This bug was fixed in the package linux-gkeop - 6.8.0-1012.14
---------------
linux-gkeop (6.8.0-1012.14) noble; urgency=medium
* noble/linux-gkeop: 6.8.0-1012.14 -proposed tracker (LP: #2107113)
* Packaging resync (LP: #1786013)
- [Packaging] debian.gkeop/dkms-versions -- update from kernel-versions
(main/2025.04.14)
* Regression in NFS ro mount behavior (LP: #2108862)
- SAUCE: nfs: clear SB_RDONLY before getting superblock
* IDPF: TX timeout and crash (LP: #2093622)
- idpf: make virtchnl2.h self-contained
- idpf: split &idpf_queue into 4 strictly-typed queue structures
- idpf: fix memory leaks and crashes while performing a soft reset
- idpf: enable WB_ON_ITR
- idpf: fix idpf_vc_core_init error path
- idpf: add support for SW triggered interrupts
- idpf: trigger SW interrupt when exiting wb_on_itr mode
* kdump failures with instances using IDPF (LP: #2104324)
- idpf: call set_real_num_queues in idpf_open
[ Ubuntu: 6.8.0-60.63 ]
* noble/linux: 6.8.0-60.63 -proposed tracker (LP: #2107138)
* Packaging resync (LP: #1786013)
- [Packaging] debian.master/dkms-versions -- update from kernel-versions
(main/2025.04.14)
* Missing upstream commits for LP: #2102181 (LP: #2107336)
- libperf cpumap: Add any, empty and min helpers
- libperf cpumap: Ensure empty cpumap is NULL from alloc
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770)
- memblock: use numa_valid_node() helper to check for invalid node ID
- jbd2: increase IO priority for writing revoke records
- jbd2: flush filesystem device before updating tail sequence
- dm array: fix unreleased btree blocks on closing a faulty array cursor
- dm array: fix cursor index when skipping across block boundaries
- exfat: fix the infinite loop in __exfat_free_cluster()
- erofs: fix PSI memstall accounting
- ASoC: rt722: add delay time to wait for the calibration procedure
- ASoC: mediatek: disable buffer pre-allocation
- selftests/alsa: Fix circular dependency involving global-timer
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
- net: 802: LLC+SNAP OID:PID lookup on start of skb data
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero
- net: libwx: fix firmware mailbox abnormal return
- pds_core: limit loop over fw name list
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails
- cxgb4: Avoid removal of uninserted tid
- ice: fix incorrect PHY settings for 100 GB/s
- igc: return early when failing to read EECD register
- tls: Fix tls_sw_sendmsg error handling
- eth: gve: use appropriate helper to set xdp_features
- Bluetooth: hci_sync: Fix not setting Random Address when required
- Bluetooth: MGMT: Fix Add Device to responding before completing
- Bluetooth: btnxpuart: Fix driver sending truncated data
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
- riscv: Fix early ftrace nop patching
- memblock tests: fix implicit declaration of function 'numa_valid_node'
- iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on
- netfilter: nf_tables: imbalance in flowtable binding
- drm/mediatek: stop selecting foreign drivers
- [Config] updateconfigs for MTK_SMI
- drm/mediatek: Fix YCbCr422 color format issue for DP
- drm/mediatek: Fix mode valid issue for dp
- drm/mediatek: Add return value check when reading DPCD
- cpuidle: riscv-sbi: fix device node release in early exit of
for_each_possible_cpu
- scsi: ufs: qcom: Power off the PHY if it was already powered on in
ufs_qcom_power_up_sequence()
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
- ksmbd: Implement new SMB3 POSIX type
- thermal: of: fix OF node leak in of_thermal_zone_find()
- smb: client: sync the root session and superblock context passwords before
automounting
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
- ACPI: resource: Add Asus Vivobook X1504VAP to
irq1_level_low_skip_override[]
- drm/amd/display: increase MAX_SURFACES to the value supported by hw
- io_uring/timeout: fix multishot updates
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take
2)
- USB: serial: option: add MeiG Smart SRM815
- USB: serial: option: add Neoway N723-EA support
- staging: iio: ad9834: Correct phase range check
- staging: iio: ad9832: Correct phase range check
- usb-storage: Add max sectors quirk for Nokia 208
- USB: serial: cp210x: add Phoenix Contact UPS Device
- usb: dwc3: gadget: fix writing NYET threshold
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
config
- tty: serial: 8250: Fix another runtime PM usage counter underflow
- usb: dwc3-am62: Disable autosuspend during remove
- USB: usblp: return error when setting unsupported protocol
- USB: core: Disable LPM only for non-suspended ports
- usb: fix reference leak in usb_new_device()
- usb: gadget: midi2: Reverse-select at the right place
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and
in
the error path of .probe()
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
- usb: typec: tcpm/tcpci_maxim: fix error code in
max_contaminant_read_resistance_kohm()
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev
- iio: gyro: fxas21002c: Fix missing data update in trigger handler
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
- iio: inkern: call iio_device_put() only on mapped devices
- iio: adc: ad7124: Disable all channels at probe time
- riscv: kprobes: Fix incorrect address calculation
- ARM: dts: imxrt1050: Fix clocks for mmc
- arm64: dts: rockchip: add hevc power domain clock to rk3328
- pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop
- pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe()
- workqueue: Add rcu lock check at the end of work item execution
- workqueue: Update lock debugging code
- mm/hugetlb: enforce that PMD PT sharing has split PMD PT locks
- riscv: Fix text patching when IPI are used
- drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported
- ovl: pass realinode to ovl_encode_real_fh() instead of realdentry
- net: don't dump Tx and uninitialized NAPIs
- ice: fix max values for dpll pin phase adjust
- net: hns3: fixed reset failure issues caused by the incorrect reset type
- net: hns3: fix missing features due to dev->features configuration too
early
- net: hns3: Resolved the issue that the debugfs query result is
inconsistent.
