Package "linux-xilinx-zynqmp"

  linux-xilinx-zynqmp (5.15.0-1038.42) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1038.42 -proposed tracker (LP: #2082998)

  [ Ubuntu: 5.15.0-125.135 ]

  * jammy/linux: 5.15.0-125.135 -proposed tracker (LP: #2083001)
  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption
  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround
  * Jammy update: v5.15.167 upstream stable release (LP: #2081279)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown
    - ALSA: hda/conexant: Mute speakers at suspend / shutdown
    - i2c: Fix conditional for substituting empty ACPI functions
    - dma-debug: avoid deadlock between dma debug vs printk and netconsole
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amd/display: Assign linear_pitch_alignment even for VM
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc
    - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr
    - drm/amd/pm: fix warning using uninitialized value of max_vid_step
    - drm/amd/pm: fix the Out-of-bounds read warning
    - drm/amdgpu: fix uninitialized scalar variable warning
    - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr
    - drm/amdgpu: avoid reading vf2pf info size from FB
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Add array index check for hdcp ddc access
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Check msg_id before processing transcation
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amd/amdgpu: Check tbo resource pointer
    - drm/amdgpu/pm: Fix uninitialized variable warning for smu10
    - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response
    - drm/amdgpu: Fix out-of-bounds write warning
    - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
      SOCs
    - drm/amdgpu: fix the waring dereferencing hive
    - drm/amd/pm: check specific index for aldebaran
    - drm/amdgpu: the warning dereferencing obj for nbio_v7_4
    - drm/amd/pm: check negtive return for table entries
    - drm/amdgpu: update type of buf size to u32 for eeprom functions
    - wifi: iwlwifi: remove fw_running op
    - cpufreq: scmi: Avoid overflow of target_freq in fast switch
    - PCI: al: Check IORESOURCE_BUS existence during probe
    - hwspinlock: Introduce hwspin_lock_bust()
    - RDMA/efa: Properly handle unexpected AQ completions
    - ionic: fix potential irq name truncation
    - rcu/nocb: Remove buggy bypass lock contention mitigation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - fsnotify: clear PARENT_WATCHED flags lazily
    - smack: tcp: ipv4, fix incorrect labeling
    - drm/meson: plane: Add error handling
    - drm/bridge: tc358767: Check if fully initialized before signalling HPD event
      via IRQ
    - wifi: cfg80211: make hash table duplicates more survivable
    - block: remove the blk_flush_integrity call in blk_integrity_unregister
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
    - virtio_net: Fix napi_skb_cache_put warning
    - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
    - ext4: reject casefold inode flag without casefold feature
    - udf: Limit file size to 4TB
    - ext4: handle redirtying in ext4_bio_write_page()
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
    - KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM support is missing
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ALSA: hda/realtek: add patch for internal mic in Lenovo V145
    - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - rtmutex: Drop rt_mutex::wait_lock before scheduling
    - nvme-pci: Add sleep quirk for Samsung 990 Evo
    - Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
    - Bluetooth: MGMT: Ignore keys being loaded with invalid type
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - mmc: cqhci: Fix checking of CQHCI_HALT state
    - fuse: update stats for pages in dropped aux writeback list
    - fuse: use unsigned type for getxattr/listxattr size truncation
    - clk: qcom: clk-alpha-pll: Fix the pll post div mask
    - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API
    - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open
    - tracing: Avoid possible softlockup in tracing_iter_reset()
    - ila: call nf_unregister_net_hooks() sooner
   

  linux-xilinx-zynqmp (5.15.0-1037.41) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1037.41 -proposed tracker (LP: #2082173)

  [ Ubuntu: 5.15.0-124.134 ]

  * jammy/linux: 5.15.0-124.134 -proposed tracker (LP: #2082176)
  * CVE-2024-45016
    - netem: fix return value if duplicate enqueue fails
  * CVE-2024-38630
    - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
  * CVE-2024-27397
    - netfilter: nf_tables: use timestamp to check for set element timeout

 -- Portia Stephens <email address hidden> Fri, 04 Oct 2024 08:16:14 +1000

  linux-xilinx-zynqmp (5.15.0-1036.40) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1036.40 -proposed tracker (LP: #2078151)

  [ Ubuntu: 5.15.0-122.132 ]

  * jammy/linux: 5.15.0-122.132 -proposed tracker (LP: #2078154)
  * isolcpus are ignored when using cgroups V2, causing processes to have wrong
    affinity (LP: #2076957)
    - cgroup/cpuset: Optimize cpuset_attach() on v2
  * Jammy update: v5.15.164 upstream stable release (LP: #2076100) //
    CVE-2024-41009
    - bpf: Fix overrunning reservations in ringbuf
  * CVE-2024-39494
    - ima: Fix use-after-free on a dentry's dname.name
  * CVE-2024-39496
    - btrfs: zoned: fix use-after-free due to race with dev replace
  * CVE-2024-42160
    - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
    - f2fs: Add inline to f2fs_build_fault_attr() stub
  * CVE-2024-38570
    - gfs2: Rename sd_{ glock => kill }_wait
    - gfs2: Fix potential glock use-after-free on unmount
  * CVE-2024-42228
    - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
  * CVE-2024-27012
    - netfilter: nf_tables: restore set elements when delete set fails
  * CVE-2024-26677
    - rxrpc: Fix delayed ACKs to not set the reference serial number

 -- Roxana Nicolescu <email address hidden> Tue, 03 Sep 2024 14:32:49 +0200

  linux-xilinx-zynqmp (5.15.0-1035.39) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1035.39 -proposed tracker (LP: #2077835)

  * Backport ps uart RS485 driver (LP: #2055237)
    - dt-bindings: serial: cdsn,uart: add power-domains
    - dt-bindings: Add reference to rs485.yaml
    - serial: Store character timing information to uart_port
    - serial: take termios_rwsem for ->rs485_config() & pass termios as param
    - tty: serial: uartps: Relocate cdns_uart_tx_empty to facilitate rs485
    - tty: serial: uartps: Add rs485 support to uartps driver
    - dt-bindings: serial: cdns,uart: Add optional reset property
    - arm64: zynqmp: Add resets property for UART nodes
    - tty: serial: uartps: Add support for uartps controller reset
    - SAUCE: dts: zynqmp-sck-kd-g-revA: Enable uart0 for KD240
    - SAUCE: arm64: zynqmp: dts: Add required properties for rs485 support for
      KD240
    - SAUCE: arm64: zynqmp: dts: Add rts delay property for rs485 mode on KD240
    - serial: 8250: Document termios parameter of serial8250_em485_config()
    - serial: fix TIOCSRS485 locking

 -- Portia Stephens <email address hidden> Mon, 26 Aug 2024 09:21:51 +1000

  linux-xilinx-zynqmp (5.15.0-1031.35) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1031.35 -proposed tracker (LP: #2068238)

  [ Ubuntu: 5.15.0-113.123 ]

  * jammy/linux: 5.15.0-113.123 -proposed tracker (LP: #2068242)
  * CVE-2024-26924
    - netfilter: nft_set_pipapo: do not free live element
  * CVE-2024-26643
    - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
      timeout

 -- Portia Stephens <email address hidden> Fri, 14 Jun 2024 09:20:22 +1000