[ubuntu/focal-proposed] linux-aws 5.4.0-1128.138 (Accepted)
Andy Whitcroft
apw at canonical.com
Sun Jun 23 04:16:37 UTC 2024
linux-aws (5.4.0-1128.138) focal; urgency=medium
* focal/linux-aws: 5.4.0-1128.138 -proposed tracker (LP: #2068400)
[ Ubuntu: 5.4.0-189.209 ]
* focal/linux: 5.4.0-189.209 -proposed tracker (LP: #2068454)
* Focal update: v5.4.275 upstream stable release (LP: #2067865)
- batman-adv: Avoid infinite loop trying to resize local TT
- Bluetooth: Fix memory leak in hci_req_sync_complete()
- nouveau: fix function cast warning
- net: openvswitch: fix unwanted error log on timeout policy probing
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file
- geneve: fix header validation in geneve[6]_xmit_skb
- ipv6: fib: hide unused 'pn' variable
- ipv4/route: avoid unused-but-set-variable warning
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
- net/mlx5: Properly link new fs rules into the tree
- net: ena: Fix potential sign extension issue
- btrfs: qgroup: correctly model root qgroup rsv in convert
- drm/client: Fully protect modes[] with dev->mode_config.mutex
- vhost: Add smp_rmb() in vhost_vq_avail_empty()
- selftests: timers: Fix abs() warning in posix_timers test
- x86/apic: Force native_apic_mem_read() to use the MOV instruction
- btrfs: record delayed inode root in transaction
- selftests/ftrace: Limit length in subsystem-enable tests
- kprobes: Fix possible use-after-free issue on kprobe registration
- Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
- tun: limit printing rate when illegal packet received by tun dev
- RDMA/rxe: Fix the problem "mutex_destroy missing"
- RDMA/mlx5: Fix port number for counter query in multi-port configuration
- drm: nv04: Fix out of bounds access
- clk: Remove prepare_lock hold assertion in __clk_release()
- clk: Mark 'all_lists' as const
- clk: remove extra empty line
- clk: Print an info line before disabling unused clocks
- clk: Initialize struct clk_core kref earlier
- clk: Get runtime PM before walking tree during disable_unused
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
- comedi: vmk80xx: fix incomplete endpoint checking
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
- USB: serial: option: add Fibocom FM135-GL variants
- USB: serial: option: add support for Fibocom FM650/FG650
- USB: serial: option: add Lonsung U8300/U9300 product
- USB: serial: option: support Quectel EM060K sub-models
- USB: serial: option: add Rolling RW101-GL and RW135-GL support
- USB: serial: option: add Telit FN920C04 rmnet compositions
- usb: dwc2: host: Fix dereference issue in DDMA completion flow.
- speakup: Avoid crash on very long word
- fs: sysfs: Fix reference leak in sysfs_break_active_protection()
- nouveau: fix instmem race condition around ptr stores
- nilfs2: fix OOB in nilfs_set_de_type
- KVM: async_pf: Cleanup kvm_setup_async_pf()
- arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
- arm64: dts: mediatek: mt7622: fix IR nodename
- arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
- arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
- arm64: dts: mt2712: add ethernet device node
- arm64: dts: mediatek: mt2712: fix validation errors
- ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
- vxlan: drop packets from invalid src-address
- mlxsw: core: Unregister EMAD trap using FORWARD action
- NFC: trf7970a: disable all regulators on removal
- net: usb: ax88179_178a: stop lying about skb->truesize
- net: gtp: Fix Use-After-Free in gtp_dellink
- ipvs: Fix checksumming on GSO of SCTP packets
- net: openvswitch: Fix Use-After-Free in ovs_ct_exit
- mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
- mlxsw: spectrum_acl_tcam: Rate limit error message
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
- mlxsw: spectrum_acl_tcam: Fix warning during rehash
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
- iavf: Fix TC config comparison with existing adapter TC config
- af_unix: Suppress false-positive lockdep splat for spin_lock() in
__unix_gc().
- serial: core: Provide port lock wrappers
- serial: mxs-auart: add spinlock around changing cts state
- Revert "crypto: api - Disallow identical driver names"
- net/mlx5e: Fix a race in command alloc flow
- tracing: Show size of requested perf buffer
- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
together
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
- drm/amdgpu: Fix leak when GPU memory allocation fails
- irqchip/gic-v3-its: Prevent double free on error
- ethernet: Add helper for assigning packet type when dest address does not
match device address
- net: b44: set pause params only when interface is up
- stackdepot: respect __GFP_NOLOCKDEP allocation flag
- mtd: diskonchip: work around ubsan link failure
- tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
- dmaengine: owl: fix register access functions
- idma64: Don't try to serve interrupts when device is powered off
- i2c: smbus: fix NULL function pointer dereference
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
- bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
- udp: preserve the connected status if only UDP cmsg
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
- Linux 5.4.275
* Focal update: v5.4.274 upstream stable release (LP: #2067857)
- amdkfd: use calloc instead of kzalloc to avoid integer overflow
- Documentation/hw-vuln: Update spectre doc
- x86/cpu: Support AMD Automatic IBRS
- x86/bugs: Use sysfs_emit()
- timers: Update kernel-doc for various functions
- timers: Use del_timer_sync() even on UP
- timers: Rename del_timer_sync() to timer_delete_sync()
- media: staging: ipu3-imgu: Set fields before media_entity_pads_init()
- clk: qcom: gcc-sdm845: Add soft dependency on rpmhpd
- smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
- smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
- ARM: dts: mmp2-brownstone: Don't redeclare phandle references
- arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
- serial: max310x: fix NULL pointer dereference in I2C instantiation
- KVM: Always flush async #PF workqueue when vCPU is being destroyed
- sparc64: NMI watchdog: fix return value of __setup handler
- sparc: vDSO: fix return value of __setup handler
- crypto: qat - fix double free during reset
- crypto: qat - resolve race condition during AER recovery
- selftests/mqueue: Set timeout to 180 seconds
- ext4: correct best extent lstart adjustment logic
- fat: fix uninitialized field in nostale filehandles
- ubifs: Set page uptodate in the correct place
- ubi: Check for too small LEB size in VTBL code
- ubi: correct the calculation of fastmap size
- mtd: rawnand: meson: fix scrambling mode value in command macro
- parisc: Do not hardcode registers in checksum functions
- parisc: Fix ip_fast_csum
- parisc: Fix csum_ipv6_magic on 32-bit systems
- parisc: Fix csum_ipv6_magic on 64-bit systems
- parisc: Strip upper 32 bit of sum in csum_ipv6_magic for 64-bit builds
- PM: suspend: Set mem_sleep_current during kernel command line setup
- clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
- clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
- clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
- powerpc/fsl: Fix mfpmr build errors with newer binutils
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
- USB: serial: add device ID for VeriFone adapter
- USB: serial: cp210x: add ID for MGP Instruments PDS100
- USB: serial: option: add MeiG Smart SLM320 product
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
- PM: sleep: wakeirq: fix wake irq warning in system suspend
- mmc: tmio: avoid concurrent runs of mmc_request_done()
- fuse: don't unhash root
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent()
- PCI: Drop pci_device_remove() test of pci_dev->driver
- PCI/PM: Drain runtime-idle callbacks before driver removal
- Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
- dm-raid: fix lockdep waring in "pers->hot_add_disk"
- mmc: core: Fix switch on gp3 partition
- hwmon: (amc6821) add of_match table
- ext4: fix corruption during on-line resize
- firmware: meson_sm: Rework driver as a proper platform driver
- nvmem: meson-efuse: fix function pointer type mismatch
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API
