This bug was fixed in the package linux-gke - 5.15.0-1081.87
---------------
linux-gke (5.15.0-1081.87) jammy; urgency=medium
* jammy/linux-gke: 5.15.0-1081.87 -proposed tracker (LP: #2106945)
* Regression in NFS ro mount behavior (LP: #2108862)
- SAUCE: nfs: clear SB_RDONLY before getting superblock
* IDPF: TX timeout and crash (LP: #2093622)
- idpf: refactor some missing field get/prep conversions
- idpf: set scheduling mode for completion queue
- idpf: make virtchnl2.h self-contained
- idpf: stop using macros for accessing queue descriptors
- idpf: fix kernel panic on unknown packet types
- idpf: fix corrupted frames and skb leaks in singleq mode
- idpf: split &idpf_queue into 4 strictly-typed queue structures
- idpf: fix memory leaks and crashes while performing a soft reset
- idpf: enable WB_ON_ITR
* kdump failures with instances using IDPF (LP: #2104324)
- idpf: call set_real_num_queues in idpf_open
[ Ubuntu: 5.15.0-140.150 ]
* jammy/linux: 5.15.0-140.150 -proposed tracker (LP: #2106996)
* Packaging resync (LP: #1786013)
- [Packaging] debian.master/dkms-versions -- update from kernel-versions
(main/2025.04.14)
* NFS, overlay, fstab issue after update to kernel 5.15.0-133-generic and -134
(LP: #2103598)
- udf: Fix directory iteration for longer tail extents
* Remove floppy kernel module causes null pointer deference (LP: #2104326)
- floppy: fix add_disk() assumption on exit due to new developments
* CVE-2025-21971
- net_sched: Prevent creation of classes with TC_H_ROOT
* CVE-2024-56599
- wifi: ath10k: avoid NULL pointer error during sdio remove
* CVE-2024-56721
- x86/CPU/AMD: Terminate the erratum_1386_microcode array
* Jammy update: v5.15.179 upstream stable release (LP: #2106026)
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY
- afs: Fix directory format encoding struct
- hung_task: move hung_task sysctl interface to hung_task.c
- sysctl: use const for typically used max/min proc sysctls
- sysctl: share unsigned long const values
- fs: move inode sysctls to its own file
- fs: move fs stat sysctls to file_table.c
- fs: fix proc_handler for sysctl_nr_open
- block: deprecate autoloading based on dev_t
- block: retry call probe after request_module in blk_request_module
- pstore/blk: trivial typo fixes
- nvme: Add error check for xa_store in nvme_get_effects_log
- partitions: ldm: remove the initial kernel-doc notation
- select: Fix unbalanced user_access_end()
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call
- sched/psi: Use task->psi_flags to clear in CPU migration
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
- drm/etnaviv: Fix page property being used for non writecombine buffers
- genirq: Make handle_enforce_irqctx() unconditionally available
- wifi: rtlwifi: do not complete firmware loading needlessly
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
- wifi: rtlwifi: wait for firmware loading before releasing memory
- wifi: rtlwifi: fix init_sw_vars leak when probe fails
- wifi: rtlwifi: usb: fix workqueue leak when probe fails
- spi: zynq-qspi: Add check for clk_enable()
- dt-bindings: mmc: controller: clarify the address-cells description
- spi: dt-bindings: add schema listing peripheral-specific properties
- dt-bindings: Another pass removing cases of 'allOf' containing a '$ref'
- dt-bindings: leds: Add Qualcomm Light Pulse Generator binding
- dt-bindings: leds: Optional multi-led unit address
- dt-bindings: leds: Add multicolor PWM LED bindings
- dt-bindings: leds: class-multicolor: reference class directly in multi-led
node
- dt-bindings: leds: class-multicolor: Fix path to color definitions
- rtlwifi: replace usage of found with dedicated list iterator variable
- wifi: rtlwifi: remove unused timer and related code
- wifi: rtlwifi: remove unused dualmac control leftovers
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory
- HID: multitouch: Add support for lenovo Y9000P Touchpad
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
- HID: multitouch: fix support for Goodix PID 0x01e9
- regulator: dt-bindings: mt6315: Drop regulator-compatible property
- ACPI: fan: cleanup resources in the error path of .probe()
- cpupower: fix TSC MHz calculation
- dt-bindings: mfd: bd71815: Fix rsense and typos
- leds: netxbig: Fix an OF node reference leak in
netxbig_leds_get_of_pdata()
- cpufreq: schedutil: Fix superfluous updates caused by need_freq_update
- clk: imx8mp: Fix clkout1/2 support
- regulator: of: Implement the unwind path of of_regulator_match()
- samples/landlock: Fix possible NULL dereference in parse_path()
- wifi: wlcore: fix unbalanced pm_runtime calls
- net/smc: fix data error when recvmsg with MSG_PEEK flag
- landlock: Move filesystem helpers and add a new one
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
