Thank you for your contribution to Debian.
Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 04 Jul 2026 16:35:01 +0200 Source: linux-signed-amd64 Architecture: source Version: 7.1.3+1 Distribution: sid Urgency: medium Maintainer: Debian Kernel Team <[email protected]> Changed-By: Salvatore Bonaccorso <[email protected]> Changes: linux-signed-amd64 (7.1.3+1) unstable; urgency=medium . * Sign kernel from linux 7.1.3-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v7.x/ChangeLog-7.1.3 - [amd64] KVM: x86: Fix shadow paging use-after-free due to unexpected role (CVE-2026-53359) - batman-adv: tp_meter: keep unacked list in ascending ordered - batman-adv: tp_meter: initialize dup_acks explicitly - batman-adv: tp_meter: initialize dec_cwnd explicitly - batman-adv: tp_meter: avoid window underflow - batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd - batman-adv: tp_meter: fix fast recovery precondition - batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection - batman-adv: tp_meter: add only finished tp_vars to lists - batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE - batman-adv: prevent ELP transmission interval underflow - batman-adv: tp_meter: initialize last_recv_time during init - batman-adv: gw: don't deselect gateway with active hardif - batman-adv: ensure bcast is writable before modifying TTL - batman-adv: fix (m|b)cast csum after decrementing TTL - batman-adv: frag: ensure fragment is writable before modifying TTL - batman-adv: frag: avoid underflow of TTL - batman-adv: v: prevent OGM aggregation on disabled hardif - batman-adv: tp_meter: restrict number of unacked list entries - batman-adv: tp_meter: annotate last_recv_time access with READ/WRITE_ONCE - batman-adv: tp_meter: prevent parallel modifications of last_recv - batman-adv: tp_meter: handle overlapping packets - batman-adv: tt: don't merge change entries with different VIDs - batman-adv: tt: track roam count per VID - batman-adv: dat: prevent false sharing between VLANs - batman-adv: tvlv: enforce 2-byte alignment - batman-adv: tvlv: avoid race of cifsnotfound handler state - ipv6: account for fraggap on the paged allocation path (CVE-2026-53362) - ipv4: account for fraggap on the paged allocation path - ntfs3: reject direct userspace writes to reserved $LX* xattrs - wifi: mt76: add wcid publish check in mt76_sta_add - mac802154: llsec: add skb_cow_data() before in-place crypto - net: skmsg: preserve sg.copy across SG transforms - net: ip_gre: require CAP_NET_ADMIN in the device netns for changelink - PCI/P2PDMA: Add Intel QAT, DSA, IAA devices to whitelist - apparmor: mediate the implicit connect of TCP fast open sendmsg - apparmor: fix use-after-free in rawdata dedup loop - NTB: epf: Avoid pci_iounmap() with offset when PEER_SPAD and CONFIG share BAR - fbdev: fix use-after-free in store_modes() - fscrypt: Fix key setup in edge case with multiple data unit sizes - kernel/fork: clear PF_BLOCK_TS in copy_process() - block: invalidate cached plug timestamp after task switch - [arm64] KVM: arm64: Omit tag sync on stage-2 mappings of the zero page - err.h: use __always_inline on all error pointer helpers - gcov: use atomic counter updates to fix concurrent access crashes - KEYS: fix overflow in keyctl_pkey_params_get_2() - keys: Pin request_key_auth payload in instantiate paths - userfaultfd: ensure mremap_userfaultfd_fail() releases mmap_changing - userfaultfd: build __VMA_UFFD_FLAGS from config-gated masks - wifi: mt76: mt76x2u: Add support for ELECOM WDC-867SU3S - wifi: mt76: mt7925: don't disable AP BSS when removing TDLS peer - wifi: ath11k: fix warning when unbinding - wifi: rtl8xxxu: Detect the maximum supported channel width - wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor - wifi: rtw88: increase TX report timeout to fix race condition - wifi: rtw88: usb: fix memory leaks on USB write failures - wifi: iwlwifi: mvm: fix race condition in PTP removal - wifi: iwlwifi: mld: fix race condition in PTP removal - wifi: iwlwifi: mld: validate sta_mask before ffs() in BA session handlers - f2fs: fix missing read bio submission on large folio error - f2fs: pass correct iostat type for single node writes - f2fs: reject setattr size changes on large folio files - f2fs: fix to do sanity check on f2fs_get_node_folio_ra() - f2fs: validate orphan inode entry count - f2fs: validate compress cache inode only when enabled - f2fs: atomic: fix UAF issue on f2fs_inode_info.atomic_inode - f2fs: fix to round down start offset of fallocate for pin file - f2fs: bound i_inline_xattr_size for non-inline-xattr inodes - f2fs: validate ACL entry sizes in f2fs_acl_from_disk() - Revert "f2fs: remove non-uptodate folio from the page cache in move_data_block" - f2fs: fix incorrect FI_NO_EXTENT handling in __destroy_extent_node() - f2fs: keep atomic write retry from zeroing original data - f2fs: read COW data with the original inode during atomic write - block: Avoid mounting the bdev pseudo-filesystem in userspace - bpf: use kvfree() for replaced sysctl write buffer - exfat: fix potential use-after-free in exfat_find_dir_entry() - [amd64] KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level - KVM: Replace guest-triggerable BUG_ON() in ioeventfd datamatch with get_unaligned() - gfs2: fix use-after-free in gfs2_qd_dealloc - pwrseq: core: fix use-after-free in pwrseq_debugfs_seq_next() - hdlc_ppp: sync per-proto timers before freeing hdlc state - blk-cgroup: fix UAF in __blkcg_rstat_flush() - tipc: fix slab-use-after-free Read in tipc_aead_decrypt_done - [loong64] Report dying CPU to RCU in stop_this_cpu() - pNFS: Fix use-after-free in pnfs_update_layout() - sched/mmcid: Fix OOB clear_bit when CID is MM_CID_UNSET in fixup path - irqchip/imgpdc: Fix resource leak, add missing chained handler cleanup on remove - fpga: region: fix use-after-free in child_regions_with_firmware() - rpmsg: char: Fix use-after-free on probe error path - ocfs2: reject oversized group bitmap descriptors - 9p: avoid putting oldfid in p9_client_walk() error path - [amd64] KVM: x86: hyper-v: Bound the bank index when querying sparse banks - [amd64] KVM: SVM: Fix page overflow in sev_dbg_crypt() for ENCRYPT path - power: reset: linkstation-poweroff: fix use-after-free in the linkstation_poweroff_init() - [riscv64] mm: Extract helper mark_new_valid_map() - [riscv64] kfence: Call mark_new_valid_map() for kfence_unprotect() - ntfs: serialize volume label accesses - fbdev: Fix fb_new_modelist to prevent null-ptr-deref in fb_videomode_to_var - fbdev: fbcon: fix out-of-bounds read in err_out of fbcon_do_set_font() - fbdev: omap2: fix use-after-free in omapfb_mmap - fbdev: modedb: fix a possible UAF in fb_find_mode() - fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode - i2c: core: fix adapter registration race - nfsd: release layout stid on setlease failure - NFSD: Fix SECINFO_NO_NAME decode error cleanup - nfsd: fix posix_acl leak on SETACL decode failure - nfsd: fix inverted cp_ttl check in async copy reaper - nfsd: fix posix_acl leak and ignored error in nfsd4_create_file - nfsd: check get_user() return when reading princhashlen - nfsd: fix dead ACL conflict guard in nfsd4_create - nfsd: avoid leaking pre-allocated openowner on unconfirmed retry race - nfsd: reset write verifier on deferred writeback errors - NFSv4/flexfiles: reject zero filehandle version count - NFSv4/pNFS: reject zero-length r_addr in nfs4_decode_mp_ds_addr - NFSv4: clear exception state on successful mkdir retry - NFS: Prevent resource leak in nfs_alloc_server() - ksmbd: fix out-of-bounds read in smb_check_perm_dacl() - net/tcp-ao: fix use-after-free of key in del_async path - apparmor: advertise the tcp fast open fix is applied . [ Aurelien Jarno ] * [riscv64] Enable CPU_FREQ_DEFAULT_GOV_SCHEDUTIL instead of CPU_FREQ_DEFAULT_GOV_PERFORMANCE . [ Ben Hutchings ] * [sparc64] udeb: scsi-modules: Use the default module list Checksums-Sha1: 47591d176ab075fc8618fd185975448ec70d51bb 5456 linux-signed-amd64_7.1.3+1.dsc b0d8d2aef4f6f989f8c73588af8b5913f22e39f2 689504 linux-signed-amd64_7.1.3+1.tar.xz Checksums-Sha256: 4dba89d61ce3db2e765080fd223dd858e2bbc937562e809c02815b1ffec9c230 5456 linux-signed-amd64_7.1.3+1.dsc f4c325ead842b7aa559d772c556d6feafe9e33f6f4932ee5ae4e9ce7d6467ccf 689504 linux-signed-amd64_7.1.3+1.tar.xz Files: c1b966f75273fa4743287ac310775309 5456 kernel optional linux-signed-amd64_7.1.3+1.dsc 2d4ebeae226c52bf006718cf63ffe1f6 689504 kernel optional linux-signed-amd64_7.1.3+1.tar.xz -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQSInBJdRTWyTRy0ztFCTVFtUgONCgUCaknpwAAKCRBCTVFtUgON Cp1qAP9w0214HmZhEvqySw6XjMQShoaa+Gfd1EhBjZ4XAU003QD/U8kzyqvDwBSG umZcfUx4uU7cJUCdBM0cwYZ/HMTG/AQ= =WzPs -----END PGP SIGNATURE-----
pgpJNmvmPy4MA.pgp
Description: PGP signature

