UbuntuUpdates.org

Package "linux-bpf-dev"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-bpf-dev

Description:

Headers for BPF development

Latest version: 6.8.0-76.76
Release: noble (24.04)
Level: base
Repository: main
Head package: linux

Links


Download "linux-bpf-dev"


Other versions of "linux-bpf-dev" in Noble

Repository Area Version
security main 6.8.0-71.71
updates main 6.8.0-71.71
proposed main 6.8.0-72.72

Changelog

Version: 6.8.0-76.76 2025-08-09 03:08:04 UTC

 linux (6.8.0-76.76) noble; urgency=medium
 .
   * noble/linux: 6.8.0-76.76 -proposed tracker (LP: #2120206)
 .
   * minimal kernel lacks modules for blk disk in arm64 openstack environments
     where config_drive is required (LP: #2118499)
     - [Config] Enable SYM53C8XX_2 on arm64
 .

Source diff to previous version
2118499 minimal kernel lacks modules for blk disk in arm64 openstack environments where config_drive is required

Version: 6.8.0-74.74 2025-08-08 15:08:27 UTC

 linux (6.8.0-74.74) noble; urgency=medium
 .
   * noble/linux: 6.8.0-74.74 -proposed tracker (LP: #2120039)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.08.11)
 .
   * rcu: Eliminate deadlocks involving do_exit() and RCU tasks (LP: #2117123)
     - rcu-tasks: Initialize callback lists at rcu_init() time
     - rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() deadlocks
     - rcu-tasks: Eliminate deadlocks involving do_exit() and RCU tasks
     - rcu-tasks: Maintain real-time response in rcu_tasks_postscan()
 .
   * BPF header file in wrong location (LP: #2118965)
     - [Packaging] Install bpf header to correct location
 .
   * i915: support ARL-H gpu (LP: #2117716)
     - drm/i915: Add additional ARL PCI IDs
     - drm/i915/mtl: Add fake PCH for Meteor Lake
     - drm/i915/mtl: Wake GT before sending H2G message
     - drm/i915/xelpg: Add workaround 14019877138
     - drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+
     - drm/i915/display: correct dual pps handling for MTL_PCH+
 .
   * Ubuntu 24.04.2: NULL pointer dereference with Ceph and selinux
     (LP: #2115447)
     - SAUCE: fs/ceph, selinux: fix NULL pointer dereference on CephFS write
       with SELinux in permissive mode
 .
   * Noble update: upstream stable patchset 2025-08-04 (LP: #2119458)
     - clockevents/drivers/i8253: Fix stop sequence for timer 0
     - sched/isolation: Prevent boot crash when the boot CPU is nohz_full
     - hrtimer: Use and report correct timerslack values for realtime tasks
     - mm: add nommu variant of vm_insert_pages()
     - io_uring: get rid of remap_pfn_range() for mapping rings/sqes
     - io_uring: don't attempt to mmap larger than what the user asks for
     - io_uring: fix corner case forgetting to vunmap
     - io_uring: use vmap() for ring mapping
     - io_uring: unify io_pin_pages()
     - io_uring/kbuf: vmap pinned buffer ring
     - io_uring/kbuf: use vm_insert_pages() for mmap'ed pbuf ring
     - io_uring: use unpin_user_pages() where appropriate
     - io_uring: fix error pbuf checking
     - rust: Disallow BTF generation with Rust + LTO
     - rust: init: fix `Zeroable` implementation for `Option>` and
       `Option>`
     - lib/buildid: Handle memfd_secret() files in build_id_parse()
     - mm: split critical region in remap_file_pages() and invoke LSMs in
       between
     - stmmac: loongson: Pass correct arg to PCI function
     - rust: lockdep: Remove support for dynamically allocated LockClassKeys
     - netfilter: nf_tables: allow clone callbacks to sleep
     - drm/amd/display: should support dmub hw lock on Replay
     - drm/amd/display: Use HW lock mgr for PSR1 when only one eDP
     - KVM: arm64: Calculate cptr_el2 traps on activating traps
     - KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
     - KVM: arm64: Remove host FPSIMD saving for non-protected KVM
     - KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN
     - KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN
     - KVM: arm64: Refactor exit handlers
     - KVM: arm64: Eagerly switch ZCR_EL{1,2}
     - Revert "sched/core: Reduce cost of sched_move_task when config
       autogroup"
     - wifi: iwlwifi: support BIOS override for 5G9 in CA also in LARI version
       8
     - netfilter: nft_counter: Use u64_stats_t for statistic.
     - firmware: imx-scu: fix OF node leak in .probe()
     - arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply
     - arm64: dts: rockchip: remove supports-cqe from rk3588 jaguar
     - xfrm: fix tunnel mode TX datapath in packet offload mode
     - xfrm_output: Force software GSO only in tunnel mode
     - soc: imx8m: Remove global soc_uid
     - soc: imx8m: Use devm_* to simplify probe failure handling
     - soc: imx8m: Unregister cpufreq and soc dev in cleanup path
     - ARM: dts: bcm2711: Fix xHCI power-domain
     - ARM: dts: bcm2711: PL011 UARTs are actually r1p5
     - arm64: dts: rockchip: Remove undocumented sdmmc property from lubancat-1
     - RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx
     - RDMA/mlx5: Handle errors returned from mlx5r_ib_rate()
     - ARM: OMAP1: select CONFIG_GENERIC_IRQ_CHIP
     - ARM: dts: bcm2711: Don't mark timer regs unconfigured
     - dma-mapping: fix missing clear bdr in check_ram_in_range_map()
     - RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path
     - RDMA/hns: Fix soft lockup during bt pages loop
     - RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db()
     - RDMA/hns: Fix a missing rollback in error path of
       hns_roce_create_qp_common()
     - RDMA/hns: Fix missing xa_destroy()
     - RDMA/hns: Fix wrong value of max_sge_rd
     - Bluetooth: Fix error code in chan_alloc_skb_cb()
     - Bluetooth: hci_event: Fix connection regression between LE and non-LE
       adapters
     - accel/qaic: Fix possible data corruption in BOs > 2G
     - ARM: davinci: da850: fix selecting ARCH_DAVINCI_DA8XX
     - ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().
     - ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create().
     - devlink: fix xa_alloc_cyclic() error handling
     - dpll: fix xa_alloc_cyclic() error handling
     - gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU
     - net: atm: fix use after free in lec_send()
     - net: lwtunnel: fix recursion loops
     - net: ipv6: ioam6: fix lwtunnel_output() loop
     - libfs: Fix duplicate directory entry in offset_dir_lookup
     - net/neighbor: add missing policy for NDTPA_QUEUE_LENBYTES
     - i2c: omap: fix IRQ storms
     - net: mana: Support holes in device list reply msg
     - can: rcar_canfd: Fix page entries in the AFL list
     - can: ucan: fix out of bound read in strscpy() source
     - can: flexcan: only change CAN state when link up in system PM
     - can: flexcan: disable transceiver during system PM
     - drm/xe: Fix exportin

