Package "linux-cloud-tools-common"

  linux (6.8.0-86.87) noble; urgency=medium

  * noble/linux: 6.8.0-86.87 -proposed tracker (LP: #2125391)
    - Fix FTBS caused by incorrect pick/backport of
      "perf dso: fix dso__is_kallsyms() check"

  * noble ubuntu_ftrace_smoke_test:mmiotrace timeout on aws:r5.metal
    (LP: #2121673)
    - mm: memcg: add NULL check to obj_cgroup_put()
    - memcg: drain obj stock on cpu hotplug teardown

  * [25.04 FEAT] [post announcement] [KRN2304] CPU-MF Counters for new IBM Z
    hardware - perf part (LP: #2103415)
    - perf list: Add IBM z17 event descriptions

  * memory leaks when configuring a small rate limit in audit (LP: #2122554)
    - audit: fix skb leak when audit rate limit is exceeded

  * [UBUNTU 24.04] PAI/NNPA support for new IBM z17 (LP: #2121956)
    - s390/pai: export number of sysfs attribute files
    - s390/pai_crypto: Add support for MSA 10 and 11 pai counters
    - s390/pai_ext: Update PAI extension 1 counters

  * [UBUNTU 24.04] s390/pci: Don't abort recovery for user-space drivers
    (LP: #2121150)
    - s390/pci: Allow automatic recovery with minimal driver support

  * [UBUNTU 24.04] s390/pci: Fix stale function handles in error handling
    (LP: #2121149)
    - s390/pci: Fix stale function handles in error handling
    - s390/pci: Do not try re-enabling load/store if device is disabled

  * [UBUNTU 24.04] vfio/pci: fix 8-byte PCI loads and stores (LP: #2121146)
    - vfio/pci: Extract duplicated code into macro
    - vfio/pci: Support 8-byte PCI loads and stores
    - vfio/pci: Fix typo in macro to declare accessors

  * x86 systems with PCIe BAR addresses located outside a certain range see
    P2PDMA allocation failures and CUDA initialization errors (LP: #2120209)
    - x86/kaslr: Reduce KASLR entropy on most x86 systems
    - x86/mm/init: Handle the special case of device private pages in
      add_pages(), to not increase max_pfn and trigger
      dma_addressing_limited() bounce buffers

  * sources list generation using dwarfdump takes up to 0.5hr in build process
    (LP: #2104911)
    - [Packaging] Don't generate list of source files

  * [SRU] Apparmor: Unshifted uids for hardlinks and unix sockets in user
    namespaces (LP: #2121257)
    - apparmor: shift ouid when mediating hard links in userns
    - apparmor: shift uid when mediating af_unix in userns

  * UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:452:16
    (LP: #2119713)
    - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller

  * [IdeaPad Slim 5 13ARP10 , 83J2] Microphone on AMD Ryzen 7 7735HS does not
    work (LP: #2102749)
    - ASoC: amd: yc: update quirk data for new Lenovo model

  * Fix compilation failure because of incomplete backport (LP: #2120561)
    - SAUCE: netfilter: ctnetlink: Fix -Wuninitialized in
      ctnetlink_secctx_size()

