Your message dated Mon, 25 Nov 2024 10:47:09 +0000 with message-id <e1tfwcx-000uvv...@fasolo.debian.org> and subject line Bug#1086447: fixed in linux 6.1.119-1 has caused the Debian Bug report #1086447, regarding linux-image-6.1.0-26-amd64: Bluetooth causes kernel bug 0010:__list_del_entry_valid.cold+0x4b/0x6f to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1086447: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086447 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: src:linux Version: 6.1.112-1 Severity: normal X-Debbugs-Cc: hakan.kv...@gmail.com Dear Maintainer, Sometimes computer is unable to connect to bluetooth devices. When trying to connect in gnome settings the entire settings app might crash (not responding) when trying to enable/disable bluetooth again. -- Package-specific info: ** Version: Linux version 6.1.0-26-amd64 (debian-kernel@lists.debian.org) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.112-1 (2024-09-30) ** Command line: BOOT_IMAGE=/boot/vmlinuz-6.1.0-26-amd64 root=UUID=8e63345c-1541-4e26-bd49-9ecb455947c0 ro quiet ** Tainted: D (128) * kernel died recently, i.e. there was an OOPS or BUG ** Kernel log: [ 6.557511] Bluetooth: BNEP socket layer initialized [ 6.627595] Bluetooth: hci0: Intel BT fw patch 0x32 completed & activated [ 6.678816] Bluetooth: MGMT ver 1.22 [ 6.684133] NET: Registered PF_ALG protocol family [ 6.827496] iwlwifi 0000:03:00.0: Applying debug destination EXTERNAL_DRAM [ 6.913778] iwlwifi 0000:03:00.0: Applying debug destination EXTERNAL_DRAM [ 6.915311] iwlwifi 0000:03:00.0: FW already configured (0) - re-configuring [ 6.924509] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924516] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924518] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924521] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924523] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924525] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.924527] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 6.925112] kauditd_printk_skb: 17 callbacks suppressed [ 6.925115] audit: type=1400 audit(1730316067.686:28): apparmor="DENIED" operation="capable" profile="/usr/sbin/cupsd" pid=799 comm="cupsd" capability=12 capname="net_admin" [ 6.986948] iwlwifi 0000:03:00.0: Applying debug destination EXTERNAL_DRAM [ 7.065151] iwlwifi 0000:03:00.0: Applying debug destination EXTERNAL_DRAM [ 7.066534] iwlwifi 0000:03:00.0: FW already configured (0) - re-configuring [ 7.080010] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080015] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080017] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080018] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080020] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080021] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 7.080023] ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) [ 9.383674] Bluetooth: RFCOMM TTY layer initialized [ 9.383689] Bluetooth: RFCOMM socket layer initialized [ 9.383697] Bluetooth: RFCOMM ver 1.11 [ 10.324494] e1000e 0000:00:19.0 enp0s25: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx [ 10.324550] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s25: link becomes ready [ 10.667976] wlp3s0: authenticate with c6:ea:1d:6d:0a:30 [ 10.674758] wlp3s0: send auth to c6:ea:1d:6d:0a:30 (try 1/3) [ 10.676608] wlp3s0: authenticated [ 10.678030] wlp3s0: associate with c6:ea:1d:6d:0a:30 (try 1/3) [ 10.680996] wlp3s0: RX AssocResp from c6:ea:1d:6d:0a:30 (capab=0x1511 status=0 aid=98) [ 10.683335] wlp3s0: associated [ 10.854403] IPv6: ADDRCONF(NETDEV_CHANGE): wlp3s0: link becomes ready [ 12.391189] rfkill: input handler disabled [ 21.233542] rfkill: input handler enabled [ 23.265990] Bluetooth: hci0: command 0x0408 tx timeout [ 23.265996] Bluetooth: hci0: Opcode 0x0408 failed: -110 [ 23.362023] Bluetooth: hci0: Opcode 0x0408 failed: -114 [ 23.362039] list_del corruption, ffff9cf260888000->prev is LIST_POISON2 (dead000000000122) [ 23.362050] ------------[ cut here ]------------ [ 23.362051] kernel BUG at lib/list_debug.c:56! [ 23.362057] invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 23.362060] CPU: 0 PID: 801 Comm: kworker/u17:2 Not tainted 6.1.0-26-amd64 #1 Debian 6.1.112-1 [ 23.362065] Hardware name: LENOVO 20BV003SMS/20BV003SMS, BIOS JBET73WW (1.37 ) 08/14/2019 [ 23.362067] Workqueue: hci0 hci_cmd_sync_work [bluetooth] [ 23.362128] RIP: 0010:__list_del_entry_valid.cold+0x4b/0x6f [ 23.362134] Code: fe ff 0f 0b 48 89 f2 48 89 fe 48 c7 c7 c0 47 9a 88 e8 d2 a0 fe ff 0f 0b 48 89 fe 48 89 ca 48 c7 c7 88 47 9a 88 e8 be a0 fe ff <0f> 0b 48 89 fe 48 c7 c7 50 47 9a 88 e8 ad a0 fe ff 0f 0b 48 89 fe [ 23.362136] RSP: 0018:ffffb15600e6fde0 EFLAGS: 00010246 [ 23.362138] RAX: 000000000000004e RBX: ffff9cf260888000 RCX: 0000000000000027 [ 23.362140] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff9cf55e0203a0 [ 23.362142] RBP: ffff9cf2457c4000 R08: 0000000000000000 R09: ffffb15600e6fc78 [ 23.362143] R10: 0000000000000003 R11: ffffffff890d4488 R12: ffff9cf2457c4000 [ 23.362144] R13: ffff9cf2457c4770 R14: ffff9cf2a1941300 R15: dead000000000100 [ 23.362146] FS: 0000000000000000(0000) GS:ffff9cf55e000000(0000) knlGS:0000000000000000 [ 23.362148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.362150] CR2: 00007f1d4c045c48 CR3: 00000001ae010005 CR4: 00000000003706f0 [ 23.362152] Call Trace: [ 23.362154] <TASK> [ 23.362156] ? __die_body.cold+0x1a/0x1f [ 23.362161] ? die+0x2a/0x50 [ 23.362164] ? do_trap+0xc5/0x110 [ 23.362168] ? __list_del_entry_valid.cold+0x4b/0x6f [ 23.362171] ? do_error_trap+0x6a/0x90 [ 23.362175] ? __list_del_entry_valid.cold+0x4b/0x6f [ 23.362178] ? exc_invalid_op+0x4c/0x60 [ 23.362181] ? __list_del_entry_valid.cold+0x4b/0x6f [ 