Package "linux-hwe-6.2"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-hwe-6.2


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 6.2.0
  • Header files related to Linux kernel version 6.2.0
  • Header files related to Linux kernel version 6.2.0
  • Header files related to Linux kernel version 6.2.0

Latest version: 6.2.0-34.34~22.04.1
Release: jammy (22.04)
Level: base
Repository: main


Other versions of "linux-hwe-6.2" in Jammy

Repository Area Version
security main 6.2.0-33.33~22.04.1
updates main 6.2.0-33.33~22.04.1
proposed main 6.2.0-34.34~22.04.1

Packages in group

Deleted packages are displayed in grey.


Version: 6.2.0-34.34~22.04.1 2023-09-07 15:08:45 UTC

 linux-hwe-6.2 (6.2.0-34.34~22.04.1) jammy; urgency=medium
   * jammy/linux-hwe-6.2: 6.2.0-34.34~22.04.1 -proposed tracker (LP: #2033778)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   [ Ubuntu: 6.2.0-34.34 ]
   * lunar/linux: 6.2.0-34.34 -proposed tracker (LP: #2033779)
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - tools headers x86 cpufeatures: Sync with the kernel sources
     - x86/alternative: Optimize returns patching
     - x86/retbleed: Add __x86_return_thunk alignment checks
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Add a forgotten NOENDBR annotation
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - Documentation/hw-vuln: Unify filename specification in index
     - Documentation/srso: Document IBPB aspect and fix formatting
     - x86/srso: Fix build breakage with the LLVM linker
     - x86: Move gds_ucode_mitigated() declaration to header
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with
       retpolines and IBT
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - objtool/x86: Fix SRSO mess
     - x86/alternative: Make custom return thunk unconditional
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/static_call: Fix __static_call_fixup()
     - x86/srso: Correct the mitigation status when SMT is disabled
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * dGPU cannot resume because system firmware stuck in IPCS method
     (LP: #2021572)
     - drm/i915/tc: Abort DP AUX transfer on a disconnected TC port
     - drm/i915/tc: switch to intel_de_* register accessors in display code
     - drm/i915: Enable a PIPEDMC whenever its corresponding pipe is enabled
     - drm/i915/tc: Fix TC port link ref init for DP MST during HW readout
     - drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks
     - drm/i915/tc: Wait for IOM/FW PHY initialization of legacy TC ports
     - drm/i915/tc: Factor out helpers converting HPD mask to TC mode
     - drm/i915/tc: Fix target TC mode for a disconnected legacy port
     - drm/i915/tc: Fix TC mode for a legacy port if the PHY is not ready
     - drm/i915/tc: Fix initial TC mode on disabled legacy ports
     - drm/i915/tc: Make the TC mode readout consistent in all PHY states
     - drm/i915: Add encoder hook to get the PLL type used by TC ports
     - drm/i915/tc: Assume a TC port is legacy if VBT says the port has HDMI
     - drm/i915/tc: Factor out a function querying active links on a TC port
     - drm/i915/tc: Check the PLL type used by an enabled TC port
     - drm/i915/tc: Group the TC PHY setup/query functions per platform
     - drm/i915/tc: Use the adlp prefix for ADLP TC PHY functions
     - drm/i915/tc: Rename tc_phy_status_complete() to tc_phy_is_ready()
     - drm/i915/tc: Use the tc_phy prefix for all TC PHY functions
     - drm/i915/tc: Move TC port fields to a new intel_tc_port struct
     - drm/i915/tc: Check for TC PHY explicitly in
     - drm/i915/tc: Move the intel_tc_port struct declaration to intel_tc.c
     - drm/i915/tc: Add TC PHY hook to get the PHY HPD live status
     - drm/i915/tc: Add TC PHY hooks to get the PHY ready/owned state
     - drm/i915/tc: Add TC PHY hook to read out the PHY HW state
     - drm/i915/tc: Add generic TC PHY connect/disconnect handlers
     - drm/i915/tc: Factor out tc_phy_verify_legacy_or_dp_alt_mode()
     - drm/i915/tc: Add TC PHY hooks to connect/disconnect the PHY
     - drm/i915/tc: Fix up the legacy VBT flag only in disconnected mode
     - drm/i915/tc: Check TC mode instead of the VBT legacy flag
     - drm/i915/tc: Block/unblock TC-cold in the PHY connect/disconnect hooks
     - drm/i915/tc: Remove redundant wakeref=0 check from unblock_tc_cold()
     - drm/i915/tc: Drop tc_cold_block()/unblock()'s power domain parameter
     - drm/i915/tc: Add TC PHY hook to get the TC-cold blocking power domain
     - drm/i915/tc: Add asserts in TC PHY hooks that the required power is on
     - drm/i915/tc: Add TC PHY hook to init the PHY
     - drm/i915/adlp/tc: Use the DE HPD ISR register for hotplug detection
     - drm/i915/tc: Get power ref for reading the HPD live status register
     - drm/i915/tc: Don't connect the PHY in intel_tc_port_connected()
     - drm/i915/adlp/tc: Align the connect/disconnect PHY sequence with bspec
     - drm/i915: Move shared DPLL disabling into CRTC disable hook
     - drm/i915: Disable DPLLs before disconnecting the TC PHY
     - drm/i915: Remove TC PHY disconnect workaround
     - drm/i915: Remove the encoder update_prepare()/complete() hooks
     - drm/i915/dp_mst: Fix active port PLL selection for secondary MST streams
     - drm/i915: Fix PIPEDMC disabling for a bigjoiner configuration
     - drm/i915: Add helpers to reference/unreference a DPLL for a CRTC
     - drm/i915: Make the CRTC state consistent during sanitize-disabling
     - drm/i915: Update connector atomic state before crtc sanitize-disabling
     - drm/i9

