This bug was fixed in the package linux-gcp - 6.8.0-1030.32
---------------
linux-gcp (6.8.0-1030.32) noble; urgency=medium
* noble/linux-gcp: 6.8.0-1030.32 -proposed tracker (LP: #2107111)
* Packaging resync (LP: #1786013)
- [Packaging] debian.gcp/dkms-versions -- update from kernel-versions
(main/2025.04.14)
* IDPF: TX timeout and crash (LP: #2093622)
- idpf: make virtchnl2.h self-contained
- idpf: split &idpf_queue into 4 strictly-typed queue structures
- idpf: fix memory leaks and crashes while performing a soft reset
- idpf: enable WB_ON_ITR
- idpf: fix idpf_vc_core_init error path
- idpf: add support for SW triggered interrupts
- idpf: trigger SW interrupt when exiting wb_on_itr mode
* kdump failures with instances using IDPF (LP: #2104324)
- idpf: call set_real_num_queues in idpf_open
* GCP kernels need CONFIG_VIRTIO_BALLOON=m (not =y) (LP: #2105142)
- [Packaging] gcp: Make virtio_balloon loadable
[ Ubuntu: 6.8.0-60.63 ]
* noble/linux: 6.8.0-60.63 -proposed tracker (LP: #2107138)
* Packaging resync (LP: #1786013)
- [Packaging] debian.master/dkms-versions -- update from kernel-versions
(main/2025.04.14)
* Missing upstream commits for LP: #2102181 (LP: #2107336)
- libperf cpumap: Add any, empty and min helpers
- libperf cpumap: Ensure empty cpumap is NULL from alloc
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770)
- memblock: use numa_valid_node() helper to check for invalid node ID
- jbd2: increase IO priority for writing revoke records
- jbd2: flush filesystem device before updating tail sequence
- dm array: fix unreleased btree blocks on closing a faulty array cursor
- dm array: fix cursor index when skipping across block boundaries
- exfat: fix the infinite loop in __exfat_free_cluster()
- erofs: fix PSI memstall accounting
- ASoC: rt722: add delay time to wait for the calibration procedure
- ASoC: mediatek: disable buffer pre-allocation
- selftests/alsa: Fix circular dependency involving global-timer
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
- net: 802: LLC+SNAP OID:PID lookup on start of skb data
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero
- net: libwx: fix firmware mailbox abnormal return
- pds_core: limit loop over fw name list
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails
- cxgb4: Avoid removal of uninserted tid
- ice: fix incorrect PHY settings for 100 GB/s
- igc: return early when failing to read EECD register
- tls: Fix tls_sw_sendmsg error handling
- eth: gve: use appropriate helper to set xdp_features
- Bluetooth: hci_sync: Fix not setting Random Address when required
- Bluetooth: MGMT: Fix Add Device to responding before completing
- Bluetooth: btnxpuart: Fix driver sending truncated data
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
- riscv: Fix early ftrace nop patching
- memblock tests: fix implicit declaration of function 'numa_valid_node'
- iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on
- netfilter: nf_tables: imbalance in flowtable binding
- drm/mediatek: stop selecting foreign drivers
- [Config] updateconfigs for MTK_SMI
- drm/mediatek: Fix YCbCr422 color format issue for DP
- drm/mediatek: Fix mode valid issue for dp
- drm/mediatek: Add return value check when reading DPCD
- cpuidle: riscv-sbi: fix device node release in early exit of
for_each_possible_cpu
- scsi: ufs: qcom: Power off the PHY if it was already powered on in
ufs_qcom_power_up_sequence()
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
- ksmbd: Implement new SMB3 POSIX type
- thermal: of: fix OF node leak in of_thermal_zone_find()
- smb: client: sync the root session and superblock context passwords before
automounting
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
- ACPI: resource: Add Asus Vivobook X1504VAP to
irq1_level_low_skip_override[]
- drm/amd/display: increase MAX_SURFACES to the value supported by hw
- io_uring/timeout: fix multishot updates
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take
2)
- USB: serial: option: add MeiG Smart SRM815
- USB: serial: option: add Neoway N723-EA support
- staging: iio: ad9834: Correct phase range check
- staging: iio: ad9832: Correct phase range check
- usb-storage: Add max sectors quirk for Nokia 208
- USB: serial: cp210x: add Phoenix Contact UPS Device
- usb: dwc3: gadget: fix writing NYET threshold
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
config
- tty: serial: 8250: Fix another runtime PM usage counter underflow
- usb: dwc3-am62: Disable autosuspend during remove
- USB: usblp: return error when setting unsupported protocol
- USB: core: Disable LPM only for non-suspended ports
- usb: fix reference leak in usb_new_device()
- usb: gadget: midi2: Reverse-select at the right place
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and
in
the error path of .probe()
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
- usb: typec: tcpm/tcpci_maxim: fix error code in
max_contaminant_read_resistance_kohm()
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev
- iio: gyro: fxas21002c: Fix missing data update in trigger handler
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
- iio: inkern: call iio_device_put() only on mapped devices
- iio: adc: ad7124: Disable all channels at probe time
- riscv: kprobes: Fix incorrect address calculation
- ARM: dts: imxrt1050: Fix clocks for mmc
- arm64: dts: rockchip: add hevc power domain clock to rk3328
- pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop
- pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe()
- workqueue: Add rcu lock check at the end of work item execution
- workqueue: Update lock debugging code
- mm/hugetlb: enforce that PMD PT sharing has split PMD PT locks
- riscv: Fix text patching when IPI are used
- drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported
- ovl: pass realinode to ovl_encode_real_fh() instead of realdentry
- net: don't dump Tx and uninitialized NAPIs
- ice: fix max values for dpll pin phase adjust
- net: hns3: fixed reset failure issues caused by the incorrect reset type
- net: hns3: fix missing features due to dev->features configuration too
early
- net: hns3: Resolved the issue that the debugfs query result is
inconsistent.
