UbuntuUpdates.org

Package "linux-nvidia-tegra"

Name: linux-nvidia-tegra

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 6.8.0
  • Header files related to Linux kernel version 6.8.0
  • Header files related to Linux kernel version 6.8.0
  • Header files related to Linux kernel version 6.8.0

Latest version: 6.8.0-1029.30
Release: noble (24.04)
Level: updates
Repository: universe

Links



Other versions of "linux-nvidia-tegra" in Noble

Repository Area Version
security universe 6.8.0-1029.30
proposed universe 6.8.0-1027.28

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.8.0-1029.30 2026-07-01 02:08:26 UTC

  linux-nvidia-tegra (6.8.0-1029.30) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1029.30 -proposed tracker (LP: #2158414)

  [ Ubuntu-realtime: 6.8.1-1055.56 ]

  * noble/linux-realtime: 6.8.1-1055.56 -proposed tracker (LP: #2158420)
  [ Ubuntu: 6.8.0-134.134 ]
  * noble/linux: 6.8.0-134.134 -proposed tracker (LP: #2158432)
  * ext4: writeback causes kernel oops when low on space (LP: #2158377)
    - ext4: get rid of ppath in get_ext_path()

  [ Ubuntu-realtime: 6.8.1-1054.55 ]

  * noble/linux-realtime: 6.8.1-1054.55 -proposed tracker (LP: #2157185)
  [ Ubuntu: 6.8.0-131.131 ]
  * noble/linux: 6.8.0-131.131 -proposed tracker (LP: #2157196)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2026-46244
    - netfilter: nft_inner: Fix IPv6 inner_thoff desync
  * CVE-2026-43185
    - ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
  * CVE-2026-46289
    - lib/scatterlist: fix length calculations in extract_kvec_to_sg
  * CVE-2026-46119
    - libceph: Fix slab-out-of-bounds access in auth message processing
  * CVE-2026-46135
    - nvmet-tcp: fix race between ICReq handling and queue teardown
  * CVE-2026-46185
    - smb/client: fix out-of-bounds read in symlink_data()
  * CVE-2026-46195
    - smb: client: validate dacloffset before building DACL pointers
  * CVE-2026-46115
    - block: add pgmap check to biovec_phys_mergeable
  * CVE-2026-43501
    - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
  * CVE-2026-45988
    - rxrpc: Fix re-decryption of RESPONSE packets
  * CVE-2026-46043
    - RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
  * CVE-2026-43493
    - crypto: pcrypt - Fix handling of MAY_BACKLOG requests
  * CVE-2026-43071
    - dcache: Limit the minimal number of bucket to two
  * CVE-2026-31685
    - netfilter: ip6t_eui64: reject invalid MAC header for all packets
  * CVE-2026-43117
    - btrfs: tracepoints: get correct superblock from dentry in event
      btrfs_sync_file()
  * CVE-2026-43114
    - netfilter: nft_set_pipapo_avx2: don't return non-matching entry on
      expiry
  * CVE-2026-31607
    - usbip: validate number_of_packets in usbip_pack_ret_submit()
  * CVE-2026-31659
    - batman-adv: reject oversized global TT response buffers
  * CVE-2026-31649
    - net: stmmac: fix integer underflow in chain mode
  * CVE-2026-31657
    - batman-adv: hold claim backbone gateways by reference
  * CVE-2026-31637
    - rxrpc: reject undecryptable rxkad response tickets
  * CVE-2026-31669
    - mptcp: fix slab-use-after-free in __inet_lookup_established
  * CVE-2026-31668
    - seg6: separate dst_cache for input and output paths in seg6 lwtunnel
  * CVE-2026-43011
    - net/x25: Fix potential double free of skb
  * CVE-2026-43037
    - ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
  * CVE-2026-43341
    - net/ipv6: ioam6: prevent schema length wraparound in trace fill
  * CVE-2026-43038
    - ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
  * CVE-2026-31682
    - bridge: br_nd_send: linearize skb before parsing ND options
  * CVE-2026-31436
    - dmaengine: idxd: fix possible wrong descriptor completion in
      llist_abort_desc()
  * CVE-2026-43384
    - net/tcp-ao: Fix MAC comparison to be constant-time
  * CVE-2026-31448
    - ext4: get rid of ppath in ext4_find_extent()
    - ext4: get rid of ppath in ext4_ext_create_new_leaf()
    - ext4: get rid of ppath in ext4_ext_insert_extent()
    - ext4: avoid infinite loops caused by residual data
  * CVE-2026-31478
    - ksmbd: replace hardcoded hdr2_len with offsetof() in
      smb2_calc_max_out_buf_len()
  * CVE-2026-23428
    - ksmbd: fix use-after-free of share_conf in compound request
  * CVE-2026-23450
    - net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()
  * CVE-2026-23455
    - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
  * CVE-2026-31402
    - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
  * CVE-2026-43383
    - net/tcp-md5: Fix MAC comparison to be constant-time
  * CVE-2026-43378
    - smb: server: fix use-after-free in smb2_open()
  * CVE-2026-46243
    - smb: client: reject userspace cifs.spnego descriptions
  * CVE-2026-43414
    - scsi: qla2xxx: Completely fix fcport double free
  * CVE-2026-43407
    - libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
  * CVE-2026-43406
    - libceph: prevent potential out-of-bounds reads in
      process_message_header()