Source diff to previous version
1786013 Packaging resync
2022361 Please enable Renesas RZ platform serial installer
2021572 dGPU cannot resume because system firmware stuck in IPCS method
2033654 amdgpu: Fixes for S0i3 resume on Phoenix
2033007 kdump doesn't work with UEFI secure boot and kernel lockdown enabled on ARM64
2033122 Request backport of xen timekeeping performance improvements
2033452 Enable D3cold at s2idle for Intel DG2 GPU
2026322 Fix non-working MT7921e when pre-boot WiFi is enabled
2028122 Fix unreliable ethernet cable detection on I219 NIC
2030924 [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in cpuinfo_min_freq and cpuino_max_freq sysfs files.
2029808 Lunar update: upstream stable patchset 2023-08-03
CVE-2023-4569 A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to
CVE-2023-40283 An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the
CVE-2023-4194 A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized acc
CVE-2023-1206 A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN floo
CVE-2023-4273 A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, wh
CVE-2023-4128 A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local a
CVE-2023-3212 A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tr

Version: 6.2.0-32.32~22.04.1 2023-08-18 12:08:39 UTC

 linux-hwe-6.2 (6.2.0-32.32~22.04.1) jammy; urgency=medium
   * jammy/linux-hwe-6.2: 6.2.0-32.32~22.04.1 -proposed tracker (LP: #2030380)
   [ Ubuntu: 6.2.0-32.32 ]
   * lunar/linux: 6.2.0-32.32 -proposed tracker (LP: #2031134)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
   [ Ubuntu: 6.2.0-30.30 ]
   * lunar/linux: 6.2.0-30.30 -proposed tracker (LP: #2030381)
   * CVE-2022-40982
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
     - ASoC: cs35l41: Refactor error release code
     - ALSA: cs35l41: Add shared boost feature
     - ASoC: dt-bindings: cirrus, cs35l41: Document CS35l41 shared boost
     - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
     - ALSA: hda: cs35l41: Enable Amp High Pass Filter
     - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
     - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
     - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
     - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
     - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
     - ALSA: hda: cs35l41: Move Play and Pause into separate functions
     - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
     - ALSA: hda: cs35l41: Use pre and post playback hooks
     - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
     - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
     - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
   * Reboot command powers off the system (LP: #2029332)
     - x86/smp: Make stop_other_cpus() more robust
     - x86/smp: Dont access non-existing CPUID leaf
   * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
     (LP: #2015400)
     - loop: deprecate autoloading callback loop_probe()
     - loop: do not enforce max_loop hard limit by (new) default
   * Fix UBSAN in Intel EDAC driver (LP: #2028746)
     - EDAC/skx_common: Enable EDAC support for the "near" memory
     - EDAC/skx_common: Delete duplicated and unreachable code
     - EDAC/i10nm: Add Intel Emerald Rapids server support
     - EDAC/i10nm: Make more configurations CPU model specific
     - EDAC/i10nm: Add Intel Granite Rapids server support
     - EDAC/i10nm: Skip the absent memory controllers
   * Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
     - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
     - video/aperture: use generic code to figure out the vga default device
     - drm/aperture: Remove primary argument
     - video/aperture: Only kick vgacon when the pdev is decoding vga
     - video/aperture: Move vga handling to pci function
     - video/aperture: Drop primary argument
     - video/aperture: Only remove sysfb on the default vga pci device
     - fbdev: Simplify fb_is_primary_device for x86