- speakup: Fix 8bit characters from direct synth
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
- vfio/platform: Disable virqfds on cleanup
- ring-buffer: Fix resetting of shortest_full
- ring-buffer: Fix full_waiters_pending in poll
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
- soc: fsl: qbman: Add helper for sanity checking cgr ops
- soc: fsl: qbman: Add CGR update function
- soc: fsl: qbman: Use raw spinlock for cgr_lock
- s390/zcrypt: fix reference counting on zcrypt card objects
- drm/exynos: do not return negative values from .get_modes()
- drm/imx/ipuv3: do not return negative values from .get_modes()
- drm/vc4: hdmi: do not return negative values from .get_modes()
- memtest: use {READ,WRITE}_ONCE in memory scanning
- nilfs2: fix failure to detect DAT corruption in btree and direct mappings
- nilfs2: use a more common logging style
- nilfs2: prevent kernel bug at submit_bh_wbc()
- x86/CPU/AMD: Update the Zenbleed microcode revisions
- ahci: asm1064: correct count of reported ports
- ahci: asm1064: asm1166: don't limit reported ports
- dm snapshot: fix lockup in dm_exception_table_exit
- comedi: comedi_test: Prevent timers rescheduling during deletion
- netfilter: nf_tables: reject constant set with timeout
- xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
- ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897
platform
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
- usb: gadget: ncm: Fix handling of zero block length packets
- usb: port: Don't try to peer unused USB ports based on location
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
- vt: fix unicode buffer corruption when deleting characters
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
- objtool: is_fentry_call() crashes if call has no destination
- objtool: Add support for intra-function calls
- x86/speculation: Support intra-function call validation
- xen/events: close evtchn after mapping cleanup
- printk: Update @console_may_schedule in console_trylock_spinning()
- btrfs: allocate btrfs_ioctl_defrag_range_args on stack
- Revert "loop: Check for overflow while configuring loop"
- loop: Call loop_config_discard() only after new config is applied
- loop: Remove sector_t truncation checks
- loop: Factor out setting loop device size
- loop: Refactor loop_set_status() size calculation
- loop: Factor out configuring loop from status
- loop: Check for overflow while configuring loop
- loop: loop_set_status_from_info() check before assignment
- perf/core: Fix reentry problem in perf_output_read_group()
- efivarfs: Request at most 512 bytes for variable names
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS
- bounds: support non-power-of-two CONFIG_NR_CPUS
- vt: fix memory overlapping when deleting chars in the buffer
- mm/memory-failure: fix an incorrect use of tail pages
- mm/migrate: set swap entry values of THP tail pages properly.
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
- exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
- mmc: core: Initialize mmc_blk_ioc_data
- mmc: core: Avoid negative index with array access
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
- scsi: core: Fix unremoved procfs host directory regression
- usb: dwc2: host: Fix remote wakeup from hibernation
- usb: dwc2: host: Fix hibernation flow
- usb: dwc2: host: Fix ISOC flow in DDMA mode
- usb: dwc2: gadget: LPM flow fix
- usb: udc: remove warning when queue disabled ep
- scsi: qla2xxx: Fix command flush on cable pull
- x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled
- scsi: lpfc: Correct size for wqe for memset()
- USB: core: Fix deadlock in usb_deauthorize_interface()
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
- tcp: properly terminate timers for kernel sockets
- dm integrity: fix out-of-range warning
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
- Bluetooth: hci_event: set the conn encrypted before conn establishes
- Bluetooth: Fix TOCTOU in HCI debugfs implementation
- netfilter: nf_tables: disallow timeout for anonymous sets
- net/rds: fix possible cp null dereference
- vfio/pci: Disable auto-enable of exclusive INTx IRQ
- vfio/pci: Lock external INTx masking ops
- vfio: Introduce interface to flush virqfd inject workqueue
- vfio/pci: Create persistent INTx handler
- vfio/platform: Create persistent IRQ handlers
- Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
mapped."
- mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL
allocations
- netfilter: nf_tables: flush pending destroy work before exit_net release
- netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
- net/sched: act_skbmod: prevent kernel-infoleak
- net: stmmac: fix rx queue priority assignment
- selftests: reuseaddr_conflict: add missing new line at the end of the output
- ipv6: Fix infinite recursion in fib6_dump_done().
- i40e: fix vf may be used uninitialized in this function warning
- staging: mmal-vchiq: Allocate and free components as required
- staging: mmal-vchiq: Fix client_component for 64 bit kernel
- staging: vc04_services: changen strncpy() to strscpy_pad()
- staging: vc04_services: fix information leak in create_component()
- fs: add a vfs_fchown helper
- fs: add a vfs_fchmod helper
- initramfs: switch initramfs unpacking to struct file based APIs
- init: open /initrd.image with O_LARGEFILE
- erspan: Add type I version 0 support.