 -- Jacob Martin <email address hidden> Mon, 29 Jun 2026 09:20:35 -0500

Source diff to previous version
2158377 ext4: writeback causes kernel oops when low on space
1786013 Packaging resync
CVE-2026-46244 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), wh
CVE-2026-43185 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prep
CVE-2026-46289 In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch series "Fi
CVE-2026-46119 In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potenti
CVE-2026-46135 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_
CVE-2026-46185 In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlink_data() Since smb2_check_message()
CVE-2026-46195 In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parse_sec_desc()
CVE-2026-46115 In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used
CVE-2026-43501 In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rc
CVE-2026-45988 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a tempor
CVE-2026-46043 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() curr
CVE-2026-43493 In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can
CVE-2026-43071 In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem
CVE-2026-31685 In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()`
CVE-2026-43117 In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file(
CVE-2026-43114 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New t
CVE-2026-31607 In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP clie
CVE-2026-31659 In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_
CVE-2026-31649 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode imp
CVE-2026-31657 In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() ca
CVE-2026-31637 In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decry
CVE-2026-31669 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table loo
CVE-2026-31668 In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 l
CVE-2026-43011 In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_
CVE-2026-43037 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following
CVE-2026-43341 In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6_fill_trac
CVE-2026-43038 In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review
CVE-2026-31682 In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses
CVE-2026-31436 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()
CVE-2026-43384 In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, M
CVE-2026-31448 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, whe
CVE-2026-31478 In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
CVE-2026-23428 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of share_conf in compound request smb2_get_ksmbd_tcon
CVE-2026-23450 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() Syzkaller repo
CVE-2026-23455 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ9
CVE-2026-31402 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache u
CVE-2026-43383 In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks,
CVE-2026-43378 In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via
CVE-2026-46243 In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descript
CVE-2026-43414 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xx_els_dcmd_iocb() sp-
CVE-2026-43407 In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() This pa
CVE-2026-43406 In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in process_message_header() If t

Version: 6.8.0-1026.26 2026-05-29 00:08:25 UTC

  linux-nvidia-tegra (6.8.0-1026.26) noble; urgency=medium

  [ Ubuntu-realtime: 6.8.1-1052.53 ]

  [ Ubuntu: 6.8.0-124.124 ]
  * GRO managed-frag use-after-free leading to local privilege escalation
    (LP: #2154172)
    - net: gro: don't merge zcopy skbs
  [ Ubuntu: 6.8.0-121.121 ]
  * apparmor (LP: #2151747)
    - apparmor: Fix incorrect profile->signal range check
    - SAUCE: apparmor: pass big_resp to handler
    - SAUCE: apparmor: remove redundant kref_init for listener->count
    - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb
  * apparmor (LP: #2151747) // CVE-2026-47337
    - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr
  * apparmor (LP: #2151747) // CVE-2026-47336
    - SAUCE: apparmor: fix use of unintialized variable in net opt level
  * apparmor (LP: #2151747) // CVE-2026-47335
    - SAUCE: apparmor: fix possible NULL pointer dereference by adding a NULL
      check
  * apparmor (LP: #2151747) // CVE-2026-47334
    - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock
  * apparmor (LP: #2151747) // CVE-2026-47333
    - SAUCE: apparmor: fix dfa unpacking size of the notification filter
  * apparmor (LP: #2151747) // CVE-2026-47332
    - SAUCE: apparmor: fix size check against type instead of pointer
  * apparmor (LP: #2151747) // CVE-2026-47331
    - SAUCE: apparmor: fix changing rules list without a lock
  * apparmor: LLVM/clang build failure due to uninitialized variable in
    notify.c (LP: #2148809) // CVE-2026-47330
    - SAUCE: apparmor: initialize variable used in uninitialized context
  * apparmor (LP: #2151747) // CVE-2026-47329
    - SAUCE: apparmor: fix name validation bypass on notification
  * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328
    - SAUCE: apparmor: fix glob memory leak after kstrdup
  * apparmor (LP: #2151747) // CVE-2026-47326
    - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer
  [ Ubuntu: 6.8.0-120.120 ]
  * noble/linux: 6.8.0-120.120 -proposed tracker (LP: #2153733)
  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
  * CVE-2026-46300
    - net: skbuff: preserve shared-frag marker during coalescing
    - net: skbuff: propagate shared-frag marker through frag-transfer helpers
  * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
    - net/rds: reset op_nents when zerocopy page pin fails
  * CVE-2026-46333
    - ptrace: slightly saner 'get_dumpable()' logic
  * CVE-2026-43500
    - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
    - rxrpc: Parse received packets before dealing with timeouts
    - rxrpc: Fix potential UAF after skb_unshare() failure
    - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
    - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
  * CVE-2026-31676 // CVE-2026-43500
    - rxrpc: only handle RESPONSE during service challenge
  * CVE-2026-43284
    - xfrm: esp: avoid in-place decrypt on shared skb frags

 -- Jacob Martin <email address hidden> Tue, 26 May 2026 10:33:02 -0500

Source diff to previous version
2154172 GRO managed-frag use-after-free leading to local privilege escalation
2151747 AppArmor Vulnerabilities
2148809 apparmor: LLVM/clang build failure due to uninitialized variable in notify.c
1786013 Packaging resync
2153962 net/rds: reset op_nents when zerocopy page pin fails
CVE-2026-47337 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47336 Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an unin ...
CVE-2026-47335 Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer d ...
CVE-2026-47334 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47333 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47332 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47331 Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire ...
CVE-2026-47330 Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47329 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to val ...
CVE-2026-47327 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47328 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47326 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory lea ...
CVE-2026-46300 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() c
CVE-2026-46333 In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fu
CVE-2026-43500 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA
CVE-2026-31676 In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE pack
CVE-2026-43284 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can atta

Version: 6.8.0-1025.25 2026-05-26 09:07:46 UTC

  linux-nvidia-tegra (6.8.0-1025.25) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1025.25 -proposed tracker (LP: #2151052)

  [ Ubuntu-realtime: 6.8.1-1051.52 ]