Source diff to previous version
1786013 Packaging resync
2117123 rcu: Eliminate deadlocks involving do_exit() and RCU tasks
2118965 BPF header file in wrong location
2117716 i915: support ARL-H gpu
2115447 Ubuntu 24.04.2: NULL pointer dereference with Ceph and selinux
2119458 Noble update: upstream stable patchset 2025-08-04
2118927 Noble update: upstream stable patchset 2025-07-28
2117533 Noble update: upstream stable patchset 2025-07-22
2116878 Noble update: upstream stable patchset 2025-07-14
CVE-2025-21872 In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when va
CVE-2025-21880 In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmm_range_fa
CVE-2025-21890 In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpf_rx_rsc() idpf_rx_rsc() uses skb_transport_offse
CVE-2025-21885 In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers Whil
CVE-2025-21888 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type D
CVE-2025-21892 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in
CVE-2025-21873 In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: bsg: Fix crash when arpmb command fails If the device doesn't
CVE-2024-58090 In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a
CVE-2025-21875 In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a
CVE-2025-21877 In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a w
CVE-2025-21878 In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devm_request_irq The customer re
CVE-2025-21889 In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perf_iterate_ctx() The perf_iterate_
CVE-2025-21898 In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in function_stat_show() Check whether
CVE-2025-21899 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix bad hist from corrupting named_triggers list The following command
CVE-2025-21881 In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the f
CVE-2025-21895 In the Linux kernel, the following vulnerability has been resolved: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list Syska
CVE-2025-21883 In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling i
CVE-2025-21891 In the Linux kernel, the following vulnerability has been resolved: ipvlan: ensure network headers are in skb linear part syzbot found that ipvlan_
CVE-2024-57996 In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does
CVE-2025-37752 In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly
CVE-2025-38350 In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain cla
CVE-2025-21887 In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The iss