- erspan: make sure erspan_base_hdr is present in skb->head
- net: ravb: Always process TX descriptor ring
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
- scsi: mylex: Fix sysfs buffer lengths
- ata: sata_mv: Fix PCI device ID table declaration compilation warning
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
- s390/entry: align system call table on 8 bytes
- wifi: ath9k: fix LNA selection in ath_ant_try_scan()
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
- panic: Flush kernel log buffer at the end
- arm64: dts: rockchip: fix rk3328 hdmi ports node
- arm64: dts: rockchip: fix rk3399 hdmi ports node
- ionic: set adminq irq affinity
- tools/power x86_energy_perf_policy: Fix file leak in get_pkg_num()
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
- btrfs: send: handle path ref underflow in header iterate_inode_ref()
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version
- Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
- sysv: don't call sb_bread() with pointers_lock held
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
- isofs: handle CDs with bad root inode but good Joliet root directory
- media: sta2x11: fix irq handler cast
- drm/amd/display: Fix nanosec stat overflow
- SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned
int
- Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
- block: prevent division by zero in blk_rq_stat_sum()
- Input: allocate keycode for Display refresh rate toggle
- ktest: force $buildonly = 1 for 'make_warnings_file' test type
- tools: iio: replace seekdir() in iio_generic_buffer
- usb: typec: tcpci: add generic tcpci fallback compatible
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
- fbmon: prevent division by zero in fb_videomode_from_videomode()
- netfilter: nf_tables: reject new basechain after table flag update
- netfilter: nf_tables: discard table flag update with pending basechain
deletion
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
- drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put()
- virtio: reenable config if freezing device failed
- x86/mm/pat: fix VM_PAT handling in COW mappings
- drm/i915/gt: Reset queue_priority_hint on parking
- x86/alternative: Don't call text_poke() in lazy TLB mode
- Bluetooth: btintel: Fixe build regression
- VMCI: Fix possible memcpy() run-time warning in
vmci_datagram_invoke_guest_handler()
- erspan: Check IFLA_GRE_ERSPAN_VER is set.
- ip_gre: do not report erspan version on GRE interface
- firmware: meson_sm: fix to avoid potential NULL pointer dereference
- Linux 5.4.274
* CVE-2024-26586
- mlxsw: spectrum_acl_tcam: Fix stack corruption
* CVE-2024-26923
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
- af_unix: Fix garbage collector racing against connect()
* Focal update: v5.4.273 upstream stable release (LP: #2064561)
- io_uring/unix: drop usage of io_uring socket
- io_uring: drop any code related to SCM_RIGHTS
- selftests: tls: use exact comparison in recv_partial
- ASoC: rt5645: Make LattePanda board DMI match more precise
- x86/xen: Add some null pointer checking to smp.c
- MIPS: Clear Cause.BD in instruction_pointer_set
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
- RDMA/mlx5: Relax DEVX access upon modify commands
- net/iucv: fix the allocation size of iucv_path_table array
- parisc/ftrace: add missing CONFIG_DYNAMIC_FTRACE check
- block: sed-opal: handle empty atoms when parsing response
- dm-verity, dm-crypt: align "struct bvec_iter" correctly
- btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
- firewire: core: use long bus reset on gap count error
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
- Input: gpio_keys_polled - suppress deferred probe error for gpio
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
- fs/select: rework stack allocation hack for clang
- timekeeping: Fix cross-timestamp interpolation on counter wrap
- timekeeping: Fix cross-timestamp interpolation corner case decision
- timekeeping: Fix cross-timestamp interpolation for non-x86
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()
- b43: dma: Fix use true/false for bool type variable
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
- b43: main: Fix use true/false for bool type
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
- wifi: b43: Disable QoS for bcm4331
- wifi: wilc1000: fix declarations ordering
- wifi: wilc1000: fix RCU usage in connect path
- wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir()
- sock_diag: annotate data-races around sock_diag_handlers[family]
- af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
- net: blackhole_dev: fix build warning for ethh set but not used
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
- arm64: dts: mediatek: mt7622: add missing "device_type" to memory nodes
- bpf: Add typecast to bpf helpers to help BTF generation
- bpf: Factor out bpf_spin_lock into helpers.
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
- arm64: dts: qcom: db820c: Move non-soc entries out of /soc
- arm64: dts: qcom: msm8996: Use node references in db820c
- arm64: dts: qcom: msm8996: Move regulator consumers to db820c
- arm64: dts: qcom: msm8996: Pad addresses
- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
- bus: tegra-aconnect: Update dependency to ARCH_TEGRA
- [Config]: Update tegra configs
- iommu/amd: Mark interrupt as managed
- wifi: brcmsmac: avoid function pointer casts
- net: ena: Remove ena_select_queue
- ARM: dts: arm: realview: Fix development chip ROM compatible value
- ARM: dts: imx6dl-yapp4: Move phy reset into switch node
- ARM: dts: imx6dl-yapp4: Fix typo in the QCA switch register address
- ARM: dts: imx6dl-yapp4: Move the internal switch PHYs under the switch node
- ACPI: scan: Fix device check notification handling
- x86, relocs: Ignore relocations in .notes section
- SUNRPC: fix some memleaks in gssx_dec_option_array
- mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove
function
- igb: move PEROUT and EXTTS isr logic to separate functions
- igb: Fix missing time sync events
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
- sr9800: Add check for usbnet_get_endpoints
- bpf: Fix hashtab overflow check on 32-bit arches
- bpf: Fix stackmap overflow check on 32-bit arches
- ipv6: fib6_rules: flush route cache when rule is changed
- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
- net: hns3: fix port duplex configure error in IMP reset
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
function
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function
- net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function
- nfp: flower: handle acti_netdevs allocation failure
- dm raid: fix false positive for requeue needed during reshape
- dm: call the resume method on internal suspend
- drm/tegra: dsi: Add missing check for of_find_device_by_node
- gpu: host1x: mipi: Update tegra_mipi_request() to be node based
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
- drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe()
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path
of tegra_dsi_probe()
- drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths
of tegra_output_probe()
- drm/rockchip: inno_hdmi: Fix video timing
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil
- drm/rockchip: lvds: do not overwrite error code
- dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
- media: tc358743: register v4l2 async device only after successful setup
- PCI/DPC: Print all TLP Prefixes, not just the first
- perf record: Fix possible incorrect free in record__switch_output()
- drm/amd/display: Fix potential NULL pointer dereferences in
'dcn10_set_output_transfer_func()'
- perf evsel: Fix duplicate initialization of data->id in
evsel__parse_sample()
- media: em28xx: annotate unchecked call to media_device_register()
- media: v4l2-tpg: fix some memleaks in tpg_alloc
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
- media: edia: dvbdev: fix a use-after-free
- clk: qcom: reset: Allow specifying custom reset delay
- clk: qcom: reset: support resetting multiple bits
- clk: qcom: reset: Commonize the de/assert functions
- clk: qcom: reset: Ensure write completion on reset de/assertion
- quota: simplify drop_dquot_ref()
- quota: Fix potential NULL pointer dereference
- quota: Fix rcu annotations of inode dquot pointers
- PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str()
- drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
- ALSA: seq: fix function cast warnings
- perf stat: Avoid metric-only segv
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
- media: go7007: add check of return value of go7007_read_addr()
- media: pvrusb2: remove redundant NULL check
- media: pvrusb2: fix pvr2_stream_callback casts
- clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
- clk: hisilicon: hi3519: Release the correct number of gates in
hi3519_clk_unregister()
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
- mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
- mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a
ref
- crypto: arm/sha - fix function cast warnings
- mtd: maps: physmap-core: fix flash size larger than 32-bit
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
- media: pvrusb2: fix uaf in pvr2_context_set_notify
- media: dvb-frontends: avoid stack overflow warnings with clang
- media: go7007: fix a memleak in go7007_load_encoder
- media: v4l2-core: correctly validate video and metadata ioctls
- media: rename VFL_TYPE_GRABBER to _VIDEO
- media: media/pci: rename VFL_TYPE_GRABBER to _VIDEO
- media: ttpci: fix two memleaks in budget_av_attach
- drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
- drm/msm/dpu: add division of drm_display_mode's hskew parameter
- powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc.
- backlight: lm3630a: Initialize backlight_properties on init
- backlight: lm3630a: Don't set bl->props.brightness in get_brightness
- backlight: da9052: Fully initialize backlight_properties during probe
- backlight: lm3639: Fully initialize backlight_properties during probe
- backlight: lp8788: Fully initialize backlight_properties during probe
- sparc32: Fix section mismatch in leon_pci_grpci
- clk: Fix clk_core_get NULL dereference
- ALSA: usb-audio: Stop parsing channels bits when all channels are found.
- scsi: csiostor: Avoid function pointer casts
- RDMA/device: Fix a race between mad_client and cm_client init
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
- watchdog: stm32_iwdg: initialize default timeout
- NFS: Fix an off by one in root_nfs_cat()
- afs: Revert "afs: Hide silly-rename files from userspace"
- tty: vt: fix 20 vs 0x20 typo in EScsiignore
- serial: max310x: fix syntax error in IRQ error message
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
- kconfig: fix infinite loop when expanding a macro at the end of file
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
- serial: 8250_exar: Don't remove GPIO device on suspend
- staging: greybus: fix get_channel_from_mode() failure path
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
- octeontx2-af: Use matching wake_up API variant in CGX command interface
- s390/vtime: fix average steal time calculation
- hsr: Fix uninit-value access in hsr_get_node()
- packet: annotate data-races around ignore_outgoing
- rds: introduce acquire/release ordering in acquire/release_in_xmit()
- hsr: Handle failures in module init
- net/bnx2x: Prevent access to a freed page in page_pool
- octeontx2-af: Use separate handlers for interrupts
- ARM: dts: sun8i-h2-plus-bananapi-m2-zero: add regulator nodes vcc-dram and
vcc1v2
- netfilter: nf_tables: do not compare internal table flags on updates
- rcu: add a helper to report consolidated flavor QS
- bpf: report RCU QS in cpumap kthread
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
- regmap: Add missing map->bus check
- Linux 5.4.273
* Focal update: v5.4.272 upstream stable release (LP: #2064555)
- lan78xx: Fix white space and style issues
- lan78xx: Add missing return code checks
- lan78xx: Fix partial packet errors on suspend/resume
- lan78xx: Fix race conditions in suspend/resume handling
- net: lan78xx: fix runtime PM count underflow on link stop
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
- geneve: make sure to pull inner header in geneve_rx()
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
- net/rds: fix WARNING in rds_conn_connect_if_down
- netfilter: nft_ct: fix l3num expectations with inet pseudo family
- netfilter: nf_conntrack_h323: Add protection for bmp length out of range
- netrom: Fix a data-race around sysctl_netrom_default_path_quality
- netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser
- netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
- netrom: Fix a data-race around sysctl_netrom_transport_timeout
- netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
- netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
- netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
- netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size
- netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
- netrom: Fix a data-race around sysctl_netrom_routing_control
- netrom: Fix a data-race around sysctl_netrom_link_fails_count
- netrom: Fix data-races around sysctl_net_busy_read
- selftests: mm: fix map_hugetlb failure on 64K page size systems
- um: allow not setting extra rpaths in the linux binary
- serial: max310x: Use devm_clk_get_optional() to get the input clock
- serial: max310x: Try to get crystal clock rate from property
- serial: max310x: fail probe if clock crystal is unstable
- serial: max310x: Make use of device properties
- serial: max310x: use regmap methods for SPI batch operations
- serial: max310x: use a separate regmap for each port
- serial: max310x: prevent infinite while() loop in port startup
- Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
- hv_netvsc: Make netvsc/VF binding check both MAC and serial number
- hv_netvsc: use netif_is_bond_master() instead of open code
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
- y2038: rusage: use __kernel_old_timeval
- getrusage: add the "signal_struct *sig" local variable
- getrusage: move thread_group_cputime_adjusted() outside of
lock_task_sighand()
- getrusage: use __for_each_thread()
- getrusage: use sig->stats_lock rather than lock_task_sighand()
- serial: max310x: Unprepare and disable clock in error path
- regmap: allow to define reg_update_bits for no bus configuration
- regmap: Add bulk read/write callbacks into regmap_config
- serial: max310x: make accessing revision id interface-agnostic
- serial: max310x: implement I2C support
- serial: max310x: fix IO data corruption in batched operations
- arm64: dts: qcom: add PDC interrupt controller for SDM845
- arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
- Linux 5.4.272
* CVE-2024-23307
- md/raid5: fix atomicity violation in raid5_cache_count
* CVE-2024-26889
- Bluetooth: hci_core: Fix possible buffer overflow
* CVE-2024-26828
- cifs: fix underflow in parse_server_interfaces()
* CVE-2024-24861
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
* CVE-2023-6270
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
* CVE-2024-26642
- netfilter: nf_tables: disallow anonymous set with timeout flag
* CVE-2024-26926
- binder: check offset alignment in binder_get_object()
* CVE-2024-26922
- drm/amdgpu: validate the parameters of bo mapping operations more clearly
* CVE-2024-26925
- netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
- netfilter: nf_tables: release batch on table validation from abort path
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
* CVE-2024-2201
- x86/cpufeatures: Add new word for scattered features
- x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- x86/bhi: Add support for clearing branch history at syscall entry
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S
- x86/bhi: Enumerate Branch History Injection (BHI) bug
- x86/bhi: Add BHI mitigation knob
- x86/bhi: Mitigate KVM by default
- [Config] updateconfigs for CONFIG_BHI_{AUTO|ON|OFF}
- x86/bugs: Fix BHI documentation
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr'
- x86/bugs: Fix BHI handling of RRSBA
- x86/bugs: Clarify that syscall hardening isn't a BHI mitigation
- x86/bugs: Fix BHI retpoline check
Date: 2024-06-21 16:50:09.666597+00:00
Changed-By: Philip Cox <philip.cox at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1128.138
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list