1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted linux-signed-i386 6.1.115+1 (source) into proposed-updates (1/

    From Debian FTP Masters@21:1/5 to All on Sat Nov 2 13:50:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Fri, 01 Nov 2024 05:23:37 +0100
    Source: linux-signed-i386
    Architecture: source
    Version: 6.1.115+1
    Distribution: bookworm-proposed-updates
    Urgency: medium
    Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Changes:
    linux-signed-i386 (6.1.115+1) bookworm; urgency=medium
    .
    * Sign kernel from linux 6.1.115-1
    .
    * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.113
    - wifi: rtw88: always wait for both firmware loading attempts
    (CVE-2024-47718)
    - crypto: xor - fix template benchmarking
    - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe()
    - wifi: ath9k: fix parameter check in ath9k_init_debug()
    - wifi: ath9k: Remove error checks when creating debugfs entries
    - wifi: rtw88: remove CPT execution branch never used
    - fs/namespace: fnic: Switch to use %ptTd
    - mount: handle OOM on mnt_warn_timestamp_expiry
    - drivers/perf: Fix ali_drw_pmu driver interrupt status clearing
    (CVE-2024-47731)
    - wifi: mac80211: don't use rate mask for offchannel TX either
    (CVE-2024-47738)
    - wifi: iwlwifi: mvm: increase the time between ranging measurements
    - ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE
    - ACPICA: executer/exsystem: Don't nag user about every Stall() violating
    the spec
    - padata: Honor the caller's alignment in case of chunk_size 0
    - drivers/perf: hisi_pcie: Record hardware counts correctly
    - can: j1939: use correct function name in comment
    - ACPI: CPPC: Fix MASK_VAL() usage
    - netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire
    - netfilter: nf_tables: reject element expiration with no timeout
    - netfilter: nf_tables: reject expiration higher than timeout
    - netfilter: nf_tables: remove annotation to access set timeout while
    holding lock
    - [arm64] perf/arm-cmn: Rework DTC counters (again)
    - [arm64] perf/arm-cmn: Improve debugfs pretty-printing for large configs
    - [arm64] perf/arm-cmn: Refactor node ID handling. Again.
    - [arm64] perf/arm-cmn: Ensure dtm_idx is big enough
    - cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately
    - [x86] sgx: Fix deadlock in SGX NUMA node search (CVE-2024-49856)
    - crypto: hisilicon/hpre - enable sva error interrupt event
    - crypto: hisilicon/hpre - mask cluster timeout error
    - crypto: hisilicon/qm - fix coding style issues
    - crypto: hisilicon/qm - reset device before enabling it
    - crypto: hisilicon/qm - inject error before stopping queue (CVE-2024-47730)
    - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan()
    - wifi: mt76: mt7915: fix rx filter setting for bfee functionality
    - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors
    - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()
    (CVE-2024-47713)
    - wifi: wilc1000: fix potential RCU dereference issue in
    wilc_parse_join_bss_param (CVE-2024-47712)
    - Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED
    - Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL
    - sock_map: Add a cond_resched() in sock_hash_free()
    - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().
    (CVE-2024-47709)
    - can: m_can: Remove repeated check for is_peripheral
    - can: m_can: enable NAPI before enabling interrupts
    - can: m_can: m_can_close(): stop clocks after device has been shut down
    - Bluetooth: btusb: Fix not handling ZPL/short-transfer
    - bareudp: Pull inner IP header in bareudp_udp_encap_recv().
    - bareudp: Pull inner IP header on xmit.
