-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 01 Jun 2024 11:24:36 +0200
Source: linux
Architecture: source
Version: 5.10.218-1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1068365
Changes:
linux (5.10.218-1) bullseye-security; urgency=high
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
- [arm64,armhf] dmaengine: pl330: issue_pending waits until WFP state
- dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
- wifi: nl80211: don't free NULL coalescing rule
- eeprom: at24: Use dev_err_probe for nvmem register failure
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
- eeprom: at24: fix memory corruption race condition (CVE-2024-35848)
- [armhf] pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of
GPIOR-T
- [arm64] pinctrl/meson: fix typo in PDM's pin name
- pinctrl: core: delete incorrect free in pinctrl_enable()
- sunrpc: add a struct rpc_stats arg to rpc_create_args
- nfs: expose /proc/net/sunrpc/nfs in net namespaces
- nfs: make the rpc_stat per net namespace
- nfs: Handle error of rpc_proc_register() in nfs_net_init().
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
- [s390x] mm: Fix storage key clearing for guest huge pages
- [s390x] mm: Fix clearing storage keys for huge pages
- bna: ensure the copied buf is NUL terminated
- nsh: Restore skb->{protocol,data,mac_header} for outer header in
nsh_gso_segment().
- net l2tp: drop flow hash on forward
- [s390x] vdso: Add CFI for RA register to asm macro vdso_func
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
- net: qede: use return from qede_parse_flow_attr() for flower
- net: qede: use return from qede_parse_flow_attr() for flow_spec
- net: qede: use return from qede_parse_actions()
- cxgb4: Properly lock TX queue for the selftest.
- [arm64,armhf] net: dsa: mv88e6xxx: Fix number of databases for 88E6141 /
88E6341
- net: bridge: fix multicast-to-unicast with fraglist GSO
- net: core: reject skb_copy(_expand) for fraglist GSO skbs
- net: gro: add flush check in udp_gro_receive_segment
- [arm64] clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
- [arm64] KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
- [arm64] KVM: arm64: vgic-v2: Check for non-NULL vCPU in
vgic_v2_parse_attr()
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
- gfs2: Fix invalid metadata access in punch_hole
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
- wifi: cfg80211: fix rdev_dump_mpp() arguments order
- net: mark racy access on sk->sk_rcvbuf
- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
- btrfs: return accurate error code on open failure in open_fs_devices()
- ALSA: line6: Zero-initialize message buffers
- net: bcmgenet: Reset RBUF on first open
- ata: sata_gemini: Check clk_enable() result
- firewire: ohci: mask bus reset interrupts between ISR and bottom half
- btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
- btrfs: always clear PERTRANS metadata during commit
- scsi: target: Fix SELinux error when systemd-modules loads the target
module
- blk-iocost: avoid out of bounds shift
- [arm64,armhf] gpu: host1x: Do not setup DMA for virtual devices
- [mips64el,mipsel]: scall: Save thread_info.syscall unconditionally on
entry (Closes: #1068365)
- fs/9p: only translate RWX permissions for plain 9P2000
- fs/9p: translate O_TRUNC into OTRUNC
- 9p: explicitly deny setlease attempts
- gpio: wcove: Use -ENOTSUPP consistently
- gpio: crystalcove: Use -ENOTSUPP consistently
- clk: Don't hold prepare_lock when calling kref_put()
- fs/9p: drop inodes immediately on non-.L too
- drm/nouveau/dp: Don't probe eDP ports twice harder
- net:usb:qmi_wwan: support Rolling modules
- xfrm: Preserve vlan tags for transport mode software GRO
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(CVE-2024-27398)
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
(CVE-2024-27399)
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
- [x86] hwmon: (corsair-cpro) Use a separate buffer for sending commands
- [x86] hwmon: (corsair-cpro) Use complete_all() instead of complete() in
ccp_raw_event()
- [x86] hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
- phonet: fix rtm_phonet_notify() skb allocation
- kcov: Remove kcov include from sched.h and move it to its users.
- net: bridge: fix corrupted ethernet header on multicast-to-unicast
- ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
- [arm64] net: hns3: use appropriate barrier function after setting a bit
value
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
- firewire: nosy: ensure user_length is taken into account when fetching
packet contents (CVE-2024-27401)
- [arm64] dts: qcom: Fix 'interrupt-map' parent address cells
- usb: typec: ucsi: Check for notifications after init
- usb: typec: ucsi: Fix connector check on init
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
device
- usb: ohci: Prevent missed ohci interrupts
- usb: gadget: composite: fix OS descriptors w_value logic
- usb: gadget: f_fs: Fix a race condition when processing setup packets.
- usb: xhci-plat: Don't include xhci.h
- usb: dwc3: core: Prevent phy suspend during init
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
- iio:imu: adis16475: Fix sync mode setting
- iio: accel: mxc4005: Interrupt handling fixes
- net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
- dyndbg: fix old BUG_ON in >control parser
- mei: me: add lunar lake point M DID
- drm/vmwgfx: Fix invalid reads in fence signaled events
- net: fix out-of-bounds access in ops_init
- regulator: core: fix debugfs creation regression
- keys: Fix overwrite of key expiration on instantiation
- md: fix kmemleak of rdev->serial (CVE-2024-26900)
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.218
- pinctrl: core: handle radix_tree_insert() errors in
pinctrl_register_one_pin()
- [x86] xen: Drop USERGS_SYSRET64 paravirt call
- [arm64] net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
- [arm64] net: bcmgenet: synchronize UMAC_CMD access
- ima: fix deadlock when traversing "ima_default_rules".
- netlink: annotate lockless accesses to nlk->max_recvmsg_len
- [x86] KVM: x86: Clear "has_error_code", not "error_code", for RM exception
injection
- firmware: arm_scmi: Harden accesses to the reset domains (CVE-2022-48655)
- mptcp: ensure snd_nxt is properly initialized on connect
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
- drm/amdgpu: Fix possible NULL dereference in
amdgpu_ras_query_error_status_helper() (CVE-2023-52585)
- usb: typec: ucsi: displayport: Fix potential deadlock
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code
- docs: kernel_include.py: Cope with docutils 0.21
.
[ Salvatore Bonaccorso ]
* Bump ABI to 30
Checksums-Sha1:
3d646b6226bb63236f4e14f16b01333d044a978d 205890 linux_5.10.218-1.dsc
dc5f727fed17982e90cedcfe160c5ab3fe019206 121946232 linux_5.10.218.orig.tar.xz
bd86a886948f858e69b17116b7bc6894dfbd4de6 1669672 linux_5.10.218-1.debian.tar.xz
16249d386518106424c894b27e4977978dad1e56 6815 linux_5.10.218-1_source.buildinfo
Checksums-Sha256:
fc0020c86209e345b13767cbb95be68760f821c4bac474b354ddbb52157e8a4b 205890 linux_5.10.218-1.dsc
f04ed0fa9bbfb5602b1c2227b993ae104bcdabb6803b69178129ad77b5191f3f 121946232 linux_5.10.218.orig.tar.xz
37e7dc1bd2c06052e23f7621e53d3f565f722b4f209bf01af71eacdc609cfbb5 1669672 linux_5.10.218-1.debian.tar.xz
f0848ca0c822a0a43b740d03c79dbde7137bfa4d8dfd90620f3359fc5a83e220 6815 linux_5.10.218-1_source.buildinfo
Files:
0dfd34533c9a9938d32e7db006dda8bc 205890 kernel optional linux_5.10.218-1.dsc
2348f072dfeba490bc837f3fb16756f4 121946232 kernel optional linux_5.10.218.orig.tar.xz
b316821467a1d1dd06b13b4e31ed384c 1669672 kernel optional linux_5.10.218-1.debian.tar.xz
7a73b934e1a325b1ba7ab8d885f97d1d 6815 kernel optional linux_5.10.218-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmZa6UpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E2mMP/2iLrAMcBzrWTVt9NN9m1DWZ3agVrKpQ
BNavnQRBsGB12zStWmPLXdoWY2HqyA4sLmH2An5efI6vhmt8ROgBqaDDRUqm1CBw
VRvUVjrKh8v6JOGdx71aJxUYsXrByfBZtctwVZzyQmvYW4FQ0frjtXBKJXJebKaU
Eit9jsTiSYvwr0j9NjLtteckE7ZPDL3ho/d8stMAoc+4DS6gwLH3zSlJZNVztfGU
Ead5uPXTGVIPqXm3KMQDkc3b3kG4s2veb4NTmBvGK5rg+IRaK8xqOP6UmbqNMtOh
0SpwuTlyo5EiwVv13AAU+X0x6e8h1W6Ulw4XVX7lWZASU+mR0uvq0Yk0k7wON8es
NvqZ9iISpbrFU+cOUhhTYMgLpHQgtVHRseSI1d4q2Akaq064AV0k2LQUgOqlROEI
oOtOIjqLo3ccTxsOk1/WneMg+ll3/eIW7Y58kd/1CY+aXhKyQVArbB8l41qap4Pm
izUB1sioJhXjqSaqy3NN7rk9+Rmp9KmuJN7mCq2PaItOxpaCQj173lC+cFZ2L4e2
l7mk4fV7QCAEZ5j7SyEKMXA1xG5NDIZgsUqgboAf2/cb1Mqs0Edji/fpXeVNO6q9
gVkJi666S6Vm4alnDreuuLpJJm5HQEKx0DVeOonKruQrox1CoeiyUUOtOYg4Fvdv
tNl/at2BBvvv
=0dpp
-----END PGP SIGNATURE-----
Attachment:
pgpDkuIX7Z1g3.pgp
Description: PGP signature