1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted linux-signed-arm64 6.1.115+1 (source) into proposed-updates (2

    From Debian FTP Masters@21:1/5 to All on Sat Nov 2 13:50:02 2024
    [continued from previous message]

    - [x86] perf,x86: avoid missing caller address in stack traces captured in
    uprobe
    - scsi: aacraid: Rearrange order of struct aac_srb_unit
    - scsi: lpfc: Update PRLO handling in direct attached topology
    - drm/amdgpu: fix unchecked return value warning for amdgpu_gfx
    - scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers
    - drm/radeon/r100: Handle unknown family in r100_cp_init_microcode()
    - drm/amd/pm: ensure the fw_info is not null before using it
    (CVE-2024-49890)
    - of/irq: Refer to actual buffer size in of_irq_parse_one()
    - [powerpc*] pseries: Use correct data types from pseries_hp_errorlog struct
    - ext4: ext4_search_dir should return a proper error
    - ext4: avoid use-after-free in ext4_ext_show_leaf() (CVE-2024-49889)
    - ext4: fix i_data_sem unlock order in ext4_ind_migrate() (CVE-2024-50006)
    - iomap: handle a post-direct I/O invalidate race in
    iomap_write_delalloc_release
    - blk-integrity: use sysfs_emit
    - blk-integrity: convert to struct device_attribute
    - blk-integrity: register sysfs attributes on struct device
    - spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled
    - spi: s3c64xx: fix timeout counters in flush_fifo
    - [powerpc*] vdso: Fix VDSO data access when running in a non-root time
    namespace
    - Revert "ALSA: hda: Conditionally use snooping for AMD HDMI"
    (Closes: #1081833)
    - [x86] platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug
    (CVE-2024-49886)
    - i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume
    (CVE-2024-49985)
    - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq()
    - i2c: xiic: Wait for TX empty to avoid missed TX NAKs
    - media: i2c: ar0521: Use cansleep version of gpiod_set_value()
    (CVE-2024-49961)
    - firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp()
    - spi: bcm63xx: Fix module autoloading
    - power: supply: hwmon: Fix missing temp1_max_alarm attribute
    - perf/core: Fix small negative period being ignored
    - drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS
    - ALSA: core: add isascii() check to card ID generator
    - ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET
    - ALSA: usb-audio: Add native DSD support for Luxman D-08u
    - ALSA: line6: add hw monitor volume control to POD HD500X
    - ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9
    - ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200
    - ext4: no need to continue when the number of entries is 1 (CVE-2024-49967)
    - ext4: correct encrypted dentry name hash when not casefolded
    - ext4: fix slab-use-after-free in ext4_split_extent_at() (CVE-2024-49884)
    - ext4: propagate errors from ext4_find_extent() in ext4_insert_range()
    - ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible()
    - ext4: dax: fix overflowing extents beyond inode size when partially
    writing (CVE-2024-50015)
    - ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space()
    - ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
    - ext4: aovid use-after-free in ext4_ext_insert_extent() (CVE-2024-49883)
    - ext4: fix double brelse() the buffer of the extents path
    - ext4: update orig_path in ext4_find_extent() (CVE-2024-49881)
    - ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit()
    - ext4: fix incorrect tid assumption in
    jbd2_journal_shrink_checkpoint_list()
    - ext4: fix fast commit inode enqueueing during a full journal commit
    - ext4: use handle to mark fc as ineligible in __track_dentry_update()
    - ext4: mark fc as ineligible using an handle in ext4_xattr_set()
    - drm/rockchip: vop: clear DMA stop bit on RK3066
    - of/irq: Support #msi-cells=<0> in of_msi_get_domain
    - drm: omapdrm: Add missing check for alloc_ordered_workqueue
    (CVE-2024-49879)
    - resource: fix region_intersects() vs add_memory_driver_managed()
    - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns
    error
    - jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit
    - mm: krealloc: consider spare memory for __GFP_ZERO
    - ocfs2: fix the la space leak when unmounting an ocfs2 volume
    - ocfs2: fix uninit-value in ocfs2_get_block()
    - ocfs2: reserve space for inline xattr before attaching reflink tree
    (CVE-2024-49958)
    - ocfs2: cancel dqi_sync_work before freeing oinfo (CVE-2024-49966)
    - ocfs2: remove unreasonable unlock in ocfs2_read_blocks (CVE-2024-49965)
    - ocfs2: fix null-ptr-deref when journal load failed. (CVE-2024-49957)
    - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate
    (CVE-2024-49877)
    - exfat: fix memory leak in exfat_load_bitmap() (CVE-2024-50013)
    - perf hist: Update hist symbol when updating maps
    - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds
    - nfsd: map the EBADMSG to nfserr_io to avoid warning (CVE-2024-49875)
    - NFSD: Fix NFSv4's PUTPUBFH operation
    - aoe: fix the potential use-after-free problem in more places
    (CVE-2024-49982)
    - clk: rockchip: fix error for unknown clocks
    - remoteproc: k3-r5: Fix error handling when power-up failed
    - clk: qcom: dispcc-sm8250: use CLK_SET_RATE_PARENT for branch clocks
    - media: sun4i_csi: Implement link validate for sun4i_csi subdev
    - clk: qcom: gcc-sm8450: Do not turn off PCIe GDSCs during gdsc_disable()
    - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags
    - clk: qcom: clk-rpmh: Fix overflow in BCM vote
    - clk: qcom: gcc-sm8150: De-register gcc_cpuss_ahb_clk_src
    - media: venus: fix use after free bug in venus_remove due to race condition
    (CVE-2024-49981)
    - clk: qcom: gcc-sm8250: Do not turn off PCIe GDSCs during gdsc_disable()
    - media: qcom: camss: Fix ordering of pm_runtime_enable
    - clk: qcom: gcc-sc8180x: Fix the sdcc2 and sdcc4 clocks freq table
    - clk: qcom: clk-alpha-pll: Fix CAL_L_VAL override for LUCID EVO PLL
    - smb: client: use actual path when queryfs
    - iio: magnetometer: ak8975: Fix reading for ak099xx sensors
    - gso: fix udp gso fraglist segmentation after pull from frag_list
    (CVE-2024-49978)
    - tomoyo: fallback to realpath if symlink's pathname does not exist
    (Closes: #1082001)
    - net: stmmac: Fix zero-division error when disabling tc cbs
    (CVE-2024-49977)
    - rtc: at91sam9: fix OF node leak in probe() error path
    - Input: adp5589-keys - fix NULL pointer dereference (CVE-2024-49871)
    - Input: adp5589-keys - fix adp5589_gpio_get_value()
    - cachefiles: fix dentry leak in cachefiles_open_file() (CVE-2024-49870)
    - ACPI: resource: Add Asus Vivobook X1704VAP to
    irq1_level_low_skip_override[] (Closes: #1078696)
    - ACPI: resource: Add Asus ExpertBook B2502CVA to
    irq1_level_low_skip_override[]
    - btrfs: fix a NULL pointer dereference when failed to start a new
    trasacntion (CVE-2024-49868)
    - btrfs: send: fix invalid clone operation for file that got its size
    decreased
    - btrfs: wait for fixup workers before stopping cleaner kthread during
    umount (CVE-2024-49867)
    - gpio: davinci: fix lazy disable
    - Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE
    (CVE-2024-8805)
    - ceph: fix cap ref leak via netfs init_request
    - tracing/hwlat: Fix a race during cpuhp processing
    - tracing/timerlat: Fix a race during cpuhp processing (CVE-2024-49866)
    - close_range(): fix the logics in descriptor table trimming
    - [x86] drm/i915/gem: fix bitwise and logical AND mixup
    - drm/sched: Add locking to drm_sched_entity_modify_sched
    - drm/amd/display: Fix system hang while resume with TBT monitor
    (CVE-2024-50003)
    - cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock
    (Closes: #1076483)
    - kconfig: qconf: fix buffer overflow in debug links
    - i2c: create debugfs entry per adapter
    - i2c: core: Lock address during client device instantiation
    - i2c: xiic: Use devm_clk_get_enabled()
    - i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled
    - dt-bindings: clock: exynos7885: Fix duplicated binding
    - spi: bcm63xx: Fix missing pm_runtime_disable()
    - [arm64] Add Cortex-715 CPU part definition
    - [arm64] cputype: Add Neoverse-N3 definitions
    - [arm64] errata: Expand speculative SSBS workaround once more
    - io_uring/net: harden multishot termination case for recv
    - uprobes: fix kernel info leak via "[uprobes]" vma
    - mm: z3fold: deprecate CONFIG_Z3FOLD
    - drm/amd/display: Allow backlight to go below
    `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT`
    - build-id: require program headers to be right after ELF header
    - lib/buildid: harden build ID parsing logic
    - docs/zh_CN: Update the translation of delay-accounting to 6.1-rc8
    - delayacct: improve the average delay precision of getdelay tool to
    microsecond
    - sched: psi: fix bogus pressure spikes from aggregation race
    - media: i2c: imx335: Enable regulator supplies
    - media: imx335: Fix reset-gpio handling
    - remoteproc: k3-r5: Acquire mailbox handle during probe routine
    - remoteproc: k3-r5: Delay notification of wakeup event
    - dt-bindings: clock: qcom: Add missing UFS QREF clocks
    - dt-bindings: clock: qcom: Add GPLL9 support on gcc-sc8180x
    - clk: samsung: exynos7885: do not define number of clocks in bindings
    - clk: samsung: exynos7885: Update CLKS_NR_FSYS after bindings fix
    - r8169: Fix spelling mistake: "tx_underun" -> "tx_underrun"
    - r8169: add tally counter fields added with RTL8125 (CVE-2024-49973)
    - clk: qcom: gcc-sc8180x: Add GPLL9 support
    - ACPI: battery: Simplify battery hook locking
    - ACPI: battery: Fix possible crash when unregistering a battery hook
    (CVE-2024-49955)
    - Revert "arm64: dts: qcom: sm8250: switch UFS QMP PHY to new style of
    bindings"
    - erofs: get rid of erofs_inode_datablocks()
    - erofs: get rid of z_erofs_do_map_blocks() forward declaration
    - erofs: avoid hardcoded blocksize for subpage block support
    - erofs: set block size to the on-disk block size
    - erofs: fix incorrect symlink detection in fast symlink
    - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (CVE-2024-49863)
    - perf report: Fix segfault when 'sym' sort key is not used
    - fsdax: dax_unshare_iter() should return a valid length
    - fsdax: unshare: zero destination if srcmap is HOLE or UNWRITTEN
    - unicode: Don't special case ignorable code points
    - net: ethernet: cortina: Drop TSO support
    - tracing: Remove precision vsnprintf() check from print event
    - ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks table
    - ALSA: hda/realtek: cs35l41: Fix device ID / model name
    - drm/crtc: fix uninitialized variable use even harder
    - tracing: Have saved_cmdlines arrays all in one allocation
    - bootconfig: Fix the kerneldoc of _xbc_exit()
    - perf lock: Dynamically allocate lockhash_table
    - perf sched: Avoid large stack allocations
    - perf sched: Move start_work_mutex and work_done_wait_mutex initialization
    to perf_sched__replay()
    - perf sched: Fix memory leak in perf_sched__map()
    - perf sched: Move curr_thread initialization to perf_sched__map()
    - perf sched: Move curr_pid and cpu_last_switched initialization to
    perf_sched__{lat|map|replay}()
    - libsubcmd: Don't free the usage string
    - Bluetooth: Fix usage of __hci_cmd_sync_status
    - virtio_console: fix misc probe bugs
    - Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
    - bpf: Check percpu map value size first
    - [s390x] facility: Disable compile time optimization for decompressor code
    - [s390x] mm: Add cond_resched() to cmm_alloc/free_pages()
    - bpf, x64: Fix a jit convergence issue
    - ext4: don't set SB_RDONLY after filesystem errors
    - ext4: nested locking for xattr inode
    - [s390x] cpum_sf: Remove WARN_ON_ONCE statements
    - RDMA/mad: Improve handling of timed out WRs of mad agent
    - PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
    - RDMA/rtrs-srv: Avoid null pointer deref during path establishment
    (CVE-2024-50062)