  * noble/linux-realtime: 6.8.1-1051.52 -proposed tracker (LP: #2151059)
  [ Ubuntu: 6.8.0-117.117 ]
  * noble/linux: 6.8.0-117.117 -proposed tracker (LP: #2151070)
  * CVE-2026-31419
    - net: bonding: fix use-after-free in bond_xmit_broadcast()
  * CVE-2026-31431
    - crypto: scatterwalk - Backport memcpy_sglist()
    - crypto: algif_aead - use memcpy_sglist() instead of null skcipher
    - crypto: algif_aead - Revert to operating out-of-place
    - crypto: algif_aead - snapshot IV for async AEAD requests
    - crypto: authenc - use memcpy_sglist() instead of null skcipher
    - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
      decryption
    - crypto: authencesn - Fix src offset when decrypting in-place
    - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
    - crypto: algif_aead - Fix minimum RX size check for decryption
  * CVE-2026-31533
    - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
  * CVE-2026-31504
    - net: fix fanout UAF in packet_release() via NETDEV_UP race

 -- Jacob Martin <email address hidden> Fri, 08 May 2026 09:28:13 -0500

Source diff to previous version
CVE-2026-31419 In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast()
CVE-2026-31431 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commi
CVE-2026-31533 In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUS
CVE-2026-31504 In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` h

Version: 6.8.0-1024.24 2026-05-21 18:07:48 UTC

  linux-nvidia-tegra (6.8.0-1024.24) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1024.24 -proposed tracker (LP: #2150031)

  [ Ubuntu-realtime: 6.8.1-1050.51 ]

  * noble/linux-realtime: 6.8.1-1050.51 -proposed tracker (LP: #2150037)
  [ Ubuntu: 6.8.0-116.116 ]
  * noble/linux: 6.8.0-116.116 -proposed tracker (LP: #2150048)
  * Linux kernel 6.17.0-22.22 breaks amdxdna (LP: #2149766)
    - Revert "iommu: disable SVA when CONFIG_X86 is set"
  * Revert "netfilter: conntrack: fix erronous removal of offload bit"
    (LP: #2149762)
    - Revert "netfilter: conntrack: fix erronous removal of offload bit"

  [ Ubuntu-realtime: 6.8.1-1049.50 ]

  * noble/linux-realtime: 6.8.1-1049.50 -proposed tracker (LP: #2147971)
  [ Ubuntu: 6.8.0-114.114 ]
  * noble/linux: 6.8.0-114.114 -proposed tracker (LP: #2148397)
  * Noble update: upstream stable patchset 2026-03-26 (LP: #2146465)
    - SAUCE: Fix skb_vlan_inet_prepare() usage
  [ Ubuntu: 6.8.0-112.112 ]
  * noble/linux: 6.8.0-112.112 -proposed tracker (LP: #2147982)
  * Canonical Kmod 2025 key rotation (LP: #2147447)
    - [Packaging] ubuntu-compatible-signing -- make Ubuntu-Compatible-Signing
      extensible
    - [Packaging] ubuntu-compatible-signing -- allow consumption of positive
      certs
    - [Packaging] ubuntu-compatible-signing -- report the livepatch:2025 key
    - [Config] prepare for Canonical Kmod key rotation
    - [Packaging] ubuntu-compatible-signing -- report the kmod:2025 key
  * Remount ext4 to readonly with data=journal mode may dump call trace
    (LP: #2147400)
    - ext4: fix stale xarray tags after writeback
  * Compile error due to nonexistent struct member with CONFIG_PCI_EPF_TEST
    (LP: #2147065)
    - SAUCE: Revert "PCI: endpoint: pci-epf-test: Limit PCIe BAR size for
      fixed BARs"
  * BUG: kernel NULL pointer dereference in amdgpu (LP: #2144577)
    - drm/amdgpu: validate the flush_gpu_tlb_pasid()
    - drm/amdgpu: Fix validating flush_gpu_tlb_pasid()
  * Noble update: upstream stable patchset 2026-04-10 (LP: #2147841)
    - x86/kfence: fix booting on 32bit non-PAE systems
    - platform/x86: intel_telemetry: Fix swapped arrays in PSS output
    - pmdomain: qcom: rpmpd: fix off-by-one error in clamping to the highest
      state
    - pmdomain: imx8mp-blk-ctrl: Keep gpc power domain on for system wakeup
    - pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset
    - pmdomain: imx8mp-blk-ctrl: Keep usb phy power domain on for system
      wakeup
    - rbd: check for EOD after exclusive lock is ensured to be held
    - ARM: 9468/1: fix memset64() on big-endian
    - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
    - binder: fix BR_FROZEN_REPLY error log
    - binderfs: fix ida_alloc_max() upper bound
    - KVM: selftests: Add -U_FORTIFY_SOURCE to avoid some unpredictable test
      failures
    - tracing: Fix ftrace event field alignments
    - net: usb: sr9700: support devices with virtual driver CD
    - block,bfq: fix aux stat accumulation destination
    - LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
    - HID: intel-ish-hid: Update ishtp bus match to support device ID table
    - HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL
    - HID: intel-ish-hid: Reset enum_devices_done before enumeration
    - HID: playstation: Center initial joystick axes to prevent spurious
      events
    - ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk
    - netfilter: replace -EEXIST with -EBUSY
    - HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list
    - HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101)
    - ring-buffer: Avoid softlockup in ring_buffer_resize() during memory free
    - wifi: mac80211: collect station statistics earlier when disconnect
    - ASoC: davinci-evm: Fix reference leak in davinci_evm_probe
    - ASoC: amd: yc: Fix microphone on ASUS M6500RE
    - ASoC: tlv320adcx140: Propagate error codes during probe
    - spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs
      initialization
    - wifi: cfg80211: Fix bitrate calculation overflow for HE rates
    - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU
    - wifi: mac80211: correctly check if CSA is active
    - wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice
    - platform/x86: intel_telemetry: Fix PSS event register mask
    - platform/x86: hp-bioscfg: Skip empty attribute names
    - net: add skb_header_pointer_careful() helper
    - net: don't touch dev->stats in BPF redirect paths
    - tipc: use kfree_sensitive() for session key material
    - net: ethernet: adi: adin1110: Check return value of
      devm_gpiod_get_optional() in adin1110_check_spi()
    - drm/mgag200: fix mgag200_bmc_stop_scanout()
    - hwmon: (occ) Mark occ_init_attribute() as __printf
    - ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF
    - gve: Correct ethtool rx_dropped calculation
    - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed
      transfer
    - spi: tegra210-quad: Move curr_xfer read inside spinlock
    - spi: tegra210-quad: Protect curr_xfer assignment in
      tegra_qspi_setup_transfer_one
    - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer
    - spi: tegra210-quad: Protect curr_xfer clearing in
      tegra_qspi_non_combined_seq_xfer
    - spi: tegra114: Preserve SPI mode bits in def_command1_reg
    - ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU.
    - PCI/ERR: Ensure error recoverability at all times
    - ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55
    - PCI: qcom: Remove ASPM L0s support for MSM8996 SoC
    - HID: logitech: add HID++ support for Logitech MX Anywhere 3S
    - ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio
    - net: phy: add phy_interface_weight()
    - net: phy: add phy_interface_copy()
    - net: sfp: pre-parse the module support
    - net: sfp: enhance qui

