Format: 1.8 Date: Mon, 20 Nov 2023 13:01:10 -0700 Source: linux-azure Built-For-Profiles: noudeb Architecture: source Version: 6.2.0-1018.18 Distribution: lunar Urgency: medium Maintainer: Ubuntu Kernel Team Changed-By: Tim Gardner Launchpad-Bugs-Fixed: 1786013 2033406 2036600 2038236 2038675 2038969 2039110 2039191 2039439 2039542 2039575 2039742 2039884 2040157 2040300 2041542 2041557 2041884 2041899 2042096 2042546 2043197 2043451 Changes: linux-azure (6.2.0-1018.18) lunar; urgency=medium . * lunar/linux-azure: 6.2.0-1018.18 -proposed tracker (LP: #2041542) . * Packaging resync (LP: #1786013) - [Packaging] resync git-ubuntu-log - [Packaging] resync update-dkms-versions helper . * Azure: Improve SQL DB latency (LP: #2040300) - tcp: Set pingpong threshold via sysctl . * mana: Fix some TX processing bugs (CQE Errors , TS0 Bytes, SGe0 GS0 Packet) (LP: #2038675) - net: mana: Fix TX CQE error handling - net: mana: Fix the tso_bytes calculation - net: mana: Fix oversized sge0 for GSO packets . * Azure: Update TDX with HCL support (LP: #2042096) - SAUCE: x86/mm: Print the encryption features correctly when a paravisor is present - SAUCE: Refresh the TDX support and support DDA for a TDX VM with paravisor . [ Ubuntu: 6.2.0-39.40 ] . * lunar/linux: 6.2.0-39.40 -proposed tracker (LP: #2043451) * USB bus error after upgrading to proposed kernel on lunar and jammy (LP: #2043197) - USB: core: Fix oversight in SuperSpeed initialization * Include cifs.ko in linux-modules package (LP: #2042546) - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list . [ Ubuntu: 6.2.0-38.39 ] . * lunar/linux: 6.2.0-38.39 -proposed tracker (LP: #2041557) * CVE-2023-25775 - RDMA/irdma: Prevent zero-length STAG registration * CVE-2023-5345 - fs/smb/client: Reset password pointer to NULL * CVE-2023-39189 - netfilter: nfnetlink_osf: avoid OOB read * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes (LP: #2039575) - net/smc: Fix pos miscalculation in statistics * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module (LP: #2033406) - [Packaging] Make WWAN driver loadable modules * CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-39193 - netfilter: xt_sctp: validate the flag_info count * CVE-2023-39192 - netfilter: xt_u32: validate user space input * CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-5717 - perf: Disallow mis-matched inherited group reads * CVE-2023-5178 - nvmet-tcp: Fix a possible UAF in queue intialization setup * CVE-2023-5158 - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer() * CVE-2023-5090 - x86: KVM: SVM: always update the x2avic msr interception * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439) - [Packaging] Make linux-tools-common depend on hwdata * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157) - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to probe * Lunar update: upstream stable patchset 2023-10-19 (LP: #2039884) - ACPI: thermal: Drop nocrt parameter - module: Expose module_init_layout_section() - arm64: module-plts: inline linux/moduleloader.h - arm64: module: Use module_init_layout_section() to spot init sections - ARM: module: Use module_init_layout_section() to spot init sections - lockdep: fix static memory detection even more - parisc: Cleanup mmap implementation regarding color alignment - parisc: sys_parisc: parisc_personality() is called from asm code - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc - kallsyms: Fix kallsyms_selftest failure - module/decompress: use vmalloc() for zstd decompression workspace - Upstream stable to v6.1.51, v6.4.14 - erofs: ensure that the post-EOF tails are all zeroed - ksmbd: fix wrong DataOffset validation of create context - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() - ksmbd: replace one-element array with flex-array member in struct smb2_ea_info - ksmbd: reduce descriptor size if remaining bytes is less than request size - ARM: pxa: remove use of symbol_get() - mmc: au1xmmc: force non-modular build and remove symbol_get usage - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules - USB: serial: option: add Quectel EM05G variant (0x030e) - USB: serial: option: add FOXCONN T99W368/T99W373 product - ALSA: usb-audio: Fix init call orders for UAC1 - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0 - HID: wacom: remove the battery when the EKR is off - staging: rtl8712: fix race condition - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition - wifi: mt76: mt7921: do not support one stream on secondary antenna only - wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU - serial: qcom-geni: fix opp vote on shutdown - serial: sc16is7xx: fix broken port 0 uart init - serial: sc16is7xx: fix bug when first