    - clk: bcm: bcm53573: fix OF node leak in init
    - PCI: Add ACS quirk for Qualcomm SA8775P
    - i2c: i801: Use a different adapter-name for IDF adapters
    - PCI: Mark Creative Labs EMU20k2 INTx masking as broken
    - io_uring: check if we need to reschedule during overflow flush
    (CVE-2024-50060)
    - ntb: ntb_hw_switchtec: Fix use after free vulnerability in
    switchtec_ntb_remove due to race condition (CVE-2024-50059)
    - RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults
    - media: videobuf2-core: clear memory related fields in
    __vb2_plane_dmabuf_put()
    - remoteproc: imx_rproc: Use imx specific hook for find_loaded_rsc_table
    - clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D
    - usb: chipidea: udc: enable suspend interrupt after usb reset
    - usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the
    Crashkernel Scenario
    - comedi: ni_routing: tools: Check when the file could not be opened
    - netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
    - virtio_pmem: Check device status before requesting flush
    - tools/iio: Add memory allocation failure check for trigger_name
    - staging: vme_user: added bound check to geoid
    - driver core: bus: Return -EIO instead of 0 when show/store invalid bus
    attribute
    - scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in
    lpfc_els_flush_cmd()
    - scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV
    instance
    - drm/amd/display: Check null pointer before dereferencing se
    (CVE-2024-50049)
    - fbcon: Fix a NULL pointer dereference issue in fbcon_putcs
    (CVE-2024-50048)
    - fbdev: sisfb: Fix strbuf array overflow
    - drm/rockchip: vop: limit maximum resolution to hardware capabilities
    - drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066
    - NFSD: Mark filecache "down" if init fails
    - ice: fix VLAN replay after reset
    - SUNRPC: Fix integer overflow in decode_rc_list()
    - NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
    (CVE-2024-50046)
    - net: phy: dp83869: fix memory corruption when enabling fiber
    - tcp: fix to allow timestamp undo if no retransmits were sent
    - tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe
    - netfilter: br_netfilter: fix panic with metadata_dst skb (CVE-2024-50045)
    - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
    (CVE-2024-50044)
    - net: phy: bcm84881: Fix some error handling paths
    - thermal: int340x: processor_thermal: Set feature mask before
    proc_thermal_add
    - thermal: intel: int340x: processor: Fix warning during module unload
    - Revert "net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled"
    - net: ethernet: adi: adin1110: Fix some error handling path in
    adin1110_read_fifo()
    - net: dsa: b53: fix jumbo frame mtu check
    - net: dsa: b53: fix max MTU for 1g switches
    - net: dsa: b53: fix max MTU for BCM5325/BCM5365
    - net: dsa: b53: allow lower MTUs on BCM5325/5365
    - net: dsa: b53: fix jumbo frames on 10/100 ports
    - gpio: aspeed: Add the flush write to ensure the write complete.
    - gpio: aspeed: Use devm_clk api to manage clock source
    - ice: Fix netif_is_ice() in Safe Mode
    - i40e: Fix macvlan leak by synchronizing access to mac_filter_hash
    (CVE-2024-50041)
    - igb: Do not bring the device up after non-fatal error (CVE-2024-50040)
    - net/sched: accept TCA_STAB only for root qdisc (CVE-2024-50039)
    - net: ibm: emac: mal: fix wrong goto
    - btrfs: zoned: fix missing RCU locking in error message when loading zone
    info
    - sctp: ensure sk_state is set to CLOSED if hashing fails in
    sctp_listen_start
    - netfilter: xtables: avoid NFPROTO_UNSPEC where needed (CVE-2024-50038)
    - netfilter: fib: check correct rtable in vrf setups
    - net: ibm/emac: allocate dummy net_device dynamically
    - net: ibm: emac: mal: add dcr_unmap to _remove
    - rtnetlink: Add bulk registration helpers for rtnetlink message handlers.
    - vxlan: Handle error of rtnl_register_module().
    - mctp: Handle error of rtnl_register_module().
