Public bug reported:
SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.4.262 upstream stable release from git://git.kernel.org/ locking/ww_mutex/test: Fix potential workqueue corruption perf/core: Bail out early if the request AUX area is out of bound clocksource/drivers/timer-imx-gpt: Fix potential memory leak clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size wifi: mac80211_hwsim: fix clang-specific fortify warning wifi: mac80211: don't return unset power in ieee80211_get_tx_power() wifi: ath9k: fix clang-specific fortify warnings wifi: ath10k: fix clang-specific fortify warning net: annotate data-races around sk->sk_tx_queue_mapping net: annotate data-races around sk->sk_dst_pending_confirm wifi: ath10k: Don't touch the CE interrupt registers after power up Bluetooth: Fix double free in hci_conn_cleanup platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e drm/komeda: drop all currently held locks if deadlock happens drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL selftests/efivarfs: create-read: fix a resource leak crypto: pcrypt - Fix hungtask for PADATA_RESET RDMA/hfi1: Use FIELD_GET() to extract Link Width fs/jfs: Add check for negative db_l2nbperpage fs/jfs: Add validity check for db_maxag and db_agpref jfs: fix array-index-out-of-bounds in dbFindLeaf jfs: fix array-index-out-of-bounds in diAlloc ARM: 9320/1: fix stack depot IRQ stack filter ALSA: hda: Fix possible null-ptr-deref when assigning a stream PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields atm: iphase: Do PCI error checks on own line scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W tty: vcc: Add check for kstrdup() in vcc_probe() usb: gadget: f_ncm: Always set current gadget in ncm_bind() i2c: sun6i-p2wi: Prevent potential division by zero media: gspca: cpia1: shift-out-of-bounds in set_flicker media: vivid: avoid integer overflow gfs2: ignore negated quota changes media: cobalt: Use FIELD_GET() to extract Link Width drm/amd/display: Avoid NULL dereference of timing generator kgdb: Flush console before entering kgdb on panic ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings pwm: Fix double shift bug wifi: iwlwifi: Use FW rate for non-data frames NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO ipvlan: add ipvlan_route_v6_outbound() helper tty: Fix uninit-value access in ppp_sync_receive() net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() tipc: Fix kernel-infoleak due to uninitialized TLV value ppp: limit MRU to 64K xen/events: fix delayed eoi list handling ptp: annotate data-race around q->head and q->tail bonding: stop the device in bond_setup_by_slave() net: ethernet: cortina: Fix max RX frame define net: ethernet: cortina: Handle large frames net: ethernet: cortina: Fix MTU max setting netfilter: nf_conntrack_bridge: initialize err to 0 net: stmmac: Rework stmmac_rx() net: stmmac: fix rx budget limit check net/mlx5_core: Clean driver version and name net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors macvlan: Don't propagate promisc change to lower dev in passthru tools/power/turbostat: Fix a knl bug cifs: spnego: add ';' in HOST_KEY_LEN media: venus: hfi: add checks to perform sanity on queue pointers randstruct: Fix gcc-plugin performance mode to stay in group bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers x86/cpu/hygon: Fix the CPU topology evaluation for real KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space KVM: x86: Ignore MSR_AMD64_TW_CFG access audit: don't take task_lock() in audit_exe_compare() code path audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() hvc/xen: fix error path in xen_hvc_init() to always register frontend driver PCI/sysfs: Protect driver's D3cold preference from user space ACPI: resource: Do IRQ override on TongFang GMxXGxx mmc: meson-gx: Remove setting of CMD_CFG_ERROR genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware PCI: keystone: Don't discard .remove() callback PCI: keystone: Don't discard .probe() callback parisc/pdc: Add width field to struct pdc_model clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks mmc: vub300: fix an error code PM: hibernate: Use __get_safe_page() rather than touching the list PM: hibernate: Clean up sync_read handling in snapshot_write_next() btrfs: don't arbitrarily slow down delalloc if we're committing jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev quota: explicitly forbid quota files from being encrypted kernel/reboot: emergency_restart: Set correct system_state i2c: core: Run atomic i2c xfer when !preemptible mcb: fix error handling for different scenarios when parsing dmaengine: stm32-mdma: correct desc prep when channel running mm/cma: use nth_page() in place of direct struct page manipulation i3c: master: cdns: Fix reading status register parisc: Prevent booting 64-bit kernels on PA1.x machines