23.362185] ? asm_exc_invalid_op+0x16/0x20 [ 23.362189] ? __list_del_entry_valid.cold+0x4b/0x6f [ 23.362193] hci_conn_del+0x136/0x3e0 [bluetooth] [ 23.362223] hci_abort_conn_sync+0xaa/0x230 [bluetooth] [ 23.362261] ? abort_conn_sync+0x3d/0x70 [bluetooth] [ 23.362289] hci_cmd_sync_work+0xa2/0x150 [bluetooth] [ 23.362329] process_one_work+0x1c7/0x380 [ 23.362335] worker_thread+0x4d/0x380 [ 23.362339] ? rescuer_thread+0x3a0/0x3a0 [ 23.362342] kthread+0xda/0x100 [ 23.362346] ? kthread_complete_and_exit+0x20/0x20 [ 23.362350] ret_from_fork+0x22/0x30 [ 23.362355] </TASK> [ 23.362356] Modules linked in: nf_tables libcrc32c nfnetlink ctr ccm rfcomm snd_seq_dummy snd_hrtimer snd_seq_midi snd_seq_midi_event snd_seq cmac algif_hash algif_skcipher af_alg bnep qrtr btusb btrtl btbcm btintel btmtk bluetooth jitterentropy_rng snd_usb_audio hid_generic snd_usbmidi_lib intel_rapl_msr snd_rawmidi intel_rapl_common snd_seq_device usbhid uvcvideo x86_pkg_temp_thermal intel_powerclamp hid coretemp videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common drbg kvm_intel ansi_cprng videodev mc ecdh_generic mei_wdt mei_hdcp ecc kvm irqbypass ghash_clmulni_intel sha512_ssse3 sha512_generic iwlmvm snd_ctl_led sha256_ssse3 snd_hda_codec_realtek sha1_ssse3 snd_hda_codec_generic snd_hda_codec_hdmi mac80211 aesni_intel libarc4 crypto_simd cryptd snd_hda_intel rapl snd_intel_dspcfg snd_intel_sdw_acpi intel_cstate think_lmi iwlwifi intel_uncore firmware_attributes_class intel_pch_thermal pcspkr snd_hda_codec cfg80211 snd_hda_core snd_hwdep wmi_bmof thinkpad_acpi [ 23.362411] snd_pcm_oss mei_me at24 nvram iTCO_wdt platform_profile snd_mixer_oss ledtrig_audio intel_pmc_bxt iTCO_vendor_support watchdog snd_pcm mei sunrpc snd_timer snd soundcore binfmt_misc ac rfkill joydev evdev serio_raw sg msr parport_pc ppdev lp parport fuse loop dm_mod efi_pstore configfs ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic i915 sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic rtsx_pci_sdmmc drm_buddy mmc_core i2c_algo_bit ahci drm_display_helper libahci cec rc_core ttm libata xhci_pci crct10dif_pclmul crct10dif_common drm_kms_helper xhci_hcd ehci_pci scsi_mod crc32_pclmul ehci_hcd video i2c_i801 crc32c_intel psmouse usbcore e1000e drm rtsx_pci i2c_smbus lpc_ich scsi_common usb_common battery wmi button [ 23.362473] ---[ end trace 0000000000000000 ]--- [ 23.362475] RIP: 0010:__list_del_entry_valid.cold+0x4b/0x6f [ 23.362480] Code: fe ff 0f 0b 48 89 f2 48 89 fe 48 c7 c7 c0 47 9a 88 e8 d2 a0 fe ff 0f 0b 48 89 fe 48 89 ca 48 c7 c7 88 47 9a 88 e8 be a0 fe ff <0f> 0b 48 89 fe 48 c7 c7 50 47 9a 88 e8 ad a0 fe ff 0f 0b 48 89 fe [ 23.362483] RSP: 0018:ffffb15600e6fde0 EFLAGS: 00010246 [ 23.362487] RAX: 000000000000004e RBX: ffff9cf260888000 RCX: 0000000000000027 [ 23.362490] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff9cf55e0203a0 [ 23.362492] RBP: ffff9cf2457c4000 R08: 0000000000000000 R09: ffffb15600e6fc78 [ 23.362495] R10: 0000000000000003 R11: ffffffff890d4488 R12: ffff9cf2457c4000 [ 23.362497] R13: ffff9cf2457c4770 R14: ffff9cf2a1941300 R15: dead000000000100 [ 23.362499] FS: 0000000000000000(0000) GS:ffff9cf55e000000(0000) knlGS:0000000000000000 [ 23.362502] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.362504] CR2: 00007f1d4c045c48 CR3: 00000001ae010005 CR4: 00000000003706f0 [ 25.178710] rfkill: input handler disabled [ 2159.289390] perf: interrupt took too long (2507 > 2500), lowering kernel.perf_event_max_sample_rate to 79750 ** Model information sys_vendor: LENOVO product_name: 20BV003SMS product_version: ThinkPad T450 chassis_vendor: LENOVO chassis_version: None bios_vendor: LENOVO bios_version: JBET73WW (1.37 ) board_vendor: LENOVO board_name: 20BV003SMS board_version: SDK0J40705 WIN ** Loaded modules: nf_tables libcrc32c nfnetlink ctr ccm rfcomm snd_seq_dummy snd_hrtimer snd_seq_midi snd_seq_midi_event snd_seq cmac algif_hash algif_skcipher af_alg bnep qrtr btusb btrtl btbcm btintel btmtk bluetooth jitterentropy_rng snd_usb_audio hid_generic snd_usbmidi_lib intel_rapl_msr snd_rawmidi intel_rapl_common snd_seq_device usbhid uvcvideo x86_pkg_temp_thermal intel_powerclamp hid coretemp videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_common drbg kvm_intel ansi_cprng videodev mc ecdh_generic mei_wdt mei_hdcp ecc kvm irqbypass ghash_clmulni_intel sha512_ssse3 sha512_generic iwlmvm snd_ctl_led sha256_ssse3 snd_hda_codec_realtek sha1_ssse3 snd_hda_codec_generic snd_hda_codec_hdmi mac80211 aesni_intel libarc4 crypto_simd cryptd snd_hda_intel rapl snd_intel_dspcfg snd_intel_sdw_acpi intel_cstate think_lmi iwlwifi intel_uncore firmware_attributes_class intel_pch_thermal pcspkr snd_hda_codec cfg80211 snd_hda_core snd_hwdep wmi_bmof thinkpad_acpi snd_pcm_oss mei_me at24 nvram iTCO_wdt platform_profile snd_mixer_oss ledtrig_audio intel_pmc_bxt iTCO_vendor_support watchdog snd_pcm mei sunrpc snd_timer snd soundcore binfmt_misc ac rfkill joydev evdev serio_raw sg msr parport_pc ppdev lp parport fuse loop dm_mod efi_pstore configfs ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic i915 sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic rtsx_pci_sdmmc drm_buddy mmc_core i2c_algo_bit ahci drm_display_helper libahci cec rc_core ttm libata xhci_pci crct10dif_pclmul crct10dif_common drm_kms_helper xhci_hcd ehci_pci scsi_mod crc32_pclmul ehci_hcd video i2c_i801 crc32c_intel psmouse usbcore e1000e drm rtsx_pci i2c_smbus lpc_ich scsi_common usb_common battery wmi button ** Network interface configuration: *** /etc/network/interfaces: source /etc/network/interfaces.d/* auto lo iface lo inet loopback ** Network status: *** IP interfaces and addresses: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 50:7b:9d:2d:ff:a6 brd ff:ff:ff:ff:ff:ff inet 192.168.1.128/24 brd 192.168.1.255 scope