Package "linux-tools-common"

 linux (6.17.0-38.38) questing; urgency=medium
 .
   * questing/linux: 6.17.0-38.38 -proposed tracker (LP: #2154532)
 .
   * Generic questing kernel oops on bootup with newer Nvidia machines
     (LP: #2154481)
     - nouveau: don't attempt fwsec on sb on newer platforms.
 .
   * Kernel regression (6.8.0-117.generic) (LP: #2153556)
     - bonding: do not set usable_slaves for broadcast mode
 .
   * powerpc-build in ubuntu_kernel_selftests fails to build due to
     uninitialized value (LP: #2129844)
     - selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
 .
   * iptables connlimit traffic loss (LP: #2149872)
     - netfilter: nf_conncount: fix tracking of connections from localhost
 .
   * On Dell system, the internal OLED display drops to a visibly low FPS after
     suspend/resume (LP: #2144712)
     - drm/i915/psr: Disable Panel Replay on Dell XPS 14 DA14260 as a quirk
     - drm/i915/psr: Fixes for Dell XPS DA14260 quirk
 .
   * CVE-2026-23272
     - netfilter: nf_tables: unconditionally bump set->nelems before insertion
 .
   * CVE-2026-31418
     - netfilter: ipset: drop logically empty buckets in mtype_del
 .
   * CVE-2026-23392
     - netfilter: nf_tables: release flowtable after rcu grace period on error
 .
   * CVE-2026-23278
     - netfilter: nf_tables: always walk all pending catchall elements
 .
   * GRO managed-frag use-after-free leading to local privilege escalation
     (LP: #2154172)
     - net: gro: don't merge zcopy skbs
 .
   * AppArmor Vulnerabilities (LP: #2151747)
     - SAUCE: apparmor: pass big_resp to handler
     - SAUCE: apparmor: remove redundant kref_init for listener->count
     - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47337
     - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47334
     - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47333
     - SAUCE: apparmor: fix dfa unpacking size of the notification filter
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47332
     - SAUCE: apparmor: fix size check against type instead of pointer
 .
   * apparmor: LLVM/clang build failure due to uninitialized variable in
     notify.c (LP: #2148809) // CVE-2026-47330
     - SAUCE: apparmor: initialize variable used in uninitialized context
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47329
     - SAUCE: apparmor: fix name validation bypass on notification
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47327 //
     CVE-2026-47328
     - SAUCE: apparmor: fix glob memory leak after kstrdup
 .
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47326
     - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer
 .
   * CVE-2026-46300
     - net: skbuff: preserve shared-frag marker during coalescing
     - net: skbuff: propagate shared-frag marker through frag-transfer helpers
 .
   * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
     - net/rds: reset op_nents when zerocopy page pin fails
 .
   * CVE-2026-46333
     - ptrace: slightly saner 'get_dumpable()' logic
 .
   * CVE-2026-43500
     - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
     - rxrpc: Fix potential UAF after skb_unshare() failure
     - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
     - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
 .
   * CVE-2026-31676 // CVE-2026-43500
     - rxrpc: only handle RESPONSE during service challenge
 .
   * CVE-2026-43284
     - xfrm: esp: avoid in-place decrypt on shared skb frags
 .
   * CVE-2026-31419
     - net: bonding: fix use-after-free in bond_xmit_broadcast()
 .
   * CVE-2026-31431
     - crypto: algif_aead - Revert to operating out-of-place
     - crypto: algif_aead - snapshot IV for async AEAD requests
     - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
       decryption
     - crypto: authencesn - Fix src offset when decrypting in-place
     - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
     - crypto: algif_aead - Fix minimum RX size check for decryption
 .
   * CVE-2026-31533
     - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
 .
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race

 linux (6.17.0-34.34) questing; urgency=medium
 .
   * questing/linux: 6.17.0-34.34 -proposed tracker (LP: #2154216)
 .
   * Kernel regression (6.8.0-117.generic) (LP: #2153556)
     - bonding: do not set usable_slaves for broadcast mode
 .
   * powerpc-build in ubuntu_kernel_selftests fails to build due to
     uninitialized value (LP: #2129844)
     - selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
 .
   * iptables connlimit traffic loss (LP: #2149872)
     - netfilter: nf_conncount: fix tracking of connections from localhost
 .
   * On Dell system, the internal OLED display drops to a visibly low FPS after
     suspend/resume (LP: #2144712)
     - drm/i915/psr: Disable Panel Replay on Dell XPS 14 DA14260 as a quirk
     - drm/i915/psr: Fixes for Dell XPS DA14260 quirk
 .
   * CVE-2026-23272
     - netfilter: nf_tables: unconditionally bump set->nelems before insertion
 .
   * CVE-2026-31418
     - netfilter: ipset: drop logically empty buckets in mtype_del
 .
   * CVE-2026-23392
     - netfilter: nf_tables: release flowtable after rcu grace period on error
 .
   * CVE-2026-23278
     - netfilter: nf_tables: always walk all pending catchall elements
 .
   * CVE-2026-46300
     - net: skbuff: preserve shared-frag marker during coalescing
     - net: skbuff: propagate shared-frag marker through frag-transfer helpers
 .
   * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
     - net/rds: reset op_nents when zerocopy page pin fails
 .
   * CVE-2026-46333
     - ptrace: slightly saner 'get_dumpable()' logic
 .
   * CVE-2026-43500
     - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
     - rxrpc: Fix potential UAF after skb_unshare() failure
     - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
     - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
 .
   * CVE-2026-31676 // CVE-2026-43500
     - rxrpc: only handle RESPONSE during service challenge
 .
   * CVE-2026-43284
     - xfrm: esp: avoid in-place decrypt on shared skb frags
 .
   * CVE-2026-31419
     - net: bonding: fix use-after-free in bond_xmit_broadcast()
 .
   * CVE-2026-31431
     - crypto: algif_aead - Revert to operating out-of-place
     - crypto: algif_aead - snapshot IV for async AEAD requests
     - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
       decryption
     - crypto: authencesn - Fix src offset when decrypting in-place
     - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
     - crypto: algif_aead - Fix minimum RX size check for decryption
 .
   * CVE-2026-31533
     - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
 .
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race