setting GPIO direction - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe - fsi: master-ast-cf: Add MODULE_FIRMWARE macro - tcpm: Avoid soft reset when partner does not support get_status - dt-bindings: sc16is7xx: Add property to change GPIO function - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers() - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse - usb: typec: tcpci: clear the fault status bit - pinctrl: amd: Don't show `Invalid config param` errors - wifi: rtw88: usb: kill and free rx urbs on probe failure - Upstream stable to v6.1.52, v6.4.15 * Lunar update: upstream stable patchset 2023-10-18 (LP: #2039742) - NFSv4.2: fix error handling in nfs42_proc_getxattr - NFSv4: fix out path in __nfs4_get_acl_uncached - xprtrdma: Remap Receive buffers after a reconnect - drm/ast: Use drm_aperture_remove_conflicting_pci_framebuffers - fbdev/radeon: use pci aperture helpers - PCI: acpiphp: Reassign resources on bridge if necessary - MIPS: cpu-features: Enable octeon_cache by cpu_type - MIPS: cpu-features: Use boot_cpu_type for CPU type based features - jbd2: remove t_checkpoint_io_list - jbd2: remove journal_clean_one_cp_list() - jbd2: fix a race when checking checkpoint buffer busy - can: raw: fix receiver memory leak - can: raw: fix lockdep issue in raw_release() - s390/zcrypt: remove unnecessary (void *) conversions - s390/zcrypt: fix reply buffer calculations for CCA replies - drm/i915: Add the gen12_needs_ccs_aux_inv helper - drm/i915/gt: Ensure memory quiesced before invalidation - drm/i915/gt: Poll aux invalidation register bit on invalidation - drm/i915/gt: Support aux invalidation on all engines - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed - tracing: Fix memleak due to race between current_tracer and trace - octeontx2-af: SDP: fix receive link config - devlink: move code to a dedicated directory - devlink: add missing unregister linecard notification - net: dsa: felix: fix oversize frame dropping for always closed tc-taprio gates - sock: annotate data-races around prot->memory_pressure - dccp: annotate data-races in dccp_poll() - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() - mlxsw: pci: Set time stamp fields also when its type is MIRROR_UTC - mlxsw: reg: Fix SSPR register layout - mlxsw: Fix the size of 'VIRT_ROUTER_MSB' - selftests: mlxsw: Fix test failure on Spectrum-4 - net: dsa: mt7530: fix handling of 802.1X PAE frames - net: bgmac: Fix return value check for fixed_phy_register() - net: bcmgenet: Fix return value check for fixed_phy_register() - net: validate veth and vxcan peer ifindexes - ipv4: fix data-races around inet->inet_id - ice: fix receive buffer size miscalculation - Revert "ice: Fix ice VF reset during iavf initialization" - ice: Fix NULL pointer deref during VF reset - selftests: bonding: do not set port down before adding to bond - can: isotp: fix support for transmission of SF without flow control - igb: Avoid starting unnecessary workqueues - igc: Fix the typo in the PTM Control macro - net/sched: fix a qdisc modification with ambiguous command request - i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() - netfilter: nf_tables: flush pending destroy work before netlink notifier - netfilter: nf_tables: fix out of memory error handling - rtnetlink: Reject negative ifindexes in RTM_NEWLINK - bonding: fix macvlan over alb bond support - KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs - ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x - ASoC: cs35l41: Correct amp_gain_tlv values - ibmveth: Use dcbf rather than dcbfl - wifi: mac80211: limit reorder_buf_filtered to avoid UBSAN warning - platform/x86: ideapad-laptop: Add support for new hotkeys found on ThinkBook 14s Yoga ITL - NFSv4: Fix dropped lock for racing OPEN and delegation return - clk: Fix slab-out-of-bounds error in devm_clk_release() - mm,ima,kexec,of: use memblock_free_late from ima_free_kexec_buffer - shmem: fix smaps BUG sleeping while atomic - ALSA: ymfpci: Fix the missing snd_card_free() call at probe error - mm/gup: handle cont-PTE hugetlb pages correctly in gup_must_unshare() via GUP-fast - mm: add a call to flush_cache_vmap() in vmap_pfn() - mm: memory-failure: fix unexpected return value in soft_offline_page() - NFS: Fix a use after free in nfs_direct_join_group() - nfsd: Fix race to FREE_STATEID and cl_revoked - selinux: set next pointer before attaching to list - batman-adv: Trigger events for auto adjusted MTU - batman-adv: Don't increase MTU when set by user - batman-adv: Do not get eth header before batadv_check_management_packet - batman-adv: Fix TT global entry leak when client roamed back - batman-adv: Fix batadv_v_ogm_aggr_send memory leak - batman-adv: Hold rtnl lock during MTU update via netlink - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels - riscv: Handle zicsr/zifencei issue between gcc and binutils - riscv: Fix build errors using binutils2.37 toolchains - radix tree: remove unused variable - of: unittest: Fix EXPECT for parse_phandle_with_args_map() test - of: dynamic: Refactor action prints to not use "%pOF" inside devtree_lock - pinctrl: amd: Mask wake bits on probe again - media: vcodec: Fix potential array out-of-bounds in encoder queue_setup - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus - drm/vmwgfx: Fix shader stage validation - drm/display/dp: Fix the DP DSC Receiver cap size - x86/fpu: Invalidate FPU state correctly on exec() - hwmon: (aquacomputer_d5next) Add selective 200ms delay after sending ctrl report - nfs: use vfs setgid helper - nfsd: use vfs setgid helper - cgroup/cpuset: Rename functions dealing with DEADLINE accounting - sched/cpuset: Bring back cpuset_mutex - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets - cgroup/cpuset: Iterate only if DEADLINE tasks are present - sched/deadline: Create DL BW alloc, free & check overflow interface - cgroup/cpuset: Free DL BW in case can_attach() fails - ublk: remove check IO_URING_F_SQE128 in ublk_ch_uring_cmd - can: raw: add missing refcount for memory leak fix - madvise:madvise_free_pte_range(): don't use mapcount() against large folio for sharing check - scsi: snic: Fix double free in snic_tgt_create() - scsi: core: raid_class: Remove raid_component_add() - clk: Fix undefined reference to `clk_rate_exclusive_{get,put}' - pinctrl: renesas: rzg2l: Fix NULL pointer dereference in rzg2l_dt_subnode_to_map() - pinctrl: renesas: rzv2m: Fix NULL pointer dereference in rzv2m_dt_subnode_to_map() - pinctrl: renesas: rza2: Add lock around pinctrl_generic{{add,remove}_group,{add,remove}_function} - dma-buf/sw_sync: Avoid recursive lock during fence signal - gpio: sim: dispose of irq mappings before destroying the irq_sim domain - gpio: sim: pass the GPIO device's software node to irq domain - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ - maple_tree: disable mas_wr_append() when other readers are possible - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG - tg3: Use slab_build_skb() when needed - Upstream stable to v6.1.50, v6.4.13 * CVE-2023-42754 - ipv4: fix null-deref in ipv4_link_failure * Remove duplication of devm_pwmchip_add function definition (LP: #2039542) - Revert "pwm: Add a stub for devm_pwmchip_add()" * Lunar update: upstream stable patchset 2023-10-11 (LP: #2039110) - selftests: forwarding: tc_actions: cleanup temporary files when test is aborted - net/smc: replace mutex rmbs_lock and sndbufs_lock with rw_semaphore - net: phy: at803x: Use devm_regulator_get_enable_optional() - net: phy: at803x: fix the wol setting functions - drm/amdgpu: fix calltrace warning in amddrm_buddy_fini - drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 - drm/amdgpu: fix memory leak in mes self test - ASoC: Intel: sof_sdw: add quirk for MTL RVP - ASoC: Intel: sof_sdw: add quirk for LNL RVP - PCI: tegra194: Fix possible array out of bounds access - ASoC: SOF: amd: Add pci revision id check - drm/stm: ltdc: fix late dereference check - drm: rcar-du: remove R-Car H3 ES1.* workarounds - ASoC: amd: vangogh: Add check for acp config flags in vangogh platform - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings - ASoC: Intel: sof_sdw_rt_sdca_jack_common: test SOF_JACK_JDSRC in _exit - ASoC: Intel: sof_sdw: Add support for Rex soundwire - iopoll: Call cpu_relax() in busy loops - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap - accel/habanalabs: add pci health check during heartbeat - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL Keyboard - iommu/amd: Introduce Disable IRTE Caching Support - drm/amdgpu: install stub fence into potential unused fence pointers - drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz - RDMA/mlx5: Return the firmware result upon destroying QP/RQ - drm/amd/display: Skip DPP DTO update if root clock is gated - drm/amd/display: Enable dcn314 DPP RCO - ASoC: SOF: core: Free the firmware trace before calling snd_sof_shutdown() - HID: intel-ish-hid: ipc: Add Arrow Lake PCI device ID - ALSA: hda/realtek: Add quirks for ROG ALLY CS35l41 audio - smb: client: fix warning in cifs_smb3_do_mount() - cifs: fix session state check in reconnect to avoid use-after-free issue - serial: stm32: Ignore return value of uart_remove_one_port() in .remove() - led: qcom-lpg: Fix resource leaks in for_each_available_child_of_node() loops - media: v4l2-mem2mem: add lock to protect parameter num_rdy - media: camss: set VFE bpl_alignment to 16 for sdm845 and sm8250 - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push - usb: gadget: uvc: queue empty isoc requests if no video buffer is available - media: platform: mediatek: vpu: fix NULL ptr dereference - thunderbolt: Read retimer NVM authentication status prior tb_retimer_set_inbound_sbtx() - usb: chipidea: imx: don't request QoS for imx8ulp - usb: chipidea: imx: add missing USB PHY DPDM wakeup setting - gfs2: Fix possible data races in gfs2_show_options() - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() - thunderbolt: Add Intel Barlow Ridge PCI ID - thunderbolt: Limit Intel Barlow Ridge USB3 bandwidth - firewire: net: fix use after free in fwnet_finish_incoming_packet() - watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub) - Bluetooth: L2CAP: Fix use-after-free - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally - ceph: try to dump the msgs when decoding fails - drm/amdgpu: Fix potential fence use-after-free v2 - fs/ntfs3: Enhance sanity check while generating attr_list - fs: ntfs3: Fix possible null-pointer dereferences in mi_read() - fs/ntfs3: Mark ntfs dirty when on-disk struct is corrupted - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 - ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() - ALSA: hda/realtek: Add quirk for ASUS ROG GX650P - ALSA: hda/realtek: Add quirk for ASUS ROG GA402X - ALSA: hda/realtek: Add quirk for ASUS ROG GZ301V - powerpc/kasan: Disable KCOV in KASAN code - Bluetooth: MGMT: Use correct address for memcpy() - ring-buffer: Do not swap cpu_buffer during resize process - igc: read before write to SRRCTL register - drm/amd/display: save restore hdcp state when display is unplugged from mst hub - drm/amd/display: phase3 mst hdcp for multiple displays - drm/amd/display: fix access hdcp_workqueue assert - fbdev/hyperv-fb: Do not set struct fb_info.apertures - btrfs: move out now unused BG from the reclaim list - btrfs: fix use-after-free of new block group that became unused - virtio-mmio: don't break lifecycle of vm_dev - vduse: Use proper spinlock for IRQ injection - vdpa/mlx5: Fix mr->initialized semantics - vdpa/mlx5: Delete control vq iotlb in destroy_mr only when necessary - cifs: fix potential oops in cifs_oplock_break - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue - i2c: hisi: Only handle the interrupt of the driver's transfer - i2c: tegra: Fix i2c-tegra DMA config option processing - fbdev: mmp: fix value check in mmphw_probe() - powerpc/rtas_flash: allow user copy to flash block cache objects - vdpa: Add features attr to vdpa_nl_policy for nlattr length check - vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check - vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check - vdpa: Enable strict validation for netlinks ops - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms - btrfs: fix incorrect splitting in btrfs_drop_extent_map_range - btrfs: fix BUG_ON condition in btrfs_cancel_balance - i2c: designware: Correct length byte validation logic - i2c: designware: Handle invalid SMBus block data response length value - net: xfrm: Fix xfrm_address_filter OOB read - net: af_key: fix sadb_x_filter validation - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure - xfrm: fix slab-use-after-free in decode_session6 - ip6_vti: fix slab-use-after-free in decode_session6 - ip_vti: fix potential slab-use-after-free in decode_session6 - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH - virtio_net: notify MAC address change on device initialization - virtio-net: set queues after driver_ok - net: pcs: Add missing put_device call in miic_create - net: phy: fix IRQ-based wake-on-lan over hibernate / power off - selftests: mirror_gre_changes: Tighten up the TTL test match - drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs - net: macb: In ZynqMP resume always configure PS GTR for non-wakeup source - octeon_ep: cancel tx_timeout_task later in remove sequence - netfilter: nf_tables: fix false-positive lockdep splat - ipvs: fix racy memcpy in proc_do_sync_threshold - net: phy: broadcom: stub c45 read/write for 54810 - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves - net: openvswitch: reject negative ifindex - iavf: fix FDIR rule fields masks validation - i40e: fix misleading debug logs - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset - sfc: don't unregister flow_indr if it was never registered - sock: Fix misuse of sk_under_memory_pressure() - net: do not allow gso_size to be set to GSO_BY_FRAGS - qede: fix firmware halt over suspend and resume - ice: Block switchdev mode when ADQ is active and vice versa - bus: ti-sysc: Flush posted write on enable before reset - arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK 4C+ - ARM: dts: imx: align LED node names with dtschema - ARM: dts: imx6: phytec: fix RTC interrupt level - arm64: dts: imx8mm: Drop CSI1 PHY reference clock configuration - ARM: dts: imx: Set default tuning step for imx6sx usdhc - arm64: dts: imx93: Fix anatop node size - ASoC: rt5665: add missed regulator_bulk_disable - ASoC: meson: axg-tdm-formatter: fix channel slot allocation - ALSA: hda/realtek: Add quirks for HP G11 Laptops - soc: aspeed: uart-routing: Use __sysfs_match_string - soc: aspeed: socinfo: Add kfree for kstrdup - ALSA: hda/realtek - Remodified 3k pull low procedure - riscv: uaccess: Return the number of bytes effectively not copied - serial: 8250: Fix oops for port->pm on uart_change_pm() - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. - cifs: Release folio lock on fscache read hit. - virtio-net: Zero max_tx_vq field for VIRTIO_NET_CTRL_MQ_HASH_CONFIG case - arm64: dts: rockchip: Fix Wifi/Bluetooth on ROCK Pi 4 boards - blk-crypto: dynamically allocate fallback profile - mmc: wbsd: fix double mmc_free_host() in wbsd_init() - mmc: block: Fix in_flight[issue_type] value error - drm/qxl: fix UAF on handle creation - drm/i915/sdvo: fix panel_type initialization - drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG - drm/amd/display: disable RCO for DCN314 - zsmalloc: allow only one active pool compaction context - sched/fair: unlink misfit task from cpu overutilized - sched/fair: Remove capacity inversion detection - drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV register - netfilter: set default timeout to 3 secs for sctp shutdown send and recv state - arm64/ptrace: Ensure that SME is set up for target when writing SSVE state - drm/amdgpu: keep irq count in amdgpu_irq_disable_all - drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create - net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled - mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove - rust: macros: vtable: fix `HAS_*` redefinition (`gen_const_name`) - media: mtk-jpeg: Set platform driver data earlier - xfrm: delete offloaded policy - xfrm: don't skip free of empty state in acquire policy - ARM: dts: imx: Set default tuning step for imx7d usdhc - smb: client: fix null auth - mmc: sunplus: fix return value check of mmc_add_host() - Upstream stable to v6.1.47, v6.4.12 * Lunar update: upstream stable patchset 2023-10-10 (LP: #2038969) - tpm: Disable RNG for all AMD fTPMs - tpm: Add a helper for checking hwrng enabled - ksmbd: validate command request size - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() - wifi: rtw89: fix 8852AE disconnection caused by RX full flags - selftests: forwarding: Set default IPv6 traceroute utility - wireguard: allowedips: expand maximum node depth - mmc: moxart: read scr register without changing byte order - ipv6: adjust ndisc_is_useropt() to also return true for PIO - selftests: mptcp: join: fix 'delete and re-add' test - selftests: mptcp: join: fix 'implicit EP' test - mptcp: avoid bogus reset on fallback close - mptcp: fix disconnect vs accept race - dmaengine: pl330: Return DMA_PAUSED when transaction is paused - net: mana: Fix MANA VF unload when hardware is unresponsive - riscv/kexec: load initrd high in available memory - riscv,mmio: Fix readX()-to-delay() ordering - riscv/kexec: handle R_RISCV_CALL_PLT relocation type - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G - drm/nouveau/gr: enable memory loads on helper invocation on all channels - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap() - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() - drm/amd/display: check attr flag before set cursor degamma on DCN3+ - drm/amd/display: limit DPIA link rate to HBR3 - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100 - radix tree test suite: fix incorrect allocation size for pthreads - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings - drm/amd/pm: expose swctf threshold setting for legacy powerplay - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock settings - drm/amd/pm: avoid unintentional shutdown due to temperature momentary fluctuation - io_uring: correct check for O_TMPFILE - iio: cros_ec: Fix the allocation size for cros_ec_command - iio: frequency: admv1013: propagate errors from regulator_get_voltage() - iio: adc: ad7192: Fix ac excitation feature - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match - binder: fix memory leak in binder_init() - misc: rtsx: judge ASPM Mode to set PETXCFG Reg - usb-storage: alauda: Fix uninit-value in alauda_check_media() - usb: dwc3: Properly handle processing of pending events - USB: Gadget: core: Help prevent panic during UVC unconfigure - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none - usb: typec: tcpm: Fix response to vsafe0V event - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines - x86/sev: Do not try to parse for the CC blob on non-AMD hardware - x86/speculation: Add cpu_show_gds() prototype - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes - iio: core: Prevent invalid memory access when there is no parent - interconnect: qcom: Add support for mask-based BCMs - interconnect: qcom: sm8450: add enable_mask for bcm nodes - selftests/rseq: Fix build with undefined __weak - selftests: forwarding: Add a helper to skip test when using veth pairs - selftests: forwarding: ethtool: Skip when using veth pairs - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs - selftests: forwarding: hw_stats_l3_gre: Skip when using veth pairs - selftests: forwarding: Skip test when no interfaces are specified - selftests: forwarding: Switch off timeout - selftests: forwarding: tc_flower: Relax success criterion - net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail() - bpf, sockmap: Fix map type error in sock_map_del_link - bpf, sockmap: Fix bug that strp_done cannot be called - mISDN: Update parameter type of dsp_cmx_send() - macsec: use DEV_STATS_INC() - mptcp: fix the incorrect judgment for msk->cb_flags - net/packet: annotate data-races around tp->status - tcp: add missing family to tcp_set_ca_state() tracepoint - tunnels: fix kasan splat when generating ipv4 pmtu error - xsk: fix refcount underflow in error path - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves - dccp: fix data-race around dp->dccps_mss_cache - drivers: net: prevent tun_build_skb() to exceed the packet size limit - drivers: vxlan: vnifilter: free percpu vni stats on error path - iavf: fix potential races for FDIR filters - IB/hfi1: Fix possible panic during hotplug remove - drm/rockchip: Don't spam logs in atomic check - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN - RDMA/umem: Set iova in ODP flow - net: tls: avoid discarding data on record close - net: marvell: prestera: fix handling IPv4 routes with nhid - net: phy: at803x: remove set/get wol callbacks for AR8032 - net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove - net: hns3: refactor hclge_mac_link_status_wait for interface reuse - net: hns3: add wait until mac link down - net: hns3: fix deadlock issue when externel_lb and reset are executed together - nexthop: Fix infinite nexthop dump when using maximum nexthop ID - nexthop: Make nexthop bucket dump more efficient - nexthop: Fix infinite nexthop bucket dump when using maximum nexthop ID - net: hns3: fix strscpy causing content truncation issue - dmaengine: mcf-edma: Fix a potential un-allocated memory access - dmaengine: owl-dma: Modify mismatched function name - net/mlx5: Allow 0 for total host VFs - net/mlx5: LAG, Check correct bucket when modifying LAG - net/mlx5: Skip clock update work when device is in error state - net/mlx5: Reload auxiliary devices in pci error handlers - ibmvnic: Enforce stronger sanity checks on login response - ibmvnic: Unmap DMA login rsp buffer on send login fail - ibmvnic: Handle DMA unmapping of login buffs in release functions - ibmvnic: Do partial reset on login failure - ibmvnic: Ensure login failure recovery is safe from other resets - gpio: ws16c48: Fix off-by-one error in WS16C48 resource region extent - gpio: sim: mark the GPIO chip as a one that can sleep - btrfs: wait for actual caching progress during allocation - btrfs: don't stop integrity writeback too early - btrfs: properly clear end of the unreserved range in cow_file_range - btrfs: exit gracefully if reloc roots don't match - btrfs: reject invalid reloc tree root keys with stack dump - btrfs: set cache_block_group_error if we find an error - nvme-tcp: fix potential unbalanced freeze & unfreeze - nvme-rdma: fix potential unbalanced freeze & unfreeze - netfilter: nf_tables: report use refcount overflow - scsi: core: Fix legacy /proc parsing buffer overflow - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts - scsi: ufs: renesas: Fix private allocation - scsi: 53c700: Check that command slot is not NULL - scsi: snic: Fix possible memory leak if device_add() fails - scsi: core: Fix possible memory leak if device_add() fails - scsi: fnic: Replace return codes in fnic_clean_pending_aborts() - scsi: qedi: Fix firmware halt over suspend and resume - scsi: qedf: Fix firmware halt over suspend and resume - platform/x86: serial-multi-instantiate: Auto detect IRQ resource for CSC3551 - ACPI: scan: Create platform device for CS35L56 - alpha: remove __init annotation from exported page_is_ram() - drm/amd/pm/smu7: move variables to where they are used - mmc: sdhci-f-sdh30: Replace