global dynamic noprefixroute enp0s25 valid_lft 41041sec preferred_lft 41041sec inet6 fdbc:d19c:e21f:0:5058:11c:14e2:4b6e/64 scope global temporary dynamic valid_lft 602640sec preferred_lft 84128sec inet6 fdbc:d19c:e21f:0:527b:9dff:fe2d:ffa6/64 scope global mngtmpaddr noprefixroute valid_lft forever preferred_lft forever inet6 fe80::527b:9dff:fe2d:ffa6/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 94:65:9c:74:0e:73 brd ff:ff:ff:ff:ff:ff inet 192.168.1.129/24 brd 192.168.1.255 scope global dynamic noprefixroute wlp3s0 valid_lft 41039sec preferred_lft 41039sec inet6 fdbc:d19c:e21f:0:f550:4ae7:d359:217a/64 scope global noprefixroute valid_lft forever preferred_lft forever inet6 fe80::a65:9ac8:178e:7da2/64 scope link noprefixroute valid_lft forever preferred_lft forever *** Device statistics: Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 3070 32 0 0 0 0 0 0 3070 32 0 0 0 0 0 0 enp0s25: 21846262 27237 0 1 0 0 0 803 30932316 66064 0 0 0 0 0 0 wlp3s0: 212470334 271668 0 0 0 0 0 0 48788 468 0 0 0 0 0 0 *** Protocol statistics: Ip: Forwarding: 2 253030 total packets received 3 with invalid addresses 0 forwarded 0 incoming packets discarded 252819 incoming packets delivered 65280 requests sent out 80 dropped because of missing route Icmp: 0 ICMP messages received 0 input ICMP message failed ICMP input histogram: 35 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 35 IcmpMsg: OutType3: 35 Tcp: 275 active connection openings 0 passive connection openings 2 failed connection attempts 6 connection resets received 12 connections established 22571 segments received 19541 segments sent out 150 segments retransmitted 0 bad segments received 195 resets sent Udp: 229732 packets received 40 packets to unknown port received 29 packet receive errors 46184 packets sent 29 receive buffer errors 0 send buffer errors IgnoredMulti: 716 UdpLite: TcpExt: 169 TCP sockets finished time wait in fast timer 3 packets rejected in established connections because of timestamp 610 delayed acks sent Quick ack mode was activated 178 times 2977 packet headers predicted 3910 acknowledgments not containing data payload received 3631 predicted acknowledgments TCPSackRecovery: 12 Detected reordering 214 times using SACK Detected reordering 1 times using time stamp 11 congestion windows fully recovered without slow start 1 congestion windows partially recovered using Hoe heuristic 1 congestion windows recovered without slow start after partial ack 12 fast retransmits TCPTimeouts: 2 TCPLossProbes: 138 TCPLossProbeRecovery: 3 TCPDSACKOldSent: 178 TCPDSACKRecv: 112 53 connections reset due to unexpected data 4 connections reset due to early user close TCPDSACKIgnoredNoUndo: 17 TCPSpuriousRTOs: 1 TCPSackMerged: 1 TCPSackShiftFallback: 462 TCPRcvCoalesce: 471 TCPOFOQueue: 441 TCPAutoCorking: 192 TCPFromZeroWindowAdv: 4 TCPToZeroWindowAdv: 4 TCPWantZeroWindowAdv: 6 TCPSynRetrans: 1 TCPOrigDataSent: 8358 TCPACKSkippedPAWS: 2 TCPACKSkippedSeq: 1 TCPKeepAlive: 569 TCPDelivered: 8630 TCPAckCompressed: 232 TcpTimeoutRehash: 2 TCPDSACKRecvSegs: 112 IpExt: InMcastPkts: 1169 OutMcastPkts: 341 InBcastPkts: 716 InOctets: 227615974 OutOctets: 29704749 InMcastOctets: 120944 OutMcastOctets: 31300 InBcastOctets: 234707 InNoECTPkts: 296420 MPTcpExt: ** PCI devices: 00:00.0 Host bridge [0600]: Intel Corporation Broadwell-U Host Bridge -OPI [8086:1604] (rev 09) Subsystem: Lenovo Broadwell-U Host Bridge -OPI [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ >SERR- <PERR- INTx- Latency: 0 IOMMU group: 0 Capabilities: <access denied> Kernel driver in use: bdw_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation HD Graphics 5500 [8086:1616] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Lenovo HD Graphics 5500 [17aa:5034] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 48 Region 0: Memory at f0000000 (64-bit, non-prefetchable) [size=16M] Region 2: Memory at e0000000 (64-bit, prefetchable) [size=256M] Region 4: I/O ports at 3000 [size=64] Expansion ROM at 000c0000 [virtual] [disabled] [size=128K] Capabilities: <access denied> Kernel driver in use: i915 Kernel modules: i915 00:03.0 Audio device [0403]: Intel Corporation Broadwell-U Audio Controller [8086:160c] (rev 09) Subsystem: Lenovo Broadwell-U Audio Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 51 IOMMU group: 1 Region 0: Memory at f1230000 (64-bit, non-prefetchable) [size=16K] Capabilities: <access denied> Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 00:14.0 USB controller [0c03]: Intel Corporation Wildcat Point-LP USB xHCI Controller [8086:9cb1] (rev 03) (prog-if 30 [XHCI]) Subsystem: Lenovo Wildcat Point-LP USB xHCI Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 47 IOMMU group: 2 Region 0: Memory at f1220000 (64-bit, non-prefetchable) [size=64K] Capabilities: <access denied> Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:16.0 Communication controller [0780]: Intel Corporation Wildcat Point-LP MEI Controller #1 [8086:9cba] (rev 03) Subsystem: Lenovo Wildcat Point-LP MEI Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 49 IOMMU group: 3 Region 0: Memory at f1239000 (64-bit, non-prefetchable) [size=32] Capabilities: <access denied> Kernel driver in use: mei_me Kernel modules: mei_me 00:19.0 Ethernet controller [0200]: Intel Corporation Ethernet Connection (3) I218-V [8086:15a3] (rev 03) Subsystem: Lenovo Ethernet Connection (3) I218-V [17aa:2226] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 45 IOMMU group: 4 Region 0: Memory at f1200000 (32-bit, non-prefetchable) [size=128K] Region 1: Memory at f123e000 (32-bit, non-prefetchable) [size=4K] Region 2: I/O ports at 3080 [size=32] Capabilities: <access denied> Kernel driver in use: e1000e Kernel modules: e1000e 00:1b.0 Audio device [0403]: Intel Corporation