Public bug reported:
SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.15.151 upstream stable release from git://git.kernel.org/ netfilter: nf_tables: disallow timeout for anonymous sets mtd: spinand: gigadevice: Fix the get ecc status issue netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter net: ip_tunnel: prevent perpetual headroom growth tun: Fix xdp_rxq_info's queue_index when detaching cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back net: veth: clear GRO when clearing XDP even when down ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected net: enable memcg accounting for veth queues veth: try harder when allocating queue memory net: usb: dm9601: fix wrong return value in dm9601_mdio_read uapi: in6: replace temporary label with rfc9486 stmmac: Clear variable when destroying workqueue Bluetooth: Avoid potential use-after-free in hci_error_reset Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() netfilter: nfnetlink_queue: silence bogus compiler warning netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook netfilter: make function op structures const netfilter: let reset rules clean out conntrack entries netfilter: bridge: confirm multicast packets before passing them up the stack rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back igb: extend PTP timestamp adjustments to i211 tls: rx: don't store the record type in socket context tls: rx: don't store the decryption status in socket context tls: rx: don't issue wake ups when data is decrypted tls: rx: refactor decrypt_skb_update() tls: hw: rx: use return value of tls_device_decrypted() to carry status tls: rx: drop unnecessary arguments from tls_setup_from_iter() tls: rx: don't report text length from the bowels of decrypt tls: rx: wrap decryption arguments in a structure tls: rx: factor out writing ContentType to cmsg tls: rx: don't track the async count tls: rx: move counting TlsDecryptErrors for sync tls: rx: assume crypto always calls our callback tls: rx: use async as an in-out argument tls: decrement decrypt_pending if no async completion will be called efi/capsule-loader: fix incorrect allocation size power: supply: bq27xxx-i2c: Do not free non existing IRQ ALSA: Drop leftover snd-rtctimer stuff from Makefile fbcon: always restore the old font data in fbcon_do_set_font() afs: Fix endless loop in directory parsing riscv: Sparse-Memory/vmemmap out-of-bounds fix tomoyo: fix UAF write bug in tomoyo_write_control() ALSA: firewire-lib: fix to check cycle continuity gtp: fix use-after-free and null-ptr-deref in gtp_newlink() wifi: nl80211: reject iftype change with mesh ID change btrfs: dev-replace: properly validate device names dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read dmaengine: ptdma: use consistent DMA masks dmaengine: fsl-qdma: init irq after reg initialization mmc: core: Fix eMMC initialization with 1-bit bus connection mmc: sdhci-xenon: add timeout for PHY init complete mmc: sdhci-xenon: fix PHY init clock stability pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers mptcp: move __mptcp_error_report in protocol.c mptcp: process pending subflow error on close mptcp: rename timer related helper to less confusing names selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 mptcp: clean up harmless false expressions mptcp: add needs_id for netlink appending addr mptcp: push at DSS boundaries mptcp: fix possible deadlock in subflow diag cachefiles: fix memory leak in cachefiles_add_cache() fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Revert "drm/bridge: lt8912b: Register and attach our DSI device at probe" af_unix: Drop oob_skb ref before purging queue in GC. gpio: 74x164: Enable output pins after registers are reset gpiolib: Fix the error path order in gpiochip_add_data_with_key() gpio: fix resource unwinding order in error path Revert "interconnect: Fix locking for runpm vs reclaim" Revert "interconnect: Teach lockdep about icc_bw_lock order" bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup bpf: Add table ID to bpf_fib_lookup BPF helper bpf: Derive source IP addr via bpf_*_fib_lookup() net: tls: fix async vs NIC crypto offload Revert "tls: rx: move counting TlsDecryptErrors for sync" mptcp: fix double-free on socket dismantle Linux 5.15.151 UBUNTU: Upstream stable to v5.15.151 ** Affects: linux (Ubuntu) Importance: Undecided Status: Invalid ** Affects: linux (Ubuntu Jammy) Importance: Medium Assignee: Manuel Diewald (diewald) Status: In Progress ** Tags: kernel-stable-tracking-bug ** Changed in: linux (Ubuntu) Status: New => Confirmed ** Tags added: kernel-stable-tracking-bug ** Also affects: linux (Ubuntu Jammy) Importance: Undecided Status: New ** Changed in: linux (Ubuntu) Status: Confirmed => Invalid ** Changed in: linux (Ubuntu Jammy) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Jammy) Status: New => In Progress ** Changed in: linux (Ubuntu Jammy) Assignee: (unassigned) => Manuel Diewald (diewald) ** Description changed: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.15.151 upstream stable release from git://git.kernel.org/ - + netfilter: nf_tables: disallow timeout for anonymous sets + mtd: spinand: gigadevice: Fix the get ecc status issue + netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter + net: ip_tunnel: prevent perpetual headroom growth + tun: Fix xdp_rxq_info's queue_index when detaching + cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back + net: veth: clear GRO when clearing XDP even when down + ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() + lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected + net: enable memcg accounting for veth queues + veth: try harder when allocating queue memory + net: usb: dm9601: fix wrong return value in dm9601_mdio_read + uapi: in6: replace temporary label with rfc9486 + stmmac: Clear variable when destroying workqueue + Bluetooth: Avoid potential use-after-free in hci_error_reset + Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR + Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST + netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() + netfilter: nfnetlink_queue: silence bogus compiler warning + netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook + netfilter: make function op structures const + netfilter: let reset rules clean out conntrack entries + netfilter: bridge: confirm multicast packets before passing them up the stack + rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back + igb: extend PTP timestamp adjustments to i211 + tls: rx: don't store the record type in socket context + tls: rx: don't store the decryption status in socket context + tls: rx: don't issue wake ups when data is decrypted + tls: rx: refactor decrypt_skb_update() + tls: hw: rx: use return value of tls_device_decrypted() to carry status + tls: rx: drop unnecessary arguments from tls_setup_from_iter() + tls: rx: don't report text length from the bowels of decrypt + tls: rx: wrap decryption arguments in a structure + tls: rx: factor out writing ContentType to cmsg + tls: rx: don't track the async count + tls: rx: move counting TlsDecryptErrors for sync + tls: rx: assume crypto always calls our callback + tls: rx: use async as an in-out argument + tls: decrement decrypt_pending if no async completion will be called + efi/capsule-loader: fix incorrect allocation size + power: supply: bq27xxx-i2c: Do not free non existing IRQ + ALSA: Drop leftover snd-rtctimer stuff from Makefile + fbcon: always restore the old font data in fbcon_do_set_font() + afs: Fix endless loop in directory parsing + riscv: Sparse-Memory/vmemmap out-of-bounds fix + tomoyo: fix UAF write bug in tomoyo_write_control() + ALSA: firewire-lib: fix to check cycle continuity + gtp: fix use-after-free and null-ptr-deref in gtp_newlink() + wifi: nl80211: reject iftype change with mesh ID change + btrfs: dev-replace: properly validate device names + dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read + dmaengine: ptdma: use consistent DMA masks + dmaengine: fsl-qdma: init irq after reg initialization + mmc: core: Fix eMMC initialization with 1-bit bus connection + mmc: sdhci-xenon: add timeout for PHY init complete + mmc: sdhci-xenon: fix PHY init clock stability + pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation + x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers + mptcp: move __mptcp_error_report in protocol.c + mptcp: process pending subflow error on close + mptcp: rename timer related helper to less confusing names + selftests: mptcp: add missing kconfig for NF Filter + selftests: mptcp: add missing kconfig for NF Filter in v6 + mptcp: clean up harmless false expressions + mptcp: add needs_id for netlink appending addr + mptcp: push at DSS boundaries + mptcp: fix possible deadlock in subflow diag + cachefiles: fix memory leak in cachefiles_add_cache() + fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super + Revert "drm/bridge: lt8912b: Register and attach our DSI device at probe" + af_unix: Drop oob_skb ref before purging queue in GC. + gpio: 74x164: Enable output pins after registers are reset + gpiolib: Fix the error path order in gpiochip_add_data_with_key() + gpio: fix resource unwinding order in error path + Revert "interconnect: Fix locking for runpm vs reclaim" + Revert "interconnect: Teach lockdep about icc_bw_lock order" + bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup + bpf: Add