Package "linux-tools-host"

  linux (6.8.0-63.66) noble; urgency=medium

  * noble/linux: 6.8.0-63.66 -proposed tracker (LP: #2114341)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - [Packaging] update annotations scripts

  * CVE-2025-37798
    - sch_htb: make htb_qlen_notify() idempotent
    - sch_htb: make htb_deactivate() idempotent
    - sch_drr: make drr_qlen_notify() idempotent
    - sch_hfsc: make hfsc_qlen_notify() idempotent
    - sch_qfq: make qfq_qlen_notify() idempotent
    - sch_ets: make est_qlen_notify() idempotent
    - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

  * CVE-2025-37997
    - netfilter: ipset: fix region locking in hash types

  * CVE-2025-22088
    - RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

  * CVE-2025-37890
    - net_sched: hfsc: Fix a UAF vulnerability in class with netem as child
      qdisc
    - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
    - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

  * raid1: Fix NULL pointer dereference in process_checks() (LP: #2112519)
    - md/raid1: Add check for missing source disk in process_checks()

 -- Manuel Diewald <email address hidden> Fri, 13 Jun 2025 16:50:07 +0200

  linux (6.8.0-62.65) noble; urgency=medium

  * noble/linux: 6.8.0-62.65 -proposed tracker (LP: #2110737)

  * Rotate the Canonical Livepatch key (LP: #2111244)
    - [Config] Prepare for Canonical Livepatch key rotation

  * KVM bug causes Firecracker crash when it runs the vCPU for the first time
    (LP: #2109859)
    - vhost: return task creation error instead of NULL
    - kvm: retry nx_huge_page_recovery_thread creation

  * CVE-2025-2312 cifs.upcall could access incorrect kerberos credentials cache
    (LP: #2099914) // CVE-2025-2312
    - CIFS: New mount option for cifs.upcall namespace resolution

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640)
    - ASoC: wm8994: Add depends on MFD core
    - ASoC: samsung: Add missing selects for MFD_WM8994
    - seccomp: Stub for !CONFIG_SECCOMP
    - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request
    - of/unittest: Add test that of_address_to_resource() fails on non-
      translatable address
    - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag
    - hwmon: (drivetemp) Set scsi command timeout to 10s
    - ASoC: samsung: Add missing depends on I2C
    - ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf()
    - Revert "libfs: fix infinite directory reads for offset dir"
    - libfs: Replace simple_offset end-of-directory detection
    - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
    - ALSA: usb-audio: Add delay quirk for USB Audio Device
    - Input: xpad - add support for Nacon Pro Compact
    - Input: atkbd - map F23 key to support default copilot shortcut
    - Input: xpad - add unofficial Xbox 360 wireless receiver clone
    - Input: xpad - add QH Electronics VID/PID
    - Input: xpad - improve name of 8BitDo controller 2dc8:3106
    - Input: xpad - add support for Nacon Evol-X Xbox One Controller
    - Input: xpad - add support for wooting two he (arm)
    - ASoC: codecs: es8316: Fix HW rate calculation for 48Mhz MCLK
    - ASoC: cs42l43: Add codec force suspend/resume ops
    - ALSA: hda/realtek: Fix volume adjustment issue on Lenovo ThinkBook 16P Gen5
    - libfs: Return ENOSPC when the directory offset range is exhausted
    - Revert "libfs: Add simple_offset_empty()"
    - libfs: Use d_children list to iterate simple_offset directories
    - wifi: rtl8xxxu: add more missing rtl8192cu USB IDs
    - HID: wacom: Initialize brightness of LED trigger
    - Upstream stable to v6.6.75, v6.12.12

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21689
    - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21690
    - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21691
    - cachestat: fix page cache statistics permission checking

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21692
    - net: sched: fix ets qdisc OOB Indexing

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2025-21699
    - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag

  * Noble update: upstream stable patchset 2025-04-29 (LP: #2109640) //
    CVE-2024-50157
    - RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop

  * rtw89: Support hardware rfkill (LP: #2077384)
    - wifi: rtw89: add support for hardware rfkill

  * Introduce configfs-based interface for gpio-aggregator (LP: #2103496)
    - gpio: introduce utilities for synchronous fake device creation
    - bitmap: Define a cleanup function for bitmaps
    - gpio: aggregator: simplify aggr_parse() with scoped bitmap
    - gpio: aggregator: protect driver attr handlers against module unload
    - gpio: aggregator: reorder functions to prepare for configfs introduction
    - gpio: aggregator: unify function naming
    - gpio: aggregator: add gpio_aggregator_{alloc, free}()
    - gpio: aggregator: introduce basic configfs interface
    - [Config] Enable DEV_SYNC_PROBE as module
    - SAUCE: gpio: aggregator: Fix error code in gpio_aggregator_activate()
    - gpio: aggregator: rename 'name' to 'key' in gpio_aggregator_parse()
    - gpio: aggregator: expose aggregator created via legacy sysfs to configfs
    - SAUCE: gpio: aggregator: fix "_sysfs" prefix check in
      gpio_aggregator_make_group()
    - SAUCE: gpio: aggregator: Fix gpio_aggregator_line_alloc() checking
    - SAUCE: gpio: aggregator: Return an error if there are no GPIOs in
      gpio_aggregator_parse()
    - SAUCE: gpio: aggregator: Fix leak in gpio_aggregator_parse()
    - gpio: aggregator: cancel deferred probe for devices created via configfs
    - Documentation: gpio: document configfs interface for gpio-aggregator
    - selftests: gpio: add test cases for gpio-aggregator
    - SAUCE: selftests: gpio: gpio-aggregator: add a test case for _sysfs prefix
      reservation

  * Noble update: upstream stable patchset 2025-04-16 (LP: #2107449)
    - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()
    - net: add exit_batch_rtnl() method
    - gtp: use exit_batch_rtnl() method
    - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp().
    - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().
    - nfp: bpf: prevent integer overflow in nfp_bpf_event_output()
    - net: xilinx: axienet: Fix IRQ coalescing packet count overflow
    - net/mlx5: Fix RDMA TX steering prio
    - net/mlx5e: Rely on reqid in IPsec tunnel mode
    - net/mlx5e: Always start IPsec sequence number from 1
    - drm/vmwgfx: Add new keep_resv BO param
    - drm/v3d: Assign job pointer to NULL before signaling the fence
    - soc: ti: pruss: Fix pruss APIs
    - hwmon: (tmp513) Fix division of negative numbers
    - i2c: mux: demux-pinctrl: check initial mux selection, too
    - i2c: rcar: fix NACK handling when being a target
    - hfs: Sanity che

  linux (6.8.0-60.63) noble; urgency=medium

  * noble/linux: 6.8.0-60.63 -proposed tracker (LP: #2107138)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2025.04.14)

  * Missing upstream commits for LP: #2102181 (LP: #2107336)
    - libperf cpumap: Add any, empty and min helpers
    - libperf cpumap: Ensure empty cpumap is NULL from alloc

  * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770)
    - memblock: use numa_valid_node() helper to check for invalid node ID
    - jbd2: increase IO priority for writing revoke records
    - jbd2: flush filesystem device before updating tail sequence
    - dm array: fix unreleased btree blocks on closing a faulty array cursor
    - dm array: fix cursor index when skipping across block boundaries
    - exfat: fix the infinite loop in __exfat_free_cluster()
    - erofs: fix PSI memstall accounting
    - ASoC: rt722: add delay time to wait for the calibration procedure
    - ASoC: mediatek: disable buffer pre-allocation
    - selftests/alsa: Fix circular dependency involving global-timer
    - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    - net: 802: LLC+SNAP OID:PID lookup on start of skb data
    - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
    - tcp/dccp: allow a connection when sk_max_ack_backlog is zero
    - net: libwx: fix firmware mailbox abnormal return
    - pds_core: limit loop over fw name list
    - bnxt_en: Fix possible memory leak when hwrm_req_replace fails
    - cxgb4: Avoid removal of uninserted tid
    - ice: fix incorrect PHY settings for 100 GB/s
    - igc: return early when failing to read EECD register
    - tls: Fix tls_sw_sendmsg error handling
    - eth: gve: use appropriate helper to set xdp_features
    - Bluetooth: hci_sync: Fix not setting Random Address when required
    - Bluetooth: MGMT: Fix Add Device to responding before completing
    - Bluetooth: btnxpuart: Fix driver sending truncated data
    - tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
    - riscv: Fix early ftrace nop patching
    - memblock tests: fix implicit declaration of function 'numa_valid_node'
    - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on
    - netfilter: nf_tables: imbalance in flowtable binding
    - drm/mediatek: stop selecting foreign drivers
    - [Config] updateconfigs for MTK_SMI
    - drm/mediatek: Fix YCbCr422 color format issue for DP
    - drm/mediatek: Fix mode valid issue for dp
    - drm/mediatek: Add return value check when reading DPCD
    - cpuidle: riscv-sbi: fix device node release in early exit of
      for_each_possible_cpu
    - scsi: ufs: qcom: Power off the PHY if it was already powered on in
      ufs_qcom_power_up_sequence()
    - dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
    - ksmbd: Implement new SMB3 POSIX type
    - thermal: of: fix OF node leak in of_thermal_zone_find()
    - smb: client: sync the root session and superblock context passwords before
      automounting
    - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    - drm/amd/display: increase MAX_SURFACES to the value supported by hw
    - io_uring/timeout: fix multishot updates
    - dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2)
    - USB: serial: option: add MeiG Smart SRM815
    - USB: serial: option: add Neoway N723-EA support
    - staging: iio: ad9834: Correct phase range check
    - staging: iio: ad9832: Correct phase range check
    - usb-storage: Add max sectors quirk for Nokia 208
    - USB: serial: cp210x: add Phoenix Contact UPS Device
    - usb: dwc3: gadget: fix writing NYET threshold
    - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
      config
    - tty: serial: 8250: Fix another runtime PM usage counter underflow
    - usb: dwc3-am62: Disable autosuspend during remove
    - USB: usblp: return error when setting unsupported protocol
    - USB: core: Disable LPM only for non-suspended ports
    - usb: fix reference leak in usb_new_device()
    - usb: gadget: midi2: Reverse-select at the right place
    - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
      the error path of .probe()
    - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
    - usb: typec: tcpm/tcpci_maxim: fix error code in
      max_contaminant_read_resistance_kohm()
    - usb: gadget: configfs: Ignore trailing LF for user strings to cdev
    - iio: gyro: fxas21002c: Fix missing data update in trigger handler
    - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
    - iio: inkern: call iio_device_put() only on mapped devices
    - iio: adc: ad7124: Disable all channels at probe time
    - riscv: kprobes: Fix incorrect address calculation
    - ARM: dts: imxrt1050: Fix clocks for mmc
    - arm64: dts: rockchip: add hevc power domain clock to rk3328
    - pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop
    - pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe()
    - workqueue: Add rcu lock check at the end of work item execution
    - workqueue: Update lock debugging code
    - mm/hugetlb: enforce that PMD PT sharing has split PMD PT locks
    - riscv: Fix text patching when IPI are used
    - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported
    - ovl: pass realinode to ovl_encode_real_fh() instead of realdentry
    - net: don't dump Tx and uninitialized NAPIs
    - ice: fix max values for dpll pin phase adjust
    - net: hns3: fixed reset failure issues caused by the incorrect reset type
    - net: hns3: fix missing features due to dev->features configuration too early
    - net: hns3: Resolved the issue that the debugfs query result is inconsistent.
    - net: hns3: initialize reset_timer before hclgevf

  linux (6.8.0-59.61) noble; urgency=medium

  * noble/linux: 6.8.0-59.61 -proposed tracker (LP: #2107076)

  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts

  * CVE-2024-56653
    - Bluetooth: btmtk: avoid UAF in btmtk_process_coredump

 -- Manuel Diewald <email address hidden> Fri, 11 Apr 2025 22:44:56 +0200

  linux (6.8.0-58.60) noble; urgency=medium

  * noble/linux: 6.8.0-58.60 -proposed tracker (LP: #2102529)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2025.03.17)

  * wdat_wdt.ko should be pulled in by linux-image-virtual (LP: #2098554)
    - [Packaging]: wdat_wdt.ko is moved from "linux-modules-extra-*-generic" to
      "linux-modules-*-generic"

