Comment 1 Quality Assurance 2025-01-30 17:00:32 CET

--- mirror/ftp/pool/main/l/linux/linux_6.1.119-1.dsc
+++ apt/ucs_5.2-0-errata5.2-0/source/linux_6.1.123-1.dsc
@@ -1,3 +1,1067 @@
+6.1.123-1 [Thu, 02 Jan 2025 14:31:22 +0100] Salvatore Bonaccorso <carnil@debian.org>:
+
+  * New upstream stable update:
+    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.120
+    - [x86] ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated
+      codec
+    - [x86] ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10
+      tablet
+    - [x86] ASoC: Intel: sst: Support LPE0F28 ACPI HID
+    - wifi: iwlwifi: mvm: Use the sync timepoint API in suspend
+    - mac80211: fix user-power when emulating chanctx
+    - usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver
+    - ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13
+    - bpf: fix filed access without lock
+    - net: usb: qmi_wwan: add Quectel RG650V
+    - soc: qcom: Add check devm_kasprintf() returned value
+    - regulator: rk808: Add apply_bit for BUCK3 on RK809
+    - [x86] platform/x86: dell-smbios-base: Extends support to Alienware
+      products
+    - [x86] platform/x86: dell-wmi-base: Handle META key Lock/Unlock events
+    - tools/lib/thermal: Remove the thermal.h soft link when doing make clean
+    - can: j1939: fix error in J1939 documentation.
+    - [x86] platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing
+      incorrect fan speed
+    - [x86] ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14
+      Gen 6
+    - [armhf] ASoC: stm: Prevent potential division by zero in
+      stm32_sai_mclk_round_rate()
+    - [armhf] ASoC: stm: Prevent potential division by zero in
+      stm32_sai_get_clk_div()
+    - drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less
+      strict
+    - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width
+    - ASoC: audio-graph-card2: Purge absent supplies for device tree nodes
+    - ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry
+    - [armel,armhf] 9420/1: smp: Fix SMP for xip kernels
+    - ipmr: Fix access to mfc_cache_list without lock held
+    - closures: Change BUG_ON() to WARN_ON() (CVE-2024-42252)
+    - net: fix crash when config small gso_max_size/gso_ipv4_max_size
+      (CVE-2024-50258)
+    - serial: sc16is7xx: fix invalid FIFO access with special register set
+      (CVE-2024-44950)
+    - cifs: Fix buffer overflow when parsing NFS reparse points (CVE-2024-49996)
+    - fpga: bridge: add owner module and take its refcount (CVE-2024-36479)
+    - fpga: manager: add owner module and take its refcount (CVE-2024-37021)
+    - drm/amd/display: Add NULL check for function pointer in
+      dcn32_set_output_transfer_func (CVE-2024-49909)
+    - drm/amd/display: Check null-initialized variables (CVE-2024-49898)
+    - Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue
+    - Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (CVE-2024-49951)
+    - fbdev: efifb: Register sysfs groups through driver core (CVE-2024-49925)
+    - mptcp: fix possible integer overflow in mptcp_reset_tout_timer
+    - wifi: rtw89: avoid to add interface to list twice when SER
+      (CVE-2024-49939)
+    - drm/amd/display: Initialize denominators' default to 1 (CVE-2024-49899)
+    - fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name
+    - [x86] barrier: Do not serialize MSR accesses on AMD
+    - [s390x] cio: Do not unregister the subchannel based on DNV
+    - brd: defer automatic disk creation until module initialization succeeds
+    - ext4: make 'abort' mount option handling standard
+    - ext4: avoid remount errors with 'abort' mount option
+    - [mips*] asm: fix warning when disabling MIPS_FP_SUPPORT
+    - initramfs: avoid filename buffer overrun (CVE-2024-53142)
+    - nvme-pci: fix freeing of the HMB descriptor table
+    - [arm64] acpi/arm64: Adjust error handling procedure in
+      gtdt_parse_timer_block()
+    - cachefiles: Fix missing pos updates in cachefiles_ondemand_fd_write_iter()
+    - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
+    - block: fix bio_split_rw_at to take zone_write_granularity into account
+    - [s390x] syscalls: Avoid creation of arch/arch/ directory
+    - hfsplus: don't query the device logical block size multiple times
+    - nvme-pci: reverse request order in nvme_queue_rqs
+    - virtio_blk: reverse request order in virtio_queue_rqs
+    - crypto: caam - Fix the pointer passed to caam_qi_shutdown()
+    - firmware: google: Unregister driver_info on failure
+    - EDAC/bluefield: Fix potential integer overflow
+    - [x86] crypto: qat - remove faulty arbiter config reset
+    - thermal: core: Initialize thermal zones before registering them
+    - EDAC/fsl_ddr: Fix bad bit shift operations
+    - crypto: pcrypt - Call crypto layer directly when padata_do_parallel()
+      return -EBUSY
+    - crypto: cavium - Fix the if condition to exit loop after timeout
+    - crypto: hisilicon/qm - disable same error report before resetting
+    - EDAC/igen6: Avoid segmentation fault on module unload
+    - crypto: inside-secure - Fix the return value of
+      safexcel_xcbcmac_cra_init()
+    - doc: rcu: update printed dynticks counter bits
+    - hwmon: (nct6775-core) Fix overflows seen when writing limit attributes
+    - ACPI: CPPC: Fix _CPC register setting issue
+    - crypto: caam - add error check to caam_rsa_set_priv_key_form
+    - crypto: bcm - add error check in the ahash_hmac_init function
+    - crypto: cavium - Fix an error handling path in cpt_ucode_load_fw()
+    - tools/lib/thermal: Make more generic the command encoding function
+    - thermal/lib: Fix memory leak on error in thermal_genl_auto()
+    - time: Fix references to _msecs_to_jiffies() handling of values
+    - seqlock/latch: Provide raw_read_seqcount_latch_retry()
+    - clocksource/drivers:sp804: Make user selectable
+    - clocksource/drivers/timer-ti-dm: Fix child node refcount handling
+    - spi: spi-fsl-lpspi: downgrade log level for pio mode
+    - spi: spi-fsl-lpspi: Use IRQF_NO_AUTOEN flag in request_irq()
+    - drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()
+    - microblaze: Export xmb_manager functions
+    - [arm64] dts: mt8195: Fix dtbs_check error for infracfg_ao node
+    - soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq()
+    - soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
+    - mmc: mmc_spi: drop buggy snprintf()
+    - tpm: fix signed/unsigned bug when checking event logs
+    - [arm64] dts: mt8183: krane: Fix the address of eeprom at i2c4
+    - [arm64] dts: mt8183: kukui: Fix the address of eeprom at i2c4
+    - [arm64] dts: mediatek: mt8173-elm-hana: Add vdd-supply to second source
+      trackpad
+    - Revert "cgroup: Fix memory leak caused by missing cgroup_bpf_offline"
+    - cgroup/bpf: only cgroup v2 can be attached by bpf programs
+    - [arm64] dts: mt8183: fennel: add i2c2's i2c-scl-internal-delay-ns
+    - [arm64] dts: mt8183: burnet: add i2c2's i2c-scl-internal-delay-ns
+    - [arm64] dts: mt8183: cozmo: add i2c2's i2c-scl-internal-delay-ns
+    - [arm64] dts: mt8183: Damu: add i2c2's i2c-scl-internal-delay-ns
+    - pwm: imx27: Workaround of the pwm output bug when decrease the duty cycle
+    - [armhf] dts: cubieboard4: Fix DCDC5 regulator constraints
+    - pmdomain: ti-sci: Add missing of_node_put() for args.np
+    - regmap: irq: Set lockdep class for hierarchical IRQ domains
+    - [arm64] dts: mt8183: jacuzzi: Move panel under aux-bus
+    - [arm64] dts: mediatek: mt8183-kukui-jacuzzi: Fix DP bridge supply names
+    - [arm64] dts: mediatek: mt8183-kukui-jacuzzi: Add supplies for fixed
+      regulators
+    - [arm64] firmware: arm_scpi: Check the DVFS OPP count returned by the
+      firmware
+    - venus: venc: add handling for VIDIOC_ENCODER_CMD
+    - media: venus: provide ctx queue lock for ioctl synchronization
+    - media: atomisp: Add check for rgby_data memory allocation failure
+    - [x86] platform/x86: panasonic-laptop: Return errno correctly in show
+      callback
+    - drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused
+    - [arm64,armhf] drm/vc4: hvs: Don't write gamma luts on 2711
+    - [arm64,armhf] drm/vc4: hdmi: Avoid hang with debug registers when
+      suspended
+    - [arm64,armhf] drm/vc4: hvs: Fix dlist debug not resetting the next entry
+      pointer