    - net: enetc: Use IRQF_NO_AUTOEN flag in request_irq()
    - r8169: disable ALDPS per default for RTL8125
    - net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input
    - net: tipc: avoid possible garbage value
    - ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
    (CVE-2024-47707)
    - nbd: fix race between timeout and normal completion (CVE-2024-49855)
    - block, bfq: fix possible UAF for bfqq->bic with merge chain
    (CVE-2024-47706)
    - block, bfq: choose the last bfqq from merge chain in
    bfq_setup_cooperator()
    - block, bfq: don't break merge chain in bfq_split_bfqq()
    - block: print symbolic error name instead of error code
    - block: fix potential invalid pointer dereference in blk_add_partition
    (CVE-2024-47705)
    - spi: ppc4xx: handle irq_of_parse_and_map() errors
    - [arm64] dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB
    - firmware: arm_scmi: Fix double free in OPTEE transport (CVE-2024-49853)
    - spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ
    - regulator: Return actual error in of_regulator_bulk_get_all()
    - [arm64] dts: renesas: r9a07g043u: Correct GICD and GICR sizes
    - [arm64] dts: renesas: r9a07g054: Correct GICD and GICR sizes
    - [arm64] dts: renesas: r9a07g044: Correct GICD and GICR sizes
    - [arm64] dts: ti: k3-j721e-sk: Fix reversed C6x carveout locations
    - reset: berlin: fix OF node leak in probe() error path
    - reset: k210: fix OF node leak in probe() error path
    - clocksource/drivers/qcom: Add missing iounmap() on errors in
    msm_dt_timer_init()
    - ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error
    - ALSA: hda: cs35l41: fix module autoloading
    - hwmon: (max16065) Fix overflows seen when writing limits
    - i2c: Add i2c_get_match_data()
    - hwmon: (max16065) Remove use of i2c_match_id()
    - hwmon: (max16065) Fix alarm attributes
    - mtd: slram: insert break after errors in parsing the map
    - hwmon: (ntc_thermistor) fix module autoloading
    - power: supply: axp20x_battery: Remove design from min and max voltage
    - power: supply: max17042_battery: Fix SOC threshold calc w/ no current
    sense
    - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe()
    - [amd64] iommu/amd: Do not set the D bit on AMD v2 table entries
    - mtd: powernv: Add check devm_kasprintf() returned value
    - rcu/nocb: Fix RT throttling hrtimer armed from offline CPU
    - mtd: rawnand: mtk: Use for_each_child_of_node_scoped()
    - mtd: rawnand: mtk: Factorize out the logic cleaning mtk chips
    - mtd: rawnand: mtk: Fix init error path
    - pmdomain: core: Harden inter-column space in debug summary
    - drm/stm: Fix an error handling path in stm_drm_platform_probe()
    - drm/stm: ltdc: check memory returned by devm_kzalloc()
    - drm/amd/display: Add null check for set_output_gamma in
    dcn30_set_output_transfer_func (CVE-2024-47720)
    - drm/amdgpu: Replace one-element array with flexible-array member
    - drm/amdgpu: properly handle vbios fake edid sizing
    - drm/radeon: Replace one-element array with flexible-array member
    - drm/radeon: properly handle vbios fake edid sizing
    - scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly
    - scsi: NCR5380: Check for phase match during PDMA fixup
    - drm/amd/amdgpu: Properly tune the size of struct
    - drm/rockchip: vop: Allow 4096px width scaling
    - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode
    - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets
    - drm/bridge: lontium-lt8912b: Validate mode in
    drm_bridge_funcs::mode_valid()
    - drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get
    - scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()
    (CVE-2024-49852)
    - jfs: fix out-of-bounds in dbNextAG() and diAlloc()
    - drm/mediatek: Fix missing configuration flags in mtk_crtc_ddp_config()
    - drm/mediatek: Use spin_lock_irqsave() for CRTC event lock
    - [powerpc*] 8xx: Fix initial memory mapping
    - [powerpc*] 8xx: Fix kernel vs user address comparison
    - drm/msm: Fix incorrect file name output in adreno_request_fw()
    - drm/msm/a5xx: disable preemption in submits by default
    - drm/msm/a5xx: properly clear preemption records on resume
    - drm/msm/a5xx: fix races in preemption evaluation stage
    - drm/msm/a5xx: workaround early ring-buffer emptiness check
    - ipmi: docs: don't advertise deprecated sysfs entries
    - drm/msm: fix %s null argument error
    - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind()
    - xen: use correct end address of kernel for conflict checking
    - HID: wacom: Support sequence numbers smaller than 16-bit
    - HID: wacom: Do not warn about dropped packets for first packet
    - xen/swiotlb: add alignment check for dma buffers
    - xen/swiotlb: fix allocated size
    - tpm: Clean up TPM space after command failure (CVE-2024-49851)
    - bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos
    (CVE-2024-49850)
    - xz: cleanup CRC32 edits from 2018
    - kthread: fix task state in kthread worker if being frozen
    - ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard
    - smackfs: Use rcu_assign_pointer() to ensure safe assignment in
    smk_set_cipso
    - ext4: avoid buffer_head leak in ext4_mark_inode_used()
    - ext4: avoid potential buffer_head leak in __ext4_new_inode()
    - ext4: avoid negative min_clusters in find_group_orlov()
    - ext4: return error on ext4_find_inline_entry
    - ext4: avoid OOB when system.data xattr changes underneath the filesystem
    (CVE-2024-47701)
    - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()
    (CVE-2024-47699)
    - nilfs2: determine empty node blocks as corrupted
    - nilfs2: fix potential oob read in nilfs_btree_check_delete()
    (CVE-2024-47757)
    - bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit
    - bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types
    - bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error
    (CVE-2024-47728)
    - perf mem: Free the allocated sort string, fixing a leak
    - perf inject: Fix leader sampling inserting additional samples
    - perf sched timehist: Fix missing free of session in perf_sched__timehist()
    - perf stat: Display iostat headers correctly
    - perf sched timehist: Fixed timestamp error when unable to confirm event
    sched_in time
    - perf time-utils: Fix 32-bit nsec parsing
    - clk: imx: composite-8m: Less function calls in __imx8m_clk_hw_composite()
    after error detection
    - clk: imx: composite-8m: Enable gate clk with mcore_booted
    - clk: imx: composite-7ulp: Check the PCC present bit
    - clk: imx: fracn-gppll: support integer pll
    - clk: imx: fracn-gppll: fix fractional part of PLL getting lost
    - clk: imx: imx8mp: fix clock tree update of TF-A managed clocks
    - clk: imx: imx8qxp: Register dc0_bypass0_clk before disp clk
    - clk: imx: imx8qxp: Parent should be initialized earlier than the clock
    - remoteproc: imx_rproc: Correct ddr alias for i.MX8M
    - remoteproc: imx_rproc: Initialize workqueue earlier
    - clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228
    - Input: ilitek_ts_i2c - avoid wrong input subsystem sync
    - Input: ilitek_ts_i2c - add report id message validation
    - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
    (CVE-2024-47698)
    - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
    (CVE-2024-47697)
    - PCI/PM: Increase wait time after resume
    - PCI/PM: Drop pci_bridge_wait_for_secondary_bus() timeout parameter
    - PCI: Wait for Link before restoring Downstream Buses
    - PCI: keystone: Fix if-statement expression in ks_pcie_quirk()
    (CVE-2024-47756)
    - clk: qcom: dispcc-sm8250: use special function for Lucid 5LPE PLL
    - nvdimm: Fix devs leaks in scan_labels()
    - PCI: xilinx-nwl: Fix register misspelling
    - PCI: xilinx-nwl: Clean up clock on probe failure/removal
    - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
    (CVE-2024-47696)
    - pinctrl: single: fix missing error code in pcs_probe()
    - RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer
    - RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (CVE-2024-47695)
    - clk: ti: dra7-atl: Fix leak of of_nodes
    - nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire
    - nfsd: fix refcount leak when file is unhashed after being found
    - pinctrl: mvebu: Use devm_platform_get_and_ioremap_resource()
    - pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function
    - IB/core: Fix ib_cache_setup_one error flow cleanup (CVE-2024-47693)
    - PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()
    (CVE-2024-47751)
    - RDMA/erdma: Return QP state in erdma_query_qp
    - watchdog: imx_sc_wdt: Don't disable WDT in suspend
    - [arm64] RDMA/hns: Don't modify rq next block addr in HIP09 QPC
    - [arm64] RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (CVE-2024-47750)
    - [arm64] RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range()
    - [arm64] RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled
    - [arm64] RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler
    - [arm64] RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS
    - [arm64] RDMA/hns: Optimize hem allocation performance
    - RDMA/cxgb4: Added NULL check for lookup_atid (CVE-2024-47749)
    - RDMA/irdma: fix error message in irdma_modify_qp_roce()
    - ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()
    - ntb_perf: Fix printk format
    - ntb: Force physically contiguous allocation of rx ring buffers
    - nfsd: call cache_put if xdr_reserve_space returns NULL (CVE-2024-47737)
    - nfsd: return -EINVAL when namelen is 0 (CVE-2024-47692)
    - f2fs: fix to update i_ctime in __f2fs_setxattr()
    - f2fs: remove unneeded check condition in __f2fs_setxattr()
    - f2fs: reduce expensive checkpoint trigger frequency
    - f2fs: factor the read/write tracing logic into a helper
    - f2fs: fix to avoid racing in between read and OPU dio write
    - f2fs: fix to wait page writeback before setting gcing flag