- net: hns3: initialize reset_timer before hclgevf_misc_irq_init()
- mctp i3c: fix MCTP I3C driver multi-thread issue
- drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb()
- drm/mediatek: Add support for 180-degree rotation in the display driver
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188
- platform/x86: intel/pmc: Fix ioremap() of bad address
- riscv: module: remove relocation_head rel_entry member allocation
- cgroup/cpuset: Prevent leakage of isolated CPUs into sched domains
- fs: kill MNT_ONRB
- gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset
- drm/amd/pm: fix BUG: scheduling while atomic
- drm/amdkfd: wq_release signals dma_fence only when available
- drm/amd/display: fix divide error in DM plane scale calcs
- drm/amd/display: fix page fault due to max surface definition mismatch
- serial: stm32: use port lock wrappers for break control
- usb: host: xhci-plat: set skip_phy_initialization if software node has
XHCI_SKIP_PHY_INIT property
- iio: imu: inv_icm42600: add register caching in the regmap
- iio: imu: inv_icm42600: fix spi burst write not supported
- Upstream stable to v6.6.71, v6.6.72, v6.12.10
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21659
- netdev: prevent accessing NAPI instances from another namespace
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21634
- cgroup/cpuset: remove kernfs active break
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21635
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21643
- netfs: Fix kernel async DIO
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21649
- net: hns3: fix kernel crash when 1588 is sent on HIP08 devices
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21650
- net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21651
- net: hns3: don't auto enable misc vector
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21654
- ovl: support encoding fid from inode with no alias
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57883
- mm: hugetlb: independent PMD page table shared count
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57888
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from
!WQ_MEM_RECLAIM worker
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21631
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21656
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors
occur
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21655
- io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57904
- iio: adc: at91: call input_free_device() on allocated iio_dev
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57906
- iio: adc: ti-ads8688: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57907
- iio: adc: rockchip_saradc: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57908
- iio: imu: kmx61: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57910
- iio: light: vcnl4035: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57911
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57912
- iio: pressure: zpa2326: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57913
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21632
- x86/fpu: Ensure shadow stack is active before "getting" registers
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57916
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57917
- topology: Keep the cpumask unchanged when printing cpumap
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57939
- riscv: Fix sleeping in invalid context in die()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21636
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21637
- sctp: sysctl: udp_port: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21638
- sctp: sysctl: auth_enable: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21639
- sctp: sysctl: rto_min/max: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21640
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21642
- mptcp: sysctl: sched: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21664
- dm thin: make get_first_thin use rcu-safe list first function
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57945
- riscv: mm: Fix the out of bound issue of vmemmap address
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21660
- ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21645
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually
enabled
it
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21646
- afs: Fix the maximum cell name length
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57925
- ksmbd: fix a missing return value check bug
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57926
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
returns err
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21662
- net/mlx5: Fix variable not being completed when function returns
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21663
- net: stmmac: dwmac-tegra: Read iommu stream id from device tree
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21647
- sched: sch_cake: add bounds checks to host bulk flow fairness counts
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21648
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21652
- ipvlan: Fix use-after-free in ipvlan_get_iflink().
