Package "linux-headers-6.8.0-86-generic"

  linux (6.8.0-78.78) noble; urgency=medium

  * noble/linux: 6.8.0-78.78 -proposed tracker (LP: #2120405)

  * Incorrect backport for CVE-2025-21861 causes kernel hangs
    (LP: #2120330) // CVE-2025-21861
    - mm/migrate_device: don't add folio to be freed to LRU in
      migrate_device_finalize()

  * Incorrect backport for CVE-2025-21861 causes kernel hangs (LP: #2120330)
    - SAUCE: Revert "mm/migrate_device: don't add folio to be freed to LRU in
      migrate_device_finalize()"
    - mm: migrate_device: use more folio in migrate_device_finalize()

  linux (6.8.0-71.71) noble; urgency=medium

  * noble/linux: 6.8.0-71.71 -proposed tracker (LP: #2117506)

  * [Regression Updates] "PCI: Explicitly put devices into D0 when
    initializing" breaks pci-pass-through in QEMU/KVM (LP: #2117494)
    - PCI/PM: Set up runtime PM even for devices without PCI PM

  linux (6.8.0-64.67) noble; urgency=medium

  * noble/linux: 6.8.0-64.67 -proposed tracker (LP: #2114668)

  * Unexpected system reboot at loading GUI session on some AMD platforms
    (LP: #2112462)
    - drm/amdgpu/hdp4: use memcfg register to post the write for HDP flush
    - drm/amdgpu/hdp5: use memcfg register to post the write for HDP flush
    - drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush
    - drm/amdgpu/hdp6: use memcfg register to post the write for HDP flush

  * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
    (LP: #2114174)
    - s390/pci: rename lock member in struct zpci_dev
    - s390/pci: introduce lock to synchronize state of zpci_dev's
    - s390/pci: remove hotplug slot when releasing the device
    - s390/pci: Remove redundant bus removal and disable from
      zpci_release_device()
    - s390/pci: Prevent self deletion in disable_slot()
    - s390/pci: Allow re-add of a reserved but not yet removed device
    - s390/pci: Serialize device addition and removal

  * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
    (LP: #2114174) // CVE-2025-37946
    - s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has
      child VFs

  * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
    (LP: #2114174) // CVE-2025-37974
    - s390/pci: Fix missing check for zpci_create_device() error return

  * [UBUNTU 24.04] s390/pci: Fix immediate re-add of PCI function after remove
    (LP: #2114174) // CVE-2024-56699
    - s390/pci: Fix potential double remove of hotplug slot

  * System will restart while resuming with SATA HDD or nvme installed with
    password set (LP: #2110090)
    - PCI: Explicitly put devices into D0 when initializing