     - video/aperture: Provide a VGA helper for gma500 and internal use
   * Fix AMD gpu hang when screen off/on (LP: #2028740)
     - drm/amd/display: Keep PHY active for dp config
   * Various backlight issues with the 6.0/6.1 kernel (LP: #2023638)
     - ACPI: video: Stop trying to use vendor backlight control on laptops from
       after ~2012
   * FM350(mtk_t7xx) failed to suspend, or early wake while suspending
     (LP: #2020743)
     - net: wwan: t7xx: Ensure init is completed before system sleep
   * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
     - r8152: add USB device driver for config selection
   * CVE-2023-20593
     - x86/cpu/amd: Move the errata checking functionality up
     - x86/cpu/amd: Add a Zenbleed fix
   * CVE-2023-4004
     - netfilter: nft_set_pipapo: fix improper element removal
   * CVE-2023-3611
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue

Source diff to previous version
2031093 libgnutls report \
2029199 NULL pointer dereference on CS35L41 HDA AMP
2029332 Reboot command powers off the system
2028746 Fix UBSAN in Intel EDAC driver
2028749 Make TTY switching possible for NVIDIA when it's boot VGA
2028740 Fix AMD gpu hang when screen off/on
2023197 Fix speaker volume too low on HP G10 laptops
2016398 stacked overlay file system mounts that have chroot() called against them appear to be getting locked (by the kernel most likely?)
2026776 arm64+ast2600: No Output from BMC's VGA port
2024273 Fix eDP only displays 3/4 area after switching to mirror mode with external HDMI 4K monitor
2029138 cifs: fix mid leak during reconnection after timeout threshold
2028979 Lunar update: upstream stable patchset 2023-07-28
2022354 sysfs msi_irqs directory empty with kernel-5.19 when being a xen guest
2028808 Lunar update: upstream stable patchset 2023-07-26
2028580 Lunar update: v6.2.16 upstream stable release
1786013 Packaging resync
CVE-2022-40982 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may al
CVE-2023-20593 An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ...
CVE-2023-4004 A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a
CVE-2023-2898 There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user t
CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNI

Version: 6.2.0-26.26~22.04.1 2023-07-26 16:09:21 UTC

 linux-hwe-6.2 (6.2.0-26.26~22.04.1) jammy; urgency=medium
   * jammy/linux-hwe-6.2: 6.2.0-26.26~22.04.1 -proposed tracker (LP: #2026752)
   [ Ubuntu: 6.2.0-26.26 ]
   * lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
   * CVE-2023-2640 // CVE-2023-32629
     - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
     - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
       trusted.overlayfs.* xattrs"
     - SAUCE: overlayfs: default to userxattr when mounted from non initial user
   * CVE-2023-35001
     - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
   * CVE-2023-31248
     - netfilter: nf_tables: do not ignore genmask when looking up chain by id
   * CVE-2023-3389
     - io_uring/poll: serialize poll linked timer start with poll removal
   * CVE-2023-3390
     - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
   * CVE-2023-3090
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb
   * CVE-2023-3269
     - mm: introduce new 'lock_mm_and_find_vma()' page fault helper
     - mm: make the page fault mmap locking killable
     - arm64/mm: Convert to using lock_mm_and_find_vma()
     - powerpc/mm: Convert to using lock_mm_and_find_vma()
     - mips/mm: Convert to using lock_mm_and_find_vma()
     - riscv/mm: Convert to using lock_mm_and_find_vma()
     - arm/mm: Convert to using lock_mm_and_find_vma()
     - mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
     - powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
     - mm: make find_extend_vma() fail if write lock not held
     - execve: expand new process stack manually ahead of time
     - mm: always expand the stack with the mmap write lock held