+    - [arm64,armhf] drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs
+      function
+    - [arm64,armhf] drm/vc4: hvs: Correct logic on stopping an HVS channel
+    - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
+    - drm/omap: Fix possible NULL dereference
+    - drm/omap: Fix locking in omap_gem_new_dmabuf()
+    - wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq()
+    - wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq()
+    - [arm64] drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq()
+    - [arm64] drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq()
+    - [arm64] drm/v3d: Address race-condition in MMU flush
+    - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1
+    - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2
+    - dt-bindings: vendor-prefixes: Add NeoFidelity, Inc
+    - ASoC: fsl_micfil: fix regmap_write_bits usage
+    - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode
+    - drm/bridge: anx7625: Drop EDID cache on bridge power off
+    - libbpf: Fix output .symtab byte-order during linking
+    - bpf: Fix the xdp_adjust_tail sample prog issue
+    - libbpf: fix sym_is_subprog() logic for weak global subprogs
+    - libbpf: never interpret subprogs in .text as entry programs
+    - netdevsim: copy addresses for both in and out paths
+    - drm/bridge: tc358767: Fix link properties discovery
+    - wifi: mwifiex: Fix memcpy() field-spanning write warning in
+      mwifiex_config_scan()
+    - drm: fsl-dcu: enable PIXCLK on LS1021A
+    - [arm64,armhf] drm/panfrost: Remove unused id_mask from struct
+      panfrost_model
+    - [arm64] bpf, arm64: Remove garbage frame for struct_ops trampoline
+    - [arm64] drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq()
+    - [arm64] drm/msm/gpu: Add devfreq tuning debugfs
+    - [arm64] drm/msm/gpu: Bypass PM QoS constraint for idle clamp
+    - [arm64] drm/msm/gpu: Check the status of registration to PM QoS
+    - [arm64,armhf] drm/etnaviv: Request pages from DMA32 zone on
+      addressing_limited
+    - [arm64,armhf] drm/etnaviv: fix power register offset on GC300
+    - [arm64,armhf] drm/etnaviv: hold GPU lock across perfmon sampling
+    - wifi: wfx: Fix error handling in wfx_core_init()
+    - [arm64] drm/msm/dpu: cast crtc_clk calculation to u64 in
+      _dpu_core_perf_calc_clk()
+    - netfilter: nf_tables: skip transaction if update object is not implemented
+    - netfilter: nf_tables: must hold rcu read lock while iterating object type
+      list
+    - netlink: typographical error in nlmsg_type constants definition
+    - bpf, sockmap: Several fixes to bpf_msg_push_data
+    - bpf, sockmap: Several fixes to bpf_msg_pop_data
+    - bpf, sockmap: Fix sk_msg_reset_curr
+    - sock_diag: add module pointer to "struct sock_diag_handler"
+    - sock_diag: allow concurrent operations
+    - sock_diag: allow concurrent operation in sock_diag_rcv_msg()
+    - net: use unrcu_pointer() helper
+    - ipv6: release nexthop on device removal
+    - net: rfkill: gpio: Add check for clk_enable()
+    - ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
+    - ALSA: us122l: Use snd_card_free_when_closed() at disconnection
+    - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
+    - ALSA: 6fire: Release resources at card release
+    - Bluetooth: fix use-after-free in device_for_each_child()
+    - netpoll: Use rcu_access_pointer() in netpoll_poll_lock
+    - wireguard: selftests: load nf_conntrack if not present
+    - bpf: fix recursive lock when verdict program return SK_PASS
+    - unicode: Fix utf8_load() error path
+    - trace/trace_event_perf: remove duplicate samples on the first tracepoint
+      event
+    - pinctrl: zynqmp: drop excess struct member description
+    - [powerpc*] vdso: Flag VDSO64 entry points as functions
+    - mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race
+    - mfd: da9052-spi: Change read-mask to write-mask
+    - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device
+    - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device
+    - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices
+    - cpufreq: loongson2: Unregister platform_driver on failure
+    - [powerpc*] fadump: Refactor and prepare fadump_cma_init for late init
+    - [powerpc*] fadump: Move fadump_cma_init to setup_arch() after
+      initmem_init()
+    - memory: renesas-rpc-if: Improve Runtime PM handling
+    - memory: renesas-rpc-if: Pass device instead of rpcif to rpcif_*()
+    - memory: renesas-rpc-if: Remove Runtime PM wrappers
+    - mtd: hyperbus: rpc-if: Convert to platform remove callback returning void
+    - mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE
+    - mtd: rawnand: atmel: Fix possible memory leak
+    - [powerpc*] mm/fault: Fix kfence page fault reporting
+    - [powerpc*] pseries: Fix dtl_access_lock to be a rw_semaphore
+    - cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw()
+    - cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost()
+    - [arm64] RDMA/hns: Fix an AEQE overflow error caused by untimely update of
+      eq_db_ci
+    - [arm64] RDMA/hns: Add clear_hem return value to log
+    - [arm64] RDMA/hns: Use dev_* printings in hem code instead of ibdev_*
+    - [arm64] RDMA/hns: Remove unnecessary QP type checks
+    - [arm64] RDMA/hns: Fix cpu stuck caused by printings during reset
+    - RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey
+    - clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset
+    - clk: renesas: rzg2l: Fix FOUTPOSTDIV clk
+    - clk: imx: lpcg-scu: SW workaround for errata (e10858)
+    - clk: imx: fracn-gppll: correct PLL initialization flow
+    - clk: imx: fracn-gppll: fix pll power up
+    - clk: imx: clk-scu: fix clk enable state save and restore
+    - [amd64] iommu/vt-d: Fix checks and print in dmar_fault_dump_ptes()
+    - [amd64] iommu/vt-d: Fix checks and print in pgtable_walk()
+    - mfd: rt5033: Fix missing regmap_del_irq_chip()
+    - fs/proc/kcore.c: fix coccinelle reported ERROR instances
+    - scsi: bfa: Fix use-after-free in bfad_im_module_exit()
+    - scsi: fusion: Remove unused variable 'rc'
+    - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
+    - scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
+    - [arm64] RDMA/hns: Fix out-of-order issue of requester when setting FENCE
+    - [arm64] RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()
+    - cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost()
+    - cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power()
+    - ocfs2: fix uninitialized value in ocfs2_file_read_iter()
+    - dax: delete a stale directory pmem
+    - KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests
+    - KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending
+      doorbells
+    - [powerpc*] sstep: make emulate_vsx_load and emulate_vsx_store static
+    - [powerpc*] kexec: Fix return of uninitialized variable
+    - fbdev/sh7760fb: Alloc DMA memory from hardware device
+    - fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
+    - clk: clk-apple-nco: Add NULL check in applnco_probe
+    - dt-bindings: clock: axi-clkgen: include AXI clk
+    - clk: clk-axi-clkgen: make sure to enable the AXI bus clock
+    - pinctrl: k210: Undef K210_PC_DEFAULT
+    - smb: cached directories can be more than root file handle
+    - mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb()
+    - perf cs-etm: Don't flush when packet_queue fills up
+    - PCI: Fix reset_method_store() memory leak
+    - perf stat: Close cork_fd when create_perf_stat_counter() failed
+    - perf stat: Fix affinity memory leaks on error path
+    - f2fs: compress: fix inconsistent update of i_blocks in
+      release_compress_blocks and reserve_compress_blocks
+    - f2fs: fix to account dirty data in __get_secs_required()
+    - perf probe: Fix libdw memory leak
+    - perf probe: Correct demangled symbols in C++ program
+    - PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads
+    - PCI: cpqphp: Fix PCIBIOS_* return value confusion
+    - perf ftrace latency: Fix unit on histogram first entry when using
+      --use-nsec
+    - f2fs: fix the wrong f2fs_bug_on condition in f2fs_do_replace_block
+    - f2fs: remove struct segment_allocation default_salloc_ops
+    - f2fs: open code allocate_segment_by_default
+    - f2fs: remove the unused flush argument to change_curseg
