Package "linux-image-unsigned-6.5.0-1027-oem"

  linux-oem-6.5 (6.5.0-1020.21) jammy; urgency=medium

  * jammy/linux-oem-6.5: 6.5.0-1020.21 -proposed tracker (LP: #2059705)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - debian.oem/dkms-versions -- update from kernel-versions (main/s2024.03.04)

  * Support USB serial port for Dell DW5826e WWAN (LP: #2058452)
    - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e

  [ Ubuntu: 6.5.0-28.29 ]

  * mantic/linux: 6.5.0-28.29 -proposed tracker (LP: #2059706)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis
  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode
  * Mantic update: upstream stable patchset 2024-03-27 (LP: #2059284) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot
  * CVE-2024-26581
    - netfilter: nft_set_rbtree: skip end interval element from gc
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
  * Mantic update: upstream stable patchset 2024-03-07 (LP: #2056403) //
    CVE-2024-26591
    - bpf: Fix re-attachment branch in bpf_tracing_prog_attach
  * iwlwifi disconnect and crash - intel wifi7 (LP: #2058808)
    - wifi: iwlwifi: pcie: fix RB status reading

 -- Timo Aaltonen <email address hidden> Wed, 03 Apr 2024 16:18:18 +0300

  linux-oem-6.5 (6.5.0-1019.20) jammy; urgency=medium

  * jammy/linux-oem-6.5: 6.5.0-1019.20 -proposed tracker (LP: #2055583)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - debian.oem/dkms-versions -- update from kernel-versions (main/2024.03.04)

  [ Ubuntu: 6.5.0-27.28 ]