Version: 6.8.0-72.72 2025-07-23 14:08:02 UTC

 linux (6.8.0-72.72) noble; urgency=medium
 .
   * noble/linux: 6.8.0-72.72 -proposed tracker (LP: #2117691)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update annotations scripts
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.07.14)
 .
   * NVMe namespace ID mismatch on repeated map/unmap (LP: #2115209)
     - nvme: requeue namespace scan on missed AENs
     - nvme: re-read ANA log page after ns scan completes
     - nvme: fixup scan failure for non-ANA multipath controllers
 .
   * integrated I219-LM network adapter appears to be running too fast, causing
     synchronization issues when using the I219-LM PTP feature (LP: #2116072)
     - e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
 .
   * intel_rapl: support ARL-H hardware (LP: #2115652)
     - powercap: intel_rapl_msr: Add PL4 support for ArrowLake-H
 .
   * Ubuntu 24.04+ arm64: screen resolution fixed to 1024x768 with last kernel
     update (LP: #2115068)
     - [Config] Replace FB_HYPERV with DRM_HYPERV
 .
   * Noble update: upstream stable patchset 2025-07-09 (LP: #2116212)
     - arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings
     - xfs: assert a valid limit in xfs_rtfind_forw
     - xfs: validate inumber in xfs_iget
     - xfs: fix a sloppy memory handling bug in xfs_iroot_realloc
     - xfs: fix a typo
     - xfs: skip background cowblock trims on inodes open for write
     - xfs: don't free cowblocks from under dirty pagecache on unshare
     - xfs: merge xfs_attr_leaf_try_add into xfs_attr_leaf_addname
     - xfs: return bool from xfs_attr3_leaf_add
     - xfs: distinguish extra split from real ENOSPC from xfs_attr3_leaf_split
     - xfs: distinguish extra split from real ENOSPC from
       xfs_attr_node_try_addname
     - xfs: fold xfs_bmap_alloc_userdata into xfs_bmapi_allocate
     - xfs: don't ifdef around the exact minlen allocations
     - xfs: call xfs_bmap_exact_minlen_extent_alloc from xfs_bmap_btalloc
     - xfs: support lowmode allocations in xfs_bmap_exact_minlen_extent_alloc
     - xfs: Use try_cmpxchg() in xlog_cil_insert_pcp_aggregate()
     - xfs: Remove empty declartion in header file
     - xfs: pass the exact range to initialize to xfs_initialize_perag
     - xfs: update the file system geometry after recoverying superblock
       buffers
     - xfs: error out when a superblock buffer update reduces the agcount
     - xfs: don't use __GFP_RETRY_MAYFAIL in xfs_initialize_perag
     - xfs: update the pag for the last AG at recovery time
     - xfs: Reduce unnecessary searches when searching for the best extents
     - xfs: streamline xfs_filestream_pick_ag
     - xfs: Check for delayed allocations before setting extsize
     - md/md-bitmap: replace md_bitmap_status() with a new helper
       md_bitmap_get_stats()
     - md/md-cluster: fix spares warnings for __le64
     - md/md-bitmap: add 'sync_size' into struct md_bitmap_stats
     - mm: update mark_victim tracepoints fields
     - cpufreq: dt-platdev: add missing MODULE_DESCRIPTION() macro
     - cpufreq: fix using cpufreq-dt as module
     - Bluetooth: qca: Support downloading board id specific NVM for WCN7850
     - Bluetooth: qca: Update firmware-name to support board specific nvm
     - Bluetooth: qca: Fix poor RF performance for WCN6855
     - Input: serio - define serio_pause_rx guard to pause and resume serio
       ports
     - ASoC: renesas: rz-ssi: Add a check for negative sample_space
     - ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB]
     - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
     - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline
     - ALSA: seq: Drop UMP events when no UMP-conversion is set
     - ibmvnic: Return error code on TX scrq flush fail
     - ibmvnic: Introduce send sub-crq direct
     - ibmvnic: Add stat for tx direct vs tx batched
     - vsock/bpf: Warn on socket without transport
     - tcp: adjust rcvq_space after updating scaling ratio
     - geneve: Suppress list corruption splat in geneve_destroy_tunnels().
     - flow_dissector: Fix handling of mixed port and port-range keys
     - flow_dissector: Fix port range key handling in BPF conversion
     - net: Add non-RCU dev_getbyhwaddr() helper
     - arp: switch to dev_getbyhwaddr() in arp_req_set_public()
     - net: axienet: Set mac_managed_pm
     - bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic
     - strparser: Add read_sock callback
     - bpf: Fix wrong copied_seq calculation
     - bpf: Disable non stream socket for strparser
     - power: supply: da9150-fg: fix potential overflow
     - nouveau/svm: fix missing folio unlock + put after
       make_device_exclusive_range()
     - drm/msm: Avoid rounding up to one jiffy
     - nvme/ioctl: add missing space in err message
     - bpf: skip non exist keys in generic_map_lookup_batch
     - drm/nouveau/pmu: Fix gp10b firmware guard
     - drm/msm/dpu: Disable dither in phys encoder cleanup
     - drm/i915: Make sure all planes in use by the joiner have their crtc
       included
     - drm/i915/dp: Fix error handling during 128b/132b link training
     - soc: loongson: loongson2_guts: Add check for devm_kstrdup()
     - lib/iov_iter: fix import_iovec_ubuf iovec management
     - ASoC: fsl_micfil: Enable default case in micfil_set_quality()
     - ALSA: hda: Add error check for snd_ctl_rename_id() in
       snd_hda_create_dig_out_ctls()
     - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
     - ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close
     - acct: block access to kernel internal filesystems
     - mm,madvise,hugetlb: check for 0-length range after end address
       adjustment
     - mtd: rawnand: cadence: fix error code in cadence_nand_init()
     - mtd: rawnand: cadence: use dma_map_resource for sdma address
     - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
     - EDAC/qcom: Cor