+    - f2fs: check curseg->inited before write_sum_page in change_curseg
+    - f2fs: fix to avoid use GC_AT when setting gc_mode as GC_URGENT_LOW or
+      GC_URGENT_MID
+    - f2fs: fix to avoid forcing direct write to use buffered IO on inline_data
+      inode
+    - perf trace: avoid garbage when not printing a trace event's arguments
+    - svcrdma: Address an integer overflow
+    - perf trace: Do not lose last events in a race
+    - perf trace: Avoid garbage when not printing a syscall's arguments
+    - remoteproc: qcom: q6v5: Use _clk_get_optional for aggre2_clk
+    - remoteproc: qcom: pas: add minidump_id to SM8350 resources
+    - rpmsg: glink: Fix GLINK command prefix
+    - rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length
+    - remoteproc: qcom_q6v5_mss: Re-order writes to the IMEM region
+    - NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
+    - NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir()
+    - sunrpc: simplify two-level sysctl registration for svcrdma_parm_table
+    - svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()
+    - NFSD: Fix nfsd4_shutdown_copy()
+    - hwmon: (tps23861) Fix reporting of negative temperatures
+    - vdpa/mlx5: Fix suboptimal range on iotlb iteration
+    - vfio/pci: Properly hide first-in-list PCIe extended capability
+    - fs_parser: update mount_api doc to match function signature
+    - power: supply: core: Remove might_sleep() from power_supply_put()
+    - power: supply: bq27xxx: Fix registers of bq27426
+    - net: usb: lan78xx: Fix double free issue with interrupt buffer allocation
+    - net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device
+    - tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets
+    - net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL
+      configuration
+    - [s390x] iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()
+    - net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged
+    - net: mdio-ipq4019: add missing error check
+    - marvell: pxa168_eth: fix call balance of pep->clk handling routines
+    - net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken
+    - spi: atmel-quadspi: Fix register name in verbose logging function
+    - net: hsr: fix hsr_init_sk() vs network/transport headers.
+    - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down
+    - Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync
+    - crypto: api - Add crypto_tfm_get
+    - crypto: api - Add crypto_clone_tfm
+    - llc: Improve setsockopt() handling of malformed user input
+    - rxrpc: Improve setsockopt() handling of malformed user input
+    - tcp: Fix use-after-free of nreq in reqsk_timer_handler().
+    - ip6mr: fix tables suspicious RCU usage
+    - ipmr: fix tables suspicious RCU usage
+    - iio: light: al3010: Fix an error handling path in al3010_probe()
+    - usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read()
+    - usb: yurex: make waiting on yurex_write interruptible
+    - USB: chaoskey: fail open after removal
+    - USB: chaoskey: Fix possible deadlock chaoskey_list_lock
+    - misc: apds990x: Fix missing pm_runtime_disable()
+    - counter: stm32-timer-cnt: Add check for clk_enable()
+    - counter: ti-ecap-capture: Add check for clk_enable()
+    - ALSA: hda/realtek: Update ALC256 depop procedure
+    - apparmor: fix 'Do simple duplicate message elimination'
+    - [x86] ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry
+    - mailbox: mtk-cmdq: Move devm_mbox_controller_register() after
+      devm_pm_runtime_enable()
+    - fs/ntfs3: Fixed overflow check in mi_enum_attr() (CVE-2024-27407)
+    - ntfs3: Add bounds checking to mi_enum_attr() (CVE-2024-50248)
+    - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata
+      paths (CVE-2024-49891)
+    - xfs: add bounds checking to xlog_recover_process_data (CVE-2024-41014)
+    - xen: Fix the issue of resource not being properly released in
+      xenbus_dev_probe()
+    - ALSA: usb-audio: Fix out of bounds reads when finding clock sources
+    - usb: ehci-spear: fix call balance of sehci clk handling routines
+    - media: aspeed: Fix memory overwrite if timing is 1600x900 (CVE-2023-52916)
+    - wifi: iwlwifi: mvm: avoid NULL pointer dereference (CVE-2024-49929)
+    - drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in
+      dcn30_init_hw (CVE-2024-49917)
+    - drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw
+      (CVE-2024-49915)
+    - drm/amd/display: Add NULL check for function pointer in
+      dcn20_set_output_transfer_func (CVE-2024-49911)
+    - drm/amd/display: Check phantom_stream before it is used (CVE-2024-49897)
+    - rcu-tasks: Fix access non-existent percpu rtpcp variable in
+      rcu_tasks_need_gpcb()
+    - btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations
+      (CVE-2024-35956)
+    - [x86] perf/x86/intel: Hide Topdown metrics events if the feature is not
+      enumerated
+    - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox
+      devices
+    - Revert "arm64: dts: mediatek: mt8195-cherry: Mark USB 3.0 on xhci1 as
+      disabled"
+    - [arm64] dts: mediatek: mt8195-cherry: Mark USB 3.0 on xhci1 as disabled
+    - mm/slab: decouple ARCH_KMALLOC_MINALIGN from ARCH_DMA_MINALIGN
+    - [powerpc*] move the ARCH_DMA_MINALIGN definition to asm/cache.h
+    - dma: allow dma_get_cache_alignment() to be overridden by the arch code
+    - [x86] ASoC: Intel: sst: Fix used of uninitialized ctx to log an error
+    - soc: qcom: socinfo: fix revision check in qcom_socinfo_probe()
+    - ext4: supress data-race warnings in ext4_free_inodes_{count,set}()
+    - ext4: fix FS_IOC_GETFSMAP handling
+    - jfs: xattr: check invalid xattr size more strictly
+    - [x86] ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen
+      5 21MES00B00
+    - ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata()
+    - [x86] perf/x86/intel/pt: Fix buffer full but size is 0 case
+    - crypto: x86/aegis128 - access 32-bit arguments as 32-bit
+    - [x86] KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf
+      SPTE
+    - [powerpc*] pseries: Fix KVM guest detection for disabling hardlockup
+      detector
+    - [arm64] KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR
+    - [arm64] KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow
+      status
+    - PCI: Fix use-after-free of slot->bus on hot remove
+    - fsnotify: fix sending inotify event with unexpected filename
+    - comedi: Flush partial mappings in error case
+    - apparmor: test: Fix memory leak for aa_unpack_strdup()
+    - tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler
+    - locking/lockdep: Avoid creating new name string literals in
+      lockdep_set_subclass()
+    - pinctrl: qcom: spmi: fix debugfs drive strength
+    - dt-bindings: iio: dac: ad3552r: fix maximum spi speed
+    - exfat: fix uninit-value in __exfat_get_dentry_set
+    - Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}()
+    - usb: xhci: Fix TD invalidation under pending Set TR Dequeue
+    - driver core: bus: Fix double free in driver API bus_register()
+      (CVE-2024-50055)
+    - wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of
+      failures
+    - wifi: brcmfmac: release 'root' node in all execution paths
+    - Revert "usb: gadget: composite: fix OS descriptors w_value logic"
+    - serial: sh-sci: Clean sci_ports[0] after at earlycon exit
+    - Revert "serial: sh-sci: Clean sci_ports[0] after at earlycon exit"
+    - gpio: exar: set value when external pull-up or pull-down is present
+    - netfilter: ipset: add missing range check in bitmap_ip_uadt
+      (CVE-2024-53141)
+    - spi: Fix acpi deferred irq probe
+    - mtd: spi-nor: core: replace dummy buswidth from addr to data
+    - cpufreq: mediatek-hw: Fix wrong return value in
+      mtk_cpufreq_get_cpu_power()
+    - platform/chrome: cros_ec_typec: fix missing fwnode reference decrement
+    - ubi: wl: Put source PEB into correct list if trying locking LEB failed
+    - dt-bindings: serial: rs485: Fix rs485-rts-delay property
+    - serial: 8250_fintek: Add support for F81216E
+    - serial: 8250: omap: Move pm_runtime_get_sync
+    - ublk: fix ublk_ch_mmap() for 64K page size
+    - [arm64] tls: Fix context-switching of tpidrro_el0 when kpti is enabled
+    - block: fix ordering between checking BLK_MQ_S_STOPPED request adding
+    - HID: wacom: Interpret tilt data from Intuos Pro BT as signed values
+    - media: wl128x: Fix atomicity violation in fmc_send_cmd()
+    - soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting()
+    - media: v4l2-core: v4l2-dv-timings: check cvt/gtf result
+    - ALSA: pcm: Add sanity NULL check for the default mmap fault handler
+    - ALSA: hda/realtek: Update ALC225 depop procedure
+    - ALSA: hda/realtek: Set PCBeep to default value for ALC274
+    - ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max
+    - ALSA: hda/realtek: Apply quirk for Medion E15433
+    - smb3: request handle caching when caching directories
+    - usb: musb: Fix hardware lockup on first Rx endpoint request
+    - usb: dwc3: gadget: Fix checking for number of TRBs left
+    - usb: dwc3: gadget: Fix looping of queued SG entries
+    - ublk: fix error code for unsupported command
+    - lib: string_helpers: silence snprintf() output truncation warning
+    - ipc: fix memleak if msg_init_ns failed in create_ipc_ns
+    - NFSD: Prevent a potential integer overflow
+    - SUNRPC: make sure cache entry active before cache_show
+    - NFSv4.0: Fix a use-after-free problem in the asynchronous open()
+    - rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq()
+    - rtc: abx80x: Fix WDT bit position of the status register
+    - rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
+    - ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty
+    - ubifs: Correct the total block count by deducting journal reservation
+    - ubi: fastmap: Fix duplicate slab cache names while attaching
+    - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit
+    - jffs2: fix use of uninitialized variable
+    - rtc: rzn1: fix BCD to rtc_time conversion errors
+    - block: return unsigned int from bdev_io_min
+    - 9p/xen: fix init sequence
+    - 9p/xen: fix release of IRQ
+    - [arm64] perf/arm-smmuv3: Fix lockdep assert in ->event_init()
+    - [arm64] perf/arm-cmn: Ensure port and device id bits are set properly
+    - rtc: ab-eoz9: don't fail temperature reads on undervoltage notification
+    - modpost: remove incorrect code in do_eisa_entry()
+    - nfs: ignore SB_RDONLY when mounting nfs
+    - sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport
+    - xfs: remove unknown compat feature check in superblock write validation
+    - quota: flush quota_release_work upon quota writeback
+    - btrfs: don't loop for nowait writes when checking for cross references
+    - btrfs: add might_sleep() annotations
+    - btrfs: add a sanity check for btrfs root in btrfs_search_slot()
+    - btrfs: ref-verify: fix use-after-free after invalid ref action
+    - [arm64] dts: allwinner: pinephone: Add mount matrix to accelerometer
+    - [arm64] dts: freescale: imx8mm-verdin: Fix SD regulator startup delay
+    - media: amphion: Set video drvdata before register video device
+    - media: imx-jpeg: Set video drvdata before register video device
+    - media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled
+    - [arm64] dts: freescale: imx8mp-verdin: Fix SD regulator startup delay
+    - media: i2c: tc358743: Fix crash in the probe error path when using polling
+    - media: imx-jpeg: Ensure power suppliers be suspended before detach them
+    - media: ts2020: fix null-ptr-deref in ts2020_probe()
+    - media: platform: exynos4-is: Fix an OF node reference leak in
+      fimc_md_is_isp_available
+    - media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled
+    - media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled
+    - media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate()
+    - media: platform: allegro-dvt: Fix possible memory leak in
+      allocate_buffers_internal()
+    - media: uvcvideo: Stop stream during unregister
+    - media: uvcvideo: Require entities to have a non-zero unique ID
+    - ovl: Filter invalid inodes with missing lookup function
+    - maple_tree: refine mas_store_root() on storing NULL
+    - ftrace: Fix regression with module command in stack_trace_filter
+    - vmstat: call fold_vm_zone_numa_events() before show per zone NUMA event
+    - [arm64,armhf] iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated
+      tables
+    - leds: lp55xx: Remove redundant test for invalid channel number
+    - clk: qcom: gcc-qcs404: fix initial rate of GPLL3
+    - ad7780: fix division by zero in ad7780_write_raw()
+    - [armel,armhf] 9429/1: ioremap: Sync PGDs for VMALLOC shadow
+    - [s390x] entry: Mark IRQ entries to fix stack depot warnings
+    - [armel,armhf] 9430/1: entry: Do a dummy read from VMAP shadow
+    - [armel,armhf] 9431/1: mm: Pair atomic_set_release() with _read_acquire()
+    - ceph: extract entity name from device id
+    - util_macros.h: fix/rework find_closest() macros
+    - scsi: ufs: exynos: Fix hibern8 notify callbacks
+    - i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled
+    - i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()
+    - PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible
+    - PCI: keystone: Add link up check to ks_pcie_other_map_bus()
+    - fs/proc/kcore.c: Clear ret value in read_kcore_iter after successful
+      iov_iter_zero
+    - thermal: int3400: Fix reading of current_uuid for active policy
+    - ovl: properly handle large files in ovl_security_fileattr
+    - dm thin: Add missing destroy_work_on_stack()
+    - PCI: rockchip-ep: Fix address translation unit programming
+    - nfsd: make sure exp active before svc_export_show
+    - nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
+    - iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name()
+    - iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer
+    - [powerpc*] Fix stack protector Kconfig test for clang
+    - [powerpc*] Adjust adding stack protector flags to KBUILD_CLAGS for clang
+    - btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in
+      walk_down_proc()
+    - drm/sti: avoid potential dereference of error pointers in
+      sti_hqvdp_atomic_check
+    - drm/sti: avoid potential dereference of error pointers in
+      sti_gdp_atomic_check
+    - drm/sti: avoid potential dereference of error pointers
+    - [arm64,armhf] drm/etnaviv: flush shader L1 cache after user commandstream
+    - drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu
+      v13.0.7
+    - iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call
+    - watchdog: apple: Actually flush writes after requesting watchdog restart
+    - watchdog: mediatek: Make sure system reset gets asserted in
+      mtk_wdt_restart()
+    - can: gs_usb: remove leading space from goto labels
+    - can: gs_usb: gs_usb_probe(): align block comment
+    - can: gs_usb: uniformly use "parent" as variable name for struct gs_usb
+    - can: gs_usb: add VID/PID for Xylanta SAINT3 product family
+    - can: gs_usb: add usb endpoint address detection at driver probe step
+    - can: c_can: c_can_handle_bus_err(): update statistics if skb allocation
+      fails
+    - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is
+      NULL
+    - can: hi311x: hi3110_can_ist(): fix potential use-after-free
+    - can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics
+    - can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics
+    - can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics
+    - can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics
+    - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics
+    - can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics
+    - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()
+    - netfilter: x_tables: fix LED ID check in led_tg_check()
+    - netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
+    - ptp: convert remaining drivers to adjfine interface
+    - ptp: Add error handling for adjfine callback in ptp_clock_adjtime
+    - net/sched: tbf: correct backlog statistic for GSO packets
+    - net: hsr: avoid potential out-of-bound access in fill_frame_info()
+    - can: j1939: j1939_session_new(): fix skb reference counting
+    - net-timestamp: make sk_tskey more predictable in error path
+    - net/ipv6: release expired exception dst cached in socket
+    - dccp: Fix memory leak in dccp_feat_change_recv
+    - tipc: Fix use-after-free of kernel socket in cleanup_bearer().
