-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 17 Mar 2022 16:40:47 +0100 Source: linux Architecture: source Version: 5.10.106-1 Distribution: bullseye Urgency: medium Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Changes: linux (5.10.106-1) bullseye; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104 - mac80211_hwsim: report NOACK frames in tx_status - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work - [arm*] i2c: bcm2835: Avoid clock stretching timeouts - ASoC: rt5682: do not block workqueue if card is unbound - regulator: core: fix false positive in regulator_late_cleanup() - Input: clear BTN_RIGHT/MIDDLE on buttonpads - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW - tipc: fix a bit overflow in tipc_crypto_key_rcv() - cifs: fix double free race when mount fails in cifs_get_root() - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) - usb: gadget: clear related members when goto fail (CVE-2022-24958) - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I() - exfat: fix i_blocks for files truncated over 4 GiB - tracing: Add test for user space strings when filtering on string pointers - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char - ata: pata_hpt37x: fix PCI clock detection - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag - tracing: Add ustring operation to filtering string pointers - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - [amd64] iommu/amd: Recover from event log overflow - [x86] drm/i915: s/JSP2/ICP2/ PCH - xen/netfront: destroy queues before real_num_tx_queues is zeroed - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls - xfrm: fix MTU regression - netfilter: fix use-after-free in __nf_register_net_hook() - bpf, sockmap: Do not ignore orig_len parameter - xfrm: fix the if_id check in changelink - xfrm: enforce validity of offload input flags - e1000e: Correct NVM checksum verification flow - net: fix up skbs delta_truesize in UDP GRO frag_list - netfilter: nf_queue: don't assume sk is full socket - netfilter: nf_queue: fix possible use-after-free - netfilter: nf_queue: handle socket prefetch - batman-adv: Request iflink once in batadv-on-batadv check - batman-adv: Request iflink once in batadv_get_real_netdevice - batman-adv: Don't expect inter-netns unique iflink indices - net: ipv6: ensure we call ipv6_mc_down() at most once - net: dcb: flush lingering app table entries for unregistered devices - net/smc: fix connection leak - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server - rcu/nocb: Fix missed nocb_timer requeue - ice: Fix race conditions between virtchnl handling and VF ndo ops - ice: fix concurrent reset and removal of VFs - sched/topology: Make sched_init_numa() use a set for the deduplicating sort - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() - mac80211: fix forwarded mesh frames AC & queue selection - net: stmmac: fix return value of __setup handler - mac80211: treat some SAE auth steps as final - iavf: Fix missing check for running netdev - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() - efivars: Respect "block" flag in efivar_entry_set_safe() - can: gs_usb: change active_channels's type from atomic_t to u8 - igc: igc_read_phy_reg_gpy: drop premature return - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() functions - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs - igc: igc_write_phy_reg_gpy: drop premature return - memfd: fix F_SEAL_WRITE after shmem huge page allocated - [armhf] dts: switch timer config to common devkit8000 devicetree - [armhf] dts: Use 32KiHz oscillator on devkit8000 - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed - [arm64] soc: fsl: guts: Add a missing memory allocation failure check - [armhf] tegra: Move panels to AUX bus - net: chelsio: cxgb3: check the return value of pci_find_capability() - iavf: Refactor iavf state machine tracking - nl80211: Handle nla_memdup failures in handle_nan_filter - drm/amdgpu: fix suspend/resume hang regression - net: dcb: disable softirqs in dcbnl_flush_dev() - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume - HID: add mapping for KEY_DICTATE - HID: add mapping for KEY_ALL_APPLICATIONS - tracing/histogram: Fix sorting on old "cpu" value - tracing: Fix return value of __setup handlers - btrfs: fix lost prealloc extents beyond eof after full fsync - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup - btrfs: add missing run of delayed items after unlink during log replay - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" - hamradio: fix macro redefine warning https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105 - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd - [armhf] report Spectre v2 status through sysfs - [armel,armhf] early traps initialisation - [armel,armhf] use LOADADDR() to get load address of sections - [armel,armhf] Spectre-BHB workaround - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition - [arm64] Add Cortex-X2 CPU part definition - [arm64] Add Cortex-A510 CPU part definition - [arm64] Add HWCAP for self-synchronising virtual counter - [arm64] add ID_AA64ISAR2_EL1 sys register - [arm64] cpufeature: add HWCAP for FEAT_AFP - [arm64] cpufeature: add HWCAP for FEAT_RPRES - [arm64] entry.S: Add ventry overflow sanity checks - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit - [arm64] entry: Make the trampoline cleanup optional - [arm64] entry: Free up another register on kpti's tramp_exit path - [arm64] entry: Move the trampoline data page before the text page - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary - [arm64] entry: Don't assume tramp_vectors is the start of the vectors - [arm64] entry: Move trampoline macros out of ifdef'd section - [arm64] entry: Make the kpti trampoline's kpti sequence optional - [arm64] entry: Allow the trampoline text to occupy multiple pages - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations - [arm64] entry: Add vectors that have the bhb mitigation sequences - [arm64] entry: Add macro for reading symbol addresses from the trampoline - [arm64] Add percpu vectors for EL1 - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A - [arm64] Mitigate spectre style branch history side channels - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated - [arm64] Use the clearbhb instruction in mitigations - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [armel,armhf] fix co-processor register typo - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld - [armhf] fix build warning in proc-v7-bugs.c - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case (CVE-2022-23040, XSA-396) - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, CVE-2022-23038, XSA-396) - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23036, XSA-396) - xen/netfront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23037, XSA-396) - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status (CVE-2022-23038, XSA-396) - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, XSA-396) - xen: remove gnttab_query_foreign_access() - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) - xen/gnttab: fix gnttab_end_foreign_access() without page specified (CVE-2022-23041, XSA-396) - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (CVE-2022-23042, XSA-396) - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE" https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106 - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias - tipc: fix kernel panic when enabling bearer - mISDN: Remove obsolete PIPELINE_DEBUG debugging information - mISDN: Fix memory leak in dsp_pipeline_build() - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() - net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() - esp: Fix BEET mode inter address family tunneling on GSO - qed: return status of qed_iov_get_link - i40e: stop disabling VFs due to PF error responses - ice: stop disabling VFs due to PF error responses - ice: Align macro names to the specification - ice: Remove unnecessary checker loop - ice: Rename a couple of variables - ice: Fix curr_link_speed advertised speed - tipc: fix incorrect order of state message data sanity check - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable - ax25: Fix NULL pointer dereference in ax25_kill_by_device - net/mlx5: Fix size field in bufferx_reg struct - net/mlx5: Fix a race on command flush flow - net/mlx5e: Lag, Only handle events from highest priority multipath entry - NFC: port100: fix use-after-free in port100_send_complete - net: phy: DP83822: clear MISR2 register to disable interrupts - sctp: fix kernel-infoleak for SCTP sockets - [arm64] net: bcmgenet: Don't claim WOL when its not available - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort - net-sysfs: add check for netdevice being present to speed_show - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read - gpio: Return EPROBE_DEFER if gc->to_irq is NULL - Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" - Revert "xen-netback: Check for hotplug-status existence before watching" - ipv6: prevent a possible race condition with lifetimes - tracing: Ensure trace buffer is at least 4096 bytes large - fuse: fix pipe buffer lifetime for direct_io - staging: rtl8723bs: Fix access-point mode deadlock - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive - [arm64] mmc: meson: Fix usage of meson_mmc_post_req() - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0 - virtio: unexport virtio_finalize_features - virtio: acknowledge all features before access - watch_queue, pipe: Free watchqueue state after clearing pipe ring (CVE-2022-0995) - watch_queue: Fix to release page in ->release() (CVE-2022-0995) - watch_queue: Fix to always request a pow-of-2 pipe ring size (CVE-2022-0995) - watch_queue: Fix the alloc bitmap size to reflect notes allocated (CVE-2022-0995) - watch_queue: Free the alloc bitmap when the watch_queue is torn down (CVE-2022-0995) - watch_queue: Fix lack of barrier/sync/lock between post and read (CVE-2022-0995) - watch_queue: Make comment about setting ->defunct more accurate (CVE-2022-0995) - [x86] boot: Fix memremap of setup_indirect structures - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data() - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL - ext4: add check to prevent attempting to resize an fs with sparse_super2 - [armel,armhf] fix Thumb2 regression with Spectre BHB - watch_queue: Fix filter limit check ((CVE-2022-0995) . [ Salvatore Bonaccorso ] * Bump ABI to 13 * [rt] Update to 5.10.104-rt63 * [rt] Update to 5.10.106-rt64 * sctp: fix the processing for INIT chunk (CVE-2021-3772) * tcp: make tcp_read_sock() more robust * io_uring: return back safer resurrect * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable Checksums-Sha1: 444b5333f6b079c35c9c3a649b2ab6d00aec886d 197238 linux_5.10.106-1.dsc 184b3f6066421a19f82bf0ab99ecb0244e4ca7b4 121690564 linux_5.10.106.orig.tar.xz 90ecf21de314a6115774a3f5254f09a3a4a16452 1493304 linux_5.10.106-1.debian.tar.xz 3f58069ce951867ddd51ada11ae2eed92ac37f82 6460 linux_5.10.106-1_source.buildinfo Checksums-Sha256: 96cfb5d5406b674bd8680af79c0dbeb6e2a4393f5aa2128da4200df2f7874777 197238 linux_5.10.106-1.dsc 3627e9d9780005bafc88a3d6328c8cb28595ead750a15a1dc91bd38bda5177f3 121690564 linux_5.10.106.orig.tar.xz 348d8afa319885537c57c0219f1683fcd9383f2a7f86a64be33a879ca4d0e874 1493304 linux_5.10.106-1.debian.tar.xz 6c54a9925d9f893cf3f626ca2f7a649d030b14c6c18ac2a394c1f869443b8149 6460 linux_5.10.106-1_source.buildinfo Files: 2122a981cc9143076ab885a40902d1d1 197238 kernel optional linux_5.10.106-1.dsc 18320d785b891d59cb1c0d4155cbf900 121690564 kernel optional linux_5.10.106.orig.tar.xz b3d0ac5036d90a644782c998b279a430 1493304 kernel optional linux_5.10.106-1.debian.tar.xz cc51f2d9732482fac40e9d9ce43c9464 6460 kernel optional linux_5.10.106-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmIzV+JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E1xwP/1wm+VT5AIbE75AYT+IDx0r/au1+9UFm 7XXoIRurlivL7JAWjP5vpuHs1JIUwgk6XeW05EXxp3SeiFbbud7H640TCdUawjXP Y+pnSkNszzWKXEkbq4uxpZvR2dEzmqH3N1upXEjjaFDg0NXfvrgoK/YcbAb/jgry M81VbrhlcG/VqS0Rwqp46qzrTjcK1FQVm7oYvvXpAXWB5PnB94CHX1joX5n5Fi6U W/WqnVPSD5E64QLHzWj+bqLR9J6/oZF42KSh47H0WfaSHfimdb9+DqRepSKMGYtF 7pek5heMVTwVzGkIeN3KnBFp6FxOYWwpo0JbaHUQJ7xi1awLce+6Wb7Hbaf+xKOy Crcx2o3ZyIIF1E+/MRhp4WXFMPEirO8RVxu6Z7Uq24iBYHcBYVXDqJiW5Erk516a wPssbos1xXucfXOEQwD5G1YM17PW57+iS35K2feKeKv7Haf1LqAaEN7XrGBWE8MD VHoAQTGY4I3j/8yXT+Wi4hsz2f6BQALzFz2ThJqHQhbfX+r8QJBZJfku/cmQTsrS 6aUSlC0BJyH36f5aG3ujunYZgQ0xQU/XhOSWta3Av3OpnI1BA3tVdjWMHWAyFfM5 zKqYG7fWXY1rTbnDn1I5ojgdQB/8T4GviLEFeNvzd+dUhZnV0FTTqzaLsySbc/Mk 9IJUlUzPUiB3 =Zcfn -----END PGP SIGNATURE-----