Package "linux-azure-6.5"

  linux-azure-6.5 (6.5.0-1024.25~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.5: 6.5.0-1024.25~22.04.1 -proposed tracker
    (LP: #2068322)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.azure-6.5/dkms-versions -- update from kernel-versions
      (main/2024.06.10)

  [ Ubuntu: 6.5.0-1024.25 ]

  * mantic/linux-azure: 6.5.0-1024.25 -proposed tracker (LP: #2068323)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * mantic/linux: 6.5.0-44.44 -proposed tracker (LP: #2068341)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.06.10)
  * Some DUTs can't boot up after installing the proposed kernel on Mantic
    (LP: #2061940)
    - SAUCE: Revert "x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat
      section"
    - SAUCE: Revert "x86/boot: Increase section and file alignment to 4k/512"
    - SAUCE: Revert "x86/boot: Split off PE/COFF .data section"
    - SAUCE: Revert "x86/boot: Drop PE/COFF .reloc section"
    - SAUCE: Revert "x86/boot: Construct PE/COFF .text section from assembler"
    - SAUCE: Revert "x86/boot: Derive file size from _edata symbol"
    - SAUCE: Revert "x86/boot: Define setup size in linker script"
    - SAUCE: Revert "x86/boot: Set EFI handover offset directly in header asm"
    - SAUCE: Revert "x86/boot: Grab kernel_info offset from zoffset header
      directly"
    - SAUCE: Revert "x86/boot: Drop redundant code setting the root device"
    - SAUCE: Revert "x86/boot: Drop references to startup_64"
    - SAUCE: Revert "x86/boot: Omit compression buffer from PE/COFF image memory
      footprint"
    - SAUCE: Revert "x86/boot: Remove the 'bugger off' message"
    - SAUCE: Revert "x86/efi: Drop alignment flags from PE section headers"
    - SAUCE: Revert "x86/efi: Drop EFI stub .bss from .data section"
  * CVE-2023-52880
    - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
  * i915 cannot probe successfully on HP ZBook Power 16 G11 (LP: #2067883)
    - drm/i915/mtl: Remove the 'force_probe' requirement for Meteor Lake
  * CVE-2024-26838
    - RDMA/irdma: Fix KASAN issue with tasklet
  * mtk_t7xx WWAN module fails to probe with: Invalid device status 0x1
    (LP: #2049358)
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: PCIe reset rescan"
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: Add AP CLDMA"
    - net: wwan: t7xx: Add AP CLDMA
    - wwan: core: Add WWAN fastboot port type
    - net: wwan: t7xx: Add sysfs attribute for device state machine
    - net: wwan: t7xx: Infrastructure for early port configuration
    - net: wwan: t7xx: Add fastboot WWAN port
  * TCP memory leak, slow network (arm64) (LP: #2045560)
    - net: make SK_MEMORY_PCPU_RESERV tunable
    - net: fix sk_memory_allocated_{add|sub} vs softirqs
  * CVE-2024-26923
    - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
    - af_unix: Fix garbage collector racing against connect()
  * Add support for Quectel EM160R-GL modem [1eac:100d] (LP: #2063399)
    - Add support for Quectel EM160R-GL modem
  * Add support for Quectel RM520N-GL modem [1eac:1007] (LP: #2063529)
    - Add support for Quectel RM520N-GL modem
    - Add support for Quectel RM520N-GL modem
  * [SRU][22.04.4]: megaraid_sas: Critical Bug Fixes (LP: #2046722)
    - scsi: megaraid_sas: Log message when controller reset is requested but not
      issued
    - scsi: megaraid_sas: Driver version update to 07.727.03.00-rc1
  * Fix the RTL8852CE BT FW Crash based on SER false alarm (LP: #2060904)
    - wifi: rtw89: disable txptctrl IMR to avoid flase alarm
    - wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of
      firmware command
  * CVE-2024-23307
    - md/raid5: fix atomicity violation in raid5_cache_count
  * CVE-2024-26889
    - Bluetooth: hci_core: Fix possible buffer overflow
  * CVE-2024-24861
    - media: xc4000: Fix atomicity violation in xc4000_get_frequency
  * CVE-2023-6270
    - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
  * CVE-2024-26642
    - netfilter: nf_tables: disallow anonymous set with timeout flag
  * CVE-2024-26926
    - binder: check offset alignment in binder_get_object()
  * CVE-2024-26922
    - drm/amdgpu: validate the parameters of bo mapping operations more clearly
  * CVE-2024-26803
    - net: veth: clear GRO when clearing XDP even when down
  * CVE-2024-26790
    - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
  * CVE-2024-26890
    - Bluetooth: hci_h5: Add ability to allocate memory for private data
    - Bluetooth: btrtl: fix out of bounds memory access
  * CVE-2024-26802
    - stmmac: Clear variable when destroying workqueue
  * CVE-2024-26798
    - fbcon: always restore the old font data in fbcon_do_set_font()
  * RTL8852BE fw security fail then lost WIFI function during suspend/resume
    cycle (LP: #2063096)
    - wifi: rtw89: download firmware with five times retry
  * Fix bluetooth connections with 3.0 device (LP: #2063067)
    - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
  * USB stick can't be detected (LP: #2040948)
    - usb: Disable USB3 LPM at shutdown
  * CVE-2024-26733
    - arp: Prevent overflow in arp_req_get().
  * CVE-2024-26736
    - afs: Increase buffer size in afs_update_volume_status()
  * CVE-2024-26792
    - btrfs: fix double free of anonymous device after snapshot creation failure
  * CVE-2024-26782
    - mptcp: fix double-free on socket dismantle
  * CVE-2024-26748
    - usb: cdns3: fix memory double free when handle zero packet
  * CVE-2024-26735
    - ipv6: sr: fix possible use-after-free and null-ptr-deref
  * CVE-2024-26789
    - crypto: arm64/neonbs - fix out-of-bounds access on short input
  * CVE-2024-26734
    - devlink: fix possible use-after-free and memory leaks in devlink_init()
  * The keyboard does not work after latest kernel update (LP: #2060727)
    - Input: atkbd - do not

