Package "linux-modules-6.2.0-23-generic"

  linux-hwe-6.2 (6.2.0-39.40~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.2: 6.2.0-39.40~22.04.1 -proposed tracker (LP: #2041556)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] update variants

  [ Ubuntu: 6.2.0-39.40 ]

  * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451)
  * USB bus error after upgrading to proposed kernel on lunar and jammy
    (LP: #2043197)
    - USB: core: Fix oversight in SuperSpeed initialization
  * Include cifs.ko in linux-modules package (LP: #2042546)
    - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list

  [ Ubuntu: 6.2.0-38.39 ]

  * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557)
  * CVE-2023-25775
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-5345
    - fs/smb/client: Reset password pointer to NULL
  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read
  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-39193
    - netfilter: xt_sctp: validate the flag_info count
  * CVE-2023-39192
    - netfilter: xt_u32: validate user space input
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads
  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup
  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
  * CVE-2023-5090
    - x86: KVM: SVM: always update the x2avic msr interception
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe
  * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884)
    - ACPI: thermal: Drop nocrt parameter
    - module: Expose module_init_layout_section()
    - arm64: module-plts: inline linux/moduleloader.h
    - arm64: module: Use module_init_layout_section() to spot init sections
    - ARM: module: Use module_init_layout_section() to spot init sections
    - lockdep: fix static memory detection even more
    - parisc: Cleanup mmap implementation regarding color alignment
    - parisc: sys_parisc: parisc_personality() is called from asm code
    - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc
    - kallsyms: Fix kallsyms_selftest failure
    - module/decompress: use vmalloc() for zstd decompression workspace
    - Upstream stable to v6.1.51, v6.4.14
    - erofs: ensure that the post-EOF tails are all zeroed
    - ksmbd: fix wrong DataOffset validation of create context
    - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
    - ksmbd: replace one-element array with flex-array member in struct
      smb2_ea_info
    - ksmbd: reduce descriptor size if remaining bytes is less than request size
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - ALSA: usb-audio: Fix init call orders for UAC1
    - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
    - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
    - HID: wacom: remove the battery when the EKR is off
    - staging: rtl8712: fix race condition
    - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
      condition
    - wifi: mt76: mt7921: do not support one stream on secondary antenna only
    - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
    - serial: qcom-geni: fix opp vote on shutdown
    - serial: sc16is7xx: fix broken port 0 uart init
    - serial: sc16is7xx: fix bug when first setting GPIO direction
    - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
    - tcpm: Avoid soft reset when partner does not support get_status
    - dt-bindings: sc16is7xx: Add property to change GPIO function
    - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
    - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
    - usb: typec: tcpci: clear the fault status bit
    - pinctrl: amd: Don't show `Invalid config param` errors
    - wifi: rtw88: usb: kill and free rx urbs on probe failure
    - Upstream stable to v6.1.52, v6.4.15
  * Lunar update: upstream stable patchset 2023-10-18 (LP: #2039742)
    - NFSv4.2: fix error handling in nfs42_proc_getxattr
    - NFSv4: fix out path in __nfs4_get_acl_uncached
    - xprtrdma: Remap Receive buffers after a reconnect
    - drm/ast: Use drm_aperture_remove_conflicting_pci_framebuffers
    - fbdev/radeon: use pci aperture helpers
    - PCI: acpiphp: Reassign resources on bridge if necessary
    - MIPS: cpu-features: Enable octeon_cache by cpu_type
    - MIPS: cpu-features: Use boot_cpu_type for CPU type based features
    - jbd2: remove t_checkpoint_io_list
    - jbd2: remove journal_clean_one_cp_list()
    - jbd2: fix a race when checking checkpoint buffer busy
    - can: raw: fix receiver memory leak
    - can: raw: fix lockdep issue in raw_release()
    - s390/zcrypt: remove unnecessary (void *) conversions
    - s390/zcrypt: fix reply buffer calculations for CCA replies

  linux-hwe-6.2 (6.2.0-36.37~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.2: 6.2.0-36.37~22.04.1 -proposed tracker (LP: #2038075)

