This bug was fixed in the package linux - 6.8.0-106.106
---------------
linux (6.8.0-106.106) noble; urgency=medium
* Miscellaneous upstream changes
- apparmor: validate DFA start states are in bounds in unpack_pdb
- apparmor: fix memory leak in verify_header
- apparmor: replace recursive profile removal with iterative approach
- apparmor: fix: limit the number of levels of policy namespaces
- apparmor: fix side-effect bug in match_char() macro usage
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
- apparmor: Fix double free of ns_name in aa_replace_profiles()
- apparmor: fix unprivileged local user can do privileged policy
management
- apparmor: fix differential encoding verification
- apparmor: fix race on rawdata dereference
- apparmor: fix race between freeing data and fs accessing it
-- Mehmet Basaran <mehmet.basaran@canonical.com> Fri, 06 Mar 2026
03:43:25 +0300
** Changed in: linux (Ubuntu Noble)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/2138867
Title:
Noble update: upstream stable patchset 2026-01-22
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Noble:
Fix Released
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The following upstream
stable patches should be included in the Ubuntu kernel:
upstream stable patchset 2026-01-22
Ported from the following upstream stable releases:
v6.6.108, v6.12.49
from git://git.kernel.org/
wifi: wilc1000: avoid buffer overflow in WID string configuration
ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported
wifi: mac80211: increase scan_ies_len for S1G
wifi: mac80211: fix incorrect type for ret
pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch
cgroup: split cgroup_destroy_wq into 3 workqueues
um: virtio_uml: Fix use-after-free after put_device in probe
qed: Don't collect too many protection override GRC elements
bonding: set random address only when slaves already exist
net/mlx5e: Harden uplink netdev access against device unbind
tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
tls: make sure to abort the stream if headers are bogus
cnic: Fix use-after-free bugs in cnic_delete_task
octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size
power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery
power: supply: bq27xxx: restrict no-battery detection to bq27000
LoongArch: Update help info of ARCH_STRICT_ALIGN
LoongArch: Align ACPI structures if ARCH_STRICT_ALIGN enabled
LoongArch: Check the return value when creating kobj
iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page()
btrfs: tree-checker: fix the incorrect inode ref size check
ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface
ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed
ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S
net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer
rds: ib: Increment i_fastreg_wrs before bailing out
selftests: mptcp: connect: catch IO errors on listen side
selftests: mptcp: avoid spurious errors on TCP disconnect
ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx
io_uring: backport io_should_terminate_tw()
io_uring: include dying ring in task_work "should cancel" state
ASoC: wm8940: Correct PLL rate rounding
ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path
crypto: af_alg - Set merge to zero early in af_alg_sendmsg
smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path
vmxnet3: unregister xdp rxq info in the reset path
selftests: mptcp: userspace pm: validate deny-join-id0 flag
xhci: dbc: decouple endpoint allocation from initialization
xhci: dbc: Fix full DbC transfer ring after several reconnects
iommu/amd/pgtbl: Fix possible race while increase page table level
rtc: pcf2127: fix SPI command byte for PCF2131 backport
mptcp: propagate shutdown to subflows when possible
minmax: avoid overly complicated constant expressions in VM code
minmax: simplify and clarify min_t()/max_t() implementation
minmax: add a few more MIN_T/MAX_T users
nvme: fix PI insert on write
btrfs: fix invalid extref key setup when replaying dentry
dpaa2-switch: fix buffer pool seeding for control traffic
net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR
mptcp: set remote_deny_join_id0 on SYN recv
mptcp: tfo: record 'deny join id0' info
selftests: mptcp: sockopt: fix error messages
net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure
ice: store max_frame and rx_buf_len only in ice_rx_ring
ice: fix Rx page leak on multi-buffer frames
i40e: remove redundant memory barrier when cleaning Tx descs
bonding: don't set oif to bond dev when getting NS target destination
octeon_ep: fix VF MAC address lifecycle handling
net: liquidio: fix overflow in octeon_init_instr_queue()
nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/*
dm-raid: don't set io_min and io_opt for raid1
dm-stripe: fix a possible integer overflow
mm: revert "mm: vmscan.c: fix OOM on swap stress test"
mmc: mvsdio: Fix dma_unmap_sg() nents value
KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active
ASoC: wm8940: Correct typo in control name
ASoC: wm8974: Correct PLL rate rounding
ASoC: Intel: catpt: Expose correct bit depth to userspace
drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue()
smb: client: fix filename matching of deferred files
smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)
platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13
platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk
x86/bugs: Add SRSO_USER_KERNEL_NO support
x86/bugs: KVM: Add support for SRSO_MSR_FIX
KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions
mptcp: pm: nl: announce deny-join-id0 flag
UBUNTU: Upstream stable to v6.6.108, v6.12.49
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2138867/+subscriptions
Комментариев нет:
Отправить комментарий