[ubuntu/focal-updates] linux-iot 5.4.0-1017.18 (Accepted)
Andy Whitcroft
apw at canonical.com
Thu Jul 20 12:06:38 UTC 2023
linux-iot (5.4.0-1017.18) focal; urgency=medium
* focal/linux-iot: 5.4.0-1017.18 -proposed tracker (LP: #2024095)
* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper
[ Ubuntu: 5.4.0-153.170 ]
* focal/linux: 5.4.0-153.170 -proposed tracker (LP: #2024108)
* cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
- net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
* Some INVLPG implementations can leave Global translations unflushed when
PCIDs are enabled (LP: #2023220)
- x86/mm: Avoid incomplete Global INVLPG flushes
[ Ubuntu: 5.4.0-152.169 ]
* focal/linux: 5.4.0-152.169 -proposed tracker (LP: #2023070)
* Focal update: v5.4.236 upstream stable release (LP: #2020390)
- wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] resync getabis
[ Ubuntu: 5.4.0-151.168 ]
* focal/linux: 5.4.0-151.168 -proposed tracker (LP: #2019375)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
* CVE-2023-32233
- netfilter: nf_tables: deactivate anonymous set from preparation phase
* CVE-2023-2612
- SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
* CVE-2023-31436
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
* CVE-2023-1380
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
* Focal update: Focal update: v5.4.235 upstream stable release (LP: #2017706)
- HID: asus: Remove check for same LED brightness on set
- HID: asus: use spinlock to protect concurrent accesses
- HID: asus: use spinlock to safely schedule workers
- ARM: OMAP2+: Fix memory leak in realtime_counter_init()
- arm64: dts: qcom: qcs404: use symbol names for PCIe resets
- ARM: zynq: Fix refcount leak in zynq_early_slcr_init
- arm64: dts: meson-gx: Fix Ethernet MAC address unit name
- arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
- arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
- arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
- ARM: OMAP1: call platform_device_put() in error case in
omap1_dm_timer_init()
- ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
- ARM: imx: Call ida_simple_remove() for ida_simple_get
- arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
- arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
- arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
- arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
- arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node
name
- arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
- ARM: dts: imx7s: correct iomuxc gpr mux controller cells
- arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
- Revert "scsi: core: run queue if SCSI device queue isn't ready and queue is
idle"
- block: Limit number of items taken from the I/O scheduler in one go
- blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
- blk-mq: wait on correct sbitmap_queue in blk_mq_mark_tag_wait
- blk-mq: correct stale comment of .get_budget
- s390/dasd: Prepare for additional path event handling
- s390/dasd: Fix potential memleak in dasd_eckd_init()
- sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
- sched/rt: pick_next_rt_entity(): check list_entry
- block: bio-integrity: Copy flags when bio_integrity_payload is cloned
- wifi: rsi: Fix memory leak in rsi_coex_attach()
- net/wireless: Delete unnecessary checks before the macro call
“dev_kfree_skb”
- wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
- wifi: libertas: fix memory leak in lbs_init_adapter()
- wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
- rtlwifi: fix -Wpointer-sign warning
- wifi: rtlwifi: Fix global-out-of-bounds bug in
_rtl8812ae_phy_set_txpower_limit()
- ipw2x00: switch from 'pci_' to 'dma_' API
- wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
- wifi: ipw2200: fix memory leak in ipw_wdev_init()
- wilc1000: let wilc_mac_xmit() return NETDEV_TX_OK
- wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
- wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
- wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
- wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
- wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
- wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
- wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
- wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
- crypto: x86/ghash - fix unaligned access in ghash_setkey()
- ACPICA: Drop port I/O validation for some regions
- genirq: Fix the return type of kstat_cpu_irqs_sum()
- lib/mpi: Fix buffer overrun when SG is too long
- ACPICA: nsrepair: handle cases without a return value correctly
- wifi: orinoco: check return value of hermes_write_wordrec()
- wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback
function
- ath9k: hif_usb: simplify if-if to if-else
- ath9k: htc: clean up statistics macros
- wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
- wifi: ath9k: Fix potential stack-out-of-bounds write in
ath9k_wmi_rsp_callback()
- ACPI: battery: Fix missing NUL-termination with large strings
- crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
- crypto: essiv - remove redundant null pointer check before kfree
- crypto: essiv - Handle EBUSY correctly
- crypto: seqiv - Handle EBUSY correctly
- powercap: fix possible name leak in powercap_register_zone()
- net/mlx5: Enhance debug print in page allocation failure
- irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
- irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
- irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
- mptcp: add sk_stop_timer_sync helper
- net: add sock_init_data_uid()
- tun: tun_chr_open(): correctly initialize socket uid
- tap: tap_open(): correctly initialize socket uid
- OPP: fix error checking in opp_migrate_dentry()
- Bluetooth: L2CAP: Fix potential user-after-free
- libbpf: Fix alen calculation in libbpf_nla_dump_errormsg()
- rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
- crypto: rsa-pkcs1pad - Use akcipher_request_complete
- m68k: /proc/hardware should depend on PROC_FS
- RISC-V: time: initialize hrtimer based broadcast clock event device
- usb: gadget: udc: Avoid tasklet passing a global
- wifi: iwl3945: Add missing check for create_singlethread_workqueue
- wifi: iwl4965: Add missing check for create_singlethread_workqueue()
- wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
- crypto: crypto4xx - Call dma_unmap_page when done
- wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
- thermal/drivers/hisi: Drop second sensor hi3660
- can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
bus error
- irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts
- irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts
- selftests/net: Interpret UDP_GRO cmsg data as an int value
- drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
- drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
- drm/bridge: megachips: Fix error handling in i2c_register_driver()
- drm/vc4: dpi: Add option for inverting pixel clock and output enable
- drm/vc4: dpi: Fix format mapping for RGB565
- gpu: ipu-v3: common: Add of_node_put() for reference returned by
of_graph_get_port_by_id()
- drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
- pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
- ASoC: fsl_sai: initialize is_dsp_mode flag
- ALSA: hda/ca0132: minor fix for allocation size
- drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
- drm/msm: use strscpy instead of strncpy
- drm/msm/dpu: Add check for cstate
- drm/msm/dpu: Add check for pstates
- drm/exynos: Don't reset bridge->next
- drm/bridge: Rename bridge helpers targeting a bridge chain
- drm/bridge: Introduce drm_bridge_get_next_bridge()
- drm: Initialize struct drm_crtc_state.no_vblank from device settings
- drm/msm/mdp5: Add check for kzalloc
- gpu: host1x: Don't skip assigning syncpoints to channels
- drm/mediatek: remove cast to pointers passed to kfree
- drm/mediatek: Use NULL instead of 0 for NULL pointer
- drm/mediatek: Drop unbalanced obj unref
- drm/mediatek: Clean dangling pointer on bind error path
- ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
- gpio: vf610: connect GPIO label to dev name
- hwmon: (ltc2945) Handle error case in ltc2945_value_store
- scsi: aic94xx: Add missing check for dma_map_single()
- spi: bcm63xx-hsspi: fix pm_runtime
- spi: bcm63xx-hsspi: Fix multi-bit mode setting
- hwmon: (mlxreg-fan) Return zero speed for broken fan
- dm: remove flush_scheduled_work() during local_exit()
- spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
- ASoC: dapm: declare missing structure prototypes
- ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
- HID: bigben: use spinlock to protect concurrent accesses
- HID: bigben_worker() remove unneeded check on report_field
- HID: bigben: use spinlock to safely schedule workers
- HID: asus: Only set EV_REP if we are adding a mapping
- HID: asus: Add report_size to struct asus_touchpad_info
- HID: asus: Add support for multi-touch touchpad on Medion Akoya E1239T
- HID: asus: Fix mute and touchpad-toggle keys on Medion Akoya E1239T
- hid: bigben_probe(): validate report count
- nfsd: fix race to check ls_layouts
- cifs: Fix lost destroy smbd connection when MR allocate failed
- cifs: Fix warning and UAF when destroy the MR list
- gfs2: jdata writepage fix
- perf llvm: Fix inadvertent file creation
- perf tools: Fix auto-complete on aarch64
- sparc: allow PM configs for sparc32 COMPILE_TEST
- mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
- clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents
- clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents
- mtd: rawnand: sunxi: Fix the size of the last OOB region
- clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init() failed
- clk: renesas: cpg-mssr: Use enum clk_reg_layout instead of a boolean flag
- clk: renesas: cpg-mssr: Remove superfluous check in resume code
- Input: ads7846 - don't report pressure for ads7845
- Input: ads7846 - don't check penirq immediately for 7845
- clk: qcom: gpucc-sdm845: fix clk_dis_wait being programmed for CX GDSC
- powerpc/powernv/ioda: Skip unallocated resources when mapping to PE
- clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
- powerpc/pseries/lpar: add missing RTAS retry status handling
- powerpc/pseries/lparcfg: add missing RTAS retry status handling
- powerpc/rtas: make all exports GPL
- powerpc/rtas: ensure 4KB alignment for rtas_data_buf
- powerpc/eeh: Small refactor of eeh_handle_normal_event()
- powerpc/eeh: Set channel state after notifying the drivers
- MIPS: SMP-CPS: fix build error when HOTPLUG_CPU not set
- MIPS: vpe-mt: drop physical_memsize
- remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
- media: platform: ti: Add missing check for devm_regulator_get
- powerpc: Remove linker flag from KBUILD_AFLAGS
- media: ov5675: Fix memleak in ov5675_init_controls()
- media: i2c: ov772x: Fix memleak in ov772x_probe()
- media: i2c: ov7670: 0 instead of -EINVAL was returned
- media: usb: siano: Fix use after free bugs caused by do_submit_urb
- rpmsg: glink: Avoid infinite loop on intent for missing channel
- udf: Define EFSCORRUPTED error code
- ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
