Accepted linux 6.1.69-1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted linux 6.1.69-1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 03 Jan 2024 06:47:08 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: linux_6.1.69-1_source.changes
- Debian-source: linux
- Debian-suite: proposed-updates
- Debian-version: 6.1.69-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=vIGYmEEUUINrEuIptc9RS4jQfvI6xVU413b3D0RHeYk=; b=opVfuynCWdWc1aw8a3jzz2kzWs Lq1apvM1xCzYZC2jHmlDGun9Ex9XzzeOID6UnZnVK+shxhthTG9i1KJN5LOQaLbeW5iiv/71fQfYz j0UJoXd92cIDzRuzyZPMglqt0Jc/AHpva0k0AUK58zzokvkIwK9t1KuP6QGldbyqHcQULhZ1Gded4 /3QQ/aDKFrtTYh2Nm/tvF2KcsZ7DEIEUeEDQz8wzla2z3pj5ZELFUJ95vr2auCcBH5z/+trUmNWCt raewYbaAtmZmq63Uv54e0b00/dqY24nXWuWV1ySgUt1+LLbFEjsIQbPB4+ERE7JCsALNrEMhj0bLf 9ATn6Uew==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rKv1w-00429A-Nm@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 30 Dec 2023 10:31:20 +0100
Source: linux
Architecture: source
Version: 6.1.69-1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1035587 1052304 1055021 1058758 1059624
Changes:
linux (6.1.69-1) bookworm-security; urgency=high
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.68
- hrtimers: Push pending hrtimers away from outgoing CPU earlier
- i2c: designware: Fix corrupted memory seen in the ISR
- netfilter: ipset: fix race condition between swap/destroy and kernel side
add/del/test
- tg3: Move the [rt]x_dropped counters to tg3_napi
- tg3: Increment tx_dropped in tg3_tso_bug()
- kconfig: fix memory leak from range properties
- drm/amdgpu: correct chunk_ptr to a pointer to chunk.
- [x86] Introduce ia32_enabled()
- [amd64] x86/coco: Disable 32-bit emulation by default on TDX and SEV
- [x86] entry: Convert INT 0x80 emulation to IDTENTRY
- [x86] entry: Do not allow external 0x80 interrupts
- [x86] tdx: Allow 32-bit emulation by default
- [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
code
- [powerpc*] of: dynamic: Fix of_reconfig_get_state_change() return value
documentation
- [x86] platform/x86: wmi: Skip blocks with zero instances
- ipv6: fix potential NULL deref in fib6_add()
- hv_netvsc: rndis_filter needs to select NLS
- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
- r8152: Add RTL8152_INACCESSIBLE checks to more loops
- r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
- r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en()
- arcnet: restoring support for multiple Sohard Arcnet cards
- net: stmmac: fix FPE events losing
- xsk: Skip polling event check for unbound socket
- i40e: Fix unexpected MFS warning message
- iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero
- net: bnxt: fix a potential use-after-free in bnxt_init_tc
- tcp: fix mid stream window clamp.
- ionic: fix snprintf format length warning
- ionic: Fix dim work handling in split interrupt mode
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
- net: atlantic: Fix NULL dereference of skb pointer in
- [arm64] net: hns: fix wrong head when modify the tx feature when sending
packets
- [arm64] net: hns: fix fake link up on xge port
- netfilter: nft_exthdr: add boolean DCCP option matching
- netfilter: nf_tables: fix 'exist' matching on bigendian arches
- netfilter: nf_tables: bail out on mismatching dynset and set expressions
(CVE-2023-6622)
- netfilter: nf_tables: validate family when identifying table via handle
- netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
- tcp: do not accept ACK of bytes we never sent
- bpf: sockmap, updating the sg structure should also update curr
- psample: Require 'CAP_NET_ADMIN' when joining "packets" group
- drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
- [arm64] tee: optee: Fix supplicant based device enumeration
- [arm64] RDMA/hns: Fix unnecessary err return when using invalid congest
control algorithm
- RDMA/irdma: Do not modify to SQD on error
- RDMA/irdma: Add wait for suspend on SQD
- [arm64] ASoC: fsl_sai: Fix no frame sync clock issue on i.MX8MP
- RDMA/irdma: Refactor error handling in create CQP
- RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info()
- [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
- [x86] ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
- RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz
- RDMA/irdma: Avoid free the non-cqp_request scratch
- [arm64] dts: imx8mq: drop usb3-resume-missing-cas from usb
- [arm64] dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3
- tracing: Fix a warning when allocating buffered events fails
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