- cpufreq: ACPI: Fix max-frequency computation
- selftests: harness: fix printing of mismatch values in __EXPECT()
- wifi: cfg80211: Handle specific BSSID in 6GHz scanning
- wifi: cfg80211: adjust allocation of colocated AP data
- clk: analogbits: Fix incorrect calculation of vco rate delta
- selftests/landlock: Fix error message
- net/mlxfw: Drop hard coded max FW flash image size
- netfilter: nft_flow_offload: update tcp state flags under lock
- tcp_cubic: fix incorrect HyStart round start detection
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind
- libbpf: Fix segfault due to libelf functions not setting errno
- ASoC: sun4i-spdif: Add clock multiplier settings
- perf header: Fix one memory leakage in process_bpf_btf()
- perf header: Fix one memory leakage in process_bpf_prog_info()
- perf bpf: Fix two memory leakages when calling
perf_env__insert_bpf_prog_info()
- ASoC: renesas: rz-ssi: Use only the proper amount of dividers
- ktest.pl: Remove unused declarations in run_bisect_test function
- crypto: hisilicon/sec - add some comments for soft fallback
- crypto: hisilicon/sec - delete redundant blank lines
- crypto: hisilicon/sec2 - optimize the error return process
- crypto: hisilicon/sec2 - fix for aead icv error
- crypto: hisilicon/sec2 - fix for aead invalid authsize
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto()
- padata: fix sysfs store callback check
- perf top: Don't complain about lack of vmlinux when not resolving some
kernel samples
- perf report: Fix misleading help message about --demangle
- padata: add pd get/put refcnt helper
- ARM: at91: pm: change BU Power Switch to automatic mode
- arm64: dts: mt8183: set DMIC one-wire mode on Damu
- arm64: dts: mediatek: mt8516: fix GICv2 range
- arm64: dts: mediatek: mt8516: fix wdt irq type
- arm64: dts: mediatek: mt8516: remove 2 invalid i2c clocks
- arm64: dts: mediatek: mt8516: add i2c clock-div property
- arm64: dts: mediatek: mt8516: reserve 192 KiB for TF-A
- RDMA/mlx4: Avoid false error about access to uninitialized gids array
- arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property
- arm64: dts: mediatek: mt8173-elm: Drop regulator-compatible property
- arm64: dts: mediatek: mt8173-elm: Fix MT6397 PMIC sub-node names
- arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names
- arm64: dts: mediatek: mt8183: kenzo: Support second source touchscreen
- arm64: dts: mediatek: mt8183: willow: Support second source touchscreen
- memory: Add LPDDR2-info helpers
- memory: tegra20-emc: Support matching timings by LPDDR2 configuration
- arm64: dts: mediatek: mt8183-kukui-jacuzzi: Drop pp3300_panel voltage
settings
- arm64: dts: qcom: msm8996: Fix up USB3 interrupts
- arm64: dts: qcom: msm8994: Describe USB interrupts
- arm64: dts: qcom: msm8916: correct sleep clock frequency
- arm64: dts: qcom: msm8994: correct sleep clock frequency
- arm64: dts: qcom: sc7280: correct sleep clock frequency
- arm64: dts: qcom: sm6125: correct sleep clock frequency
- arm64: dts: qcom: sm8250: correct sleep clock frequency
- arm64: dts: qcom: sm8350: correct sleep clock frequency
- arm64: dts: qcom: sm8150-microsoft-surface-duo: fix typos in da7280
properties
- arm64: dts: qcom: sdm845: Fix interrupt types of camss interrupts
- ARM: dts: mediatek: mt7623: fix IR nodename
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device()
- RDMA/mlx5: Remove iova from struct mlx5_core_mkey
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults
- RDMA/mlx5: Fix indirect mkey ODP page count
- xen/x86: free_p2m_page: use memblock_free_ptr() to free a virtual pointer
- memblock: drop memblock_free_early_nid() and memblock_free_early()
- of: reserved-memory: Do not make kmemleak ignore freed address
- efi: sysfb_efi: fix W=1 warnings when EFI is not set
- media: rc: iguanair: handle timeouts
- media: lmedm04: Handle errors for lme2510_int_read
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy()
- media: marvell: Add check for clk_enable()
- media: i2c: imx412: Add missing newline to prints
- media: i2c: ov9282: Correct the exposure offset
- media: mipi-csis: Add check for clk_enable()
- media: camif-core: Add check for clk_enable()
- media: uvcvideo: Propagate buf->error to userspace
- mtd: hyperbus: Make hyperbus_unregister_device() return void
- mtd: hyperbus: hbmc-am654: Convert to platform remove callback returning
void
- mtd: hyperbus: hbmc-am654: fix an OF node reference leak
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs()
- scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1
- scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails
- ocfs2: mark dquot as inactive if failed to start trans while releasing
dquot
- module: Extend the preempt disabled section in
dereference_symbol_descriptor().