table ID to bpf_fib_lookup BPF helper + bpf: Derive source IP addr via bpf_*_fib_lookup() + net: tls: fix async vs NIC crypto offload + Revert "tls: rx: move counting TlsDecryptErrors for sync" + mptcp: fix double-free on socket dismantle Linux 5.15.151 - mptcp: fix double-free on socket dismantle - Revert "tls: rx: move counting TlsDecryptErrors for sync" - net: tls: fix async vs NIC crypto offload - bpf: Derive source IP addr via bpf_*_fib_lookup() - bpf: Add table ID to bpf_fib_lookup BPF helper - bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup - Revert "interconnect: Teach lockdep about icc_bw_lock order" - Revert "interconnect: Fix locking for runpm vs reclaim" - gpio: fix resource unwinding order in error path - gpiolib: Fix the error path order in gpiochip_add_data_with_key() - gpio: 74x164: Enable output pins after registers are reset - af_unix: Drop oob_skb ref before purging queue in GC. - Revert "drm/bridge: lt8912b: Register and attach our DSI device at probe" - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super - cachefiles: fix memory leak in cachefiles_add_cache() - mptcp: fix possible deadlock in subflow diag - mptcp: push at DSS boundaries - mptcp: add needs_id for netlink appending addr - mptcp: clean up harmless false expressions - selftests: mptcp: add missing kconfig for NF Filter in v6 - selftests: mptcp: add missing kconfig for NF Filter - mptcp: rename timer related helper to less confusing names - mptcp: process pending subflow error on close - mptcp: move __mptcp_error_report in protocol.c - x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers - pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation - mmc: sdhci-xenon: fix PHY init clock stability - mmc: sdhci-xenon: add timeout for PHY init complete - mmc: core: Fix eMMC initialization with 1-bit bus connection - dmaengine: fsl-qdma: init irq after reg initialization - dmaengine: ptdma: use consistent DMA masks - dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read - btrfs: dev-replace: properly validate device names - wifi: nl80211: reject iftype change with mesh ID change - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() - ALSA: firewire-lib: fix to check cycle continuity - tomoyo: fix UAF write bug in tomoyo_write_control() - riscv: Sparse-Memory/vmemmap out-of-bounds fix - afs: Fix endless loop in directory parsing - fbcon: always restore the old font data in fbcon_do_set_font() - ALSA: Drop leftover snd-rtctimer stuff from Makefile - power: supply: bq27xxx-i2c: Do not free non existing IRQ - efi/capsule-loader: fix incorrect allocation size - tls: decrement decrypt_pending if no async completion will be called - tls: rx: use async as an in-out argument - tls: rx: assume crypto always calls our callback - tls: rx: move counting TlsDecryptErrors for sync - tls: rx: don't track the async count - tls: rx: factor out writing ContentType to cmsg - tls: rx: wrap decryption arguments in a structure - tls: rx: don't report text length from the bowels of decrypt - tls: rx: drop unnecessary arguments from tls_setup_from_iter() - tls: hw: rx: use return value of tls_device_decrypted() to carry status - tls: rx: refactor decrypt_skb_update() - tls: rx: don't issue wake ups when data is decrypted - tls: rx: don't store the decryption status in socket context - tls: rx: don't store the record type in socket context - igb: extend PTP timestamp adjustments to i211 - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back - netfilter: bridge: confirm multicast packets before passing them up the stack - netfilter: let reset rules clean out conntrack entries - netfilter: make function op structures const - netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook - netfilter: nfnetlink_queue: silence bogus compiler warning - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() - Bluetooth: Enforce validation on max value of connection interval - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR - Bluetooth: Avoid potential use-after-free in hci_error_reset - stmmac: Clear variable when destroying workqueue - uapi: in6: replace temporary label with rfc9486 - net: usb: dm9601: fix wrong return value in dm9601_mdio_read - veth: try harder when allocating queue memory - net: enable memcg accounting for veth queues - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() - net: veth: clear GRO when clearing XDP even when down - cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back - tun: Fix xdp_rxq_info's queue_index when detaching - net: ip_tunnel: prevent perpetual headroom growth - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter - mtd: spinand: gigadevice: Fix the get ecc status issue - netfilter: nf_tables: disallow timeout for anonymous sets + UBUNTU: Upstream stable to v5.15.151 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2060209 Title: Jammy update: v5.15.151 upstream stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: In Progress Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.15.151 upstream stable release from git://git.kernel.org/ netfilter: nf_tables: disallow timeout for anonymous sets mtd: spinand: gigadevice: Fix the get ecc status issue netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter net: ip_tunnel: prevent perpetual headroom growth tun: Fix xdp_rxq_info's queue_index when detaching cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back net: veth: clear GRO when clearing XDP even when down ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected net: enable memcg accounting for veth queues veth: try harder when allocating queue memory net: usb: dm9601: fix wrong return value in dm9601_mdio_read uapi: in6: replace temporary label with rfc9486 stmmac: Clear variable when destroying workqueue Bluetooth: Avoid potential use-after-free in hci_error_reset Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() netfilter: nfnetlink_queue: silence bogus compiler warning netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook netfilter: make function op structures const netfilter: let reset rules clean out conntrack entries netfilter: bridge: confirm multicast packets before passing them up the stack rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back igb: extend PTP timestamp adjustments to i211 tls: rx: don't store the record type in socket context tls: rx: don't store the decryption status in socket context tls: rx: don't issue wake ups when data is decrypted tls: rx: refactor decrypt_skb_update() tls: hw: rx: use return value of tls_device_decrypted() to carry status tls: rx: drop unnecessary arguments from tls_setup_from_iter() tls: rx: don't report text length from the bowels of decrypt tls: rx: wrap decryption arguments in a structure tls: rx: factor out writing ContentType to cmsg tls: rx: don't track the async count tls: rx: move counting TlsDecryptErrors for sync tls: rx: assume crypto always calls our callback tls: rx: use async as an in-out argument tls: decrement decrypt_pending if no async completion will be called efi/capsule-loader: fix incorrect allocation size power: supply: bq27xxx-i2c: Do not free non existing IRQ ALSA: Drop leftover snd-rtctimer stuff from Makefile fbcon: always restore the old font data in fbcon_do_set_font() afs: Fix endless loop in directory parsing riscv: Sparse-Memory/vmemmap out-of-bounds fix tomoyo: fix UAF write bug in tomoyo_write_control() ALSA: firewire-lib: fix to check cycle continuity gtp: fix use-after-free and null-ptr-deref in gtp_newlink() wifi: nl80211: reject iftype change with mesh ID change btrfs: dev-replace: properly validate device names dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read dmaengine: ptdma: use consistent DMA masks dmaengine: fsl-qdma: init irq after reg initialization mmc: core: Fix eMMC initialization with 1-bit bus connection mmc: sdhci-xenon: add timeout for PHY init complete mmc: sdhci-xenon: fix PHY init clock stability pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers mptcp: move __mptcp_error_report in protocol.c mptcp: process pending subflow error on close mptcp: rename timer related helper to less confusing names selftests: mptcp: add missing kconfig for NF Filter selftests: mptcp: add missing kconfig for NF Filter in v6 mptcp: clean up harmless false expressions mptcp: add needs_id for netlink appending addr mptcp: push at DSS boundaries mptcp: fix possible deadlock in subflow diag cachefiles: fix memory leak in cachefiles_add_cache() fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super Revert "drm/bridge: lt8912b: Register and attach our DSI device at probe" af_unix: Drop oob_skb ref before purging queue in GC. gpio: 74x164: Enable output pins after registers are reset gpiolib: Fix the error path order in gpiochip_add_data_with_key() gpio: fix resource unwinding order in error path Revert "interconnect: Fix locking for runpm vs reclaim" Revert "interconnect: Teach lockdep about icc_bw_lock order" bpf: Add BPF_FIB_LOOKUP_SKIP_NEIGH for bpf_fib_lookup bpf: Add table ID to bpf_fib_lookup BPF helper bpf: Derive source IP addr via bpf_*_fib_lookup() net: tls: fix async vs NIC crypto offload Revert "tls: rx: move counting TlsDecryptErrors for sync" mptcp: fix double-free on socket dismantle Linux 5.15.151 UBUNTU: Upstream stable to v5.15.151 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2060209/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp