Package "linux-tools-5.15.0-158"

 linux (5.15.0-158.168) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-158.168 -proposed tracker (LP: #2124104)
 .
   * [UBUNTU 22.04] s390/pci: Handle PCI error codes other than 0x3a
     (LP: #2120344)
     - s390/pci: Handle PCI error codes other than 0x3a
 .
   * sources list generation using dwarfdump takes up to 0.5hr in build process
     (LP: #2104911)
     - [Packaging] Don't generate list of source files
 .
   * CVE-2024-26700
     - drm/amd/display: Fix MST Null Ptr for RV
 .
   * CVE-2023-52593
     - wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
     - wifi: wfx: fix memory leak when starting AP
     - wifi: wfx: repair open network AP mode
 .
   * CVE-2025-38477
     - net/sched: sch_qfq: Fix race condition on qfq_aggregate
     - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
       qfq_delete_class
 .
   * CVE-2025-38617
     - net/packet: fix a race in packet_set_ring() and packet_notifier()
 .
   * CVE-2025-38618
     - vsock: Do not allow binding to VMADDR_PORT_ANY
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log

 linux (5.15.0-156.166) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-156.166 -proposed tracker (LP: #2120207)
 .
   * minimal kernel lacks modules for blk disk in arm64 openstack environments
     where config_drive is required (LP: #2118499)
     - [Config] Enable SYM53C8XX_2 on arm64
 .

 linux (5.15.0-154.164) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-154.164 -proposed tracker (LP: #2120098)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.master/dkms-versions -- update from kernel-versions
       (main/2025.08.11)
 .
   * warning at iommu_dma_unmap_page when running ibv_rc_pingpong
     (LP: #2107816)
     - RDMA/mlx5: Fix a WARN during dereg_mr for DM type
 .
   * dmesg flooded with errors: amdgpu: DP AUX transfer fail:4 (LP: #2115238)
     - drm/amd/display: Avoid flooding unnecessary info messages
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995)
     - ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode
     - fix proc_sys_compare() handling of in-lookup dentries
     - vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also
       `transport_local`
     - net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap
     - net: phy: smsc: Fix link failure in forced mode with Auto-MDIX
     - atm: clip: Fix memory leak of struct clip_vcc.
     - ice: safer stats processing
     - rxrpc: Fix oops due to non-existence of prealloc backlog struct
     - bpf: fix precision backtracking instruction iteration
     - bpf, sockmap: Fix skb refcnt race after locking changes
     - xen: replace xen_remap() with memremap()
     - x86/mce/amd: Fix threshold limit reset
     - x86/mce: Don't remove sysfs if thresholding sysfs init fails
     - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel
     - gre: Fix IPv6 multicast route creation.
     - pinctrl: qcom: msm: mark certain pins as invalid for interrupts
     - drm/sched: Increment job count before swapping tail spsc queue
     - drm/gem: Fix race in drm_gem_handle_create_tail()
     - Revert "ACPI: battery: negate current when discharging"
     - btrfs: propagate last_unlink_trans earlier when doing a rmdir
     - btrfs: use btrfs_record_snapshot_destroy() during rmdir
     - RDMA/mlx5: Fix vport loopback for MPV device
     - pwm: mediatek: Ensure to disable clocks in error path
     - netlink: Fix rmem check in netlink_broadcast_deliver().
     - netlink: make sure we allow at least one dump skb
     - xhci: Allow RPM on the USB controller (1022:43f7) by default
     - usb: xhci: quirk for data loss in ISOC transfers
     - xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
     - Input: xpad - support Acer NGR 200 Controller
     - usb:cdnsp: remove TRB_FLUSH_ENDPOINT command
     - usb: cdnsp: Replace snprintf() with the safer scnprintf() variant
     - usb: cdnsp: Fix issue with CV Bad Descriptor test
     - usb: dwc3: Abort suspend on soft disconnect failure
     - dma-buf: add dma_resv_for_each_fence_unlocked v8
     - dma-buf: use new iterator in dma_resv_wait_timeout
     - dma-buf: fix timeout handling in dma_resv_wait_timeout v2
     - wifi: zd1211rw: Fix potential NULL pointer dereference in
       zd_mac_tx_to_dev()
     - smb: server: make use of rdma_destroy_qp()
     - ksmbd: fix a mount write count leak in ksmbd_vfs_kern_path_locked()
     - net: appletalk: Fix device refcount leak in atrtr_create()
     - net: phy: microchip: limit 100M workaround to link-down events on
       LAN88xx
     - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to
       debug level
     - net: ll_temac: Fix missing tx_pending check in ethtools_set_ringparam()
     - bnxt_en: Fix DCB ETS validation
     - atm: idt77252: Add missing `dma_map_error()`
     - um: vector: Reduce stack usage in vector_eth_configure()
     - net: usb: qmi_wwan: add SIMCom 8230C composition
     - HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2
     - vt: add missing notification when switching back to text mode
     - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY
     - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras
     - Input: atkbd - do not skip atkbd_deactivate() when skipping
       ATKBD_CMD_GETID
     - x86/mm: Disable hugetlb page table sharing on 32-bit
     - Linux 5.15.189
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38067
     - rseq: Fix segfault on registration when rseq_cs is non-zero
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38074
     - vhost-scsi: protect vq->log_used with vq->mutex
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38439
     - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38441
     - netfilter: flowtable: account for Ethernet header in
       nf_flow_pppoe_proto()
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38443
     - nbd: fix uaf in nbd_genl_connect() error path
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38444
     - raid10: cleanup memleak at raid10_make_request
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38445
     - md/raid1: Fix stack memory use after return in raid1_reshape
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38375
     - virtio-net: ensure the received length does not exceed allocated size
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2025-38448
     - usb: gadget: u_serial: Fix race condition in TTY wakeup
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2024-44939
     - jfs: fix null ptr deref in dtInsertEntry
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2024-26775
     - aoe: avoid potential deadlock at set_capacity
 .
   * Jammy update: v5.15.189 upstream stable release (LP: #2118995) //
     CVE-2022-48703
     - thermal/int340x_thermal: handle data_vault when the value is
       ZERO_SIZE_PTR
 .
   * Jammy update: v5.15.189 upstrea