Wildcat Point-LP High Definition Audio Controller [8086:9ca0] (rev 03) Subsystem: Lenovo Wildcat Point-LP High Definition Audio Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 32, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 52 IOMMU group: 5 Region 0: Memory at f1234000 (64-bit, non-prefetchable) [size=16K] Capabilities: <access denied> Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 00:1c.0 PCI bridge [0604]: Intel Corporation Wildcat Point-LP PCI Express Root Port #6 [8086:9c9a] (rev e3) (prog-if 00 [Normal decode]) Subsystem: Lenovo Wildcat Point-LP PCI Express Root Port [17aa:5034] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin B routed to IRQ 42 IOMMU group: 6 Bus: primary=00, secondary=02, subordinate=02, sec-latency=0 I/O behind bridge: [disabled] [16-bit] Memory behind bridge: f1100000-f11fffff [size=1M] [32-bit] Prefetchable memory behind bridge: [disabled] [64-bit] Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ <SERR- <PERR- BridgeCtl: Parity- SERR+ NoISA- VGA- VGA16+ MAbort- >Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: <access denied> Kernel driver in use: pcieport 00:1c.1 PCI bridge [0604]: Intel Corporation Wildcat Point-LP PCI Express Root Port #3 [8086:9c94] (rev e3) (prog-if 00 [Normal decode]) Subsystem: Lenovo Wildcat Point-LP PCI Express Root Port [17aa:5034] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin C routed to IRQ 43 IOMMU group: 7 Bus: primary=00, secondary=03, subordinate=03, sec-latency=0 I/O behind bridge: [disabled] [16-bit] Memory behind bridge: f1000000-f10fffff [size=1M] [32-bit] Prefetchable memory behind bridge: [disabled] [64-bit] Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ <SERR- <PERR- BridgeCtl: Parity- SERR+ NoISA- VGA- VGA16+ MAbort- >Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: <access denied> Kernel driver in use: pcieport 00:1d.0 USB controller [0c03]: Intel Corporation Wildcat Point-LP USB EHCI Controller [8086:9ca6] (rev 03) (prog-if 20 [EHCI]) Subsystem: Lenovo Wildcat Point-LP USB EHCI Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 23 IOMMU group: 8 Region 0: Memory at f123d000 (32-bit, non-prefetchable) [size=1K] Capabilities: <access denied> Kernel driver in use: ehci-pci Kernel modules: ehci_pci 00:1f.0 ISA bridge [0601]: Intel Corporation Wildcat Point-LP LPC Controller [8086:9cc3] (rev 03) Subsystem: Lenovo Wildcat Point-LP LPC Controller [17aa:5034] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 IOMMU group: 9 Capabilities: <access denied> Kernel driver in use: lpc_ich Kernel modules: lpc_ich 00:1f.2 SATA controller [0106]: Intel Corporation Wildcat Point-LP SATA Controller [AHCI Mode] [8086:9c83] (rev 03) (prog-if 01 [AHCI 1.0]) Subsystem: Lenovo Wildcat Point-LP SATA Controller [AHCI Mode] [17aa:5034] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin B routed to IRQ 46 IOMMU group: 9 Region 0: I/O ports at 30a8 [size=8] Region 1: I/O ports at 30b4 [size=4] Region 2: I/O ports at 30a0 [size=8] Region 3: I/O ports at 30b0 [size=4] Region 4: I/O ports at 3060 [size=32] Region 5: Memory at f123c000 (32-bit, non-prefetchable) [size=2K] Capabilities: <access denied> Kernel driver in use: ahci Kernel modules: ahci 00:1f.3 SMBus [0c05]: Intel Corporation Wildcat Point-LP SMBus Controller [8086:9ca2] (rev 03) Subsystem: Lenovo Wildcat Point-LP SMBus Controller [17aa:5034] Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Interrupt: pin C routed to IRQ 18 IOMMU group: 9 Region 0: Memory at f1238000 (64-bit, non-prefetchable) [size=256] Region 4: I/O ports at efa0 [size=32] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Signal processing controller [1180]: Intel Corporation Wildcat Point-LP Thermal Management Controller [8086:9ca4] (rev 03) Subsystem: Lenovo Wildcat Point-LP Thermal Management Controller [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin C routed to IRQ 18 IOMMU group: 9 Region 0: Memory at f123b000 (64-bit, non-prefetchable) [size=4K] Capabilities: <access denied> Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 02:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS5227 PCI Express Card Reader [10ec:5227] (rev 01) Subsystem: Lenovo RTS5227 PCI Express Card Reader [17aa:5034] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 44 IOMMU group: 10 Region 0: Memory at f1100000 (32-bit, non-prefetchable) [size=4K] Capabilities: <access denied> Kernel driver in use: rtsx_pci Kernel modules: rtsx_pci 03:00.0 Network controller [0280]: Intel Corporation Wireless 7265 [8086:095b] (rev 59) Subsystem: Intel Corporation Dual Band Wireless-AC 7265 [Stone Peak 2 AC] [8086:5210] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 50 IOMMU group: 11 Region 0: Memory at f1000000 (64-bit, non-prefetchable) [size=8K] Capabilities: <access denied> Kernel driver in use: iwlwifi Kernel modules: iwlwifi ** USB devices: Bus 001 Device 002: ID 8087:8001 Intel Corp. Integrated Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 003 Device 002: ID 17ef:1012 Lenovo Lenovo ThinkPad Dock Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 002 Device 011: ID 04f2:b449 Chicony Electronics Co., Ltd Integrated Camera Bus 002 Device 008: ID 8087:0a2a Intel Corp. Bluetooth wireless interface Bus 002 Device 005: ID 138a:0017 Validity Sensors, Inc. VFS 5011 fingerprint sensor Bus 002 Device 003: ID 058f:9540 Alcor Micro Corp. AU9540 Smartcard Reader Bus 002 Device 006: ID 17ef:1011 Lenovo Lenovo ThinkPad Dock Bus 002 Device 016: ID 0c76:161e JMTek, LLC. USB PnP Audio Device Bus 002 Device 015: ID 046d:c018 Logitech, Inc. Optical Wheel Mouse Bus 002 Device 014: ID 3297:1969 ZSA Technology Labs Moonlander Mark I Bus 002 Device 013: ID 0bda:2132 Realtek Semiconductor Corp. Web Camera Bus 002 Device 010: ID 0424:2514 Microchip Technology, Inc. (formerly SMSC) USB 2.0 Hub Bus 002 Device 007: ID 0424:2514 Microchip Technology, Inc. (formerly SMSC) USB 2.0 Hub Bus 002 Device 012: ID 0557:2275 ATEN International Co., Ltd KVM V1.2.115 Bus 002 Device 009: ID 0557:8021 ATEN International Co., Ltd Hub Bus 002 Device 004: ID 1a40:0101 Terminus Technology Inc. Hub Bus 002 Device 002: ID 17ef:1012 Lenovo Lenovo ThinkPad Dock Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub -- System Information: Debian Release: 12.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-26-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_DIE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages linux-image-6.1.0-26-amd64 depends on: ii initramfs-tools [linux-initramfs-tool] 0.142+deb12u1 ii kmod 30+20221128-1 ii linux-base 4.9 Versions of packages linux-image-6.1.0-26-amd64 recommends: ii apparmor 3.0.8-3 ii firmware-linux-free 20200122-1 Versions of packages linux-image-6.1.0-26-amd64 suggests: pn debian-kernel-handbook <none> ii grub-pc 2.06-13+deb12u1 pn linux-doc-6.1 <none> Versions of packages linux-image-6.1.0-26-amd64 is related to: pn firmware-amd-graphics <none> pn firmware-atheros <none> pn firmware-bnx2 <none> pn firmware-bnx2x <none> pn firmware-brcm80211 <none> pn firmware-cavium <none> pn firmware-intel-sound <none> pn firmware-intelwimax <none> pn firmware-ipw2x00 <none> pn firmware-ivtv <none> ii firmware-iwlwifi 20230210-5 pn firmware-libertas <none> pn firmware-linux-nonfree <none> pn firmware-misc-nonfree <none> pn firmware-myricom <none> pn firmware-netxen <none> pn firmware-qlogic <none> pn firmware-realtek <none> pn firmware-samsung <none> pn firmware-siano <none> pn firmware-ti-connectivity <none> pn xen-hypervisor <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: linux Source-Version: 6.1.119-1 Done: Salvatore Bonaccorso <car...@debian.org> We believe that the bug you reported is fixed in the latest version of linux, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1086...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated linux package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 22 Nov 2024 23:27:23 +0100 Source: linux Architecture: source Version: 6.1.119-1 Distribution: bookworm-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 1062421 1085762 1086447 1087602 Changes: linux (6.1.119-1) bookworm-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.116 - cpufreq: Generalize of_perf_domain_get_sharing_cpumask phandle format - cpufreq: Avoid a bad reference count on CPU node (CVE-2024-50012) - mm: remove kern_addr_valid() completely - fs/proc/kcore: avoid bounce buffer for ktext data - fs/proc/kcore: convert read_kcore() to read_kcore_iter() - fs/proc/kcore: reinstate bounce buffer for KCORE_TEXT regions - fs/proc/kcore.c: allow translation of physical memory addresses - cgroup: Fix potential overflow issue when checking max_depth - wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (Closes: #1062421) - mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys - wifi: ath11k: Fix invalid ring usage in full monitor mode - wifi: brcm80211: BRCM_TRACING should depend on TRACING - RDMA/cxgb4: Dump vendor specific QP details - RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down - RDMA/bnxt_re: synchronize the qp-handle table array - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (CVE-2024-53059) - [armel,armhf] ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() - macsec: Fix use-after-free while sending the offloading packet (CVE-2024-50261) - net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (CVE-2024-53058) - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (CVE-2024-53042) - gtp: allow -1 to be specified as file description from userspace - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (CVE-2024-53057) - netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (CVE-2024-50259) - bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262) - netfilter: Fix use-after-free in get_info() (CVE-2024-50257) - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256) - Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (CVE-2024-50255) - net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension - netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (CVE-2024-50251) - iomap: convert iomap_unshare_iter to use large folios - iomap: improve shared block detection in iomap_unshare_iter - iomap: don't bother unsharing delalloc extents - iomap: share iomap_unshare_iter predicate code with fsdax - fsdax: remove zeroing code from dax_unshare_iter - fsdax: dax_unshare_iter needs to copy entire blocks (CVE-2024-50250) - iomap: turn iomap_want_unshare_iter into an inline function - compiler-gcc: be consistent with underscores use for `no_sanitize` - compiler-gcc: remove attribute support check for `__no_sanitize_address__` - afs: Automatically generate trace tag enums - afs: Fix missing subdir edit when renamed between parent dirs - ACPI: CPPC: Make rmw_lock a raw_spin_lock (CVE-2024-50249) - fs/ntfs3: Check if more than chunk-size bytes are written (CVE-2024-50247) - fs/ntfs3: Fix warning possible deadlock in ntfs_set_state - fs/ntfs3: Stale inode instead of bad - fs/ntfs3: Fix possible deadlock in mi_read (CVE-2024-50245) - fs/ntfs3: Additional check in ni_clear() (CVE-2024-50244) - scsi: scsi_transport_fc: Allow setting rport state to current state - net: amd: mvme147: Fix probe banner message - NFS: remove revoked delegation from server's delegation list - misc: sgi-gru: Don't disable preemption in GRU driver - usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler - usb: gadget: dummy_hcd: Set transfer interval to 1 microframe - usb: gadget: dummy_hcd: execute hrtimer callback in softirq context - USB: gadget: dummy-hcd: Fix "task