- blk-iocost: fix divide by 0 error in calc_lcoefs()
- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()
- rcu: Suppress smp_processor_id() complaint in
synchronize_rcu_expedited_wait()
- thermal: intel: Fix unsigned comparison with less than zero
- timers: Prevent union confusion from unexpected restart_syscall()
- x86/bugs: Reset speculation control settings on init
- wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-
of-bounds
- wifi: mt7601u: fix an integer underflow
- inet: fix fast path in __inet_hash_connect()
- ice: add missing checks for PF vsi type
- ACPI: Don't build ACPICA with '-Os'
- net: bcmgenet: Add a check for oversized packets
- m68k: Check syscall_trace_enter() return code
- wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
- ACPI: video: Fix Lenovo Ideapad Z570 DMI match
- net/mlx5: fw_tracer: Fix debug print
- coda: Avoid partial allocation of sig_inputArgs
- uaccess: Add minimum bounds check on kernel buffer size
- drm/amd/display: Fix potential null-deref in dm_resume
- drm/omap: dsi: Fix excessive stack usage
- HID: Add Mapping for System Microphone Mute
- drm/radeon: free iio for atombios when driver shutdown
- drm/msm/dsi: Add missing check for alloc_ordered_workqueue
- docs/scripts/gdb: add necessary make scripts_gdb step
- ASoC: kirkwood: Iterate over array indexes instead of using pointer math
- regulator: max77802: Bounds check regulator id against opmode
- regulator: s5m8767: Bounds check id indexing into arrays
- hwmon: (coretemp) Simplify platform device handling
- pinctrl: at91: use devm_kasprintf() to avoid potential leaks
- drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
- dm thin: add cond_resched() to various workqueue loops
- dm cache: add cond_resched() to various workqueue loops
- nfsd: zero out pointers after putting nfsd_files on COPY setup error
- wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
- firmware: coreboot: framebuffer: Ignore reserved pixel color bits
- rtc: pm8xxx: fix set-alarm race
- ipmi_ssif: Rename idle state and check
- s390: discard .interp section
- s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
- s390/kprobes: fix current_kprobe never cleared after kprobes reenter
- ARM: dts: exynos: correct HDMI phy compatible in Exynos4
- hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
- fs: hfsplus: fix UAF issue in hfsplus_put_super
- f2fs: fix information leak in f2fs_move_inline_dirents()
- f2fs: fix cgroup writeback accounting with fs-layer encryption
- ocfs2: fix defrag path triggering jbd2 ASSERT
- ocfs2: fix non-auto defrag path not working issue
- udf: Truncate added extents on failed expansion
- udf: Do not bother merging very long extents
- udf: Do not update file length for failed writes to inline files
- udf: Preserve link count of system files
- udf: Detect system inodes linked into directory hierarchy
- udf: Fix file corruption when appending just after end of preallocated
extent
- KVM: Destroy target device if coalesced MMIO unregistration fails
- KVM: s390: disable migration mode when dirty tracking is disabled
- x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows)
- x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
- x86/reboot: Disable virtualization in an emergency if SVM is supported
- x86/reboot: Disable SVM, not just VMX, when stopping CPUs
- x86/kprobes: Fix __recover_optprobed_insn check optimizing logic
- x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe
range
- x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter
- x86/microcode/AMD: Add a @cpu parameter to the reloading functions
- x86/microcode/AMD: Fix mixed steppings support
- x86/speculation: Allow enabling STIBP with legacy IBRS
- Documentation/hw-vuln: Document the interaction between IBRS and STIBP
- ima: Align ima_file_mmap() parameters with mmap_file LSM hook
- irqdomain: Fix association race
- irqdomain: Fix disassociation race
- irqdomain: Drop bogus fwspec-mapping error handling
- ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
- ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
- ext4: optimize ea_inode block expansion
- ext4: refuse to create ea block when umounted
- wifi: rtl8xxxu: Use a longer retry limit of 48
- wifi: cfg80211: Fix use after free for wext
- thermal: intel: powerclamp: Fix cur_state for multi package system
- dm flakey: fix logic when corrupting a bio
- dm flakey: don't corrupt the zero page
- ARM: dts: exynos: correct TMU phandle in Exynos4
- ARM: dts: exynos: correct TMU phandle in Odroid XU
- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
- alpha: fix FEN fault handling
- mips: fix syscall_get_nr
- media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
- mm: memcontrol: deprecate charge moving
- mm/thp: check and bail out if page in deferred queue already
- ktest.pl: Give back console on Ctrt^C on monitor
- ktest.pl: Fix missing "end_monitor" when machine check fails
- ktest.pl: Add RUN_TIMEOUT option with default unlimited
- scsi: qla2xxx: Fix link failure in NPIV environment
- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
- scsi: qla2xxx: Fix erroneous link down
- scsi: ses: Don't attach if enclosure has no components
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
- PCI/PM: Observe reset delay irrespective of bridge_d3
- PCI: hotplug: Allow marking devices as disconnected during bind/unbind
- PCI: Avoid FLR for AMD FCH AHCI adapters
- drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
- drm/radeon: Fix eDP for single-display iMac11,2
- wifi: ath9k: use proper statements in conditionals
- kbuild: Port silent mode detection to future gnu make.
