canonical-hw-cert team mailing list archive
-
canonical-hw-cert team
-
Mailing list archive
-
Message #142466
[Bug 2031007] Re: focal/linux-kvm: 5.4.0-1098.104 -proposed tracker
This bug was fixed in the package linux-kvm - 5.4.0-1098.104
---------------
linux-kvm (5.4.0-1098.104) focal; urgency=medium
* focal/linux-kvm: 5.4.0-1098.104 -proposed tracker (LP: #2031007)
[ Ubuntu: 5.4.0-162.179 ]
* focal/linux: 5.4.0-162.179 -proposed tracker (LP: #2031128)
* libgnutls report "trap invalid opcode" when trying to install packages over
https (LP: #2031093)
- [Config]: disable CONFIG_GDS_FORCE_MITIGATION
[ Ubuntu: 5.4.0-160.177 ]
* focal/linux: 5.4.0-160.177 -proposed tracker (LP: #2031017)
* Fix boot test warning for log_check "CPU: 0 PID: 0 at
arch/x86/kernel/fpu/xstate.c:878 get_xsave_addr+0x98/0xb0" (LP: #2031022)
- x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate")
[ Ubuntu: 5.4.0-158.175 ]
* focal/linux: 5.4.0-158.175 -proposed tracker (LP: #2030466)
* CVE-2022-40982
- x86/mm: Initialize text poking earlier
- x86/mm: fix poking_init() for Xen PV guests
- x86/mm: Use mm_alloc() in poking_init()
- mm: Move mm_cachep initialization to mm_init()
- init: Provide arch_cpu_finalize_init()
- x86/cpu: Switch to arch_cpu_finalize_init()
- ARM: cpu: Switch to arch_cpu_finalize_init()
- sparc/cpu: Switch to arch_cpu_finalize_init()
- um/cpu: Switch to arch_cpu_finalize_init()
- init: Remove check_bugs() leftovers
- init: Invoke arch_cpu_finalize_init() earlier
- init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
- x86/fpu: Remove cpuinfo argument from init functions
- x86/fpu: Mark init functions __init
- x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
- x86/xen: Fix secondary processors' FPU initialization
- x86/speculation: Add Gather Data Sampling mitigation
- x86/speculation: Add force option to GDS mitigation
- x86/speculation: Add Kconfig option for GDS
- KVM: Add GDS_NO support to KVM
- Documentation/x86: Fix backwards on/off logic about YMM support
- [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
CONFIG_GDS_FORCE_MITIGATION
* CVE-2023-3609
- net/sched: cls_u32: Fix reference counter leak leading to overflow
* CVE-2023-20593
- x86/cpu/amd: Move the errata checking functionality up
- x86/cpu/amd: Add a Zenbleed fix
* CVE-2023-3611
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue
* stacked overlay file system mounts that have chroot() called against them
appear to be getting locked (by the kernel most likely?) (LP: #2016398)
- SAUCE: overlayfs: fix reference count mismatch
* Focal update: v5.4.246 upstream stable release (LP: #2028981)
- RDMA/efa: Fix unsupported page sizes in device
- RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series
- RDMA/bnxt_re: Refactor queue pair creation code
- RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
- iommu/rockchip: Fix unwind goto issue
- iommu/amd: Don't block updates to GATag if guest mode is on
- dmaengine: pl330: rename _start to prevent build error
- net/mlx5: fw_tracer, Fix event handling
- netrom: fix info-leak in nr_write_internal()
- af_packet: Fix data-races of pkt_sk(sk)->num.
- amd-xgbe: fix the false linkup in xgbe_phy_status
- mtd: rawnand: ingenic: fix empty stub helper definitions
- af_packet: do not use READ_ONCE() in packet_bind()
- tcp: deny tcp_disconnect() when threads are waiting
- tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
- net/sched: sch_ingress: Only create under TC_H_INGRESS
- net/sched: sch_clsact: Only create under TC_H_CLSACT
- net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
- net/sched: Prohibit regrafting ingress or clsact Qdiscs
- net: sched: fix NULL pointer dereference in mq_attach
- ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use
- net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
- udp6: Fix race condition in udp6_sendmsg & connect
- net: dsa: mv88e6xxx: Increase wait after reset deactivation
- mtd: rawnand: marvell: ensure timing values are written
- mtd: rawnand: marvell: don't set the NAND frequency select
- watchdog: menz069_wdt: fix watchdog initialisation
- mailbox: mailbox-test: Fix potential double-free in
mbox_test_message_write()
- ARM: 9295/1: unwind:fix unwind abort for uleb128 case
- media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE
- fbdev: modedb: Add 1920x1080 at 60 Hz video mode
- fbdev: stifb: Fix info entry in sti_struct on error path
- nbd: Fix debugfs_create_dir error checking
- ASoC: dwc: limit the number of overrun messages
- xfrm: Check if_id in inbound policy/secpath match
- ASoC: ssm2602: Add workaround for playback distortions
- media: dvb_demux: fix a bug for the continuity counter
- media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
- media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
- media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
- media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
- media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
- media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
- media: netup_unidvb: fix irq init by register it at the end of probe
- media: dvb_ca_en50221: fix a size write bug
- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
- media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table
- media: dvb-core: Fix use-after-free due on race condition at dvb_net
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
- wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
- ARM: dts: stm32: add pin map for CAN controller on stm32f7
- arm64/mm: mark private VM_FAULT_X defines as vm_fault_t
- scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
- wifi: b43: fix incorrect __packed annotation
- netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with
CONFIG_NF_NAT
- ALSA: oss: avoid missing-prototype warnings
- atm: hide unused procfs functions
- mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
- iio: adc: mxs-lradc: fix the order of two cleanup operations
- HID: google: add jewel USB id
- HID: wacom: avoid integer overflow in wacom_intuos_inout()
- iio: light: vcnl4035: fixed chip ID check
- iio: dac: mcp4725: Fix i2c_master_send() return value handling
- iio: dac: build ad5758 driver when AD5758 is selected
- net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
- usb: gadget: f_fs: Add unbind event before functionfs_unbind
- misc: fastrpc: return -EPIPE to invocations on device removal
- misc: fastrpc: reject new invocations during device removal
- scsi: stex: Fix gcc 13 warnings
- ata: libata-scsi: Use correct device no in ata_find_dev()
- flow_dissector: work around stack frame size warning
- x86/boot: Wrap literal addresses in absolute_pointer()
- ACPI: thermal: drop an always true check
- gcc-12: disable '-Wdangling-pointer' warning for now
- eth: sun: cassini: remove dead code
- kernel/extable.c: use address-of operator on section symbols
- treewide: Remove uninitialized_var() usage
- lib/dynamic_debug.c: use address-of operator on section symbols
- wifi: rtlwifi: remove always-true condition pointed out by GCC 12
- mmc: vub300: fix invalid response handling
- tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of
UARTCTRL_SBK
- selinux: don't use make's grouped targets feature yet
- tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
- ext4: add EA_INODE checking to ext4_iget()
- ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find()
- ext4: disallow ea_inodes with extended attributes
- ext4: add lockdep annotations for i_data_sem for ea_inode's
- fbcon: Fix null-ptr-deref in soft_cursor
- test_firmware: fix the memory leak of the allocated firmware buffer
- regmap: Account for register length when chunking
- scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
- scsi: dpt_i2o: Do not process completions with invalid addresses
- [Config] updateconfigs for SCSI_DPT_I2O
- RDMA/bnxt_re: Remove set but not used variable 'dev_attr'
- RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds
- drm/edid: Fix uninitialized variable in drm_cvt_modes()
- wifi: rtlwifi: 8192de: correct checking of IQK reload
- drm/edid: fix objtool warning in drm_cvt_modes()
- Linux 5.4.246
* Focal update: v5.4.245 upstream stable release (LP: #2028980)
- cdc_ncm: Implement the 32-bit version of NCM Transfer Block
- net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
- power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
stabilize
- power: supply: core: Refactor
power_supply_set_input_current_limit_from_supplier()
- power: supply: bq24190: Call power_supply_changed() after updating input
current
- fs: fix undefined behavior in bit shift for SB_NOUSER
- net/mlx5: devcom only supports 2 ports
- net/mlx5: Devcom, serialize devcom registration
- cdc_ncm: Fix the build warning
- io_uring: always grab lock in io_cancel_async_work()
- io_uring: don't drop completion lock before timer is fully initialized
- io_uring: have io_kill_timeout() honor the request references
- bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
- binder: fix UAF caused by faulty buffer cleanup
- ipv{4,6}/raw: fix output xfrm lookup wrt protocol
- netfilter: ctnetlink: Support offloaded conntrack entry deletion
- Linux 5.4.245
* Focal update: v5.4.244 upstream stable release (LP: #2028697)
- driver core: add a helper to setup both the of_node and fwnode of a device
- drm/mipi-dsi: Set the fwnode for mipi_dsi_device
- ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings
- linux/dim: Do nothing if no time delta between samples
- net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
- netfilter: conntrack: fix possible bug_on with enable_hooks=1
- netlink: annotate accesses to nlk->cb_running
- net: annotate sk->sk_err write from do_recvmmsg()
- net: tap: check vlan with eth_type_vlan() method
- net: add vlan_get_protocol_and_depth() helper
- net: datagram: fix data-races in datagram_poll()
- af_unix: Fix a data race of sk->sk_receive_queue->qlen.
- af_unix: Fix data races around sk->sk_shutdown.
- fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
- drm/amd/display: Use DC_LOG_DC in the trasform pixel function
- regmap: cache: Return error in cache sync operations for REGCACHE_NONE
- firmware: arm_sdei: Fix sleep from invalid context BUG
- ACPI: EC: Fix oops when removing custom query handlers
- drm/tegra: Avoid potential 32-bit integer overflow
- ACPICA: Avoid undefined behavior: applying zero offset to null pointer
- ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
acpi_db_display_objects
- wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
- ext2: Check block size validity during mount
- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
- net: pasemi: Fix return type of pasemi_mac_start_tx()
- net: Catch invalid index in XPS mapping
- scsi: target: iscsit: Free cmds before session free
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries
- scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race
condition
- gfs2: Fix inode height consistency check
- ext4: set goal start correctly in ext4_mb_normalize_request
- ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
- f2fs: fix to drop all dirty pages during umount() if cp_error is set
- samples/bpf: Fix fout leak in hbm's run_bpf_prog
- wifi: iwlwifi: pcie: fix possible NULL pointer dereference
- wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
- wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
- Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
- HID: logitech-hidpp: Don't use the USB serial for USB devices
- HID: logitech-hidpp: Reconcile USB and Unifying serials
- spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
- HID: wacom: generic: Set battery quirk only when we see battery data
- usb: typec: tcpm: fix multiple times discover svids error
- serial: 8250: Reinit port->pm on port specific driver unbind
- mcb-pci: Reallocate memory region to avoid memory overlapping
- sched: Fix KCSAN noinstr violation
- recordmcount: Fix memory leaks in the uwrite function
- RDMA/core: Fix multiple -Warray-bounds warnings
- clk: tegra20: fix gcc-7 constant overflow warning
- iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
- Input: xpad - add constants for GIP interface numbers
- phy: st: miphy28lp: use _poll_timeout functions for waits
- mfd: dln2: Fix memory leak in dln2_probe()
- btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
- btrfs: fix space cache inconsistency after error loading it from disk
- ASoC: fsl_micfil: register platform component before registering cpu dai
- cpupower: Make TSC read per CPU for Mperf monitor
- af_key: Reject optional tunnel/BEET mode templates in outbound policies
- net: fec: Better handle pm_runtime_get() failing in .remove()
- ALSA: firewire-digi00x: prevent potential use after free
- vsock: avoid to close connected socket after the timeout
- serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
- ip6_gre: Fix skb_under_panic in __gre6_xmit()
- ip6_gre: Make o_seqno start from 0 in native mode
- ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
- erspan: get the proto with the md version for collect_md
- net: hns3: fix sending pfc frames after reset issue
- net: hns3: fix reset delay time to avoid configuration timeout
- media: netup_unidvb: fix use-after-free at del_timer()
- drm/exynos: fix g2d_open/close helper function definitions
- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
- net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
- net: bcmgenet: Restore phy_stop() depending upon suspend/close
- wifi: iwlwifi: mvm: don't trust firmware n_channels
- cassini: Fix a memory leak in the error handling path of cas_init_one()
- igb: fix bit_shift to be in [1..8] range
- vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
- USB: usbtmc: Fix direction for 0-length ioctl control messages
- usb-storage: fix deadlock when a scsi command timeouts more than once
- USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value
- usb: dwc3: debugfs: Resume dwc3 before accessing registers
- usb: typec: altmodes/displayport: fix pin_assignment_show
- ALSA: hda: Fix Oops by 9.1 surround channel names
- ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
- ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
- ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
- can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
- can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop()
- can: kvaser_pciefd: Call request_irq() before enabling interrupts
- can: kvaser_pciefd: Empty SRB buffer in probe
- can: kvaser_pciefd: Clear listen-only bit if not explicitly requested
- can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt
- can: kvaser_pciefd: Disable interrupts in probe error path
- KVM: x86: do not report a vCPU as preempted outside instruction boundaries
- statfs: enforce statfs[64] structure initialization
- serial: Add support for Advantech PCI-1611U card
- ceph: force updating the msg pointer in non-split case
- tpm/tpm_tis: Disable interrupts for more Lenovo devices
- powerpc/64s/radix: Fix soft dirty tracking
- nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
- netfilter: nftables: add nft_parse_register_load() and use it
- netfilter: nftables: add nft_parse_register_store() and use it
- netfilter: nftables: statify nft_parse_register()
- netfilter: nf_tables: validate registers coming from userspace.