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21658
- btrfs: avoid NULL pointer dereference if no valid extent tree
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21653
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-47736
- erofs: handle overlapped pclusters out of crafted images properly
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57940
- exfat: fix the infinite loop in exfat_readdir()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57929
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end
* intel_idle: add Granite Rapids Xeon (D) support (LP: #2106638)
- intel_idle: add Granite Rapids Xeon support
- intel_idle: add Granite Rapids Xeon D support
* [SRU] Enable speaker/mic mute LEDs on Lenovo ideapad and thinkbook
(LP: #2106449)
- ALSA: hda: Support for Ideapad hotkey mute LEDs
- platform/x86:lenovo-wmi-hotkey-utilities.c: Support for mic and audio mute
LEDs
- [Config] Enable Lenovo wmi hotkey driver
* Backport "PCI: Wait for device readiness with Configuration RRS" to N/O
(LP: #2106251)
- PCI: Wait for device readiness with Configuration RRS
- PCI: Avoid FLR for Mediatek MT7922 WiFi
* Enable OOB P-state control for Intel Sierra Forest/Granite Rapids
(LP: #2106275)
- cpufreq: intel_pstate: Support Granite Rapids and Sierra Forest OOB mode
* mptcp BUG 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
(LP: #2101120)
- mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
* CVE-2025-21971
- net_sched: Prevent creation of classes with TC_H_ROOT
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632)
- smb/client: rename cifs_ntsd to smb_ntsd
- smb/client: rename cifs_sid to smb_sid
- smb/client: rename cifs_acl to smb_acl
- smb/client: rename cifs_ace to smb_ace
- fs/smb/client: implement chmod() for SMB3 POSIX Extensions
- smb: client: stop flooding dmesg in smb2_calc_signature()
- media: uvcvideo: Force UVC version to 1.0a for 0408:4033
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925
- watchdog: rzg2l_wdt: Remove reset de-assert from probe
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
- ALSA: ump: Use guard() for locking
- ALSA: ump: Don't open legacy substream for an inactive group
- scsi: mpi3mr: Use ida to manage mrioc ID
- scsi: mpi3mr: Start controller indexing from 0
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A
- x86/ptrace: Cleanup the definition of the pt_regs structure
- x86/ptrace: Add FRED additional information to the pt_regs structure
- Bluetooth: btusb: add callback function in btusb suspend/resume
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
- platform/x86: mlx-platform: call pci_dev_put() to balance the refcount
- mmc: sdhci-msm: fix crypto key eviction
- tracing: Handle old buffer mappings for event strings and functions
- tracing: Fix trace_check_vprintf() when tp_printk is used
- tracing: Check "%s" dereference via the field and not the TP_printk format
- RDMA/bnxt_re: Allow MSN table capability check
- RDMA/bnxt_re: Remove always true dattr validity check
- RDMA/mlx5: Enforce same type port association for multiport RoCE
- RDMA/bnxt_re: Avoid initializing the software queue for user queues
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters
- nvme-pci: 512 byte aligned dma pool segment quirk
- RDMA/bnxt_re: Fix the check for 9060 condition
- RDMA/bnxt_re: Add check for path mtu in modify_qp
- RDMA/bnxt_re: Fix reporting hw_ver in query_device
- RDMA/bnxt_re: Fix max_qp_wrs reported
- RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters
- RDMA/bnxt_re: Disable use of reserved wqes
- RDMA/bnxt_re: Add send queue size check for variable wqe
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly
- net: dsa: microchip: Fix KSZ9477 set_ageing_time function
- net: dsa: microchip: Fix LAN937X set_ageing_time function
- RDMA/hns: Refactor mtr find
- RDMA/hns: Remove unused parameters and variables
- RDMA/hns: Fix mapping error of zero-hop WQE buffer
- RDMA/hns: Fix warning storm caused by invalid input in IO path
- RDMA/hns: Fix missing flush CQE for DWQE
- ip_tunnel: annotate data-races around t->parms.link
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev()
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit()
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit()
- net: Fix netns for ip_tunnel_init_flow()
- net/mlx5: DR, select MSIX vector 0 for completion queue creation
- net/mlx5e: macsec: Maintain TX SA from encoding_sa
- drm/i915/dg1: Fix power gate sequence.
- net: llc: reset skb->transport_header
- ALSA: usb-audio: US16x08: Initialize array before use
- eth: bcmsysport: fix call balance of priv->clk handling routines
- net: mv643xx_eth: fix an OF node reference leak
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
- net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during
iep_init
- wifi: mac80211: wake the queues in case of failure in resume
- ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model
- sound: usb: enable DSD output for ddHiFi TC44C
- sound: usb: format: don't warn that raw DSD is unsupported
- bpf: fix potential error return
- ksmbd: retry iterate_dir in smb2_query_dir
- smb: client: destroy cfid_put_wq on module exit
- net: usb: qmi_wwan: add Telit FE910C04 compositions
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
- ARC: build: Try to guess GCC variant of cross compiler
- RDMA/bnxt_re: Fix the max WQE size for static WQE support
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host
- modpost: fix the missed iteration for the max bit in do_input()
- ALSA: seq: Check UMP support for midi_version change
- ALSA hda/realtek: Add quirk for Framework F111:000C
- kcov: mark in_softirq_really() as __always_inline
- scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and
transitivity
- sky2: Add device ID 11ab:4373 for Marvell 88E8075
- drm: adv7511: Drop dsi single lane support
- dt-bindings: display: adi,adv7533: Drop single lane support
- fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit
- mm/readahead: fix large folio support in async readahead
- mptcp: fix recvbuffer adjust on sleeping rcvmsg
- mptcp: don't always assume copied data in mptcp_cleanup_rbuf()
- RDMA/bnxt_re: Fix max SGEs for the Work Request
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump
- platform/x86: hp-wmi: Add thermal profile support for 8BAD boards
- platform/x86: hp-wmi: Fix platform profile option switch bug on Omen and
Victus laptops
- platform/x86: hp-wmi: Fix implementation of the platform_profile_omen_get
function
- platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile
- RDMA/core: Fix ENODEV error for iWARP test over vlan
- net: phy: micrel: Dynamically control external clock of KSZ PHY
- netdev-genl: avoid empty messages in napi get
- net: stmmac: restructure the error path of stmmac_probe_config_dt()
- net/mlx5e: Fix netif state handling
- net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only
- drm/i915/cx0_phy: Fix C10 pll programming sequence
- RDMA/bnxt_re: Fix error recovery sequence
- btrfs: allow swap activation to be interruptible
- perf/x86/intel: Add Arrow Lake U support
- ALSA: hda: cs35l56: Remove calls to
cs35l56_force_sync_asp1_registers_from_cache()
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
- spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA.