  * Noble update: upstream stable patchset 2025-06-12 (LP: #2114239)
    - btrfs: fix assertion failure when splitting ordered extent after
      transaction abort
    - btrfs: fix use-after-free when attempting to join an aborted transaction
    - arm64/mm: Ensure adequate HUGE_MAX_HSTATE
    - exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case
    - s390/stackleak: Use exrl instead of ex in __stackleak_poison()
    - btrfs: fix data race when accessing the inode's disk_i_size at
      btrfs_drop_extents()
    - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error
      handling
    - sched: Don't try to catch up excess steal time.
    - locking/ww_mutex/test: Use swap() macro
    - lockdep: Fix upper limit for LOCKDEP_*_BITS configs
    - x86/amd_nb: Restrict init function to AMD-based systems
    - drm/virtio: New fence for every plane update
    - drm: Add panel backlight quirks
    - drm: panel-backlight-quirks: Add Framework 13 matte panel
    - drm: panel-backlight-quirks: Add Framework 13 glossy and 2.8k panels
    - nvkm/gsp: correctly advance the read pointer of GSP message queue
    - nvkm: correctly calculate the available space of the GSP cmdq buffer
    - drm/amd/display: Populate chroma prefetch parameters, DET buffer fix
    - drm/amd/display: Overwriting dualDPP UBF values before usage
    - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
    - drm/connector: add mutex to protect ELD from concurrent access
    - drm/bridge: anx7625: use eld_mutex to protect access to connector->eld
    - drm/bridge: ite-it66121: use eld_mutex to protect access to
      connector->eld
    - drm/amd/display: use eld_mutex to protect access to connector->eld
    - drm/exynos: hdmi: use eld_mutex to protect access to connector->eld
    - drm/radeon: use eld_mutex to protect access to connector->eld
    - drm/sti: hdmi: use eld_mutex to protect access to connector->eld
    - drm/vc4: hdmi: use eld_mutex to protect access to connector->eld
    - drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor
    - drm/amdgpu: Don't enable sdma 4.4.5 CTXEMPTY interrupt
    - drm/amdkfd: Queue interrupt work to different CPU
    - drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT
    - drm/bridge: it6505: fix HDCP Bstatus check
    - drm/bridge: it6505: fix HDCP encryption when R0 ready
    - drm/bridge: it6505: fix HDCP CTS compare V matching
    - drm/bridge: it6505: fix HDCP V match check is not performed correctly
    - drm/bridge: it6505: fix HDCP CTS KSV list wait timer
    - safesetid: check size of policy writes
    - drm/amd/display: Increase sanitizer frame larger than limit when compile
      testing with clang
    - drm/amd/display: Limit Scaling Ratio on DCN3.01
    - wifi: rtw89: add crystal_cap check to avoid setting as overflow value
    - tun: fix group permission check
    - mmc: core: Respect quirk_max_rate for non-UHS SDIO card
    - mmc: sdhci-esdhc-imx: enable 'SDHCI_QUIRK_NO_LED' quirk for S32G
    - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()
    - tomoyo: don't emit warning in tomoyo_write_control()
    - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
    - wifi: rtw88: add __packed attribute to efuse layout struct
    - clk: qcom: Make GCC_8150 depend on QCOM_GDSC
    - HID: multitouch: Add quirk for Hantick 5288 touchpad
    - HID: Wacom: Add PCI Wacom device support
    - net/mlx5: use do_aux_work for PHC overflow checks
    - wifi: brcmfmac: Check the return value of
      of_property_read_string_index()
    - wifi: iwlwifi: pcie: Add support for new device ids
    - wifi: iwlwifi: avoid memory leak
    - i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
    - APEI: GHES: Have GHES honor the panic= setting
    - Bluetooth: btusb: Add new VID/PID 13d3/3610 for MT7922
    - Bluetooth: btusb: Add new VID/PID 13d3/3628 for MT7925
    - Bluetooth: MGMT: Fix slab-use-after-free Read in
      mgmt_remove_adv_monitor_sync
    - net: wwan: iosm: Fix hibernation by re-binding the driver around it
    - mmc: sdhci-msm: Correctly set the load for the regulator
    - octeon_ep: update tx/rx

  linux (6.8.0-63.66) noble; urgency=medium

  * noble/linux: 6.8.0-63.66 -proposed tracker (LP: #2114341)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - [Packaging] update annotations scripts

  * CVE-2025-37798
    - sch_htb: make htb_qlen_notify() idempotent
    - sch_htb: make htb_deactivate() idempotent
    - sch_drr: make drr_qlen_notify() idempotent
    - sch_hfsc: make hfsc_qlen_notify() idempotent
    - sch_qfq: make qfq_qlen_notify() idempotent
    - sch_ets: make est_qlen_notify() idempotent
    - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

  * CVE-2025-37997
    - netfilter: ipset: fix region locking in hash types

  * CVE-2025-22088
    - RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

  * CVE-2025-37890
    - net_sched: hfsc: Fix a UAF vulnerability in class with netem as child
      qdisc
    - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
    - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

  * raid1: Fix NULL pointer dereference in process_checks() (LP: #2112519)
    - md/raid1: Add check for missing source disk in process_checks()

 -- Manuel Diewald <email address hidden> Fri, 13 Jun 2025 16:50:07 +0200

  linux (6.8.0-62.65) noble; urgency=medium

  * noble/linux: 6.8.0-62.65 -proposed tracker (LP: #2110737)

  * Rotate the Canonical Livepatch key (LP: #2111244)
    - [Config] Prepare for Canonical Livepatch key rotation

  * KVM bug causes Firecracker crash when it runs the vCPU for the first time
    (LP: #2109859)
    - vhost: return task creation error instead of NULL
    - kvm: retry nx_huge_page_recovery_thread creation

  * CVE-2025-2312 cifs.upcall could access incorrect kerberos credentials cache
    (LP: #2099914) // CVE-2025-2312
    - CIFS: New mount option for cifs.upcall namespace resolution

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640)
    - ASoC: wm8994: Add depends on MFD core
    - ASoC: samsung: Add missing selects for MFD_WM8994
    - seccomp: Stub for !CONFIG_SECCOMP
    - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request
    - of/unittest: Add test that of_address_to_resource() fails on non-
      translatable address
    - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag
    - hwmon: (drivetemp) Set scsi command timeout to 10s
    - ASoC: samsung: Add missing depends on I2C
    - ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf()
    - Revert "libfs: fix infinite directory reads for offset dir"
    - libfs: Replace simple_offset end-of-directory detection
    - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
    - ALSA: usb-audio: Add delay quirk for USB Audio Device
    - Input: xpad - add support for Nacon Pro Compact
    - Input: atkbd - map F23 key to support default copilot shortcut
    - Input: xpad - add unofficial Xbox 360 wireless receiver clone
    - Input: xpad - add QH Electronics VID/PID
    - Input: xpad - improve name of 8BitDo controller 2dc8:3106
    - Input: xpad - add support for Nacon Evol-X Xbox One Controller
    - Input: xpad - add support for wooting two he (arm)
    - ASoC: codecs: es8316: Fix HW rate calculation for 48Mhz MCLK
    - ASoC: cs42l43: Add codec force suspend/resume ops
    - ALSA: hda/realtek: Fix volume adjustment issue on Lenovo ThinkBook 16P Gen5
    - libfs: Return ENOSPC when the directory offset range is exhausted
    - Revert "libfs: Add simple_offset_empty()"
    - libfs: Use d_children list to iterate simple_offset directories
    - wifi: rtl8xxxu: add more missing rtl8192cu USB IDs
    - HID: wacom: Initialize brightness of LED trigger
    - Upstream stable to v6.6.75, v6.12.12

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21689
    - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21690
    - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21691
    - cachestat: fix page cache statistics permission checking

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21692
    - net: sched: fix ets qdisc OOB Indexing

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21699
    - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2024-50157
    - RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop

  * rtw89: Support hardware rfkill (LP: #2077384)
    - wifi: rtw89: add support for hardware rfkill

  * Introduce configfs-based interface for gpio-aggregator (LP: #2103496)
    - gpio: introduce utilities for synchronous fake device creation
    - bitmap: Define a cleanup function for bitmaps
    - gpio: aggregator: simplify aggr_parse() with scoped bitmap
    - gpio: aggregator: protect driver attr handlers against module unload
    - gpio: aggregator: reorder functions to prepare for configfs introduction
    - gpio: aggregator: unify function naming
    - gpio: aggregator: add gpio_aggregator_{alloc, free}()
    - gpio: aggregator: introduce basic configfs interface
    - [Config] Enable DEV_SYNC_PROBE as module
    - SAUCE: gpio: aggregator: Fix error code in gpio_aggregator_activate()
    - gpio: aggregator: rename 'name' to 'key' in gpio_aggregator_parse()
    - gpio: aggregator: expose aggregator created via legacy sysfs to configfs
    - SAUCE: gpio: aggregator: fix "_sysfs" prefix check in
      gpio_aggregator_make_group()
    - SAUCE: gpio: aggregator: Fix gpio_aggregator_line_alloc() checking
    - SAUCE: gpio: aggregator: Return an error if there are no GPIOs in
      gpio_aggregator_parse()
    - SAUCE: gpio: aggregator: Fix leak in gpio_aggregator_parse()
    - gpio: aggregator: cancel deferred probe for devices created via configfs
    - Documentation: gpio: document configfs interface for gpio-aggregator
    - selftests: gpio: add test cases for gpio-aggregator
    - SAUCE: selftests: gpio: gpio-aggregator: add a test case for _sysfs prefix
      reservation

  * Noble update: upstream stable patchset 2025-04-16 (LP: #2107449)
    - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()
    - net: add exit_batch_rtnl() method
    - gtp: use exit_batch_rtnl() method
    - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp().
    - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().
    - nfp: bpf: prevent integer overflow in nfp_bpf_event_output()
    - net: xilinx: axienet: Fix IRQ coalescing packet count overflow
    - net/mlx5: Fix RDMA TX steering prio
    - net/mlx5e: Rely on reqid in IPsec tunnel mode
    - net/mlx5e: Always start IPsec sequence number from 1
    - drm/vmwgfx: Add new keep_resv BO param
    - drm/v3d: Assign job pointer to NULL before signaling the fence
    - soc: ti: pruss: Fix pruss APIs
    - hwmon: (tmp513) Fix division of negative numbers
    - i2c: mux: demux-pinctrl: check initial mux selection, too
    - i2c: rcar: fix NACK handling when being a target
    - hfs: Sanity che