  * Noble update: upstream stable patchset 2025-03-12 (LP: #2102118)
    - openrisc: Use asm-generic's version of fix_to_virt() & virt_to_fix()
    - iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call
    - watchdog: xilinx_wwdt: Calculate max_hw_heartbeat_ms using clock frequency
    - watchdog: apple: Actually flush writes after requesting watchdog restart
    - watchdog: mediatek: Make sure system reset gets asserted in
      mtk_wdt_restart()
    - can: gs_usb: add VID/PID for Xylanta SAINT3 product family
    - can: gs_usb: add usb endpoint address detection at driver probe step
    - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL
    - can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics
    - can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics
    - can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics
    - can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics
    - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics
    - can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics
    - can: f81604: f81604_handle_can_bus_errors(): fix {rx,tx}_errors statistics
    - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()
    - selftests: hid: fix typo and exit code
    - ptp: Add error handling for adjfine callback in ptp_clock_adjtime
    - net/sched: tbf: correct backlog statistic for GSO packets
    - net: hsr: fix fill_frame_info() regression vs VLAN packets
    - platform/x86: asus-wmi: add support for vivobook fan profiles
    - platform/x86: asus-wmi: Fix inconsistent use of thermal policies
    - platform/x86: asus-wmi: Ignore return value when writing thermal policy
    - net/smc: mark optional smcd_ops and check for support when called
    - net/smc: add operations to merge sndbuf with peer DMB
    - net/smc: {at|de}tach sndbuf to peer DMB if supported
    - net/smc: refactoring initialization of smc sock
    - net/qed: allow old cards not supporting "num_images" to work
    - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5
    - ixgbe: downgrade logging of unsupported VF API version to debug
    - net: sched: fix erspan_opt settings in cls_flower
    - netfilter: nft_set_hash: skip duplicated elements pending gc run
    - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext
    - ethtool: Fix wrong mod state in case of verbose and no_mask bitset
    - mlxsw: spectrum_acl_flex_keys: Constify struct mlxsw_afk_element_inst
    - mlxsw: spectrum_acl_flex_keys: Use correct key block on Spectrum-4
    - net/mlx5e: Remove workaround to avoid syndrome for internal port
    - xhci: Allow RPM on the USB controller (1022:43f7) by default
    - gpio: grgpio: use a helper variable to store the address of ofdev->dev
    - usb: dwc3: gadget: Rewrite endpoint allocation flow
    - usb: dwc3: ep0: Don't reset resource alloc flag (including ep0)
    - usb: dwc3: ep0: Don't clear ep0 DWC3_EP_TRANSFER_STARTED
    - mmc: mtk-sd: use devm_mmc_alloc_host
    - mmc: mtk-sd: Fix error handle of probe function
    - mmc: mtk-sd: fix devm_clk_get_optional usage
    - mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting
    - zram: do not mark idle slots that cannot be idle
    - zram: clear IDLE flag in mark_idle()
    - powerpc/vdso: Refactor CFLAGS for CVDSO build
    - powerpc/vdso: Drop -mstack-protector-guard flags in 32-bit files with clang
    - ntp: Remove invalid cast in time offset math
    - driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link
    - driver core: fw_devlink: Stop trying to optimize cycle detection logic
    - drivers: core: fix device leak in __fw_devlink_relax_cycles()
    - i3c: master: support to adjust first broadcast address speed
    - i3c: master: svc: use slow speed for first broadcast address
    - i3c: master: svc: Modify enabled_events bit 7:0 to act as IBI enable counter
    - i3c: master: Replace hard code 2 with macro I3C_ADDR_SLOT_STATUS_BITS
    - i3c: master: Extend address status bit to 4 and add
      I3C_ADDR_SLOT_EXT_DESIRED
    - i3c: master: Fix dynamic address leak when 'assigned-address' is present
    - i3c: master: Fix missing 'ret' assignment in set_speed()
    - drm/bridge: it6505: update usleep_range for RC circuit charge time
    - drm/bridge: it6505: Fix inverted reset polarity
    - scsi: ufs: core: Always initialize the UIC done completion
    - scsi: ufs: core: Add ufshcd_send_bsg_uic_cmd() for UFS BSG
    - bpf, vsock: Fix poll() missing a queue
    - bpf, vsock: Invoke proto::close on close()
    - xsk: always clear DMA mapping information when unmapping the pool
    - bpftool: fix potential NULL pointer dereferencing in prog_dump()
    - drm/sti: Add __iomem for mixer_dbg_mxn's parameter
    - ALSA: seq: ump: Use automatic cleanup of kfree()
    - ALSA: ump: Update substream name from assigned FB names
    - ALSA: seq: ump: Fix seq port updates per FB info notify
    - ALSA: usb-audio: Notify xrun for low-latency mode
    - tools: Override makefile ARCH variable if defined, but empty
    - ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index
    - ASoC: SOF: ipc3-topology: fix resource leaks in
      sof_ipc3_widget_setup_comp_dai()
    - bpf: Fix narrow scalar spill onto 64-bit spilled scalar slots
    - scsi: scsi_debug: Fix hrtimer support for ndelay
    - ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec
    - drm/v3d: Enable Performance Counters before clearing them
    - scatterlist: