1. Forum
  2. Usenet
  3. LINUX.DEBIAN.KERNEL

  • linux_6.1.69-1_source.changes ACCEPTED into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Wed Jan 3 08:10:02 2024
    Thank you for your contribution to Debian.



    Accepted:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 30 Dec 2023 10:31:20 +0100
    Source: linux
    Architecture: source
    Version: 6.1.69-1
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Closes: 1035587 1052304 1055021 1058758 1059624
    Changes:
    linux (6.1.69-1) bookworm-security; urgency=high
    .
    * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.68
    - hrtimers: Push pending hrtimers away from outgoing CPU earlier
    - i2c: designware: Fix corrupted memory seen in the ISR
    - netfilter: ipset: fix race condition between swap/destroy and kernel side
    add/del/test
    - tg3: Move the [rt]x_dropped counters to tg3_napi
    - tg3: Increment tx_dropped in tg3_tso_bug()
    - kconfig: fix memory leak from range properties
    - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
    - [x86] Introduce ia32_enabled()
    - [amd64] x86/coco: Disable 32-bit emulation by default on TDX and SEV
    - [x86] entry: Convert INT 0x80 emulation to IDTENTRY
    - [x86] entry: Do not allow external 0x80 interrupts
    - [x86] tdx: Allow 32-bit emulation by default
    - [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
    code
    - [powerpc*] of: dynamic: Fix of_reconfig_get_state_change() return value
    documentation
    - [x86] platform/x86: wmi: Skip blocks with zero instances
    - ipv6: fix potential NULL deref in fib6_add()
    - hv_netvsc: rndis_filter needs to select NLS
    - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
    - r8152: Add RTL8152_INACCESSIBLE checks to more loops
    - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
    - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en()
    - arcnet: restoring support for multiple Sohard Arcnet cards
    - net: stmmac: fix FPE events losing
    - xsk: Skip polling event check for unbound socket
    - i40e: Fix unexpected MFS warning message
    - iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero
    - net: bnxt: fix a potential use-after-free in bnxt_init_tc
    - tcp: fix mid stream window clamp.
    - ionic: fix snprintf format length warning
    - ionic: Fix dim work handling in split interrupt mode
    - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
    - net: atlantic: Fix NULL dereference of skb pointer in
    - [arm64] net: hns: fix wrong head when modify the tx feature when sending
    packets
    - [arm64] net: hns: fix fake link up on xge port
    - netfilter: nft_exthdr: add boolean DCCP option matching
    - netfilter: nf_tables: fix 'exist' matching on bigendian arches
    - netfilter: nf_tables: bail out on mismatching dynset and set expressions
    (CVE-2023-6622)
    - netfilter: nf_tables: validate family when identifying table via handle
    - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
    - tcp: do not accept ACK of bytes we never sent
    - bpf: sockmap, updating the sg structure should also update curr
    - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
    - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
    - [arm64] tee: optee: Fix supplicant based device enumeration
    - [arm64] RDMA/hns: Fix unnecessary err return when using invalid congest
    control algorithm
    - RDMA/irdma: Do not modify to SQD on error
    - RDMA/irdma: Add wait for suspend on SQD
    - [arm64] ASoC: fsl_sai: Fix no frame sync clock issue on i.MX8MP
    - RDMA/irdma: Refactor error handling in create CQP
    - RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info()
    - [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
    - [x86] ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
    - RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz
    - RDMA/irdma: Avoid free the non-cqp_request scratch
    - [arm64] dts: imx8mq: drop usb3-resume-missing-cas from usb
    - [arm64] dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3
    - tracing: Fix a warning when allocating buffered events fails
    - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
    - [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
    - md: introduce md_ro_state
    - md: don't leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly()
    - iommu: Avoid more races around device probe
    - [x86] rethook: Use __rcu pointer for rethook::handler
    - kprobes: consistent rcu api usage for kretprobe holder
    - [x86] ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA
    - io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
    - nvme-pci: Add sleep quirk for Kingston drives
    - io_uring: fix mutex_unlock with unreferenced ctx
    - ALSA: usb-audio: Add Pioneer DJM-450 mixer controls
    - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
    - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
    - ALSA: hda/realtek: add new Framework laptop to quirks
    - ALSA: hda/realtek: Add Framework laptop 16 to quirks
    - ring-buffer: Test last update in 32bit version of __rb_time_read()
    - nilfs2: fix missing error check for sb_set_blocksize call
    - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
    - cgroup_freezer: cgroup_freezing: Check if not frozen
    - checkstack: fix printed address
    - tracing: Always update snapshot buffer size
    - tracing: Disable snapshot buffer when stopping instance tracers
    - tracing: Fix incomplete locking when disabling buffered events
    - tracing: Fix a possible race when disabling buffered events
    - packet: Move reference count in packet_sock to atomic_long_t
    - r8169: fix rtl8125b PAUSE frames blasting when suspended
    - regmap: fix bogus error on regcache_sync success
    - [x86] platform/surface: aggregator: fix recv_buf() return value
    - hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write
    - mm: fix oops when filemap_map_pmd() without prealloc_pte
    - md/raid6: use valid sector values to determine if an I/O should wait on
    the reshape
    - [arm*] binder: fix memory leaks of spam and pending work
    - [arm64] coresight: etm4x: Make etm4_remove_dev() return void
    - [arm64] coresight: etm4x: Remove bogous __exit annotation for some
    functions
    - hwtracing: hisi_ptt: Add dummy callback pmu::read()
    - [x86] misc: mei: client.c: return negative error code in mei_cl_write
    - [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
    mei_cl_write
    - ring-buffer: Force absolute timestamp on discard of event
    - tracing: Set actual size after ring buffer resize
    - tracing: Stop current tracer when resizing buffer
    - perf: Fix perf_event_validate_size() (CVE-2023-6931)
    - [x86] sev: Fix kernel crash due to late update to read-only ghcb_version
    - gpiolib: sysfs: Fix error handling on failed export
    - drm/amdgpu: fix memory overflow in the IB test
    - drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c
    - drm/amdgpu: correct the amdgpu runtime dereference usage count
    - drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10
    - drm/amdgpu: Add EEPROM I2C address support for ip discovery
    - drm/amdgpu: Remove redundant I2C EEPROM address
    - drm/amdgpu: Decouple RAS EEPROM addresses from chips
    - drm/amdgpu: Add support for RAS table at 0x40000
    - drm/amdgpu: Remove second moot switch to set EEPROM I2C address
    - drm/amdgpu: Return from switch early for EEPROM I2C address
    - drm/amdgpu: simplify amdgpu_ras_eeprom.c
    - drm/amdgpu: Add I2C EEPROM support on smu v13_0_6
    - drm/amdgpu: Update EEPROM I2C address for smu v13_0_0
    - usb: gadget: f_hid: fix report descriptor allocation
    - serial: 8250_dw: Add ACPI ID for Granite Rapids-D UART
    - parport: Add support for Brainboxes IX/UC/PX parallel cards
    - cifs: Fix non-availability of dedup breaking generic/304
    - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
    - smb: client: fix potential NULL deref in parse_dfs_referrals()
    - usb: typec: class: fix typec_altmode_put_partner to put plugs
    - [arm64,armhf] PL011: Fix DMA support
    - [arm64] serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit
    - [arm64] serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt
    - [arm64] serial: 8250_omap: Add earlycon support for the AM654 UART
    controller
    - devcoredump: Send uevent once devcd is ready
    - [x86] CPU/AMD: Check vendor in the AMD microcode callback
    - USB: gadget: core: adjust uevent timing on gadget unbind
    - cifs: Fix flushing, invalidation and file size with copy_file_range()
    - cifs: Fix flushing, invalidation and file size with FICLONE
    - [mips*] kernel: Clear FPU states when setting up kernel threads
    (Closes: #1055021)
    - [s390x] KVM: s390/mm: Properly reset no-dat
    - [x86] KVM: SVM: Update EFER software model on CR0 trap for SEV-ES
    - netfilter: nft_set_pipapo: skip inactive elements during set walk
    (CVE-2023-6817)
    - [x86] drm/i915/display: Drop check for doublescan mode in modevalid
    - [x86] drm/i915/lvds: Use REG_BIT() & co.
    - [x86] drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo
    - [x86] drm/i915: Skip some timing checks on BXT/GLK DSI transcoders
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.69
    - [x86] perf/x86/uncore: Don't WARN_ON_ONCE() for a broken discovery table
    - r8152: add USB device driver for config selection
    - r8152: add vendor/device ID pair for D-Link DUB-E250
    - r8152: add vendor/device ID pair for ASUS USB-C2500
    - [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
    - ext4: fix warning in ext4_dio_write_end_io()
    - ksmbd: fix memory leak in smb2_lock()
    - afs: Fix refcount underflow from error handling race (Closes: #1052304)
    - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
    (Closes: #1058758)
    - net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work
    - net: ipv6: support reporting otherwise unknown prefix flags in
    RTM_NEWPREFIX
    - bnxt_en: Clear resource reservation during resume
    - bnxt_en: Save ring error counters across reset
    - bnxt_en: Fix wrong return value check in bnxt_close_nic()
    - bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic
    - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
    - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
    - net: vlan: introduce skb_vlan_eth_hdr()
    - net: fec: correct queue selection
    - atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
    - net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
    - iavf: Introduce new state machines for flow director
    - iavf: Handle ntuple on/off based on new state machines for flow director
    - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
    - net: Remove acked SYN flag from packet in the transmit queue correctly
    - net: ena: Destroy correct number of xdp queues upon failure
    - net: ena: Fix xdp drops handling due to multibuf packets
    - net: ena: Fix XDP redirection error
    - sign-file: Fix incorrect return values check
    - vsock/virtio: Fix unsigned integer wrap around in
    virtio_transport_has_space()
    - net: stmmac: Handle disabled MDIO busses from devicetree
    - appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
    - net: atlantic: fix double free in ring reinit logic
    - cred: switch to using atomic_long_t
    - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
    - ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
    - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
    - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
    - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
    - [mips*] PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
    - ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE
    - [x86] hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM
    - usb: aqc111: check packet for fixup for true limit
    - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
    required!"
    - blk-cgroup: bypass blkcg_deactivate_policy after destroying
    - bcache: avoid oversize memory allocation by small stripe_size
    - bcache: remove redundant assignment to variable cur_idx
    - bcache: add code comments for bch_btree_node_get() and
    __bch_btree_node_alloc()
    - bcache: avoid NULL checking to c->root in run_cache_set()
    - nbd: fold nbd config initialization into nbd_alloc_config()
    - nvme-auth: set explanation code for failure2 msgs
    - nvme: catch errors from nvme_configure_metadata()
    - [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
    - HID: glorious: fix Glorious Model I HID report
    - HID: add ALWAYS_POLL quirk for Apple kb
    - nbd: pass nbd_sock to nbd_read_reply() instead of index
    - HID: hid-asus: reset the backlight brightness level on resume
    - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
    - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
    - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
    - [arm64] add dependency between vmlinuz.efi and Image
    - HID: hid-asus: add const to read-only outgoing usb buffer
    - perf: Fix perf_event_validate_size() lockdep splat
    - btrfs: do not allow non subvolume root targets for snapshot
    - soundwire: stream: fix NULL pointer dereference for multi_link
    - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
    - [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
    - team: Fix use-after-free when an option instance allocation fails
    - drm/amdgpu/sdma5.2: add begin/end_use ring callbacks
    - dmaengine: stm32-dma: avoid bitfield overflow assertion
    - mm/mglru: fix underprotected page cache
    - mm/shmem: fix race in shmem_undo_range w/THP
    - btrfs: free qgroup reserve when ORDERED_IOERR is set
    - btrfs: don't clear qgroup reserved bit in release_folio
    - drm/amdgpu: fix tear down order in amdgpu_vm_pt_free
    - drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
    - [x86] drm/i915: Fix remapped stride with CCS on ADL+
    - smb: client: fix OOB in receive_encrypted_standard()
    - smb: client: fix NULL deref in asn1_ber_decoder()
    - smb: client: fix OOB in smb2_query_reparse_point()
    - ring-buffer: Fix memory leak of free page
    - tracing: Update snapshot buffer on resize if it is allocated
    - ring-buffer: Do not update before stamp when switching sub-buffers
    - ring-buffer: Have saved event hold the entire event
    - ring-buffer: Fix writing to the buffer with max_data_size
    - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
    - ring-buffer: Do not try to put back write_stamp
    - ring-buffer: Have rb_time_cmpxchg() set the msb counter too
    - net: tls, update curr on splice as well
    - r8152: avoid to change cfg for all devices
    - r8152: remove rtl_vendor_mode function
    - r8152: fix the autosuspend doesn't work
    .
    [ Salvatore Bonaccorso ]
    * Bump ABI to 17
    * [rt] Update to 6.1.69-rt21
    * [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
    This is a breach of the integrity lockdown requirement of secure boot
    and thus cannot be enabled.
    Thanks to Bastian Blank and Ben Hutchings
    * Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
    (CVE-2023-51779)
    * netfilter: nf_tables: skip set commit for deleted/destroyed sets
    * Revert "scsi: aacraid: Reply queue mapping to CPUs based on IRQ affinity"
    (Closes: #1059624)
    Checksums-Sha1:
    97b8255fde753811d8f029a73ec4a03ae05d4363 290924 linux_6.1.69-1.dsc
    ab2ef068faf43ae20020165065571c8cb1a14111 137507972 linux_6.1.69.orig.tar.xz
    d965c531dd3edcca299b12ed2f02093a7e27b81b 1586832 linux_6.1.69-1.debian.tar.xz
    3092fbb92e1e5f8bf2127e4a311426fe84ec1037 7066 linux_6.1.69-1_source.buildinfo Checksums-Sha256:
    eff66c55a2e6a56cf37ff8c06fb830740ba2ff869dc51b98e789acf702487c91 290924 linux_6.1.69-1.dsc
    b0a5f7285bffe9f0b7eca2675fe097fd4aeec1bac6d31b76239ba718d3b4fc02 137507972 linux_6.1.69.orig.tar.xz
    6ccc5bc6a11a5e592b396702c9975b56c7fd7e758322180927e0acf07c884370 1586832 linux_6.1.69-1.debian.tar.xz
    61aafe85f00121acaec649a59e6633fc5823800164e239c0c47a994c9bc27da5 7066 linux_6.1.69-1_source.buildinfo
    Files:
    148ceb8c54c9778cac65a68de6d3a92a 290924 kernel optional linux_6.1.69-1.dsc
    b31060ed820825da2ff064b3fac3740c 137507972 kernel optional linux_6.1.69.orig.tar.xz
    7c74ee5a24913c31cdc7a89be868fbab 1586832 kernel optional linux_6.1.69-1.debian.tar.xz
    dcd03738d64dca61a76490a9fb7669b2 7066 kernel optional linux_6.1.69-1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmWP4+xfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EMiMP/jzSaI7MQ0Pe1QijS6WTC4ej4v9qWebx 0n4vWTQ2zNefe+YVoZK/uzGNBuZ4cD00TeVrc7zvadU84t+4uDP7Cxap22M7m+8P zhUti3xnESn800EgqLyujlbM/DF8JCTH66AUZkruQSLe3Gf4Nc2RDvPcnbMzDqb+ 1Zod0GVCDevFPA8uQ80gv6yWfu4nHDt74kwn/3gRGM6Z97IooNBqclJltP3sMeUO aWucSGbFh8SMHbkrR7PXyTxOepHNqIrZ4LWLOeRFRUNgRmr3mPDj/Bi0wnRkMVRP B5tzzaV+/WyTGWrUdsi3LJbk/YUwV54LpponQVmBmT7Pc2SV/7MeA9/aTIqypIoQ S/U8UEmE9nl+I42wJZtY5FWtQQtuYTdweAuujyRQvW4ynnFVi1oSya8jfLgCHK8L 0tGU+I8vShUv0+BYG0z+YX1Erwr9qYf+UlX33tfAX0VZfhwVF0XjSXWLLzqrIwb3 1YtlhH+c2b0vDxMbvRtH3DOqXaVvIcnMVmCABiE/4OSqy6zLs0HqkUGuS2mnIJCN bAxWGlsKwEPU0nK+SFm3UFfzR3qQFeN2+KOpE9I+h+ZbWXWE4x57HK/X/phHNEtX ojSzkYO1HIdmqFd/uIxpB07m8+bh+W25w0mlCrv22NoMNSkatMjpOHkfVnSC61cG
    WwPxmAp+wITQ
    =QUTV
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)