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE
- tools/bootconfig: Fix the wrong format specifier
- xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver
- gpio: mxc: remove dead code after switch to DT-only
- net: fec: implement TSO descriptor cleanup
- PM: hibernate: Add error handling for syscore_suspend()
- net: netdevsim: try to close UDP port harness races
- ptp: Properly handle compat ioctls
- perf trace: Fix runtime error of index out of bounds
- vsock: Allow retrying on connect() failure
- bgmac: reduce max frame size to support just MTU 1500
- net: sh_eth: Fix missing rtnl lock in suspend/resume path
- net: hsr: fix fill_frame_info() regression vs VLAN packets
- genksyms: fix memory leak when the same symbol is added from source
- genksyms: fix memory leak when the same symbol is read from *.symref file
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST
- kconfig: add warn-unknown-symbols sanity check
- kconfig: require a space after '#' for valid input
- kconfig: remove unused code for S_DEF_AUTO in conf_read_simple()
- kconfig: deduplicate code in conf_read_simple()
- kconfig: WERROR unmet symbol dependency
- kconfig: fix memory leak in sym_warn_unmet_dep()
- hexagon: fix using plain integer as NULL pointer warning in cmpxchg
- hexagon: Fix unbalanced spinlock in die()
- f2fs: Introduce linear search for dentries
- ktest.pl: Check kernelrelease return in get_version
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro
- drivers/card_reader/rtsx_usb: Restore interrupt based detection
- usb: gadget: f_tcm: Fix Get/SetInterface return value
- usb: dwc3: core: Defer the probe until USB power supply ready
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to
PD_T_SENDER_RESPONSE
- usb: typec: tcpci: Prevent Sink disconnection before vPpsShutdown in SPR
PPS
- btrfs: output the reason for open_ctree() failure
- btrfs: fix data race when accessing the inode's disk_i_size at
btrfs_drop_extents()
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling
- sched: Don't try to catch up excess steal time.
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs
- x86/amd_nb: Restrict init function to AMD-based systems
- tun: fix group permission check
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
- HID: Wacom: Add PCI Wacom device support
- net/mlx5: use do_aux_work for PHC overflow checks
- wifi: iwlwifi: avoid memory leak
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
- APEI: GHES: Have GHES honor the panic= setting
- net: wwan: iosm: Fix hibernation by re-binding the driver around it
- mmc: sdhci-msm: Correctly set the load for the regulator
- tipc: re-order conditions in tipc_crypto_key_rcv()
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack()
- Input: allocate keycode for phone linking
- platform/x86: acer-wmi: Ignore AC events
- x86/mm: Don't disable PCID when INVLPG has been fixed by microcode
- usb: chipidea: ci_hdrc_imx: use dev_err_probe()
- usb: chipidea/ci_hdrc_imx: Convert to platform remove callback returning
void
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and
in
the error path of .probe()
- net/ncsi: Add NC-SI 1.2 Get MC MAC Address command
- net/ncsi: fix locking in Get MAC Address handling
- xfs: report realtime block quota limits on realtime directories
- xfs: don't over-report free space or inodes in statvfs
- usb: xhci: Add timeout argument in address_device USB HCD callback
- nvme: handle connectivity loss in nvme_set_queue_count
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry
- gpu: drm_dp_cec: fix broken CEC adapter properties check
- tg3: Disable tg3 PCIe AER on system reboot
- udp: gso: do not drop small packets when PMTU reduces
- gpio: pca953x: Improve interrupt support
- net: atlantic: fix warning during hot unplug
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
- x86/xen: add FRAME_END to xen_hypercall_hvm()
- tun: revert fix group permission check
- cpufreq: s3c64xx: Fix compilation warning
- leds: lp8860: Write full EEPROM, not only half of it
- drm/modeset: Handle tiled displays in pan_display_atomic.