- fs/jfs: fix shift exponent db_agl2size negative
- pwm: sifive: Reduce time the controller lock is held
- pwm: sifive: Always let the first pwm_apply_state succeed
- pwm: stm32-lp: fix the check on arr and cmp registers update
- f2fs: use memcpy_{to,from}_page() where possible
- fs: f2fs: initialize fsdata in pagecache_write()
- um: vector: Fix memory leak in vector_config
- ubi: ensure that VID header offset + VID header size <= alloc, size
- ubifs: Fix build errors as symbol undefined
- ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
- ubifs: Rectify space budget for ubifs_xrename()
- ubifs: Fix wrong dirty space budget for dirty inode
- ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
- ubifs: Reserve one leb for each journal head while doing budget
- ubi: Fix use-after-free when volume resizing failed
- ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
- ubifs: Fix memory leak in alloc_wbufs()
- ubi: Fix possible null-ptr-deref in ubi_free_volume()
- ubifs: Re-statistic cleaned znode count if commit failed
- ubifs: dirty_cow_znode: Fix memleak in error handling path
- ubifs: ubifs_writepage: Mark page dirty after writing inode failed
- ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
- ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
- x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
- watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in
error path
- watchdog: Fix kmemleak in watchdog_cdev_register
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack()
- ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
- sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
- net: fix __dev_kfree_skb_any() vs drop monitor
- 9p/xen: fix version parsing
- 9p/xen: fix connection sequence
- 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
- net/mlx5: Geneve, Fix handling of Geneve object id as error code
- nfc: fix memory leak of se_io context in nfc_genl_se_io
- net/sched: act_sample: fix action bind logic
- ARM: dts: spear320-hmi: correct STMPE GPIO compatible
- tcp: tcp_check_req() can be called from process context
- vc_screen: modify vcs_size() handling in vcs_read()
- rtc: sun6i: Make external 32k oscillator optional
- rtc: sun6i: Always export the internal oscillator
- scsi: ipr: Work around fortify-string warning
- thermal: intel: quark_dts: fix error pointer dereference
- thermal: intel: BXT_PMIC: select REGMAP instead of depending on it
- tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
- firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
- mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak
- media: uvcvideo: Handle cameras with invalid descriptors
- media: uvcvideo: Handle errors from calls to usb_string
- media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
- media: uvcvideo: Silence memcpy() run-time false positive warnings
- staging: emxx_udc: Add checks for dma_alloc_coherent()
- tty: fix out-of-bounds access in tty_driver_lookup_tty()
- tty: serial: fsl_lpuart: disable the CTS when send break signal
- mei: bus-fixup:upon error print return values of send and receive
- tools/iio/iio_utils:fix memory leak
- iio: accel: mma9551_core: Prevent uninitialized variable in
mma9551_read_status_word()
- iio: accel: mma9551_core: Prevent uninitialized variable in
mma9551_read_config_word()
- usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer
math
- USB: ene_usb6250: Allocate enough memory for full object
- usb: uvc: Enumerate valid values for color matching
- kernel/fail_function: fix memory leak with using debugfs_lookup()
- PCI: Add ACS quirk for Wangxun NICs
- phy: rockchip-typec: Fix unsigned comparison with less than zero
- net: tls: avoid hanging tasks on the tx_lock
- x86/resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid}
- x86/resctl: fix scheduler confusion with 'current'
- Bluetooth: hci_sock: purge socket queues in the destruct() callback
- SAUCE: Revert "UBUNTU: SAUCE: Fix inet_csk_listen_start after CVE-2023-0461"
- tcp: Fix listen() regression in 5.4.229.
- media: uvcvideo: Provide sync and async uvc_ctrl_status_event
- media: uvcvideo: Fix race condition with usb_kill_urb
- dt-bindings: rtc: sun6i-a31-rtc: Loosen the requirements on the clocks
- Linux 5.4.235
- [Config] Drop mxsfb for armhf:generic-lpae
* Focal update: v5.4.234 upstream stable release (LP: #2017691)
- arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
- ARM: dts: rockchip: add power-domains property to dp node on rk3288
- ACPI: NFIT: fix a potential deadlock during NFIT teardown
- btrfs: send: limit number of clones and allocated memory size
- IB/hfi1: Assign npages earlier
- neigh: make sure used and confirmed times are valid
- HID: core: Fix deadloop in hid_apply_multiplier.
- bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
- net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().