+    - net/smc: fix LGR and link use-after-free issue
+    - net/qed: allow old cards not supporting "num_images" to work
+    - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5
+    - ixgbe: downgrade logging of unsupported VF API version to debug
+    - igb: Fix potential invalid memory access in igb_init_module()
+    - net: sched: fix erspan_opt settings in cls_flower
+    - netfilter: ipset: Hold module reference while requesting a module
+    - netfilter: nft_set_hash: skip duplicated elements pending gc run
+    - ethtool: Fix wrong mod state in case of verbose and no_mask bitset
+    - geneve: do not assume mac header is set in geneve_xmit_skb()
+    - net/mlx5e: Remove workaround to avoid syndrome for internal port
+    - [arm64] KVM: arm64: Change kvm_handle_mmio_return() return polarity
+    - [arm64] KVM: arm64: Don't retire aborted MMIO instruction
+    - gpio: grgpio: use a helper variable to store the address of ofdev->dev
+    - gpio: grgpio: Add NULL check in grgpio_probe
+    - serial: amba-pl011: Use port lock wrappers
+    - serial: amba-pl011: Fix RX stall when DMA is used
+    - usb: dwc3: gadget: Rewrite endpoint allocation flow
+    - usb: dwc3: ep0: Don't reset resource alloc flag (including ep0)
+    - usb: dwc3: ep0: Don't clear ep0 DWC3_EP_TRANSFER_STARTED
+    - [powerpc*] vdso: Skip objtool from running on VDSO files
+    - [powerpc*] vdso: Remove unused '-s' flag from ASFLAGS
+    - [powerpc*] vdso: Improve linker flags
+    - [powerpc*] vdso: Remove an unsupported flag from vgettimeofday-32.o with
+      clang
+    - [powerpc*] vdso: Include CLANG_FLAGS explicitly in ldflags-y
+    - [powerpc*] vdso: Refactor CFLAGS for CVDSO build
+    - [powerpc*] vdso: Drop -mstack-protector-guard flags in 32-bit files with
+      clang
+    - ntp: Remove invalid cast in time offset math
+    - driver core: fw_devlink: Improve logs for cycle detection
+    - driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link
+    - driver core: fw_devlink: Stop trying to optimize cycle detection logic
+    - i3c: Make i3c_master_unregister() return void
+    - i3c: master: add enable(disable) hot join in sys entry
+    - i3c: master: svc: add hot join support
+    - i3c: master: fix kernel-doc check warning
+    - i3c: master: support to adjust first broadcast address speed
+    - i3c: master: svc: use slow speed for first broadcast address
+    - i3c: master: svc: Modify enabled_events bit 7:0 to act as IBI enable
+      counter
+    - i3c: master: Replace hard code 2 with macro I3C_ADDR_SLOT_STATUS_BITS
+    - i3c: master: Extend address status bit to 4 and add
+      I3C_ADDR_SLOT_EXT_DESIRED
+    - i3c: master: Fix dynamic address leak when 'assigned-address' is present
+    - PCI: endpoint: Use a separate lock for protecting epc->pci_epf list
+    - PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf()
+    - device property: Constify device child node APIs
+    - device property: Add cleanup.h based fwnode_handle_put() scope based
+      cleanup.
+    - device property: Introduce device_for_each_child_node_scoped()
+    - leds: flash: mt6360: Fix device_for_each_child_node() refcounting in error
+      paths
+    - drm/bridge: it6505: update usleep_range for RC circuit charge time
+    - drm/bridge: it6505: Fix inverted reset polarity
+    - xsk: always clear DMA mapping information when unmapping the pool
+    - bpftool: Remove asserts from JIT disassembler
+    - bpftool: fix potential NULL pointer dereferencing in prog_dump()
+    - drm/sti: Add __iomem for mixer_dbg_mxn's parameter
+    - tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
+    - ALSA: usb-audio: Notify xrun for low-latency mode
+    - tools: Override makefile ARCH variable if defined, but empty
+    - spi: mpc52xx: Add cancel_work_sync before module remove
+    - scsi: scsi_debug: Fix hrtimer support for ndelay
+    - [arm64] drm/v3d: Enable Performance Counters before clearing them
+    - ocfs2: free inode when ocfs2_get_init_inode() fails
+    - scatterlist: fix incorrect func name in kernel-doc
+    - iio: magnetometer: yas530: use signed integer type for clamp limits
+    - bpf: Handle BPF_EXIST and BPF_NOEXIST for LPM trie
+    - bpf: Remove unnecessary kfree(im_node) in lpm_trie_update_elem
+    - bpf: Handle in-place update for full LPM trie correctly
+    - bpf: Fix exact match conditions in trie_get_next_key()
+    - mm: page_alloc: move mlocked flag clearance into free_pages_prepare()
+      (CVE-2024-53105)
+    - HID: wacom: fix when get product name maybe null pointer
+    - ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
+    - ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write
+    - watchdog: rti: of: honor timeout-sec property
+    - can: dev: can_set_termination(): allow sleeping GPIOs
+    - can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E
+      6.