  [ Ubuntu: 6.2.0-36.37 ]

  * lunar/linux: 6.2.0-36.37 -proposed tracker (LP: #2038076)
  * Regression for ubuntu_bpf test build caused by upstream bdeeed3498c7
    (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * CVE-2023-4244
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-4563
    - netfilter: nf_tables: remove busy mark and gc batch API
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support
  * Lunar update: upstream stable patchset 2023-09-21 (LP: #2037005)
    - Upstream stable to v6.1.41, v6.4.6
    - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
    - ALSA: hda/realtek - remove 3k pull low procedure
    - ALSA: hda/realtek: Add quirk for Clevo NS70AU
    - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
    - maple_tree: set the node limit when creating a new root node
    - maple_tree: fix node allocation testing on 32 bit
    - keys: Fix linking a duplicate key to a keyring's assoc_array
    - perf probe: Add test for regression introduced by switch to
      die_get_decl_file()
    - btrfs: fix warning when putting transaction with qgroups enabled after abort
    - fuse: revalidate: don't invalidate if interrupted
    - fuse: Apply flags2 only when userspace set the FUSE_INIT_EXT
    - btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
    - btrfs: zoned: fix memory leak after finding block group with super blocks
    - fuse: ioctl: translate ENOSYS in outarg
    - btrfs: fix race between balance and cancel/pause
    - selftests: tc: set timeout to 15 minutes
    - selftests: tc: add 'ct' action kconfig dep
    - regmap: Drop initial version of maximum transfer length fixes
    - of: Preserve "of-display" device name for compatibility
    - regmap: Account for register length in SMBus I/O limits
    - arm64/fpsimd: Ensure SME storage is allocated after SVE VL changes
    - can: mcp251xfd: __mcp251xfd_chip_set_mode(): increase poll timeout
    - can: bcm: Fix UAF in bcm_proc_show()
    - can: gs_usb: gs_can_open(): improve error handling
    - selftests: tc: add ConnTrack procfs kconfig
    - dma-buf/dma-resv: Stop leaking on krealloc() failure
    - drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
    - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
    - drm/amdgpu/pm: make mclk consistent for smu 13.0.7
    - drm/client: Fix memory leak in drm_client_target_cloned
    - drm/client: Fix memory leak in drm_client_modeset_probe
    - drm/amd/display: only accept async flips for fast updates
    - drm/amd/display: Disable MPC split by default on special asic
    - drm/amd/display: check TG is non-null before checking if enabled
    - drm/amd/display: Keep PHY active for DP displays on DCN31
    - ASoC: fsl_sai: Disable bit clock with transmitter
    - ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master
      mode"
    - ASoC: tegra: Fix ADX byte map
    - ASoC: rt5640: Fix sleep in atomic context
    - ASoC: cs42l51: fix driver to properly autoload with automatic module loading
    - ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
    - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
    - ASoC: qdsp6: audioreach: fix topology probe deferral
    - ASoC: tegra: Fix AMX byte map
    - ASoC: codecs: wcd938x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix missing mbhc init error handling
    - ASoC: codecs: wcd934x: fix resource leaks on component remove
    - ASoC: codecs: wcd938x: fix codec initialisation race
    - ASoC: codecs: wcd938x: fix soundwire initialisation race
    - ext4: correct inline offset when handling xattrs in inode body
    - drm/radeon: Fix integer overflow in radeon_cs_parser_init
    - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
    - quota: Properly disable quotas when add_dquot_ref() fails
    - quota: fix warning in dqgrab()
    - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
    - ovl: check type and offset of struct vfsmount in ovl_entry
    - udf: Fix uninitialized array access for some pathnames
    - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
    - MIPS: dec: prom: Address -Warray-bounds warning
    - FS: JFS: Fix null-ptr-deref Read in txBegin
    - FS: JFS: Check for read-only mounted filesystem in txBegin
    - ACPI: video: Add backlight=native DMI quirk for Dell Studio 1569
    - rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
    - rcu: Mark additional concurrent load from ->cpu_no_qs.b.exp
    - sched/fair: Don't balance task to its current running CPU
    - wifi: ath11k: fix registration of 6Ghz-only phy wit

  linux-hwe-6.2 (6.2.0-34.34~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.2: 6.2.0-34.34~22.04.1 -proposed tracker (LP: #2033778)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 6.2.0-34.34 ]