Source diff to previous version
2149766 Linux kernel 6.17.0-22.22 breaks amdxdna
2149762 Revert \
2146465 Noble update: upstream stable patchset 2026-03-26
2147447 Canonical Kmod 2025 key rotation
2147400 Remount ext4 to readonly with data=journal mode may dump call trace
2147065 Compile error due to nonexistent struct member with CONFIG_PCI_EPF_TEST
2144577 BUG: kernel NULL pointer dereference in amdgpu
2147841 Noble update: upstream stable patchset 2026-04-10
2147543 Noble update: upstream stable patchset 2026-04-08
2145171 [SRU] MIPI camera is not working after upgrading to 6.17-oem
2144060 ADATA SU680 causes repeated SATA resets and I/O errors on Ubuntu unless link power management is forced to max_performance
2144006 intel_idle: add Clearwater Forest SoC support
2144914 Noble kernel 6.8.0-108 does not compile when KASAN enabled
2143152 Generic noble linux throws warning from file tegra-i2c.c
2143083 [SRU] Duplicated entries in /proc/\u003cpid\u003e/mountinfo
2144058 Noble update: upstream stable patchset 2026-03-12
2144380 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23214 In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only [BUG] There is a bu
CVE-2026-23213 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, th
CVE-2025-71225 In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raid_disks via sysfs In raid1_reshape(), freez
CVE-2025-68823 In the Linux kernel, the following vulnerability has been resolved: ublk: fix deadlock when reading partition table When one process(such as udev)
CVE-2026-23191 In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop d
CVE-2026-23215 In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobbers Fedora QA reported the following panic: B
CVE-2026-23182 In the Linux kernel, the following vulnerability has been resolved: spi: tegra: Fix a memory leak in tegra_slink_probe() In tegra_slink_probe(), wh
CVE-2026-23190 In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops
CVE-2026-23254 In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all
CVE-2026-23180 In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for if_id in IRQ handler The IRQ handler extract
CVE-2026-23256 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_
CVE-2026-23257 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_
CVE-2026-23258 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_device
CVE-2026-23206 In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZERO_SIZE_PTR dereference when num_ifs is zero The driver
CVE-2026-23204 In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does
CVE-2026-23205 In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2_open_file() Reproducer: 1. server: direc
CVE-2026-23176 In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_haps: Fix memory leaks in add/remove routines toshiba_hap
CVE-2026-23216 In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() In isc
CVE-2026-23193 In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In
CVE-2026-23260 In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() all
CVE-2026-23179 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() When the socket is close
CVE-2026-23261 In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvme_fabrics creates an NVMe/FC con
CVE-2026-23178 In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xf
CVE-2025-71268 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If
CVE-2025-71270 In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows th
CVE-2025-71220 In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe()
CVE-2025-71222 In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: ensure skb headroom before skb_push This avoids occasional skb_un
CVE-2025-71224 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_
CVE-2026-23262 In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruption on queue count change The driver and the NIC s
CVE-2025-38201 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Otherwise,
CVE-2026-23198 In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a
CVE-2026-23264 In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts com
CVE-2026-23187 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains Fix out-of-ran
CVE-2026-23148 In the Linux kernel, the following vulnerability has been resolved: nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference There i
CVE-2026-23166 In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer c
CVE-2026-23151 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp
CVE-2026-23163 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On
CVE-2026-23159 In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fix perf crash with new is_user_task() helper In order to do a use
CVE-2024-58096 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode ath11k_hal_s
CVE-2025-40039 In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix race condition in RPC handle list access The 'sess->rpc_handle_list'
CVE-2026-23093 In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dma_unmap_sg() nents The dma_unmap_sg() functions should be ca
CVE-2026-23102 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Res
CVE-2026-23170 In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the
CVE-2026-23168 In the Linux kernel, the following vulnerability has been resolved: flex_proportions: make fprop_new_period() hardirq safe Bernd has reported a loc
CVE-2026-23156 In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always
CVE-2026-23167 In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported
CVE-2026-23173 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering f
CVE-2026-23150 In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various mem
CVE-2026-23164 In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rocker_world_port_post_fini() In rocker_world_port_p
CVE-2026-23172 In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving da
CVE-2026-23212 In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races around slave->last_rx slave->last_rx and slave->ta
CVE-2026-23160 In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix memory leak in octep_device_setup() In octep_device_setup(), if
CVE-2026-23146 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_pro
CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved: af_unix: Give up GC if MSG_PEEK intervened. Igor Ushakov reported that GC purge
CVE-2025-38591 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, si
CVE-2026-23035 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an
CVE-2026-22996 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an un
CVE-2026-23000 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_pro
CVE-2026-23053 In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadl
CVE-2026-23050 In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open() Ben Coddington r
CVE-2026-23005 In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading
CVE-2024-58097 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix RCU stall while reaping monitor destination ring While proces
CVE-2025-68365 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninit
CVE-2025-37926 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_session_rpc_open A UAF issue can occur due t
CVE-2026-23030 In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The
CVE-2026-23025 In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has repo
CVE-2025-71186 In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop
CVE-2026-23078 In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2_usb_get_
CVE-2026-23142 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failur
CVE-2026-23075 In the Linux kernel, the following vulnerability has been resolved: can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak Fix similar mem
CVE-2025-68725 In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. re
CVE-2026-23097 In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadl
CVE-2026-23108 In the Linux kernel, the following vulnerability has been resolved: can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak Fix similar m
CVE-2026-23080 In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak Fix similar m
CVE-2026-23061 In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak Fix simil
CVE-2026-23058 In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar mem
CVE-2026-23085 In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with C
CVE-2026-23116 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX
CVE-2026-23098 In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is imm
CVE-2026-23063 In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_qu
CVE-2026-23056 In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uacce_vm_ops to return -EPERM The current uacce_vm_o
CVE-2026-23094 In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation fe
CVE-2026-23096 In the Linux kernel, the following vulnerability has been resolved: uacce: fix cdev handling in the cleanup path When cdev_device_add fails, it int
CVE-2026-23091 In the Linux kernel, the following vulnerability has been resolved: intel_th: fix device leak on output open() Make sure to drop the reference take
CVE-2026-23088 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field usage When creating a syntheti
CVE-2026-23090 In the Linux kernel, the following vulnerability has been resolved: slimbus: core: fix device reference leak on report present Slimbus devices can
CVE-2026-23128 In the Linux kernel, the following vulnerability has been resolved: arm64: Set __nocfi on swsusp_arch_resume() A DABT is reported[1] on an android
CVE-2026-23107 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to resto
CVE-2026-23073 In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct
CVE-2026-23135 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a
CVE-2026-23133 In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a
CVE-2025-71200 In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When
CVE-2026-23089 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When snd_usb_create
CVE-2026-23076 In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixe
CVE-2025-71199 In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver
CVE-2026-23101 In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it is fully ready Before this c
CVE-2026-23064 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: avoid possible NULL deref tcf_ife_encode() must make sure i
CVE-2026-23086 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives
CVE-2026-23069 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The cred
CVE-2026-23119 In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to __skb_flow_dissect() After 3cbf4ffba5ee ("net
CVE-2026-23084 In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the param
CVE-2026-23124 In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndisc_router_discovery() syzbot found that ndisc_ro
CVE-2026-23121 In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev->work dev->work can re read locklessly in
CVE-2026-23126 In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue related to the operation on bpf_bound_progs list Th
CVE-2026-23059 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy
CVE-2026-23110 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each o
CVE-2026-23071 In the Linux kernel, the following vulnerability has been resolved: regmap: Fix race condition in hwspinlock irqsave routine Previously, the addres
CVE-2026-23068 In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently use
CVE-2026-23123 In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize src_node and dst_node to empty strings The de
CVE-2025-71198 In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The
CVE-2026-23113 In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is che
CVE-2026-23062 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INS
CVE-2026-23131 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp
CVE-2026-23087 In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allo
CVE-2025-71197 In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer pass
CVE-2026-23105 In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_
CVE-2026-23103 In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not pe
CVE-2026-23120 In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tp_tunnel_del_work() We should read sk->sk_socke
CVE-2026-23083 In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem me
CVE-2026-23095 In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak belo