    - ppp: fix ppp_async_encode() illegal access
    - slip: make slhc_remember() more robust against malicious packets
    - rust: macros: provide correct provenance when constructing THIS_MODULE
    - HID: multitouch: Add support for lenovo Y9000P Touchpad
    - net/mlx5: Always drain health in shutdown callback (CVE-2024-43866)
    - wifi: mac80211: Avoid address calculations via out of bounds array
    indexing (CVE-2024-41071)
    - hwmon: (tmp513) Add missing dependency on REGMAP_I2C
    - hwmon: (adm9240) Add missing dependency on REGMAP_I2C
    - hwmon: (adt7470) Add missing dependency on REGMAP_I2C
    - Revert "net: ibm/emac: allocate dummy net_device dynamically"
    - HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()
    - HID: plantronics: Workaround for an unexcepted opposite volume key
    - Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant"
    - usb: dwc3: core: Stop processing of pending events if controller is halted
    - usb: xhci: Fix problem with xhci resume from suspend
    - usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip
    - usb: gadget: core: force synchronous registration
    - hid: intel-ish-hid: Fix uninitialized variable 'rv' in
    ish_fw_xfer_direct_dma
    - drm/v3d: Stop the active perfmon before being destroyed (CVE-2024-50031)
    - drm/vc4: Stop the active perfmon before being destroyed
    - scsi: wd33c93: Don't use stale scsi_pointer value (CVE-2024-50026)
    - mptcp: fallback when MPTCP opts are dropped after 1st data
    - ata: libata: avoid superfluous disk spin down + spin up during hibernation
    - net: explicitly clear the sk pointer, when pf->create fails
    - net: Fix an unsafe loop on the list (CVE-2024-50024)
    - net: dsa: lan9303: ensure chip reset and wait for READY status
    - mptcp: handle consistently DSS corruption
    - mptcp: pm: do not remove closing subflows
    - device-dax: correct pgoff align in dax_set_mapping() (CVE-2024-50022)
    - nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
    - kthread: unpark only parked kthread (CVE-2024-50019)
    - secretmem: disable memfd_secret() if arch cannot set direct map
    - net: ethernet: cortina: Restore TSO support
    - perf lock: Don't pass an ERR_PTR() directly to perf_session__delete()
    - block, bfq: fix uaf for accessing waker_bfqq after splitting
    (CVE-2024-49854)
    - Revert "iommu/vt-d: Retrieve IOMMU perfmon capability information"
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.114
    - btrfs: fix uninitialized pointer free in add_inode_ref() (CVE-2024-50088)
    - btrfs: fix uninitialized pointer free on read_alloc_one_name() error
    - ksmbd: fix user-after-free from session log off (CVE-2024-50086)
    - ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
    - mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (CVE-2024-50085)
    - udf: New directory iteration code
    - udf: Convert udf_expand_dir_adinicb() to new directory iteration
    - udf: Move udf_expand_dir_adinicb() to its callsite
    - udf: Implement searching for directory entry using new iteration code
    - udf: Provide function to mark entry as deleted using new directory
    iteration code
    - udf: Convert udf_rename() to new directory iteration code
    - udf: Convert udf_readdir() to new directory iteration
    - udf: Convert udf_lookup() to use new directory iteration code
    - udf: Convert udf_get_parent() to new directory iteration code
    - udf: Convert empty_dir() to new directory iteration code
    - udf: Convert udf_rmdir() to new directory iteration code
    - udf: Convert udf_unlink() to new directory iteration code
    - udf: Implement adding of dir entries using new iteration code
    - udf: Convert udf_add_nondir() to new directory iteration
    - udf: Convert udf_mkdir() to new directory iteration code
    - udf: Convert udf_link() to new directory iteration code
    - udf: Remove old directory iteration code
    - udf: Handle error when expanding directory
    - udf: Don't return bh from udf_expand_dir_adinicb()
    - net: enetc: remove xdp_drops statistic from enetc_xdp_drop()
    - net: enetc: add missing static descriptor and inline keyword
    - posix-clock: Fix missing timespec64 check in pc_clock_settime()
    - [arm64] probes: Remove broken LDR (literal) uprobe support