 linux (6.17.0-33.33) questing; urgency=medium
 .
   * questing/linux: 6.17.0-33.33 -proposed tracker (LP: #2154029)
 .
   * powerpc-build in ubuntu_kernel_selftests fails to build due to
     uninitialized value (LP: #2129844)
     - selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
 .
   * iptables connlimit traffic loss (LP: #2149872)
     - netfilter: nf_conncount: fix tracking of connections from localhost
 .
   * On Dell system, the internal OLED display drops to a visibly low FPS after
     suspend/resume (LP: #2144712)
     - drm/i915/psr: Disable Panel Replay on Dell XPS 14 DA14260 as a quirk
     - drm/i915/psr: Fixes for Dell XPS DA14260 quirk
 .
   * CVE-2026-23272
     - netfilter: nf_tables: unconditionally bump set->nelems before insertion
 .
   * CVE-2026-31418
     - netfilter: ipset: drop logically empty buckets in mtype_del
 .
   * CVE-2026-23392
     - netfilter: nf_tables: release flowtable after rcu grace period on error
 .
   * CVE-2026-23278
     - netfilter: nf_tables: always walk all pending catchall elements
 .
   * CVE-2026-46300
     - net: skbuff: preserve shared-frag marker during coalescing
     - net: skbuff: propagate shared-frag marker through frag-transfer helpers
 .
   * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
     - net/rds: reset op_nents when zerocopy page pin fails
 .
   * CVE-2026-46333
     - ptrace: slightly saner 'get_dumpable()' logic
 .
   * CVE-2026-43500
     - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
     - rxrpc: Fix potential UAF after skb_unshare() failure
     - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
     - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
 .
   * CVE-2026-31676 // CVE-2026-43500
     - rxrpc: only handle RESPONSE during service challenge
 .
   * CVE-2026-43284
     - xfrm: esp: avoid in-place decrypt on shared skb frags
 .
   * CVE-2026-31419
     - net: bonding: fix use-after-free in bond_xmit_broadcast()
 .
   * CVE-2026-31431
     - crypto: algif_aead - Revert to operating out-of-place
     - crypto: algif_aead - snapshot IV for async AEAD requests
     - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
       decryption
     - crypto: authencesn - Fix src offset when decrypting in-place
     - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
     - crypto: algif_aead - Fix minimum RX size check for decryption
 .
   * CVE-2026-31533
     - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
 .
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race

 linux (6.17.0-30.30) questing; urgency=medium
 .
   * questing/linux: 6.17.0-30.30 -proposed tracker (LP: #2151895)
 .
   * powerpc-build in ubuntu_kernel_selftests fails to build due to
     uninitialized value (LP: #2129844)
     - selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
 .
   * iptables connlimit traffic loss (LP: #2149872)
     - netfilter: nf_conncount: fix tracking of connections from localhost
 .
   * On Dell system, the internal OLED display drops to a visibly low FPS after
     suspend/resume (LP: #2144712)
     - drm/i915/psr: Disable Panel Replay on Dell XPS 14 DA14260 as a quirk
     - drm/i915/psr: Fixes for Dell XPS DA14260 quirk
 .
   * CVE-2026-23272
     - netfilter: nf_tables: unconditionally bump set->nelems before insertion
 .
   * CVE-2026-31418
     - netfilter: ipset: drop logically empty buckets in mtype_del
 .
   * CVE-2026-23392
     - netfilter: nf_tables: release flowtable after rcu grace period on error
 .
   * CVE-2026-23278
     - netfilter: nf_tables: always walk all pending catchall elements
 .
   * CVE-2026-31419
     - net: bonding: fix use-after-free in bond_xmit_broadcast()
 .
   * CVE-2026-31431
     - crypto: algif_aead - Revert to operating out-of-place
     - crypto: algif_aead - snapshot IV for async AEAD requests
     - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
       decryption
     - crypto: authencesn - Fix src offset when decrypting in-place
     - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
     - crypto: algif_aead - Fix minimum RX size check for decryption
 .
   * CVE-2026-31533
     - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
 .
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race

 linux (6.17.0-28.28) questing; urgency=medium
 .
   * questing/linux: 6.17.0-28.28 -proposed tracker (LP: #2150051)
 .
   * Linux kernel 6.17.0-22.22 breaks amdxdna (LP: #2149766)
     - Revert "iommu: disable SVA when CONFIG_X86 is set"
 .