- vc_screen: don't clobber return value in vcs_read
- dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size
- USB: serial: option: add support for VW/Skoda "Carstick LTE"
- USB: core: Don't hold device lock while reading the "descriptors" sysfs file
- Linux 5.4.234
* CVE-2023-30456
- KVM: nVMX: add missing consistency checks for CR0 and CR4
* CVE-2023-1859
- 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
condition
* CVE-2023-1670
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach
[ Ubuntu: 5.4.0-149.166 ]
* focal/linux: 5.4.0-149.166 -proposed tracker (LP: #2016591)
* Focal update: v5.4.233 upstream stable release (LP: #2015909)
- dma-mapping: add generic helpers for mapping sgtable objects
- scatterlist: add generic wrappers for iterating over sgtable objects
- drm: etnaviv: fix common struct sg_table related issues
- drm/etnaviv: don't truncate physical page address
- wifi: rtl8xxxu: gen2: Turn on the rate control
- powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
- random: always mix cycle counter in add_latent_entropy()
- KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
- can: kvaser_usb: hydra: help gcc-13 to figure out cmd_len
- powerpc: dts: t208x: Disable 10G on MAC1 and MAC2
- alarmtimer: Prevent starvation by small intervals and SIG_IGN
- drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
- mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
- uaccess: Add speculation barrier to copy_from_user()
- wifi: mwifiex: Add missing compatible string for SD8787
- ext4: Fix function prototype mismatch for ext4_feat_ktype
- Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo
child qdiscs"
- bpf: add missing header file include
- Linux 5.4.233
* selftest: fib_tests: Always cleanup before exit (LP: #2015956)
- selftest: fib_tests: Always cleanup before exit
* fib_tests.sh in ubuntu_kernel_selftests was skipped silently on Focal
(LP: #2015440)
- selftests: Fix the executable permissions for fib_tests.sh
* Debian autoreconstruct Fix restoration of execute permissions (LP: #2015498)
- [Debian] autoreconstruct - fix restoration of execute permissions
* kernel: fix __clear_user() inline assembly constraints (LP: #2013088)
- s390/uaccess: add missing earlyclobber annotations to __clear_user()
* i/o error if next unused loop device is queried (LP: #1856871)
- loop: fix I/O error on fsync() in detached loop devices
* CVE-2023-1075
- net/tls: tls_is_tx_ready() checked list_entry
* Focal update: v5.4.232 upstream stable release (LP: #2011625)
- firewire: fix memory leak for payload of request subaction to IEC 61883-1
FCP region
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
- ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
- arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX
- scsi: Revert "scsi: core: map PQ=1, PDT=other values to
SCSI_SCAN_TARGET_PRESENT"
- WRITE is "data source", not destination...
- fix iov_iter_bvec() "direction" argument
- fix "direction" argument of iov_iter_kvec()
- netrom: Fix use-after-free caused by accept on already connected socket
- netfilter: br_netfilter: disable sabotage_in hook after first suppression
- squashfs: harden sanity check in squashfs_read_xattr_id_table
- net: phy: meson-gxl: Add generic dummy stubs for MMD register access
- can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
- ata: libata: Fix sata_down_spd_limit() when no link speed is reported
- selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
- selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
- selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
benchmarking
- virtio-net: Keep stop() to follow mirror sequence of open()
- net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
- efi: fix potential NULL deref in efi_mem_reserve_persistent
- scsi: target: core: Fix warning on RT kernels
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- i2c: rk3x: fix a bunch of kernel-doc warnings
- net/x25: Fix to not accept on connected socket
- iio: adc: stm32-dfsdm: fill module aliases
- usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
- usb: dwc3: qcom: enable vbus override when in OTG dr-mode
- usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
- Input: i8042 - move __initconst to fix code styling warning
- Input: i8042 - merge quirk tables
- Input: i8042 - add TUXEDO devices to i8042 quirk tables
- Input: i8042 - add Clevo PCX0DX to i8042 quirk table
- fbcon: Check font dimension limits
- watchdog: diag288_wdt: do not use stack buffers for hardware data
- watchdog: diag288_wdt: fix __diag288() inline assembly
- efi: Accept version 2 of memory attributes table
- iio: hid: fix the retval in accel_3d_capture_sample
- iio: adc: berlin2-adc: Add missing of_node_put() in error path
- iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
- parisc: Fix return code of pdc_iodc_print()
- parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case
- riscv: disable generation of unwind tables
- mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
- fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
- mm/swapfile: add cond_resched() in get_swap_pages()
- Squashfs: fix handling and sanity checking of xattr_ids count
- nvmem: core: fix cell removal on error
- mm: swap: properly update readahead statistics in unuse_pte_range()
- xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
- serial: 8250_dma: Fix DMA Rx completion race
- serial: 8250_dma: Fix DMA Rx rearm race