- [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
- md: introduce md_ro_state
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly()
- iommu: Avoid more races around device probe
- [x86] rethook: Use __rcu pointer for rethook::handler
- kprobes: consistent rcu api usage for kretprobe holder
- [x86] ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA
- io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
- nvme-pci: Add sleep quirk for Kingston drives
- io_uring: fix mutex_unlock with unreferenced ctx
- ALSA: usb-audio: Add Pioneer DJM-450 mixer controls
- ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
- ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
- ALSA: hda/realtek: add new Framework laptop to quirks
- ALSA: hda/realtek: Add Framework laptop 16 to quirks
- ring-buffer: Test last update in 32bit version of __rb_time_read()
- nilfs2: fix missing error check for sb_set_blocksize call
- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
- cgroup_freezer: cgroup_freezing: Check if not frozen
- checkstack: fix printed address
- tracing: Always update snapshot buffer size
- tracing: Disable snapshot buffer when stopping instance tracers
- tracing: Fix incomplete locking when disabling buffered events
- tracing: Fix a possible race when disabling buffered events
- packet: Move reference count in packet_sock to atomic_long_t
- r8169: fix rtl8125b PAUSE frames blasting when suspended
- regmap: fix bogus error on regcache_sync success
- [x86] platform/surface: aggregator: fix recv_buf() return value
- hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write
- mm: fix oops when filemap_map_pmd() without prealloc_pte
- md/raid6: use valid sector values to determine if an I/O should wait on
the reshape
- [arm*] binder: fix memory leaks of spam and pending work
- [arm64] coresight: etm4x: Make etm4_remove_dev() return void
- [arm64] coresight: etm4x: Remove bogous __exit annotation for some
functions
- hwtracing: hisi_ptt: Add dummy callback pmu::read()
- [x86] misc: mei: client.c: return negative error code in mei_cl_write
- [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
mei_cl_write
- ring-buffer: Force absolute timestamp on discard of event
- tracing: Set actual size after ring buffer resize
- tracing: Stop current tracer when resizing buffer
- perf: Fix perf_event_validate_size() (CVE-2023-6931)
- [x86] sev: Fix kernel crash due to late update to read-only ghcb_version
- gpiolib: sysfs: Fix error handling on failed export
- drm/amdgpu: fix memory overflow in the IB test
- drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c
- drm/amdgpu: correct the amdgpu runtime dereference usage count
- drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10
- drm/amdgpu: Add EEPROM I2C address support for ip discovery
- drm/amdgpu: Remove redundant I2C EEPROM address
- drm/amdgpu: Decouple RAS EEPROM addresses from chips
- drm/amdgpu: Add support for RAS table at 0x40000
- drm/amdgpu: Remove second moot switch to set EEPROM I2C address
- drm/amdgpu: Return from switch early for EEPROM I2C address
- drm/amdgpu: simplify amdgpu_ras_eeprom.c
- drm/amdgpu: Add I2C EEPROM support on smu v13_0_6
- drm/amdgpu: Update EEPROM I2C address for smu v13_0_0
- usb: gadget: f_hid: fix report descriptor allocation
- serial: 8250_dw: Add ACPI ID for Granite Rapids-D UART
- parport: Add support for Brainboxes IX/UC/PX parallel cards
- cifs: Fix non-availability of dedup breaking generic/304
- Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
- smb: client: fix potential NULL deref in parse_dfs_referrals()
- usb: typec: class: fix typec_altmode_put_partner to put plugs
- [arm64,armhf] PL011: Fix DMA support
- [arm64] serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit
- [arm64] serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt
- [arm64] serial: 8250_omap: Add earlycon support for the AM654 UART
controller
- devcoredump: Send uevent once devcd is ready
- [x86] CPU/AMD: Check vendor in the AMD microcode callback
- USB: gadget: core: adjust uevent timing on gadget unbind
- cifs: Fix flushing, invalidation and file size with copy_file_range()
- cifs: Fix flushing, invalidation and file size with FICLONE
- [mips*] kernel: Clear FPU states when setting up kernel threads
(Closes: #1055021)
- [s390x] KVM: s390/mm: Properly reset no-dat
- [x86] KVM: SVM: Update EFER software model on CR0 trap for SEV-ES
- netfilter: nft_set_pipapo: skip inactive elements during set walk
(CVE-2023-6817)
- [x86] drm/i915/display: Drop check for doublescan mode in modevalid
- [x86] drm/i915/lvds: Use REG_BIT() & co.
