50039
- net/sched: accept TCA_STAB only for root qdisc
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50040
- igb: Do not bring the device up after non-fatal error
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50041
- i40e: Fix macvlan leak by synchronizing access to mac_filter_hash
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50042
- ice: Fix increasing MSI-X on VF
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50093
- thermal: intel: int340x: processor: Fix warning during module unload
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50044
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50045
- netfilter: br_netfilter: fix panic with metadata_dst skb
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50188
- net: phy: dp83869: fix memory corruption when enabling fiber
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50046
- NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50180
- fbdev: sisfb: Fix strbuf array overflow
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50047
- smb: client: fix UAF in async decryption
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50048
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50049
- drm/amd/display: Check null pointer before dereferencing se
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50090
- drm/xe/oa: Fix overflow in oa batch buffer
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50183
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV
instance
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50055
- driver core: bus: Fix double free in driver API bus_register()
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50056
- usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50184
- virtio_pmem: Check device status before requesting flush
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50057
- usb: typec: tipd: Free IRQ only if it was requested before
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50058
- serial: protect uart_port_dtr_rts() in uart_shutdown() too
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50181
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50059
- ntb: ntb_hw_switchtec: Fix use after free vulnerability in
switchtec_ntb_remove due to race condition
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50060
- io_uring: check if we need to reschedule during overflow flush
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50061
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master
Driver Due to Race Condition
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50062
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50095
- RDMA/mad: Improve handling of timed out WRs of mad agent
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50063
- bpf: Prevent tail call between progs attached to different hooks
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50191
- ext4: don't set SB_RDONLY after filesystem errors
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50064
- zram: free secondary algorithms names
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50089
- unicode: Don't special case ignorable code points
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49865
- drm/xe/vm: move xa_alloc to prevent UAF
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49968
- ext4: filesystems without casefold feature cannot be mounted with siphash
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49893
- drm/amd/display: Check stream_status before it is used
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49972
- drm/amd/display: Deallocate DML memory if allocation fails
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49914
- drm/amd/display: Add null check for pipe_ctx->plane_state in
dcn20_program_pipe
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49920
- drm/amd/display: Check null pointers before multiple uses
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-49921
- drm/amd/display: Check null pointers before used
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-50009
- cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-47726
- f2fs: fix to wait dio completion
* Noble update: upstream stable patchset 2025-02-03 (LP: #2097301) //
CVE-2024-47711
- af_unix: Don't return OOB skb in manage_oob().
* CVE-2024-53170
- block: fix uaf for flush rq while iterating tags
* CVE-2024-50148
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
* CVE-2024-50134
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with
real
VLA
* CVE-2024-50171
- net: systemport: fix potential memory leak in bcm_sysport_xmit()
* CVE-2024-50229
- nilfs2: fix potential deadlock with newly created symlinks
* CVE-2024-50233
- staging: iio: frequency: ad9832: fix division by zero in
ad9832_calc_freqreg()
* [Lenovo Ubuntu 24.04 Bug] dmesg show "spi-nor: probe of spi0.0 failed with
error -95" (LP: #2070339)
- mtd: core: Don't fail mtd_otp_nvmem_add() if OTP is unsupported
- mtd: core: Align comment with an action in mtd_otp_nvmem_add()
* python perf module missing in realtime kernel (LP: #2089411)
- [Packaging] linux-tools: Add missing python perf symlink
- [Packaging] linux-tools: Fix python perf library packaging
- [Packaging] linux-tools: Fall back to old python perf path
* CVE-2024-53104
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
uvc_parse_format
-- Kuan-Ying Lee <kuan-ying....@canonical.com> Fri, 21 Feb 2025
14:15:20 +0800
** Changed in: linux-oem-6.8 (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47711
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47726
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49865
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49893
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49914
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49920
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49921
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49968
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49972
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50009
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50019
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50020
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50021
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50022
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50023
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50024
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50025
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50026
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50027
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50028
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50029
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50030
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50031
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50033
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50035
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50036
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50038
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50039
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50040
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50041
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50042
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50044
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50045
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50046
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50047
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50048
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50049
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50055
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50056
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50057
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50058
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50059
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50060
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50061
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50062
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50063
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50064
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50089
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50090
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50093
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50095
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50096
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50117
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50134
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50148
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50171
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50180
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50181
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50182
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50183
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50184
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50185
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50186
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50187
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50188
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50189
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50191
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50229
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-50233
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53104
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53156
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53165
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53170
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56582
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56614
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56663
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2093162
Title:
Respect _WOV entry in BIOS when enabling microphone on AMD acp6x
platforms
Status in HWE Next:
New
Status in linux package in Ubuntu:
Fix Released
Status in linux-oem-6.11 package in Ubuntu:
Invalid
Status in linux-oem-6.8 package in Ubuntu:
Invalid
Status in linux source package in Noble:
In Progress
Status in linux-oem-6.11 source package in Noble:
Fix Released
Status in linux-oem-6.8 source package in Noble:
Fix Released
Status in linux source package in Oracular:
Fix Released
Status in linux-oem-6.11 source package in Oracular:
Invalid
Status in linux-oem-6.8 source package in Oracular:
Invalid
Status in linux source package in Plucky:
Fix Released
Status in linux-oem-6.11 source package in Plucky:
Invalid
Status in linux-oem-6.8 source package in Plucky:
Invalid
Bug description:
[SRU Justification]
[Impact]
AMD acp6x driver may not respect BIOS settings and enables DMIC
(digital microphone) unexpectedly.
[Fix]
* Upstream v6.13-rc1 commit 4095cf872084 ("ASoC: amd: yc: Fix for enabling
DMIC on acp6x via _DSD entry")
* And two following fixes also from v6.13-rcX: commit 984795e76def ("ASoC:
amd: yc: Fix the wrong return value") and commit 88438444fddd ("ASoC: amd: ps:
Fix for enabling DMIC on acp63 platform via _DSD entry")
[Test Case]
1) Check BIOS if microphone is turned on/off.
2) Ensure that microphone is present or not in OS (acp6x device binds or not)
to match this policy.
3) Change policy in BIOS.
4) Ensure that OS behavior matches.
[Where problems could occur]
This basically checks whether the value in _WOV valid and enabled.
Existing systems might found their microphone disabled then, but
that's to respect the settings in BIOS.
[Other Info]
This affects kernel >= v5.19, and some of the changes have been
backported to v6.12.x and v6.11.x.
========== original bug report ==========
The context of it is a security risk that user turns off microphone in
BIOS on Lenovo system but it still works in Ubuntu. The patch fixes it
to look at what BIOS changes to decide whether to enable microphone.
*
https://github.com/torvalds/linux/commit/88438444fdddd0244c8b2697713adcca3e71599e
("ASoC: amd: ps: Fix for enabling DMIC on acp63 platform via _DSD entry")
- Fixes: 0386d765f27a ("ASoC: amd: ps: refactor acp device configuration
read logic")
- in v6.13-rc5
- for >= v6.9
*
https://github.com/torvalds/linux/commit/4095cf872084ecfdfdb0e681f3e9ff9745acfa75
("ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry")
- Fixes: 5426f506b584 ("ASoC: amd: Add support for enabling DMIC on acp6x
via _DSD")
- in v6.13-rc1, v6.12.2, v6.11.11
- for >= v5.19
*
https://github.com/torvalds/linux/commit/984795e76def5c903724b8d6a8228e356bbdf2af
- Fixes: 4095cf872084 (ASoC: amd: yc: Fix for enabling DMIC on acp6x via
_DSD entry)
- in v6.13-rc3, v6.12.6
- for >= v6.13-rc1
To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/2093162/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