- net: hns3: initialize reset_timer before hclgevf_misc_irq_init()
- mctp i3c: fix MCTP I3C driver multi-thread issue
- drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb()
- drm/mediatek: Add support for 180-degree rotation in the display driver
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188
- platform/x86: intel/pmc: Fix ioremap() of bad address
- riscv: module: remove relocation_head rel_entry member allocation
- cgroup/cpuset: Prevent leakage of isolated CPUs into sched domains
- fs: kill MNT_ONRB
- gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset
- drm/amd/pm: fix BUG: scheduling while atomic
- drm/amdkfd: wq_release signals dma_fence only when available
- drm/amd/display: fix divide error in DM plane scale calcs
- drm/amd/display: fix page fault due to max surface definition mismatch
- serial: stm32: use port lock wrappers for break control
- usb: host: xhci-plat: set skip_phy_initialization if software node has
XHCI_SKIP_PHY_INIT property
- iio: imu: inv_icm42600: add register caching in the regmap
- iio: imu: inv_icm42600: fix spi burst write not supported
- Upstream stable to v6.6.71, v6.6.72, v6.12.10
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21659
- netdev: prevent accessing NAPI instances from another namespace
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21634
- cgroup/cpuset: remove kernfs active break
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21635
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21643
- netfs: Fix kernel async DIO
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21649
- net: hns3: fix kernel crash when 1588 is sent on HIP08 devices
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21650
- net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21651
- net: hns3: don't auto enable misc vector
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21654
- ovl: support encoding fid from inode with no alias
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57883
- mm: hugetlb: independent PMD page table shared count
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57888
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from
!WQ_MEM_RECLAIM worker
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21631
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21656
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors
occur
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21655
- io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57904
- iio: adc: at91: call input_free_device() on allocated iio_dev
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57906
- iio: adc: ti-ads8688: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57907
- iio: adc: rockchip_saradc: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57908
- iio: imu: kmx61: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57910
- iio: light: vcnl4035: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57911
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57912
- iio: pressure: zpa2326: fix information leak in triggered buffer
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57913
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21632
- x86/fpu: Ensure shadow stack is active before "getting" registers
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57916
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57917
- topology: Keep the cpumask unchanged when printing cpumap
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57939
- riscv: Fix sleeping in invalid context in die()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21636
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21637
- sctp: sysctl: udp_port: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21638
- sctp: sysctl: auth_enable: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21639
- sctp: sysctl: rto_min/max: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21640
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21642
- mptcp: sysctl: sched: avoid using current->nsproxy
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21664
- dm thin: make get_first_thin use rcu-safe list first function
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57945
- riscv: mm: Fix the out of bound issue of vmemmap address
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21660
- ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21645
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually
enabled
it
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21646
- afs: Fix the maximum cell name length
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57925
- ksmbd: fix a missing return value check bug
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57926
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
returns err
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21662
- net/mlx5: Fix variable not being completed when function returns
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21663
- net: stmmac: dwmac-tegra: Read iommu stream id from device tree
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21647
- sched: sch_cake: add bounds checks to host bulk flow fairness counts
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21648
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21652
- ipvlan: Fix use-after-free in ipvlan_get_iflink().
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21658
- btrfs: avoid NULL pointer dereference if no valid extent tree
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2025-21653
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-47736
- erofs: handle overlapped pclusters out of crafted images properly
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57940
- exfat: fix the infinite loop in exfat_readdir()
* Noble update: upstream stable patchset 2025-04-10 (LP: #2106770) //
CVE-2024-57929
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end
* intel_idle: add Granite Rapids Xeon (D) support (LP: #2106638)
- intel_idle: add Granite Rapids Xeon support
- intel_idle: add Granite Rapids Xeon D support
* [SRU] Enable speaker/mic mute LEDs on Lenovo ideapad and thinkbook
(LP: #2106449)
- ALSA: hda: Support for Ideapad hotkey mute LEDs
- platform/x86:lenovo-wmi-hotkey-utilities.c: Support for mic and audio mute
LEDs
- [Config] Enable Lenovo wmi hotkey driver
* Backport "PCI: Wait for device readiness with Configuration RRS" to N/O
(LP: #2106251)
- PCI: Wait for device readiness with Configuration RRS
- PCI: Avoid FLR for Mediatek MT7922 WiFi
* Enable OOB P-state control for Intel Sierra Forest/Granite Rapids
(LP: #2106275)
- cpufreq: intel_pstate: Support Granite Rapids and Sierra Forest OOB mode
* mptcp BUG 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
(LP: #2101120)
- mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
* CVE-2025-21971
- net_sched: Prevent creation of classes with TC_H_ROOT
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632)
- smb/client: rename cifs_ntsd to smb_ntsd
- smb/client: rename cifs_sid to smb_sid
- smb/client: rename cifs_acl to smb_acl
- smb/client: rename cifs_ace to smb_ace
- fs/smb/client: implement chmod() for SMB3 POSIX Extensions
- smb: client: stop flooding dmesg in smb2_calc_signature()
- media: uvcvideo: Force UVC version to 1.0a for 0408:4033
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925
- watchdog: rzg2l_wdt: Remove reset de-assert from probe
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
- ALSA: ump: Use guard() for locking
- ALSA: ump: Don't open legacy substream for an inactive group
- scsi: mpi3mr: Use ida to manage mrioc ID
- scsi: mpi3mr: Start controller indexing from 0
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A
- x86/ptrace: Cleanup the definition of the pt_regs structure
- x86/ptrace: Add FRED additional information to the pt_regs structure
- Bluetooth: btusb: add callback function in btusb suspend/resume
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
- platform/x86: mlx-platform: call pci_dev_put() to balance the refcount
- mmc: sdhci-msm: fix crypto key eviction
- tracing: Handle old buffer mappings for event strings and functions
- tracing: Fix trace_check_vprintf() when tp_printk is used
- tracing: Check "%s" dereference via the field and not the TP_printk format
- RDMA/bnxt_re: Allow MSN table capability check
- RDMA/bnxt_re: Remove always true dattr validity check
- RDMA/mlx5: Enforce same type port association for multiport RoCE
- RDMA/bnxt_re: Avoid initializing the software queue for user queues
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters
- nvme-pci: 512 byte aligned dma pool segment quirk
- RDMA/bnxt_re: Fix the check for 9060 condition
- RDMA/bnxt_re: Add check for path mtu in modify_qp
- RDMA/bnxt_re: Fix reporting hw_ver in query_device
- RDMA/bnxt_re: Fix max_qp_wrs reported
- RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters
- RDMA/bnxt_re: Disable use of reserved wqes
- RDMA/bnxt_re: Add send queue size check for variable wqe
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly
- net: dsa: microchip: Fix KSZ9477 set_ageing_time function
- net: dsa: microchip: Fix LAN937X set_ageing_time function
- RDMA/hns: Refactor mtr find
- RDMA/hns: Remove unused parameters and variables
- RDMA/hns: Fix mapping error of zero-hop WQE buffer
- RDMA/hns: Fix warning storm caused by invalid input in IO path
- RDMA/hns: Fix missing flush CQE for DWQE
- ip_tunnel: annotate data-races around t->parms.link
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev()
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit()
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit()
- net: Fix netns for ip_tunnel_init_flow()
- net/mlx5: DR, select MSIX vector 0 for completion queue creation
- net/mlx5e: macsec: Maintain TX SA from encoding_sa
- drm/i915/dg1: Fix power gate sequence.
- net: llc: reset skb->transport_header
- ALSA: usb-audio: US16x08: Initialize array before use
- eth: bcmsysport: fix call balance of priv->clk handling routines
- net: mv643xx_eth: fix an OF node reference leak
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
- net: ti: icssg-prueth: Fix clearing of IEP_CMP_CFG registers during
iep_init
- wifi: mac80211: wake the queues in case of failure in resume
- ALSA: hda/ca0132: Use standard HD-audio quirk matching helpers
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model
- sound: usb: enable DSD output for ddHiFi TC44C
- sound: usb: format: don't warn that raw DSD is unsupported
- bpf: fix potential error return
- ksmbd: retry iterate_dir in smb2_query_dir
- smb: client: destroy cfid_put_wq on module exit
- net: usb: qmi_wwan: add Telit FE910C04 compositions
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
- ARC: build: Try to guess GCC variant of cross compiler
- RDMA/bnxt_re: Fix the max WQE size for static WQE support
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host
- modpost: fix the missed iteration for the max bit in do_input()
- ALSA: seq: Check UMP support for midi_version change
- ALSA hda/realtek: Add quirk for Framework F111:000C
- kcov: mark in_softirq_really() as __always_inline
- scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and
transitivity
- sky2: Add device ID 11ab:4373 for Marvell 88E8075
- drm: adv7511: Drop dsi single lane support
- dt-bindings: display: adi,adv7533: Drop single lane support
- fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit
- mm/readahead: fix large folio support in async readahead
- mptcp: fix recvbuffer adjust on sleeping rcvmsg
- mptcp: don't always assume copied data in mptcp_cleanup_rbuf()
- RDMA/bnxt_re: Fix max SGEs for the Work Request
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump
- platform/x86: hp-wmi: Add thermal profile support for 8BAD boards
- platform/x86: hp-wmi: Fix platform profile option switch bug on Omen and
Victus laptops
- platform/x86: hp-wmi: Fix implementation of the platform_profile_omen_get
function
- platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile
- RDMA/core: Fix ENODEV error for iWARP test over vlan
- net: phy: micrel: Dynamically control external clock of KSZ PHY
- netdev-genl: avoid empty messages in napi get
- net: stmmac: restructure the error path of stmmac_probe_config_dt()
- net/mlx5e: Fix netif state handling
- net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only
- drm/i915/cx0_phy: Fix C10 pll programming sequence
- RDMA/bnxt_re: Fix error recovery sequence
- btrfs: allow swap activation to be interruptible
- perf/x86/intel: Add Arrow Lake U support
- ALSA: hda: cs35l56: Remove calls to
cs35l56_force_sync_asp1_registers_from_cache()
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
- spi: spi-cadence-qspi: Disable STIG mode for Altera SoCFPGA.