- powerpc/imc-pmu: Revert nest_init_lock to being a mutex
- fbdev: smscufx: fix error handling code in ufx_usb_probe
- f2fs: fix to do sanity check on i_extra_isize in is_alive()
- wifi: brcmfmac: Check the count value of channel spec to prevent out-of-
bounds reads
- iio:adc:twl6030: Enable measurement of VAC
- btrfs: limit device extents to the device size
- btrfs: zlib: zero-initialize zlib workspace
- ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
- tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
trace_pipe_raw
- can: j1939: do not wait 250 ms if the same addr was already claimed
- IB/hfi1: Restore allocated resources on failed copyout
- IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
- iommu: Add gfp parameter to iommu_ops::map
- RDMA/usnic: use iommu_map_atomic() under spin_lock()
- xfrm: fix bug with DSCP copy to v6 from v4 tunnel
- bonding: fix error checking in bond_debug_reregister()
- net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY
- ionic: clean interrupt before enabling queue to avoid credit race
- ice: Do not use WQ_MEM_RECLAIM flag for workqueue
- rds: rds_rm_zerocopy_callback() use list_first_entry()
- selftests: forwarding: lib: quote the sysctl values
- ALSA: pci: lx6464es: fix a debug loop
- pinctrl: aspeed: Fix confusing types in return value
- pinctrl: single: fix potential NULL dereference
- pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
- net: USB: Fix wrong-direction WARNING in plusb.c
- usb: core: add quirk for Alcor Link AK9563 smartcard reader
- usb: typec: altmodes/displayport: Fix probe pin assign check
- ceph: flush cap releases when the session is flushed
- riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte
- arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
- arm64: dts: meson-g12-common: Make mmc host controller interrupts level-
sensitive
- arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
- nvme-pci: Move enumeration by class to be last in the table
- bpf: Always return target ifindex in bpf_fib_lookup
- migrate: hugetlb: check for hugetlb shared PMD in node migration
- selftests/bpf: Verify copy_register_state() preserves parent/live fields
- ASoC: cs42l56: fix DT probe
- tools/virtio: fix the vringh test for virtio ring changes
- net/rose: Fix to not accept on connected socket
- net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
- net: sched: sch: Bounds check priority
- s390/decompressor: specify __decompress() buf len to avoid overflow
- nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
- aio: fix mremap after fork null-deref
- btrfs: free device in btrfs_close_devices for a single device filesystem
- netfilter: nft_tproxy: restrict to prerouting hook
- xfs: remove the xfs_efi_log_item_t typedef
- xfs: remove the xfs_efd_log_item_t typedef
- xfs: remove the xfs_inode_log_item_t typedef
- xfs: factor out a xfs_defer_create_intent helper
- xfs: merge the ->log_item defer op into ->create_intent
- xfs: merge the ->diff_items defer op into ->create_intent
- xfs: turn dfp_intent into a xfs_log_item
- xfs: refactor xfs_defer_finish_noroll
- xfs: log new intent items created as part of finishing recovered intent
items
- xfs: fix finobt btree block recovery ordering
- xfs: proper replay of deferred ops queued during log recovery
- xfs: xfs_defer_capture should absorb remaining block reservations
- xfs: xfs_defer_capture should absorb remaining transaction reservation
- xfs: clean up bmap intent item recovery checking
- xfs: clean up xfs_bui_item_recover iget/trans_alloc/ilock ordering
- xfs: fix an incore inode UAF in xfs_bui_recover
- xfs: change the order in which child and parent defer ops are finished
- xfs: periodically relog deferred intent items
- xfs: expose the log push threshold
- xfs: only relog deferred intent items if free space in the log gets low
- xfs: fix missing CoW blocks writeback conversion retry
- xfs: ensure inobt record walks always make forward progress
- xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
- xfs: prevent UAF in xfs_log_item_in_current_chkpt
- xfs: sync lazy sb accounting on quiesce of read-only mounts
- Revert "ipv4: Fix incorrect route flushing when source address is deleted"
- ipv4: Fix incorrect route flushing when source address is deleted
- mmc: sdio: fix possible resource leaks in some error paths
- mmc: mmc_spi: fix error handling in mmc_spi_probe()
- ALSA: hda/conexant: add a new hda codec SN6180
- ALSA: hda/realtek - fixed wrong gpio assigned
- sched/psi: Fix use-after-free in ep_remove_wait_queue()
- hugetlb: check for undefined shift on 32 bit architectures
- Revert "mm: Always release pages to the buddy allocator in
memblock_free_late()."
- net: Fix unwanted sign extension in netdev_stats_to_stats64()
- revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
- ixgbe: allow to increase MTU to 3K with XDP enabled
- i40e: add double of VLAN header when computing the max MTU
- net: bgmac: fix BCM5358 support by setting correct flags
- sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
- dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
- net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
- bnxt_en: Fix mqprio and XDP ring checking logic
- net: stmmac: Restrict warning on disabling DMA store and fwd mode
- ixgbe: add double of VLAN header when computing the max MTU
- ipv6: Fix datagram socket connection with DSCP.
- ipv6: Fix tcp socket connection with DSCP.
