Package "linux-modules-mofed-modules-24.10-6.11.0-26-generic"

 linux (6.11.0-26.26) oracular; urgency=medium
 .
   * oracular/linux: 6.11.0-26.26 -proposed tracker (LP: #2107166)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.04.14)
 .
   * drm/xe: prevent potential UAF in pf_provision_vf_ggtt() (LP: #2106652)
     - drm/xe: prevent potential UAF in pf_provision_vf_ggtt()
 .
   * Oracular update: upstream stable patchset 2025-04-09 (LP: #2106703)
     - IB/mlx5: Set and get correct qp_num for a DCT QP
     - RDMA/mana_ib: Allocate PAGE aligned doorbell index
     - scsi: ufs: core: Fix ufshcd_is_ufs_dev_busy() and ufshcd_eh_timed_out()
     - ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
     - SUNRPC: convert RPC_TASK_* constants to enum
     - SUNRPC: Prevent looping due to rpc_signal_task() races
     - SUNRPC: Handle -ETIMEDOUT return from tlshd
     - RDMA/mlx5: Fix AH static rate parsing
     - scsi: core: Clear driver private data when retrying request
     - RDMA/mlx5: Fix bind QP error cleanup flow
     - sunrpc: suppress warnings for unused procfs functions
     - ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports
     - Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response
     - rxrpc: rxperf: Fix missing decoding of terminal magic cookie
     - afs: Fix the server_list to unuse a displaced server rather than putting it
     - net: loopback: Avoid sending IP packets without an Ethernet header
     - net: set the minimum for net_hotdata.netdev_budget_usecs
     - ipv4: icmp: Pass full DS field to ip_route_input()
     - ipv4: icmp: Unmask upper DSCP bits in icmp_route_lookup()
     - ipvlan: Unmask upper DSCP bits in ipvlan_process_v4_outbound()
     - ipv4: Convert icmp_route_lookup() to dscp_t.
     - ipv4: Convert ip_route_input() to dscp_t.
     - ipvlan: Prepare ipvlan_process_v4_outbound() to future .flowi4_tos
       conversion.
     - ipvlan: ensure network headers are in skb linear part
     - net: cadence: macb: Synchronize stats calculations
     - ASoC: es8328: fix route from DAC to output
     - ipvs: Always clear ipvs_property flag in skb_scrub_packet()
     - firmware: cs_dsp: Remove async regmap writes
     - ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15
     - ice: add E830 HW VF mailbox message limit support
     - ice: Fix deinitializing VF in error path
     - tcp: Defer ts_recent changes until req is owned
     - net: Clear old fragment checksum value in napi_reuse_skb
     - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination.
     - net/mlx5: IRQ, Fix null string in debug print
     - net: ipv6: fix dst ref loop on input in seg6 lwt
     - net: ipv6: fix dst ref loop on input in rpl lwt
     - net: ti: icss-iep: Reject perout generation request
     - perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list
     - uprobes: Reject the shared zeropage in uprobe_write_opcode()
     - io_uring/net: save msg_control for compat
     - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems
     - phy: rockchip: naneng-combphy: compatible reset with old DT
     - riscv: KVM: Fix hart suspend status check
     - riscv: KVM: Fix SBI IPI error generation
     - riscv: KVM: Fix SBI TIME error generation
     - tracing: Fix bad hist from corrupting named_triggers list
     - ftrace: Avoid potential division by zero in function_stat_show()
     - ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2
     - ALSA: hda/realtek: Fix microphone regression on ASUS N705UD
     - perf/core: Add RCU read lock protection to perf_iterate_ctx()
     - perf/x86: Fix low freqency setting issue
     - perf/core: Fix low freq setting via IOC_PERIOD
     - drm/amd/display: Disable PSR-SU on eDP panels
     - drm/amd/display: Fix HPD after gpu reset
     - i2c: npcm: disable interrupt enable bit before devm_request_irq
     - i2c: ls2x: Fix frequency division register access
     - usbnet: gl620a: fix endpoint checking in genelink_bind()
     - net: enetc: fix the off-by-one issue in enetc_map_tx_buffs()
     - net: enetc: keep track of correct Tx BD count in enetc_map_tx_tso_buffs()
     - net: enetc: update UDP checksum when updating originTimestamp field
     - net: enetc: correct the xdp_tx statistics
     - net: enetc: fix the off-by-one issue in enetc_map_tx_tso_buffs()
     - phy: tegra: xusb: reset VBUS & ID OVERRIDE
     - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk
     - mptcp: always handle address removal under msk socket lock
     - mptcp: reset when MPTCP opts are dropped after join
     - vmlinux.lds: Ensure that const vars with relocations are mapped R/O
     - rcuref: Plug slowpath race in rcuref_put()
     - sched/core: Prevent rescheduling when interrupts are disabled
     - scsi: ufs: core: bsg: Fix crash when arpmb command fails
     - rseq/selftests: Fix riscv rseq_offset_deref_addv inline asm
     - riscv/futex: sign extend compare value in atomic cmpxchg
     - riscv: signal: fix signal frame size
     - Revert "rtla/timerlat_top: Set OSNOISE_WORKLOAD for kernel threads"
     - Revert "rtla/timerlat_hist: Set OSNOISE_WORKLOAD for kernel threads"
     - amdgpu/pm/legacy: fix suspend/resume issues
     - x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID
     - x86/microcode/AMD: Pay attention to the stepping dynamically
     - x86/microcode/AMD: Split load_microcode_amd()
     - x86/microcode/intel: Remove unnecessary cache writeback and invalidation
     - x86/microcode/AMD: Flush patch buffer mapping after application
     - x86/microcode/AMD: Return bool from find_blobs_in_containers()
     - x86/microcode/AMD: Make __verify_patch_size() return bool
     - x86/microcode/AMD: Have __apply_microcode_amd() return bool
     - x86/microcode/AMD: Merge early_apply_microcode() into its single callsite
     - x86/microcode/AMD: Get rid of the _load_microcode_amd() forward dec

 linux (6.11.0-24.24) oracular; urgency=medium
 .
   * oracular/linux: 6.11.0-24.24 -proposed tracker (LP: #2102476)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.03.17)
 .
   * ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J
     (LP: #2096976)
     - SAUCE: selftest: netfilter: fix null IP field in kci_test_ipsec_offload
 .
   * Add additional PCI ids for BMG support (LP: #2098969)
     - drm/xe/bmg: Add new PCI IDs
 .
   * wdat_wdt.ko should be pulled in by linux-image-virtual (LP: #2098554)
     - [Packaging]: wdat_wdt.ko is moved from "linux-modules-extra-*-generic" to
       "linux-modules-*-generic"
 .
   * CVE-2025-21756
     - vsock: Keep the binding until socket destruction
     - vsock: Orphan socket after transport release
 .
   * Oracular update: upstream stable patchset 2025-03-05 (LP: #2100983)
     - ASoC: wm8994: Add depends on MFD core
     - ASoC: samsung: Add missing selects for MFD_WM8994
     - seccomp: Stub for !CONFIG_SECCOMP
     - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request
     - of/unittest: Add test that of_address_to_resource() fails on non-
       translatable address
     - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag
     - hwmon: (drivetemp) Set scsi command timeout to 10s
     - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
     - smb: client: handle lack of EA support in smb2_query_path_info()
     - net: sched: fix ets qdisc OOB Indexing
     - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
     - cachestat: fix page cache statistics permission checking
     - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
     - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
     - ALSA: usb-audio: Add delay quirk for USB Audio Device
     - Input: xpad - add support for Nacon Pro Compact
     - Input: atkbd - map F23 key to support default copilot shortcut
     - Input: xpad - add unofficial Xbox 360 wireless receiver clone
     - Input: xpad - add QH Electronics VID/PID
     - Input: xpad - improve name of 8BitDo controller 2dc8:3106
     - Input: xpad - add support for Nacon Evol-X Xbox One Controller
     - Input: xpad - add support for wooting two he (arm)
     - drm/v3d: Assign job pointer to NULL before signaling the fence
     - ASoC: codecs: es8316: Fix HW rate calculation for 48Mhz MCLK
     - ASoC: cs42l43: Add codec force suspend/resume ops
     - drm/amd/display: Initialize denominator defaults to 1
     - ALSA: hda/realtek: Fix volume adjustment issue on Lenovo ThinkBook 16P Gen5
     - drm/connector: hdmi: Validate supported_formats matches ycbcr_420_allowed
     - ASoC: samsung: Add missing depends on I2C
     - mm: zswap: properly synchronize freeing resources during CPU hotunplug
     - mm: zswap: move allocations during CPU init outside the lock
     - libfs: Return ENOSPC when the directory offset range is exhausted
     - Revert "libfs: Add simple_offset_empty()"
     - Revert "libfs: fix infinite directory reads for offset dir"
     - libfs: Replace simple_offset end-of-directory detection
     - libfs: Use d_children list to iterate simple_offset directories
     - wifi: rtl8xxxu: add more missing rtl8192cu USB IDs
     - HID: wacom: Initialize brightness of LED trigger
     - Upstream stable to v6.6.75, v6.12.12
 .