  * mantic/linux: 6.5.0-27.28 -proposed tracker (LP: #2055584)
  * Packaging resync (LP: #1786013)
    - [Packaging] drop ABI data
    - [Packaging] update annotations scripts
    - debian.master/dkms-versions -- update from kernel-versions (main/2024.03.04)
  * CVE-2024-26597
    - net: qualcomm: rmnet: fix global oob in rmnet_policy
  * CVE-2024-26599
    - pwm: Fix out-of-bounds access in of_pwm_single_xlate()
  * Drop ABI checks from kernel build (LP: #2055686)
    - [Packaging] Remove in-tree abi checks
  * Cranky update-dkms-versions rollout (LP: #2055685)
    - [Packaging] remove update-dkms-versions
    - Move debian/dkms-versions to debian.master/dkms-versions
    - [Packaging] Replace debian/dkms-versions with $(DEBIAN)/dkms-versions
  * linux: please move erofs.ko (CONFIG_EROFS for EROFS support) from linux-
    modules-extra to linux-modules (LP: #2054809)
    - UBUNTU [Packaging]: Include erofs in linux-modules instead of linux-modules-
      extra
  * performance: Scheduler: ratelimit updating of load_avg (LP: #2053251)
    - sched/fair: Ratelimit update to tg->load_avg
  * IB peer memory feature regressed in 6.5 (LP: #2055082)
    - SAUCE: RDMA/core: Introduce peer memory interface
  * linux-tools-common: man page of usbip[d] is misplaced (LP: #2054094)
    - [Packaging] rules: Put usbip manpages in the correct directory
  * CVE-2024-23851
    - dm: limit the number of targets and parameter size area
  * CVE-2024-23850
    - btrfs: do not ASSERT() if the newly created subvolume already got read
  * x86: performance: tsc: Extend watchdog check exemption to 4-Sockets platform
    (LP: #2054699)
    - x86/tsc: Extend watchdog check exemption to 4-Sockets platform
  * linux: please move dmi-sysfs.ko (CONFIG_DMI_SYSFS for SMBIOS support) from
    linux-modules-extra to linux-modules (LP: #2045561)
    - [Packaging] Move dmi-sysfs.ko into linux-modules
  * Fix AMD brightness issue on AUO panel (LP: #2054773)
    - drm/amdgpu: make damage clips support configurable
  * Mantic update: upstream stable patchset 2024-02-28 (LP: #2055199)
    - f2fs: explicitly null-terminate the xattr list
    - pinctrl: lochnagar: Don't build on MIPS
    - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
    - mptcp: fix uninit-value in mptcp_incoming_options
    - wifi: cfg80211: lock wiphy mutex for rfkill poll
    - wifi: avoid offset calculation on NULL pointer
    - wifi: mac80211: handle 320 MHz in ieee80211_ht_cap_ie_to_sta_ht_cap
    - debugfs: fix automount d_fsdata usage
    - nvme-core: fix a memory leak in nvme_ns_info_from_identify()
    - drm/amd/display: update dcn315 lpddr pstate latency
    - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
    - smb: client, common: fix fortify warnings
    - blk-mq: don't count completed flush data request as inflight in case of
      quiesce
    - nvme-core: check for too small lba shift
    - hwtracing: hisi_ptt: Handle the interrupt in hardirq context
    - hwtracing: hisi_ptt: Don't try to attach a task
    - ASoC: wm8974: Correct boost mixer inputs
    - arm64: dts: rockchip: fix rk356x pcie msg interrupt name
    - ASoC: Intel: Skylake: Fix mem leak in few functions
    - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
      __be16
    - ASoC: Intel: Skylake: mem leak in skl register function
    - ASoC: cs43130: Fix the position of const qualifier
    - ASoC: cs43130: Fix incorrect frame delay configuration
    - ASoC: rt5650: add mutex to avoid the jack detection failure
    - ASoC: Intel: skl_hda_dsp_generic: Drop HDMI routes when HDMI is not
      available
    - nouveau/tu102: flush all pdbs on vmm flush
    - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13
    - ASoC: hdac_hda: Conditionally register dais for HDMI and Analog
    - net/tg3: fix race condition in tg3_reset_task()
    - ASoC: da7219: Support low DC impedance headset
    - nvme: introduce helper function to get ctrl state
    - nvme: prevent potential spectre v1 gadget
    - arm64: dts: rockchip: Fix PCI node addresses on rk3399-gru
    - drm/amdgpu: Add NULL checks for function pointers
    - drm/exynos: fix a potential error pointer dereference
    - drm/exynos: fix a wrong error checking
    - hwmon: (corsair-psu) Fix probe when built-in
    - LoongArch: Preserve syscall nr across execve()
    - clk: rockchip: rk3568: Add PLL rate for 292.5MHz
    - clk: rockchip: rk3128: Fix HCLK_OTG gate register
    - jbd2: correct the printing of write_flags in jbd2_write_superblock()
    - jbd2: increase the journal IO's priority
    - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
    - neighbour: Don't let neigh_forced_gc() disable preemption for long
    - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events
    - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
    - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
    - tracing: Add size check when printing trace_marker output
    - stmmac: dwmac-loongson: drop useless check for compatible fallback
    - MIPS: dts: loongson: drop incorrect dwmac fallback compatible
    - tracing: Fix uaf issue when open the hist or hist_debug file
    - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
      NMI
    - Input: psmouse - enable Synaptics InterTouch for ThinkPad L14 G1
    - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
    - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
    - Input: i8042 - add nomux quirk for Acer P459-G2-M
    - s390/scm: fix virtual vs physical address confusion
    - ARC: fix spare error
    - wifi: iwlwifi: pcie: avoid a

  linux-oem-6.5 (6.5.0-1018.19) jammy; urgency=medium

  * jammy/linux-oem-6.5: 6.5.0-1018.19 -proposed tracker (LP: #2057967)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)

  * The screen brightness is unable to adjust on BOE panel DPN#R6FD8
    (LP: #2057430)
    - drm/amd/display: Re-add aux intercept disable delay generically for 2+
      LTTPRs
    - drm/amd/display: Clear dpcd_sink_ext_caps if not set
    - drm/amd/display: Add monitor patch for specific eDP
    - drm/amd/display: Add monitor patch for specific eDP

  * Mute/mic LEDs no function on some HP EliteBook (LP: #2057785)
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook

  * mtk_t7xx WWAN module fails to probe with: Invalid device status 0x1
    (LP: #2049358)
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: PCIe reset rescan"
    - Revert "UBUNTU: SAUCE: net: wwan: t7xx: Add AP CLDMA"
    - net: wwan: t7xx: Add AP CLDMA
    - wwan: core: Add WWAN fastboot port type
    - net: wwan: t7xx: Add sysfs attribute for device state machine
    - net: wwan: t7xx: Infrastructure for early port configuration
    - net: wwan: t7xx: Add fastboot WWAN port

  * Fix headphone mic detection issue on ALC897 (LP: #2056418)
    - SAUCE: ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
      ALC897 platform

  * Simplify kcontrol naming on Intel MTL platforms (LP: #2055866)
    - ASoC: dapm: Add a flag for not having widget name in kcontrol name
    - ASoC: SOF: topology: Add a token for dropping widget name in kcontrol name