- i40e: Add checking for null for nlmsg_find_attr()
- kvm: initialize all of the kvm_debugregs structure before sending it to
userspace
- nilfs2: fix underflow in second superblock position calculations
- ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
- net: sched: sch: Fix off by one in htb_activate_prios()
- iommu/amd: Pass gfp flags to iommu_map_page() in amd_iommu_map()
- Linux 5.4.232
* CVE-2023-1118
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
linux-iot (5.4.0-1016.17) focal; urgency=medium
* focal/linux-iot: 5.4.0-1016.17 -proposed tracker (LP: #2011945)
* CVE-2023-1829
- [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
- [Packaging] resync getabis
- [Packaging] update helper scripts
* Build pciesvc module and kpciemgr as module
- SAUCE: ubuntu/pensando: restore original compiler flags
* Build pciesvc module and kpciemgr as module (LP: #2018947)
- SAUCE: ubuntu/pensando: build pciesvc driver
- [Config] Enable CONFIG_PCIESVC
* [UC20][Task] Ensure latest kernel patches from Pensando are pulled in (LP:
#2012525)
- SAUCE: ubuntu/pensando: update the version number of DSC drivers
* Miscellaneous Ubuntu changes
- SAUCE: ubuntu/pensando: Fix include path to common
[ Ubuntu: 5.4.0-148.165 ]
* focal/linux: 5.4.0-148.165 -proposed tracker (LP: #2016777)
* CVE-2023-1829
- net/sched: Retire tcindex classifier
- [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available
[ Ubuntu: 5.4.0-147.164 ]
* focal/linux: 5.4.0-147.164 -proposed tracker (LP: #2011959)
* CVE-2023-26545
- net: mpls: fix stale pointer if allocation fails during device rename
* CVE-2023-1281
- rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer()
- net/sched: tcindex: update imperfect hash filters respecting rcu
* Focal update: v5.4.231 upstream stable release (LP: #2011226)
- clk: generalize devm_clk_get() a bit
- clk: Provide new devm_clk helpers for prepared and enabled clocks
- memory: atmel-sdramc: Fix missing clk_disable_unprepare in
atmel_ramc_probe()
- memory: mvebu-devbus: Fix missing clk_disable_unprepare in
mvebu_devbus_probe()
- ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts'
- ARM: imx27: Retrieve the SYSCTRL base address from devicetree
- ARM: imx31: Retrieve the IIM base address from devicetree
- ARM: imx35: Retrieve the IIM base address from devicetree
- ARM: imx: add missing of_node_put()
- HID: intel_ish-hid: Add check for ishtp_dma_tx_map
- EDAC/highbank: Fix memory leak in highbank_mc_probe()
- tomoyo: fix broken dependency on *.conf.default
- RDMA/core: Fix ib block iterator counter overflow
- IB/hfi1: Reject a zero-length user expected buffer
- IB/hfi1: Reserve user expected TIDs
- IB/hfi1: Fix expected receive setup error exit issues
- affs: initialize fsdata in affs_truncate()
- amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
- amd-xgbe: Delay AN timeout during KR training
- bpf: Fix pointer-leak due to insufficient speculative store bypass
mitigation
- phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
rockchip_usb2phy_power_on()
- net: nfc: Fix use-after-free in local_cleanup()
- net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
- gpio: mxc: Always set GPIOs used as interrupt source to INPUT mode
- net/sched: sch_taprio: fix possible use-after-free
- net: fix a concurrency bug in l2tp_tunnel_register()
- l2tp: Serialize access to sk_user_data with sk_callback_lock
- l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
- net: usb: sr9700: Handle negative len
- net: mdio: validate parameter addr in mdiobus_get_phy()
- HID: check empty report_list in hid_validate_values()
- HID: check empty report_list in bigben_probe()
- net: stmmac: fix invalid call to mdiobus_get_phy()
- HID: revert CHERRY_MOUSE_000C quirk
- usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
- usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
- net: mlx5: eliminate anonymous module_init & module_exit
- drm/panfrost: fix GENERIC_ATOMIC64 dependency
- dmaengine: Fix double increment of client_count in dma_chan_get()
- net: macb: fix PTP TX timestamp failure due to packet padding
- HID: betop: check shape of output reports
- dmaengine: xilinx_dma: use devm_platform_ioremap_resource()
- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
- dmaengine: xilinx_dma: call of_node_put() when breaking out of
for_each_child_of_node()
- tcp: avoid the lookup process failing to get sk in ehash table
- w1: fix deadloop in __w1_remove_master_device()
- w1: fix WARNING after calling w1_process()
- driver core: Fix test_async_probe_init saves device in wrong array
- net: dsa: microchip: ksz9477: port map correction in ALU table entry
register
- tcp: fix rate_app_limited to default to 1
- cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
- ASoC: fsl_micfil: Correct the number of steps on SX controls
- drm: Add orientation quirk for Lenovo ideapad D330-10IGL
- s390/debug: add _ASM_S390_ prefix to header guard
- cpufreq: armada-37xx: stop using 0 as NULL pointer
- ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
- ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets
- spi: spidev: remove debug messages that access spidev->spi without locking
- KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
- scsi: hisi_sas: Set a port invalid only if there are no devices attached
when refreshing port id
- platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
- platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
- lockref: stop doing cpu_relax in the cmpxchg loop
- mmc: sdhci-esdhc-imx: clear pending interrupt and halt cqhci
- mmc: sdhci-esdhc-imx: disable the CMD CRC check for standard tuning
- mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
- fs: reiserfs: remove useless new_opts in reiserfs_remount
- Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
- scsi: hpsa: Fix allocation size for scsi_host_alloc()
- module: Don't wait for GOING modules
- tracing: Make sure trace_printk() can output as soon as it can be used
- trace_events_hist: add check for return value of 'create_hist_field'
- ftrace/scripts: Update the instructions for ftrace-bisect.sh
- cifs: Fix oops due to uncleared server->smbd_conn in reconnect
- KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
- thermal: intel: int340x: Protect trip temperature from concurrent updates
- ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment
- EDAC/device: Respect any driver-supplied workqueue polling value
- EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info
- netlink: prevent potential spectre v1 gadgets
- net: fix UaF in netns ops registration error path
- netfilter: nft_set_rbtree: skip elements in transaction from garbage
collection
- netlink: annotate data races around nlk->portid
- netlink: annotate data races around dst_portid and dst_group
- netlink: annotate data races around sk_state
- ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
- ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
- netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
- netrom: Fix use-after-free of a listening socket.