+    - tracing: Fix cmp_entries_dup() to respect sort() comparison rules
+    - [arm64] Ensure bits ASID[15:8] are masked out when the kernel uses 8-bit
+      ASIDs
+    - [arm64] ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL
+    - ALSA: usb-audio: add mixer mapping for Corsair HS80
+    - ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8
+    - ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG)
+    - scsi: qla2xxx: Fix abort in bsg timeout
+    - scsi: qla2xxx: Fix NVMe and NPIV connect issue
+    - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts
+    - scsi: qla2xxx: Fix use after free on unload
+    - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt
+    - scsi: ufs: core: sysfs: Prevent div by zero
+    - scsi: ufs: core: Add missing post notify for power mode change
+    - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()
+    - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
+    - drm/dp_mst: Fix MST sideband message body length check
+    - drm/dp_mst: Verify request type in the corresponding down message reply
+    - drm/dp_mst: Fix resetting msg rx state after topology removal
+    - drm/amdgpu/hdp5.2: do a posting read when flushing HDP
+    - modpost: Add .irqentry.text to OTHER_SECTIONS
+    - bpf: fix OOB devmap writes when deleting elements
+    - dma-buf: fix dma_fence_array_signaled v4
+    - dma-fence: Fix reference leak on fence merge failure path
+    - dma-fence: Use kernel's sort for merging fences
+    - xsk: fix OOB map writes when deleting elements
+    - regmap: detach regmap from dev on regmap_exit
+    - mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10
+      tablet
+    - mmc: core: Further prevent card detect during shutdown
+    - ocfs2: update seq_file index in ocfs2_dlm_seq_next
+    - lib: stackinit: hide never-taken branch from compiler
+    - [arm64] iommu/arm-smmu: Defer probe of clients after smmu device bound
+    - epoll: annotate racy check
+    - [s390x] cpum_sf: Handle CPU hotplug remove during sampling
+    - btrfs: avoid unnecessary device path update for the same device
+    - btrfs: do not clear read-only when adding sprout device
+    - [x86] perf/x86/amd: Warn only on new bits set
+    - media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera
+    - media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108
+    - mmc: core: Add SD card quirk for broken poweroff notification
+    - soc: imx8m: Probe the SoC driver as platform driver
+    - HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support
+    - [arm64,armhf] drm/vc4: hdmi: Avoid log spam for audio start failure
+    - [arm64,armhf] drm/vc4: hvs: Set AXI panic modes for the HVS
+    - drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model
+    - drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition
+    - drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK
+    - drm/bridge: it6505: Enable module autoloading
+    - drm/mcde: Enable module autoloading
+    - drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check()
+    - drm/display: Fix building with GCC 15
+    - r8169: don't apply UDP padding quirk on RTL8126A
+    - net: fec_mpc52xx_phy: Use %pa to format resource_size_t
+    - net: ethernet: fs_enet: Use %pa to format resource_size_t
+    - net/sched: cbs: Fix integer overflow in cbs_set_port_rate()
+    - af_packet: avoid erroring out after sock_init_data() in packet_create()
+    - Bluetooth: L2CAP: do not leave dangling sk pointer on error in
+      l2cap_sock_create()
+    - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in
+      rfcomm_sock_alloc()
+    - net: af_can: do not leave a dangling sk pointer in can_create()
+    - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
+    - net: inet: do not leave a dangling sk pointer in inet_create()
+    - net: inet6: do not leave a dangling sk pointer in inet6_create()
+    - wifi: ath5k: add PCI ID for SX76X
+    - wifi: ath5k: add PCI ID for Arcadyan devices
+    - drm/panel: simple: Add Microchip AC69T88A LVDS Display panel
+    - net: sfp: change quirks for Alcatel Lucent G-010S-P
+    - drm/sched: memset() 'job' in drm_sched_job_init()
+    - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih
+    - drm/amdgpu: Dereference the ATCS ACPI buffer
+    - drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr
+    - dma-debug: fix a possible deadlock on radix_lock
+    - jfs: array-index-out-of-bounds fix in dtReadFirst
+    - jfs: fix shift-out-of-bounds in dbSplit
+    - jfs: fix array-index-out-of-bounds in jfs_readdir
+    - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
+    - drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov
+    - ALSA: usb-audio: Make mic volume workarounds globally applicable
+    - drm/amdgpu: set the right AMDGPU sg segment limitation
+    - wifi: ipw2x00: libipw_rx_any(): fix bad alignment
+    - wifi: brcmfmac: Fix oops due to NULL pointer dereference in
+      brcmf_sdiod_sglist_rw()
+    - dsa: qca8k: Use nested lock to avoid splat
+    - Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables
+    - Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet
+    - ASoC: hdmi-codec: reorder channel allocation list
+    - rocker: fix link status detection in rocker_carrier_init()
+    - net/neighbor: clear error in case strict check is not set
+    - netpoll: Use rcu_access_pointer() in __netpoll_setup
+    - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU
+    - tracing/ftrace: disable preemption in syscall probe
+    - tracing: Use atomic64_inc_return() in trace_clock_counter()
+    - tools/rtla: fix collision with glibc sched_attr/sched_set_attr
+    - scsi: hisi_sas: Add cond_resched() for no forced preemption model
+    - scsi: ufs: core: Make DMA mask configuration more flexible
+    - leds: class: Protect brightness_show() with led_cdev->led_access mutex
+    - scsi: st: Don't modify unknown block number in MTIOCGET
+    - scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset
+    - pinctrl: qcom-pmic-gpio: add support for PM8937
+    - pinctrl: qcom: spmi-mpp: Add PM8937 compatible
+    - nvdimm: rectify the illogical code within nd_dax_probe()
+    - smb: client: memcpy() with surrounding object base address
+    - verification/dot2: Improve dot parser robustness
+    - f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode.
+    - i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request
+    - PCI: Detect and trust built-in Thunderbolt chips
+    - PCI: Add 'reset_subordinate' to reset hierarchy below bridge
+    - PCI: Add ACS quirk for Wangxun FF5xxx NICs
+    - i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to
+      avoid deadlock
+    - usb: chipidea: udc: handle USB Error Interrupt if IOC not set
+    - iio: light: ltr501: Add LTER0303 to the supported devices
+    - [x86] ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen
+      6 21M1CTO1WW (Closes: #1087673)
+    - [powerpc*] prom_init: Fixup missing powermac #size-cells
+    - misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle
+    - rtc: cmos: avoid taking rtc_lock for extended period of time
+    - serial: 8250_dw: Add Sophgo SG2044 quirk
+    - io_uring/tctx: work around xa_store() allocation error issue
+    - sched/core: Remove the unnecessary need_resched() check in nohz_csd_func()
+    - sched/fair: Check idle_cpu() before need_resched() to detect ilb CPU
+      turning busy
+    - sched/core: Prevent wakeup of ksoftirqd during idle load balance
+    - btrfs: fix missing snapshot drew unlock when root is dead during swap
+      activation
+    - tracing/eprobe: Fix to release eprobe when failed to add dyn_event
+    - Revert "unicode: Don't special case ignorable code points"
+    - vfio/mlx5: Align the page tracking max message size with the device
+      capability
+    - udf: Fold udf_getblk() into udf_bread()
+    - [arm64] KVM: arm64: vgic-its: Add a data length check in vgic_its_save_*
+    - [arm64] KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device
+    - [arm64] KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE
+    - [x86] KVM: x86/mmu: Ensure that kvm_release_pfn_clean() takes exact pfn
+      from kvm_faultin_pfn()
+    - jffs2: Prevent rtime decompress memory corruption
+    - jffs2: Fix rtime decompressor
+    - mm/damon/vaddr: fix issue in damon_va_evenly_split_region()
+    - io_uring: wake up optimisations
+    - xhci: dbc: Fix STALL transfer event handling
+    - mmc: mtk-sd: Fix error handle of probe function
+    - drm/amd/display: Check BIOS images before it is used (CVE-2024-46809)
+    - ocfs2: Revert "ocfs2: fix the la space leak when unmounting an ocfs2
+      volume"
+    - Revert "drm/amdgpu: add missing size check in
+      amdgpu_debugfs_gprwave_read()"
+    - gve: Fixes for napi_poll when budget is 0
+    - [arm64] sve: Discard stale CPU state when handling SVE traps
+      (CVE-2024-50275)
+    - [arm64] smccc: Remove broken support for SMCCCv1.3 SVE discard hint
+    - [x86] ASoC: Intel: avs: Fix return status of avs_pcm_hw_constraints_init()
+    - mm: call the security_mmap_file() LSM hook in remap_file_pages()
+    - bpf: Fix helper writes to read-only maps (CVE-2024-49861)
+    - net: Move {l,t,d}stats allocation to core and convert veth & vrf
+    - bpf: Fix dev's rx stats for bpf_redirect_peer traffic
+    - veth: Use tstats per-CPU traffic counters
+    - drm/ttm: Make sure the mapped tt pages are decrypted when needed
+    - drm/ttm: Print the memory decryption status just once
+    - drm/amdgpu: rework resume handling for display (v2)
+    - usb: dwc3: ep0: Don't reset resource alloc flag
+    - serial: amba-pl011: fix build regression
+    - i3c: master: Remove i3c_dev_disable_ibi_locked(olddev) on device hotjoin
+    - i3c: master: svc: fix possible assignment of the same address to two
+      devices
+    - PM / devfreq: Fix build issues with devfreq disabled
+    - [arm64] drm/msm: DEVFREQ_GOV_SIMPLE_ONDEMAND is no longer needed
+    - fs/ntfs3: Sequential field availability check in mi_enum_attr()
+    - i3c: master: svc: Fix use after free vulnerability in svc_i3c_master
+      Driver Due to Race Condition
+    - Bluetooth: MGMT: Fix possible deadlocks
+    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.121
+    - bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
+    - ksmbd: fix racy issue from session lookup and expire
+    - tcp: check space before adding MPTCP SYN options
+    - blk-cgroup: Fix UAF in blkcg_unpin_online()
+    - ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5
+    - usb: host: max3421-hcd: Correctly abort a USB request.