  * lunar/linux: 6.2.0-34.34 -proposed tracker (LP: #2033779)
  * CVE-2023-20569
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - tools headers x86 cpufeatures: Sync with the kernel sources
    - x86/alternative: Optimize returns patching
    - x86/retbleed: Add __x86_return_thunk alignment checks
    - x86/srso: Add a Speculative RAS Overflow mitigation
    - x86/srso: Add IBPB_BRTYPE support
    - x86/srso: Add SRSO_NO support
    - x86/srso: Add IBPB
    - x86/srso: Add IBPB on VMEXIT
    - x86/srso: Fix return thunks in generated code
    - x86/srso: Add a forgotten NOENDBR annotation
    - x86/srso: Tie SBPB bit setting to microcode patch detection
    - Documentation/hw-vuln: Unify filename specification in index
    - Documentation/srso: Document IBPB aspect and fix formatting
    - x86/srso: Fix build breakage with the LLVM linker
    - x86: Move gds_ucode_mitigated() declaration to header
    - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
    - x86/srso: Disable the mitigation on unaffected configurations
    - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
    - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with
      retpolines and IBT
    - x86/cpu: Fix __x86_return_thunk symbol type
    - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
    - objtool/x86: Fix SRSO mess
    - x86/alternative: Make custom return thunk unconditional
    - x86/cpu: Clean up SRSO return thunk mess
    - x86/cpu: Rename original retbleed methods
    - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
    - x86/cpu: Cleanup the untrain mess
    - x86/srso: Explain the untraining sequences a bit more
    - objtool/x86: Fixup frame-pointer vs rethunk
    - x86/static_call: Fix __static_call_fixup()
    - x86/srso: Correct the mitigation status when SMT is disabled
    - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
    - [Config] Mark sh-sci as built-in
  * dGPU cannot resume because system firmware stuck in IPCS method
    (LP: #2021572)
    - drm/i915/tc: Abort DP AUX transfer on a disconnected TC port
    - drm/i915/tc: switch to intel_de_* register accessors in display code
    - drm/i915: Enable a PIPEDMC whenever its corresponding pipe is enabled
    - drm/i915/tc: Fix TC port link ref init for DP MST during HW readout
    - drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks
    - drm/i915/tc: Wait for IOM/FW PHY initialization of legacy TC ports
    - drm/i915/tc: Factor out helpers converting HPD mask to TC mode
    - drm/i915/tc: Fix target TC mode for a disconnected legacy port
    - drm/i915/tc: Fix TC mode for a legacy port if the PHY is not ready
    - drm/i915/tc: Fix initial TC mode on disabled legacy ports
    - drm/i915/tc: Make the TC mode readout consistent in all PHY states
