Package "linux-hwe-6.8"

  linux-hwe-6.8 (6.8.0-87.88~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-87.88~22.04.1 -proposed tracker (LP: #2127434)

  [ Ubuntu: 6.8.0-87.88 ]

  * noble/linux: 6.8.0-87.88 -proposed tracker (LP: #2127436)
  * CVE-2025-37838
    - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol
      Driver Due to Race Condition
  * VMSCAPE CVE-2025-40300 (LP: #2124105) // CVE-2025-40300
    - Documentation/hw-vuln: Add VMSCAPE documentation
    - x86/vmscape: Enumerate VMSCAPE bug
    - x86/vmscape: Add conditional IBPB mitigation
    - x86/vmscape: Enable the mitigation
    - x86/bugs: Move cpu_bugs_smt_update() down
    - x86/vmscape: Warn when STIBP is disabled with SMT
    - x86/vmscape: Add old Intel CPUs to affected list
  * VMSCAPE CVE-2025-40300 (LP: #2124105)
    - [Config] Enable MITIGATION_VMSCAPE config
  * CVE-2025-38352
    - posix-cpu-timers: fix race between handle_posix_cpu_timers() and
      posix_cpu_timer_del()
  * CVE-2025-38118
    - Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
    - Bluetooth: MGMT: Fix sparse errors

 -- Stefan Bader <email address hidden> Tue, 14 Oct 2025 14:24:29 +0200

  linux-hwe-6.8 (6.8.0-86.87~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-86.87~22.04.1 -proposed tracker (LP: #2125389)

  [ Ubuntu: 6.8.0-86.87 ]

  * noble/linux: 6.8.0-86.87 -proposed tracker (LP: #2125391)
    - Fix FTBS caused by incorrect pick/backport of
      "perf dso: fix dso__is_kallsyms() check"
  * noble ubuntu_ftrace_smoke_test:mmiotrace timeout on aws:r5.metal
    (LP: #2121673)
    - mm: memcg: add NULL check to obj_cgroup_put()
    - memcg: drain obj stock on cpu hotplug teardown
  * [25.04 FEAT] [post announcement] [KRN2304] CPU-MF Counters for new IBM Z
    hardware - perf part (LP: #2103415)
    - perf list: Add IBM z17 event descriptions
  * memory leaks when configuring a small rate limit in audit (LP: #2122554)
    - audit: fix skb leak when audit rate limit is exceeded
  * [UBUNTU 24.04] PAI/NNPA support for new IBM z17 (LP: #2121956)
    - s390/pai: export number of sysfs attribute files
    - s390/pai_crypto: Add support for MSA 10 and 11 pai counters
    - s390/pai_ext: Update PAI extension 1 counters
  * [UBUNTU 24.04] s390/pci: Don't abort recovery for user-space drivers
    (LP: #2121150)
    - s390/pci: Allow automatic recovery with minimal driver support
  * [UBUNTU 24.04] s390/pci: Fix stale function handles in error handling
    (LP: #2121149)
    - s390/pci: Fix stale function handles in error handling
    - s390/pci: Do not try re-enabling load/store if device is disabled
  * [UBUNTU 24.04] vfio/pci: fix 8-byte PCI loads and stores (LP: #2121146)
    - vfio/pci: Extract duplicated code into macro
    - vfio/pci: Support 8-byte PCI loads and stores
    - vfio/pci: Fix typo in macro to declare accessors
  * x86 systems with PCIe BAR addresses located outside a certain range see
    P2PDMA allocation failures and CUDA initialization errors (LP: #2120209)
    - x86/kaslr: Reduce KASLR entropy on most x86 systems
    - x86/mm/init: Handle the special case of device private pages in
      add_pages(), to not increase max_pfn and trigger
      dma_addressing_limited() bounce buffers
  * sources list generation using dwarfdump takes up to 0.5hr in build process
    (LP: #2104911)
    - [Packaging] Don't generate list of source files
  * [SRU] Apparmor: Unshifted uids for hardlinks and unix sockets in user
    namespaces (LP: #2121257)
    - apparmor: shift ouid when mediating hard links in userns
    - apparmor: shift uid when mediating af_unix in userns
  * UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:452:16
    (LP: #2119713)
    - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
  * [IdeaPad Slim 5 13ARP10 , 83J2] Microphone on AMD Ryzen 7 7735HS does not
    work (LP: #2102749)
    - ASoC: amd: yc: update quirk data for new Lenovo model
  * Fix compilation failure because of incomplete backport (LP: #2120561)
    - SAUCE: netfilter: ctnetlink: Fix -Wuninitialized in
      ctnetlink_secctx_size()
  * Noble update: upstream stable patchset 2025-09-01 (LP: #2121716)
    - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test
    - cpufreq: scpi: compare kHz instead of Hz
    - smack: dont compile ipv6 code unless ipv6 is configured
    - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update()
    - EDAC/{skx_common,i10nm}: Fix some missing error reports on Emerald
      Rapids
    - x86/fpu: Fix guest FPU state buffer allocation size
    - x86/fpu: Avoid copying dynamic FP state from init_task in
      arch_dup_task_struct()
    - x86/platform: Only allow CONFIG_EISA for 32-bit
    - [Config] updateconfigs after disabling CONFIG_EISA for amd64
    - x86/sev: Add missing RIP_REL_REF() invocations during sme_enable()
    - lockdep/mm: Fix might_fault() lockdep check of current->mm->mmap_lock
    - PM: sleep: Adjust check before setting power.must_resume
    - RISC-V: KVM: Disable the kernel perf counter during configure
    - selinux: Chain up tool resolving errors in install_policy.sh
    - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer
    - EDAC/ie31200: Fix the DIMM size mask for several SoCs
    - EDAC/ie31200: Fix the error path order of ie31200_init()
    - PM: sleep: Fix handling devices with direct_complete set on errors
    - lockdep: Don't disable interrupts on RT in
      disable_irq_nosync_lockdep.*()
    - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll
    - x86/traps: Make exc_double_fault() consistently noreturn
    - x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures
    - media: verisilicon: HEVC: Initialize start_bit field
    - media: platform: allgro-dvt: unregister v4l2_device on the error path
    - platform/x86: dell-ddv: Fix temperature calculation
    - ASoC: cs35l41: check the return value from spi_setup()
    - HID: remove superfluous (and wrong) Makefile entry for
      CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER
    - dt-bindings: vendor-prefixes: add GOcontroll
    - ALSA: hda/realtek: Always honor no_shutup_pins
    - ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio
      compatible
    - drm/bridge: ti-sn65dsi86: Fix multiple instances
    - drm/dp_mst: Fix drm RAD print
    - drm: xlnx: zynqmp: Fix max dma segment size
    - PCI: Use downstream bridges for distributing resources
    - drm/mediatek: mtk_hdmi: Unregister audio platform device on failure
    - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member
    - drm/msm/dpu: don't use active in atomic_check()
    - drm/msm/dsi: Use existing per-interface slice count in DSC timing
    - drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host
    - drm/amdkfd: Fix Circular Locking Dependency in
      'svm_range_cpu_invalidate_pagetables'
    - PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data
      payload
    - PCI: brcmstb: Use internal register to change link capability
    - PCI: brcmstb: Fix potential premature regulator disabling
    - PCI/portdrv: Only disable pciehp interrupts early when needed
    - drm/amd/display: fix type