- s390/futex: Fix FUTEX_OP_ANDN implementation
- m68k: vga: Fix I/O defines
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages
- drm/amd/pm: Mark MM activity as unsupported
- drm/komeda: Add check for komeda_get_layer_fourcc_list()
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
- clk: sunxi-ng: a100: enable MMC clock reparenting
- clk: qcom: clk-alpha-pll: fix alpha mode configuration
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15
- perf bench: Fix undefined behavior in cmpworker()
- of: Correct child specifier used as input of the 2nd nexus node
- of: Fix of_find_node_opts_by_path() handling of alias+path+options
- of: reserved-memory: Fix using wrong number of cells to get property
'alignment'
- HID: hid-sensor-hub: don't use stale platform-data on remove
- wifi: rtlwifi: rtl8821ae: Fix media status report
- usb: gadget: f_tcm: Translate error to sense
- usb: gadget: f_tcm: Decrement command ref count on cleanup
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint
- usb: gadget: f_tcm: Don't prepare BOT write request twice
- serial: sh-sci: Drop __initdata macro for port_cfg
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
in use
- MIPS: Loongson64: remove ROM Size unit in boardinfo
- powerpc/pseries/eeh: Fix get PE state translation
- dm-crypt: don't update io->sector after kcryptd_crypt_write_io_submit()
- dm-crypt: track tag_offset in convert_context
- mips/math-emu: fix emulation of the prefx instruction
- ALSA: hda/realtek: Enable headset mic on Positivo C6400
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf()
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk
- scsi: qla2xxx: Move FCE Trace buffer allocation to user control
- scsi: storvsc: Set correct data length for sending SCSI command without
payload
- kbuild: Move -Wenum-enum-conversion to W=2
- x86/boot: Use '-std=gnu11' to fix build with GCC 15
- arm64: dts: qcom: sm8350: Fix MPSS memory length
- crypto: qce - fix priority to be less than ARMv8 CE
- xfs: Add error handling for xfs_reflink_cancel_cow_range
- media: ccs: Clean up parsed CCS static data on parse failure
- iio: light: as73211: fix channel handling in only-color triggered buffer
- soc: qcom: smem_state: fix missing of_node_put in error path
- media: mc: fix endpoint iteration
- media: ov5640: fix get_light_freq on auto
- media: ccs: Fix CCS static data parsing for large block sizes
- media: ccs: Fix cleanup order in ccs_probe()
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events
- media: uvcvideo: Remove redundant NULL assignment
- crypto: qce - fix goto jump in error path
- crypto: qce - unregister previously registered algos in error path
- nvmem: qcom-spmi-sdam: Set size in struct nvmem_config
- nvmem: core: improve range check for nvmem_cell_write()
- vfio/platform: check the bounds of read/write syscalls
- pnfs/flexfiles: retry getting layout segment for reads
- ocfs2: fix incorrect CPU endianness conversion causing mount failure
- mtd: onenand: Fix uninitialized retlen in do_otp_read()
- misc: fastrpc: Fix registered buffer page address
- net/ncsi: wait for the last response to Deselect Package before
configuring
channel
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
- MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static
- net/ncsi: use dev_set_mac_address() for Get MC MAC Address handling
- gpio: xilinx: remove excess kernel doc
- memory: tegra20-emc: Correct memory device mask
- ocfs2: check dir i_size in ocfs2_find_entry
- mptcp: prevent excessive coalescing on receive
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
- drm/i915/selftests: avoid using uninitialized context
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ
- gpio: bcm-kona: Add missing newline to dev_err format string
- xen: remove a confusing comment on auto-translated guest I/O
- x86/xen: allow larger contiguous memory regions in PV guests
- media: cxd2841er: fix 64-bit division on gcc-9
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P
- vfio/pci: Enable iowrite64 and ioread64 for vfio pci
- Grab mm lock before grabbing pt lock
- x86/mm/tlb: Only trim the mm_cpumask once a second
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V
- batman-adv: Ignore neighbor throughput metrics in error case
- perf/x86/intel: Ensure LBRs are disabled when a CPU is starting
- usb: roles: set switch registered flag early on
- usb: gadget: udc: renesas_usb3: Fix compiler warning
- usb: dwc2: gadget: remove of_node reference upon udc_stop
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI
- usb: core: fix pipe creation for get_bMaxPacketSize0
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk
- usb: cdc-acm: Fix handling of oversized fragments
- USB: serial: option: add MeiG Smart SLM828
- USB: serial: option: add Telit Cinterion FN990B compositions
- USB: serial: option: fix Telit Cinterion FN990A name
- USB: serial: option: drop MeiG Smart defines
- can: c_can: fix unbalanced runtime PM disable in error path
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data
length zero
- alpha: make stack 16-byte aligned (most cases)
- efi: Avoid cold plugged memory for placing the kernel