Source diff to previous version
CVE-2023-2640 On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overl ...
CVE-2023-32629 Local privilege escalation vulnerability in Ubuntu Kernels overlayfs o ...
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or
CVE-2023-31248 Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active a
CVE-2023-3269 A vulnerability exists in the memory management subsystem of the Linux ...

Version: 6.2.0-25.25~22.04.2 2023-06-28 12:09:08 UTC

 linux-hwe-6.2 (6.2.0-25.25~22.04.2) jammy; urgency=medium
   * jammy/linux-hwe-6.2: 6.2.0-25.25~22.04.2 -proposed tracker (LP: #2024539)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
   [ Ubuntu: 6.2.0-25.25 ]
   * lunar/linux: 6.2.0-25.25 -proposed tracker (LP: #2024167)
   * ftrace in ubuntu_kernel_selftests failed with "check if duplicate events are
     caught" on J-5.15 P9 / J-kvm / L-kvm (LP: #1977827)
     - SAUCE: selftests/ftrace: Add test dependency
   * Add microphone support of the front headphone port on P3 Tower
     (LP: #2023650)
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
   * Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2 (LP: #2023539)
     - ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
   * Fix Disable thunderbolt clx make edp-monitor garbage while moving the
     touchpad (LP: #2023004)
     - drm/i915: Use 18 fast wake AUX sync len
   * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C
     dongle (LP: #2021949)
     - thunderbolt: Increase timeout of DP OUT adapter handshake
     - thunderbolt: Do not touch CL state configuration during discovery
     - thunderbolt: Increase DisplayPort Connection Manager handshake timeout
   * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591)
     - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs
   * Fix only reach PC3 when ethernet is plugged r8169 (LP: #1946433)
     - r8169: use spinlock to protect mac ocp register access
     - r8169: use spinlock to protect access to registers Config2 and Config5
     - r8169: enable cfg9346 config register access in atomic context
     - r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
     - r8169: disable ASPM during NAPI poll
     - r8169: remove ASPM restrictions now that ASPM is disabled during NAPI poll
   * introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
     (LP: #2021605)
     - [Packaging] introduce do_lib_rust and enable it only on generic amd64
   * System either hang with black screen or rebooted on entering suspend on AMD
     Ryzen 9 PRO 7940HS w/ Radeon 780M Graphics (LP: #2020685)
     - drm/amdgpu: refine get gpu clock counter method
     - drm/amdgpu/gfx11: update gpu_clock_counter logic
   * generate linux-lib-rust only on amd64 (LP: #2020356)
     - [Packaging] generate linux-lib-rust only on amd64
   * No HDMI/DP audio output on dock(Nvidia GPU) (LP: #2020062)
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
   * Add support for mdev_set_iommu_device() kABI in Ubuntu 22.10 kernel
     (LP: #1988806)
     - SAUCE: Add mdev_set_iommu_device() kABI.
   * Enable audio LEDs on HP laptops (LP: #2019915)
     - ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop
     - ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop
   * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
     images (LP: #2019040)
   * Lunar update: v6.2.13 upstream stable release (LP: #2023929)
     - ARM: dts: rockchip: fix a typo error for rk3288 spdif node
     - arm64: dts: rockchip: Lower sd speed on rk3566-soquartz
     - arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - arm64: dts: qcom: ipq8074-hk10: enable QMP device, not the PHY node
     - arm64: dts: meson-g12-common: specify full DMC range
     - arm64: dts: meson-g12-common: resolve conflict between canvas & pmu
     - perf/amlogic: adjust register offsets
     - arm64: dts: qcom: sc8280xp-pmics: fix pon compatible and registers
     - arm64: dts: imx8mm-evk: correct pmic clock source
     - arm64: dts: imx8mm-verdin: correct off-on-delay
     - arm64: dts: imx8mp-verdin: correct off-on-delay
     - netfilter: br_netfilter: fix recent physdev match breakage
     - netfilter: nf_tables: Modify nla_memdup's flag to GFP_KERNEL_ACCOUNT
     - rust: str: fix requierments->requirements typo
     - regulator: fan53555: Explicitly include bits header
     - regulator: fan53555: Fix wrong TCS_SLEW_MASK
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - netfilter: nf_tables: validate catch-all set elements
     - cxgb4: fix use after free bugs caused by circular dependency problem
     - netfilter: nf_tables: tighten netlink attribute requirements for catch-all
     - bnxt_en: Do not initialize PTP on older P3/P4 chips
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - LoongArch: Fix build error if CONFIG_SUSPEND is not set
     - bonding: Fix memory leak when changing bond type to Ethernet
     - net: rpl: fix rpl header size calculation
     - mlxsw: pci: Fix possible crash during initialization
     - spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
     - bpf: Fix incorrect verifier pruning due to missing register precision taints
     - net: dsa: microchip: ksz8795: Correctly handle huge frame configuration
     - bnxt_en: fix free-runnig PHC mode
     - e1000e: Disable TSO on i219-LM card to increase speed
     - net: bridge: switchdev: don't notify FDB entries with "master dynamic"
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - platform/x86/intel: vsec: Fix a memory leak in intel_vsec_add_aux
     - platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
     - selftests: sigaltstack: fix -Wuninitialized
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - net: dsa: b53: mmap: add phy ops
     - platform/x86: gigabyte-wmi: add support for B650 AORUS ELITE AX
     - s390/ptrace: fix PTRACE_GET_LAST_BREAK error ha