- netfilter: nf_tables: add nft_setelem_parse_key()
- netfilter: nf_tables: allow up to 64 bytes in the set element data area
- netfilter: nf_tables: stricter validation of element data
- netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT
flag
- netfilter: nf_tables: hold mutex on netns pre_exit path
- HID: wacom: Force pen out of prox if no events have been received in a while
- HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
- HID: wacom: add three styli to wacom_intuos_get_tool_type
- lib/string_helpers: Introduce string_upper() and string_lower() helpers
- usb: gadget: u_ether: Convert prints to device prints
- usb: gadget: u_ether: Fix host MAC address case
- vc_screen: rewrite vcs_size to accept vc, not inode
- vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
- s390/qdio: get rid of register asm
- s390/qdio: fix do_sqbs() inline assembly constraint
- watchdog: sp5100_tco: Immediately trigger upon starting.
- spi: fsl-spi: Re-organise transfer bits_per_word adaptation
- spi: fsl-cpm: Use 16 bit mode for large transfers with even size
- mt76: mt7615: Fix build with older compilers
- ALSA: hda/ca0132: add quirk for EVGA X299 DARK
- ALSA: hda/realtek: Enable headset onLenovo M70/M90
- m68k: Move signal frame following exception on 68020/030
- parisc: Handle kgdb breakpoints only in kernel context
- parisc: Allow to reboot machine after system halt
- gpio: mockup: Fix mode of debugfs files
- btrfs: use nofs when cleaning up aborted transactions
- selftests/memfd: Fix unknown type name build failure
- parisc: Fix flush_dcache_page() for usage from irq context
- x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
- debugobjects: Don't wake up kswapd from fill_pool()
- fbdev: udlfb: Fix endpoint check
- net: fix stack overflow when LRO is disabled for virtual interfaces
- udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
- USB: core: Add routines for endpoint checks in old drivers
- USB: sisusbvga: Add endpoint checks
- media: radio-shark: Add endpoint checks
- net: fix skb leak in __skb_tstamp_tx()
- selftests: fib_tests: mute cleanup error message
- bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
- ipv6: Fix out-of-bounds access in ipv6_find_tlv()
- power: supply: leds: Fix blink to LED on transition
- power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
- power: supply: bq27xxx: Fix I2C IRQ race on remove
- power: supply: bq27xxx: Fix poll_interval handling and races on remove
- power: supply: sbs-charger: Fix INHIBITED bit for Status reg
- coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet()
- xen/pvcalls-back: fix double frees with pvcalls_new_active_socket()
- x86/show_trace_log_lvl: Ensure stack pointer is aligned, again
- ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
- forcedeth: Fix an error handling path in nv_probe()
- net/mlx5: Fix error message when failing to allocate device memory
- net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
- 3c589_cs: Fix an error handling path in tc589_probe()
- Linux 5.4.244
* Focal update: v5.4.243 upstream stable release (LP: #2025387)
- counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
- bluetooth: Perform careful capability checks in hci_sock_ioctl()
- USB: serial: option: add UNISOC vendor and TOZED LT70C product
- iio: adc: palmas_gpadc: fix NULL dereference on rmmod
- ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
- asm-generic/io.h: suppress endianness warnings for readq() and writeq()
- USB: dwc3: fix runtime pm imbalance on probe errors
- USB: dwc3: fix runtime pm imbalance on unbind
- perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
sysconf(__SC_THREAD_STACK_MIN_VALUE)
- staging: iio: resolver: ads1210: fix config mode
- debugfs: regset32: Add Runtime PM support
- xhci: fix debugfs register accesses while suspended
- MIPS: fw: Allow firmware to pass a empty env
- ipmi:ssif: Add send_retries increment
- ipmi: fix SSIF not responding under certain cond.