Source diff to previous version
1786013 Packaging resync
2115209 NVMe namespace ID mismatch on repeated map/unmap
2116072 integrated I219-LM network adapter appears to be running too fast, causing synchronization issues when using the I219-LM PTP feature
2115652 intel_rapl: support ARL-H hardware
2115068 Ubuntu 24.04+ arm64: screen resolution fixed to 1024x768 with last kernel update
2116212 Noble update: upstream stable patchset 2025-07-09
2114785 [SRU]Request E825-C driver into latest LTS of Ubuntu OS 24.04
2114450 [UBUNTU 22.04] kernel: Fix z17 elf platform recognition
2114258 [UBUNTU 24.04] Kernel: Add CPUMF extended counter set for z17
2115616 Noble update: upstream stable patchset 2025-06-29
2114849 Noble update: upstream stable patchset 2025-06-17
2117494 [Regression Updates] \
CVE-2025-21861 In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize
CVE-2025-21868 In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAX_SKB_FRAGS values Sabrina repor
CVE-2025-21869 In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Er
CVE-2025-21870 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DA
CVE-2025-21844 In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add chec
CVE-2025-21846 In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2)
CVE-2025-21847 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The null
CVE-2025-21848 In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value
CVE-2025-21862 In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the followin
CVE-2025-21871 In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon a
CVE-2025-21863 In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables,
CVE-2024-58088 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a
CVE-2025-21853 In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex
CVE-2025-21867 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() KMSAN reported a
CVE-2025-21864 In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hit
CVE-2025-21854 In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects al
CVE-2025-21855 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successful
CVE-2025-21856 In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release()
CVE-2025-21857 In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_c
CVE-2025-21858 In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after
CVE-2025-21866 In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_AL
CVE-2025-21859 In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a
CVE-2025-21746 In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pa
CVE-2024-57977 In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the
CVE-2025-21712 In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime After commit
CVE-2024-58093 In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 45
CVE-2025-38083 In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race conditio
CVE-2025-37797 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a U

