Back to linux-5.10 PTS page

Accepted linux-5.10 5.10.216-1~deb10u1 (source) into oldoldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 06 May 2024 17:02:06 +0200
Source: linux-5.10
Architecture: source
Version: 5.10.216-1~deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Closes: 1064035
Changes:
 linux-5.10 (5.10.216-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster:
     - Change ABI number to 0.deb10.29
 .
 linux (5.10.216-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - spi: introduce SPI_MODE_X_MASK macro
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - [s390x] crypto: s390/aes - Fix buffer overread in CTR mode
     - bus: mhi: host: Drop chan lock before queuing buffers
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - [arm64] dts: qcom: sdm845: fix USB wakeup interrupt types
     - [arm64] dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mm: vmalloc: introduce array allocation functions
     - KVM: use __vcalloc for very large allocations
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
       (CVE-2024-23849)
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - net: mvpp2: clear BM pool before initialization
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - btrfs: don't abort filesystem when attempting to snapshot deleted
       subvolume
     - rbd: don't move requests to the running list on errors
     - exec: Fix error handling in begin_new_exec()
     - wifi: iwlwifi: fix a memory corruption
     - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress
       basechain
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock
       handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/tidss: Fix atomic_flush check
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - PM: sleep: Use dev_printk() when possible
     - PM: sleep: Avoid calling put_device() under dpm_list_mtx
     - PM: core: Remove unnecessary (void *) conversions
     - PM: sleep: Fix possible deadlocks in core system-wide PM code
     - fs/pipe: move check to pipe_has_watch_queue()
     - pipe: wakeup wr_wait after setting max_usage
     - [arm64] dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC
       interrupts
     - [arm64] dts: qcom: sc7180: fix USB wakeup interrupt types
     - mm: use __pfn_to_section() instead of open coding it
     - mm/sparsemem: fix race in accessing memory_section->usage
     - btrfs: remove err variable from btrfs_delete_subvolume
     - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume
       being deleted
     - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33]
     - [armhf] drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - [armhf] drm/exynos: gsc: minor fix for loop iteration in
       gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - [mips*] Call lose_fpu(0) before initializing fcr31 in
       mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - [x86] entry/ia32: Ensure s32 is sign extended to s64
     - [powerpc*] mm: Fix null-pointer dereference in pgtable_cache_add
     - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
     - [powerpc*] Fix build error due to is_valid_bugaddr()
     - [powerpc*] mm: Fix build failures due to arch_reserved_kernel_pages()
     - [x86] boot: Ignore NMIs during very early boot
     - [powerpc*] pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - [powerpc*] lib: Validate size for vector operations
     - [x86] mce: Mark fatal MCE's page as poison to avoid panic in the kdump
       kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - debugobjects: Stop accessing objects after releasing hash bucket lock
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
     - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
       events
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - jfs: fix uaf in jfs_evict_inode
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - [s390x] ptrace: handle setting of fpc register correctly
     - [s390x] KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - scsi: lpfc: Fix possible file string name overflow when updating firmware
     - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
     - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
     - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
     - wifi: ath9k: Fix potential array-index-out-of-bounds read in
       ath9k_htc_txstatus()
     - bpf: Add map and need_defer parameters to .map_fd_put_ptr()
     - scsi: libfc: Don't schedule abort twice
     - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
     - bpf: Set uattr->batch.count as zero before batched update or deletion
     - ionic: pass opcode to devcmd_wait
     - block/rnbd-srv: Check for unlikely string overflow
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error
       path
     - block: prevent an integer overflow in bvec_try_merge_hw_page
     - md: Whenassemble the array, consult the superblock of the freshest device
     - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
     - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
     - wifi: cfg80211: free beacon_ies when overridden from hidden BSS
     - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066
     - Bluetooth: L2CAP: Fix possible multiple reject send
     - i40e: Fix VF disable behavior to block all traffic
     - f2fs: fix to check return value of f2fs_reserve_new_block()
     - ALSA: hda: Refer to correct stream index at loops
     - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
     - fast_dput(): handle underflows gracefully
     - RDMA/IPoIB: Fix error code return in ipoib_mcast_join
     - drm/amd/display: Fix tiled display misalignment
     - f2fs: fix write pointers on zoned device after roll forward
     - drm/drm_file: fix use of uninitialized variable
     - drm/framebuffer: Fix use of uninitialized variable
     - drm/mipi-dsi: Fix detach call without attach
     - media: stk1160: Fixed high volume of stk1160_dbg messages
     - [x86] PCI: add INTEL_HDA_ARL to pci_ids.h
     - [x86] ALSA: hda: Intel: add HDA_ARL PCI ID support
     - [x86] ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL
     - [armhf] drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
       time
     - IB/ipoib: Fix mcast list locking
     - media: ddbridge: fix an error code problem in ddb_probe
     - [arm64] drm/msm/dpu: Ratelimit framedone timeout msgs
     - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
     - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
     - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786
     - drm/amdgpu: Let KFD sync with VM fences
     - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
     - leds: trigger: panic: Don't register panic notifier if creating the
       trigger failed
     - i3c: master: cdns: Update maximum prescaler value for i2c clock
     - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import
     - mfd: ti_am335x_tscadc: Fix TI SoC dependencies
     - PCI: Only override AMD USB controller if required
     - PCI: switchtec: Fix stdev_release() crash after surprise hot remove
     - usb: hub: Replace hardcoded quirk value with BIT() macro
     - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
     - fs/kernfs/dir: obey S_ISGID
     - PCI/AER: Decode Requester ID when no error info found
     - libsubcmd: Fix memory leak in uniq()
     - virtio_net: Fix "ā€˜%dā€™ directive writing between 1 and 11 bytes into a
       region of size 10" warnings
     - blk-mq: fix IO hang from sbitmap wakeup race
     - ceph: fix deadlock or deadcode of misusing dget()
     - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
       'get_platform_power_management_table()'
     - drm/amdgpu: Release 'adev->pm.fw' before return in
       'amdgpu_device_need_post()'
     - perf: Fix the nr_addr_filters fix
     - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
     - drm: using mul_u32_u32() requires linux/math64.h
     - scsi: isci: Fix an error code problem in isci_io_request_build()
     - scsi: core: Introduce enum scsi_disposition
     - scsi: core: Move scsi_host_busy() out of host lock for waking up EH
       handler
     - ip6_tunnel: use dev_sw_netstats_rx_add()
     - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
     - net-zerocopy: Refactor frag-is-remappable test.