parisc/pgtable: Do not drop upper 5 address bits of physical address ALSA: info: Fix potential deadlock at disconnection ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC serial: meson: remove redundant initialization of variable id tty: serial: meson: retrieve port FIFO size from DT serial: meson: Use platform_get_irq() to get the interrupt tty: serial: meson: fix hard LOCKUP on crtscts mode Bluetooth: btusb: add Realtek 8822CE to usb_device_id table Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 bluetooth: Add device 0bda:887b to device tables bluetooth: Add device 13d3:3571 to device tables Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE Revert ncsi: Propagate carrier gain/loss events to the NCSI controller net: dsa: lan9303: consequently nested-lock physical MDIO i2c: i801: fix potential race in i801_block_transaction_byte_by_byte media: lirc: drop trailing space from scancode transmit media: sharp: fix sharp encoding media: venus: hfi_parser: Add check to keep the number of codecs within range media: venus: hfi: fix the check to handle session buffer requirement media: venus: hfi: add checks to handle capabilities from firmware nfsd: fix file memleak on client_opens_release ext4: apply umask if ACL support is disabled ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: correct return value of ext4_convert_meta_bg ext4: correct the start block of counting reserved clusters ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks drm/amdgpu: fix error handling in amdgpu_bo_list_get() tracing: Have trace_event_file have ref counters netfilter: nf_tables: pass context to nft_set_destroy() netfilter: nftables: rename set element data activation/deactivation functions netfilter: nf_tables: drop map element references from preparation phase netfilter: nft_set_rbtree: Switch to node list walk for overlap detection netfilter: nft_set_rbtree: fix null deref on element insertion netfilter: nft_set_rbtree: fix overlap expiration walk netfilter: nf_tables: don't skip expired elements during walk netfilter: nf_tables: GC transaction API to avoid race with control plane netfilter: nf_tables: adapt set backend to use GC transaction API netfilter: nft_set_hash: mark set element as dead when deleting from packet path netfilter: nf_tables: remove busy mark and gc batch API netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path netfilter: nf_tables: GC transaction race with netns dismantle netfilter: nf_tables: GC transaction race with abort path netfilter: nf_tables: use correct lock to protect gc_list netfilter: nf_tables: defer gc run if previous batch is still pending netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration netfilter: nf_tables: fix memleak when more than 255 elements expired netfilter: nf_tables: unregister flowtable hooks on netns exit netfilter: nf_tables: double hook unregistration in netns path netfilter: nftables: update table flags from the commit phase netfilter: nf_tables: fix table flag updates netfilter: nf_tables: disable toggling dormant table state more than once netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4) Linux 5.4.262 UBUNTU: Upstream stable to v5.4.262 ** Affects: linux (Ubuntu) Importance: Undecided Status: Invalid ** Affects: linux (Ubuntu Focal) Importance: Medium Assignee: Manuel Diewald (diewald) Status: In Progress ** Tags: kernel-stable-tracking-bug ** Changed in: linux (Ubuntu) Status: New => Confirmed ** Tags added: kernel-stable-tracking-bug ** Also affects: linux (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: linux (Ubuntu) Status: Confirmed => Invalid ** Changed in: linux (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Focal) Status: New => In Progress ** Changed in: linux (Ubuntu Focal) Assignee: (unassigned) => Manuel Diewald (diewald) ** Description changed: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.4.262 upstream stable release from git://git.kernel.org/ - + locking/ww_mutex/test: Fix potential workqueue corruption + perf/core: Bail out early if the request AUX area is out of bound + clocksource/drivers/timer-imx-gpt: Fix potential memory leak + clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware + x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size + wifi: mac80211_hwsim: fix clang-specific fortify warning + wifi: mac80211: don't return unset power in ieee80211_get_tx_power() + wifi: ath9k: fix clang-specific fortify warnings + wifi: ath10k: fix clang-specific fortify warning + net: annotate data-races around sk->sk_tx_queue_mapping + net: annotate data-races around sk->sk_dst_pending_confirm + wifi: ath10k: Don't touch the CE interrupt registers after power up + Bluetooth: Fix double free in hci_conn_cleanup + platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e + drm/komeda: drop all currently held locks if deadlock happens + drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 + drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga + drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL + selftests/efivarfs: create-read: fix a resource leak + crypto: pcrypt - Fix hungtask for PADATA_RESET + RDMA/hfi1: Use FIELD_GET() to extract Link Width + fs/jfs: Add check for negative db_l2nbperpage + fs/jfs: Add validity check for db_maxag and db_agpref + jfs: fix array-index-out-of-bounds in dbFindLeaf + jfs: fix array-index-out-of-bounds in diAlloc + ARM: 9320/1: fix stack depot IRQ stack filter + ALSA: hda: Fix possible null-ptr-deref when assigning a stream + PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields + atm: iphase: Do PCI error checks on own line + scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() + HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W + tty: vcc: Add check for kstrdup() in vcc_probe() + usb: gadget: f_ncm: Always set current gadget in ncm_bind() + i2c: sun6i-p2wi: Prevent potential division by zero + media: gspca: cpia1: shift-out-of-bounds in set_flicker + media: vivid: avoid integer overflow + gfs2: ignore negated quota changes + media: cobalt: Use FIELD_GET() to extract Link Width + drm/amd/display: Avoid NULL dereference of timing generator + kgdb: Flush console before entering kgdb on panic + ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings + pwm: Fix double shift bug + wifi: iwlwifi: Use FW rate for non-data frames + NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO + ipvlan: add ipvlan_route_v6_outbound() helper + tty: Fix uninit-value access in ppp_sync_receive() + net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() + tipc: Fix kernel-infoleak due to uninitialized TLV value + ppp: limit MRU to 64K + xen/events: fix delayed eoi list handling + ptp: annotate data-race around q->head and q->tail + bonding: stop the device in bond_setup_by_slave() + net: ethernet: cortina: Fix max RX frame define + net: ethernet: cortina: Handle large frames + net: ethernet: cortina: Fix MTU max setting + netfilter: nf_conntrack_bridge: initialize err to 0 + net: stmmac: Rework stmmac_rx() + net: stmmac: fix rx budget limit check + net/mlx5_core: Clean driver version and name + net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors + macvlan: Don't propagate promisc change to lower dev in passthru + tools/power/turbostat: Fix a knl bug + cifs: spnego: add ';' in HOST_KEY_LEN + media: venus: hfi: add checks to perform sanity on queue pointers + randstruct: Fix gcc-plugin performance mode to stay in group + bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END + scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers + x86/cpu/hygon: Fix the CPU topology evaluation for real + KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space + KVM: x86: Ignore MSR_AMD64_TW_CFG access + audit: don't take task_lock() in audit_exe_compare() code path + audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() + hvc/xen: fix error path in xen_hvc_init() to always register frontend driver + PCI/sysfs: Protect driver's D3cold preference from user space + ACPI: resource: Do IRQ override on TongFang GMxXGxx + mmc: meson-gx: Remove setting of CMD_CFG_ERROR + genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware + PCI: keystone: Don't discard .remove() callback + PCI: keystone: Don't discard .probe() callback + parisc/pdc: Add width field to struct pdc_model + clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks + mmc: vub300: fix an error code + PM: hibernate: Use __get_safe_page() rather than touching the list + PM: hibernate: Clean up sync_read handling in snapshot_write_next() + btrfs: don't arbitrarily slow down delalloc if we're committing + jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev + quota: explicitly forbid quota files from being encrypted + kernel/reboot: emergency_restart: Set correct system_state + i2c: core: Run atomic i2c xfer when !preemptible + mcb: fix error handling for different scenarios when parsing + dmaengine: stm32-mdma: correct desc prep when channel running + mm/cma: use nth_page() in place of direct struct page manipulation + i3c: master: cdns: Fix reading status register + parisc: Prevent booting 64-bit kernels on PA1.x machines + parisc/pgtable: Do not drop upper 5 address bits of physical address + ALSA: info: Fix potential deadlock at disconnection + ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC + serial: meson: remove redundant initialization of variable id + tty: serial: meson: retrieve port FIFO size from DT + serial: meson: Use platform_get_irq() to get the interrupt + tty: serial: meson: fix hard LOCKUP on crtscts mode + Bluetooth: btusb: add Realtek 8822CE to usb_device_id table + Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 + bluetooth: Add device 0bda:887b to device tables + bluetooth: Add device 13d3:3571 to device tables + Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables + Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE + Revert ncsi: Propagate carrier gain/loss events to the NCSI controller + net: dsa: lan9303: consequently nested-lock physical MDIO + i2c: i801: fix potential race in i801_block_transaction_byte_by_byte + media: lirc: drop trailing space from scancode transmit + media: sharp: fix sharp encoding + media: venus: hfi_parser: Add check to keep the number of codecs within range + media: venus: hfi: fix the check to handle session buffer requirement + media: venus: hfi: add checks to handle capabilities from firmware + nfsd: fix file memleak on client_opens_release + ext4: apply umask if ACL support is disabled + ext4: correct offset of gdb backup in non meta_bg group to update_backups + ext4: correct return value of ext4_convert_meta_bg + ext4: correct the start block of counting reserved clusters + ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks + drm/amdgpu: fix error handling in amdgpu_bo_list_get() + tracing: Have trace_event_file have ref counters + netfilter: nf_tables: pass context to nft_set_destroy() + netfilter: nftables: rename set element data activation/deactivation functions + netfilter: nf_tables: drop map element references from preparation phase + netfilter: nft_set_rbtree: Switch to node list walk for overlap detection + netfilter: nft_set_rbtree: fix null deref on element insertion + netfilter: nft_set_rbtree: fix overlap expiration walk + netfilter: nf_tables: don't skip expired elements during walk + netfilter: nf_tables: GC transaction API to avoid race with control plane + netfilter: nf_tables: adapt set backend to use GC transaction API + netfilter: nft_set_hash: mark set element as dead when deleting from packet path + netfilter: nf_tables: remove busy mark and gc batch API + netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path + netfilter: nf_tables: GC transaction race with netns dismantle + netfilter: nf_tables: GC transaction race with abort path + netfilter: nf_tables: use correct lock to protect gc_list + netfilter: nf_tables: defer gc run if previous batch is still pending + netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction + netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention + netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration + netfilter: nf_tables: fix memleak when more than 255 elements expired + netfilter: nf_tables: unregister flowtable hooks on netns exit + netfilter: nf_tables: double hook unregistration in netns path + netfilter: nftables: update table flags from the commit phase + netfilter: nf_tables: fix table flag updates + netfilter: nf_tables: disable toggling dormant table state more than once + netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4) Linux 5.4.262 - netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4) - netfilter: nf_tables: disable toggling dormant table state more than once - netfilter: nf_tables: fix table flag updates - netfilter: nftables: update table flags from the commit phase - netfilter: nf_tables: double hook unregistration in netns path - netfilter: nf_tables: unregister flowtable hooks on netns exit - netfilter: nf_tables: fix memleak when more than 255 elements expired - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration - netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction - netfilter: nf_tables: defer gc run if previous batch is still pending - netfilter: nf_tables: use correct lock to protect gc_list - netfilter: nf_tables: GC transaction race with abort path - netfilter: nf_tables: GC transaction race with netns dismantle - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path - netfilter: nf_tables: remove busy mark and gc batch API - netfilter: nft_set_hash: mark set element as dead when deleting from packet path - netfilter: nf_tables: adapt set backend to use GC transaction API - netfilter: nf_tables: GC transaction API to avoid race with control plane - netfilter: nf_tables: don't skip expired elements during walk - netfilter: nft_set_rbtree: fix overlap expiration walk - netfilter: nft_set_rbtree: fix null deref on element insertion - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection - netfilter: nf_tables: drop map element references from preparation phase - netfilter: nftables: rename set element data activation/deactivation functions - netfilter: nf_tables: pass context to nft_set_destroy() - tracing: Have trace_event_file have ref counters - drm/amdgpu: fix error handling in amdgpu_bo_list_get() - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks - ext4: correct the start block of counting reserved clusters - ext4: correct return value of ext4_convert_meta_bg - ext4: correct offset of gdb backup in non meta_bg group to update_backups - ext4: apply umask if ACL support is disabled - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E" - nfsd: fix file memleak on client_opens_release - media: venus: hfi: add checks to handle capabilities from firmware - media: venus: hfi: fix the check to handle session buffer requirement - media: venus: hfi_parser: Add check to keep the number of codecs within range - media: sharp: fix sharp encoding - media: lirc: drop trailing space from scancode transmit - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte - net: dsa: lan9303: consequently nested-lock physical MDIO - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables - bluetooth: Add device 13d3:3571 to device tables - bluetooth: Add device 0bda:887b to device tables - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 - Bluetooth: btusb: add Realtek 8822CE to usb_device_id table - Bluetooth: btusb: Add flag to define wideband speech capability - tty: serial: meson: fix hard LOCKUP on crtscts mode - serial: meson: Use platform_get_irq() to get the interrupt - tty: serial: meson: retrieve port FIFO size from DT - serial: meson: remove redundant initialization of variable id - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC - ALSA: info: Fix potential deadlock at disconnection - parisc/pgtable: Do not drop upper 5 address bits of physical address - parisc: Prevent booting 64-bit kernels on PA1.x machines - i3c: master: cdns: Fix reading status register - mm/cma: use nth_page() in place of direct struct page manipulation - dmaengine: stm32-mdma: correct desc prep when channel running - mcb: fix error handling for different scenarios when parsing - i2c: core: Run atomic i2c xfer when !preemptible - kernel/reboot: emergency_restart: Set correct system_state - quota: explicitly forbid quota files from being encrypted - jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev - btrfs: don't arbitrarily slow down delalloc if we're committing - PM: hibernate: Clean up sync_read handling in snapshot_write_next() - PM: hibernate: Use __get_safe_page() rather than touching the list - mmc: vub300: fix an error code - clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks - parisc/pdc: Add width field to struct pdc_model - PCI: keystone: Don't discard .probe() callback - PCI: keystone: Don't discard .remove() callback - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware - mmc: meson-gx: Remove setting of CMD_CFG_ERROR - ACPI: resource: Do IRQ override on TongFang GMxXGxx - PCI/sysfs: Protect driver's D3cold preference from user space - hvc/xen: fix error path in xen_hvc_init() to always register frontend driver - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() - audit: don't take task_lock() in audit_exe_compare() code path - KVM: x86: Ignore MSR_AMD64_TW_CFG access - KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space - x86/cpu/hygon: Fix the CPU topology evaluation for real - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END - randstruct: Fix gcc-plugin performance mode to stay in group - media: venus: hfi: add checks to perform sanity on queue pointers - cifs: spnego: add ';' in HOST_KEY_LEN - tools/power/turbostat: Fix a knl bug - macvlan: Don't propagate promisc change to lower dev in passthru - net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors - net/mlx5_core: Clean driver version and name - net/mlx5e: fix double free of encap_header - net: stmmac: fix rx budget limit check - net: stmmac: Rework stmmac_rx() - netfilter: nf_conntrack_bridge: initialize err to 0 - net: ethernet: cortina: Fix MTU max setting - net: ethernet: cortina: Handle large frames - net: ethernet: cortina: Fix max RX frame define - bonding: stop the device in bond_setup_by_slave() - ptp: annotate data-race around q->head and q->tail - xen/events: fix delayed eoi list handling - ppp: limit MRU to 64K - tipc: Fix kernel-infoleak due to uninitialized TLV value - net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() - tty: Fix uninit-value access in ppp_sync_receive() - ipvlan: add ipvlan_route_v6_outbound() helper - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO - wifi: iwlwifi: Use FW rate for non-data frames - pwm: Fix double shift bug - ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings - kgdb: Flush console before entering kgdb on panic - drm/amd/display: Avoid NULL dereference of timing generator - media: cobalt: Use FIELD_GET() to extract Link Width - gfs2: ignore negated quota changes - media: vivid: avoid integer overflow - media: gspca: cpia1: shift-out-of-bounds in set_flicker - i2c: sun6i-p2wi: Prevent potential division by zero - usb: gadget: f_ncm: Always set current gadget in ncm_bind() - tty: vcc: Add check for kstrdup() in vcc_probe() - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() - atm: iphase: Do PCI error checks on own line - PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields - ALSA: hda: Fix possible null-ptr-deref when assigning a stream - ARM: 9320/1: fix stack depot IRQ stack filter - jfs: fix array-index-out-of-bounds in diAlloc - jfs: fix array-index-out-of-bounds in dbFindLeaf - fs/jfs: Add validity check for db_maxag and db_agpref - fs/jfs: Add check for negative db_l2nbperpage - RDMA/hfi1: Use FIELD_GET() to extract Link Width - crypto: pcrypt - Fix hungtask for PADATA_RESET - selftests/efivarfs: create-read: fix a resource leak - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 - drm/komeda: drop all currently held locks if deadlock happens - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e - Bluetooth: Fix double free in hci_conn_cleanup - wifi: ath10k: Don't touch the CE interrupt registers after power up - net: annotate data-races around sk->sk_dst_pending_confirm - net: annotate data-races around sk->sk_tx_queue_mapping - wifi: ath10k: fix clang-specific fortify warning - wifi: ath9k: fix clang-specific fortify warnings - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() - wifi: mac80211_hwsim: fix clang-specific fortify warning - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware - clocksource/drivers/timer-imx-gpt: Fix potential memory leak - perf/core: Bail out early if the request AUX area is out of bound - locking/ww_mutex/test: Fix potential workqueue corruption + UBUNTU: Upstream stable to v5.4.262 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2049069 Title: Focal update: v5.4.262 upstream stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Focal: In Progress Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v5.4.262 upstream stable release from git://git.kernel.org/ locking/ww_mutex/test: Fix potential workqueue corruption perf/core: Bail out early if the request AUX area is out of bound clocksource/drivers/timer-imx-gpt: Fix potential memory leak clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size wifi: mac80211_hwsim: fix clang-specific fortify warning wifi: mac80211: don't return unset power in ieee80211_get_tx_power() wifi: ath9k: fix clang-specific fortify warnings wifi: ath10k: fix clang-specific fortify warning net: annotate data-races around sk->sk_tx_queue_mapping net: annotate data-races around sk->sk_dst_pending_confirm wifi: ath10k: Don't touch the CE interrupt registers after power up Bluetooth: Fix double free in hci_conn_cleanup platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e drm/komeda: drop all currently held locks if deadlock happens drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL selftests/efivarfs: create-read: fix a resource leak crypto: pcrypt - Fix hungtask for PADATA_RESET RDMA/hfi1: Use FIELD_GET() to extract Link Width fs/jfs: Add check for negative db_l2nbperpage fs/jfs: Add validity check for db_maxag and db_agpref jfs: fix array-index-out-of-bounds in dbFindLeaf jfs: fix array-index-out-of-bounds in diAlloc ARM: 9320/1: fix stack depot IRQ stack filter ALSA: hda: Fix possible null-ptr-deref when assigning a stream PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields atm: iphase: Do PCI error checks on own line scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W tty: vcc: Add check for kstrdup() in vcc_probe() usb: gadget: f_ncm: Always set current gadget in ncm_bind() i2c: sun6i-p2wi: Prevent potential division by zero media: gspca: cpia1: shift-out-of-bounds in set_flicker media: vivid: avoid integer overflow gfs2: ignore negated quota changes media: cobalt: Use FIELD_GET() to extract Link Width drm/amd/display: Avoid NULL dereference of timing generator kgdb: Flush console before entering kgdb on panic ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings pwm: Fix double shift bug wifi: iwlwifi: Use FW rate for non-data frames NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO ipvlan: add ipvlan_route_v6_outbound() helper tty: Fix uninit-value access in ppp_sync_receive() net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() tipc: Fix kernel-infoleak due to uninitialized TLV value ppp: limit MRU to 64K xen/events: fix delayed eoi list handling ptp: annotate data-race around q->head and q->tail bonding: stop the device in bond_setup_by_slave() net: ethernet: cortina: Fix max RX frame define net: ethernet: cortina: Handle large frames net: ethernet: cortina: Fix MTU max setting netfilter: nf_conntrack_bridge: initialize err to 0 net: stmmac: Rework stmmac_rx() net: stmmac: fix rx budget limit check net/mlx5_core: Clean driver version and name net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors macvlan: Don't propagate promisc change to lower dev in passthru tools/power/turbostat: Fix a knl bug cifs: spnego: add ';' in HOST_KEY_LEN media: venus: hfi: add checks to perform sanity on queue pointers randstruct: Fix gcc-plugin performance mode to stay in group bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers x86/cpu/hygon: Fix the CPU topology evaluation for real KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space KVM: x86: Ignore MSR_AMD64_TW_CFG access audit: don't take task_lock() in audit_exe_compare() code path audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() hvc/xen: fix error path in xen_hvc_init() to always register frontend driver PCI/sysfs: Protect driver's D3cold preference from user space ACPI: resource: Do IRQ override on TongFang GMxXGxx mmc: meson-gx: Remove setting of CMD_CFG_ERROR genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware PCI: keystone: Don't discard .remove() callback PCI: keystone: Don't discard .probe() callback parisc/pdc: Add width field to struct pdc_model clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks mmc: vub300: fix an error code PM: hibernate: Use __get_safe_page() rather than touching the list PM: hibernate: Clean up sync_read handling in snapshot_write_next() btrfs: don't arbitrarily slow down delalloc if we're committing jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev quota: explicitly forbid quota files from being encrypted kernel/reboot: emergency_restart: Set correct system_state i2c: core: Run atomic i2c xfer when !preemptible mcb: fix error handling for different scenarios when parsing dmaengine: stm32-mdma: correct desc prep when channel running mm/cma: use nth_page() in place of direct struct page manipulation i3c: master: cdns: Fix reading status register parisc: Prevent booting 64-bit kernels on PA1.x machines parisc/pgtable: Do not drop upper 5 address bits of physical address ALSA: info: Fix potential deadlock at disconnection ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC serial: meson: remove redundant initialization of variable id tty: serial: meson: retrieve port FIFO size from DT serial: meson: Use platform_get_irq() to get the interrupt tty: serial: meson: fix hard LOCKUP on crtscts mode Bluetooth: btusb: add Realtek 8822CE to usb_device_id table Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 bluetooth: Add device 0bda:887b to device tables bluetooth: Add device 13d3:3571 to device tables Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE Revert ncsi: Propagate carrier gain/loss events to the NCSI controller net: dsa: lan9303: consequently nested-lock physical MDIO i2c: i801: fix potential race in i801_block_transaction_byte_by_byte media: lirc: drop trailing space from scancode transmit media: sharp: fix sharp encoding media: venus: hfi_parser: Add check to keep the number of codecs within range media: venus: hfi: fix the check to handle session buffer requirement media: venus: hfi: add checks to handle capabilities from firmware nfsd: fix file memleak on client_opens_release ext4: apply umask if ACL support is disabled ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: correct return value of ext4_convert_meta_bg ext4: correct the start block of counting reserved clusters ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks drm/amdgpu: fix error handling in amdgpu_bo_list_get() tracing: Have trace_event_file have ref counters netfilter: nf_tables: pass context to nft_set_destroy() netfilter: nftables: rename set element data activation/deactivation functions netfilter: nf_tables: drop map element references from preparation phase netfilter: nft_set_rbtree: Switch to node list walk for overlap detection netfilter: nft_set_rbtree: fix null deref on element insertion netfilter: nft_set_rbtree: fix overlap expiration walk netfilter: nf_tables: don't skip expired elements during walk netfilter: nf_tables: GC transaction API to avoid race with control plane netfilter: nf_tables: adapt set backend to use GC transaction API netfilter: nft_set_hash: mark set element as dead when deleting from packet path netfilter: nf_tables: remove busy mark and gc batch API netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path netfilter: nf_tables: GC transaction race with netns dismantle netfilter: nf_tables: GC transaction race with abort path netfilter: nf_tables: use correct lock to protect gc_list netfilter: nf_tables: defer gc run if previous batch is still pending netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration netfilter: nf_tables: fix memleak when more than 255 elements expired netfilter: nf_tables: unregister flowtable hooks on netns exit netfilter: nf_tables: double hook unregistration in netns path netfilter: nftables: update table flags from the commit phase netfilter: nf_tables: fix table flag updates netfilter: nf_tables: disable toggling dormant table state more than once netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4) Linux 5.4.262 UBUNTU: Upstream stable to v5.4.262 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2049069/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp