-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 22 Nov 2024 23:27:23 +0100 Source: linux Binary: bpftool bpftool-dbgsym hyperv-daemons hyperv-daemons-dbgsym libcpupower-dev libcpupower1 libcpupower1-dbgsym linux-config-6.1 linux-cpupower linux-cpupower-dbgsym linux-headers-6.1.0-28-arm64 linux-headers-6.1.0-28-cloud-arm64 linux-headers-6.1.0-28-rt-arm64 linux-image-6.1.0-28-arm64-dbg linux-image-6.1.0-28-arm64-unsigned linux-image-6.1.0-28-cloud-arm64-dbg linux-image-6.1.0-28-cloud-arm64-unsigned linux-image-6.1.0-28-rt-arm64-dbg linux-image-6.1.0-28-rt-arm64-unsigned linux-image-arm64-dbg linux-image-arm64-signed-template linux-image-cloud-arm64-dbg linux-image-rt-arm64-dbg linux-kbuild-6.1 linux-kbuild-6.1-dbgsym linux-libc-dev linux-perf linux-perf-dbgsym rtla usbip usbip-dbgsym Architecture: arm64 Version: 6.1.119-1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Salvatore Bonaccorso Description: bpftool - Inspection and simple manipulation of BPF programs and maps hyperv-daemons - Support daemons for Linux running on Hyper-V libcpupower-dev - CPU frequency and voltage scaling tools for Linux (development fi libcpupower1 - CPU frequency and voltage scaling tools for Linux (libraries) linux-config-6.1 - Debian kernel configurations for Linux 6.1 linux-cpupower - CPU power management tools for Linux linux-headers-6.1.0-28-arm64 - Header files for Linux 6.1.0-28-arm64 linux-headers-6.1.0-28-cloud-arm64 - Header files for Linux 6.1.0-28-cloud-arm64 linux-headers-6.1.0-28-rt-arm64 - Header files for Linux 6.1.0-28-rt-arm64 linux-image-6.1.0-28-arm64-dbg - Debug symbols for linux-image-6.1.0-28-arm64 linux-image-6.1.0-28-arm64-unsigned - Linux 6.1 for 64-bit ARMv8 machines linux-image-6.1.0-28-cloud-arm64-dbg - Debug symbols for linux-image-6.1.0-28-cloud-arm64 linux-image-6.1.0-28-cloud-arm64-unsigned - Linux 6.1 for arm64 cloud linux-image-6.1.0-28-rt-arm64-dbg - Debug symbols for linux-image-6.1.0-28-rt-arm64 linux-image-6.1.0-28-rt-arm64-unsigned - Linux 6.1 for 64-bit ARMv8 machines, PREEMPT_RT linux-image-arm64-dbg - Debugging symbols for Linux arm64 configuration (meta-package) linux-image-arm64-signed-template - Template for signed linux-image packages for arm64 linux-image-cloud-arm64-dbg - Debugging symbols for Linux cloud-arm64 configuration (meta-packa linux-image-rt-arm64-dbg - Debugging symbols for Linux rt-arm64 configuration (meta-package) linux-kbuild-6.1 - Kbuild infrastructure for Linux 6.1 linux-libc-dev - Linux support headers for userspace development linux-perf - Performance analysis tools for Linux rtla - Real-Time Linux Analysis tools usbip - USB device sharing system over IP network Closes: 1062421 1085762 1086447 1087602 Changes: linux (6.1.119-1) bookworm-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.116 - cpufreq: Generalize of_perf_domain_get_sharing_cpumask phandle format - cpufreq: Avoid a bad reference count on CPU node (CVE-2024-50012) - mm: remove kern_addr_valid() completely - fs/proc/kcore: avoid bounce buffer for ktext data - fs/proc/kcore: convert read_kcore() to read_kcore_iter() - fs/proc/kcore: reinstate bounce buffer for KCORE_TEXT regions - fs/proc/kcore.c: allow translation of physical memory addresses - cgroup: Fix potential overflow issue when checking max_depth - wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (Closes: #1062421) - mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys - wifi: ath11k: Fix invalid ring usage in full monitor mode - wifi: brcm80211: BRCM_TRACING should depend on TRACING - RDMA/cxgb4: Dump vendor specific QP details - RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down - RDMA/bnxt_re: synchronize the qp-handle table array - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (CVE-2024-53059) - [armel,armhf] ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() - macsec: Fix use-after-free while sending the offloading packet (CVE-2024-50261) - net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (CVE-2024-53058) - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (CVE-2024-53042) - gtp: allow -1 to be specified as file description from userspace - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (CVE-2024-53057) - netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (CVE-2024-50259) - bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262) - netfilter: Fix use-after-free in get_info() (CVE-2024-50257) - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256) - Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (CVE-2024-50255) - net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension - netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (CVE-2024-50251) - iomap: convert iomap_unshare_iter to use large folios - iomap: improve shared block detection in iomap_unshare_iter - iomap: don't bother unsharing delalloc extents - iomap: share iomap_unshare_iter predicate code with fsdax - fsdax: remove zeroing code from dax_unshare_iter - fsdax: dax_unshare_iter needs to copy entire blocks (CVE-2024-50250) - iomap: turn iomap_want_unshare_iter into an inline function - compiler-gcc: be consistent with underscores use for `no_sanitize` - compiler-gcc: remove attribute support check for `__no_sanitize_address__` - afs: Automatically generate trace tag enums - afs: Fix missing subdir edit when renamed between parent dirs - ACPI: CPPC: Make rmw_lock a raw_spin_lock (CVE-2024-50249) - fs/ntfs3: Check if more than chunk-size bytes are written (CVE-2024-50247) - fs/ntfs3: Fix warning possible deadlock in ntfs_set_state - fs/ntfs3: Stale inode instead of bad - fs/ntfs3: Fix possible deadlock in mi_read (CVE-2024-50245) - fs/ntfs3: Additional check in ni_clear() (CVE-2024-50244) - scsi: scsi_transport_fc: Allow setting rport state to current state - net: amd: mvme147: Fix probe banner message - NFS: remove revoked delegation from server's delegation list - misc: sgi-gru: Don't disable preemption in GRU driver - usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler - usb: gadget: dummy_hcd: Set transfer interval to 1 microframe - usb: gadget: dummy_hcd: execute hrtimer callback in softirq context - USB: gadget: dummy-hcd: Fix "task hung" problem - ALSA: usb-audio: Add quirks for Dell WD19 dock - usbip: tools: Fix detach_port() invalid port error path - usb: phy: Fix API devm_usb_put_phy() can not release the phy - usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() - xhci: Fix Link TRB DMA in command ring stopped completion event - xhci: Use pm_runtime_get to prevent RPM on unsupported systems - Revert "driver core: Fix uevent_show() vs driver detach race" - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (CVE-2024-50237) - wifi: ath10k: Fix memory leak in management tx (CVE-2024-50236) - wifi: cfg80211: clear wdev->cqm_config pointer on free (CVE-2024-50235) - wifi: iwlegacy: Clear stale interrupts before resuming device (CVE-2024-50234) - iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (CVE-2024-50232) - iio: light: veml6030: fix microlux value calculation - nilfs2: fix potential deadlock with newly created symlinks (CVE-2024-50229) - block: fix sanity checks in blk_rq_map_user_bvec - cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction (CVE-2024-53054) - ALSA: hda/realtek: Limit internal Mic boost on Dell platform - cxl/acpi: Move rescan to the workqueue - cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices() - mm/page_alloc: rename ALLOC_HIGH to ALLOC_MIN_RESERVE - mm/page_alloc: treat RT tasks similar to __GFP_HIGH - mm/page_alloc: explicitly record high-order atomic allocations in alloc_flags - mm/page_alloc: explicitly define what alloc flags deplete min reserves - mm/page_alloc: explicitly define how __GFP_HIGH non-blocking allocations accesses reserves - mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (CVE-2024-50218) - mctp i2c: handle NULL header address (CVE-2024-53043) - ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 - nvmet-auth: assign dh_key to NULL after kfree_sensitive (CVE-2024-50215) - io_uring: rename kiocb_end_write() local helper - fs: create kiocb_{start,end}_write() helpers - io_uring: use kiocb_{start,end}_write() helpers - io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (CVE-2024-53052) - mm: migrate: try again if THP split is failed due to page refcnt - migrate: convert unmap_and_move() to use folios - migrate: convert migrate_pages() to use folios - mm/migrate.c: stop using 0 as NULL pointer - migrate_pages: organize stats with struct migrate_pages_stats - migrate_pages: separate hugetlb folios migration - migrate_pages: restrict number of pages to migrate in batch - migrate_pages: split unmap_and_move() to _unmap() and _move() - vmscan,migrate: fix page count imbalance on node stats when demoting pages - io_uring: always lock __io_cqring_overflow_flush (Closes: #1087602) - [x86] bugs: Use code segment selector for VERW operand (CVE-2024-50072) - wifi: mac80211: fix NULL dereference at band check in starting tx ba session (CVE-2024-43911) - nilfs2: fix kernel bug due to missing clearing of checked flag (CVE-2024-50230) - wifi: iwlwifi: mvm: fix 6 GHz scan construction (CVE-2024-53055) - mm: shmem: fix data-race in shmem_getattr() (CVE-2024-50228) - mtd: spi-nor: winbond: fix w25q128 regression - drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (CVE-2024-43904) - drm/amd/display: Skip on writeback when it's not applicable (CVE-2024-36914) - vt: prevent kernel-infoleak in con_font_get() - mm: avoid gcc complaint about pointer casting - migrate_pages_batch: fix statistics for longterm pin retry https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.117 - [arm64] dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 - [arm64] dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator - [arm64] dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 - [arm64] dts: rockchip: Fix wakeup prop names on PineNote BT node - [arm64] dts: rockchip: Fix bluetooth properties on Rock960 boards - [arm64] dts: rockchip: Remove #cooling-cells from fan on Theobroma lion - [arm64] dts: rockchip: Fix LED triggers on rk3308-roc-cc - [arm64] dts: imx8qm: Fix VPU core alias name - [arm64] dts: imx8qxp: Add VPU subsystem file - [arm64] dts: imx8-ss-vpu: Fix imx8qm VPU IRQs - [arm64] dts: imx8mp: correct sdhc ipg clk - [armhf] ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin - HID: core: zero-initialize the report buffer (CVE-2024-50302) - [x86] platform/x86/amd/pmc: Detect when STB is not available (CVE-2024-53072) - sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() - NFSv3: only use NFS timeout for MOUNT when protocols are compatible - NFSv3: handle out-of-order write replies. - nfs: avoid i_lock contention in nfs_clear_invalid_mapping - security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301) - [arm64] net: enetc: set MAC address to the VF net_device - sctp: properly validate chunk size in sctp_sf_ootb() (CVE-2024-50299) - can: c_can: fix {rx,tx}_errors statistics - ice: change q_index variable type to s16 to store -1 value - i40e: fix race condition by adding filter's intermediate sync state (CVE-2024-53088) - [arm64] net: hns3: fix kernel crash when uninstalling driver (CVE-2024-50296) - net: phy: ti: add PHY_RST_AFTER_CLK_EN flag - net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case - virtio_net: Add hash_key_length check (CVE-2024-53082) - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" - media: stb0899_algo: initialize cfr before using it - media: dvbdev: prevent the risk of out of memory access (CVE-2024-53063) - media: dvb_frontend: don't play tricks with underflow values - media: adv7604: prevent underflow condition when reporting colorspace - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() - [armhf] ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove - media: ar0521: don't overflow when checking PLL values (CVE-2024-53081) - media: s5p-jpeg: prevent buffer overflows (CVE-2024-53061) - media: cx24116: prevent overflows on SNR calculus (CVE-2024-50290) - media: pulse8-cec: fix data