- ARC: build: disallow invalid PAE40 + 4K page config
- bpf: refactor bpf_helper_changes_pkt_data to use helper number
- bpf: consider that tail calls invalidate packet pointers
- maple_tree: reload mas before the second call for mas_empty_area
- io_uring/rw: fix downgraded mshot read
- wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_*
- net: ethernet: ti: am65-cpsw: default to round-robin for host port receive
- gve: process XSK TX descriptors as part of RX NAPI
- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup
- mm: reinstate ability to map write-sealed memfd mappings read-only
- Upstream stable to v6.6.70, v6.12.9
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57898
- wifi: cfg80211: clear link ID from bitmap during link delete after clean
up
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57882
- mptcp: fix TCP options overflow.
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57884
- mm: vmscan: account for free pages to prevent infinite Loop in
throttle_direct_reclaim()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57885
- mm/kmemleak: fix sleeping function called from invalid context at print
message
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57932
- gve: guard XDP xmit NDO on existence of xdp queues
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57933
- gve: guard XSK operations on the existence of queues
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57887
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57938
- net/sctp: Prevent autoclose integer overflow in sctp_association_init()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57889
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57890
- RDMA/uverbs: Prevent integer overflow issue
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57892
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57893
- ALSA: seq: oss: Fix races at processing SysEx messages
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57895
- ksmbd: set ATTR_CTIME flags when setting mtime
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57896
- btrfs: flush delalloc workers queue before stopping cleaner kthread during
unmount
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57897
- drm/amdkfd: Correct the migration DMA map direction
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57899
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57900
- ila: serialize calls to nf_register_net_hooks()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57901
- af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57902
- af_packet: fix vlan_get_tci() vs MSG_PEEK
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57903
- net: restrict SO_REUSEPORT to inet sockets
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-36476
- RDMA/rtrs: Ensure 'ib_sge list' is accessible
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-39282
- net: wwan: t7xx: Fix FSM command timeout issue
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57801
- net/mlx5e: Skip restore TC rules for vport rep without loaded flag
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57802
- netrom: check buffer length before accessing it
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57841
- net: fix memory leak in tcp_conn_request()
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-57931
- selinux: ignore unknown extended permissions
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-56761
- x86/fred: Clear WFE in missing-ENDBRANCH #CPs
* Noble update: upstream stable patchset 2025-04-09 (LP: #2106632) //
CVE-2024-53179
- smb: client: fix use-after-free of signing key
* uprobe-related panics during profiling (LP: #2104210)
- uprobes: Fix race in uprobe_free_utask
* ubuntu_bpf failed to build on Noble / Oracular (LP: #2069407)
- selftests/bpf: Fix compilation failure when CONFIG_NET_FOU!=y
* nfsd hangs and never recovers after NFS4ERR_DELAY and a connection loss
(LP: #2103564)
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY
* thermal: Fix temperature readings on intel hardware (LP: #2103427)
- thermal: intel: intel_tcc: Add model checks for temperature registers
- thermal: intel: intel_tcc_cooling: Use a model-specific bitmask for TCC
offset
- hwmon: (coretemp) Extend the bitmask to read temperature to 0xff
* [SRU] Fix Lenovo M70/90 gen6 micmute key and led (LP: #2101811)
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869)
- ceph: allocate sparse_ext map only for sparse reads
- mm/vmstat: fix a W=1 clang compiler warning
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress()
- tcp_bpf: Add sk_rmem_alloc related logic for tcp_bpf ingress redirection
- bpf: Check negative offsets in __bpf_skb_min_len()
- mtd: diskonchip: Cast an operand to prevent potential overflow
- mtd: rawnand: arasan: Fix double assertion of chip-select
- mtd: rawnand: arasan: Fix missing de-registration of NAND
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP
- phy: core: Fix an OF node refcount leakage in _of_phy_get()
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup()
- phy: core: Fix that API devm_phy_put() fails to release the phy
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to
unregister the phy provider
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy
- phy: usb: Toggle the PHY power during init
- phy: rockchip: naneng-combphy: fix phy reset
- dmaengine: mv_xor: fix child node refcount handling in early exit
- dmaengine: dw: Select only supported masters for ACPI devices
- dmaengine: tegra: Return correct DMA status when paused
- dmaengine: fsl-edma: implement the cleanup path of fsl_edma3_attach_pd()
- dmaengine: apple-admac: Avoid accessing registers in probe
- stddef: make __struct_group() UAPI C++-friendly
- tracing/kprobe: Make trace_kprobe's module callback called after
jump_label
update
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040
- udf: Skip parent dir link count update if corrupted
- ALSA: hda/conexant: fix Z60MR100 startup pop issue
- ALSA: sh: Use standard helper for buffer accesses
- smb: server: Fix building with GCC 15
- regmap: Use correct format specifier for logging range errors
- LoongArch: Fix reserving screen info memory for above-4G firmware