    - drm/i915: Add encoder hook to get the PLL type used by TC ports
    - drm/i915/tc: Assume a TC port is legacy if VBT says the port has HDMI
    - drm/i915/tc: Factor out a function querying active links on a TC port
    - drm/i915/tc: Check the PLL type used by an enabled TC port
    - drm/i915/tc: Group the TC PHY setup/query functions per platform
    - drm/i915/tc: Use the adlp prefix for ADLP TC PHY functions
    - drm/i915/tc: Rename tc_phy_status_complete() to tc_phy_is_ready()
    - drm/i915/tc: Use the tc_phy prefix for all TC PHY functions
    - drm/i915/tc: Move TC port fields to a new intel_tc_port struct
    - drm/i915/tc: Check for TC PHY explicitly in
      intel_tc_port_fia_max_lane_count()
    - drm/i915/tc: Move the intel_tc_port struct declaration to intel_tc.c
    - drm/i915/tc: Add TC PHY hook to get the PHY HPD live status
    - drm/i915/tc: Add TC PHY hooks to get the PHY ready/owned state
    - drm/i915/tc: Add TC PHY hook to read out the PHY HW state
    - drm/i915/tc: Add generic TC PHY connect/disconnect handlers
    - drm/i915/tc: Factor out tc_phy_verify_legacy_or_dp_alt_mode()
    - drm/i915/tc: Add TC PHY hooks to connect/disconnect the PHY
    - drm/i915/tc: Fix up the legacy VBT flag only in disconnected mode
    - drm/i915/tc: Check TC mode instead of the VBT legacy flag
    - drm/i915/tc: Block/unblock TC-cold in the PHY connect/disconnect hooks
    - drm/i915/tc: Remove redundant wakeref=0 check from unblock_tc_cold()
    - drm/i915/tc: Drop tc_cold_block()/unblock()'s power domain parameter
    - drm/i915/tc: Add TC PHY hook to get the TC-cold blocking power domain
    - drm/i915/tc: Add asserts in TC PHY hooks that the required power is on
    - drm/i915/tc: Add TC PHY hook to init the PHY
    - drm/i915/adlp/tc: Use the DE HPD ISR register for hotplug detection
    - drm/i915/tc: Get power ref for reading the HPD live status register
    - drm/i915/tc: Don't connect the PHY in intel_tc_port_connected()
    - drm/i915/adlp/tc: Align the connect/disconnect PHY sequence with bspec
    - drm/i915: Move shared DPLL disabling into CRTC disable hook
    - drm/i915: Disable DPLLs before disconnecting the TC PHY
    - drm/i915: Remove TC PHY disconnect workaround
    - drm/i915: Remove the encoder update_prepare()/complete() hooks
    - drm/i915/dp_mst: Fix active port PLL selection for secondary MST streams
    - drm/i915: Fix PIPEDMC disabling for a bigjoiner configuration
    - drm/i915: Add helpers to reference/unreference a DPLL for a CRTC
    - drm/i915: Make the CRTC state consistent during sanitize-disabling
    - drm/i915: Update connector atomic state before crtc sanitize-disabling
    - drm/i915: Separate intel_crtc_disable_noatomic_begin/complete()
    - drm/i915: Factor out set_encoder_for_co

  linux-hwe-6.2 (6.2.0-32.32~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.2: 6.2.0-32.32~22.04.1 -proposed tracker (LP: #2030380)

  [ Ubuntu: 6.2.0-32.32 ]

  * lunar/linux: 6.2.0-32.32 -proposed tracker (LP: #2031134)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

  [ Ubuntu: 6.2.0-30.30 ]

  * lunar/linux: 6.2.0-30.30 -proposed tracker (LP: #2030381)
  * CVE-2022-40982
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - ia64/cpu: Switch to arch_cpu_finalize_init()
    - m68k/cpu: Switch to arch_cpu_finalize_init()
    - mips/cpu: Switch to arch_cpu_finalize_init()
    - sh/cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow
  * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
    - ASoC: cs35l41: Refactor error release code
    - ALSA: cs35l41: Add shared boost feature
    - ASoC: dt-bindings: cirrus, cs35l41: Document CS35l41 shared boost
    - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
    - ALSA: hda: cs35l41: Enable Amp High Pass Filter
    - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
    - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
    - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
      load
    - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
      suspending.
    - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
    - ALSA: hda: cs35l41: Move Play and Pause into separate functions
    - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
    - ALSA: hda: cs35l41: Use pre and post playback hooks
    - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
    - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
    - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
  * Reboot command powers off the system (LP: #2029332)
    - x86/smp: Make stop_other_cpus() more robust
    - x86/smp: Dont access non-existing CPUID leaf
  * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
    (LP: #2015400)
    - loop: deprecate autoloading callback loop_probe()
    - loop: do not enforce max_loop hard limit by (new) default
  * Fix UBSAN in Intel EDAC driver (LP: #2028746)
    - EDAC/skx_common: Enable EDAC support for the "near" memory
    - EDAC/skx_common: Delete duplicated and unreachable code
    - EDAC/i10nm: Add Intel Emerald Rapids server support
    - EDAC/i10nm: Make more configurations CPU model specific
    - EDAC/i10nm: Add Intel Granite Rapids server support
    - EDAC/i10nm: Skip the absent memory controllers
  * Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
    - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
    - video/aperture: use generic code to figure out the vga default device
    - drm/aperture: Remove primary argument
    - video/aperture: Only kick vgacon when the pdev is decoding vga
    - video/aperture: Move vga handling to pci function
    - video/aperture: Drop primary argument
    - video/aperture: Only remove sysfb on the default vga pci device
    - fbdev: Simplify fb_is_primary_device for x86
    - video/aperture: Provide a VGA helper for gma500 and internal use
  * Fix AMD gpu hang when screen off/on (LP: #2028740)
    - drm/amd/display: Keep PHY active for dp config
  * Various backlight issues with the 6.0/6.1 kernel (LP: #2023638)
    - ACPI: video: Stop trying to use vendor backlight control on laptops from
      after ~2012
  * FM350(mtk_t7xx) failed to suspend, or early wake while suspending
    (LP: #2020743)
    - net: wwan: t7xx: Ensure init is completed before system sleep
  * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
    - r8152: add USB device driver for config selection
  * CVE-2023-20593
    - x86/cpu/amd: Move the errata checking functionality up
    - x86/cpu/amd: Add a Zenbleed fix
  * CVE-2023-4004
    - netfilter: nft_set_pipapo: fix improper element removal
  * CVE-2023-3611
    - net/sched: sch_qfq: refactor parsing of netlink parameters
    - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
  * CVE-2023-3610
    - netfilter: nf_tables: fix chain binding transaction logic
  * CVE-2023-2898
    - f2fs: fix t

  linux-hwe-6.2 (6.2.0-25.25~22.04.2) jammy; urgency=medium

  * jammy/linux-hwe-6.2: 6.2.0-25.25~22.04.2 -proposed tracker (LP: #2024539)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

  [ Ubuntu: 6.2.0-25.25 ]