with sdhci_pltfm - cpuidle: psci: Move enabling OSI mode after power domains creation - zsmalloc: fix races between modifications of fullness and isolated - hugetlb: do not clear hugetlb dtor until allocating vmemmap - mm: memory-failure: fix potential unexpected return value from unpoison_memory() - mm: memory-failure: avoid false hwpoison page mapped error info - x86/linkage: Fix typo of BUILD_VDSO in asm/linkage.h - selftests: forwarding: bridge_mdb: Check iproute2 version - selftests: forwarding: tc_actions: Use ncat instead of nc - selftests: forwarding: bridge_mdb: Make test more robust - drm/bridge: it6505: Check power state with it6505->powered in IRQ handler - drm/nouveau: remove unused tu102_gr_load() function - Upstream stable to v6.1.46, v6.4.11 * Lunar update: upstream stable patchset 2023-10-02 (LP: #2038236) - Upstream stable to v6.1.44, v6.4.9 - net/mlx5: Free irqs only on shutdown callback - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531 - iommu/arm-smmu-v3: Add explicit feature for nesting - iommu/arm-smmu-v3: Document nesting-related errata - arm64: dts: imx8mm-venice-gw7903: disable disp_blk_ctrl - arm64: dts: imx8mm-venice-gw7904: disable disp_blk_ctrl - arm64: dts: phycore-imx8mm: Label typo-fix of VPU - arm64: dts: phycore-imx8mm: Correction in gpio-line-names - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux - arm64: dts: freescale: Fix VPU G2 clock - firmware: smccc: Fix use of uninitialised results structure - lib/bitmap: workaround const_eval test build failure - firmware: arm_scmi: Fix chan_free cleanup on SMC - word-at-a-time: use the same return type for has_zero regardless of endianness - KVM: s390: fix sthyi error handling - erofs: fix wrong primary bvec selection on deduplicated extents - wifi: cfg80211: Fix return value in scan logic - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length - net: dsa: fix value check in bcm_sf2_sw_probe() - perf test uprobe_from_different_cu: Skip if there is no gcc - net: sched: cls_u32: Fix match key mis-addressing - mISDN: hfcpci: Fix potential deadlock on &hc->lock - qed: Fix scheduling in a tasklet while getting stats - net: annotate data-races around sk->sk_reserved_mem - net: annotate data-race around sk->sk_txrehash - net: annotate data-races around sk->sk_max_pacing_rate - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation - net: add missing READ_ONCE(sk->sk_sndbuf) annotation - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation - net: annotate data-races around sk->sk_mark - net: add missing data-race annotations around sk->sk_peek_off - net: add missing data-race annotation for sk_ll_usec - net: annotate data-races around sk->sk_priority - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. - ice: Fix RDMA VSI removal during queue rebuild - bpf, cpumap: Handle skb as well when clean up ptr_ring - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire - net: ll_temac: fix error checking of irq_of_parse_and_map() - net: korina: handle clk prepare error in korina_probe() - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode - bnxt_en: Fix page pool logic for page size >= 64K - bnxt_en: Fix max_mtu setting for multi-buf XDP - net: dcb: choose correct policy to parse DCB_ATTR_BCN - s390/qeth: Don't call dev_close/dev_open (DOWN/UP) - ip6mr: Fix skb_under_panic in ip6mr_cache_report() - vxlan: Fix nexthop hash size - net/mlx5: fs_core: Make find_closest_ft more generic - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio - prestera: fix fallback to previous version on same major version - tcp_metrics: fix addr_same() helper - tcp_metrics: annotate data-races around tm->tcpm_stamp - tcp_metrics: annotate data-races around tm->tcpm_lock - tcp_metrics: annotate data-races around tm->tcpm_vals[] - tcp_metrics: annotate data-races around tm->tcpm_net - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen - rust: allocator: Prevent mis-aligned allocation - scsi: zfcp: Defer fc_rport blocking until after ADISC response - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices - libceph: fix potential hang in ceph_osdc_notify() - USB: zaurus: Add ID for A-300/B-500/C-700 - ceph: defer stopping mdsc delayed_work - firmware: arm_scmi: Drop OF node reference in the transport channel setup - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree - exfat: release s_lock before calling dir_emit() - mtd: spinand: toshiba: Fix ecc_get_status - mtd: rawnand: meson: fix OOB available bytes for ECC - bpf: Disable preemption in bpf_perf_event_output - arm64: dts: stratix10: fix incorrect I2C property for SCL signal - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC) - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction - rbd: prevent busy loop when requesting exclusive lock - bpf: Disable preemption in bpf_event_output - powerpc/ftrace: Create a dummy stackframe to fix stack unwind - arm64/fpsimd: Sync and zero pad FPSIMD state for streaming SVE - arm64/fpsimd: Clear SME state in the target task when setting the VL - arm64/fpsimd: Sync FPSIMD state with SVE for SME only systems - open: make RESOLVE_CACHED correctly test for O_TMPFILE - drm/ttm: check null pointer before accessing when swapping - drm/i915: Fix premature release of request's reusable memory - drm/i915/gt: Cleanup aux invalidation registers - clk: imx93: Propagate correct error in imx93_clocks_probe() - bpf, cpumap: Make sure kthread is running before map update returns - file: reinstate f_pos locking optimization for regular files - mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() - fs/ntfs3: Use __GFP_NOWARN allocation at ntfs_load_attr_list() - fs/sysv: Null check to prevent null-ptr-deref bug - debugobjects: Recheck debug_objects_enabled before reporting - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb - fs: Protect reconfiguration of sb read-write from racing writes - ext2: Drop fragment support - btrfs: remove BUG_ON()'s in add_new_free_space() - io_uring: annotate offset timeout races - mtd: rawnand: omap_elm: Fix incorrect type in assignment - mtd: rawnand: rockchip: fix oobfree offset and description - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() - powerpc/mm/altmap: Fix altmap boundary check - drm/imx/ipuv3: Fix front porch adjustment upon hactive aligning - drm/amd/display: Ensure that planes are in the same order - drm/amd/display: skip CLEAR_PAYLOAD_ID_TABLE if device mst_en is 0 - selftests/rseq: Play nice with binaries statically linked against glibc 2.35+ - arm64/ptrace: Don't enable SVE when setting streaming SVE - drm/amdgpu: Use apt name for FW reserved region - Revert "drm/i915: Disable DC states for all commits" - net/mlx5: Honor user input for migratable port fn attr - net/mlx5e: xsk: Fix crash on regular rq reactivation - net: stmmac: tegra: Properly allocate clock bulk data - net: gro: fix misuse of CB in udp socket lookup - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs - bnxt: don't handle XDP in netpoll - selftest: net: Assert on a proper value in so_incoming_cpu.c. - mtd: spinand: winbond: Fix ecc_get_status - smb: client: fix dfs link mount against w2k8 - ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node - Upstream stable to v6.1.45, v6.4.10 * CVE-2023-37453 - USB: core: Unite old scheme and new scheme descriptor reads - USB: core: Change usb_get_device_descriptor() API - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() * Packaging resync (LP: #1786013) - [Packaging] update helper scripts . linux-azure (6.2.0-1017.17) lunar; urgency=medium . * lunar/linux-azure: 6.2.0-1017.17 -proposed tracker (LP: #2041884) . * Azure: Fix Azure vendor ID (LP: #2036600) - SAUCE: (no-up) hv: Fix supply vendor ID . * Kernel oops on 32-0bit kernels due to x86_cache_alignment initialization (LP: #2039191) - x86/boot: Move x86_cache_alignment initialization to correct spot . * Include cifs.ko in linux-modules package (LP: #2042546) - [Packaging] Replace fs/cifs with fs/smb/client in inclusion list . [ Ubuntu: 6.2.0-37.38 ] . * lunar/linux: 6.2.0-37.38 -proposed tracker (LP: #2041899) * CVE-2023-31085 - ubi: Refuse attaching if mtd's erasesize is 0 * CVE-2023-25775 - RDMA/irdma: Prevent zero-length STAG registration * CVE-2023-45871 - igb: set max size RX buffer when store bad packet is enabled * CVE-2023-5345 - fs/smb/client: Reset password pointer to NULL * CVE-2023-5090 - x86: KVM: SVM: always update the x2avic msr interception * Packaging resync (LP: #1786013) - [Packaging] update helper scripts Checksums-Sha1: 445826778f272362ca297b43bb6178e0e87883e4 5136 linux-azure_6.2.0-1018.18.dsc b482021f3c00bdcfcdf5f583d787322cc668a7ef 8105798 linux-azure_6.2.0-1018.18.diff.gz 097b63b665757ebbecd4b1faf810ad36480aae31 9838 linux-azure_6.2.0-1018.18_source.buildinfo Checksums-Sha256: 88ed14eb0c3fa8ba6211ccb7149824ab87183dd8a562e80d5a256c26fc541ac5 5136 linux-azure_6.2.0-1018.18.dsc fd897d61a09683fee91d33ae57bada6b806629e0ad1fc090c200678870d4e942 8105798 linux-azure_6.2.0-1018.18.diff.gz 0a2a3782d47046161880cf5639a401dcf36739abf2e35cff94823b0b5af5a240 9838 linux-azure_6.2.0-1018.18_source.buildinfo Files: 697d33bb8fa582d2f9dfeca23183fbb3 5136 devel optional linux-azure_6.2.0-1018.18.dsc dd53185793e442e9291f8a3561438c28 8105798 devel optional linux-azure_6.2.0-1018.18.diff.gz b350373b38fb57bdf6c020bdd0eb0773 9838 devel optional linux-azure_6.2.0-1018.18_source.buildinfo Ubuntu-Compatible-Signing: ubuntu/4 pro/3