- net/sched: sch_taprio: do not schedule in taprio_reset()
- sctp: fail if no bound addresses can be used for a given scope
- net: ravb: Fix possible hang if RIS2_QFF1 happen
- thermal: intel: int340x: Add locking to int340x_thermal_get_trip_type()
- net/tg3: resolve deadlock in tg3_reset_task() during EEH
- net/phy/mdio-i2c: Move header file to include/linux/mdio
- net: xgene: Move shared header file into include/linux
- net: mdio-mux-meson-g12a: force internal PHY off on mux switch
- Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
mode"
- nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
- block: fix and cleanup bio_check_ro
- x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
- netfilter: conntrack: unify established states for SCTP paths
- perf/x86/amd: fix potential integer overflow on shift of a int
- clk: Fix pointer casting to prevent oops in devm_clk_release()
- x86/asm: Fix an assembler warning with current binutils
- ARM: dts: imx: Fix pca9547 i2c-mux node name
- bpf: Skip task with pid=1 in send_signal_common()
- blk-cgroup: fix missing pd_online_fn() while activating policy
- dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
- sysctl: add a new register_sysctl_init() interface
- panic: unset panic_on_warn inside panic()
- mm: kasan: do not panic if both panic_on_warn and kasan_multishot set
- exit: Add and use make_task_dead.
- objtool: Add a missing comma to avoid string concatenation
- hexagon: Fix function name in die()
- h8300: Fix build errors from do_exit() to make_task_dead() transition
- csky: Fix function name in csky_alignment() and die()
- ia64: make IA64_MCA_RECOVERY bool instead of tristate
- exit: Put an upper limit on how often we can oops
- exit: Expose "oops_count" to sysfs
- exit: Allow oops_limit to be disabled
- panic: Consolidate open-coded panic_on_warn checks
- panic: Introduce warn_limit
- panic: Expose "warn_count" to sysfs
- docs: Fix path paste-o for /sys/kernel/warn_count
- exit: Use READ_ONCE() for all oops/warn limit reads
- ipv6: ensure sane device mtu in tunnels
- Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
- usb: host: xhci-plat: add wakeup entry at sysfs
- Revert "xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()"
- Linux 5.4.231
* CVE-2022-3903
- USB: add usb_control_msg_send() and usb_control_msg_recv()
- USB: correct API of usb_control_msg_send/recv
- USB: move snd_usb_pipe_sanity_check into the USB core
- media: mceusb: Use new usb_control_msg_*() routines
* CVE-2022-3108
- drm/amdkfd: Check for null pointer after calling kmemdup
* Focal update: v5.4.230 upstream stable release (LP: #2008946)
- pNFS/filelayout: Fix coalescing test for single DS
- net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
- RDMA/srp: Move large values to a new enum for gcc13
- f2fs: let's avoid panic if extent_tree is not created
- wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
- Add exception protection processing for vd in axi_chan_handle_err function
- nilfs2: fix general protection fault in nilfs_btree_insert()
- efi: fix userspace infinite retry read efivars after EFI runtime services
page fault
- drm/i915/gt: Reset twice
- ALSA: hda/realtek - Turn on power early
- xhci-pci: set the dma max_seg_size
- usb: xhci: Check endpoint is valid before dereferencing it
- xhci: Fix null pointer dereference when host dies
- xhci: Add update_hub_device override for PCI xHCI hosts
- xhci: Add a flag to disable USB3 lpm on a xhci root port level.
- usb: acpi: add helper to check port lpm capability using acpi _DSM
- xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
- prlimit: do_prlimit needs to have a speculation check
- USB: serial: option: add Quectel EM05-G (GR) modem
- USB: serial: option: add Quectel EM05-G (CS) modem
- USB: serial: option: add Quectel EM05-G (RS) modem
- USB: serial: option: add Quectel EC200U modem
- USB: serial: option: add Quectel EM05CN (SG) modem
- USB: serial: option: add Quectel EM05CN modem
- USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
- misc: fastrpc: Don't remove map on creater_process and device_release
- misc: fastrpc: Fix use-after-free race condition for maps
- usb: core: hub: disable autosuspend for TI TUSB8041
- comedi: adv_pci1760: Fix PWM instruction handling
- mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
- btrfs: fix race between quota rescan and disable leading to NULL pointer
deref
- cifs: do not include page data when checking signature
- USB: serial: cp210x: add SCALANCE LPE-9000 device id
- usb: host: ehci-fsl: Fix module alias
- usb: typec: altmodes/displayport: Add pin assignment helper
- usb: typec: altmodes/displayport: Fix pin assignment calculation
- usb: gadget: g_webcam: Send color matching descriptor per frame
- usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
- usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
- dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string documentation
- serial: pch_uart: Pass correct sg to dma_unmap_sg()
- dmaengine: tegra210-adma: fix global intr clear
- serial: atmel: fix incorrect baudrate setup
- gsmi: fix null-deref in gsmi_get_variable
- drm/i915: re-disable RC6p on Sandy Bridge
- drm/amd/display: Fix set scaling doesn's work
- drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
- x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
- Linux 5.4.230
Date: 2023-06-21 08:22:07.573325+00:00
Changed-By: Jesse Sung <jesse.sung at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1017.18
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list