+    - ata: sata_highbank: fix OF node reference leak in
+      highbank_initialize_phys()
+    - usb: dwc2: Fix HCD resume
+    - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature
+    - usb: dwc2: Fix HCD port connection race
+    - usb: ehci-hcd: fix call balance of clocks handling routines
+    - usb: typec: anx7411: fix fwnode_handle reference leak
+    - usb: typec: anx7411: fix OF node reference leaks in
+      anx7411_typec_switch_probe()
+    - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to
+      accessing null pointer
+    - usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode
+    - [x86] drm/i915: Fix memory leak by correcting cache object name in error
+      handler
+    - xfs: update btree keys correctly when _insrec splits an inode root block
+    - xfs: don't drop errno values when we fail to ficlone the entire range
+    - xfs: return from xfs_symlink_verify early on V4 filesystems
+    - xfs: fix scrub tracepoints when inode-rooted btrees are involved
+    - xfs: only run precommits once per transaction object
+    - bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
+    - bpf, sockmap: Fix update element with same
+    - smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)
+      (Closes: #1088733)
+    - exfat: support dynamic allocate bh for exfat_entry_set_cache
+    - exfat: fix potential deadlock on __exfat_get_dentry_set (CVE-2024-42315)
+    - wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
+    - wifi: mac80211: clean up 'ret' in sta_link_apply_parameters()
+    - wifi: mac80211: fix station NSS capability initialization order
+    - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
+    - amdgpu/uvd: get ring reference from rq scheduler
+    - batman-adv: Do not send uninitialized TT changes
+    - batman-adv: Remove uninitialized data in full table TT response
+    - batman-adv: Do not let TT changes list grows indefinitely
+    - tipc: fix NULL deref in cleanup_bearer()
+    - net/mlx5: DR, prevent potential error pointer dereference
+    - ptp: kvm: Use decrypted memory in confidential guest on x86
+    - [x86] ptp: kvm: x86: Return EOPNOTSUPP instead of ENODEV from
+      kvm_arch_ptp_init()
+    - net: lapb: increase LAPB_HEADER_LEN
+    - net: defer final 'struct net' free in netns dismantle
+    - [arm64] net: mscc: ocelot: fix memory leak on
+      ocelot_port_add_txtstamp_skb()
+    - [arm64] net: mscc: ocelot: improve handling of TX timestamp for unknown
+      skb
+    - [arm64] net: mscc: ocelot: ocelot->ts_id_lock and
+      ocelot_port->tx_skbs.lock are IRQ-safe
+    - [arm64] net: mscc: ocelot: be resilient to loss of PTP packets during
+      transmission
+    - [arm64] net: mscc: ocelot: perform error cleanup in ocelot_hwstamp_set()
+    - [armhf] spi: aspeed: Fix an error handling path in
+      aspeed_spi_[read|write]_user()
+    - net: sparx5: fix FDMA performance issue
+    - net: sparx5: fix the maximum frame length register
+    - ACPI: resource: Fix memory resource type union access
+    - cxgb4: use port number to set mac addr
+    - qca_spi: Fix clock speed for multiple QCA7000
+    - qca_spi: Make driver probing reliable
+    - ASoC: amd: yc: Fix the wrong return value
+    - Documentation: PM: Clarify pm_runtime_resume_and_get() return value
+    - net: dsa: felix: fix stuck CPU-injected packets with short taprio windows
+    - net/sched: netem: account for backlog updates from child qdisc
+    - bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
+    - team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL
+    - ACPICA: events/evxfregn: don't release the ContextMutex that was never
+      acquired
+    - Bluetooth: iso: Fix recursive locking warning
+    - Bluetooth: SCO: Add support for 16 bits transparent voice setting
+    - blk-iocost: Avoid using clamp() on inuse in __propagate_weights()
+    - bpf: sync_linked_regs() must preserve subreg_def (CVE-2024-53125)
+    - tracing/kprobes: Skip symbol counting logic for module symbols in
+      create_local_trace_kprobe()
+    - xen/netfront: fix crash when removing device (CVE-2024-53240)
+    - [x86] make get_cpu_vendor() accessible from Xen code (CVE-2024-53241)
+    - [x86] objtool/x86: allow syscall instruction (CVE-2024-53241)
+    - [x86] static-call: provide a way to do very early static-call updates
+      (CVE-2024-53241)
+    - [x86] xen: don't do PV iret hypercall through hypercall page
+      (CVE-2024-53241)
+    - [x86] xen: add central hypercall functions (CVE-2024-53241)
+    - [x86] xen: use new hypercall functions instead of hypercall page
+      (CVE-2024-53241)
+    - [x86] xen: remove hypercall page (CVE-2024-53241)
+    - ALSA: usb-audio: Fix a DMA to stack memory bug
+    - [x86] static-call: fix 32-bit build
+    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.122
+    - net: sched: fix ordering of qlen adjustment (CVE-2024-53164)
+    - PCI/AER: Disable AER service on suspend
+    - PCI: Use preserve_config in place of pci_flags
+    - PCI: vmd: Create domain symlink before pci_bus_add_devices()
+    - usb: cdns3: Add quirk flag to enable suspend residency
+    - [x86] ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP
+    - [x86] ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C
+    - PCI: Add ACS quirk for Broadcom BCM5760X NIC
+    - [arm64,armhf] usb: dwc2: gadget: Don't write invalid mapped sg entries
+      into dma_desc with iommu enabled
+    - PCI: Introduce pci_resource_n()
+    - [x86] platform/x86: p2sb: Make p2sb_get_devfn() return void
+    - [x86] p2sb: Factor out p2sb_read_from_cache()
+    - [x86] p2sb: Introduce the global flag p2sb_hidden_by_bios
+    - [x86] p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache()
+    - [x86] p2sb: Do not scan and remove the P2SB device when it is unhidden
+    - i2c: pnx: Fix timeout in wait functions
+    - cxl/region: Fix region creation for greater than x2 switches
+    - net/smc: protect link down work from execute after lgr freed
+      (CVE-2024-56718)
+    - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll
+    - net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal
+      msg
+    - net/smc: check smcd_v2_ext_offset when receiving proposal msg
+    - net/smc: check return value of sock_recvmsg when draining clc data
+    - [arm64] net: mscc: ocelot: fix incorrect IFH SRC_PORT field in
+      ocelot_ifh_set_basic()
+    - ionic: Fix netdev notifier unregister on failure (CVE-2024-56715)
+    - ionic: use ee->offset when returning sprom data
+    - net: hinic: Fix cleanup in create_rxqs/txqs()
+    - net: ethernet: bgmac-platform: fix an OF node reference leak
+    - netfilter: ipset: Fix for recursive locking warning
+    - net: mdiobus: fix an OF node reference leak
+    - [arm64,armhf] mmc: sdhci-tegra: Remove
+      SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk
+    - [x86] KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init
+    - i2c: riic: Always round-up when calculating bus period
+    - efivarfs: Fix error on non-existent file
+    - USB: serial: option: add TCL IK512 MBIM & ECM
+    - USB: serial: option: add MeiG Smart SLM770A
+    - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready
+    - USB: serial: option: add MediaTek T7XX compositions
+    - USB: serial: option: add Telit FE910C04 rmnet compositions
+    - [x86] thunderbolt: Improve redrive mode handling