- LoongArch: BPF: Adjust the parameter of emit_jirl()
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF
- spi: intel: Add Panther Lake SPI controller support
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver
load
time
- scsi: storvsc: Do not flag MAINTENANCE_IN return of
SRB_STATUS_DATA_OVERRUN
as an error
- spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled()
- blk-mq: register cpuhp callback after hctx is added to xarray table
- blk-mq: move cpuhp callback registering out of q->sysfs_lock
- MIPS: Probe toolchain support of -msym32
- MIPS: mipsregs: Set proper ISA level for virt extensions
- freezer, sched: Report frozen tasks as 'D' instead of 'R'
- tracing: Constify string literal data member in struct trace_event_call
- io_uring/sqpoll: fix sqpoll error handling races
- i2c: microchip-core: actually use repeated sends
- i2c: imx: add imx7d compatible string for applying erratum ERR007805
- i2c: microchip-core: fix "ghost" detections
- btrfs: sysfs: fix direct super block member reads
- ALSA: sh: Fix wrong argument order for copy_from_iter()
- block: avoid to reuse `hctx` not removed from cpuhp callback list
- fork: avoid inappropriate uprobe access to invalid mm
- ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP
- power: supply: bq24190: Fix BQ24296 Vbus regulator support
- udf: Verify inode link counts before performing rename
- ALSA: ump: Indicate the inactive group in legacy substream names
- ALSA: ump: Update legacy substream names upon FB info update
- scsi: mpi3mr: Synchronize access to ioctl data buffer
- scsi: mpi3mr: Handling of fault code for insufficient power
- objtool: Add bch2_trans_unlocked_error() to bcachefs noreturns
- dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL
- perf/x86/intel/ds: Add PEBS format 6
- btrfs: add and use helper to verify the calling task has locked the inode
- btrfs: fix race with memory mapped writes when activating swap file
- btrfs: fix swap file activation failure due to extents that used to be
shared
- ALSA: ump: Shut up truncated string warning
- Upstream stable to v6.6.69, v6.12.8
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56758
- btrfs: check folio mapping after unlock in relocate_one_folio()
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56759
- btrfs: fix use-after-free when COWing tree bock and tracing is enabled
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57806
- btrfs: fix transaction atomicity bug when enabling simple quotas
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57793
- virt: tdx-guest: Just leak decrypted memory on unrecoverable errors
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56764
- ublk: detach gendisk from ublk device if add_disk() fails
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57804
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57792
- power: supply: gpio-charger: Fix set charge current limits
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56760
- PCI/MSI: Handle lack of irqdomain gracefully
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56763
- tracing: Prevent bad count for tracing_cpumask_write
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57946
- virtio-blk: don't keep queue frozen during system suspend
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-57807
- scsi: megaraid_sas: Fix for a potential deadlock
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56767
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
* Noble update: upstream stable patchset 2025-03-22 (LP: #2103869) //
CVE-2024-56769
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc
with
iommu enabled
- PCI: vmd: Create domain symlink before pci_bus_add_devices()
- PCI: Add ACS quirk for Broadcom BCM5760X NIC
- usb: cdns3-ti: Add workaround for Errata i2409
- MIPS: Loongson64: DTS: Fix msi node for ls7a
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C
- usb: cdns3: Add quirk flag to enable suspend residency
- platform/x86: p2sb: Make p2sb_get_devfn() return void
- p2sb: Factor out p2sb_read_from_cache()
- p2sb: Introduce the global flag p2sb_hidden_by_bios
- p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache()
- p2sb: Do not scan and remove the P2SB device when it is unhidden
- i2c: pnx: Fix timeout in wait functions
- xfs: fix the contact address for the sysfs ABI documentation
- xfs: verify buffer, inode, and dquot items every tx commit
- xfs: use consistent uid/gid when grabbing dquots for inodes
- xfs: declare xfs_file.c symbols in xfs_file.h
- xfs: create a new helper to return a file's allocation unit
- xfs: Fix xfs_flush_unmap_range() range for RT
- xfs: Fix xfs_prepare_shift() range for RT
- xfs: convert comma to semicolon
- xfs: fix file_path handling in tracepoints
- xfs: remove unused parameter in macro XFS_DQUOT_LOGRES
- xfs: attr forks require attr, not attr2
- xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set
- xfs: Fix the owner setting issue for rmap query in xfs fsmap
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code
- xfs: take m_growlock when running growfsrt
- xfs: reset rootdir extent size hint after growfsrt
- tools: hv: change permissions of NetworkManager configuration file
- cxl/pci: Fix potential bogus return value upon successful probing
- cxl/region: Fix region creation for greater than x2 switches
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll
- ionic: use ee->offset when returning sprom data
- net: renesas: rswitch: rework ts tags management
- net: hinic: Fix cleanup in create_rxqs/txqs()
- net: ethernet: bgmac-platform: fix an OF node reference leak
- ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems
- netfilter: ipset: Fix for recursive locking warning
- selftests: openvswitch: fix tcpdump execution
- net: mdiobus: fix an OF node reference leak
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk
- mmc: mtk-sd: disable wakeup in .remove() and in the error path of .probe()
- EDAC/amd64: Simplify ECC check on unified memory controllers
- chelsio/chtls: prevent potential integer overflow on 32bit
- i2c: riic: Always round-up when calculating bus period
- efivarfs: Fix error on non-existent file
- hexagon: Disable constant extender optimization for LLVM prior to 19.1.0