   * CVE-2025-21702
     - pfifo_tail_enqueue: Drop new packet when sch->limit == 0
 .
   * CVE-2025-21703
     - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
 .
   * Fix line-out playback on some platforms with Cirrus Logic “Dolphin” hardware
     (LP: #2099880)
     - ALSA: hda/cirrus: Correct the full scale volume set logic
 .
   * Enable Large Language Model (LLM) workloads using Intel NPU (LP: #2098972)
     - accel/ivpu: Increase DMA address range
 .
   * Introduce and use sendpages_ok() instead of sendpage_ok() in nvme-tcp and
     drbd (LP: #2093871)
     - net: introduce helper sendpages_ok()
     - nvme-tcp: use sendpages_ok() instead of sendpage_ok()
     - drbd: use sendpages_ok() instead of sendpage_ok()
 .
   * Intel Be201 Bluetooth hardware error 0x0f on Arrow Lake (LP: #2088151)
     - Bluetooth: btintel: Add DSBR support for BlazarIW, BlazarU and GaP
 .
   * Oracular update: upstream stable patchset 2025-02-26 (LP: #2100328)
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()
     - bpf: Fix bpf_sk_select_reuseport() memory leak
     - openvswitch: fix lockup on tx to unregistering netdev with carrier
     - pktgen: Avoid out-of-bounds access in get_imix_entries
     - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp().
     - gtp: Destroy device along with udp socket's netns dismantle.
     - nfp: bpf: prevent integer overflow in nfp_bpf_event_output()
     - net: xilinx: axienet: Fix IRQ coalescing packet count overflow
     - net: fec: handle page_pool_dev_alloc_pages error
     - net/mlx5: Fix RDMA TX steering prio
     - net/mlx5: Clear port select structure when fail to create
     - net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
     - net/mlx5e: Rely on reqid in IPsec tunnel mode
     - net/mlx5e: Always start IPsec sequence number from 1
     - drm/vmwgfx: Add new keep_resv BO param
     - drm/v3d: Ensure job pointer is set to NULL after job completion
     - soc: ti: pruss: Fix pruss APIs
     - hwmon: (tmp513) Fix division of negative numbers
     - Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data"
     - i2c: mux: demux-pinctrl: check initial mux selection, too
     - i2c: rcar: fix NACK handling when being a target
     - smb: client: fix double free of TCP_Server_Info::hostname
     - mac802154: check local interfaces before deleting sdata list
     - hfs: Sanity check the root record
     - fs: fix missing declaration of init_files
     - kheaders: Ignore silly-rename files
     - cachefiles: Parse t

 linux (6.11.0-21.21) oracular; urgency=medium
 .
   * oracular/linux: 6.11.0-21.21 -proposed tracker (LP: #2098763)
 .
   * Processes crash when attaching uretprobes to processes running in Docker
     (LP: #2098759)
     - seccomp: passthrough uretprobe systemcall without filtering
 .

 linux (6.11.0-20.20) oracular; urgency=medium
 .
   * oracular/linux: 6.11.0-20.20 -proposed tracker (LP: #2098205)
 .
   * drm/amd/display: Add check for granularity in dml ceil/floor helpers
     (LP: #2098080)
     - drm/amd/display: Add check for granularity in dml ceil/floor helpers
 .
   * optimized default EPP for GNR family (LP: #2097554)
     - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids
 .
   * Incorrect LAPIC/x2APIC parsing order (LP: #2097455)
     - x86/acpi: Fix LAPIC/x2APIC parsing order
 .
   * MGLRU: page allocation failure on NUMA-enabled systems (LP: #2097214)
     - mm/vmscan: wake up flushers conditionally to avoid cgroup OOM
 .
   * AppArmor early policy load not funcitoning (LP: #2095370)
     - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [66/99]: userns - add the
       ability to reference a global variable for a feature value"
 .
   * apparmor unconfined profile blocks pivot_root (LP: #2067900)
     - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [80/99]: apparmor: convert easy
       uses of unconfined() to label_mediates()"
 .