     - tcp: add sanity checks to rx zerocopy
     - ixgbe: Remove non-inclusive language
     - ixgbe: Refactor returning internal error codes
     - ixgbe: Refactor overtemp event handling
     - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
     - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
     - llc: call sock_orphan() at release time
     - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
     - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom
       expectations
     - net: ipv4: fix a memleak in ip_setup_cork
     - af_unix: fix lockdep positive in sk_diag_dump_icons()
     - net: sysfs: Fix /sys/class/net/<iface> path
     - HID: apple: Add support for the 2021 Magic Keyboard
     - HID: apple: Add 2021 magic keyboard FN key mapping
     - bonding: remove print in bond_verify_device_path
     - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++
     - PM: sleep: Fix error handling in dpm_prepare()
     - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
     - dmaengine: ti: k3-udma: Report short packet errors
     - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
     - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
     - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
     - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
       (CVE-2024-26600)
     - [arm64] drm/msm/dp: return correct Colorimetry for
       DP_TEST_DYNAMIC_RANGE_CEA case
     - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
     - tunnels: fix out of bounds access when building IPv6 PMTU error
     - atm: idt77252: fix a memleak in open_card_ubr0
     - hwmon: (aspeed-pwm-tacho) mutex for tach reading
     - [x86] hwmon: (coretemp) Fix out-of-bounds memory access
     - [x86] hwmon: (coretemp) Fix bogus core_id to attr name mapping
     - inet: read sk->sk_family once in inet_recv_error()
     - rxrpc: Fix response to PING RESPONSE ACKs to a dead call
     - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
     - ppp_async: limit MRU to 64K
     - netfilter: nft_compat: reject unused compat flag
     - netfilter: nft_compat: restrict match/target protocol to u16
     - netfilter: nft_ct: reject direction for ct id
     - netfilter: nft_set_pipapo: store index in scratch maps
     - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
     - netfilter: nft_set_pipapo: remove scratch_aligned pointer
     - scsi: core: Move scsi_host_busy() out of host lock if it is for
       per-command
     - blk-iocost: Fix an UBSAN shift-out-of-bounds warning
     - net/af_iucv: clean up a try_then_request_module()
     - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
     - USB: serial: option: add Fibocom FM101-GL variant
     - USB: serial: cp210x: add ID for IMST iM871A-USB
     - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
     - hrtimer: Report offline hrtimer enqueue
     - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
     - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
     - clocksource: Skip watchdog check for large watchdog intervals
     - net: stmmac: xgmac: use #define for string constants
     - net: stmmac: xgmac: fix a typo of register name in DPP safety handling
     - netfilter: nft_set_rbtree: skip end interval element from gc
       (CVE-2024-26581)
     - btrfs: forbid creating subvol qgroups
     - btrfs: do not ASSERT() if the newly created subvolume already got read
       (CVE-2024-23850)
     - btrfs: forbid deleting live subvol qgroup
     - btrfs: send: return EOPNOTSUPP on unknown flags
     - of: unittest: Fix compile in the non-dynamic case
     - net: openvswitch: limit the number of recursions from action sets
       (CVE-2024-1151)
     - spi: ppc4xx: Drop write-only variable
     - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
     - net: sysfs: Fix /sys/class/net/<iface> path for statistics
     - [mips*] Add 'memory' clobber to csum_ipv6_magic() inline assembler
     - i40e: Fix waiting for queues of all VSIs to be disabled
     - tracing/trigger: Fix to return error if failed to alloc snapshot
     - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
     - ALSA: hda/realtek: Fix the external mic not being recognised for Acer
       Swift 1 SF114-32
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
     - HID: wacom: generic: Avoid reporting a serial of '0' to userspace
     - HID: wacom: Do not register input devices until after hid_hw_start
     - usb: ucsi_acpi: Fix command completion handling
     - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
     - usb: f_mass_storage: forbid async queue when shutdown happen
     - media: ir_toy: fix a memleak in irtoy_tx
     - i2c: i801: Remove i801_set_block_buffer_mode
     - i2c: i801: Fix block process call transactions (CVE-2024-26593)
     - modpost: trim leading spaces when processing source files list
     - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
     - lsm: fix the logic in security_inode_getsecctx()
     - firewire: core: correct documentation of fw_csr_string() kernel API
     - kbuild: Fix changing ELF file type for output of gen_btf for big endian
     - nfc: nci: free rx_data_reassembly skb on NCI device cleanup
     - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
     - xen-netback: properly sync TX responses
     - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
     - [arm*] binder: signal epoll threads of self-work (CVE-2024-26606)
     - misc: fastrpc: Mark all sessions as invalid in cb_remove
     - ext4: fix double-free of blocks due to wrong extents moved_len
     - tracing: Fix wasted memory in saved_cmdlines logic
     - staging: iio: ad5933: fix type mismatch regression
     - iio: magnetometer: rm3100: add boundary check for the value read from
       RM3100_REG_TMRC
     - iio: accel: bma400: Fix a compilation problem
     - media: rc: bpf attach/detach requires write permission
     - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
     - ring-buffer: Clean ring_buffer_poll_wait() error return
     - serial: max310x: set default value when reading clock ready bit
     - serial: max310x: improve crystal stable clock detection
     - [x86] mm/ident_map: Use gbpages only where full GB page should be mapped.