Source diff to previous version
1786013 Packaging resync
1977827 ftrace in ubuntu_kernel_selftests failed with \
2023650 Add microphone support of the front headphone port on P3 Tower
2023539 Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2
2018591 Enable Tracing Configs for OSNOISE and TIMERLAT
2021605 introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
2020356 generate linux-lib-rust only on amd64
2019915 Enable audio LEDs on HP laptops
2023929 Lunar update: v6.2.13 upstream stable release
2023577 cls_flower: off-by-one in fl_set_geneve_opt
2020531 support python \u003c 3.9 with annotations
CVE-2023-2124 An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty l
CVE-2023-2176 A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-

Version: 6.2.0-23.23~22.04.1 2023-05-30 15:08:47 UTC

 linux-hwe-6.2 (6.2.0-23.23~22.04.1) jammy; urgency=medium
   * jammy/linux-hwe-6.2: 6.2.0-23.23~22.04.1 -proposed tracker (LP: #2021604)
   * Packaging resync (LP: #1786013)
     - [Packaging] update variants
     - [Packaging] update Ubuntu.md
     - [Packaging] resync getabis
     - [Packaging] resync git-ubuntu-log
   * Miscellaneous Ubuntu changes
     - [Packaging] enable rust only in the master kernel for amd64
   * Miscellaneous upstream changes
     - Revert "UBUNTU: SAUCE: modpost: support arbitrary symbol length in
   [ Ubuntu: 6.2.0-23.23 ]
   * lunar/linux: 6.2.0-23.23 -proposed tracker (LP: #2019845)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
   * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
     - drm/i915/psr: Add continuous full frame bit together with single
   * Kernel 6.1 bumped the disk consumption on default images by 15%
     (LP: #2015867)
     - [Packaging] introduce a separate linux-lib-rust package
   * Update I915 PSR calculation on Linux 6.2 (LP: #2018655)
     - drm/i915: Fix fast wake AUX sync len
     - drm/i915: Explain the magic numbers for AUX SYNC/precharge length
   * Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
     (LP: #2017444)
     - [Config]: Disable CONFIG_INTEL_ATOMISP
   * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
     default) (LP: #2016908)
     - SAUCE: (no-up) Stacking v38: Fix prctl() syscall with apparmor=0
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * 5.19 not reporting cgroups v1 blkio.throttle.io_serviced (LP: #2016186)
     - SAUCE: blk-throttle: Fix io statistics for cgroup v1
   * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903)
     - SAUCE: (no-up) apparmor: fix policy_compat perms remap for file dfa
     - SAUCE: (no-up) apparmor: fix profile verification and enable it
     - SAUCE: (no-up) apparmor: fix: add missing failure check in
     - SAUCE: (no-up) apparmor: fix: kzalloc perms tables for shared dfas
   * Lunar update: v6.2.12 upstream stable release (LP: #2017219)
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - drm/amd/display: Pass the right info to drm_dp_remove_payload
     - drm/i915: Workaround ICL CSC_MODE sticky arming
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: hda: patch_realtek: add quirk for Asus N7601ZM
     - ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2
     - ALSA: firewire-tascam: add missing unwind goto in
     - ALSA: emu10k1: don't create old pass-through playback device on Audigy
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - ALSA: hda/hdmi: disable KAE for Intel DG2
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - bluetooth: btbcm: Fix logic error in forming the board name.