- ARC: build: disallow invalid PAE40 + 4K page config
- bpf: refactor bpf_helper_changes_pkt_data to use helper number
- bpf: consider that tail calls invalidate packet pointers
- maple_tree: reload mas before the second call for mas_empty_area
- io_uring/rw: fix downgraded mshot read
- wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_*
- net: ethernet: ti: am65-cpsw: default to round-robin for host port receive
- gve: process XSK TX descriptors as part of RX NAPI
- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup
- mm: reinstate ability to map write-sealed memfd mappings read-only
- Upstream stable to v6.6.70, v6.12.9
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57898
- wifi: cfg80211: clear link ID from bitmap during link delete after clean
up
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57882
- mptcp: fix TCP options overflow.
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57884
- mm: vmscan: account for free pages to prevent infinite Loop in
throttle_direct_reclaim()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57885
- mm/kmemleak: fix sleeping function called from invalid context at print
message
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57932
- gve: guard XDP xmit NDO on existence of xdp queues
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57933
- gve: guard XSK operations on the existence of queues
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57887
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57938
- net/sctp: Prevent autoclose integer overflow in sctp_association_init()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57889
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57890
- RDMA/uverbs: Prevent integer overflow issue
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57892
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57893
- ALSA: seq: oss: Fix races at processing SysEx messages
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57895
- ksmbd: set ATTR_CTIME flags when setting mtime
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57896
- btrfs: flush delalloc workers queue before stopping cleaner kthread during
unmount
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57897
- drm/amdkfd: Correct the migration DMA map direction
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57899
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57900
- ila: serialize calls to nf_register_net_hooks()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57901
- af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57902
- af_packet: fix vlan_get_tci() vs MSG_PEEK
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57903
- net: restrict SO_REUSEPORT to inet sockets
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-36476
- RDMA/rtrs: Ensure 'ib_sge list' is accessible
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-39282
- net: wwan: t7xx: Fix FSM command timeout issue
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57801
- net/mlx5e: Skip restore TC rules for vport rep without loaded flag
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57802
- netrom: check buffer length before accessing it
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57841
- net: fix memory leak in tcp_conn_request()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57931
- selinux: ignore unknown extended permissions
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-56761
- x86/fred: Clear WFE in missing-ENDBRANCH #CPs
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-53179
- smb: client: fix use-after-free of signing key
* uprobe-related panics during profiling (LP: #2104210)
- uprobes: Fix race in uprobe_free_utask
* ubuntu_bpf failed to build on Noble / Oracular (LP: #2069407)
- selftests/bpf: Fix compilation failure when CONFIG_NET_FOU!=y
* nfsd hangs and never recovers after NFS4ERR_DELAY and a connection loss
(LP: #2103564)
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY
* thermal: Fix temperature readings on intel hardware (LP: #2103427)
- thermal: intel: intel_tcc: Add model checks for temperature registers
- thermal: intel: intel_tcc_cooling: Use a model-specific bitmask for TCC
offset
- hwmon: (coretemp) Extend the bitmask to read temperature to 0xff
* [SRU] Fix Lenovo M70/90 gen6 micmute key and led (LP: #2101811)
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869)
- ceph: allocate sparse_ext map only for sparse reads
- mm/vmstat: fix a W=1 clang compiler warning
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress()
- tcp_bpf: Add sk_rmem_alloc related logic for tcp_bpf ingress redirection
- bpf: Check negative offsets in __bpf_skb_min_len()
- mtd: diskonchip: Cast an operand to prevent potential overflow
- mtd: rawnand: arasan: Fix double assertion of chip-select
- mtd: rawnand: arasan: Fix missing de-registration of NAND
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP
- phy: core: Fix an OF node refcount leakage in _of_phy_get()
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup()
- phy: core: Fix that API devm_phy_put() fails to release the phy
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to
unregister the phy provider
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy
- phy: usb: Toggle the PHY power during init
- phy: rockchip: naneng-combphy: fix phy reset
- dmaengine: mv_xor: fix child node refcount handling in early exit
- dmaengine: dw: Select only supported masters for ACPI devices
- dmaengine: tegra: Return correct DMA status when paused
- dmaengine: fsl-edma: implement the cleanup path of fsl_edma3_attach_pd()
- dmaengine: apple-admac: Avoid accessing registers in probe
- stddef: make __struct_group() UAPI C++-friendly
- tracing/kprobe: Make trace_kprobe's module callback called after
jump_label
update
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040
- udf: Skip parent dir link count update if corrupted
- ALSA: hda/conexant: fix Z60MR100 startup pop issue
- ALSA: sh: Use standard helper for buffer accesses
- smb: server: Fix building with GCC 15
- regmap: Use correct format specifier for logging range errors
- LoongArch: Fix reserving screen info memory for above-4G firmware