Version: 6.8.0-70.70 2025-07-11 17:08:50 UTC

 linux (6.8.0-70.70) noble; urgency=medium
 .
   * noble/linux: 6.8.0-70.70 -proposed tracker (LP: #2116645)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update annotations scripts
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.07.14)
 .
   * NVMe namespace ID mismatch on repeated map/unmap (LP: #2115209)
     - nvme: requeue namespace scan on missed AENs
     - nvme: re-read ANA log page after ns scan completes
     - nvme: fixup scan failure for non-ANA multipath controllers
 .
   * integrated I219-LM network adapter appears to be running too fast, causing
     synchronization issues when using the I219-LM PTP feature (LP: #2116072)
     - e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
 .
   * intel_rapl: support ARL-H hardware (LP: #2115652)
     - powercap: intel_rapl_msr: Add PL4 support for ArrowLake-H
 .
   * Ubuntu 24.04+ arm64: screen resolution fixed to 1024x768 with last kernel
     update (LP: #2115068)
     - [Config] Replace FB_HYPERV with DRM_HYPERV
 .
   * Noble update: upstream stable patchset 2025-07-09 (LP: #2116212)
     - arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings
     - xfs: assert a valid limit in xfs_rtfind_forw
     - xfs: validate inumber in xfs_iget
     - xfs: fix a sloppy memory handling bug in xfs_iroot_realloc
     - xfs: fix a typo
     - xfs: skip background cowblock trims on inodes open for write
     - xfs: don't free cowblocks from under dirty pagecache on unshare
     - xfs: merge xfs_attr_leaf_try_add into xfs_attr_leaf_addname
     - xfs: return bool from xfs_attr3_leaf_add
     - xfs: distinguish extra split from real ENOSPC from xfs_attr3_leaf_split
     - xfs: distinguish extra split from real ENOSPC from
       xfs_attr_node_try_addname
     - xfs: fold xfs_bmap_alloc_userdata into xfs_bmapi_allocate
     - xfs: don't ifdef around the exact minlen allocations
     - xfs: call xfs_bmap_exact_minlen_extent_alloc from xfs_bmap_btalloc
     - xfs: support lowmode allocations in xfs_bmap_exact_minlen_extent_alloc
     - xfs: Use try_cmpxchg() in xlog_cil_insert_pcp_aggregate()
     - xfs: Remove empty declartion in header file
     - xfs: pass the exact range to initialize to xfs_initialize_perag
     - xfs: update the file system geometry after recoverying superblock
       buffers
     - xfs: error out when a superblock buffer update reduces the agcount
     - xfs: don't use __GFP_RETRY_MAYFAIL in xfs_initialize_perag
     - xfs: update the pag for the last AG at recovery time
     - xfs: Reduce unnecessary searches when searching for the best extents
     - xfs: streamline xfs_filestream_pick_ag
     - xfs: Check for delayed allocations before setting extsize
     - md/md-bitmap: replace md_bitmap_status() with a new helper
       md_bitmap_get_stats()
     - md/md-cluster: fix spares warnings for __le64
     - md/md-bitmap: add 'sync_size' into struct md_bitmap_stats
     - mm: update mark_victim tracepoints fields
     - cpufreq: dt-platdev: add missing MODULE_DESCRIPTION() macro
     - cpufreq: fix using cpufreq-dt as module
     - Bluetooth: qca: Support downloading board id specific NVM for WCN7850
     - Bluetooth: qca: Update firmware-name to support board specific nvm
     - Bluetooth: qca: Fix poor RF performance for WCN6855
     - Input: serio - define serio_pause_rx guard to pause and resume serio
       ports
     - ASoC: renesas: rz-ssi: Add a check for negative sample_space
     - ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB]
     - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
     - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline
     - ALSA: seq: Drop UMP events when no UMP-conversion is set
     - ibmvnic: Return error code on TX scrq flush fail
     - ibmvnic: Introduce send sub-crq direct
     - ibmvnic: Add stat for tx direct vs tx batched
     - vsock/bpf: Warn on socket without transport
     - tcp: adjust rcvq_space after updating scaling ratio
     - geneve: Suppress list corruption splat in geneve_destroy_tunnels().
     - flow_dissector: Fix handling of mixed port and port-range keys
     - flow_dissector: Fix port range key handling in BPF conversion
     - net: Add non-RCU dev_getbyhwaddr() helper
     - arp: switch to dev_getbyhwaddr() in arp_req_set_public()
     - net: axienet: Set mac_managed_pm
     - bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic
     - strparser: Add read_sock callback
     - bpf: Fix wrong copied_seq calculation
     - bpf: Disable non stream socket for strparser
     - power: supply: da9150-fg: fix potential overflow
     - nouveau/svm: fix missing folio unlock + put after
       make_device_exclusive_range()
     - drm/msm: Avoid rounding up to one jiffy
     - nvme/ioctl: add missing space in err message
     - bpf: skip non exist keys in generic_map_lookup_batch
     - drm/nouveau/pmu: Fix gp10b firmware guard
     - drm/msm/dpu: Disable dither in phys encoder cleanup
     - drm/i915: Make sure all planes in use by the joiner have their crtc
       included
     - drm/i915/dp: Fix error handling during 128b/132b link training
     - soc: loongson: loongson2_guts: Add check for devm_kstrdup()
     - lib/iov_iter: fix import_iovec_ubuf iovec management
     - ASoC: fsl_micfil: Enable default case in micfil_set_quality()
     - ALSA: hda: Add error check for snd_ctl_rename_id() in
       snd_hda_create_dig_out_ctls()
     - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
     - ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close
     - acct: block access to kernel internal filesystems
     - mm,madvise,hugetlb: check for 0-length range after end address
       adjustment
     - mtd: rawnand: cadence: fix error code in cadence_nand_init()
     - mtd: rawnand: cadence: use dma_map_resource for sdma address
     - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
     - EDAC/qcom: Cor