CVE-2026-23125 In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT A null-ptr-deref
CVE-2026-23099 In the Linux kernel, the following vulnerability has been resolved: bonding: limit BOND_MODE_8023AD to Ethernet devices BOND_MODE_8023AD makes sens
CVE-2025-71194 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type Whe
CVE-2025-71185 In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make su
CVE-2026-23026 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory l
CVE-2025-71188 In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to dro
CVE-2025-71163 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop t
CVE-2025-71189 In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure t
CVE-2025-71190 In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the referen
CVE-2025-71191 In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the re
CVE-2026-23049 In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The co
CVE-2026-23144 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a conte
CVE-2026-23145 In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4
CVE-2026-22997 In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon rece
CVE-2026-23031 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open
CVE-2026-23032 In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CON
CVE-2026-23033 In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool cre
CVE-2025-71196 In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an
CVE-2025-71193 In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime
CVE-2025-71162 In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Te
CVE-2025-71195 In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assi
CVE-2026-23006 In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv"
CVE-2026-22999 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_
CVE-2026-23010 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of
CVE-2026-23054 In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RS
CVE-2026-23011 In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gr
CVE-2026-23001 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (st
CVE-2026-23003 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did no
CVE-2026-23141 In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before acces
CVE-2026-22998 In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa
CVE-2026-23037 In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx
CVE-2026-23038 In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_all
CVE-2025-71184 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting a
CVE-2025-71182 In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939_session_activate() fail if device is no longer registered
CVE-2025-71160 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: avoid chain re-validation if possible Hamza Mahfooz repor
CVE-2026-22994 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference count leak in bpf_prog_test_run_xdp() syzbot is reporting
CVE-2026-23140 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_fr
CVE-2025-71192 In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_ada
CVE-2026-23021 In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in update_eth_regs_async() When asynchronous
CVE-2026-22976 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_r
CVE-2026-22979 In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list(
CVE-2026-22977 In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv_errqueue skbuff_fclone_cach
CVE-2026-22982 In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67
CVE-2026-23019 In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink
CVE-2026-23139 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Current
CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_
CVE-2025-68803 In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL
CVE-2026-23047 In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_tar
CVE-2026-23136 In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connec
CVE-2026-22992 In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any err
CVE-2026-22991 In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose
CVE-2026-22990 In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap
CVE-2026-22984 In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an
CVE-2026-22978 In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit ho
CVE-2025-71180 In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQF_NO_THREAD flag An IRQ handler can either be I
CVE-2025-71183 In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename ex
CVE-2026-23020 In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be
CVE-2026-22980 In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4_end_grace Writing to v4_end_grace can race with se
CVE-2024-50004 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DC
CVE-2026-23274 In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revi
CVE-2026-23351 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian r
CVE-2026-23231 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addc
CVE-2026-23209 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23112 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i

Version: 6.8.0-1023.23 2026-05-11 08:07:33 UTC

  linux-nvidia-tegra (6.8.0-1023.23) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1023.23 -proposed tracker (LP: #2147873)

  [ Ubuntu-realtime: 6.8.1-1048.49 ]

  * noble/linux-realtime: 6.8.1-1048.49 -proposed tracker (LP: #2147879)
  [ Ubuntu: 6.8.0-111.111 ]
  * noble/linux: 6.8.0-111.111 -proposed tracker (LP: #2147890)
  * CVE-2026-23231
    - netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
  * macvlan: observe an RCU grace period in macvlan_common_newlink() error
    path (LP: #2144380) // CVE-2026-23209
    - macvlan: observe an RCU grace period in macvlan_common_newlink() error
      path
  * CVE-2026-23112
    - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec

 -- Noah Wager <email address hidden> Tue, 28 Apr 2026 12:30:00 -0700

2144380 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23231 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addc
CVE-2026-23209 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23112 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i



About   -   Send Feedback to @ubuntu_updates