timestamp at pulse8_setup() - media: v4l2-tpg: prevent the risk of a division by zero (CVE-2024-50287) - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() - can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation - can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes - ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create (CVE-2024-50286) - ksmbd: Fix the missing xa_store error check (CVE-2024-50284) - ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp (CVE-2024-50283) - pwm: imx-tpm: Use correct MODULO value for EPWM mode - drm/amdgpu: Adjust debugfs eviction and IB access permissions - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (CVE-2024-50282) - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (CVE-2024-53060) - thermal/drivers/qcom/lmh: Remove false lockdep backtrace - dm cache: correct the number of origin blocks to match the target length - dm cache: fix flushing uninitialized delayed_work on cache_ctr error (CVE-2024-50280) - dm cache: fix out-of-bounds access to the dirty bitset when resizing (CVE-2024-50279) - dm cache: optimize dirty bit checking with find_next_bit when resizing - dm cache: fix potential out-of-bounds access on the first resume (CVE-2024-50278) - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow - ALSA: usb-audio: Add quirk for HP 320 FHD Webcam - ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone - nfs: Fix KMSAN warning in decode_getfattr_attrs() (CVE-2024-53066) - net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() - net: vertexcom: mse102x: Fix possible double free of TX skb (CVE-2024-50276) - mptcp: use sock_kfree_s instead of kfree - btrfs: reinitialize delayed ref list after deleting it from the list (CVE-2024-50273) - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540) - Revert "wifi: mac80211: fix RCU list iterations" - net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036) - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format - filemap: Fix bounds checking in filemap_read() (CVE-2024-50272) - fs/proc: fix compile warning about variable 'vmcore_mmap_ops' - signal: restore the override_rlimit logic (CVE-2024-50271) - usb: musb: sunxi: Fix accessing an released usb phy (CVE-2024-50269) - usb: dwc3: fix fault at system suspend if device was already runtime suspended - usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() - USB: serial: io_edgeport: fix use after free in debug printk (CVE-2024-50267) - USB: serial: qcserial: add support for Sierra Wireless EM86xx - USB: serial: option: add Fibocom FG132 0x0112 composition - USB: serial: option: add Quectel RG650V - irqchip/gic-v3: Force propagation of the active state with a read-back - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() - ucounts: fix counter leak in inc_rlimit_get_ucounts() - [x86] ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 - net: sched: use RCU read-side critical section in taprio_dump() (CVE-2024-50126) - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans - media: amphion: Fix VPU core alias name https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.118 - Revert "Bluetooth: fix use-after-free in accessing skb after sending it" - Revert "Bluetooth: hci_sync: Fix overwriting request callback" - Revert "Bluetooth: af_bluetooth: Fix deadlock" - Revert "Bluetooth: hci_core: Fix possible buffer overflow" - Revert "Bluetooth: hci_conn: Consolidate code for aborting connections" (Closes: #1086447) - 9p: Avoid creating multiple slab caches with the same name - nvme: tcp: avoid race between queue_lock lock and destroy - block: Fix elevator_get_default() checking for NULL q->tag_set - HID: multitouch: Add support for B2402FVA track point - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad - nvme: disable CC.CRIME (NVME_CC_CRIME) - bpf: use kvzmalloc to allocate BPF verifier environment - crypto: api - Fix liveliness check in crypto_alg_tested - [arm*] crypto: marvell/cesa - Disable hash algorithms - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML - drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS - nvme-multipath: defer partition scanning (CVE-2024-53093) - [powerpc*] powernv: Free name on error in opal_event_init() - nvme: make keep-alive synchronous operation - bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 - fs: Fix uninitialized value issue in from_kuid and from_kgid - HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad - HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition - md/raid10: improve code of mrdev in raid10_sync_request - io_uring: fix possible deadlock in io_register_iowq_max_workers() (CVE-2024-41080) - uprobes: encapsulate preparation of uprobe args buffer - uprobe: avoid out-of-bounds memory access of fetching args (CVE-2024-50067) - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (CVE-2024-49991) - ext4: fix timer use-after-free on failed mount (CVE-2024-49960) - Bluetooth: L2CAP: Fix uaf in l2cap_connect (CVE-2024-49950) - mm: krealloc: Fix MTE false alarm in __do_krealloc - [x86] platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (CVE-2024-49986) - fs/ntfs3: Fix general protection fault in run_is_mapped_full (CVE-2024-50243) - 9p: fix slab cache name creation for real https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.119 - netlink: terminate outstanding dump on socket close - [arm64,armhf] drm/rockchip: vop: Fix a dereferenced before check warning - mptcp: error out earlier on disconnect - net/mlx5: fs, lock FTE when checking if active - net/mlx5e: kTLS, Fix incorrect page refcounting - net/mlx5e: CT: Fix null-ptr-deref in add rule err flow - virtio/vsock: Fix accept_queue memory leak - Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS - Bluetooth: hci_core: Fix calling mgmt_device_connected - net/sched: cls_u32: replace int refcounts with proper refcounts - net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. - bonding: add ns target multicast address to slave device - [armel,armhf] 9419/1: mm: Fix kernel memory mapping for xip kernels - [x86] mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y - mm: fix NULL pointer dereference in alloc_pages_bulk_noprof - ocfs2: uncache inode which has failed entering the group - vdpa/mlx5: Fix PA offset with unaligned starting iotlb map - ima: fix buffer overrun in ima_eventdigest_init_common - [x86] KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled - [x86] KVM: x86: Unconditionally set irr_pending when updating APICv state - [x86] KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint - ALSA: hda/realtek - Fixed Clevo platform headset Mic issue - ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 - ocfs2: fix UBSAN warning in ocfs2_verify_volume() - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" - mmc: sunxi-mmc: Fix A100 compatible description - drm/bridge: tc358768: Fix DSI command tx - drm/amd: Fix initialization mistake for NBIO 7.7.0 - staging: vchiq_arm: Get the rid off struct vchiq_2835_state - staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation - fs/ntfs3: Additional check in ntfs_file_release (CVE-2024-50242) - Bluetooth: ISO: Fix not validating setsockopt user input (CVE-2024-35964) - lib/buildid: Fix build ID parsing logic - cxl/pci: fix error code in __cxl_hdm_decode_init() - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set - NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point - NFSD: Async COPY result needs to return a write verifier - NFSD: Limit the number of concurrent async COPY operations (CVE-2024-49974) - NFSD: Initialize struct nfsd4_copy earlier - NFSD: Never decrement pending_async_copies on error - mptcp: cope racing subflow creation in mptcp_rcv_space_adjust - mptcp: define more local variables sk - mptcp: add userspace_pm_lookup_addr_by_id helper - mptcp: update local address flags when setting it - mptcp: hold pm lock when deleting entry - mptcp: drop lookup_by_id in lookup_addr - mptcp: pm: use _rcu variant under rcu_read_lock - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() (CVE-2024-26954) - ksmbd: fix potencial out-of-bounds when buffer offset is invalid (CVE-2024-26952) - net: add copy_safe_from_sockptr() helper - nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies - fs/9p: fix uninitialized values during inode evict (CVE-2024-36923) - ipvs: properly dereference pe in ip_vs_add_service (CVE-2024-42322) - net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244) - net: fec: remove .ndo_poll_controller to avoid deadlocks (CVE-2024-38553) - mm: revert "mm: shmem: fix data-race in shmem_getattr()" - mm: avoid unsafe VMA hook invocation when error arises on mmap hook - mm: unconditionally close VMAs on error - mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling - mm: resolve faulty mmap_region() error path behaviour - drm/amd: check num of link levels when update pcie param (CVE-2023-52812) - char: xillybus: Prevent use-after-free due to race condition (CVE-2022-45888) - null_blk: Remove usage of the deprecated ida_simple_xx() API - null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (CVE-2024-36478) - null_blk: Fix return value of nullb_device_power_store() - parisc: fix a possible DMA corruption (CVE-2024-44949) - char: xillybus: Fix trivial bug with mutex - net: Make copy_safe_from_sockptr() match documentation . [ Salvatore Bonaccorso ] * Bump ABI to 28 * [x86] Revert "x86: Increase brk randomness entropy for 64-bit systems" (Closes: #1085762) Checksums-Sha1: cac45b2f1cd88ce0c79e7c53dcf59a9329eb8048 825760 bpftool-dbgsym_7.1.0+6.1.119-1_arm64.deb c20f99470f9f28d73b8952f4f3ea1cec68c4eac9 1166132 bpftool_7.1.0+6.1.119-1_arm64.deb 07279d28409fb59642f3179257197a3bcec9993b 47960 hyperv-daemons-dbgsym_6.1.119-1_arm64.deb a6eb9fd3c1291e7f6c3cf1a75e01c2bce7025909 944376 hyperv-daemons_6.1.119-1_arm64.deb 89a7f57ab4ab977e11bb69e4f899d6aa9fdd6f61 929640 libcpupower-dev_6.1.119-1_arm64.deb 9c4a860a5a671da89e700f6277b67a09e0ede3f0 24652 libcpupower1-dbgsym_6.1.119-1_arm64.deb dfc6155e962120e72396facada710c16db45c544 935624 libcpupower1_6.1.119-1_arm64.deb ccaf2626a5f086970673f11e2de191a578da240d 1070984 linux-config-6.1_6.1.119-1_arm64.deb 99b95bb50f4f7788c477cf3f1873fde9162d5141 60324 linux-cpupower-dbgsym_6.1.119-1_arm64.deb 2af33957760af872222105be53440326ae1a7f6e 967716 linux-cpupower_6.1.119-1_arm64.deb 3127b0319634c9ca51224859c60c6c0a2bb94c16 1452100 linux-headers-6.1.0-28-arm64_6.1.119-1_arm64.deb dbf4a46afba15b0c4f4ce286efea3aae0055a305 1205936 linux-headers-6.1.0-28-cloud-arm64_6.1.119-1_arm64.deb b25384a1076ed921a84768af2e705316d7591ff3 1449180 linux-headers-6.1.0-28-rt-arm64_6.1.119-1_arm64.deb 8647d2fb4e8c7e09fa7247bb860f506880441297 797693328 linux-image-6.1.0-28-arm64-dbg_6.1.119-1_arm64.deb 94335b6f98dcc365c33eb60f9eaff50933993fc6 57072424 linux-image-6.1.0-28-arm64-unsigned_6.1.119-1_arm64.deb d26b840a877dc4170e72b737987c2a9800213225 257461148 linux-image-6.1.0-28-cloud-arm64-dbg_6.1.119-1_arm64.deb f1664943bacb1a0a664efcafa2ab0d63b6bb9a12 20267748 linux-image-6.1.0-28-cloud-arm64-unsigned_6.1.119-1_arm64.deb d4bfb2d9dfeef469d9548df035aeaf92d827373b 777411020 linux-image-6.1.0-28-rt-arm64-dbg_6.1.119-1_arm64.deb 8463e0af6e6648c921c66488eed7ec433b94f0f3 56374904 linux-image-6.1.0-28-rt-arm64-unsigned_6.1.119-1_arm64.deb 7fe2099089edacc17b950ce7f534fef48184f9e7 1296 linux-image-arm64-dbg_6.1.119-1_arm64.deb b160960f53c545590d8a6bbad49a2c988d2cfb65 1658416 linux-image-arm64-signed-template_6.1.119-1_arm64.deb 21e0c231e8d130730f92fcfae01a0ed4b914827f 1328 linux-image-cloud-arm64-dbg_6.1.119-1_arm64.deb 6e7122ebcb4be9bd47e5b8c37e580a85043410c9 1316 linux-image-rt-arm64-dbg_6.1.119-1_arm64.deb a343a94d6d025fc71e33694c33bfb93ea994f2ba 1026016 linux-kbuild-6.1-dbgsym_6.1.119-1_arm64.deb 5bef6d57c28978bce4bc17d1660909a1b3d2c838 1173716 linux-kbuild-6.1_6.1.119-1_arm64.deb f410227a55cdf6b70d234c93dbf6535767191d74 2049868 linux-libc-dev_6.1.119-1_arm64.deb e3f745da762507c3f2b3d30458230414d52328bc 7977932 linux-perf-dbgsym_6.1.119-1_arm64.deb f6063b5eca5d0bd35d68992fdf0e430598db50da 2591204 