- kheaders: Use array declaration instead of char
- pwm: meson: Fix axg ao mux parents
- pwm: meson: Fix g12a ao clk81 name
- ring-buffer: Sync IRQ works before buffer destruction
- reiserfs: Add security prefix to xattr name in reiserfs_security_write()
- KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
- i2c: omap: Fix standard mode false ACK readings
- Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
- ubifs: Fix memleak when insert_old_idx() failed
- ubi: Fix return value overwrite issue in try_write_vid_and_data()
- ubifs: Free memory for tmpfile name
- selinux: fix Makefile dependencies of flask.h
- selinux: ensure av_permissions.h is built when needed
- tpm, tpm_tis: Do not skip reset of original interrupt vector
- erofs: stop parsing non-compact HEAD index if clusterofs is invalid
- erofs: fix potential overflow calculating xattr_isize
- drm/rockchip: Drop unbalanced obj unref
- drm/vgem: add missing mutex_destroy
- drm/probe-helper: Cancel previous job before starting new one
- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
- EDAC/skx: Fix overflows on the DRAM row address mapping arrays
- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
- ARM: dts: qcom: ipq8064: reduce pci IO size to 64K
- ARM: dts: qcom: ipq8064: Fix the PCI I/O port range
- media: bdisp: Add missing check for create_workqueue
- media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format.
- media: av7110: prevent underflow in write_ts_to_decoder()
- firmware: qcom_scm: Clear download bit during reboot
- drm/msm: fix unbalanced pm_runtime_enable in adreno_gpu_{init, cleanup}
- drm/msm/adreno: Defer enabling runpm until hw_init()
- drm/msm/adreno: drop bogus pm_runtime_set_active()
- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe()
- regulator: core: Consistently set mutex_owner when using
ww_mutex_lock_slow()
- regulator: core: Avoid lockdep reports when resolving supplies
- x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition
- media: saa7134: fix use after free bug in saa7134_finidev due to race
condition
- media: rcar_fdp1: simplify error check logic at fdp_open()
- media: rcar_fdp1: fix pm_runtime_get_sync() usage count
- media: rcar_fdp1: Make use of the helper function
devm_platform_ioremap_resource()
- media: rcar_fdp1: Fix the correct variable assignments
- media: rcar_fdp1: Fix refcount leak in probe and remove function
- media: rc: gpio-ir-recv: Fix support for wake-up
- regulator: stm32-pwr: fix of_iomap leak
- x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
- arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
- debugobject: Prevent init race with static objects
- timekeeping: Split jiffies seqlock
- tick/sched: Use tick_next_period for lockless quick check
- tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
- tick/sched: Optimize tick_do_update_jiffies64() further
- tick: Get rid of tick_period
- tick/common: Align tick period with the HZ tick.
- wifi: ath6kl: minor fix for allocation size
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
- wifi: ath6kl: reduce WARN to dev_dbg() in callback
- tools: bpftool: Remove invalid \' json escape
- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
- scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
- vlan: partially enable SIOCSHWTSTAMP in container
- net/packet: annotate accesses to po->xmit
- net/packet: convert po->origdev to an atomic flag
- net/packet: convert po->auxdata to an atomic flag
- scsi: target: iscsit: Fix TAS handling during conn cleanup
- scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
- f2fs: handle dqget error in f2fs_transfer_project_quota()
- rtlwifi: Start changing RT_TRACE into rtl_dbg
- rtlwifi: Replace RT_TRACE with rtl_dbg
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
- bpftool: Fix bug for long instructions in program CFG dumps
- crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
- crypto: drbg - Only fail when jent is unavailable in FIPS mode
- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
- bpf, sockmap: fix deadlocks in the sockhash and sockmap
- nvme: handle the persistent internal error AER
- nvme: fix async event trace event
- nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage"
- bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
- md/raid10: fix leak of 'r10bio->remaining' for recovery
- md/raid10: fix memleak for 'conf->bio_split'
- md: update the optimal I/O size on reshape
- md/raid10: fix memleak of md thread
- wifi: iwlwifi: make the loop for card preparation effective
- wifi: iwlwifi: mvm: check firmware response size
- ixgbe: Allow flow hash to be set via ethtool
- ixgbe: Enable setting RSS table to default values
- bpf: Don't EFAULT for getsockopt with optval=NULL
- netfilter: nf_tables: don't write table validation state without mutex
- ipv4: Fix potential uninit variable access bug in __ip_make_skb()
- netlink: Use copy_to_user() for optval in netlink_getsockopt().
- net: amd: Fix link leak when verifying config failed
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
- pstore: Revert pmsg_lock back to a normal mutex
- usb: host: xhci-rcar: remove leftover quirk handling
- fpga: bridge: fix kernel-doc parameter description
- iio: light: max44009: add missing OF device matching
- usb: gadget: udc: renesas_usb3: Fix use after free bug in
renesas_usb3_remove due to race condition
- PCI: imx6: Install the fault handler only on compatible match
- genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
- ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
- ASoC: es8316: Handle optional IRQ assignment
- linux/vt_buffer.h: allow either builtin or modular for macros
- spi: qup: Don't skip cleanup in remove's error path
- spi: fsl-spi: Fix CPM/QE mode Litte Endian
- vmci_host: fix a race condition in vmci_host_poll() causing GPF
- of: Fix modalias string generation
- ia64: mm/contig: fix section mismatch warning/error
- ia64: salinfo: placate defined-but-not-used warning
- scripts/gdb: bail early if there are no clocks
- PM: domains: Fix up terminology with parent/child
- scripts/gdb: bail early if there are no generic PD
- mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry
- mtd: spi-nor: cadence-quadspi: Provide a way to disable DAC mode
- mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure
- mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA
channel
- spi: cadence-quadspi: fix suspend-resume implementations
- uapi/linux/const.h: prefer ISO-friendly __typeof__
- sh: sq: Fix incorrect element size for allocating bitmap buffer
- usb: chipidea: fix missing goto in `ci_hdrc_probe`
- usb: mtu3: fix kernel panic at qmu transfer done irq handler
- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
- tty: serial: fsl_lpuart: adjust buffer length to the intended size
- serial: 8250: Add missing wakeup event reporting
- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
- spmi: Add a check for remove callback when removing a SPMI driver
- macintosh/windfarm_smu_sat: Add missing of_node_put()
- powerpc/mpc512x: fix resource printk format warning
- powerpc/wii: fix resource printk format warnings
- powerpc/sysdev/tsi108: fix resource printk format warnings
- macintosh: via-pmu-led: requires ATA to be set
- powerpc/rtas: use memmove for potentially overlapping buffer copy
- perf/core: Fix hardlockup failure caused by perf throttle
- RDMA/siw: Fix potential page_array out of range access
- RDMA/rdmavt: Delete unnecessary NULL check
- rtc: omap: include header for omap_rtc_power_off_program prototype
- RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time
- power: supply: generic-adc-battery: fix unit scaling
- clk: add missing of_node_put() in "assigned-clocks" property parsing
- RDMA/siw: Remove namespace check from siw_netdev_event()
- IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
- NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
- firmware: raspberrypi: Keep count of all consumers
- firmware: raspberrypi: Introduce devm_rpi_firmware_get()
- input: raspberrypi-ts: Release firmware handle when not needed
- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
- SUNRPC: remove the maximum number of retries in call_bind_status
- RDMA/mlx5: Use correct device num_ports when modify DC
- clocksource/drivers/davinci: Avoid trailing '\n' hidden in pr_fmt()
- clocksource: davinci: axe a pointless __GFP_NOFAIL
- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when
init fails
- openrisc: Properly store r31 to pt_regs on unhandled exceptions
- ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
- leds: TI_LMU_COMMON: select REGMAP instead of depending on it
- dmaengine: mv_xor_v2: Fix an error code.
- pwm: mtk-disp: Don't check the return code of pwmchip_remove()
- pwm: mtk-disp: Adjust the clocks to avoid them mismatch
- pwm: mtk-disp: Disable shadow registers before setting backlight values
- phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and
ulpi_port
- dmaengine: dw-edma: Fix to change for continuous transfer
- dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
- dmaengine: at_xdmac: do not enable all cyclic channels
- afs: Fix updating of i_size with dv jump from server
- parisc: Fix argument pointer in real64_call_asm()
- nilfs2: do not write dirty data after degenerating to read-only
- nilfs2: fix infinite loop in nilfs_mdt_get_block()
- md/raid10: fix null-ptr-deref in raid10_sync_request
- mailbox: zynqmp: Fix IPI isr handling
- mailbox: zynqmp: Fix typo in IPI documentation
- wifi: rtl8xxxu: RTL8192EU always needs full init
- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
- scripts/gdb: fix lx-timerlist for Python3
- btrfs: scrub: reject unsupported scrub flags
- s390/dasd: fix hanging blockdevice after request requeue
- dm clone: call kmem_cache_destroy() in dm_clone_init() error path
- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
- dm flakey: fix a crash with invalid table line
- perf auxtrace: Fix address filter entire kernel size
- perf intel-pt: Fix CYC timestamps after standalone CBR
- debugobject: Ensure pool refill (again)
- nohz: Add TICK_DEP_BIT_RCU
- tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
- mailbox: zynq: Switch to flexible array to simplify code
- mailbox: zynqmp: Fix counts of child nodes
- dm verity: skip redundant verity_handle_err() on I/O errors
- dm verity: fix error handling for check_at_most_once on FEC
- crypto: inside-secure - irq balance
- crypto: safexcel - Cleanup ring IRQ workqueues on load failure
- net/ncsi: clear Tx enable mode when handling a Config required AEN
- net/sched: cls_api: remove block_cb from driver_list before freeing
- sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
- net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
- writeback: fix call of incorrect macro
- net/sched: act_mirred: Add carrier check
- rxrpc: Fix hard call timeout units
- ionic: remove noise from ethtool rxnfc error msg
- af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
- drm/amdgpu: add a missing lock for AMDGPU_SCHED
- ALSA: caiaq: input: Add error handling for unsupported input methods in
`snd_usb_caiaq_input_init`
- net: dsa: mt7530: fix corrupt frames using trgmii on 40 MHz XTAL MT7621
- virtio_net: split free_unused_bufs()
- virtio_net: suppress cpu stall when free_unused_bufs
- perf vendor events power9: Remove UTF-8 characters from JSON files
- perf map: Delete two variable initialisations before null pointer checks in
sort__sym_from_cmp()
- perf symbols: Fix return incorrect build_id size in elf_read_build_id()
- btrfs: fix btrfs_prev_leaf() to not return the same key twice
- btrfs: don't free qgroup space unless specified
- btrfs: print-tree: parent bytenr must be aligned to sector size
- cifs: fix pcchunk length type in smb2_copychunk_range
- platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i
- inotify: Avoid reporting event with invalid wd
- sh: math-emu: fix macro redefined warning
- sh: init: use OF_EARLY_FLATTREE for early init
- sh: nmi_debug: fix return value of __setup handler
- remoteproc: stm32: Call of_node_put() on iteration error
- remoteproc: st: Call of_node_put() on iteration error
- ARM: dts: exynos: fix WM8960 clock name in Itop Elite
- ARM: dts: s5pv210: correct MIPI CSIS clock name
- f2fs: fix potential corruption when moving a directory
- drm/panel: otm8009a: Set backlight parent to panel device
- drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
- drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx
ras
- drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
- HID: wacom: Set a default resolution for older tablets
- HID: wacom: insert timestamp to packed Bluetooth (BT) events
- ext4: fix WARNING in mb_find_extent
- ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
- ext4: fix data races when using cached status extents
- ext4: improve error recovery code paths in __ext4_remount()
- ext4: fix deadlock when converting an inline directory in nojournal mode
- ext4: add bounds checking in get_max_inline_xattr_value_size()
- ext4: bail out of ext4_xattr_ibody_get() fails for any reason
- ext4: remove a BUG_ON in ext4_mb_release_group_pa()
- ext4: fix invalid free tracking in ext4_xattr_move_to_block()
- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
- serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
- drbd: correctly submit flush bio on barrier
- PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
- printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
- PM: domains: Restore comment indentation for generic_pm_domain.child_links
- drm/msm: Fix double pm_runtime_disable() call
- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
- drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
- drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
- mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
- drm/amd/display: Fix hang when skipping modeset
- Linux 5.4.243
- Upstream stable to v5.4.243
* Focal update: v5.4.243 upstream stable release (LP: #2025387) //
CVE-2023-2269
- dm ioctl: fix nested locking in table_clear() to remove deadlock concern
* Focal update: v5.4.242 upstream stable release (LP: #2025094)
- ARM: dts: rockchip: fix a typo error for rk3288 spdif node
- arm64: dts: meson-g12-common: specify full DMC range
- netfilter: br_netfilter: fix recent physdev match breakage
- regulator: fan53555: Explicitly include bits header
- virtio_net: bugfix overflow inside xdp_linearize_page()
- netfilter: nf_tables: fix ifdef to also consider nf_tables=m
- i40e: fix accessing vsi->active_filters without holding lock
- i40e: fix i40e_setup_misc_vector() error handling
- mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
- bpf: Fix incorrect verifier pruning due to missing register precision taints
- e1000e: Disable TSO on i219-LM card to increase speed
- f2fs: Fix f2fs_truncate_partial_nodes ftrace event
- Input: i8042 - add quirk for Fujitsu Lifebook A574/H
- selftests: sigaltstack: fix -Wuninitialized
- scsi: megaraid_sas: Fix fw_crash_buffer_show()
- scsi: core: Improve scsi_vpd_inquiry() checks
- net: dsa: b53: mmap: add phy ops
- s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
- nvme-tcp: fix a possible UAF when failing to allocate an io queue
- xen/netback: use same error messages for same errors
- iio: light: tsl2772: fix reading proximity-diodes from device tree
- nilfs2: initialize unused bytes in segment summary blocks
- memstick: fix memory leak if card device is never registered
- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25
- MIPS: Define RUNTIME_DISCARD_EXIT in LD script
- x86/purgatory: Don't generate debug info for purgatory.ro
- Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
- ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
- ext4: fix use-after-free in ext4_xattr_set_entry
- udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
- tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
- inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
- dccp: Call inet6_destroy_sock() via sk->sk_destruct().
- sctp: Call inet6_destroy_sock() via sk->sk_destruct().
- xfs: fix forkoff miscalculation related to XFS_LITINO(mp)
- pwm: meson: Explicitly set .polarity in .get_state()
- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger()
- ASN.1: Fix check for strdup() success
- Linux 5.4.242
- Upstream stable to v5.4.242
* CVE-2023-31084 // CVE-2023-31084 was assigned to this bug.
- media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
* CVE-2023-3776
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free
* CVE-2023-3268
- kernel/relay.c: fix read_pos error when multiple readers
- relayfs: fix out-of-bounds access in relay_file_read
* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper
- [Packaging] resync getabis
-- Roxana Nicolescu <roxana.nicolescu@xxxxxxxxxxxxx> Fri, 18 Aug 2023
11:01:21 +0200
** Changed in: linux-kvm (Ubuntu Focal)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-40982
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-20593
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2269
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-31084
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3268
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3609
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3611
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3776
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2031007
Title:
focal/linux-kvm: 5.4.0-1098.104 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Fix Released
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
In Progress
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-kvm source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: eed9a2513fda2934
route-entry: 1
delta:
promote-to-proposed: [main, meta, signed, generate]
promote-to-updates: [main, meta, signed]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
issue: KSRU-9480
kernel-stable-master-bug: 2031128
packages:
generate: linux-generate-kvm
main: linux-kvm
meta: linux-meta-kvm
signed: linux-signed-kvm
phase: Ready for Promote to Updates
phase-changed: Monday, 04. September 2023 08:18 UTC
reason:
promote-to-updates: Pending -- ready to copy
synthetic:
:promote-to-as-proposed: Fix Released
variant: debs
versions:
main: 5.4.0-1098.104
meta: 5.4.0.1098.93
signed: 5.4.0-1098.104
~~:
clamps:
new-review: eed9a2513fda2934
promote-to-proposed: eed9a2513fda2934
self: 5.4.0-1098.104
sru-review: eed9a2513fda2934
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2031007/+subscriptions