  * Fix AMD brightness issue on AUO panel (LP: #2054773)
    - drm/amdgpu: make damage clips support configurable

  [ Ubuntu: 6.5.0-26.26 ]

  * mantic/linux: 6.5.0-26.26 -proposed tracker (LP: #2056049)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
    - debian/dkms-versions -- update from kernel-versions (main/s2024.02.05)
  * CVE-2024-26599
    - pwm: Fix out-of-bounds access in of_pwm_single_xlate()
  * CVE-2024-26597
    - net: qualcomm: rmnet: fix global oob in rmnet_policy
  * CVE-2024-1086
    - netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  * CVE-2024-1085
    - netfilter: nf_tables: check if catch-all set element is active in next
      generation

 -- Timo Aaltonen <email address hidden> Thu, 14 Mar 2024 22:22:07 +0200

  linux-oem-6.5 (6.5.0-1016.17) jammy; urgency=medium

  * jammy/linux-oem-6.5: 6.5.0-1016.17 -proposed tracker (LP: #2052039)

  * There is sound from the speakers and headphones at the same time on Oasis 14
    and 16 platforms (LP: #2054487)
    - ALSA: hda/realtek: add IDs for Dell dual spk platform

  [ Ubuntu: 6.5.0-25.25 ]

  * mantic/linux: 6.5.0-25.25 -proposed tracker (LP: #2052615)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2024.02.05)
  * [SRU][22.04.04]: mpi3mr driver update (LP: #2045233)
    - scsi: mpi3mr: Invoke soft reset upon TSU or event ack time out
    - scsi: mpi3mr: Update MPI Headers to version 3.00.28
    - scsi: mpi3mr: Add support for more than 1MB I/O
    - scsi: mpi3mr: WRITE SAME implementation
    - scsi: mpi3mr: Enhance handling of devices removed after controller reset
    - scsi: mpi3mr: Update driver version to 8.5.0.0.0
    - scsi: mpi3mr: Split off bus_reset function from host_reset
    - scsi: mpi3mr: Add support for SAS5116 PCI IDs
    - scsi: mpi3mr: Add PCI checks where SAS5116 diverges from SAS4116
    - scsi: mpi3mr: Increase maximum number of PHYs to 64 from 32
    - scsi: mpi3mr: Add support for status reply descriptor
    - scsi: mpi3mr: driver version upgrade to 8.5.0.0.50
    - scsi: mpi3mr: Refresh sdev queue depth after controller reset
    - scsi: mpi3mr: Clean up block devices post controller reset
    - scsi: mpi3mr: Block PEL Enable Command on Controller Reset and Unrecoverable
      State
    - scsi: mpi3mr: Fetch correct device dev handle for status reply descriptor
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-1
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-2
    - scsi: mpi3mr: Support for preallocation of SGL BSG data buffers part-3
    - scsi: mpi3mr: Update driver version to 8.5.1.0.0
  * The display becomes frozen after some time when a HDMI device is connected.
    (LP: #2049027)
    - drm/i915/dmc: Don't enable any pipe DMC events
  * Audio balancing setting doesn't work with the cirrus codec (LP: #2051050)
    - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
  * partproke is broken on empty loopback device (LP: #2049689)
    - block: Move checking GENHD_FL_NO_PART to bdev_add_partition()
  * CVE-2023-51780
    - atm: Fix Use-After-Free in do_vcc_ioctl
  * CVE-2023-6915
    - ida: Fix crash in ida_free when the bitmap is empty
  * Update Ubuntu.md (LP: #2051176)
    - [Packaging] update Ubuntu.md
  * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 /
    J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357)
    - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum
  * Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out
    (LP: #2036239)
    - ice: Add driver support for firmware changes for LAG
    - ice: alter feature support check for SRIOV and LAG
  * Mantic update: upstream stable patchset 2024-01-29 (LP: #2051584)
    - Upstream stable to v6.1.67, v6.6.6
    - vdpa/mlx5: preserve CVQ vringh index
    - hrtimers: Push pending hrtimers away from outgoing CPU earlier
    - i2c: designware: Fix corrupted memory seen in the ISR
    - netfilter: ipset: fix race condition between swap/destroy and kernel side
      add/del/test
    - zstd: Fix array-index-out-of-bounds UBSAN warning
    - tg3: Move the [rt]x_dropped counters to tg3_napi
    - tg3: Increment tx_dropped in tg3_tso_bug()
    - kconfig: fix memory leak from range properties
    - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
    - x86: Introduce ia32_enabled()
    - x86/coco: Disable 32-bit emulation by default on TDX and SEV
    - x86/entry: Convert INT 0x80 emulation to IDTENTRY
    - x86/entry: Do not allow external 0x80 interrupts
    - x86/tdx: Allow 32-bit emulation by default
    - dt: dt-extract-compatibles: Handle cfile arguments in generator function
    - dt: dt-extract-compatibles: Don't follow symlinks when walking tree
    - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code
    - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
    - platform/x86: wmi: Skip blocks with zero instances
    - ipv6: fix potential NULL deref in fib6_add()
    - octeontx2-pf: Add missing mutex lock in otx2_get_pauseparam
    - octeontx2-af: Check return value of nix_get_nixlf before using nixlf
    - hv_netvsc: rndis_filter needs to select NLS
    - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
    - r8152: Add RTL8152_INACCESSIBLE checks to more loops
    - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en()
    - mlxbf-bootctl: correctly identify secure boot with development keys
    - platform/mellanox: Add null pointer checks for devm_kasprintf()
    - platform/mellanox: Check devm_hwmon_device_register_with_groups() return
      value
    - arcnet: restoring support for multiple Sohard Arcnet cards
    - octeontx2-pf: consider both Rx and Tx packet stats for adaptive interrupt
      coalescing
    - net: stmmac: fix FPE events losing
    - xsk: Skip polling event check for unbound socket
    - octeontx2-af: fix a use-after-free in rvu_npa_register_reporters
    - i40e: Fix unexpected MFS warning message
    - iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero
    - tcp: fix mid stream window clamp.
    - ionic: fix snprintf format length warning
    - ionic: Fix dim work handling in split interrupt mode
    - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
    - net: atlantic: Fix NULL dereference of skb pointer in
    - net: hns: fix wrong head when modify the tx feature when sending packets
    - net: hns: fix fake link up on xge port
    - octeontx2-af: Adjust Tx credits when MCS external bypass is disabled
    - octeontx2-af: Fix mcs sa cam entries size
    - octeontx2-af: Fix mcs stats r

  linux-oem-6.5 (6.5.0-1015.16) jammy; urgency=medium

  * jammy/linux-oem-6.5: 6.5.0-1015.16 -proposed tracker (LP: #2052289)

  * Mute/mic LEDs no function on HP ZBook Power (LP: #2051846)
    - ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power

  * Sound: Add rtl quirk of M70-Gen5 (LP: #2051947)
    - ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5

  * Fix spurious wakeup caused by Cirque touchpad (LP: #2051896)
    - HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk
    - HID: i2c-hid: Renumber I2C_HID_QUIRK_ defines
    - HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend

  * There is sound from the speakers and headphones at the same time on one dell
    platform (LP: #2051334)
    - ALSA: hda/realtek - Add speaker pin verbtable for Dell dual speaker platform

  * black screen when wake up from s3 with AMD W7600 gfx (LP: #2051341)
    - drm/ttm: Reorder sys manager cleanup step

  * Mute/mic LEDs no function on HP ZBook (LP: #2049838)
    - ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook

  * Audio balancing setting doesn't work with the cirrus codec (LP: #2051050)
    - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models

  [ Ubuntu: 6.5.0-21.21 ]

  * mantic/linux: 6.5.0-21.21 -proposed tracker (LP: #2052603)
  * The display becomes frozen after some time when a HDMI device is connected.
    (LP: #2049027)
    - drm/i915/dmc: Don't enable any pipe DMC events
  * partproke is broken on empty loopback device (LP: #2049689)
    - block: Move checking GENHD_FL_NO_PART to bdev_add_partition()
  * CVE-2023-51781
    - appletalk: Fix Use-After-Free in atalk_ioctl
  * CVE-2023-51780
    - atm: Fix Use-After-Free in do_vcc_ioctl
  * CVE-2023-6915
    - ida: Fix crash in ida_free when the bitmap is empty
  * CVE-2024-0565
    - smb: client: fix OOB in receive_encrypted_standard()
  * CVE-2024-0582
    - io_uring: enable io_mem_alloc/free to be used in other parts
    - io_uring/kbuf: defer release of mapped buffer rings
  * CVE-2024-0646
    - net: tls, update curr on splice as well

 -- Timo Aaltonen <email address hidden> Tue, 13 Feb 2024 11:55:49 +0200