  linux-hwe-6.8 (6.8.0-85.85~22.04.1) jammy; urgency=medium

  * jammy/linux-hwe-6.8: 6.8.0-85.85~22.04.1 -proposed tracker (LP: #2125107)

  [ Ubuntu: 6.8.0-85.85 ]

  * noble/linux: 6.8.0-85.85 -proposed tracker (LP: #2125109)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * CVE-2025-38500
    - xfrm: interface: fix use-after-free after changing collect_md xfrm
      interface
  * TLS socket disconnection causes various issues (LP: #2120516) //
    CVE-2025-37756
    - net: tls: explicitly disallow disconnect
  * CVE-2025-38477
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class
  * CVE-2025-38618
    - vsock: Do not allow binding to VMADDR_PORT_ANY
  * CVE-2025-38617
    - net/packet: fix a race in packet_set_ring() and packet_notifier()
  * CVE-2025-37785
    - ext4: fix OOB read when checking dotdot dir

 -- Stefan Bader <email address hidden> Fri, 19 Sep 2025 16:46:01 +0200

  linux-hwe-6.8 (6.8.0-84.84~22.04.1) jammy; urgency=medium

  [ Ubuntu: 6.8.0-84.84 ]

  * Linux refcount imbalance in af_unix subsystem (LP: #2121515)
    - SAUCE: af_unix: Fix GC compatibility with upstream OOB refcount changes

  linux-hwe-6.8 (6.8.0-83.83~22.04.1) jammy; urgency=medium

  [ Ubuntu: 6.8.0-83.83 ]

  * Linux refcount imbalance in af_unix subsystem (LP: #2121515)
    - SAUCE: af_unix: Fix GC compatibility with upstream OOB refcount changes
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

 -- Manuel Diewald <email address hidden> Tue, 09 Sep 2025 18:21:54 +0200