Source diff to previous version
1786013 Packaging resync
2115209 NVMe namespace ID mismatch on repeated map/unmap
2116072 integrated I219-LM network adapter appears to be running too fast, causing synchronization issues when using the I219-LM PTP feature
2115652 intel_rapl: support ARL-H hardware
2115068 Ubuntu 24.04+ arm64: screen resolution fixed to 1024x768 with last kernel update
2116212 Noble update: upstream stable patchset 2025-07-09
2114785 [SRU]Request E825-C driver into latest LTS of Ubuntu OS 24.04
2114450 [UBUNTU 22.04] kernel: Fix z17 elf platform recognition
2114258 [UBUNTU 24.04] Kernel: Add CPUMF extended counter set for z17
2115616 Noble update: upstream stable patchset 2025-06-29
2114849 Noble update: upstream stable patchset 2025-06-17
CVE-2025-21861 In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize
CVE-2025-21868 In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAX_SKB_FRAGS values Sabrina repor
CVE-2025-21869 In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Er
CVE-2025-21870 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DA
CVE-2025-21844 In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add chec
CVE-2025-21846 In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2)
CVE-2025-21847 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The null
CVE-2025-21848 In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value
CVE-2025-21862 In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the followin
CVE-2025-21871 In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon a
CVE-2025-21863 In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables,
CVE-2024-58088 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a
CVE-2025-21853 In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex
CVE-2025-21867 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() KMSAN reported a
CVE-2025-21864 In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hit
CVE-2025-21854 In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects al
CVE-2025-21855 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successful
CVE-2025-21856 In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release()
CVE-2025-21857 In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_c
CVE-2025-21858 In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after
CVE-2025-21866 In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_AL
CVE-2025-21859 In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a
CVE-2025-21746 In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pa
CVE-2024-57977 In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the
CVE-2025-21712 In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime After commit
CVE-2025-37797 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a U
CVE-2024-58093 In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 45
CVE-2025-38083 In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race conditio