- USB: serial: option: add TCL IK512 MBIM & ECM
- USB: serial: option: add MeiG Smart SLM770A
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready
- USB: serial: option: add MediaTek T7XX compositions
- USB: serial: option: add Telit FE910C04 rmnet compositions
- thunderbolt: Improve redrive mode handling
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe()
- i915/guc: Reset engine utilization buffer before registration
- i915/guc: Ensure busyness counter increases motonically
- i915/guc: Accumulate active runtime on gt reset
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit
Registers
- hwmon: (tmp513) Fix Current Register value interpretation
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and
Limit
Registers
- zram: refuse to use zero sized block device as backing device
- zram: fix uninitialized ZRAM not releasing backing device
- zram: fix potential UAF of zram table
- vmalloc: fix accounting with i915
- btrfs: tree-checker: reject inline extent items with 0 ref count
- smb: client: fix TCP timers deadlock after rmmod
- tracing: Fix test_event_printk() to process entire print argument
- tracing: Add missing helper functions in event pointer dereference check
- tracing: Add "%s" check in test_event_printk()
- tracing: Have process_string() also allow arrays
- selftests/memfd: run sysctl tests when PID namespace support is enabled
- selftests/bpf: Use asm constraint "m" for LoongArch
- io_uring: Fix registered ring file refcount leak
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget
- of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent()
- of/irq: Fix using uninitialized variable @addr_len in API
of_irq_parse_one()
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages()
- udmabuf: also check for F_SEAL_FUTURE_WRITE
- of: Fix error path in of_parse_phandle_with_args_map()
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent()
- ceph: validate snapdirname option length when mounting
- ceph: improve error handling and short/overflow-read logic in
__ceph_sync_read()
- ceph: fix memory leaks in __ceph_sync_read()
- epoll: Add synchronous wakeup support for ep_poll_callback
- io_uring/rw: avoid punting to io-wq directly
- drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update
- xfs: sb_spino_align is not verified
- xfs: fix sparse inode limits on runt AG
- xfs: fix sb_spino_align checks for large fsblock sizes
- xfs: fix zero byte checking in the superblock scrubber
- netdev: fix repeated netlink messages in queue dump
- team: Fix feature exposure when no ports are present
- can: m_can: fix missed interrupts with m_can_pci
- netdev-genl: avoid empty messages in queue dump
- KVM: arm64: Do not allow ID_AA64MMFR0_EL1.ASIDbits to be overridden
- KVM: arm64: Fix set_id_regs selftest for ASIDBITS becoming unwritable
- net: mctp: handle skb cleanup on sock_queue failures
- xhci: retry Stop Endpoint on buggy NEC controllers
- usb: xhci: Limit Stop Endpoint retries
- usb: xhci: Avoid queuing redundant Stop Endpoint commands
- xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic
- thunderbolt: Add support for Intel Panther Lake-M/P
- thunderbolt: Don't display nvm_version unless upgrade supported
- drm/panel: st7701: Add prepare_prev_first flag to drm_panel
- drm/panel: synaptics-r63353: Fix regulator unbalance
- drm/amdgpu/nbio7.11: fix IP version check
- drm/amdgpu/nbio7.7: fix IP version check
- fgraph: Still initialize idle shadow stacks when starting
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation
- ocfs2: fix the space leak in LA when releasing LA
- of: property: fw_devlink: Do not use interrupt-parent directly
- of: address: Preserve the flags portion on 1:1 dma-ranges mapping
- Upstream stable to v6.6.68, v6.12.7
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56710
- ceph: fix memory leak in ceph_direct_read_write()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-53685
- ceph: give up on paths longer than PATH_MAX
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-54193
- accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-54455
- accel/ivpu: Fix general protection fault in ivpu_bo_list()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-53690
- nilfs2: prevent use of deleted inode
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56709
- io_uring: check if iowq is killed before queuing
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-55881
- KVM: x86: Play nice with protected guests in complete_hypercall_exit()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-55916
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56369
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56372
- net: tun: fix tun_napi_alloc_frags()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56715
- ionic: Fix netdev notifier unregister on failure
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56716
- netdevsim: prevent bad user input in nsim_dev_health_break_write()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56717
- net: mscc: ocelot: fix incorrect IFH SRC_PORT field in
ocelot_ifh_set_basic()
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-57791
- net/smc: check return value of sock_recvmsg when draining clc data
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-47408
- net/smc: check smcd_v2_ext_offset when receiving proposal msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-49568
- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal
msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-49571
- net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal
msg
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-56718
- net/smc: protect link down work from execute after lgr freed
* Noble update: upstream stable patchset 2025-03-14 (LP: #2102266) //
CVE-2024-41013
- xfs: don't walk off the end of a directory data block
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181)
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing
PEBS_DATA_CFG
- ksmbd: fix racy issue from session lookup and expire
- splice: do not checksum AF_UNIX sockets
- tcp: check space before adding MPTCP SYN options
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5
- usb: host: max3421-hcd: Correctly abort a USB request.
- ata: sata_highbank: fix OF node reference leak in
highbank_initialize_phys()
- usb: dwc2: Fix HCD resume
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature
- usb: dwc2: Fix HCD port connection race
- scsi: ufs: core: Update compl_time_stamp_local_clock after completing a
cqe
- usb: gadget: midi2: Fix interpretation of is_midi1 bits
- usb: ehci-hcd: fix call balance of clocks handling routines
- usb: typec: anx7411: fix fwnode_handle reference leak
- usb: typec: anx7411: fix OF node reference leaks in
anx7411_typec_switch_probe()
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode
- drm/i915: Fix memory leak by correcting cache object name in error handler
- xfs: update btree keys correctly when _insrec splits an inode root block
- xfs: don't drop errno values when we fail to ficlone the entire range
- xfs: return from xfs_symlink_verify early on V4 filesystems
- xfs: fix scrub tracepoints when inode-rooted btrees are involved
- xfs: only run precommits once per transaction object
- bpf: Check size for BTF-based ctx access of pointer members
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func()
- bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
- bpf, sockmap: Fix update element with same
- wifi: mac80211: init cnt before accessing elem in
ieee80211_copy_mbssid_beacon
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters()
- wifi: mac80211: fix station NSS capability initialization order
- batman-adv: Do not send uninitialized TT changes
- batman-adv: Remove uninitialized data in full table TT response
- batman-adv: Do not let TT changes list grows indefinitely
- wifi: cfg80211: sme: init n_channels before channels[] access
- selftests: mlxsw: sharedbuffer: Remove h1 ingress test case
- selftests: mlxsw: sharedbuffer: Remove duplicate test cases
- selftests: mlxsw: sharedbuffer: Ensure no extra packets are counted
- ptp: kvm: x86: Return EOPNOTSUPP instead of ENODEV from
kvm_arch_ptp_init()
- net: mscc: ocelot: fix memory leak on ocelot_port_add_txtstamp_skb()
- net: mscc: ocelot: improve handling of TX timestamp for unknown skb
- net: mscc: ocelot: ocelot->ts_id_lock and ocelot_port->tx_skbs.lock are
IRQ-
safe
- net: mscc: ocelot: be resilient to loss of PTP packets during transmission
- net: mscc: ocelot: perform error cleanup in ocelot_hwstamp_set()
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user()
- net: sparx5: fix FDMA performance issue
- net: sparx5: fix the maximum frame length register
- ACPI: resource: Fix memory resource type union access
- cxgb4: use port number to set mac addr
- qca_spi: Fix clock speed for multiple QCA7000
- qca_spi: Make driver probing reliable
- ASoC: amd: yc: Fix the wrong return value
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value
- net: renesas: rswitch: fix race window between tx start and complete
- net: renesas: rswitch: fix leaked pointer on error path
- net: renesas: rswitch: handle stop vs interrupt race
- net: dsa: felix: fix stuck CPU-injected packets with short taprio windows
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
- bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
- team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
- ACPICA: events/evxfregn: don't release the ContextMutex that was never
acquired
- Bluetooth: iso: Fix recursive locking warning
- Bluetooth: SCO: Add support for 16 bits transparent voice setting
- net: renesas: rswitch: fix initial MPIC register setting
- net: dsa: microchip: KSZ9896 register regmap alignment to 32 bit
boundaries
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights()
- kselftest/arm64: abi: fix SVCR detection
- KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
- selftests/bpf: remove use of __xlated()
- xen/netfront: fix crash when removing device
- x86: make get_cpu_vendor() accessible from Xen code
- objtool/x86: allow syscall instruction
- x86/static-call: provide a way to do very early static-call updates
- x86/xen: don't do PV iret hypercall through hypercall page
- x86/xen: add central hypercall functions
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
- x86/xen: add FRAME_END to xen_hypercall_hvm()
- x86/xen: use new hypercall functions instead of hypercall page
- x86/xen: remove hypercall page
- x86/static-call: fix 32-bit build
- x86/asm: Make serialize() always_inline
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
- serial: sh-sci: Check if TX data was written to device in .tx_empty()
- gpio: ljca: Initialize num before accessing item in ljca_gpio_config
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5
- drm/amdkfd: Use device based logging for errors
- drm/amdkfd: pause autosuspend when creating pdd
- drm/amdkfd: fixed page fault when enable MES shader debugger
- drm/i915/color: Stop using non-posted DSB writes for legacy LUT
- drm/amd/pm: Set SMU v13.0.7 default workload type
- xfs: return a 64-bit block count from xfs_btree_count_blocks
- perf machine: Initialize machine->env to address a segfault
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips
- net: renesas: rswitch: fix possible early skb release
- Bluetooth: Improve setsockopt() handling of malformed user input
- libperf: evlist: Fix --cpu argument on hybrid platform
- selftests: netfilter: Stabilize rpath.sh
- net, team, bonding: Add netdev_base_features helper
- bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features
- team: Fix initial vlan_feature set in __team_compute_features
- drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt
- Upstream stable to v6.6.67, v6.12.6
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56652
- drm/xe/reg_sr: Remove register pool
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-54460
- Bluetooth: iso: Fix circular lock in iso_listen_bis
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-57879
- Bluetooth: iso: Always release hdev at the end of iso_listen_bis
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56656
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-53125
- bpf: sync_linked_regs() must preserve subreg_def
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56654
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56770
- net/sched: netem: account for backlog updates from child qdisc
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-54683
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-55639
- net: renesas: rswitch: avoid use-after-put for a device tree node
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56657
- ALSA: control: Avoid WARN() for symlink errors
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56659
- net: lapb: increase LAPB_HEADER_LEN
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56660
- net/mlx5: DR, prevent potential error pointer dereference
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56662
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56664
- bpf, sockmap: Fix race between element replace and close()
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56667
- drm/i915: Fix NULL pointer dereference in capture_engine
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56670
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to
accessing null pointer
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-53687
- riscv: Fix IPIs usage in kfence_protect_page()
* Noble update: upstream stable patchset 2025-03-13 (LP: #2102181) //
CVE-2024-56675
- bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
* Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
- selftests: net: Remove executable bits from library scripts
* CVE-2024-56653
- Bluetooth: btmtk: avoid UAF in btmtk_process_coredump
-- Austin Rhodes <austin.rho...@canonical.com> Wed, 23 Apr 2025
13:40:49 -0400
** Changed in: linux-gcp (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36476
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-39282
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-41013
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47408
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-47736
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49568
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-49571
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53125
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53179
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53685