- cgroup: fix race between fork and cgroup.kill
- serial: 8250: Fix fifo underflow on flush
- alpha: align stack for page fault and user unaligned trap handlers
- gpio: stmpe: Check return value of stmpe_reg_read in
stmpe_gpio_irq_sync_unlock
- regmap-irq: Add missing kfree()
- arm64: Handle .ARM.attributes section in linker scripts
- mlxsw: Add return value check for mlxsw_sp_port_get_stats_raw()
- btrfs: fix hole expansion when writing at an offset beyond EOF
- clocksource: Replace cpumask_weight() with cpumask_empty()
- clocksource: Use pr_info() for "Checking clocksource synchronization"
message
- ipv4: add RCU protection to ip4_dst_hoplimit()
- net: treat possible_net_t net pointer as an RCU one and add
read_pnet_rcu()
- net: add dev_net_rcu() helper
- ipv4: use RCU protection in rt_is_expired()
- ipv4: use RCU protection in inet_select_addr()
- Namespaceify min_pmtu sysctl
- Namespaceify mtu_expires sysctl
- selftest: net: Test IPv4 PMTU exceptions with DSCP and ECN
- net: ipv4: Cache pmtu for all packet paths if multipath enabled
- neighbour: delete redundant judgment statements
- drm/tidss: Fix issue in irq handling causing irq-flood issue
- drm/tidss: Clear the interrupt status for interrupts being disabled
- kdb: Do not assume write() callback available
- alpha: replace hardcoded stack offsets with autogenerated ones
- nilfs2: do not output warnings when clearing dirty buffers
- can: ems_pci: move ASIX AX99100 ids to pci_ids.h
- serial: 8250_pci: add support for ASIX AX99100
- parport_pc: add support for ASIX AX99100
- netdevsim: print human readable IP address
- selftests: rtnetlink: update netdevsim ipsec output format
- ARM: dts: dra7: Add bus_dma_limit for l4 cfg bus
- x86/i8253: Disable PIT timer 0 when not in use
- Revert "btrfs: avoid monopolizing a core when activating a swap file"
- btrfs: avoid monopolizing a core when activating a swap file
- arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings
- crypto: testmgr - fix wrong key length for pkcs1pad
- crypto: testmgr - Fix wrong test case of RSA
- crypto: testmgr - fix version number of RSA tests
- crypto: testmgr - populate RSA CRT parameters in RSA test vectors
- crypto: testmgr - some more fixes to RSA test vectors
- mm: update mark_victim tracepoints fields
- drm/probe-helper: Create a HPD IRQ event helper for a single connector
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event()
- ASoC: renesas: rz-ssi: Add a check for negative sample_space
- arm64: dts: mediatek: mt8183: Disable DSI display output by default
- tpm: Use managed allocation for bios event log
- kfence: allow use of a deferrable timer
- [Config] updateconfigs to disable new KFENCE_DEFERRABLE
- kfence: enable check kfence canary on panic via boot param
- kfence: skip __GFP_THISNODE allocations on NUMA systems
- soc: mediatek: mtk-devapc: Switch to devm_clk_get_enabled()
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning
void
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove
- media: uvcvideo: Set error_idx during ctrl_commit errors
- media: uvcvideo: Refactor iterators
- media: uvcvideo: Only save async fh if success
- batman-adv: Drop initialization of flexible ethtool_link_ksettings
- usb: dwc3: Increase DWC3 controller halt timeout
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline
- ALSA: hda/realtek: Fixup ALC225 depop procedure
- geneve: Suppress list corruption splat in geneve_destroy_tunnels().
- net: extract port range fields from fl_flow_key
- flow_dissector: Fix handling of mixed port and port-range keys
- flow_dissector: Fix port range key handling in BPF conversion
- net: Add non-RCU dev_getbyhwaddr() helper
- arp: switch to dev_getbyhwaddr() in arp_req_set_public()
- power: supply: da9150-fg: fix potential overflow
- nvme/ioctl: add missing space in err message
- bpf: skip non exist keys in generic_map_lookup_batch
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
- acct: block access to kernel internal filesystems
- mtd: rawnand: cadence: fix error code in cadence_nand_init()
- mtd: rawnand: cadence: use dma_map_resource for sdma address
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit
- IB/mlx5: Set and get correct qp_num for a DCT QP
- ovl: use wrappers to all vfs_*xattr() calls
- ovl: pass ofs to creation operations
- scsi: core: Don't memset() the entire scsi_cmnd in scsi_init_command()
- scsi: core: Clear driver private data when retrying request
- RDMA/mlx5: Fix bind QP error cleanup flow
- sunrpc: suppress warnings for unused procfs functions
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response
- afs: remove variable nr_servers
- afs: Make it possible to find the volumes that are using a server
- afs: Fix the server_list to unuse a displaced server rather than putting
it
- net: loopback: Avoid sending IP packets without an Ethernet header
- net: cadence: macb: Synchronize stats calculations
- ASoC: es8328: fix route from DAC to output
- ipvs: Always clear ipvs_property flag in skb_scrub_packet()
- tcp: Defer ts_recent changes until req is owned
- net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination.