- [x86] drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo
- [x86] drm/i915: Skip some timing checks on BXT/GLK DSI transcoders
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.69
- [x86] perf/x86/uncore: Don't WARN_ON_ONCE() for a broken discovery table
- r8152: add USB device driver for config selection
- r8152: add vendor/device ID pair for D-Link DUB-E250
- r8152: add vendor/device ID pair for ASUS USB-C2500
- [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
- ext4: fix warning in ext4_dio_write_end_io()
- ksmbd: fix memory leak in smb2_lock()
- afs: Fix refcount underflow from error handling race (Closes: #1052304)
- HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
(Closes: #1058758)
- net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work
- net: ipv6: support reporting otherwise unknown prefix flags in
RTM_NEWPREFIX
- bnxt_en: Clear resource reservation during resume
- bnxt_en: Save ring error counters across reset
- bnxt_en: Fix wrong return value check in bnxt_close_nic()
- bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic
- atm: solos-pci: Fix potential deadlock on &cli_queue_lock
- atm: solos-pci: Fix potential deadlock on &tx_queue_lock
- net: vlan: introduce skb_vlan_eth_hdr()
- net: fec: correct queue selection
- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
- net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
- iavf: Introduce new state machines for flow director
- iavf: Handle ntuple on/off based on new state machines for flow director
- qed: Fix a potential use-after-free in qed_cxt_tables_alloc
- net: Remove acked SYN flag from packet in the transmit queue correctly
- net: ena: Destroy correct number of xdp queues upon failure
- net: ena: Fix xdp drops handling due to multibuf packets
- net: ena: Fix XDP redirection error
- sign-file: Fix incorrect return values check
- vsock/virtio: Fix unsigned integer wrap around in
virtio_transport_has_space()
- net: stmmac: Handle disabled MDIO busses from devicetree
- appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
- net: atlantic: fix double free in ring reinit logic
- cred: switch to using atomic_long_t
- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
- ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
- ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
- ALSA: hda/realtek: Apply mute LED quirk for HP15-db
- Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
- [mips*] PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
- ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE
- [x86] hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM
- usb: aqc111: check packet for fixup for true limit
- blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
required!"
- blk-cgroup: bypass blkcg_deactivate_policy after destroying
- bcache: avoid oversize memory allocation by small stripe_size
- bcache: remove redundant assignment to variable cur_idx
- bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc()
- bcache: avoid NULL checking to c->root in run_cache_set()
- nbd: fold nbd config initialization into nbd_alloc_config()
- nvme-auth: set explanation code for failure2 msgs
- nvme: catch errors from nvme_configure_metadata()
- [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
- HID: glorious: fix Glorious Model I HID report
- HID: add ALWAYS_POLL quirk for Apple kb
- nbd: pass nbd_sock to nbd_read_reply() instead of index
- HID: hid-asus: reset the backlight brightness level on resume
- HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
- asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290
- [arm64] add dependency between vmlinuz.efi and Image
- HID: hid-asus: add const to read-only outgoing usb buffer
- perf: Fix perf_event_validate_size() lockdep splat
- btrfs: do not allow non subvolume root targets for snapshot
- soundwire: stream: fix NULL pointer dereference for multi_link
- ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
- [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
- team: Fix use-after-free when an option instance allocation fails
- drm/amdgpu/sdma5.2: add begin/end_use ring callbacks
- dmaengine: stm32-dma: avoid bitfield overflow assertion
- mm/mglru: fix underprotected page cache
- mm/shmem: fix race in shmem_undo_range w/THP
- btrfs: free qgroup reserve when ORDERED_IOERR is set
- btrfs: don't clear qgroup reserved bit in release_folio
- drm/amdgpu: fix tear down order in amdgpu_vm_pt_free
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
- [x86] drm/i915: Fix remapped stride with CCS on ADL+
- smb: client: fix OOB in receive_encrypted_standard()
- smb: client: fix NULL deref in asn1_ber_decoder()
- smb: client: fix OOB in smb2_query_reparse_point()
- ring-buffer: Fix memory leak of free page
- tracing: Update snapshot buffer on resize if it is allocated
- ring-buffer: Do not update before stamp when switching sub-buffers
- ring-buffer: Have saved event hold the entire event
- ring-buffer: Fix writing to the buffer with max_data_size
- ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
- ring-buffer: Do not try to put back write_stamp
- ring-buffer: Have rb_time_cmpxchg() set the msb counter too
- net: tls, update curr on splice as well
- r8152: avoid to change cfg for all devices
- r8152: remove rtl_vendor_mode function
- r8152: fix the autosuspend doesn't work
.
[ Salvatore Bonaccorso ]
* Bump ABI to 17
* [rt] Update to 6.1.69-rt21
* [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
This is a breach of the integrity lockdown requirement of secure boot
and thus cannot be enabled.
Thanks to Bastian Blank and Ben Hutchings
* Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
(CVE-2023-51779)
* netfilter: nf_tables: skip set commit for deleted/destroyed sets
* Revert "scsi: aacraid: Reply queue mapping to CPUs based on IRQ affinity"
(Closes: #1059624)
Checksums-Sha1:
97b8255fde753811d8f029a73ec4a03ae05d4363 290924 linux_6.1.69-1.dsc
ab2ef068faf43ae20020165065571c8cb1a14111 137507972 linux_6.1.69.orig.tar.xz
d965c531dd3edcca299b12ed2f02093a7e27b81b 1586832 linux_6.1.69-1.debian.tar.xz
3092fbb92e1e5f8bf2127e4a311426fe84ec1037 7066 linux_6.1.69-1_source.buildinfo
Checksums-Sha256:
eff66c55a2e6a56cf37ff8c06fb830740ba2ff869dc51b98e789acf702487c91 290924 linux_6.1.69-1.dsc
b0a5f7285bffe9f0b7eca2675fe097fd4aeec1bac6d31b76239ba718d3b4fc02 137507972 linux_6.1.69.orig.tar.xz
6ccc5bc6a11a5e592b396702c9975b56c7fd7e758322180927e0acf07c884370 1586832 linux_6.1.69-1.debian.tar.xz
61aafe85f00121acaec649a59e6633fc5823800164e239c0c47a994c9bc27da5 7066 linux_6.1.69-1_source.buildinfo
Files:
148ceb8c54c9778cac65a68de6d3a92a 290924 kernel optional linux_6.1.69-1.dsc
b31060ed820825da2ff064b3fac3740c 137507972 kernel optional linux_6.1.69.orig.tar.xz
7c74ee5a24913c31cdc7a89be868fbab 1586832 kernel optional linux_6.1.69-1.debian.tar.xz
dcd03738d64dca61a76490a9fb7669b2 7066 kernel optional linux_6.1.69-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmWP4+xfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EMiMP/jzSaI7MQ0Pe1QijS6WTC4ej4v9qWebx
0n4vWTQ2zNefe+YVoZK/uzGNBuZ4cD00TeVrc7zvadU84t+4uDP7Cxap22M7m+8P
zhUti3xnESn800EgqLyujlbM/DF8JCTH66AUZkruQSLe3Gf4Nc2RDvPcnbMzDqb+
1Zod0GVCDevFPA8uQ80gv6yWfu4nHDt74kwn/3gRGM6Z97IooNBqclJltP3sMeUO
aWucSGbFh8SMHbkrR7PXyTxOepHNqIrZ4LWLOeRFRUNgRmr3mPDj/Bi0wnRkMVRP
B5tzzaV+/WyTGWrUdsi3LJbk/YUwV54LpponQVmBmT7Pc2SV/7MeA9/aTIqypIoQ
S/U8UEmE9nl+I42wJZtY5FWtQQtuYTdweAuujyRQvW4ynnFVi1oSya8jfLgCHK8L
0tGU+I8vShUv0+BYG0z+YX1Erwr9qYf+UlX33tfAX0VZfhwVF0XjSXWLLzqrIwb3
1YtlhH+c2b0vDxMbvRtH3DOqXaVvIcnMVmCABiE/4OSqy6zLs0HqkUGuS2mnIJCN
bAxWGlsKwEPU0nK+SFm3UFfzR3qQFeN2+KOpE9I+h+ZbWXWE4x57HK/X/phHNEtX
ojSzkYO1HIdmqFd/uIxpB07m8+bh+W25w0mlCrv22NoMNSkatMjpOHkfVnSC61cG
WwPxmAp+wITQ
=QUTV
-----END PGP SIGNATURE-----