- LoongArch: BPF: Adjust the parameter of emit_jirl()
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF
- spi: intel: Add Panther Lake SPI controller support
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver
load
time
- scsi: storvsc: Do not flag MAINTENANCE_IN return of
SRB_STATUS_DATA_OVERRUN
as an error
- spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled()
- blk-mq: register cpuhp callback after hctx is added to xarray table
- blk-mq: move cpuhp callback registering out of q->sysfs_lock
- MIPS: Probe toolchain support of -msym32
- MIPS: mipsregs: Set proper ISA level for virt extensions
- freezer, sched: Report frozen tasks as 'D' instead of 'R'
- tracing: Constify string literal data member in struct trace_event_call
- io_uring/sqpoll: fix sqpoll error handling races
- i2c: microchip-core: actually use repeated sends
- i2c: imx: add imx7d compatible string for applying erratum ERR007805
- i2c: microchip-core: fix "ghost" detections
- btrfs: sysfs: fix direct super block member reads
- ALSA: sh: Fix wrong argument order for copy_from_iter()
- block: avoid to reuse `hctx` not removed from cpuhp callback list
- fork: avoid inappropriate uprobe access to invalid mm
- ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP
- power: supply: bq24190: Fix BQ24296 Vbus regulator support
- udf: Verify inode link counts before performing rename
- ALSA: ump: Indicate the inactive group in legacy substream names
- ALSA: ump: Update legacy substream names upon FB info update
- scsi: mpi3mr: Synchronize access to ioctl data buffer
- scsi: mpi3mr: Handling of fault code for insufficient power
- objtool: Add bch2_trans_unlocked_error() to bcachefs noreturns
- dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL
- perf/x86/intel/ds: Add PEBS format 6
- btrfs: add and use helper to verify the calling task has locked the inode
- btrfs: fix race with memory mapped writes when activating swap file
- btrfs: fix swap file activation failure due to extents that used to be
shared
- ALSA: ump: Shut up truncated string warning
- Upstream stable to v6.6.69, v6.12.8
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56758
- btrfs: check folio mapping after unlock in relocate_one_folio()
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56759
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57806
- btrfs: fix transaction atomicity bug when enabling simple quotas
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57793
- virt: tdx-guest: Just leak decrypted memory on unrecoverable errors
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56764
- ublk: detach gendisk from ublk device if add_disk() fails
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57804
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57792
- power: supply: gpio-charger: Fix set charge current limits
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56760
- PCI/MSI: Handle lack of irqdomain gracefully
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56763
- tracing: Prevent bad count for tracing_cpumask_write
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57946
- virtio-blk: don't keep queue frozen during system suspend
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57807
- scsi: megaraid_sas: Fix for a potential deadlock
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56767
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56769
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc
with
iommu enabled
- PCI: vmd: Create domain symlink before pci_bus_add_devices()
- PCI: Add ACS quirk for Broadcom BCM5760X NIC
- usb: cdns3-ti: Add workaround for Errata i2409
- MIPS: Loongson64: DTS: Fix msi node for ls7a
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C
- usb: cdns3: Add quirk flag to enable suspend residency
- platform/x86: p2sb: Make p2sb_get_devfn() return void
- p2sb: Factor out p2sb_read_from_cache()
- p2sb: Introduce the global flag p2sb_hidden_by_bios
- p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache()
- p2sb: Do not scan and remove the P2SB device when it is unhidden
- i2c: pnx: Fix timeout in wait functions
- xfs: fix the contact address for the sysfs ABI documentation
- xfs: verify buffer, inode, and dquot items every tx commit
- xfs: use consistent uid/gid when grabbing dquots for inodes
- xfs: declare xfs_file.c symbols in xfs_file.h
- xfs: create a new helper to return a file's allocation unit
- xfs: Fix xfs_flush_unmap_range() range for RT
- xfs: Fix xfs_prepare_shift() range for RT
- xfs: convert comma to semicolon
- xfs: fix file_path handling in tracepoints
- xfs: remove unused parameter in macro XFS_DQUOT_LOGRES
- xfs: attr forks require attr, not attr2
- xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set
- xfs: Fix the owner setting issue for rmap query in xfs fsmap
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code
- xfs: take m_growlock when running growfsrt
- xfs: reset rootdir extent size hint after growfsrt
- tools: hv: change permissions of NetworkManager configuration file
- cxl/pci: Fix potential bogus return value upon successful probing
- cxl/region: Fix region creation for greater than x2 switches
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll
- ionic: use ee->offset when returning sprom data
- net: renesas: rswitch: rework ts tags management
- net: hinic: Fix cleanup in create_rxqs/txqs()
- net: ethernet: bgmac-platform: fix an OF node reference leak
- ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems
- netfilter: ipset: Fix for recursive locking warning
- selftests: openvswitch: fix tcpdump execution
- net: mdiobus: fix an OF node reference leak
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk
- mmc: mtk-sd: disable wakeup in .remove() and in the error path of .probe()
- EDAC/amd64: Simplify ECC check on unified memory controllers
- chelsio/chtls: prevent potential integer overflow on 32bit
- i2c: riic: Always round-up when calculating bus period
- efivarfs: Fix error on non-existent file
- hexagon: Disable constant extender optimization for LLVM prior to 19.1.0
- USB: serial: option: add TCL IK512 MBIM & ECM