    - [arm64] probes: Fix simulate_ldr*_literal()
    - net: macb: Avoid 20s boot delay by skipping MDIO bus registration for
    fixed-link PHY
    - irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1
    - fat: fix uninitialized variable
    - mm/swapfile: skip HugeTLB pages for unuse_vma
    - devlink: drop the filter argument from devlinks_xa_find_get
    - devlink: bump the instance index directly when iterating
    - maple_tree: correct tree corruption on spanning store
    - drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
    (CVE-2024-39497)
    - [amd64] iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI
    devices
    - [s390x] sclp: Deactivate sclp after all its users
    - [s390x] sclp_vt220: Convert newlines to CRLF instead of LFCR
    - [s390x] KVM: s390: gaccess: Check if guest address is in memslot
    - [s390x] KVM: s390: Change virtual to physical address access in diag 0x258
    handler
    - [x86] cpufeatures: Define X86_FEATURE_AMD_IBPB_RET
    - [x86] cpufeatures: Add a IBPB_NO_RET BUG flag
    - [x86] entry: Have entry_ibpb() invalidate return predictions
    - [x86] bugs: Skip RSB fill at VMEXIT
    - [x86] bugs: Do not use UNTRAIN_RET with IBPB on entry
    - blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
    (CVE-2024-50082)
    - io_uring/sqpoll: close race on waiting for sqring entries
    - scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down
    - drm/radeon: Fix encoder->possible_clones
    - drm/vmwgfx: Handle surface check failure correctly
    - drm/amdgpu/swsmu: Only force workload setup on init
    - drm/amdgpu: prevent BO_HANDLES error from being overwritten
    - iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig
    - iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
    - iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig
    - iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - iio: hid-sensors: Fix an error handling path in
    _hid_sensor_set_report_latency()
    - iio: light: veml6030: fix ALS sensor resolution
    - iio: light: veml6030: fix IIO device retrieval from embedded device
    - iio: light: opt3001: add missing full-scale range value
    - iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig
    - iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in
    Kconfig
    - iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig
    - iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in
    Kconfig
    - Bluetooth: Call iso_exit() on module unload
    - Bluetooth: Remove debugfs directory on module init failure
    - Bluetooth: ISO: Fix multiple init when debugfs is disabled
    (CVE-2024-50077)
    - Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001
    - xhci: Fix incorrect stream context type macro
    - xhci: Mitigate failed set dequeue pointer commands
    - USB: serial: option: add support for Quectel EG916Q-GL
    - USB: serial: option: add Telit FN920C04 MBIM compositions
    - usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG
    - parport: Proper fix for array out-of-bounds access (CVE-2024-50074)
    - [x86] resctrl: Annotate get_mem_config() functions as __init
    - [x86] apic: Always explicitly disarm TSC-deadline timer
    - [x86] entry_32: Do not clobber user EFLAGS.ZF
    - [x86] entry_32: Clear CPU buffers after register restore in NMI return
    - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (CVE-2024-50073)
    - pinctrl: ocelot: fix system hang on level based interrupts
    - pinctrl: apple: check devm_kasprintf() returned value
    - irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
    - irqchip/sifive-plic: Unmask interrupt in plic_irq_enable()
    - tcp: fix mptcp DSS corruption due to large pmtu xmit (CVE-2024-50083)
    - mptcp: prevent MPC handshake on port-based signal endpoints
    - nilfs2: propagate directory read errors from nilfs_find_entry()
    - [powerpc*] 64: Add big-endian ELFv2 flavour to crypto VMX asm generation
    - ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne
    1000 G2
    - udf: Allocate name buffer in directory iterator on heap
    - udf: Avoid directory type conversion failure due to ENOMEM
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.115
    - bpf: Use raw_spinlock_t in ringbuf
    - iio: accel: bma400: Fix uninitialized variable field_value in tap event
    handling.
    - bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
    - bpf: devmap: provide rxq after redirect
    - bpf: Fix memory leak in bpf_core_apply
    - RDMA/bnxt_re: Fix incorrect AVID type in WQE structure
    - RDMA/bnxt_re: Add a check for memory allocation
    - [x86] resctrl: Avoid overflow in MB settings in bw_validate()
    - [armhf] dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin
    - [s390x] pci: Handle PCI error codes other than 0x3a
    - bpf: fix kfunc btf caching for modules
    - drm/vmwgfx: Handle possible ENOMEM in vmw_stdu_connector_atomic_check
    - ALSA: hda/cs8409: Fix possible NULL dereference
    - RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP
    - RDMA/irdma: Fix misspelling of "accept*"
    - RDMA/srpt: Make slab cache names unique
    - ipv4: give an IPv4 dev to blackhole_netdev
    - RDMA/bnxt_re: Return more meaningful error
    - RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
    - [arm64] drm/msm/dpu: make sure phys resources are properly initialized
    - [arm64] drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate
    calculation
    - [arm64] drm/msm: Avoid NULL dereference in msm_disp_state_print_regs()
    - [arm64] drm/msm: Allocate memory for disp snapshot with kvzalloc()
    - net: usb: usbnet: fix race in probe failure
    - drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring
    - macsec: don't increment counters for an unrelated SA
    - netdevsim: use cond_resched() in nsim_dev_trap_report_work()
    - net: ethernet: aeroflex: fix potential memory leak in
    greth_start_xmit_gbit()
    - net/smc: Fix searching in list of known pnetids in smc_pnet_add_pnetid
    - net: xilinx: axienet: fix potential memory leak in axienet_start_xmit()
    - net: systemport: fix potential memory leak in bcm_sysport_xmit()
    - [arm64] drm/msm/dpu: Wire up DSC mask for active CTL configuration
    - [arm64] drm/msm/dpu: don't always program merge_3d block
    - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
    - genetlink: hold RCU in genlmsg_mcast()
    - ravb: Remove setting of RX software timestamp
    - net: ravb: Only advertise Rx/Tx timestamps if hardware supports it
    - scsi: target: core: Fix null-ptr-deref in target_alloc_device()
    - smb: client: fix OOBs when building SMB2_IOCTL request
    - usb: typec: altmode should keep reference to parent
    - [s390x] Initialize psw mask in perf_arch_fetch_caller_regs()
    - Bluetooth: bnep: fix wild-memory-access in proto_unregister
    - net/mlx5: Remove redundant cmdif revision check
    - net/mlx5: split mlx5_cmd_init() to probe and reload routines
    - net/mlx5: Fix command bitmask initialization
    - net/mlx5: Unregister notifier on eswitch init failure
    - bpf: Fix iter/task tid filtering
    - [arm64] uprobe fix the uprobe SWBP_INSN in big-endian
    - [arm64] probes: Fix uprobes for big-endian kernels
    - usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant
    - usb: gadget: f_uac2: fix non-newline-terminated function name
    - usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store
    - usb: gadget: Add function wakeup support
    - XHCI: Separate PORT and CAPs macros into dedicated file
    - [arm64,armhf] usb: dwc3: core: Fix system suspend on TI AM62 platforms
    - tty/serial: Make ->dcd_change()+uart_handle_dcd_change() status bool
    active
    - serial: Make uart_handle_cts_change() status param bool active
    - serial: imx: Update mctrl old_status on RTSD interrupt
    - block, bfq: fix procress reference leakage for bfqq in merge chain
    - exec: don't WARN for racy path_noexec check (CVE-2024-50010)
    - fs/ntfs3: Add more attributes checks in mi_enum_attr() (CVE-2023-45896)
    - [x86] drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape
    with real VLA
    - ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to
    default regs values
    - [arm64] ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit
    - [arm64] Force position-independent veneers
    - udf: refactor udf_current_aext() to handle error
    - udf: fix uninit-value use in udf_get_fileshortad
    - [x86] platform/x86: dell-sysman: add support for alienware products
    - jfs: Fix sanity check in dbMount
    - tracing: Consider the NULL character when validating the event length
    - xfrm: extract dst lookup parameters into a struct
    - xfrm: respect ip protocols rules criteria when performing dst lookups
    - be2net: fix potential memory leak in be_xmit()
    - net: plip: fix break; causing plip to never transmit
    - [arm64,armhf] net: dsa: mv88e6xxx: Fix error when setting port policy on
    mv88e6393x
    - netfilter: xtables: fix typo causing some targets not to load on IPv6
    - net: wwan: fix global oob in wwan_rtnl_policy
    - docs: net: reformat driver.rst from a list to sections
    - net: provide macros for commonly copied lockless queue stop/wake code
    - net/sched: adjust device watchdog timer to detect stopped queue at right
    time
    - net: fix races in netdev_tx_sent_queue()/dev_watchdog()
    - net: usb: usbnet: fix name regression
    - net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions
    created by classifiers
    - net: sched: fix use-after-free in taprio_change()
    - r8169: avoid unsolicited interrupts
    - posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
    - Bluetooth: SCO: Fix UAF on sco_sock_timeout
    - Bluetooth: ISO: Fix UAF on iso_sock_timeout
    - bpf,perf: Fix perf_event_detach_bpf_prog error handling
    - ASoC: dt-bindings: davinci-mcasp: Fix interrupts property
    - ASoC: dt-bindings: davinci-mcasp: Fix interrupt properties
    - ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)