    - f2fs: atomic: fix to truncate pagecache before on-disk metadata truncation
    - f2fs: clean up w/ dotdot_name
    - f2fs: get rid of online repaire on corrupted directory (CVE-2024-47690)
    - spi: atmel-quadspi: Undo runtime PM changes at driver exit time
    - spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time
    - lib/sbitmap: define swap_lock as raw_spinlock_t
    - nvme-multipath: system fails to create generic nvme device
    - iio: adc: ad7606: fix oversampling gpio array
    - iio: adc: ad7606: fix standby gpio state to match the documentation
    - ABI: testing: fix admv8818 attr description
    - iio: chemical: bme680: Fix read/write ops to device by adding mutexes
    - iio: magnetometer: ak8975: Convert enum->pointer for data in the match
    tables
    - iio: magnetometer: ak8975: drop incorrect AK09116 compatible
    - dt-bindings: iio: asahi-kasei,ak8975: drop incorrect AK09116 compatible
    - coresight: tmc: sg: Do not leak sg_table
    - cxl/pci: Break out range register decoding from cxl_hdm_decode_init()
    - cxl/pci: Fix to record only non-zero ranges
    - vdpa: Add eventfd for the vdpa callback
    - vhost_vdpa: assign irq bypass producer token correctly (CVE-2024-47748)
    - ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (CVE-2024-47686)
    - Revert "dm: requeue IO if mapping table not yet available"
    - net: xilinx: axienet: Schedule NAPI in two steps
    - net: xilinx: axienet: Fix packet counting
    - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (CVE-2024-47685)
    - net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race
    Condition (CVE-2024-47747)
    - net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL
    - tcp: check skb is non-NULL in tcp_rto_delta_us() (CVE-2024-47684)
    - net: qrtr: Update packets cloning when broadcasting
    - bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
    (CVE-2024-47734)
    - net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled
    - netfilter: nf_tables: Keep deleted flowtable hooks until after RCU
    - netfilter: ctnetlink: compile ctnetlink_label_size with
    CONFIG_NF_CONNTRACK_EVENTS
    - io_uring/sqpoll: do not allow pinning outside of cpuset
    - drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination
    - io_uring/io-wq: do not allow pinning outside of cpuset
    - io_uring/io-wq: inherit cpuset of cgroup in io worker
    - vfio/pci: fix potential memory leak in vfio_intx_enable() (CVE-2024-38632)
    - selinux,smack: don't bypass permissions check in inode_setsecctx hook
    (CVE-2024-46695)
    - drm/vmwgfx: Prevent unmapping active read buffers (CVE-2024-46710)
    - io_uring/sqpoll: retain test for whether the CPU is valid
    - io_uring/sqpoll: do not put cpumask on stack
    - Remove *.orig pattern from .gitignore
    - PCI: imx6: Fix missing call to phy_power_off() in error handling
    - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler
    - ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error
    - soc: versatile: integrator: fix OF node leak in probe() error path
    - Revert "media: tuners: fix error return code of
    hybrid_tuner_request_state()"
    - Input: adp5588-keys - fix check on return code
    - Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table
    - Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table
    - Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line
    - [x86] KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits
    - [x86] KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode()
    - drm/amd/display: Skip Recompute DSC Params if no Stream on Link
    (CVE-2024-47683)
    - drm/amd/display: Round calculated vtotal
    - drm/amd/display: Validate backlight caps are sane
    - KEYS: prevent NULL pointer dereference in find_asymmetric_key()
    (CVE-2024-47743)
    - fs: Create a generic is_dot_dotdot() utility
    - ksmbd: make __dir_empty() compatible with POSIX
    - ksmbd: allow write with FILE_APPEND_DATA
    - ksmbd: handle caseless file creation
    - scsi: sd: Fix off-by-one error in sd_read_block_characteristics()
    (CVE-2024-47682)
    - scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages
    - scsi: mac_scsi: Refactor polling loop
    - scsi: mac_scsi: Disallow bus errors during PDMA send
    - usbnet: fix cyclical race on disconnect with work queue
    - [arm64] dts: mediatek: mt8195-cherry: Mark USB 3.0 on xhci1 as disabled
    - USB: appledisplay: close race between probe and completion handler
    - USB: misc: cypress_cy7c63: check for short transfer
    - USB: class: CDC-ACM: fix race between get_serial and set_serial
    - usb: cdnsp: Fix incorrect usb_request status
    - usb: dwc2: drd: fix clock gating on USB role switch
    - bus: integrator-lm: fix OF node leak in probe()
    - bus: mhi: host: pci_generic: Fix the name for the Telit FE990A
    - firmware_loader: Block path traversal (CVE-2024-47742)
    - tty: rp2: Fix reset with non forgiving PCIe host bridges
    - xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them.
    - crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure
    - drbd: Fix atomicity violation in drbd_uuid_set_bm()
    - drbd: Add NULL check for net_conf to prevent dereference in state
    validation
    - ACPI: sysfs: validate return type of _STR method (CVE-2024-49860)
    - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
    - efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption
    (CVE-2024-49858)
    - perf/x86/intel/pt: Fix sampling synchronization
    - wifi: rtw88: 8822c: Fix reported RX band width
    - wifi: mt76: mt7615: check devm_kasprintf() returned value
    - debugobjects: Fix conditions in fill_pool()
    - f2fs: fix several potential integer overflows in file offsets
    - f2fs: prevent possible int overflow in dir_block_index()
    - f2fs: avoid potential int overflow in sanity_check_area_boundary()
    - f2fs: fix to check atomic_file in f2fs ioctl interfaces (CVE-2024-49859)
    - hwrng: mtk - Use devm_pm_runtime_enable
    - hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init
    - hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume
    - [arm64] dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency
    - [arm64] dts: rockchip: Correct the Pinebook Pro battery design capacity
    - vfs: fix race between evice_inodes() and find_inode()&iput()
    - fs: Fix file_set_fowner LSM hook inconsistencies
    - nfs: fix memory leak in error path of nfs4_do_reclaim
    - EDAC/igen6: Fix conversion of system address to physical memory address
    - padata: use integer wrap around to prevent deadlock on seq_nr overflow
    (CVE-2024-47739)
    - soc: versatile: realview: fix memory leak during device remove
    - soc: versatile: realview: fix soc_dev leak during device remove
    - [powerpc*] 64: Option to build big-endian with ELFv2 ABI
    - [powerpc*] 64: Add support to build with prefixed instructions
    - [powerpc*] atomic: Use YZ constraints for DS-form instructions
    - usb: yurex: Replace snprintf() with the safer scnprintf() variant
    - USB: misc: yurex: fix race between read and write
    - xhci: fix event ring segment table related masks and variables in header
    - xhci: remove xhci_test_trb_in_td_math early development check
    - xhci: Refactor interrupter code for initial multi interrupter support.