  linux-azure-6.5 (6.5.0-1023.24~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.5: 6.5.0-1023.24~22.04.1 -proposed tracker
    (LP: #2068168)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 6.5.0-1023.24 ]

  * mantic/linux-azure: 6.5.0-1023.24 -proposed tracker (LP: #2068169)
  * Azure: net: mana: Fix Rx DMA datasize and skb_over_panic (LP: #2066992)
    - net: mana: Fix Rx DMA datasize and skb_over_panic
  * Azure: net: mana: Enable MANA driver on ARM64 with 4K page size
    (LP: #2066982)
    - net: mana: Enable MANA driver on ARM64 with 4K page size
  * mantic/linux: 6.5.0-42.42 -proposed tracker (LP: #2068188)
  * CVE-2024-26925
    - netfilter: nf_tables: release batch on table validation from abort path
    - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element
  * CVE-2024-26809
    - netfilter: nft_set_pipapo: release elements in clone only from destroy path
  * Mantic update: upstream stable patchset 2024-04-02 (LP: #2059991) //
    CVE-2024-26809
    - netfilter: nft_set_pipapo: store index in scratch maps
    - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
    - netfilter: nft_set_pipapo: remove scratch_aligned pointer
  * CVE-2024-26643
    - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
      timeout
  * mantic/linux: 6.5.0-41.41 -proposed tracker (LP: #2065893)
  * CVE-2024-21823
    - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
    - dmaengine: idxd: add a new security check to deal with a hardware erratum
    - dmaengine: idxd: add a write() method for applications to submit work

 -- Tim Gardner <email address hidden> Wed, 12 Jun 2024 11:54:53 -0700

  linux-azure-6.5 (6.5.0-1022.23~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.5: 6.5.0-1022.23~22.04.1 -proposed tracker
    (LP: #2063692)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 6.5.0-1022.23 ]