     - Bluetooth: Free potentially unfreed SCO connection
     - Bluetooth: hci_conn: Fix possible UAF
     - btrfs: restore the thread_pool= behavior in remount for the end I/O
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - mtd: rawnand: meson: fix bitmask for length in command word
     - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min
     - KVM: arm64: PMU: Restore the guest's EL0 event counting after migration
     - fbcon: Fix error paths in set_con2fb_map
     - fbcon: set_con2fb_map needs to set con2fb_map!
     - drm/i915/dsi: fix DSS CTL register offsets for TGL+
     - io_uring: complete request via task work in case of DEFER_TASKRUN
     - clk: sprd: set max_register according to mapping range
     - RDMA/irdma: Do not generate SW completions for NOPs
     - RDMA/irdma: Fix memory leak of PBLE objects
     - RDMA/irdma: Increase iWARP CM default rexmit count
     - RDMA/irdma: Add ipv4 check to irdma_find_listener()
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/erdma: Fix some typos
     - RDMA/erdma: Update default EQ depth to 4096 and max_send_wr to 8192
     - RDMA/erdma: Inline mtt entries into WQE if supported
     - RDMA/erdma: Defer probing if netdevice can not be found
     - clk: rs9: Fix suspend/resume
     - RDMA/cma: Allow UD qp_type to join multicast only
     - bpf: tcp: Use sock_gen_put instead of sock_put in bpf_iter_tcp
     - LoongArch, bpf: Fix jit to skip speculation barrier opcode
     - dmaengine: apple-admac: Handle 'global' interrupt flags
     - dmaengine: apple-admac: Set src_addr_widths capability
     - dmaengine: apple-admac: Fix 'current_tx' not getting freed
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
     - bpf, arm64: Fixed a BTI error on returning to patched function
     - KVM: arm64: Advertise ID_AA64PFR0_EL1.CSV2/3 to protected VMs
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - tcp: restrict net.ipv4.tcp_app_win
     - bonding: fix ns validation on backup slaves
     - iavf: refactor VLAN filter states
     - iavf: remove active_cvlans and active_svlans bitmaps
     - net: openvswitch: fix race on port output
     - Bluetooth: hci

1786013 Packaging resync
2015867 Kernel 6.1 bumped the disk consumption on default images by 15%
2018655 Update I915 PSR calculation on Linux 6.2
2017444 Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
2016908 udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)
2016186 5.19 not reporting cgroups v1 blkio.throttle.io_serviced
2017903 LSM stacking and AppArmor for 6.2: additional fixes
2017219 Lunar update: v6.2.12 upstream stable release
1685291 RFC: virtio and virtio-scsi should be built in
2015498 Debian autoreconstruct Fix restoration of execute permissions
2007745 [SRU][Jammy] CONFIG_PCI_MESON is not enabled
2008824 sched: cpumask: improve on cpumask_local_spread() locality
2012019 Fix E-star testing failure with RTK 8852BE
2016879 Lunar update: v6.2.11 upstream stable release
2016878 Lunar update: v6.2.10 upstream stable release
2016877 Lunar update: v6.2.9 upstream stable release
2016876 Lunar update: v6.2.8 upstream stable release
2016875 Lunar update: v6.2.7 upstream stable release
CVE-2023-32233 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and
CVE-2023-31436 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-1380 A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
CVE-2023-30456 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

About   -   Send Feedback to @ubuntu_updates