linux-perf_6.1.119-1_arm64.deb ba75190b6481e20fbddaf69c05a7d21353985a48 19689 linux_6.1.119-1_arm64-buildd.buildinfo fc5503c3240d6bb01d7c72d77766781f487ce48e 963452 rtla_6.1.119-1_arm64.deb a09f67121a312b0f2c7c2aea8c0ab2b13c143650 154080 usbip-dbgsym_2.0+6.1.119-1_arm64.deb dbb8ad41f9ec1f93874e37ccb1c64c3cb27b1bd5 963276 usbip_2.0+6.1.119-1_arm64.deb Checksums-Sha256: 349e91f8b292a8e32549ecbf0d37fd45a69a6f1c1187b7294442cb4f6b915656 825760 bpftool-dbgsym_7.1.0+6.1.119-1_arm64.deb ec9aebfa56623a316b075f248164a41b83539b675e72d9a86eef2a9109d07539 1166132 bpftool_7.1.0+6.1.119-1_arm64.deb e97cf1b02a7ab962db16626ed69e1c679f346eaa9af3b0a32acb1012239da67e 47960 hyperv-daemons-dbgsym_6.1.119-1_arm64.deb 613d4355cdd8e8443002d0bb6c2a2447d656dccd7061aad855672f43a7cd162d 944376 hyperv-daemons_6.1.119-1_arm64.deb d93a8d81ac2ddc97f1a56717bf78a883fdb23a2b404993d029a7b8d91530fc5f 929640 libcpupower-dev_6.1.119-1_arm64.deb e2d5d62c75adecfb84cfe47d9d42c2a33609377ec932d26bb2d7cfcc5d964b33 24652 libcpupower1-dbgsym_6.1.119-1_arm64.deb 63382464b7f07004a9dcc55c84f01cbacc823bff5a74b8ea99d8622b18a9611a 935624 libcpupower1_6.1.119-1_arm64.deb b3385434a565349498f118d307c248024f4a40e40872bc2bc875e63c80ded884 1070984 linux-config-6.1_6.1.119-1_arm64.deb ac8cbdf1b24602a2769ce41fca28d42fc361a883de4db9ff856c93953ccded14 60324 linux-cpupower-dbgsym_6.1.119-1_arm64.deb e2caaed74765427396b9f39db3d6717d35f7b27eb07c02c56f8b152c2ac3d2cc 967716 linux-cpupower_6.1.119-1_arm64.deb 30e59b95a3f0f8a239808ceb78de080b49391a928c29d81f57d8558edea5c9ad 1452100 linux-headers-6.1.0-28-arm64_6.1.119-1_arm64.deb 45e58b93783eb24fb3fb9a5ab0ca1e7d87806e367211ac9e3ab977f9d6d19314 1205936 linux-headers-6.1.0-28-cloud-arm64_6.1.119-1_arm64.deb abb1d43c6fd1054ea3c89152094eb9e6800ff38f6f6a014415a67b3e52f4bf03 1449180 linux-headers-6.1.0-28-rt-arm64_6.1.119-1_arm64.deb 05b044e160712bfc8e92471b28b8f22fba4eb9b4628fffb9204abf3b09a7afe7 797693328 linux-image-6.1.0-28-arm64-dbg_6.1.119-1_arm64.deb a2af5221a359289bed0b66ecbd510c73b0d10bfa03a61d2507ec374d45c4d26c 57072424 linux-image-6.1.0-28-arm64-unsigned_6.1.119-1_arm64.deb 72cb2c61521136735d597e9438e35be6ee43eb3df9bc74161eead2adb1abd329 257461148 linux-image-6.1.0-28-cloud-arm64-dbg_6.1.119-1_arm64.deb 4e5de5976739b5324bddc50cfd680b6145ec4daf733a068aecb23c60a59aabef 20267748 linux-image-6.1.0-28-cloud-arm64-unsigned_6.1.119-1_arm64.deb 7e61532ffb3f451f38ae807b388ebae1107606b0321a342fba981ea5089cd360 777411020 linux-image-6.1.0-28-rt-arm64-dbg_6.1.119-1_arm64.deb 7b2c661529835313620df0b31237f1a0161fab6dffd6c1c999e8bd7d74800d77 56374904 linux-image-6.1.0-28-rt-arm64-unsigned_6.1.119-1_arm64.deb 3e5d6c2c94889b5c6a1e36960efc8f5b699e28c52512685f01d68f6214e8fca2 1296 linux-image-arm64-dbg_6.1.119-1_arm64.deb 4763315cddbe3c3e9da3b7a83c34df38c7d8771373d9f173445102d89aff0242 1658416 linux-image-arm64-signed-template_6.1.119-1_arm64.deb bd7a98c1d05d025d2eed57b2c67c993d911c232f00685adb6f47dfe0abe61681 1328 linux-image-cloud-arm64-dbg_6.1.119-1_arm64.deb 3f18f426cbbfddf2a37f2e09219b2be4a66326a9874a6a6c6f478086991291d4 1316 linux-image-rt-arm64-dbg_6.1.119-1_arm64.deb 6e6ca8269a557f5bb5a9efc5eb3f14cd6020bcb3f135f3d02a40fa92982ae3c3 1026016 linux-kbuild-6.1-dbgsym_6.1.119-1_arm64.deb ebc601197427878f3c4016e4f75af2fc2a8bd5a7ca2b48dcfa2588a80e4145e9 1173716 linux-kbuild-6.1_6.1.119-1_arm64.deb d0465ddf80ebe80a49a5928bb8a93a8dfefb14272f0569f9213949677a2d6d9a 2049868 linux-libc-dev_6.1.119-1_arm64.deb a7e0bd3cb428c7f405e626c2e15db194f10c76ae6f1bdd56b842a47df5decf31 7977932 linux-perf-dbgsym_6.1.119-1_arm64.deb e470c6cbbb82bebe02f6be206f6e391694f5cbc9adb09103697b9babdc6caaa7 2591204 linux-perf_6.1.119-1_arm64.deb 4d772785ebe5257a99bd7379ad018484608d4246fe8a07cac91f29578791744d 19689 linux_6.1.119-1_arm64-buildd.buildinfo 5f1055ee75c66a1b325ff0c6c816615f3c81ab0f5bf233b18ab5fcd6e7d91719 963452 rtla_6.1.119-1_arm64.deb 7b4fe0722282ae14263b8d9c8a4edf78453e1eb35ff8ad63f26d640807affd46 154080 usbip-dbgsym_2.0+6.1.119-1_arm64.deb a2101881f56bfe9a4449758d704ec51b1b94571f5c138b8e5f16c44c0371e494 963276 usbip_2.0+6.1.119-1_arm64.deb Files: 92c7d3a8b9e77b16c7926602e863800c 825760 debug optional bpftool-dbgsym_7.1.0+6.1.119-1_arm64.deb 71854bb911d79b2f61caaf765ede5522 1166132 devel optional bpftool_7.1.0+6.1.119-1_arm64.deb ccdd24ef8e571e0810193ad072d945a7 47960 debug optional hyperv-daemons-dbgsym_6.1.119-1_arm64.deb a187a1224a4054fa1746960ad4ae8624 944376 admin optional hyperv-daemons_6.1.119-1_arm64.deb eb1846a773eb53d9092eb67e38417740 929640 libdevel optional libcpupower-dev_6.1.119-1_arm64.deb a71058e9e8f9992f6d0e2ce9e97693cb 24652 debug optional libcpupower1-dbgsym_6.1.119-1_arm64.deb d7e9427924123008a3c2704968d1e265 935624 libs optional libcpupower1_6.1.119-1_arm64.deb 3b2aefe476799dbe5d5f2696a7833d7d 1070984 kernel optional linux-config-6.1_6.1.119-1_arm64.deb 86de8a2d2cff95ab40684d84dc13c069 60324 debug optional linux-cpupower-dbgsym_6.1.119-1_arm64.deb 5badff19f0fbf389b6b745c55c5320eb 967716 admin optional linux-cpupower_6.1.119-1_arm64.deb 5a55e015c37aadd61288bfd94d9838a5 1452100 kernel optional linux-headers-6.1.0-28-arm64_6.1.119-1_arm64.deb b2a0eb378b9021194db9dca0f25faa48 1205936 kernel optional linux-headers-6.1.0-28-cloud-arm64_6.1.119-1_arm64.deb c3d494030f3c1d280aaa7b87dedc5236 1449180 kernel optional linux-headers-6.1.0-28-rt-arm64_6.1.119-1_arm64.deb aee011f3837bc03e5250099e11c4819e 797693328 debug optional linux-image-6.1.0-28-arm64-dbg_6.1.119-1_arm64.deb 3d8a2469de6a6f47d22e5ee3df146a8a 57072424 kernel optional linux-image-6.1.0-28-arm64-unsigned_6.1.119-1_arm64.deb a120d2b1712e0ba6e00c4c4a7794684f 257461148 debug optional linux-image-6.1.0-28-cloud-arm64-dbg_6.1.119-1_arm64.deb d883372515569b8a09f50945e163f26a 20267748 kernel optional linux-image-6.1.0-28-cloud-arm64-unsigned_6.1.119-1_arm64.deb 3674c696bdeb71a618aba81efc755e78 777411020 debug optional linux-image-6.1.0-28-rt-arm64-dbg_6.1.119-1_arm64.deb 7fb3b76f04e4c042c3b4c464c06caa5b 56374904 kernel optional linux-image-6.1.0-28-rt-arm64-unsigned_6.1.119-1_arm64.deb c1944ae0102e13e0f1481f14e7517707 1296 kernel optional linux-image-arm64-dbg_6.1.119-1_arm64.deb 8890075e3a5c9c06c64b0cc5970fc00d 1658416 kernel optional linux-image-arm64-signed-template_6.1.119-1_arm64.deb 19a2add17463961359e5f72e79e90d88 1328 kernel optional linux-image-cloud-arm64-dbg_6.1.119-1_arm64.deb e72ea72515709252cfb60b373870fe72 1316 kernel optional linux-image-rt-arm64-dbg_6.1.119-1_arm64.deb 837b2c52586cceac21750eaa66e52d00 1026016 debug optional linux-kbuild-6.1-dbgsym_6.1.119-1_arm64.deb e8b912df17a09dfec06eb748ed8bdeb3 1173716 kernel optional linux-kbuild-6.1_6.1.119-1_arm64.deb 8e8028749016701866fe6ad17a9adde2 2049868 devel optional linux-libc-dev_6.1.119-1_arm64.deb d666a1ce17218539efb128cf10841510 7977932 debug optional linux-perf-dbgsym_6.1.119-1_arm64.deb ab701209ca2f60e6495f0aec8cafda26 2591204 devel optional linux-perf_6.1.119-1_arm64.deb 6a55394264757c30c5cef94fbcc35926 19689 kernel optional linux_6.1.119-1_arm64-buildd.buildinfo d445b9603df2d8af44a11488bb291337 963452 devel optional rtla_6.1.119-1_arm64.deb 9f0f1c9eedd23cf63b9eaa97b63b2048 154080 debug optional usbip-dbgsym_2.0+6.1.119-1_arm64.deb 1777b957bfcec7d32d4e31359018d90d 963276 admin optional usbip_2.0+6.1.119-1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAmdCBoMACgkQ/9j0ct/+ ZwzVmhAArXPXpV9t7aO/5YmL0MFHqvOn/OQGg9ED8vdQ1egNEWSLchuWFx3fX7f2 6ELL96DeOUSYoaETSuYDrVmXLSsaV2qxb6rce5l4MJsb/ooIy8Hr0qOL+kUnbNrs 2h7Aun1odyeepRYg6CR1fP3iXS84JIZEwflEEqVmFXb2YxuCVpGOuDqXK+5CUMMi uNCmyE5ixv0ZamyWFkxwhnltqzvwWYJ229YA7GDcVSMqvHilm89JWKU41Ln8IFG8 hdIVjqHWxIPjOn8Z3+mVRKQBCLKbB+28qEza9WAN3aYaxIbIB24qbGjGUO5l6n4q V3R53dJ+HiZDrgQ/Ocnr08Y3dFEI4PYnEhGVxD87p9FE8NkpljVTny6MhrBhTD6P 6IqGTP0Or2qXQzTaMZbfr8lOCGF2sB2iRzHzlJ/HuDA4KjHDM+HUXUEm/VKRk/1S ffUkRT1tSgfXfX9pYKsylhrohc6eJqGCbtt2A3KJq7VEm97ve5m1oxg6uAmA9C+Z VBWd/++o1b2XIc9oW3MX+k83A+ml4dfzeZix/HNEcWYmEGYahIbj/VN9BuUr1IMP +UqPqmx2xB3X/w2N6xcdoru6BO+IhvNLUpokcz2g8p7V4WJJutWG+4UYCYHFcGfj ihKwlFl96VF2qy545ApbTRgQzW5JP6OhTxkm02PGXXsahzlKXc4= =ngbz -----END PGP SIGNATURE-----