  * mantic/linux-azure: 6.5.0-1022.23 -proposed tracker (LP: #2063693)
  * Azure: Fix hibernation failure (LP: #2064740)
    - drm: Check output polling initialized before disabling
    - drm: Check polling initialized before enabling in
      drm_helper_probe_single_connector_modes
  * mantic/linux: 6.5.0-40.40 -proposed tracker (LP: #2063709)
  * [Mantic] Compile broken on armhf (cc1 out of memory) (LP: #2060446)
    - Revert "minmax: relax check to allow comparison between unsigned arguments
      and signed constants"
    - Revert "minmax: allow comparisons of 'int' against 'unsigned char/short'"
    - Revert "minmax: allow min()/max()/clamp() if the arguments have the same
      signedness."
    - Revert "minmax: add umin(a, b) and umax(a, b)"
  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script
  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284)
    - asm-generic: make sparse happy with odd-sized put_unaligned_*()
    - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
    - arm64: irq: set the correct node for VMAP stack
    - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
    - powerpc: Fix build error due to is_valid_bugaddr()
    - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
    - powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping()
    - x86/boot: Ignore NMIs during very early boot
    - powerpc: pmd_move_must_withdraw() is only needed for
      CONFIG_TRANSPARENT_HUGEPAGE
    - powerpc/lib: Validate size for vector operations
    - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
    - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
      sysfs file
    - debugobjects: Stop accessing objects after releasing hash bucket lock
    - regulator: core: Only increment use_count when enable_count changes
    - audit: Send netlink ACK before setting connection in auditd_set
    - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
    - PNP: ACPI: fix fortify warning
    - ACPI: extlog: fix NULL pointer dereference check
    - ACPI: NUMA: Fix the logic of getting the fake_pxm value
    - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
    - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
      events
    - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
    - jfs: fix array-index-out-of-bounds in dbAdjTree
    - pstore/ram: Fix crash when setting number of cpus to an odd number
    - crypto: octeontx2 - Fix cptvf driver cleanup
    - erofs: fix ztailpacking for subpage compressed blocks
    - crypto: stm32/crc32 - fix parsing list of devices
    - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
    - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
    - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
    - jfs: fix array-index-out-of-bounds in diNewExt
    - arch: consolidate arch_irq_work_raise prototypes
    - s390/vfio-ap: fix sysfs status attribute for AP queue devices
    - s390/ptrace: handle setting of fpc register correctly
    - KVM: s390: fix setting of fpc register
    - SUNRPC: Fix a suspicious RCU usage warning
    - ecryptfs: Reject casefold directory inodes
    - ext4: fix inconsistent between segment fstrim and full fstrim
    - ext4: unify the type of flexbg_size to unsigned int
    - ext4: remove unnecessary check from alloc_flex_gd()
    - ext4: avoid online resizing failures due to oversized flex bg
    - wifi: rt2x00: restart beacon queue when hardware reset
    - selftests/bpf: satisfy compiler by having explicit return in btf test
    - selftests/bpf: Fix pyperf180 compilation failure with clang18
    - wifi: rt2x00: correct wrong BBP register in RxDCOC calibration
    - selftests/bpf: Fix issues in setup_classid_environment()
    - soc: xilinx: Fix for call trace due to the usage of smp_processor_id()
    - soc: xilinx: fix unhandled SGI warning message
    - scsi: lpfc: Fix possible file string name overflow when updating firmware
    - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
    - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
    - net: usb: ax88179_178a: avoid two consecutive device resets
    - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
    - ARM: dts: imx7d: Fix coresight funnel ports
    - ARM: dts: imx7s: Fix lcdif compatible
    - ARM: dts: imx7s: Fix nand-controller #size-cells
    - wifi: ath9k: Fix potential array-index-out-of-bounds read in
      ath9k_htc_txstatus()
    - wifi: ath11k: fix race due to setting ATH11K_FLAG_EXT_IRQ_ENABLED too early
    - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
    - scsi: libfc: Don't schedule abort twice
    - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
    - bpf: Set uattr->batch.count as zero before batched update or deletion
    - wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
    - ARM: dts: rockchip: fix rk3036 hdmi ports node
    - ARM: dts: imx25/27-eukrea: Fix RTC node name
    - ARM: dts: imx: Use flash@0,0 pattern
    - ARM: dts: imx27: Fix sram node
    - ARM: dts: imx1: Fix sram node
    - net: phy: at803x: fix passing the wrong reference for config_intr
    - ionic: pass opcode to devcmd_wait
    - ionic: bypass firmware cmds when stuck in reset
    - block/rnbd-srv: Check for unlikely string overflow
    - ARM: dts: imx25: Fix the iim compatible string
    - ARM: dts: imx25/27: Pass timing0
    - ARM: dts

  linux-azure-6.5 (6.5.0-1021.22~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.5: 6.5.0-1021.22~22.04.1 -proposed tracker
    (LP: #2063561)

  [ Ubuntu: 6.5.0-1021.22 ]

  * mantic/linux-azure: 6.5.0-1021.22 -proposed tracker (LP: #2063562)
  * mantic/linux: 6.5.0-35.35 -proposed tracker (LP: #2063581)
  * cifs: Copying file to same directory results in page fault (LP: #2060919)
    - SAUCE: Revert "cifs: fix flushing folio regression for 6.1 backport"
  * CVE-2024-26805
    - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
  * CVE-2024-26801
    - Bluetooth: Avoid potential use-after-free in hci_error_reset
  * CVE-2024-26704
    - ext4: fix double-free of blocks due to wrong extents moved_len
  * CVE-2023-52601
    - jfs: fix array-index-out-of-bounds in dbAdjTree
  * CVE-2024-26635
    - llc: Drop support for ETH_P_TR_802_2.
  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()
  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create
  * CVE-2024-52615
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
  * CVE-2024-52602
    - jfs: fix slab-out-of-bounds Read in dtSearch
  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
  * CVE-2024-2201
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)

  linux-azure-6.5 (6.5.0-1019.20~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.5: 6.5.0-1019.20~22.04.1 -proposed tracker
    (LP: #2059687)

  [ Ubuntu: 6.5.0-1019.20 ]

  * mantic/linux-azure: 6.5.0-1019.20 -proposed tracker (LP: #2059688)
  * mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26591
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  * iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
    - wifi: iwlwifi: pcie: fix RB status reading