     - mmc: slot-gpio: Allow non-sleeping GPIO ro
     - ALSA: hda/conexant: Add quirk for SWS JS201D
     - nilfs2: fix data corruption in dsync block recovery for small block sizes
     - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
     - crypto: ccp - Fix null pointer dereference in
       __sev_platform_shutdown_locked
     - nfp: use correct macro for LengthSelect in BAR config
     - nfp: flower: prevent re-adding mac index for bonded port
     - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
     - irqchip/irq-brcmstb-l2: Add write memory barrier before exit
     - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
     - [s390x] qeth: Fix potential loss of L3-IP@ in case of network issues
     - ceph: prevent use-after-free in encode_cap_msg()
     - of: property: fix typo in io-channels
     - can: j1939: Fix UAF in j1939_sk_match_filter during
       setsockopt(SO_J1939_FILTER)
     - pmdomain: core: Move the unused cleanup to a _sync initcall
     - tracing: Inform kmemleak of saved_cmdlines allocation
     - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
     - bus: moxtet: Add spi device table
     - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
     - mips: Fix max_mapnr being uninitialized on early stages
     - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
     - serial: Add rs485_supported to uart_port
     - serial: 8250_exar: Fill in rs485_supported
     - serial: 8250_exar: Set missing rs485_supported flag
     - scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm
     - scripts/decode_stacktrace.sh: support old bash version
     - scripts: decode_stacktrace: demangle Rust symbols
     - scripts/decode_stacktrace.sh: optionally use LLVM utilities
     - netfilter: ipset: fix performance regression in swap operation
     - netfilter: ipset: Missing gc cancellations fixed
     - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
     - Revert "arm64: Stash shadow stack pointer in the task struct on interrupt"
     - net: prevent mss overflow in skb_segment() (CVE-2023-52435)
     - sched/membarrier: reduce the ability to hammer on sys_membarrier
       (CVE-2024-26602)
     - nilfs2: fix potential bug in end_buffer_async_write
     - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
     - dm: limit the number of targets and parameter size area (CVE-2024-23851,
       CVE-2023-52429)
     - PM: runtime: add devm_pm_runtime_enable helper
     - PM: runtime: Have devm_pm_runtime_enable() handle
       pm_runtime_dont_use_autosuspend()
     - [arm64] drm/msm/dsi: Enable runtime PM
     - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
       (CVE-2024-0607)
     - net: bcmgenet: Fix EEE implementation
     - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
     - net/sched: Retire CBQ qdisc
     - net/sched: Retire ATM qdisc
     - net/sched: Retire dsmark qdisc
     - smb: client: fix OOB in receive_encrypted_standard() (CVE-2024-0565)
     - smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
     - smb: client: fix parsing of SMB3.1.1 POSIX create context
     - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
     - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
     - zonefs: Improve error handling
     - sched/rt: Fix sysctl_sched_rr_timeslice intial value
     - sched/rt: Disallow writing invalid values to sched_rt_period_us
     - scsi: target: core: Add TMF to tmr_list handling
     - [arm64] dmaengine: fsl-qdma: increase size of 'irq_name'
     - wifi: cfg80211: fix missing interfaces when dumping
     - wifi: mac80211: fix race condition on enabling fast-xmit
     - fbdev: savage: Error out if pixclock equals zero
     - fbdev: sis: Error out if pixclock equals zero
     - spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
     - ahci: asm1166: correct count of reported ports
     - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_try_best_found()
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_find_by_goal()
     - [armhf] dmaengine: ti: edma: Add some null pointer checks to the
       edma_probe
     - [arm64] regulator: pwm-regulator: Add validity checks in continuous
       .get_voltage
     - nvmet-tcp: fix nvme tcp ida memory leak
     - [armhf] ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
     - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
       sctp_new
     - nvme-fc: do not wait in vain when unloading module
     - nvmet-fcloop: swap the list_add_tail arguments
     - nvmet-fc: release reference on target port
     - nvmet-fc: abort command when there is no binding
     - ext4: correct the hole length returned by ext4_map_blocks()
     - Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
     - efi: runtime: Fix potential overflow of soft-reserved region size
     - efi: Don't add memblocks for soft-reserved memory
     - [x86] hwmon: (coretemp) Enlarge per package core count limit
     - scsi: lpfc: Use unsigned type for num_sge
     - firewire: core: send bus reset promptly on gap count error
     - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
     - [mips*] irqchip/mips-gic: Don't touch vl_map if a local interrupt is not
       routable
     - media: av7110: prevent underflow in write_ts_to_decoder()
     - hvc/xen: prevent concurrent accesses to the shared ring
     - [x86] uaccess: Implement macros for CMPXCHG on user addresses
     - seccomp: Invalidate seccomp mode to catch death failures
     - block: ataflop: fix breakage introduced at blk-mq refactoring
     - [powerpc*] watchpoint: Workaround P10 DD1 issue with VSX-32 byte
       instructions
     - [powerpc*] watchpoints: Annotate atomic context in more places
     - cifs: add a warning when the in-flight count goes negative
     - mtd: spinand: macronix: Add support for MX35LFxGE4AD
     - [x86] ASoC: Intel: boards: harden codec property handling
     - [x86] ASoC: Intel: boards: get codec device with ACPI instead of bus
       search
     - [x86] ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after
       use
     - task_stack, x86/cea: Force-inline stack helpers
     - btrfs: tree-checker: check for overlapping extent items
     - btrfs: introduce btrfs_lookup_match_dir
     - btrfs: unify lookup return value when dir entry is missing
     - btrfs: do not pin logs too early during renames
     - lan743x: fix for potential NULL pointer dereference with bare card
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13
       x360 PC
     - iwlwifi: mvm: do more useful queue sync accounting
     - iwlwifi: mvm: write queue_sync_state only for sync
     - jbd2: remove redundant buffer io error checks
     - jbd2: recheck chechpointing non-dirty buffer
     - jbd2: Fix wrongly judgement for buffer head removing while doing
       checkpoint
     - [x86] drop bogus "cc" clobber from __try_cmpxchg_user_asm()
     - erofs: fix lz4 inplace decompression (CVE-2023-52497)
     - [amd64] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
     - [s390x] cio: fix invalid -EBUSY on ccw_device_start
     - dm-crypt: don't modify the data when using authenticated encryption
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in
       its_sync_lpi_pending_table()
     - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
     - PCI/MSI: Prevent MSI hardware interrupt number truncation
     - l2tp: pass correct message length to ip6_append_data
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR
     - [x86] ibt,paravirt: Use text_gen_insn() for paravirt_patch()
     - [x86] ftrace: Use alternative RET encoding
     - [x86] returnthunk: Allow different return thunks
     - [x86] Revert "x86/alternative: Make custom return thunk unconditional"
     - [x86] alternative: Make custom return thunk unconditional
     - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
     - mptcp: fix lockless access in subflow ULP diag
     - [amd64] IB/hfi1: Fix a memleak in init_credit_return
     - RDMA/bnxt_re: Return error for SRQ resize
     - RDMA/srpt: Support specifying the srpt_service_guid parameter
     - RDMA/qedr: Fix qedr_create_user_qp error flow
     - [arm64] dts: rockchip: set num-cs property for spi on px30
     - RDMA/srpt: fix function pointer cast warnings
     - bpf, scripts: Correct GPL license name
     - scsi: jazz_esp: Only build if SCSI core is builtin
     - nouveau: fix function cast warnings
     - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
     - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
     - afs: Increase buffer size in afs_update_volume_status()
     - ipv6: sr: fix possible use-after-free and null-ptr-deref
     - packet: move from strlcpy with unused retval to strscpy
     - net: dev: Convert sa_data to flexible array in struct sockaddr
     - [s390x] use the correct count for __iowrite64_copy()
     - netfilter: nf_tables: set dormant flag on hook register failure
     - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
     - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is
       set
     - drm/amd/display: Fix memory leak in dm_sw_fini()
     - block: ataflop: more blk-mq refactoring fixes
     - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
     - arp: Prevent overflow in arp_req_get().
