Package "linux"

  linux (6.8.0-57.59) noble; urgency=medium

  * noble/linux: 6.8.0-57.59 -proposed tracker (LP: #2102490)

  * CVE-2024-57798
    - drm/dp_mst: Ensure mst_primary pointer is valid in
      drm_dp_mst_handle_up_req()

  * CVE-2024-56672
    - blk-cgroup: Fix UAF in blkcg_unpin_online()

  * CVE-2024-56658
    - net: defer final 'struct net' free in netns dismantle

  * CVE-2024-56598
    - jfs: array-index-out-of-bounds fix in dtReadFirst

  * CVE-2024-56595
    - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree

  * CVE-2024-53140
    - netlink: terminate outstanding dump on socket close

  * CVE-2024-53063
    - media: dvbdev: prevent the risk of out of memory access

  * CVE-2024-50302
    - HID: core: zero-initialize the report buffer

 -- Manuel Diewald <email address hidden> Fri, 14 Mar 2025 18:48:06 +0100

  linux (6.8.0-56.58) noble; urgency=medium

  * noble/linux: 6.8.0-56.58 -proposed tracker (LP: #2098244)

  * Noble update: upstream stable patchset 2024-07-19 (LP: #2073603)
    - Revert "drm: Make drivers depends on DRM_DW_HDMI"
    - Revert "UBUNTU: [Config] Drivers now depend on DRM_DW_HDMI"

  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (LP: #2098080)
    - drm/amd/display: Add check for granularity in dml ceil/floor helpers

  * optimized default EPP for GNR family (LP: #2097554)
    - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids

  * Incorrect LAPIC/x2APIC parsing order (LP: #2097455)
    - x86/acpi: Fix LAPIC/x2APIC parsing order

  * MGLRU: page allocation failure on NUMA-enabled systems (LP: #2097214)
    - mm/vmscan: wake up flushers conditionally to avoid cgroup OOM

  * Upstream commit 65357e2c164a: "RDMA/mana_ib: set node_guid" applied
    incorrectly (LP: #2096885)
    - Revert "RDMA/mana_ib: set node_guid"

  * AppArmor early policy load not funcitoning (LP: #2095370)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [67/90]: userns - add the
      ability to reference a global variable for a feature value"

  * apparmor unconfined profile blocks pivot_root (LP: #2067900)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy
      uses of unconfined() to label_mediates()"

  * CVE-2024-50117
    - drm/amd: Guard against bad data for ATIF ACPI method

  * CVE-2024-56582
    - btrfs: fix use-after-free in btrfs_encoded_read_endio()

  * CVE-2024-53165
    - sh: intc: Fix use-after-free bug in register_intc_controller()

  * CVE-2024-53156
    - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()

  * CVE-2024-56663
    - wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one

  * CVE-2024-56614
    - xsk: fix OOB map writes when deleting elements

  * VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
    (LP: #2097389)
    - PCI: Batch BAR sizing operations

  * Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
    - Revert "PCI/MSI: Provide stubs for IMS functions"
    - gfs2: Revert "introduce qd_bh_get_or_undo"
    - gfs2: qd_check_sync cleanups
    - gfs2: Revert "ignore negated quota changes"
    - Revert "powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2"
    - tracing: Have saved_cmdlines arrays all in one allocation
    - spi: spi-fsl-lpspi: remove redundant spi_controller_put call
    - ata: ahci: Add mask_port_map module parameter
    - ASoC: tas2781: mark dvc_tlv with __maybe_unused
    - scsi: sd: Do not repeat the starting disk message
    - bootconfig: Fix the kerneldoc of _xbc_exit()
    - perf sched: Move start_work_mutex and work_done_wait_mutex initialization to
      perf_sched__replay()
    - perf sched: Fix memory leak in perf_sched__map()
    - perf sched: Move curr_thread initialization to perf_sched__map()
    - perf sched: Move curr_pid and cpu_last_switched initialization to
      perf_sched__{lat|map|replay}()
    - libsubcmd: Don't free the usage string
    - selftests: Introduce Makefile variable to list shared bash scripts
    - jbd2: fix kernel-doc for j_transaction_overhead_buffers
    - lib/build_OID_registry: avoid non-destructive substitution for Perl < 5.13.2
      compat
    - drm/amd/display: Remove a redundant check in authenticated_dp
    - drm/amd/display: Revert "Check HDCP returned status"
    - zram: don't free statically defined names
    - x86/amd_nb: Add new PCI IDs for AMD family 0x1a
    - rtnetlink: change nlk->cb_mutex role
    - rtnetlink: add RTNL_FLAG_DUMP_UNLOCKED flag
    - mpls: no longer hold RTNL in mpls_netconf_dump_devconf()
    - phonet: no longer hold RTNL in route_dumpit()
    - rcu/nocb: Make IRQs disablement symmetric
    - HID: asus: add ROG Ally N-Key ID and keycodes
    - HID: asus: add ROG Z13 lightbar
    - hid-asus: add ROG Ally X prod ID to quirk list
    - scsi: Revert "scsi: sd: Do not repeat the starting disk message"
    - btrfs: fix uninitialized pointer free in add_inode_ref()
    - btrfs: fix uninitialized pointer free on read_alloc_one_name() error
    - ksmbd: fix user-after-free from session log off
    - ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
    - mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
    - net: enetc: remove xdp_drops statistic from enetc_xdp_drop()
    - net: enetc: block concurrent XDP transmissions during ring reconfiguration
    - net: enetc: disable Tx BD rings after they are empty
    - net: enetc: disable NAPI after all rings are disabled
    - net: enetc: add missing static descriptor and inline keyword
    - posix-clock: Fix missing timespec64 check in pc_clock_settime()
    - udp: Compute L4 checksum as usual when not segmenting the skb
    - arm64: probes: Remove broken LDR (literal) uprobe support
    - arm64: probes: Fix simulate_ldr*_literal()
    - arm64: probes: Fix uprobes for big-endian kernels
    - net: macb: Avoid 20s boot delay by skipping MDIO bus registration for fixed-
      link PHY
    - net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
    - maple_tree: correct tree corruption on spanning store
    - nilfs2: propagate directory read errors from nilfs_find_entry()
    - fat: fix uninitialized variable
    - mm/mremap: fix move_normal_pmd/retract_page_tables race
    - mm/swapfile: skip HugeTLB pages for unuse_vma
    - mm/damon/tests/sysfs-kunit.h: fix memory leak in
      damon_sysfs_test_add_targets()
    - tcp: fix mptcp DSS corruption due to large pmtu xmit
    - net: fec: Move `fec_ptp_read()` to the top of the file
    - net: fec: Remove duplicated code
    - mptcp: prevent MPC handshake on port-based signal endpoints
    - iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices
    - s390/sclp: Deactivate sclp after all its users
    - s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
    - KVM: s390: ga

  linux (6.8.0-55.57) noble; urgency=medium

  * noble/linux: 6.8.0-55.57 -proposed tracker (LP: #2097981)

  * python perf module missing in realtime kernel (LP: #2089411)
    - [Packaging] linux-tools: Add missing python perf symlink
    - [Packaging] linux-tools: Fix python perf library packaging
    - [Packaging] linux-tools: Fall back to old python perf path

  * CVE-2024-53104
    - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
      uvc_parse_format

 -- Manuel Diewald <email address hidden> Wed, 12 Feb 2025 20:54:42 +0100

  linux (6.8.0-54.56) noble; urgency=medium

  * CVE-2025-0927
    - SAUCE: fs: hfs/hfsplus: add key_len boundary check to hfs_bnode_read_key

  linux (6.8.0-52.53) noble; urgency=medium

  * noble/linux: 6.8.0-52.53 -proposed tracker (LP: #2093521)

  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment

  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt

  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- Manuel Diewald <email address hidden> Fri, 10 Jan 2025 18:18:33 +0100