  * Noble update: upstream stable patchset 2025-09-01 (LP: #2121716)
    - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test
    - cpufreq: scpi: compare kHz instead of Hz
    - smack: dont compile ipv6 code unless ipv6 is configured
    - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update()
    - EDAC/{skx_common,i10nm}: Fix some missing error reports on Emerald
      Rapids
    - x86/fpu: Fix guest FPU state buffer allocation size
    - x86/fpu: Avoid copying dynamic FP state from init_task in
      arch_dup_task_struct()
    - x86/platform: Only allow CONFIG_EISA for 32-bit
    - [Config] updateconfigs after disabling CONFIG_EISA for amd64
    - x86/sev: Add missing RIP_REL_REF() invocations during sme_enable()
    - lockdep/mm: Fix might_fault() lockdep check of current->mm->mmap_lock
    - PM: sleep: Adjust check before setting power.must_resume
    - RISC-V: KVM: Disable the kernel perf counter during configure
    - selinux: Chain up tool resolving errors in install_policy.sh
    - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer
    - EDAC/ie31200: Fix the DIMM size mask for several SoCs
    - EDAC/ie31200: Fix the error path order of ie31200_init()
    - PM: sleep: Fix handling devices with direct_complete set on errors
    - lockdep: Don't disable interrupts on RT in
      disable_irq_nosync_lockdep.*()
    - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll
    - x86/traps: Make exc_double_fault() consistently noreturn
    - x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures
    - media: verisilicon: HEVC: Initialize start_bit field
    - media: platform: allgro-dvt: unregister v4l2_device on the error path
    - platform/x86: dell-ddv: Fix temperature calculation
    - ASoC: cs35l41: check the return value from spi_setup()
    - HID: remove superfluous (and wrong) Makefile entry for
      CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER
    - dt-bindings: vendor-prefixes: add GOcontroll
    - ALSA: hda/realtek: Always honor no_shutup_pins
    - ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio
      compatible
    - drm/bridge: ti-sn65dsi86: Fix multiple instances
    - drm/dp_mst: Fix drm RAD print
    - drm: xlnx: zynqmp: Fix max dma segment size
    - PCI: Use downstream bridges for distributing resources
    - drm/mediatek: mtk_hdmi: Unregister audio platform device on failure
    - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member
    - drm/msm/dpu: don't use active in atomic_check()
    - drm/msm/dsi: Use existing per-interface slice count in DSC timing
    - drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host
    - drm/amdkfd: Fix Circular Locking Dependency in
      'svm_range_cpu_invalidate_pagetables'
    - PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data
      payload
    - PCI: brcmstb: Use internal register to change link capability
    - PCI: brcmstb: Fix potential premature regulator disabling
    - PCI/portdrv: Only disable pciehp interrupts early when needed
    - drm/amd/display: fix type mismatch in
      CalculateDynamicMetadataParameters()
    - PCI: Remove stray put_device() in pci_register_

  linux (6.8.0-85.85) noble; urgency=medium

  * noble/linux: 6.8.0-85.85 -proposed tracker (LP: #2125109)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  * CVE-2025-38500
    - xfrm: interface: fix use-after-free after changing collect_md xfrm
      interface

  * TLS socket disconnection causes various issues (LP: #2120516) //
    CVE-2025-37756
    - net: tls: explicitly disallow disconnect

  * CVE-2025-38477
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class

  * CVE-2025-38618
    - vsock: Do not allow binding to VMADDR_PORT_ANY

  * CVE-2025-38617
    - net/packet: fix a race in packet_set_ring() and packet_notifier()

  * CVE-2025-37785
    - ext4: fix OOB read when checking dotdot dir

 -- Manuel Diewald <email address hidden> Thu, 18 Sep 2025 14:48:00 +0200

  linux (6.8.0-84.84) noble; urgency=medium

  * Linux refcount imbalance in af_unix subsystem (LP: #2121515)
    - SAUCE: af_unix: Fix GC compatibility with upstream OOB refcount changes

  linux (6.8.0-83.83) noble; urgency=medium

  * Linux refcount imbalance in af_unix subsystem (LP: #2121515)
    - SAUCE: af_unix: Fix GC compatibility with upstream OOB refcount changes

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

 -- Manuel Diewald <email address hidden> Fri, 05 Sep 2025 12:34:38 +0200

  linux (6.8.0-79.79) noble; urgency=medium

  * noble/linux: 6.8.0-79.79 -proposed tracker (LP: #2120415)

  * CVE-2024-57996 // CVE-2025-37752
    - net_sched: sch_sfq: move the limit validation

  * CVE-2025-38350
    - net/sched: Always pass notifications when child class becomes empty

  * CVE-2025-21887
    - ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up

 -- Stefan Bader <email address hidden> Tue, 12 Aug 2025 12:33:51 +0200