     - ext4: regenerate buddy after block freeing failed if under fc replay
       (CVE-2024-26601)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.212
     - [x86] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for
       ACPI names
     - crypto: virtio/akcipher - Fix stack overflow on memcpy
     - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
     - net: ip_tunnel: prevent perpetual headroom growth
     - tun: Fix xdp_rxq_info's queue_index when detaching
     - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
     - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
       detected
     - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
     - Bluetooth: Avoid potential use-after-free in hci_error_reset
     - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
     - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
     - Bluetooth: Enforce validation on max value of connection interval
     - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
     - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
     - efi/capsule-loader: fix incorrect allocation size
     - ALSA: Drop leftover snd-rtctimer stuff from Makefile
     - afs: Fix endless loop in directory parsing
     - tomoyo: fix UAF write bug in tomoyo_write_control() (CVE-2024-26622)
     - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
     - wifi: nl80211: reject iftype change with mesh ID change
     - btrfs: dev-replace: properly validate device names
     - [arm64] dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
     - [arm64] dmaengine: fsl-qdma: init irq after reg initialization
     - mmc: core: Fix eMMC initialization with 1-bit bus connection
     - [arm64] mmc: sdhci-xenon: add timeout for PHY init complete
     - [arm64] mmc: sdhci-xenon: fix PHY init clock stability
     - [arm64] pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
     - [x86] cpu/intel: Detect TME keyid bits before setting MTRR mask registers
     - mptcp: fix possible deadlock in subflow diag
     - ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
     - cachefiles: fix memory leak in cachefiles_add_cache()
     - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
       (CVE-2024-0841)
     - gpiolib: Fix the error path order in gpiochip_add_data_with_key()
     - gpio: fix resource unwinding order in error path
     - mptcp: fix double-free on socket dismantle
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
     - [arm64,armhf] mmc: mmci: stm32: use a buffer for unaligned DMA requests
     - [arm64,armhf] mmc: mmci: stm32: fix DMA API overlapping mappings warning
     - lan78xx: Fix white space and style issues
     - lan78xx: Add missing return code checks
     - lan78xx: Fix partial packet errors on suspend/resume
     - lan78xx: Fix race conditions in suspend/resume handling
     - net: lan78xx: fix runtime PM count underflow on link stop
     - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
     - i40e: disable NAPI right after disabling irqs when handling xsk_pool
     - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string
     - geneve: make sure to pull inner header in geneve_rx()
     - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
     - cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
     - net/rds: fix WARNING in rds_conn_connect_if_down
     - netfilter: nft_ct: fix l3num expectations with inet pseudo family
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
     - netrom: Fix a data-race around sysctl_netrom_default_path_quality
     - netrom: Fix a data-race around
       sysctl_netrom_obsolescence_count_initialiser
     - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
     - netrom: Fix a data-race around sysctl_netrom_transport_timeout
     - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
     - netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
     - netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
     - netrom: Fix a data-race around
       sysctl_netrom_transport_requested_window_size
     - netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
     - netrom: Fix a data-race around sysctl_netrom_routing_control
     - netrom: Fix a data-race around sysctl_netrom_link_fails_count
     - netrom: Fix data-races around sysctl_net_busy_read
     - xhci: remove extra loop in interrupt context
     - xhci: prevent double-fetch of transfer and transfer event TRBs
     - xhci: process isoc TD properly when there was a transaction error mid TD.
     - xhci: handle isoc Babble and Buffer Overrun events properly
     - net: Change sock_getsockopt() to take the sk ptr instead of the sock ptr
     - bpf: net: Change sk_getsockopt() to take the sockptr_t argument
     - lsm: make security_socket_getpeersec_stream() sockptr_t safe
     - lsm: fix default return value of the socket_getpeersec_*() hooks
     - ext4: make ext4_es_insert_extent() return void
     - ext4: refactor ext4_da_map_blocks()
     - ext4: convert to exclusive lock while inserting delalloc extents
     - [x86] Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus
       hardening
     - [x86] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
       hardening
     - [x86] hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
     - [x86] hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove
     - [x86] hv_netvsc: Make netvsc/VF binding check both MAC and serial number
     - [x86] hv_netvsc: use netif_is_bond_master() instead of open code
     - [x86] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
     - mm/hugetlb: change hugetlb_reserve_pages() to type bool
     - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
     - getrusage: add the "signal_struct *sig" local variable
     - getrusage: move thread_group_cputime_adjusted() outside of
       lock_task_sighand()
     - getrusage: use __for_each_thread()
     - getrusage: use sig->stats_lock rather than lock_task_sighand()
     - [x86] Drivers: hv: vmbus: Drop error message when 'No request id
       available'
     - regmap: allow to define reg_update_bits for no bus configuration
     - regmap: Add bulk read/write callbacks into regmap_config
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - rcu-tasks: Provide rcu_trace_implies_rcu_gp()
     - bpf: Defer the free of inner map when necessary (CVE-2023-52447)
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - [x86] xen: Add some null pointer checking to smp.c
     - [mips*] Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
       (CVE-2024-22099)
     - firewire: core: use long bus reset on gap count error
     - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
       tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - [x86] paravirt: Fix build due to __text_gen_insn() backport
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - nbd: null check for nla_nest_start
     - fs/select: rework stack allocation hack for clang
     - block: add a new set_read_only method
     - md: implement ->set_read_only to hook into BLKROSET processing
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
       (CVE-2023-6270)
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (CVE-2023-7042)
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: dbg-tlv: ensure NUL termination
     - wifi: iwlwifi: fix EWRD table validity check
     - net: blackhole_dev: fix build warning for ethh set but not used
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
     - bpf: Factor out bpf_spin_lock into helpers.
     - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
     - wireless: Remove redundant 'flush_workqueue()' calls
     - wifi: wilc1000: prevent use-after-free on vif when cleaning up all
       interfaces
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
     - [amd64] iommu/amd: Mark interrupt as managed
     - wifi: brcmsmac: avoid function pointer casts
     - net: ena: Remove ena_select_queue
     - ACPI: scan: Fix device check notification handling
     - [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
     - SUNRPC: fix some memleaks in gssx_dec_option_array
     - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
       .remove function
     - wifi: rtw88: 8821c: Fix false alarm count
     - PCI: Make pci_dev_is_disconnected() helper public for other drivers
     - [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
       disconnected
     - igb: move PEROUT and EXTTS isr logic to separate functions
     - igb: Fix missing time sync events
     - Bluetooth: Remove superfluous call to hci_conn_check_pending()
     - Bluetooth: hci_core: Fix possible buffer overflow
     - sr9800: Add check for usbnet_get_endpoints (CVE-2024-26651)
     - bpf: Eliminate rlimit-based memory accounting for devmap maps
     - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
     - bpf: Fix hashtab overflow check on 32-bit arches
     - bpf: Fix stackmap overflow check on 32-bit arches
     - ipv6: fib6_rules: flush route cache when rule is changed
     - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
     - net: phy: fix phy_get_internal_delay accessing an empty array
     - net: hns3: fix port duplex configure error in IMP reset
     - net: phy: DP83822: enable rgmii mode if phy_interface_is_rgmii
     - net: phy: dp83822: Fix RGMII TX delay configuration
     - OPP: debugfs: Fix warning around icc_get_name()
     - tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
       function
     - net/ipv4: Replace one-element array with flexible-array member
     - net/ipv4: Revert use of struct_size() helper
     - net/ipv4/ipv6: Replace one-element arraya with flexible-array members
     - bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument
     - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
       function
     - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
       function
     - udp: fix incorrect parameter validation in the udp_lib_getsockopt()
       function
     - net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
       function
     - nfp: flower: handle acti_netdevs allocation failure
     - dm raid: fix false positive for requeue needed during reshape
     - dm: call the resume method on internal suspend
     - [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
     - [arm64,armhf] drm/tegra: dsi: Make use of the helper function
       dev_err_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
       tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
       error handling path of tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
       error handling paths of tegra_output_probe()
     - drm/rockchip: inno_hdmi: Fix video timing
     - drm: Don't treat 0 as -1 in drm_fixp2int_ceil
     - drm/rockchip: lvds: do not overwrite error code
     - drm/rockchip: lvds: do not print scary message when probing defer
     - drm/lima: fix a memleak in lima_heap_alloc
     - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
     - media: tc358743: register v4l2 async device only after successful setup
     - PCI/DPC: Print all TLP Prefixes, not just the first
     - perf record: Fix possible incorrect free in record__switch_output()
     - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
     - drm/amd/display: Fix a potential buffer overflow in
       'dp_dsc_clock_en_read()'
     - drm/amd/display: Fix potential NULL pointer dereferences in
       'dcn10_set_output_transfer_func()'
     - perf evsel: Fix duplicate initialization of data->id in
       evsel__parse_sample()
     - media: em28xx: annotate unchecked call to media_device_register()
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
     - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
     - media: edia: dvbdev: fix a use-after-free
     - pinctrl: mediatek: Drop bogus slew rate register range for MT8192
     - [arm64] clk: qcom: reset: Commonize the de/assert functions
     - [arm64] clk: qcom: reset: Ensure write completion on reset de/assertion
     - quota: simplify drop_dquot_ref()
     - quota: Fix potential NULL pointer dereference
     - quota: Fix rcu annotations of inode dquot pointers
     - PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
     - crypto: xilinx - call finalize with bh disabled
     - perf thread_map: Free strlist on normal path in
       thread_map__new_by_tid_str()
     - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
     - ALSA: seq: fix function cast warnings
     - perf stat: Avoid metric-only segv
     - media: sun8i-di: Fix coefficient writes
     - media: sun8i-di: Fix power on/off sequences
     - media: sun8i-di: Fix chroma difference threshold
     - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
     - media: go7007: add check of return value of go7007_read_addr()
     - media: pvrusb2: remove redundant NULL check
     - media: pvrusb2: fix pvr2_stream_callback casts
     - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
     - [arm64] clk: hisilicon: hi3519: Release the correct number of gates in
       hi3519_clk_unregister()
     - [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
       tegra_fb_create
     - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
     - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
       a ref
     - crypto: arm/sha - fix function cast warnings
     - drm/tidss: Fix initial plane zpos values
     - mtd: maps: physmap-core: fix flash size larger than 32-bit
     - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
     - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
     - media: dvb-frontends: avoid stack overflow warnings with clang
     - media: go7007: fix a memleak in go7007_load_encoder
     - media: ttpci: fix two memleaks in budget_av_attach
     - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
     - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
     - [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
     - [powerpc*] embedded6xx: Fix no previous prototype for avr_uart_send() etc.
     - leds: aw2013: Unlock mutex before destroying it
     - leds: sgm3140: Add missing timer cleanup and flash gpio control
     - backlight: lm3630a: Initialize backlight_properties on init
     - backlight: lm3630a: Don't set bl->props.brightness in get_brightness
     - backlight: da9052: Fully initialize backlight_properties during probe
     - backlight: lm3639: Fully initialize backlight_properties during probe
     - backlight: lp8788: Fully initialize backlight_properties during probe
     - clk: Fix clk_core_get NULL dereference
     - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
     - RDMA/srpt: Do not register event handler until srpt device is fully setup
     - f2fs: compress: fix to check unreleased compressed cluster
     - scsi: csiostor: Avoid function pointer casts
     - RDMA/device: Fix a race between mad_client and cm_client init
     - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
     - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
     - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
     - NFSv4.2: fix listxattr maximum XDR buffer size
     - watchdog: stm32_iwdg: initialize default timeout
     - NFS: Fix an off by one in root_nfs_cat()
     - afs: Revert "afs: Hide silly-rename files from userspace"
     - [armhf] remoteproc: stm32: Constify st_rproc_ops
     - [armhf] remoteproc: Add new get_loaded_rsc_table() to rproc_ops
     - [armhf] remoteproc: stm32: Move resource table setup to rproc_ops
     - [armhf] remoteproc: stm32: use correct format strings on 64-bit
     - [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
     - [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
       stm32_rproc_get_loaded_rsc_tablef
     - tty: vt: fix 20 vs 0x20 typo in EScsiignore
     - serial: max310x: fix syntax error in IRQ error message
     - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
     - kconfig: fix infinite loop when expanding a macro at the end of file
     - rtc: mt6397: select IRQ_DOMAIN instead of depending on it
     - serial: 8250_exar: Don't remove GPIO device on suspend
     - staging: greybus: fix get_channel_from_mode() failure path
     - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
     - io_uring: don't save/restore iowait state
     - [s390x] vtime: fix average steal time calculation
     - soc: fsl: dpio: fix kcalloc() argument order
     - hsr: Fix uninit-value access in hsr_get_node()
     - packet: annotate data-races around ignore_outgoing
     - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
     - wireguard: receive: annotate data-race around receiving_counter.counter