- net/mlx5: IRQ, Fix null string in debug print
- seg6: add support for SRv6 H.Encaps.Red behavior
- seg6: add support for SRv6 H.L2Encaps.Red behavior
- include: net: add static inline dst_dev_overhead() to dst.h
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue
- net: ipv6: fix dst ref loop on input in seg6 lwt
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue
- net: ipv6: fix dst ref loop on input in rpl lwt
- x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems
- ftrace: Avoid potential division by zero in function_stat_show()
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2
- perf/core: Fix low freq setting via IOC_PERIOD
- drm/amd/display: Fix HPD after gpu reset
- net: enetc: fix the off-by-one issue in enetc_map_tx_buffs()
- net: enetc: update UDP checksum when updating originTimestamp field
- net: enetc: correct the xdp_tx statistics
- phy: tegra: xusb: reset VBUS & ID OVERRIDE
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk
- vmlinux.lds: Ensure that const vars with relocations are mapped R/O
- intel_idle: Handle older CPUs, which stop the TSC in deeper C states,
correctly
- drm/amdgpu: Check extended configuration space register when system uses
large bar
- drm/amdgpu: disable BAR resize on Dell G5 SE
- Revert "of: reserved-memory: Fix using wrong number of cells to get
property
'alignment'"
- HID: appleir: Fix potential NULL dereference at raw event handle
- gpio: rcar: Use raw_spinlock to protect register access
- gpio: aggregator: protect driver attr handlers against module unload
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist
- ALSA: hda/realtek: update ALC222 depop optimize
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e
- x86/cacheinfo: Validate CPUID leaf 0x2 EDX output
- x86/cpu: Validate CPUID leaf 0x2 EDX output
- x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63
- wifi: cfg80211: regulatory: improve invalid hints checking
- wifi: nl80211: reject cooked mode if it is set along with other flags
- rapidio: add check for rio_add_net() in rio_scan_alloc_net()
- rapidio: fix an API misues when rio_add_net() fails
- s390/traps: Fix test_monitor_call() inline assembly
- block: fix conversion of GPT partition name to 7-bit
- mm/page_alloc: fix uninitialized variable
- mm: don't skip arch_sync_kernel_mappings() in error paths
- wifi: iwlwifi: limit printed string from FW file
- HID: google: fix unused variable warning under !CONFIG_ACPI
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch
- net: gso: fix ownership in __udp_gso_segment
- caif_virtio: fix wrong pointer check in cfv_probe()
- hwmon: (pmbus) Initialise page count in pmbus_identify()
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table
- hwmon: (ad7314) Validate leading zero bits and return error
- ALSA: usx2y: validate nrpacks module parameter on probe
- llc: do not use skb_get() before dev_queue_xmit()
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe()
- drm/sched: Fix preprocessor guard
- be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink
- net: hns3: make sure ptp clock is unregister and freed if
hclge_ptp_get_cycle returns an error
- ppp: Fix KMSAN uninit-value warning with bpf
- vlan: enforce underlying device type
- x86/sgx: Support loading enclave page without VMA permissions check
- x86/sgx: Move PTE zap code to new sgx_zap_enclave_ptes()
- x86/sgx: Export sgx_encl_{grow,shrink}()
- x86/sgx: Support VA page allocation without reclaiming
- x86/sgx: Fix size overflows in sgx_encl_create()
- exfat: fix soft lockup in exfat_clear_bitmap
- net-timestamp: support TCP GSO case for a few missing flags
- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
- net: ipv6: fix dst ref loop in ila lwtunnel
- net: ipv6: fix missing dst ref drop in ila lwtunnel
- gpio: rcar: Fix missing of_node_put() call
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection"
- usb: renesas_usbhs: Call clk_put()
- usb: renesas_usbhs: Use devm_usb_get_phy()
- usb: hub: lack of clearing xHC resources
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card
Reader
- usb: renesas_usbhs: Flush the notify_hotplug_work
- usb: atm: cxacru: fix a flaw in existing endpoint checks
- usb: dwc3: Set SUSPENDENABLE soon after phy init
- usb: dwc3: gadget: Prevent irq storm when TH re-executes
- usb: typec: ucsi: increase timeout for PPM reset operations
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality
- usb: gadget: Set self-powered based on MaxPower and bmAttributes
- usb: gadget: Fix setting self-powered state on suspend
- usb: gadget: Check bmAttributes only if configuration is valid
- xhci: pci: Fix indentation in the PCI device ID definitions
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805
- mei: me: add panther lake P DID
- intel_th: pci: Add Arrow Lake support
- intel_th: pci: Add Panther Lake-H support
- intel_th: pci: Add Panther Lake-P/U support
- slimbus: messaging: Free transaction ID in delayed interrupt scenario
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid
deadlock
- eeprom: digsy_mtc: Make GPIO lookup table match the device
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
- media: uvcvideo: Avoid invalid memory access
- media: uvcvideo: Avoid returning invalid controls
- md: select BLOCK_LEGACY_AUTOLOAD
- [Config] updateconfigs to select BLOCK_LEGACY_AUTOLOAD
- mtd: rawnand: cadence: fix unchecked dereference
- spi-mxs: Fix chipselect glitch
- nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link
- nilfs2: eliminate staggered calls to kunmap in nilfs_rename
- bpf, vsock: Invoke proto::close on close()
- kbuild: userprogs: use correct lld when linking through clang
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels
- Linux 5.15.179
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21647
- sched: sch_cake: add bounds checks to host bulk flow fairness counts
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58002
- media: uvcvideo: Remove dangling pointers
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58079
- media: uvcvideo: Fix crash during unbind if gpio unit is in use
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21721
- nilfs2: handle errors that nilfs_prepare_chunk() may return
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-26982
- Squashfs: check the inode number is not the invalid value of zero
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21844
- smb: client: Add check for next_buffer in receive_encrypted_standard()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58090
- sched/core: Prevent rescheduling when interrupts are disabled
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21875
- mptcp: always handle address removal under msk socket lock
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21877
- usbnet: gl620a: fix endpoint checking in genelink_bind()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21878
- i2c: npcm: disable interrupt enable bit before devm_request_irq
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21887
- ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21846
- acct: perform last write from workqueue
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21848
- nfp: bpf: Add check for nfp_app_ctrl_msg_alloc()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21862
- drop_monitor: fix incorrect initialization order
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21871
- tee: optee: Fix supplicant wait loop
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21865
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21858
- geneve: Fix use-after-free in geneve_find_dev().
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21866
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as
VM_ALLOC
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21859
- USB: gadget: f_midi: f_midi_complete to call queue_work
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21823
- batman-adv: Drop unmanaged ELP metric worker
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58005
- tpm: Change to kvalloc() in eventlog/acpi.c
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21748
- ksmbd: fix integer overflows on 32 bit systems
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57977
- memcg: fix soft lockup in the OOM process
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57978
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57979
- pps: Fix a use-after-free
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-47726
- f2fs: fix to wait dio completion
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21811
- nilfs2: protect access to buffers with no active references
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21722
- nilfs2: do not force clear folio if buffer is referenced
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58086
- drm/v3d: Stop active perfmon if it is being destroyed
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21758
- ipv6: mcast: add RCU protection to mld_newpack()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21760
- ndisc: extend RCU protection in ndisc_send_skb()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21761
- openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21762
- arp: use RCU protection in arp_xmit()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21763
- neighbour: use RCU protection in __neigh_notify()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21764
- ndisc: use RCU protection in ndisc_alloc_skb()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21765
- ipv6: use RCU protection in ip6_default_advmss()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21766
- ipv4: use RCU protection in __ip_rt_update_pmtu()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21767
- clocksource: Use migrate_disable() to avoid calling get_random_u32() in
atomic context
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21772
- partitions: mac: fix handling of bogus partition table
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21704
- usb: cdc-acm: Check control transfer buffer size before access
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21776
- USB: hub: Ignore non-compliant devices with too many configs or interfaces
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21835
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21779
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't
in-kernel
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21781
- batman-adv: fix panic during interface removal
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21782
- orangefs: fix a oob in orangefs_debug_write
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57834
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21785
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21787
- team: better TEAM_OPTION_TYPE_STRING validation
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21791
- vrf: use RCU protection in l3mdev_l3_out()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58020
- HID: multitouch: Add NULL check in mt_input_configured
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21795
- NFSD: fix hang in nfsd4_shutdown_callback
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21796
- nfsd: clear acl_access/acl_default after releasing them
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21820
- tty: xilinx_uartps: split sysrq handling
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21814
- ptp: Ensure info->enable callback is always set
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21735
- NFC: nci: Add bounds checking in nci_hci_create_pipe()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21736
- nilfs2: fix possible int overflows in nilfs_fiemap()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58001
- ocfs2: handle a symlink read error correctly
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58007
- soc: qcom: socinfo: Avoid out of bounds read of serial number
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21744
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21745
- blk-cgroup: Fix class @block_class's subsystem refcount leakage
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58076
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58083
- KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58010
- binfmt_flat: Fix integer overflow bug on 32 bit systems
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21749
- net: rose: lock the socket in rose_bind()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57981
- usb: xhci: Fix NULL pointer dereference on certain command aborts