+    - drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()
+    - drm/panel: novatek-nt35950: fix return value check in nt35950_probe()
+    - [x86] i915/guc: Reset engine utilization buffer before registration
+    - [x86] i915/guc: Ensure busyness counter increases motonically
+    - [x86] i915/guc: Accumulate active runtime on gt reset
+    - drm/amdgpu: don't access invalid sched
+    - hwmon: (tmp513) Don't use "proxy" headers
+    - hwmon: (tmp513) Simplify with dev_err_probe()
+    - hwmon: (tmp513) Use SI constants from units.h
+    - hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit
+      Registers
+    - hwmon: (tmp513) Fix Current Register value interpretation
+    - hwmon: (tmp513) Fix interpretation of values of Temperature Result and
+      Limit Registers
+    - zram: refuse to use zero sized block device as backing device
+    - zram: fix uninitialized ZRAM not releasing backing device
+    - btrfs: tree-checker: reject inline extent items with 0 ref count
+    - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet
+    - [x86] KVM: x86: Play nice with protected guests in
+      complete_hypercall_exit()
+    - tracing: Fix test_event_printk() to process entire print argument
+    - tracing: Add missing helper functions in event pointer dereference check
+    - tracing: Add "%s" check in test_event_printk()
+    - io_uring: Fix registered ring file refcount leak
+    - io_uring: check if iowq is killed before queuing (CVE-2024-56709)
+    - NFS/pnfs: Fix a live lock between recalled layouts and layoutget
+    - of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent()
+    - of/irq: Fix using uninitialized variable @addr_len in API
+      of_irq_parse_one()
+    - nilfs2: fix buffer head leaks in calls to truncate_inode_pages()
+    - nilfs2: prevent use of deleted inode
+    - of: Fix error path in of_parse_phandle_with_args_map()
+    - of: Fix refcount leakage for OF node returned by __of_get_dma_parent()
+    - ceph: validate snapdirname option length when mounting
+    - udf: Fix directory iteration for longer tail extents (Closes: #1089698)
+    - epoll: Add synchronous wakeup support for ep_poll_callback
+    - io_uring/rw: split io_read() into a helper
+    - io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN
+    - io_uring/rw: avoid punting to io-wq directly
+    - drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update
+    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.123
+    - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
+    - mm/vmstat: fix a W=1 clang compiler warning
+    - tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress()
+    - tcp_bpf: Add sk_rmem_alloc related logic for tcp_bpf ingress redirection
+    - bpf: Check negative offsets in __bpf_skb_min_len()
+    - nfsd: restore callback functionality for NFSv4.0
+    - mtd: diskonchip: Cast an operand to prevent potential overflow
+    - [arm64] phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP
+    - phy: core: Fix an OF node refcount leakage in _of_phy_get()
+    - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup()
+    - phy: core: Fix that API devm_phy_put() fails to release the phy
+    - phy: core: Fix that API devm_of_phy_provider_unregister() fails to
+      unregister the phy provider
+    - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy
+    - phy: usb: Toggle the PHY power during init
+    - [arm64] phy: rockchip: naneng-combphy: fix phy reset
+    - [arm*] dmaengine: mv_xor: fix child node refcount handling in early exit
+    - [x86] dmaengine: dw: Select only supported masters for ACPI devices
+    - [powerpc*] pseries/vas: Add close() callback in vas_vm_ops struct
+    - stddef: make __struct_group() UAPI C++-friendly
+    - tracing/kprobe: Make trace_kprobe's module callback called after
+      jump_label update
+    - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04
+    - scsi: qla1280: Fix hw revision numbering for ISP1020/1040
+    - scsi: megaraid_sas: Fix for a potential deadlock
+    - ALSA: hda/conexant: fix Z60MR100 startup pop issue
+    - smb: server: Fix building with GCC 15
+    - regmap: Use correct format specifier for logging range errors
+    - [x86] platform/x86: asus-nb-wmi: Ignore unknown event 0xCF
+    - scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver
+      load time
+    - scsi: storvsc: Do not flag MAINTENANCE_IN return of
+      SRB_STATUS_DATA_OVERRUN as an error
+    - drm/dp_mst: Ensure mst_primary pointer is valid in
+      drm_dp_mst_handle_up_req()
+    - virtio-blk: don't keep queue frozen during system suspend
+    - blk-mq: register cpuhp callback after hctx is added to xarray table
+    - vmalloc: fix accounting with i915
+    - [mips*] mipsregs: Set proper ISA level for virt extensions
+    - net/mlx5e: Don't call cleanup on profile rollback failure (CVE-2024-50146)
+    - bpf: Check validity of link->type in bpf_link_show_fdinfo()
+      (CVE-2024-53099)
+    - ALSA: hda/realtek: fix mute/micmute LEDs don't work for EliteBook X G1i
+    - ALSA: hda/realtek: fix micmute LEDs don't work on HP Laptops
+    - pmdomain: core: Add missing put_device()
+    - sched/core: Report correct state for TASK_IDLE | TASK_FREEZABLE
+    - freezer, sched: Report frozen tasks as 'D' instead of 'R'
+    - tracing: Constify string literal data member in struct trace_event_call
+    - tracing: Prevent bad count for tracing_cpumask_write
+    - io_uring/sqpoll: fix sqpoll error handling races
+    - i2c: microchip-core: actually use repeated sends
+    - i2c: imx: add imx7d compatible string for applying erratum ERR007805
+    - i2c: microchip-core: fix "ghost" detections
+    - power: supply: gpio-charger: Fix set charge current limits
+    - btrfs: avoid monopolizing a core when activating a swap file
+    - btrfs: sysfs: fix direct super block member reads
+    - nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net
+      (CVE-2024-50121)
+    - Revert "rcu-tasks: Fix access non-existent percpu rtpcp variable in
+      rcu_tasks_need_gpcb()"
+    - ALSA: hda/realtek: Fix spelling mistake "Firelfy" -> "Firefly"
+
+  [ Salvatore Bonaccorso ]
+  * d/salsa-ci.yml: Suppress aliased-location lintian errors
+  * debian/salsa-ci.yml: Include run of .build-after-script from common
+    pipeline.
+  * debian/salsa-ci.yml: Reference .build-after-script from after_script
+    section
+  * Revert "[x86] Revert "x86: Increase brk randomness entropy for 64-bit
+    systems""
+    The root cause for the segfaults were actually in qemu, which re-enables
+    --static-pie linking for qemu-user-static binaries. It was disabled by
+    mistake in qemu versions in Debian. Details in #1087822 and #1053101.
+  * Bump ABI to 29
+  * [rt] Update to 6.1.120-rt47
+
 6.1.119-1 [Fri, 22 Nov 2024 23:27:23 +0100] Salvatore Bonaccorso <carnil@debian.org>:
 
   * New upstream stable update:

<http://piuparts.knut.univention.de/5.2-0/#2935112410578315869>

Comment 2 Felix Botner 2025-02-03 15:02:11 CET

OK: bug
OK: yaml
OK: announce_errata
OK: patch
FAIL: piuparts (installing header packages manually worked)

[5.2-0] 6b4e0892c88 Bug #57913: linux 6.1.123-1
 doc/errata/staging/linux.yaml | 363 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 363 insertions(+)

Comment 3 Iván.Delgado 2025-02-05 15:53:49 CET

<https://errata.software-univention.de/#/?erratum=5.2x10>