- USB: serial: option: add MeiG Smart SLM770A
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready
- USB: serial: option: add MediaTek T7XX compositions
- USB: serial: option: add Telit FE910C04 rmnet compositions
- thunderbolt: Improve redrive mode handling
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe()
- i915/guc: Reset engine utilization buffer before registration
- i915/guc: Ensure busyness counter increases motonically
- i915/guc: Accumulate active runtime on gt reset
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit
Registers
- hwmon: (tmp513) Fix Current Register value interpretation
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and
Limit
Registers
- zram: refuse to use zero sized block device as backing device
- zram: fix uninitialized ZRAM not releasing backing device
- zram: fix potential UAF of zram table
- vmalloc: fix accounting with i915
- btrfs: tree-checker: reject inline extent items with 0 ref count
- smb: client: fix TCP timers deadlock after rmmod
- tracing: Fix test_event_printk() to process entire print argument
- tracing: Add missing helper functions in event pointer dereference check
- tracing: Add "%s" check in test_event_printk()
- tracing: Have process_string() also allow arrays
- selftests/memfd: run sysctl tests when PID namespace support is enabled
- selftests/bpf: Use asm constraint "m" for LoongArch
- io_uring: Fix registered ring file refcount leak
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget
- of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent()
- of/irq: Fix using uninitialized variable @addr_len in API
of_irq_parse_one()
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages()
- udmabuf: also check for F_SEAL_FUTURE_WRITE
- of: Fix error path in of_parse_phandle_with_args_map()
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent()
- ceph: validate snapdirname option length when mounting
- ceph: improve error handling and short/overflow-read logic in
__ceph_sync_read()
- ceph: fix memory leaks in __ceph_sync_read()
- epoll: Add synchronous wakeup support for ep_poll_callback
- io_uring/rw: avoid punting to io-wq directly
- drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update
- xfs: sb_spino_align is not verified
- xfs: fix sparse inode limits on runt AG
- xfs: fix sb_spino_align checks for large fsblock sizes
- xfs: fix zero byte checking in the superblock scrubber
- netdev: fix repeated netlink messages in queue dump
- team: Fix feature exposure when no ports are present
- can: m_can: fix missed interrupts with m_can_pci
- netdev-genl: avoid empty messages in queue dump
- KVM: arm64: Do not allow ID_AA64MMFR0_EL1.ASIDbits to be overridden
- KVM: arm64: Fix set_id_regs selftest for ASIDBITS becoming unwritable
- net: mctp: handle skb cleanup on sock_queue failures
- xhci: retry Stop Endpoint on buggy NEC controllers
- usb: xhci: Limit Stop Endpoint retries
- usb: xhci: Avoid queuing redundant Stop Endpoint commands
- xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic
- thunderbolt: Add support for Intel Panther Lake-M/P
- thunderbolt: Don't display nvm_version unless upgrade supported
- drm/panel: st7701: Add prepare_prev_first flag to drm_panel
- drm/panel: synaptics-r63353: Fix regulator unbalance
- drm/amdgpu/nbio7.11: fix IP version check
- drm/amdgpu/nbio7.7: fix IP version check
- fgraph: Still initialize idle shadow stacks when starting
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation
- ocfs2: fix the space leak in LA when releasing LA
- of: property: fw_devlink: Do not use interrupt-parent directly
- of: address: Preserve the flags portion on 1:1 dma-ranges mapping
- Upstream stable to v6.6.68, v6.12.7
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56710
- ceph: fix memory leak in ceph_direct_read_write()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-53685
- ceph: give up on paths longer than PATH_MAX
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-54193
- accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-54455
- accel/ivpu: Fix general protection fault in ivpu_bo_list()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-53690
- nilfs2: prevent use of deleted inode
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56709
- io_uring: check if iowq is killed before queuing
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-55881
- KVM: x86: Play nice with protected guests in complete_hypercall_exit()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-55916
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56369
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56372
- net: tun: fix tun_napi_alloc_frags()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56715
- ionic: Fix netdev notifier unregister on failure
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56716
- netdevsim: prevent bad user input in nsim_dev_health_break_write()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56717
- net: mscc: ocelot: fix incorrect IFH SRC_PORT field in
ocelot_ifh_set_basic()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-57791
- net/smc: check return value of sock_recvmsg when draining clc data
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-47408
- net/smc: check smcd_v2_ext_offset when receiving proposal msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-49568
- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal
msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-49571
- net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal
msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56718
- net/smc: protect link down work from execute after lgr freed
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-41013
- xfs: don't walk off the end of a directory data block
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181)
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing
PEBS_DATA_CFG
- ksmbd: fix racy issue from session lookup and expire
- splice: do not checksum AF_UNIX sockets
- tcp: check space before adding MPTCP SYN options
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5
- usb: host: max3421-hcd: Correctly abort a USB request.