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21684
- gpio: xilinx: Convert gpio_lock to raw spinlock
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58085
- tomoyo: don't emit warning in tomoyo_write_control()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58014
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58016
- safesetid: check size of policy writes
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58017
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21753
- btrfs: fix use-after-free when attempting to join an aborted transaction
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58055
- usb: gadget: f_tcm: Don't free command immediately
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57980
- media: uvcvideo: Fix double free in error path
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21707
- mptcp: consolidate suboption status
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21708
- net: usb: rtl8150: enable basic endpoint checking
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21826
- netfilter: nf_tables: reject mismatching sum of field_len with set key
length
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21715
- net: davicom: fix UAF in dm9000_drv_remove
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21718
- net: rose: fix timer races against user threads
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21719
- ipmr: do not call mr_mfc_uses_dev() for unres entries
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21802
- net: hns3: fix oops when unload drivers paralleling
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58058
- ubifs: skip dumping tnc tree when zroot is null
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58069
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21804
- PCI: rcar-ep: Fix incorrect variable used when calling
devm_request_mem_region()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58034
- memory: tegra20-emc: fix an OF node reference bug in
tegra_emc_find_node_by_ram_code()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57973
- rdma/cxgb4: Prevent potential integer overflow on 32bit
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21726
- padata: avoid UAF for reorder_work
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21727
- padata: fix UAF in padata_reorder
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21728
- bpf: Send signals asynchronously if !preemptible
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21711
- net/rose: prevent integer overflows in rose_setsockopt()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21799
- net: ethernet: ti: am65-cpsw: fix freeing IRQ in
am65_cpsw_nuss_remove_tx_chns()
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21806
- net: let net.core.dev_weight always be non-zero
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21830
- landlock: Handle weird files
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58071
- team: prevent adding a device which is already a team device lower
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58063
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58072
- wifi: rtlwifi: remove unused check_buddy_priv
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58051
- ipmi: ipmb: Add check devm_kasprintf() returned value
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-58052
- drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2024-57986
- HID: core: Fix assumption that Resolution Multipliers must be in Logical
Collections
* Jammy update: v5.15.179 upstream stable release (LP: #2106026) //
CVE-2025-21731
- nbd: don't allow reconnect after disconnect
* Fix bugs preventing boot on Intel TDX-enabled hosts (LP: #2097811)
- x86/mtrr: Remove physical address size calculation
* Build failure when CONFIG_NET_SWITCHDEV=n due to CVE-2024-26837 fix backport
(LP: #2104380)
- SAUCE: net: switchdev: fix compilation error for CONFIG_NET_SWITCHDEV=n
* nfsd hangs and never recovers after NFS4ERR_DELAY and a connection loss
(LP: #2103564)
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY
* kernel hard lockup in cgroups during eBPF workload (LP: #2089318)
- cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
- cgroup: Homogenize cgroup_get_from_id() return value
- cgroup: Make cgroup_get_from_id() prettier
- cgroup.c: add helper __cset_cgroup_from_root to cleanup duplicated codes
- cgroup: Reorganize css_set_lock and kernfs path processing
* CVE-2023-52664
- net: atlantic: eliminate double free in error handling logic
* CVE-2023-52927
- netfilter: allow exp not to be removed in nf_ct_find_expectation
-- Benjamin Wheeler <benjamin.whee...@canonical.com> Thu, 01 May 2025
07:54:07 -0400
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/2104324
Title:
kdump failures with instances using IDPF
Status in linux-gcp package in Ubuntu:
Fix Committed
Status in linux-gke package in Ubuntu:
Fix Committed
Status in linux-gkeop package in Ubuntu:
Fix Committed
Status in linux-gcp source package in Jammy:
Fix Released
Status in linux-gke source package in Jammy:
Fix Released
Status in linux-gcp source package in Noble:
Fix Released
Status in linux-gke source package in Noble:
Fix Released
Status in linux-gkeop source package in Noble:
Fix Released
Status in linux-gcp source package in Oracular:
Fix Committed
Bug description:
SRU Justification
[Impact]
Google has requested the backport of a fix commit for the IDPF driver,
after seeing kdump failures in other distributions. We haven't yet had
any similar failures, so this is a preventative measure.
[Fix]
Backport commit:
52c11d31b5a1 ("idpf: call set_real_num_queues in idpf_open")
which fixes the break commit:
1c325aac10a8 ("idpf: configure resources for TX queues")
Context adjusted for Noble and Jammy due to missing commit:
f01032a2ca09 ("idpf: fix memory leaks and crashes while performing a soft
reset")
[Test Plan]
Compile and boot tested. No reproducer was given.
[Regression potential]
Regressions are limited to the IDPF module, and since this is a very
small fix, it's unlikely to create new bugs. All patches applied
mostly unchanged from their upstream version.
[Other]
SF #00406683
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-gcp/+bug/2104324/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