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53687
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-53690
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-54193
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-54455
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-54460
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-54683
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-55639
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-55881
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-55916
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56369
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56372
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56652
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56653
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56654
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56656
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56657
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56659
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56660
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56662
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56664
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56667
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56670
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56675
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56709
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56710
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56716
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56717
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56718
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56758
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56759
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56760
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56761
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56763
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56764
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56767
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56769
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-56770
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57791
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57792
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57793
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57801
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57802
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57804
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57806
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57807
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57841
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57879
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57882
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57883
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57884
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57885
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57887
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57888
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57889
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57890
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57892
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57893
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57895
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57896
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57897
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57898
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57899
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57900
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57901
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57902
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57903
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57904
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57906
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57907
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57908
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57910
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57911
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57912
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57913
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57916
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57917
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57925
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57926
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57929
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57931
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57932
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57933
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57938
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57939
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57940
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57945
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-57946
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21631
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21632
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21634
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21635
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21636
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21637
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21638
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21639
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21640
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21642
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21643
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21645
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21646
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21648
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21649
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21650
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21651
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21652
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21653
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21654
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21655
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21656
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21658
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21659
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21660
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21662
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21663
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-21664
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/2105142
Title:
GCP kernels need CONFIG_VIRTIO_BALLOON=m (not =y)
Status in linux-gcp package in Ubuntu:
Fix Released
Status in linux-gcp source package in Bionic:
Fix Committed
Status in linux-gcp source package in Focal:
Fix Released
Status in linux-gcp source package in Jammy:
Fix Released
Status in linux-gcp source package in Noble:
Fix Released
Status in linux-gcp source package in Oracular:
Fix Released
Status in linux-gcp source package in Plucky:
Fix Released
Bug description:
SRU Justification
[Impact]
Google requested that the virtio_balloon module be made loadable,
rather than built-in. This is to support disabling the module at
runtime, which is specified as possible in their documentation:
https://cloud.google.com/compute/docs/dynamic-resource-
management#disabling_the_virtio_memory_balloon_device
[Fix]
Change CONFIG_VIRTIO_BALLOON to build the driver as a loadable module
rather than a built-in, drivers/virtio/* is already in the inclusion
list, so the driver will be included in the main modules package.
[Test Plan]
List files in the linux-modules package and verify that
virtio_balloon.ko is there.
[Regression potential]
The regression potential is very low since the module will still be
included with all cloud installations and a user has to manually
disable it to get different behavior.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-gcp/+bug/2105142/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