Version: 6.8.0-64.67 2025-06-15 22:09:46 UTC

 linux (6.8.0-64.67) noble; urgency=medium
 .
   * noble/linux: 6.8.0-64.67 -proposed tracker (LP: #2114668)
 .
   * Unexpected system reboot at loading GUI session on some AMD platforms
     (LP: #2112462)
     - drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush
     - drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush
     - drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush
     - drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush
 .
   * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
     (LP: #2114174)
     - s390/pci: rename lock member in struct zpci_dev
     - s390/pci: introduce lock to synchronize state of zpci_dev's
     - s390/pci: remove hotplug slot when releasing the device
     - s390/pci: Remove redundant bus removal and disable from
       zpci_release_device()
     - s390/pci: Prevent self deletion in disable_slot()
     - s390/pci: Allow re-add of a reserved but not yet removed device
     - s390/pci: Serialize device addition and removal
 .
   * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
     (LP: #2114174) // CVE-2025-37946
     - s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has
       child VFs
 .
   * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
     (LP: #2114174) // CVE-2025-37974
     - s390/pci: Fix missing check for zpci_create_device() error return
 .
   * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
     (LP: #2114174) // CVE-2024-56699
     - s390/pci: Fix potential double remove of hotplug slot
 .
   * System will restart while resuming with SATA HDD or nvme installed with
     password set (LP: #2110090)
     - PCI: Explicitly put devices into D0 when initializing
 .
   * Noble update: upstream stable patchset 2025-06-12 (LP: #2114239)
     - btrfs: fix assertion failure when splitting ordered extent after
       transaction abort
     - btrfs: fix use-after-free when attempting to join an aborted transaction
     - arm64/mm: Ensure adequate HUGE_MAX_HSTATE
     - exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case
     - s390/stackleak: Use exrl instead of ex in __stackleak_poison()
     - btrfs: fix data race when accessing the inode's disk_i_size at
       btrfs_drop_extents()
     - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error
       handling
     - sched: Don't try to catch up excess steal time.
     - locking/ww_mutex/test: Use swap() macro
     - lockdep: Fix upper limit for LOCKDEP_*_BITS configs
     - x86/amd_nb: Restrict init function to AMD-based systems
     - drm/virtio: New fence for every plane update
     - drm: Add panel backlight quirks
     - drm: panel-backlight-quirks: Add Framework 13 matte panel
     - drm: panel-backlight-quirks: Add Framework 13 glossy and 2.8k panels
     - nvkm/gsp: correctly advance the read pointer of GSP message queue
     - nvkm: correctly calculate the available space of the GSP cmdq buffer
     - drm/amd/display: Populate chroma prefetch parameters, DET buffer fix
     - drm/amd/display: Overwriting dualDPP UBF values before usage
     - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
     - drm/connector: add mutex to protect ELD from concurrent access
     - drm/bridge: anx7625: use eld_mutex to protect access to connector->eld
     - drm/bridge: ite-it66121: use eld_mutex to protect access to
       connector->eld
     - drm/amd/display: use eld_mutex to protect access to connector->eld
     - drm/exynos: hdmi: use eld_mutex to protect access to connector->eld
     - drm/radeon: use eld_mutex to protect access to connector->eld
     - drm/sti: hdmi: use eld_mutex to protect access to connector->eld
     - drm/vc4: hdmi: use eld_mutex to protect access to connector->eld
     - drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor
     - drm/amdgpu: Don't enable sdma 4.4.5 CTXEMPTY interrupt
     - drm/amdkfd: Queue interrupt work to different CPU
     - drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT
     - drm/bridge: it6505: fix HDCP Bstatus check
     - drm/bridge: it6505: fix HDCP encryption when R0 ready
     - drm/bridge: it6505: fix HDCP CTS compare V matching
     - drm/bridge: it6505: fix HDCP V match check is not performed correctly
     - drm/bridge: it6505: fix HDCP CTS KSV list wait timer
     - safesetid: check size of policy writes
     - drm/amd/display: Increase sanitizer frame larger than limit when compile
       testing with clang
     - drm/amd/display: Limit Scaling Ratio on DCN3.01
     - wifi: rtw89: add crystal_cap check to avoid setting as overflow value
     - tun: fix group permission check
     - mmc: core: Respect quirk_max_rate for non-UHS SDIO card
     - mmc: sdhci-esdhc-imx: enable 'SDHCI_QUIRK_NO_LED' quirk for S32G
     - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()
     - tomoyo: don't emit warning in tomoyo_write_control()
     - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
     - wifi: rtw88: add __packed attribute to efuse layout struct
     - clk: qcom: Make GCC_8150 depend on QCOM_GDSC
     - HID: multitouch: Add quirk for Hantick 5288 touchpad
     - HID: Wacom: Add PCI Wacom device support
     - net/mlx5: use do_aux_work for PHC overflow checks
     - wifi: brcmfmac: Check the return value of
       of_property_read_string_index()
     - wifi: iwlwifi: pcie: Add support for new device ids
     - wifi: iwlwifi: avoid memory leak
     - i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
     - APEI: GHES: Have GHES honor the panic= setting
     - Bluetooth: btusb: Add new VID/PID 13d3/3610 for MT7922
     - Bluetooth: btusb: Add new VID/PID 13d3/3628 for MT7925
     - Bluetooth: MGMT: Fix slab-use-after-free Read in
       mgmt_remove_adv_monitor_sync
     - net: wwan: iosm: Fix hibernation by re-binding