- ata: sata_highbank: fix OF node reference leak in
highbank_initialize_phys()
- usb: dwc2: Fix HCD resume
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature
- usb: dwc2: Fix HCD port connection race
- scsi: ufs: core: Update compl_time_stamp_local_clock after completing a
cqe
- usb: gadget: midi2: Fix interpretation of is_midi1 bits
- usb: ehci-hcd: fix call balance of clocks handling routines
- usb: typec: anx7411: fix fwnode_handle reference leak
- usb: typec: anx7411: fix OF node reference leaks in
anx7411_typec_switch_probe()
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode
- drm/i915: Fix memory leak by correcting cache object name in error handler
- xfs: update btree keys correctly when _insrec splits an inode root block
- xfs: don't drop errno values when we fail to ficlone the entire range
- xfs: return from xfs_symlink_verify early on V4 filesystems
- xfs: fix scrub tracepoints when inode-rooted btrees are involved
- xfs: only run precommits once per transaction object
- bpf: Check size for BTF-based ctx access of pointer members
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func()
- bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
- bpf, sockmap: Fix update element with same
- wifi: mac80211: init cnt before accessing elem in
ieee80211_copy_mbssid_beacon
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters()
- wifi: mac80211: fix station NSS capability initialization order
- batman-adv: Do not send uninitialized TT changes
- batman-adv: Remove uninitialized data in full table TT response
- batman-adv: Do not let TT changes list grows indefinitely
- wifi: cfg80211: sme: init n_channels before channels[] access
- selftests: mlxsw: sharedbuffer: Remove h1 ingress test case
- selftests: mlxsw: sharedbuffer: Remove duplicate test cases
- selftests: mlxsw: sharedbuffer: Ensure no extra packets are counted
- ptp: kvm: x86: Return EOPNOTSUPP instead of ENODEV from
kvm_arch_ptp_init()
- net: mscc: ocelot: fix memory leak on ocelot_port_add_txtstamp_skb()
- net: mscc: ocelot: improve handling of TX timestamp for unknown skb
- net: mscc: ocelot: ocelot->ts_id_lock and ocelot_port->tx_skbs.lock are
IRQ-
safe
- net: mscc: ocelot: be resilient to loss of PTP packets during transmission
- net: mscc: ocelot: perform error cleanup in ocelot_hwstamp_set()
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user()
- net: sparx5: fix FDMA performance issue
- net: sparx5: fix the maximum frame length register
- ACPI: resource: Fix memory resource type union access
- cxgb4: use port number to set mac addr
- qca_spi: Fix clock speed for multiple QCA7000
- qca_spi: Make driver probing reliable
- ASoC: amd: yc: Fix the wrong return value
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value
- net: renesas: rswitch: fix race window between tx start and complete
- net: renesas: rswitch: fix leaked pointer on error path
- net: renesas: rswitch: handle stop vs interrupt race
- net: dsa: felix: fix stuck CPU-injected packets with short taprio windows
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
- bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
- team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
- ACPICA: events/evxfregn: don't release the ContextMutex that was never
acquired
- Bluetooth: iso: Fix recursive locking warning
- Bluetooth: SCO: Add support for 16 bits transparent voice setting
- net: renesas: rswitch: fix initial MPIC register setting
- net: dsa: microchip: KSZ9896 register regmap alignment to 32 bit
boundaries
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights()
- kselftest/arm64: abi: fix SVCR detection
- KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
- selftests/bpf: remove use of __xlated()
- xen/netfront: fix crash when removing device
- x86: make get_cpu_vendor() accessible from Xen code
- objtool/x86: allow syscall instruction
- x86/static-call: provide a way to do very early static-call updates
- x86/xen: don't do PV iret hypercall through hypercall page
- x86/xen: add central hypercall functions
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
- x86/xen: add FRAME_END to xen_hypercall_hvm()
- x86/xen: use new hypercall functions instead of hypercall page
- x86/xen: remove hypercall page
- x86/static-call: fix 32-bit build
- x86/asm: Make serialize() always_inline
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
- serial: sh-sci: Check if TX data was written to device in .tx_empty()
- gpio: ljca: Initialize num before accessing item in ljca_gpio_config
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5
- drm/amdkfd: Use device based logging for errors
- drm/amdkfd: pause autosuspend when creating pdd
- drm/amdkfd: fixed page fault when enable MES shader debugger
- drm/i915/color: Stop using non-posted DSB writes for legacy LUT
- drm/amd/pm: Set SMU v13.0.7 default workload type
- xfs: return a 64-bit block count from xfs_btree_count_blocks
- perf machine: Initialize machine->env to address a segfault
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips
- net: renesas: rswitch: fix possible early skb release
- Bluetooth: Improve setsockopt() handling of malformed user input
- libperf: evlist: Fix --cpu argument on hybrid platform
- selftests: netfilter: Stabilize rpath.sh
- net, team, bonding: Add netdev_base_features helper
- bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features
- team: Fix initial vlan_feature set in __team_compute_features
- drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt
- Upstream stable to v6.6.67, v6.12.6
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56652
- drm/xe/reg_sr: Remove register pool
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-54460
- Bluetooth: iso: Fix circular lock in iso_listen_bis
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-57879
- Bluetooth: iso: Always release hdev at the end of iso_listen_bis
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56656
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-53125
- bpf: sync_linked_regs() must preserve subreg_def
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56654
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56770
- net/sched: netem: account for backlog updates from child qdisc
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-54683
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-55639
- net: renesas: rswitch: avoid use-after-put for a device tree node
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56657
- ALSA: control: Avoid WARN() for symlink errors
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56659
- net: lapb: increase LAPB_HEADER_LEN
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56660
- net/mlx5: DR, prevent potential error pointer dereference
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56662
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56664
- bpf, sockmap: Fix race between element replace and close()
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56667
- drm/i915: Fix NULL pointer dereference in capture_engine
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56670
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to
accessing null pointer
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-53687
- riscv: Fix IPIs usage in kfence_protect_page()
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56675
- bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
* Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
- selftests: net: Remove executable bits from library scripts
* CVE-2024-56653
- Bluetooth: btmtk: avoid UAF in btmtk_process_coredump
-- Benjamin Wheeler <benjamin.whee...@canonical.com> Thu, 01 May 2025
09:39:04 -0400
** Changed in: linux-gkeop (Ubuntu Noble)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gke in Ubuntu.
https://bugs.launchpad.net/bugs/2108862
Title:
Regression in NFS ro mount behavior
Status in linux-gke package in Ubuntu:
Fix Committed
Status in linux-gkeop package in Ubuntu:
Fix Committed
Status in linux-gke source package in Jammy:
Fix Committed
Status in linux-gkeop source package in Jammy:
Fix Released
Status in linux-gke source package in Noble:
Fix Released
Status in linux-gkeop source package in Noble:
Fix Released
Bug description:
[Impact]
Google: "We discovered an issue with upstream patch
52cb7f8f177878b4f22397b9c4d2c8f743766be3 that caused RW nfs mounts to be
mounted as RO when there was an existing nfs RO mount on the same node."
The break commit was found on jammy:gke/gkeop and noble:gke/gkeop.
[Fix]
Apply the fix proposed on lkml at
https://lore.kernel.org/lkml/20250304130533.549840-1-lilingfe...@huawei.com/T/
The commit titled "nfs: clear SB_RDONLY before getting superblock"
should address the issue. Because it has not been applied to any
trees, it will be initially applied as an UBUNTU: SAUCE: patch.
[Test]
A reproducer was included with the initial bug report at
https://www.spinics.net/lists/linux-nfs/msg109544.html
# Reproducer
mkdir -p /export/{stuff,things}/dir{1,2,3,4}
echo '/export/stuff *(rw)' >> /etc/exports
echo '/export/things *(rw)' >> /etc/exports
systemctl restart nfs-server
mount -t nfs -o ro,vers=3 localhost:/export/stuff /mnt/stuff
mount -t nfs -o rw,vers=3 localhost:/export/things /mnt/things
grep -w nfs /proc/mounts
# note that both mountpoints are ro, despite the explicit ro/rw options
# reversing the order of mounts gives a different result
After the fix, the read only mount should be properly tagged as read
only, and the read/write mount should be properly tagged as
read/write.
[Where problems could occur]
This is a fairly small patch which directly addresses a reproducible issue,
so its scope of influence should be pretty limited. We do take some risk by
applying this patch before it has been approved by upstream maintainers, so
this won't be going into generic kernels until then.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-gke/+bug/2108862/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