  * lunar/linux: 6.2.0-25.25 -proposed tracker (LP: #2024167)
  * ftrace in ubuntu_kernel_selftests failed with "check if duplicate events are
    caught" on J-5.15 P9 / J-kvm / L-kvm (LP: #1977827)
    - SAUCE: selftests/ftrace: Add test dependency
  * Add microphone support of the front headphone port on P3 Tower
    (LP: #2023650)
    - ALSA: hda/realtek: Add Lenovo P3 Tower platform
  * Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2 (LP: #2023539)
    - ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
  * Fix Disable thunderbolt clx make edp-monitor garbage while moving the
    touchpad (LP: #2023004)
    - drm/i915: Use 18 fast wake AUX sync len
  * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C
    dongle (LP: #2021949)
    - thunderbolt: Increase timeout of DP OUT adapter handshake
    - thunderbolt: Do not touch CL state configuration during discovery
    - thunderbolt: Increase DisplayPort Connection Manager handshake timeout
  * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591)
    - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs
  * Fix only reach PC3 when ethernet is plugged r8169 (LP: #1946433)
    - r8169: use spinlock to protect mac ocp register access
    - r8169: use spinlock to protect access to registers Config2 and Config5
    - r8169: enable cfg9346 config register access in atomic context
    - r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
    - r8169: disable ASPM during NAPI poll
    - r8169: remove ASPM restrictions now that ASPM is disabled during NAPI poll
  * introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
    (LP: #2021605)
    - [Packaging] introduce do_lib_rust and enable it only on generic amd64
  * System either hang with black screen or rebooted on entering suspend on AMD
    Ryzen 9 PRO 7940HS w/ Radeon 780M Graphics (LP: #2020685)
    - drm/amdgpu: refine get gpu clock counter method
    - drm/amdgpu/gfx11: update gpu_clock_counter logic
  * generate linux-lib-rust only on amd64 (LP: #2020356)
    - [Packaging] generate linux-lib-rust only on amd64
  * No HDMI/DP audio output on dock(Nvidia GPU) (LP: #2020062)
    - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
  * Add support for mdev_set_iommu_device() kABI in Ubuntu 22.10 kernel
    (LP: #1988806)
    - SAUCE: Add mdev_set_iommu_device() kABI.
  * Enable audio LEDs on HP laptops (LP: #2019915)
    - ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop
    - ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop
  * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
    images (LP: #2019040)
    - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
  * Lunar update: v6.2.13 upstream stable release (LP: #2023929)
    - ARM: dts: rockchip: fix a typo error for rk3288 spdif node
    - arm64: dts: rockchip: Lower sd speed on rk3566-soquartz
    - arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
    - arm64: dts: qcom: ipq8074-hk10: enable QMP device, not the PHY node
    - arm64: dts: meson-g12-common: specify full DMC range
    - arm64: dts: meson-g12-common: resolve conflict between canvas & pmu
    - perf/amlogic: adjust register offsets
    - arm64: dts: qcom: sc8280xp-pmics: fix pon compatible and registers
    - arm64: dts: imx8mm-evk: correct pmic clock source
    - arm64: dts: imx8mm-verdin: correct off-on-delay
    - arm64: dts: imx8mp-verdin: correct off-on-delay
    - netfilter: br_netfilter: fix recent physdev match breakage
    - netfilter: nf_tables: Modify nla_memdup's flag to GFP_KERNEL_ACCOUNT
    - rust: str: fix requierments->requirements typo
    - regulator: fan53555: Explicitly include bits header
    - regulator: fan53555: Fix wrong TCS_SLEW_MASK
    - virtio_net: bugfix overflow inside xdp_linearize_page()
    - sfc: Fix use-after-free due to selftest_work
    - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
    - i40e: fix accessing vsi->active_filters without holding lock
    - i40e: fix i40e_setup_misc_vector() error handling
    - netfilter: nf_tables: validate catch-all set elements
    - cxgb4: fix use after free bugs caused by circular dependency problem
    - netfilter: nf_tables: tighten netlink attribute requirements for catch-all
      elements
    - bnxt_en: Do not initialize PTP on older P3/P4 chips
    - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
    - LoongArch: Fix build error if CONFIG_SUSPEND is not set
    - bonding: Fix memory leak when changing bond type to Ethernet
    - net: rpl: fix rpl header size calculation
    - mlxsw: pci: Fix possible crash during initialization
    - spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
    - bpf: Fix incorrect verifier pruning due to missing register precision taints
    - net: dsa: microchip: ksz8795: Correctly handle huge frame configuration
    - bnxt_en: fix free-runnig PHC mode
    - e1000e: Disable TSO on i219-LM card to increase speed
    - net: bridge: switchdev: don't notify FDB entries with "master dynamic"
    - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
    - platform/x86/intel: vsec: Fix a memory leak in intel_vsec_add_aux
    - platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
    - selftests: sigaltstack: fix -Wuninitialized
    - scsi: megaraid_sas: Fix fw_crash_buffer_show()
    - scsi: core: Improve scsi_vpd_inquiry() checks
    - net: dsa: b53: mmap: add phy ops
    - platform/x86: gigabyte-wmi: add support for B650 AORUS ELITE AX
    - s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
    - drm: buddy_allocator: Fix buddy allocator init on 32-bit systems
    - drm: test: Fix 32-bi