    - xhci: Preserve RsvdP bits in ERSTBA register correctly
    - xhci: Add a quirk for writing ERST in high-low order
    - usb: xhci: fix loss of data on Cadence xHC
    - pps: remove usage of the deprecated ida_simple_xx() API
    - pps: add an error check in parport_attach
    - [x86] idtentry: Incorporate definitions/declarations of the FRED entries
    - [x86] entry: Remove unwanted instrumentation in common_interrupt()
    - mm/filemap: return early if failed to allocate memory for split
    - lib/xarray: introduce a new helper xas_get_order
    - mm/filemap: optimize filemap folio adding
    - icmp: Add counters for rate limits
    - icmp: change the order of rate limits (CVE-2024-47678)
    - bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0
    - lockdep: fix deadlock issue between lockdep and rcu
    - mm: only enforce minimum stack gap size if it's sensible
    - module: Fix KCOV-ignored file name
    - mm/damon/vaddr: protect vma traversal in __damon_va_thre_regions() with
    rcu read lock
    - i2c: aspeed: Update the stop sw state when the bus recovery occurs
    - i2c: isch: Add missed 'else'
    - usb: yurex: Fix inconsistent locking bug in yurex_read()
    - perf/arm-cmn: Fail DTC counter allocation correctly
    - iio: magnetometer: ak8975: Fix 'Unexpected device' error
    - [powerpc*] Allow CONFIG_PPC64_BIG_ENDIAN_ELF_ABI_V2 with ld.lld 15+
    - PCI/PM: Mark devices disconnected if upstream PCIe link is down on resume
    - [x86*] tdx: Fix "in-kernel MMIO" check (CVE-2024-47727)
    - static_call: Handle module init failure correctly in
    static_call_del_module() (CVE-2024-50002)
    - static_call: Replace pointless WARN_ON() in static_call_module_notify()
    - jump_label: Simplify and clarify static_key_fast_inc_cpus_locked()
    - jump_label: Fix static_key_slow_dec() yet again
    - scsi: pm8001: Do not overwrite PCI queue mapping
    - mailbox: rockchip: fix a typo in module autoloading
    - mailbox: bcm2835: Fix timeout during suspend mode (CVE-2024-49963)
    - ceph: remove the incorrect Fw reference check when dirtying pages
    - ieee802154: Fix build error
    - net: sparx5: Fix invalid timestamps
    - net/mlx5: Fix error path in multi-packet WQE transmit (CVE-2024-50001)
    - net/mlx5: Added cond_resched() to crdump collection
    - net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (CVE-2024-50000)
    - netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED
    - net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq()
    - net: wwan: qcom_bam_dmux: Fix missing pm_runtime_disable()
    - netfilter: nf_tables: prevent nf_skb_duplicated corruption
    (CVE-2024-49952)
    - Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq()
    - net: ethernet: lantiq_etop: fix memory disclosure (CVE-2024-49997)
    - net: avoid potential underflow in qdisc_pkt_len_init() with UFO
    - net: add more sanity checks to qdisc_pkt_len_init() (CVE-2024-49948)
    - net: stmmac: dwmac4: extend timeout for VLAN Tag register busy bit check
    - ipv4: ip_gre: Fix drops of small packets in ipgre_xmit
    - ppp: do not assume bh is held in ppp_channel_bridge_input()
    (CVE-2024-49946)
    - fsdax,xfs: port unshare to fsdax
    - iomap: constrain the file range passed to iomap_file_unshare
    - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
    (CVE-2024-49944)
    - i2c: xiic: improve error message when transfer fails to start
    - i2c: xiic: Try re-initialization on bus busy timeout
    - loop: don't set QUEUE_FLAG_NOMERGES
    - Bluetooth: hci_sock: Fix not validating setsockopt user input
    (CVE-2024-35963)
    - media: usbtv: Remove useless locks in usbtv_video_free() (CVE-2024-27072)
    - ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is
    uninitialized
    - ALSA: mixer_oss: Remove some incorrect kfree_const() usages
    - ALSA: hda/realtek: Fix the push button function for the ALC257
    - ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs
    - ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m
    - ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin
    - f2fs: Require FMODE_WRITE for atomic write ioctls (CVE-2024-47740)
    - wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats()
    - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit
    - ice: Adjust over allocation of memory in ice_sched_add_root_node() and
    ice_sched_add_node()
    - wifi: iwlwifi: mvm: Fix a race in scan abort flow
    - wifi: cfg80211: Set correct chandef when starting CAC (CVE-2024-49937)
    - net/xen-netback: prevent UAF in xenvif_flush_hash() (CVE-2024-49936)
    - net: hisilicon: hip04: fix OF node leak in probe()
    - net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info()
    - net: hisilicon: hns_mdio: fix OF node leak in probe()
    - ACPI: PAD: fix crash in exit_round_robin() (CVE-2024-49935)
    - ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails
    - ACPICA: Fix memory leak if acpi_ps_get_next_field() fails
    - wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable
    - net: sched: consistently use rcu_replace_pointer() in taprio_change()
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122
    - ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18
    - blk_iocost: fix more out of bound shifts (CVE-2024-49933)
    - nvme-pci: qdepth 1 quirk
    - wifi: ath11k: fix array out-of-bound access in SoC stats (CVE-2024-49930)
    - wifi: rtw88: select WANT_DEV_COREDUMP
    - ACPI: EC: Do not release locks during operation region accesses
    - ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in
    acpi_db_convert_to_package()
    - tipc: guard against string buffer overrun (CVE-2024-49995)
    - net: mvpp2: Increase size of queue_name buffer
    - bnxt_en: Extend maximum length of version string by 1 byte
    - ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR).
    - wifi: rtw89: correct base HT rate mask for firmware
    - ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
    - net: atlantic: Avoid warning about potential string truncation
    - crypto: simd - Do not call crypto_alloc_tfm during registration
    - tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process
    - wifi: mac80211: fix RCU list iterations
    - ACPICA: iasl: handle empty connection_node
    - proc: add config & param to block forcing mem writes
    - wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker
    - wifi: mwifiex: Fix memcpy() field-spanning write warning in
    mwifiex_cmd_802_11_scan_ext()
    - nfp: Use IRQF_NO_AUTOEN flag in request_irq()
    - ALSA: usb-audio: Add input value sanity checks for standard types
    - [x86] ioapic: Handle allocation failures gracefully (CVE-2024-49927)
    - ALSA: usb-audio: Define macros for quirk table entries
    - ALSA: usb-audio: Replace complex quirk lines with macros
    - ALSA: usb-audio: Add logitech Audio profile quirk
    - ASoC: codecs: wsa883x: Handle reading version failure
    - [x86] kexec: Add EFI config table identity mapping for kexec kernel
    - ALSA: asihpi: Fix potential OOB array access (CVE-2024-50007)
    - ALSA: hdsp: Break infinite MIDI input flush loop
    - [x86] syscall: Avoid memcpy() for ia32 syscall_get_arguments()
    - fbdev: pxafb: Fix possible use after free in pxafb_task() (CVE-2024-49924)
    - rcuscale: Provide clear error when async specified without primitives
    - [arm64] iommu/arm-smmu-qcom: hide last LPASS SMMU context bank from linux
    - power: reset: brcmstb: Do not go into infinite loop if reset fails
    - [amd64] iommu/vt-d: Always reserve a domain ID for identity setup
    - [amd64] iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0
    count (CVE-2024-49993)
    - drm/stm: Avoid use-after-free issues with crtc and plane (CVE-2024-49992)
    - drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit
    - drm/amd/display: Add null check for top_pipe_to_program in
    commit_planes_for_stream (CVE-2024-49913)
    - ata: pata_serverworks: Do not use the term blacklist
    - ata: sata_sil: Rename sil_blacklist to sil_quirks
    - drm/amd/display: Handle null 'stream_status' in
    'planes_changed_for_existing_stream' (CVE-2024-49912)
    - drm/amd/display: Check null pointers before using dc->clk_mgr
    (CVE-2024-49907)
    - drm/amd/display: Add null check for 'afb' in
    amdgpu_dm_plane_handle_cursor_update (v2)
    - jfs: UBSAN: shift-out-of-bounds in dbFindBits
    - jfs: Fix uaf in dbFreeBits (CVE-2024-49903)
    - jfs: check if leafidx greater than num leaves per dmap tree
    (CVE-2024-49902)
    - scsi: smartpqi: correct stream detection
    - jfs: Fix uninit-value access of new_ea in ea_buffer (CVE-2024-49900)
    - drm/amdgpu: add raven1 gfxoff quirk
    - drm/amdgpu: enable gfxoff quirk on HP 705G4
    - HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio
    - [x86] platform/x86: touchscreen_dmi: add nanote-next quirk
    - drm/stm: ltdc: reset plane transparency after plane disable
    - drm/amd/display: Check stream before comparing them (CVE-2024-49896)
    - drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format
    translation (CVE-2024-49895)
    - drm/amd/display: Fix index out of bounds in degamma hardware format
    translation (CVE-2024-49894)
    - drm/amd/display: Fix index out of bounds in DCN30 color transformation
    (CVE-2024-49969)
    - drm/amd/display: Initialize get_bytes_per_element's default to 1
    (CVE-2024-49892)
    - drm/printer: Allow NULL data in devcoredump printer

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)