   * Oracular update: upstream stable patchset 2025-02-13 (LP: #2098165)
     - memblock: make memblock_set_node() also warn about use of MAX_NUMNODES
     - jbd2: increase IO priority for writing revoke records
     - jbd2: flush filesystem device before updating tail sequence
     - dm array: fix unreleased btree blocks on closing a faulty array cursor
     - dm array: fix cursor index when skipping across block boundaries
     - exfat: fix the infinite loop in __exfat_free_cluster()
     - ASoC: rt722: add delay time to wait for the calibration procedure
     - ASoC: mediatek: disable buffer pre-allocation
     - selftests/alsa: Fix circular dependency involving global-timer
     - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
     - net: 802: LLC+SNAP OID:PID lookup on start of skb data
     - tcp/dccp: allow a connection when sk_max_ack_backlog is zero
     - net: libwx: fix firmware mailbox abnormal return
     - pds_core: limit loop over fw name list
     - bnxt_en: Fix possible memory leak when hwrm_req_replace fails
     - cxgb4: Avoid removal of uninserted tid
     - ice: fix incorrect PHY settings for 100 GB/s
     - igc: return early when failing to read EECD register
     - tls: Fix tls_sw_sendmsg error handling
     - eth: gve: use appropriate helper to set xdp_features
     - Bluetooth: hci_sync: Fix not setting Random Address when required
     - Bluetooth: MGMT: Fix Add Device to responding before completing
     - Bluetooth: btnxpuart: Fix driver sending truncated data
     - Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming
     - tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
     - netfilter: nf_tables: imbalance in flowtable binding
     - drm/mediatek: stop selecting foreign drivers
     - [Config] updateconfigs for MTK_SMI
     - drm/mediatek: Fix YCbCr422 color format issue for DP
     - drm/mediatek: Fix mode valid issue for dp
     - drm/mediatek: Add return value check when reading DPCD
     - cpuidle: riscv-sbi: fix device node release in early exit of
       for_each_possible_cpu
     - scsi: ufs: qcom: Power off the PHY if it was already powered on in
       ufs_qcom_power_up_sequence()
     - dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
     - ksmbd: Implement new SMB3 POSIX type
     - thermal: of: fix OF node leak in of_thermal_zone_find()
     - smb: client: sync the root session and superblock context passwords before
       automounting
     - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
     - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
     - drm/amd/display: increase MAX_SURFACES to the value supported by hw
     - io_uring/timeout: fix multishot updates
     - dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2)
     - USB: serial: option: add MeiG Smart SRM815
     - USB: serial: option: add Neoway N723-EA support
     - staging: iio: ad9834: Correct phase range check
     - staging: iio: ad9832: Correct phase range check
     - usb-storage: Add max sectors quirk for Nokia 208
     - USB: serial: cp210x: add Phoenix Contact UPS Device
     - usb: dwc3: gadget: fix writing NYET threshold
     - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
       config
     - tty: serial: 8250: Fix another runtime PM usage counter underflow
     - usb: dwc3-am62: Disable autosuspend during remove
     - USB: usblp: return error when setting unsupported protocol
     - USB: core: Disable LPM only for non-suspended ports
     - usb: fix reference leak in usb_new_device()
     - usb: gadget: midi2: Reverse-select at the right place
     - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
       the error path of .probe()
     - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
     - usb: typec: tcpm/tcpci_maxim: fix error code in
       max_contaminant_read_resistance_kohm()
     - usb: gadget: configfs: Ignore trailing LF for user strings to cdev
     - iio: gyro: fxas21002c: Fix missing data update in trigger handler
     - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
     - iio: inkern: call iio_device_put() only on mapped devices
     - iio: adc: ad7124: Disable all channels at probe time
     - ARM: dts: imxrt1050: Fix clocks for mmc
     - arm64: dts: rockchip: add hevc power domain clock to rk3328
     - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported
     - iomap: pass byte granular end position to iomap_add_to_ioend
     - iomap: fix zero padding data issue in concurrent append writes
     - netfs: Fix missing barriers by using clear_and_wake_up_bit()
     - fuse: respect FOPEN_KEEP_CACHE on opendir
     - ovl: pass realinode to ovl_encode_real_fh() instead of realdentry
     - net: don't dump Tx and uninitialized NAPIs
     - ice: fix ma

 linux (6.11.0-18.18) oracular; urgency=medium
 .
   * CVE-2025-0927
     - SAUCE: fs: hfs/hfsplus: add key_len boundary check to hfs_bnode_read_key
 .