     - rds: introduce acquire/release ordering in acquire/release_in_xmit()
     - hsr: Handle failures in module init
     - net/bnx2x: Prevent access to a freed page in page_pool
     - netfilter: nft_set_pipapo: release elements in clone only from destroy
       path (CVE-2024-26809)
     - scsi: fc: Update formal FPIN descriptor definitions
     - netfilter: nf_tables: do not compare internal table flags on updates
     - rcu: add a helper to report consolidated flavor QS
     - bpf: report RCU QS in cpumap kthread
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
     - regmap: Add missing map->bus check
     - [armhf] remoteproc: stm32: fix phys_addr_t format string
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
     - amdkfd: use calloc instead of kzalloc to avoid integer overflow
       (CVE-2024-26817)
     - Documentation/hw-vuln: Update spectre doc
     - [x86] cpu: Support AMD Automatic IBRS
     - [x86] bugs: Use sysfs_emit()
     - timers: Update kernel-doc for various functions
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
       (CVE-2023-47233)
     - [armhf] dts: marvell: Fix maxium->maxim typo in brownstone dts
     - [x86] drm/vmwgfx: stop using ttm_bo_create v2
     - [x86] drm/vmwgfx: switch over to the new pin interface v2
     - [x86] drm/vmwgfx/vmwgfx_cmdbuf_res: Remove unused variable 'ret'
     - [x86] drm/vmwgfx: Fix some static checker warnings
     - [x86] drm/vmwgfx: Fix possible null pointer derefence with invalid
       contexts
     - media: xc4000: Fix atomicity violation in xc4000_get_frequency
       (CVE-2024-24861)
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
     - [x86] crypto: qat - fix double free during reset
     - [x86] crypto: qat - resolve race condition during AER recovery
     - ext4: correct best extent lstart adjustment logic
     - block: introduce zone_write_granularity limit
     - block: Clear zone limits for a non-zoned stacked queue
     - bounds: support non-power-of-two CONFIG_NR_CPUS
     - fat: fix uninitialized field in nostale filehandles
     - ubifs: Set page uptodate in the correct place
     - ubi: Check for too small LEB size in VTBL code
     - ubi: correct the calculation of fastmap size
     - mtd: rawnand: meson: fix scrambling mode value in command macro
     - PM: suspend: Set mem_sleep_current during kernel command line setup
     - [powerpc*] fsl: Fix mfpmr build errors with newer binutils
     - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
     - USB: serial: add device ID for VeriFone adapter
     - USB: serial: cp210x: add ID for MGP Instruments PDS100
     - USB: serial: option: add MeiG Smart SLM320 product
     - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
     - PM: sleep: wakeirq: fix wake irq warning in system suspend
     - mmc: tmio: avoid concurrent runs of mmc_request_done()
     - fuse: fix root lookup with nonzero generation
     - fuse: don't unhash root
     - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
     - printk/console: Split out code that enables default console
     - serial: Lock console when calling into driver before registration
     - btrfs: fix off-by-one chunk length calculation at
       contains_pending_extent()
     - PCI: Drop pci_device_remove() test of pci_dev->driver
     - PCI/PM: Drain runtime-idle callbacks before driver removal
     - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     - PCI: Cache PCIe Device Capabilities register
     - PCI: Work around Intel I210 ROM BAR overlap defect
     - PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
     - PCI/DPC: Quirk PIO log size for certain Intel Root Ports
     - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
     - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
     - dm-raid: fix lockdep waring in "pers->hot_add_disk"
     - mac802154: fix llsec key resources release in mac802154_llsec_key_del
     - mm: swap: fix race between free_swap_and_cache() and swapoff()
     - mmc: core: Fix switch on gp3 partition
     - [armhf] drm/etnaviv: Restore some id values
     - hwmon: (amc6821) add of_match table
     - ext4: fix corruption during on-line resize
     - nvmem: meson-efuse: fix function pointer type mismatch
     - slimbus: core: Remove usage of the deprecated ida_simple_xx() API
     - [arm64,armhf] phy: tegra: xusb: Add API to retrieve the port number of phy
     - usb: gadget: tegra-xudc: Use dev_err_probe()
     - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
     - speakup: Fix 8bit characters from direct synth
     - PCI/ERR: Clear AER status only when we control AER
     - PCI/AER: Block runtime suspend when handling errors
     - nfs: fix UAF in direct writes
     - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
     - PCI: dwc: endpoint: Fix advertised resizable BAR size
     - vfio/platform: Disable virqfds on cleanup
     - ring-buffer: Fix waking up ring buffer readers
     - ring-buffer: Do not set shortest_full when full target is hit
     - ring-buffer: Fix resetting of shortest_full
     - ring-buffer: Fix full_waiters_pending in poll
     - [s390x] zcrypt: fix reference counting on zcrypt card objects
     - drm/panel: do not return negative error codes from drm_panel_get_modes()
     - [armhf] drm/exynos: do not return negative values from .get_modes()
     - drm/imx/ipuv3: do not return negative values from .get_modes()
     - drm/vc4: hdmi: do not return negative values from .get_modes()
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
     - nilfs2: prevent kernel bug at submit_bh_wbc()
     - cpufreq: dt: always allocate zeroed cpumask
     - [x86] CPU/AMD: Update the Zenbleed microcode revisions
     - net: hns3: tracing: fix hclgevf trace event strings
     - wireguard: netlink: check for dangling peer via is_dead instead of empty
       list
     - wireguard: netlink: access device through ctx instead of peer
     - ahci: asm1064: correct count of reported ports
     - ahci: asm1064: asm1166: don't limit reported ports
     - drm/amd/display: Return the correct HDCP error code
     - drm/amd/display: Fix noise issue on HDMI AV mute
     - dm snapshot: fix lockup in dm_exception_table_exit
     - vxge: remove unnecessary cast in kfree()
     - [x86] stackprotector/32: Make the canary into a regular percpu variable
     - [x86] pm: Work around false positive kmemleak report in
       msr_build_context()
     - scripts: kernel-doc: Fix syntax error due to undeclared args variable
       (Closes: #1064035)
     - comedi: comedi_test: Prevent timers rescheduling during deletion
     - cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
       return value"
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout (CVE-2024-26643)
     - netfilter: nf_tables: disallow anonymous set with timeout flag
       (CVE-2024-26642)
     - netfilter: nf_tables: reject constant set with timeout
     - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
       memory
     - xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
     - [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
       svm_register_enc_region()
     - ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
       ALC897 platform
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
     - usb: gadget: ncm: Fix handling of zero block length packets
     - usb: port: Don't try to peer unused USB ports based on location
     - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
     - mei: me: add arrow lake point S DID
     - mei: me: add arrow lake point H DID
     - vt: fix unicode buffer corruption when deleting characters
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
     - tee: optee: Fix kernel panic caused by incorrect error handling
     - xen/events: close evtchn after mapping cleanup (CVE-2024-26687)
     - printk: Update @console_may_schedule in console_trylock_spinning()
     - btrfs: allocate btrfs_ioctl_defrag_range_args on stack
     - [x86] asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix
     - [x86] bugs: Add asm helpers for executing VERW
     - [x86] entry_64: Add VERW just before userspace transition
     - [x86] entry_32: Add VERW just before userspace transition
     - [x86] bugs: Use ALTERNATIVE() instead of mds_user_clear static key
     - [x86] KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
     - [x86] KVM/VMX: Move VERW closer to VMentry for MDS mitigation
     - [x86] Mitigate Register File Data Sampling (RFDS) vulnerability
       (CVE-2023-28746):
       + [x86] mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
       + Documentation/hw-vuln: Add documentation for RFDS
       + [x86] rfds: Mitigate Register File Data Sampling (RFDS)
       + [x86] KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests
     - perf/core: Fix reentry problem in perf_output_read_group()
     - efivarfs: Request at most 512 bytes for variable names
     - [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
     - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
       (CVE-2023-52488)
     - mm/memory-failure: fix an incorrect use of tail pages
     - mm/migrate: set swap entry values of THP tail pages properly.
     - init: open /initrd.image with O_LARGEFILE
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
     - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
     - mmc: core: Initialize mmc_blk_ioc_data
     - mmc: core: Avoid negative index with array access
     - net: ll_temac: platform_get_resource replaced by wrong function
     - usb: cdc-wdm: close race between read and workqueue
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
       (CVE-2024-26654)
     - scsi: core: Fix unremoved procfs host directory regression
     - [arm*] staging: vc04_services: changen strncpy() to strscpy_pad()
     - [arm*] staging: vc04_services: fix information leak in create_component()
     - USB: core: Add hub_get() and hub_put() routines
     - [arm*] usb: dwc2: host: Fix remote wakeup from hibernation
     - [arm*] usb: dwc2: host: Fix hibernation flow
     - [arm*] usb: dwc2: host: Fix ISOC flow in DDMA mode
     - [arm*] usb: dwc2: gadget: LPM flow fix
     - usb: udc: remove warning when queue disabled ep
     - usb: typec: ucsi: Ack unsupported commands
     - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
     - scsi: qla2xxx: Split FCE|EFT trace control
     - scsi: qla2xxx: Fix command flush on cable pull
     - scsi: qla2xxx: Delay I/O Abort on PCI error
     - [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
     - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
     - scsi: lpfc: Correct size for wqe for memset()
     - USB: core: Fix deadlock in usb_deauthorize_interface()
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
     - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
     - tcp: properly terminate timers for kernel sockets
     - ACPICA: debugger: check status of acpi_evaluate_object() in
       acpi_db_walk_for_fields()
     - bpf: Protect against int overflow for stack access size
     - dm integrity: fix out-of-range warning
     - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
     - [x86] cpufeatures: Add new word for scattered features
     - Bluetooth: hci_event: set the conn encrypted before conn establishes
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
       CVE-2024-24858)
     - netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
     - net/rds: fix possible cp null dereference
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
     - vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
     - vfio: Introduce interface to flush virqfd inject workqueue
     - vfio/pci: Create persistent INTx handler (CVE-2024-26812)
     - vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
     - vfio/fsl-mc: Block calling interrupt handler without trigger
       (CVE-2024-26814)
     - io_uring: ensure '0' is returned on file registration success
     - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
       mapped."
     - mm, vmscan: prevent infinite loop for costly GFP_NOIO |
       __GFP_RETRY_MAYFAIL allocations
     - [x86] srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)
     - block: add check that partition length needs to be aligned with block size
       (CVE-2023-52458)
     - netfilter: nf_tables: reject new basechain after table flag update
     - netfilter: nf_tables: flush pending destroy work before exit_net release
     - netfilter: nf_tables: Fix potential data-race in
       __nft_flowtable_type_get()
     - netfilter: validate user input for expected length
     - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
     - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
     - net/sched: act_skbmod: prevent kernel-infoleak
     - net: stmmac: fix rx queue priority assignment
     - erspan: make sure erspan_base_hdr is present in skb->head
     - ipv6: Fix infinite recursion in fib6_dump_done().
     - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
     - i40e: fix i40e_count_filters() to count only active/new filters
     - i40e: fix vf may be used uninitialized in this function warning
     - scsi: qla2xxx: Update manufacturer details
     - scsi: qla2xxx: Update manufacturer detail
     - Revert "usb: phy: generic: Get the vbus supply"
     - udp: do not accept non-tunnel GSO skbs landing in a tunnel
     - net: ravb: Always process TX descriptor ring
     - [arm64] dts: qcom: sc7180: Remove clock for bluetooth on Trogdor
     - [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
     - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
     - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
     - scsi: mylex: Fix sysfs buffer lengths
     - ata: sata_mv: Fix PCI device ID table declaration compilation warning
     - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
       microphone
     - driver core: Introduce device_link_wait_removal()
     - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
     - [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
     - [s390x] entry: align system call table on 8 bytes
     - [x86] bugs: Fix the SRSO mitigation on Zen3/4
     - [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
       for !SRSO
     - mptcp: don't account accept() of non-MPC client as fallback to TCP
     - [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
       word
     - objtool: Add asm version of STACK_FRAME_NON_STANDARD
     - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
     - panic: Flush kernel log buffer at the end
     - [arm64] dts: rockchip: fix rk3328 hdmi ports node
     - [arm64] dts: rockchip: fix rk3399 hdmi ports node
     - ionic: set adminq irq affinity
     - pstore/zone: Add a null pointer check to the psz_kmsg_read
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
     - btrfs: export: handle invalid inode or root reference in
       btrfs_get_parent()
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
     - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
     - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
     - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
     - sysv: don't call sb_bread() with pointers_lock held
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
     - isofs: handle CDs with bad root inode but good Joliet root directory
     - media: sta2x11: fix irq handler cast
     - ext4: add a hint for block bitmap corrupt state in mb_groups
     - ext4: forbid commit inconsistent quota data when errors=remount-ro
     - drm/amd/display: Fix nanosec stat overflow
     - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to
       unsigned int
     - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
     - libperf evlist: Avoid out-of-bounds access
     - block: prevent division by zero in blk_rq_stat_sum()
     - RDMA/cm: add timeout to cm_destroy_id wait
     - Input: allocate keycode for Display refresh rate toggle
     - [x86] platform/x86: touchscreen_dmi: Add an extra entry for a variant of
       the Chuwi Vi8 tablet
     - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
       environment
     - tools: iio: replace seekdir() in iio_generic_buffer
     - usb: typec: tcpci: add generic tcpci fallback compatible
     - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
     - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
     - drivers/nvme: Add quirks for device 126f:2262
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
     - netfilter: nf_tables: release batch on table validation from abort path
     - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
       (CVE-2024-26925)
     - netfilter: nf_tables: discard table flag update with pending basechain
       deletion
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
     - virtio: reenable config if freezing device failed
     - [x86] mm/pat: fix VM_PAT handling in COW mappings
     - [x86] drm/i915/gt: Reset queue_priority_hint on parking
     - Bluetooth: btintel: Fixe build regression
     - [x86] VMCI: Fix possible memcpy() run-time warning in
       vmci_datagram_invoke_guest_handler()
     - kbuild: dummy-tools: adjust to stricter stackprotector check
     - scsi: sd: Fix wrong zone_write_granularity value during revalidate
     - [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
     - [x86] head/64: Re-enable stack protection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
     - batman-adv: Avoid infinite loop trying to resize local TT
     - Bluetooth: Fix memory leak in hci_req_sync_complete()
     - media: cec: core: remove length check of Timer Status
     - nouveau: fix function cast warning
     - net: openvswitch: fix unwanted error log on timeout policy probing
     - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one
       file
     - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
     - geneve: fix header validation in geneve[6]_xmit_skb
     - ipv6: fib: hide unused 'pn' variable
     - ipv4/route: avoid unused-but-set-variable warning
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
     - Bluetooth: SCO: Fix not validating setsockopt user input
     - netfilter: complete validation of user input
     - net/mlx5: Properly link new fs rules into the tree
     - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
     - af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
     - net: ena: Fix potential sign extension issue
     - net: ena: Wrong missing IO completions check order
     - net: ena: Fix incorrect descriptor free behavior
     - [amd64] iommu/vt-d: Allocate local memory for page request queue
     - [arm64] mailbox: imx: fix suspend failue
     - btrfs: qgroup: correctly model root qgroup rsv in convert
     - drm/client: Fully protect modes[] with dev->mode_config.mutex
     - vhost: Add smp_rmb() in vhost_vq_avail_empty()
     - [x86] cpu: Actually turn off mitigations by default for
       SPECULATION_MITIGATIONS=n
     - [x86] apic: Force native_apic_mem_read() to use the MOV instruction
     - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
     - btrfs: record delayed inode root in transaction
     - kprobes: Fix possible use-after-free issue on kprobe registration
     - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
       (CVE-2024-27020)
     - netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
     - tun: limit printing rate when illegal packet received by tun dev
       (CVE-2024-27013)
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - drm: nv04: Fix out of bounds access (CVE-2024-27008)
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - clk: Remove prepare_lock hold assertion in __clk_release()
     - clk: Mark 'all_lists' as const
     - clk: remove extra empty line
     - clk: Print an info line before disabling unused clocks
     - clk: Initialize struct clk_core kref earlier
     - clk: Get runtime PM before walking tree during disable_unused
       (CVE-2024-27004)
     - [x86] cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
     - [arm*] binder: check offset alignment in binder_get_object()
       (CVE-2024-26926)
     - [x86] thunderbolt: Avoid notify PM core about runtime PM resume
     - [x86] thunderbolt: Fix wake configurations after device unplug
     - [x86] comedi: vmk80xx: fix incomplete endpoint checking (CVE-2024-27001)
     - USB: serial: option: add Fibocom FM135-GL variants
     - USB: serial: option: add support for Fibocom FM650/FG650
     - USB: serial: option: add Lonsung U8300/U9300 product
     - USB: serial: option: support Quectel EM060K sub-models
     - USB: serial: option: add Rolling RW101-GL and RW135-GL support
     - USB: serial: option: add Telit FN920C04 rmnet compositions
     - Revert "usb: cdc-wdm: close race between read and workqueue"
     - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
       (CVE-2024-26997)
     - usb: Disable USB3 LPM at shutdown
     - mei: me: disable RPL-S on SPS and IGN firmwares
     - speakup: Avoid crash on very long word (CVE-2024-26994)
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
       (CVE-2024-26993)
     - init/main.c: Fix potential static_command_line memory overflow
       (CVE-2024-26988)
     - drm/amdgpu: validate the parameters of bo mapping operations more clearly
       (CVE-2024-26922)
     - nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)
     - nilfs2: fix OOB in nilfs_set_de_type (CVE-2024-26981)
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - vxlan: drop packets from invalid src-address
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - [x86] idma64: Don't try to serve interrupts when device is powered off
     - i2c: smbus: fix NULL function pointer dereference
     - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
     - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
     - udp: preserve the connected status if only UDP cmsg
     - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 29
   * [rt] Refresh "sched/vtime: Consolidate IRQ time accounting"
   * [rt] Update to 5.10.215-rt107
   * [rt] Refresh "u64_stats: Disable preemption on 32bit-UP/SMP with RT during
     updates"
   * drivers/tty: Disable N_GSM
   * tipc: fix UAF in error path
   * tipc: fix a possible memleak in tipc_buf_append
Checksums-Sha1:
 0f1e1c10c9f9804c188eda6cdcc23b879c41e3ba 42701 linux-5.10_5.10.216-1~deb10u1.dsc
 f1559c1bd48e48e1507e216f9607d26036b8784c 121947440 linux-5.10_5.10.216.orig.tar.xz
 8acdb5522a86485213fd9c78d568bf296c7bae37 1649924 linux-5.10_5.10.216-1~deb10u1.debian.tar.xz
 b7dcb22bb5e7a2352d876175d46bc65a177cebe6 13684 linux-5.10_5.10.216-1~deb10u1_source.buildinfo
Checksums-Sha256:
 ee1394856f653626dc725431895671ee107970d4166f2c1e5bd8929293b0121f 42701 linux-5.10_5.10.216-1~deb10u1.dsc
 333fb44872eaafcead074b2dd4a74b52884204609769772d58176471761fde01 121947440 linux-5.10_5.10.216.orig.tar.xz
 8a8a371921de33453e21a3f1cd23c319b5a6643986f9ec5698516bd4fa425fe8 1649924 linux-5.10_5.10.216-1~deb10u1.debian.tar.xz
 620822676c987fb9ebb97bb014bb53fec68d0d75121263a7999a35e3e61b3f63 13684 linux-5.10_5.10.216-1~deb10u1_source.buildinfo
Files:
 2d77efcf775ca774bf2b5ce8db21e21a 42701 kernel optional linux-5.10_5.10.216-1~deb10u1.dsc
 2da670f3b8fbd419d4da516eb2a8b994 121947440 kernel optional linux-5.10_5.10.216.orig.tar.xz
 9bc5539f3165395526042ca03d315e90 1649924 kernel optional linux-5.10_5.10.216-1~deb10u1.debian.tar.xz
 10f71cb513892b509c388f21b7f74089 13684 kernel optional linux-5.10_5.10.216-1~deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmY5MLYACgkQ57/I7JWG
EQnNGw/+MIx3hZy94dwxOb3T85A6mfBvzkzPPvdLWlZjmMzXxBAmCKmhq2qPendz
1gcBhnk+EBnE6dIAsklnPjn0NIyon9DdoBzE+nlhsUPjBmHk5CwMBzBxzhF8cJTA
O5K4//vWm3b7CNLmwAKEpkP3fuIKlh4PzXku3rWSHw1Nrv8p9ttS2u3xJJHGZj6b
0v1YSYCwQULZye2eUgy2FY5btKTYNaUU3Yv89rs5aLAt6Qa1UBXP+Poz//RtklHj
E3fXqCnSE0VRfzALkqv8ioTvVat+n3n1nPwa228lZ1wnOpC8f+jGSR3yf+SLioeN
ZNTm8fFF+d5eJpB2YXG72qaS3GrpPp6nsr0XM8UsRBjP28umwfyfP4fIAuktMz2T
mqOZxpfFguIHS1ebDt9H8WqJHS/mDPDfTu1OaSXQLRto4UM4UoG12jyOkXnOxs71
h8Dq9FdaJhLsZ/HGgq8iYE4rmYIzqyRz8G+pDeKjBFpnqceMK2CFt75xgNXlQ0T0
Mh2Txaz8tFBcZw7UcyE6X1PwNb9XxDCs0//RAc7bIbBWHw7gn+0tpyiRR8Vk1dAx
bZym17cy2ta1Djhj3qp+mHQTX/1TPLzeU4USanz7wOQw0RHdhtRbrqbrrjxCIjKt
O5zrozKhdZNAdLruzTGhTs0MvZZD/U9+3wESOnkUnY6JKw4GxvI=
=7Fuc
-----END PGP SIGNATURE-----

Attachment: pgpWCy9UVYYyh.pgp
Description: PGP signature