2114174 [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
2110090 System will restart while resuming with SATA HDD or nvme installed with password set
2114239 Noble update: upstream stable patchset 2025-06-12
2109951 kvmppc_set_passthru_irq_hv: Could not assign IRQ map traces are seen when pci device is attached to kvm guest when \
2106558 Latitude 5450 is experiencing packet loss on Ethernet in Ubuntu 22.04
2109609 cpufreq amd-pstate: cpuinfo_max_freq reports incorrect value
2100340 PCI/ACS: Fix 'pci=config_acs=' parameter
2111599 [UBUNTU 24.04] s390/pci: Fix zpci_bus_is_isolated_vf() for non-VF
2106381 nvme/tcp hangs IO on arm
2111953 Noble update: upstream stable patchset 2025-05-29
2112519 raid1: Fix NULL pointer dereference in process_checks()
1786013 Packaging resync
CVE-2025-37946 In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs W
CVE-2025-37974 In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpci_create_device() error return The zpci_crea
CVE-2024-56699 In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug slot In commit 6ee600bfbe0f ("
CVE-2025-37750 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694
CVE-2025-40364 In the Linux kernel, the following vulnerability has been resolved: io_uring: fix io_req_prep_async with provided buffers io_req_prep_async() can i
CVE-2024-49887 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix t
CVE-2024-57975 In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when run_delalloc_nocow() failed [BUG] With CONF
CVE-2025-21714 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit
CVE-2025-21801 In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume
CVE-2025-21809 In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now
CVE-2024-58057 In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUN
CVE-2024-57953 In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multipl
CVE-2024-57982 In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in
CVE-2025-21721 In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs
CVE-2025-21722 In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not force clear folio if buffer is referenced Patch series "nilfs2:
CVE-2025-21798 In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kza
CVE-2025-21723 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsg_setup_queue()
CVE-2025-21724 In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() R
CVE-2025-21825 In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT During the upd
CVE-2024-57990 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should
CVE-2024-57974 In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socke
CVE-2024-57994 In the Linux kernel, the following vulnerability has been resolved: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() Jakub adde
CVE-2024-57999 In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW Power Hypervis
CVE-2024-58054 In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following ke
CVE-2024-58055 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the c
CVE-2024-57979 In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consis
CVE-2024-57980 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() functio
CVE-2024-58056 In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() fu
CVE-2025-21705 In the Linux kernel, the following vulnerability has been resolved: mptcp: handle fastopen disconnect correctly Syzbot was able to trigger a data s
CVE-2025-21707 In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options st
CVE-2024-57981 In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command
CVE-2025-21708 In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports [1] encount
CVE-2025-21826 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length T
CVE-2025-21808 In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound
CVE-2025-21710 In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "
CVE-2025-21715 In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it can
CVE-2025-21716 In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlan_vnifilter_dump() KMSAN reported an uninit-valu
CVE-2025-21718 In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the so
CVE-2025-21719 In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling
CVE-2025-21802 In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, i
CVE-2024-58058 In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free a
CVE-2024-58069 In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interfa
CVE-2025-21720 In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled
CVE-2025-21803 In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enable_gpe_wakeup() function call
CVE-2025-21810 In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()
CVE-2025-21811 In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_
CVE-2025-21804 In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()
CVE-2025-21829 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" The Call Trace
CVE-2024-57984 In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition In dw
CVE-2024-58034 In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_
CVE-2024-57973 In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" varia
CVE-2025-21725 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_
CVE-2025-21726 In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorder_work Although the previous patch can avoid ps and
CVE-2025-21727 In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASA
CVE-2025-21728 In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in al
CVE-2024-58070 In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, k
CVE-2025-21711 In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rose_setsockopt() In case of possible un
CVE-2025-21799 In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()
CVE-2025-21806 In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encou
CVE-2025-21830 In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem (e.g. bcachefs) might retur
CVE-2025-21828 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTH
CVE-2024-58061 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls
CVE-2024-57993 In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint chec
CVE-2025-21812 In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should re
CVE-2024-58071 In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent addi
CVE-2024-58063 In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitia
CVE-2024-58072 In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Up
CVE-2024-58053 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connecti
CVE-2024-57996 In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does
CVE-2024-57997 In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memor
CVE-2024-58051 In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can retu
CVE-2024-58068 In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a drive
CVE-2024-57998 In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass th
CVE-2024-58052 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_rang
CVE-2024-57986 In the Linux kernel, the following vulnerability has been resolved: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collect
CVE-2025-21731 In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause nbd_con
CVE-2025-37798 In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making
CVE-2025-37997 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in
CVE-2025-22088 In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_ce
CVE-2025-37890 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As



About   -   Send Feedback to @ubuntu_updates