hung" problem - ALSA: usb-audio: Add quirks for Dell WD19 dock - usbip: tools: Fix detach_port() invalid port error path - usb: phy: Fix API devm_usb_put_phy() can not release the phy - usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() - xhci: Fix Link TRB DMA in command ring stopped completion event - xhci: Use pm_runtime_get to prevent RPM on unsupported systems - Revert "driver core: Fix uevent_show() vs driver detach race" - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (CVE-2024-50237) - wifi: ath10k: Fix memory leak in management tx (CVE-2024-50236) - wifi: cfg80211: clear wdev->cqm_config pointer on free (CVE-2024-50235) - wifi: iwlegacy: Clear stale interrupts before resuming device (CVE-2024-50234) - iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (CVE-2024-50232) - iio: light: veml6030: fix microlux value calculation - nilfs2: fix potential deadlock with newly created symlinks (CVE-2024-50229) - block: fix sanity checks in blk_rq_map_user_bvec - cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction (CVE-2024-53054) - ALSA: hda/realtek: Limit internal Mic boost on Dell platform - cxl/acpi: Move rescan to the workqueue - cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices() - mm/page_alloc: rename ALLOC_HIGH to ALLOC_MIN_RESERVE - mm/page_alloc: treat RT tasks similar to __GFP_HIGH - mm/page_alloc: explicitly record high-order atomic allocations in alloc_flags - mm/page_alloc: explicitly define what alloc flags deplete min reserves - mm/page_alloc: explicitly define how __GFP_HIGH non-blocking allocations accesses reserves - mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (CVE-2024-50218) - mctp i2c: handle NULL header address (CVE-2024-53043) - ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 - nvmet-auth: assign dh_key to NULL after kfree_sensitive (CVE-2024-50215) - io_uring: rename kiocb_end_write() local helper - fs: create kiocb_{start,end}_write() helpers - io_uring: use kiocb_{start,end}_write() helpers - io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (CVE-2024-53052) - mm: migrate: try again if THP split is failed due to page refcnt - migrate: convert unmap_and_move() to use folios - migrate: convert migrate_pages() to use folios - mm/migrate.c: stop using 0 as NULL pointer - migrate_pages: organize stats with struct migrate_pages_stats - migrate_pages: separate hugetlb folios migration - migrate_pages: restrict number of pages to migrate in batch - migrate_pages: split unmap_and_move() to _unmap() and _move() - vmscan,migrate: fix page count imbalance on node stats when demoting pages - io_uring: always lock __io_cqring_overflow_flush (Closes: #1087602) - [x86] bugs: Use code segment selector for VERW operand (CVE-2024-50072) - wifi: mac80211: fix NULL dereference at band check in starting tx ba session (CVE-2024-43911) - nilfs2: fix kernel bug due to missing clearing of checked flag (CVE-2024-50230) - wifi: iwlwifi: mvm: fix 6 GHz scan construction (CVE-2024-53055) - mm: shmem: fix data-race in shmem_getattr() (CVE-2024-50228) - mtd: spi-nor: winbond: fix w25q128 regression - drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (CVE-2024-43904) - drm/amd/display: Skip on writeback when it's not applicable (CVE-2024-36914) - vt: prevent kernel-infoleak in con_font_get() - mm: avoid gcc complaint about pointer casting - migrate_pages_batch: fix statistics for longterm pin retry https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.117 - [arm64] dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 - [arm64] dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator - [arm64] dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 - [arm64] dts: rockchip: Fix wakeup prop names on PineNote BT node - [arm64] dts: rockchip: Fix bluetooth properties on Rock960 boards - [arm64] dts: rockchip: Remove #cooling-cells from fan on Theobroma lion - [arm64] dts: rockchip: Fix LED triggers on rk3308-roc-cc - [arm64] dts: imx8qm: Fix VPU core alias name - [arm64] dts: imx8qxp: Add VPU subsystem file - [arm64] dts: imx8-ss-vpu: Fix imx8qm VPU IRQs - [arm64] dts: imx8mp: correct sdhc ipg clk - [armhf] ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin - HID: core: zero-initialize the report buffer (CVE-2024-50302) - [x86] platform/x86/amd/pmc: Detect when STB is not available (CVE-2024-53072) - sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() - NFSv3: only use NFS timeout for MOUNT when protocols are compatible - NFSv3: handle out-of-order write replies. - nfs: avoid i_lock contention in nfs_clear_invalid_mapping - security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301) - [arm64] net: enetc: set MAC address to the VF net_device - sctp: properly validate chunk size in sctp_sf_ootb() (CVE-2024-50299) - can: c_can: fix {rx,tx}_errors statistics - ice: change q_index variable type to s16 to store -1 value - i40e: fix race condition by adding filter's intermediate sync state (CVE-2024-53088) - [arm64] net: hns3: fix kernel crash when uninstalling driver (CVE-2024-50296) - net: phy: ti: add PHY_RST_AFTER_CLK_EN flag - net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case - virtio_net: Add hash_key_length check (CVE-2024-53082) - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" - media: stb0899_algo: initialize cfr before using it - media: dvbdev: prevent the risk of out of memory access (CVE-2024-53063) - media: dvb_frontend: don't play tricks with underflow values - media: adv7604: prevent underflow condition when reporting colorspace - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() - [armhf] ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove - media: ar0521: don't overflow when checking PLL values (CVE-2024-53081) - media: s5p-jpeg: prevent buffer overflows (CVE-2024-53061) - media: cx24116: prevent overflows on SNR calculus (CVE-2024-50290) - media: pulse8-cec: fix data timestamp at pulse8_setup() - media: v4l2-tpg: prevent the risk of a division by zero (CVE-2024-50287) - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() - can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation - can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes - ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create (CVE-2024-50286) - ksmbd: Fix the missing xa_store error check (CVE-2024-50284) - ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp (CVE-2024-50283) - pwm: imx-tpm: Use correct MODULO value for EPWM mode - drm/amdgpu: Adjust debugfs eviction and IB access permissions - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (CVE-2024-50282) - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (CVE-2024-53060) - thermal/drivers/qcom/lmh: Remove false lockdep backtrace - dm cache: correct the number of origin blocks to match the target length - dm cache: fix flushing uninitialized delayed_work on cache_ctr error (CVE-2024-50280) - dm cache: fix out-of-bounds access to the dirty bitset when resizing (CVE-2024-50279) - dm cache: optimize dirty bit checking with find_next_bit when resizing - dm cache: fix potential out-of-bounds access on the first resume (CVE-2024-50278) - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow - ALSA: usb-audio: Add quirk for HP 320 FHD Webcam - ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone - nfs: Fix KMSAN warning in decode_getfattr_attrs() (CVE-2024-53066) - net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() - net: vertexcom: mse102x: Fix possible double free of TX skb (CVE-2024-50276) - mptcp: use sock_kfree_s instead of kfree - btrfs: reinitialize delayed ref list after deleting it from the list (CVE-2024-50273) - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540) - Revert "wifi: mac80211: fix RCU list iterations" - net: do not delay dst_entries_add() in dst_release() (CVE-2024-50036) - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format - filemap: Fix bounds checking in filemap_read() (CVE-2024-50272) - fs/proc: fix compile warning about variable 'vmcore_mmap_ops' - signal: restore the override_rlimit logic (CVE-2024-50271) - usb: musb: sunxi: Fix accessing an released usb phy (CVE-2024-50269) - usb: dwc3: fix fault at system suspend if device was already runtime suspended - usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() - USB: serial: io_edgeport: fix use after free in debug printk (CVE-2024-50267) - USB: serial: qcserial: add support for Sierra Wireless EM86xx - USB: serial: option: add Fibocom FG132 0x0112 composition - USB: serial: option: add Quectel RG650V - irqchip/gic-v3: Force propagation of the active state with a read-back - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() - ucounts: fix counter leak in inc_rlimit_get_ucounts() - [x86] ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 - net: sched: use RCU read-side critical section in taprio_dump() (CVE-2024-50126) - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans - media: amphion: Fix VPU core alias name https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.118 - Revert "Bluetooth: fix use-after-free in accessing skb after sending it" - Revert "Bluetooth: hci_sync: Fix overwriting request callback" - Revert "Bluetooth: af_bluetooth: Fix deadlock" - Revert "Bluetooth: hci_core: Fix possible buffer overflow" - Revert "Bluetooth: hci_conn: Consolidate code for aborting connections" (Closes: #1086447) - 9p: Avoid creating multiple slab caches with the same name - nvme: tcp: avoid race between queue_lock lock and destroy - block: Fix elevator_get_default() checking for NULL q->tag_set - HID: multitouch: Add support for B2402FVA track point - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad - nvme: disable CC.CRIME (NVME_CC_CRIME) - bpf: use kvzmalloc to allocate BPF verifier environment - crypto: api - Fix liveliness check in crypto_alg_tested - [arm*] crypto: marvell/cesa - Disable hash algorithms - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML - drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS - nvme-multipath: defer partition scanning (CVE-2024-53093) - [powerpc*] powernv: Free name on error in opal_event_init() - nvme: make keep-alive synchronous operation - bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 - fs: Fix uninitialized value issue in from_kuid and from_kgid - HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad - HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition - md/raid10: improve code of mrdev in raid10_sync_request - io_uring: fix possible deadlock in io_register_iowq_max_workers() (CVE-2024-41080) - uprobes: encapsulate preparation of uprobe args buffer - uprobe: avoid out-of-bounds memory access of fetching args (CVE-2024-50067) - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (CVE-2024-49991) - ext4: fix timer use-after-free on failed mount (CVE-2024-49960) - Bluetooth: L2CAP: Fix uaf in l2cap_connect (CVE-2024-49950) - mm: krealloc: Fix MTE false alarm in __do_krealloc - [x86] platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (CVE-2024-49986) - fs/ntfs3: Fix general protection fault in run_is_mapped_full (CVE-2024-50243) - 9p: fix slab cache name creation for real https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.119 - netlink: terminate outstanding dump on socket close - [arm64,armhf] drm/rockchip: vop: Fix a dereferenced before check warning - mptcp: error out earlier on disconnect - net/mlx5: fs, lock FTE when checking if active - net/mlx5e: kTLS, Fix incorrect page refcounting - net/mlx5e: CT: Fix null-ptr-deref in add rule err flow - virtio/vsock: Fix accept_queue memory leak - Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS - Bluetooth: hci_core: Fix calling mgmt_device_connected - net/sched: cls_u32: replace int refcounts with proper refcounts - net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. - bonding: add ns target multicast address to slave device - [armel,armhf] 9419/1: mm: Fix kernel memory mapping for xip kernels - [x86] mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y - mm: fix NULL pointer dereference in alloc_pages_bulk_noprof - ocfs2: uncache inode which has failed entering the group - vdpa/mlx5: Fix PA offset with unaligned starting iotlb map - ima: fix buffer overrun in ima_eventdigest_init_common - [x86] KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled - [x86] KVM: x86: Unconditionally set irr_pending when updating APICv state - [x86] KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint - ALSA: hda/realtek - Fixed Clevo platform headset Mic issue - ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 - ocfs2: fix UBSAN warning in ocfs2_verify_volume() - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" - mmc: sunxi-mmc: Fix A100 compatible description - drm/bridge: tc358768: Fix DSI command tx - drm/amd: Fix initialization mistake for NBIO 7.7.0 - staging: vchiq_arm: Get the rid off struct vchiq_2835_state - staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation - fs/ntfs3: Additional check in ntfs_file_release (CVE-2024-50242) - Bluetooth: ISO: Fix not validating setsockopt user input (CVE-2024-35964) - lib/buildid: Fix build ID parsing logic - cxl/pci: fix error code in __cxl_hdm_decode_init() - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set - NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point - NFSD: Async COPY result needs to return a write verifier - NFSD: Limit the number of concurrent async COPY operations (CVE-2024-49974) - NFSD: Initialize struct nfsd4_copy earlier - NFSD: Never decrement pending_async_copies on error - mptcp: cope racing subflow creation in mptcp_rcv_space_adjust - mptcp: define more local variables sk - mptcp: add userspace_pm_lookup_addr_by_id helper - mptcp: update local address flags when setting it - mptcp: hold pm lock when deleting entry - mptcp: drop lookup_by_id in lookup_addr - mptcp: pm: use _rcu variant under rcu_read_lock - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() (CVE-2024-26954) - ksmbd: fix potencial out-of-bounds when buffer offset is invalid (CVE-2024-26952) - net: add copy_safe_from_sockptr() helper - nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies - fs/9p: fix uninitialized values during inode evict (CVE-2024-36923) - ipvs: properly dereference pe in ip_vs_add_service (CVE-2024-42322) - net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244) - net: fec: remove .ndo_poll_controller to avoid deadlocks (CVE-2024-38553) - mm: revert "mm: shmem: fix data-race in shmem_getattr()" - mm: avoid unsafe VMA hook invocation when error arises on mmap hook - mm: unconditionally close VMAs on error - mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling - mm: resolve faulty mmap_region() error path behaviour - drm/amd: check num of link levels when update pcie param (CVE-2023-52812) - char: xillybus: Prevent use-after-free due to race condition (CVE-2022-45888) - null_blk: Remove usage of the deprecated ida_simple_xx() API - null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (CVE-2024-36478) - null_blk: Fix return value of nullb_device_power_store() - parisc: fix a possible DMA corruption (CVE-2024-44949) - char: xillybus: Fix trivial bug with mutex - net: Make copy_safe_from_sockptr() match documentation . [ Salvatore Bonaccorso ] * Bump ABI to 28 * [x86] Revert "x86: Increase brk randomness entropy for 64-bit systems" (Closes: #1085762) Checksums-Sha1: e215a34b3972cbccd6b19af51fd7ae55d6e194a7 290930 linux_6.1.119-1.dsc 637745720659db870da3f9934375be1563e2e3f2 137707144 linux_6.1.119.orig.tar.xz b536d58f0bebd603fc256f7cd91f3eb912fde92c 1696788 linux_6.1.119-1.debian.tar.xz d2fe19e4ed37de381a7976fbb7f389d9de33de46 7602 linux_6.1.119-1_source.buildinfo Checksums-Sha256: c13e92aa9821c3f3300c5524f35f2e0da7def1313803547a6c7d41c150fb1714 290930 linux_6.1.119-1.dsc 59e74f3e07779dc13de2ddf10ee6652d373373248caa0517ba7871846985c847 137707144 linux_6.1.119.orig.tar.xz 6f99efa9463c35b875fc7138f1acb72186e283d49cbad5f59c62d35808fb5ae2 1696788 linux_6.1.119-1.debian.tar.xz ccb1fd576bc940f968c0e9d27b13c6ae9b25874cb6fec8ec96fbd006755d3c7e 7602 linux_6.1.119-1_source.buildinfo Files: 344b09c723f1ac7510bff98f4760a2b0 290930 kernel optional linux_6.1.119-1.dsc 883ee8e4156ed707dbb835a490cfe546 137707144 kernel optional linux_6.1.119.orig.tar.xz 879af74209a93e1cdafa2dfc3e4cf36d 1696788 kernel optional linux_6.1.119-1.debian.tar.xz 6c3faf1a1f5310eea4d446efcef730ef 7602 kernel optional linux_6.1.119-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdBBxBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ER7QP/REiQVkOwhywQkCVAx5PlTqcBkRRwsi9 /5RH6q4azq7h6eYsiCOSCVf5lq00XmcH9ME2sHls66sN4FY0AxBLHmgzYf1ccGR3 /CCRK2AVrVZsZtPISZf8kPNCNcGAmyNcS1yLX+6UzaYx/6ajb+AeTG/xhcfPNa0v FZhzBqeawkEt/KYmsSExKnygovqpkffzsAaf4QE3uUYo84vlybxBFLNmwkzcSIeZ a/n/KFcLT6E2Z0GYJdpp5mLzkKFpPu7bzq2Tm0/o2ruL7Qgu4ElpSnr4XR+xM55i Mq9ELem3P1dQzAEmFEgCeGvv7Na4lam3GsCWWN8MNcMgrmzSixxwdDThPw9Km1bX s+aq044FoubG77W1h4S7OFzViO+Vv6nGbCcaH507Z9BDfOBXGvOck9Zq9ZXsPPCF CQIj958dYWsPzDu03LQnn7TqIL3Kos4oWVvI48GbBu4x4CSxmcTqY6l1OTbjtJxz N2DqzhvFvrddHR5WTnWU+znnuHyQFysAi3q1i+nNDwNcQLbNrAWzg7smhe/frXjV hBSjgpOV6VR9mVh8ISiycAUJdL/VnzroOH2KtSgXw/x5ydBv9bQHu5dOwrz6KsBw MkREe2uRbLdnPUP73PKWuk/4N6Gk6rGAihLJyRe+HbbNAUVfpMBdXe3ktyOPiibm nSKuwJCDfrKR =sj+m -----END PGP SIGNATURE-----
pgppodrNrk7Cb.pgp
Description: PGP signature
--- End Message ---