 linux (5.15.0-152.162) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-152.162 -proposed tracker (LP: #2117618)
 .
   * [UBUNTU 22.04] kernel: Fix z17 elf platform recognition (LP: #2114450)
     - s390: add z16 elf platform
     - s390: Add z17 elf platform
 .
   * Jammy update: v5.15.185 upstream stable release (LP: #2115240)
     - dma-mapping: avoid potential unused data compilation warning
     - cgroup: Fix compilation issue due to cgroup_mutex not being exported
     - net: enetc: refactor bulk flipping of RX buffers to separate function
     - bpf: fix possible endless loop in BPF map iteration
     - samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora
     - kconfig: merge_config: use an empty file as initfile
     - NFSv4: Check for delegation validity in
       nfs_start_delegation_return_locked()
     - tracing: Mark binary printing functions with __printf() attribute
     - mailbox: use error ret code of of_parse_phandle_with_args()
     - fbdev: fsl-diu-fb: add missing device_remove_file()
     - fbcon: Use correct erase colour for clearing in fbcon
     - fbdev: core: tileblit: Implement missing margin clearing for tileblit
     - NFSv4: Treat ENETUNREACH errors as fatal for state recovery
     - SUNRPC: rpc_clnt_set_transport() must not change the autobind setting
     - SUNRPC: rpcbind should never reset the port to the value '0'
     - thermal/drivers/qoriq: Power down TMU on system suspend
     - dql: Fix dql->limit value when reset.
     - lockdep: Fix wait context check on softirq for PREEMPT_RT
     - PCI: dwc: ep: Ensure proper iteration over outbound map windows
     - tools/build: Don't pass test log files to linker
     - pNFS/flexfiles: Report ENETDOWN as a connection error
     - PCI: vmd: Disable MSI remapping bypass under Xen
     - mmc: host: Wait for Vdd to settle on card power off
     - wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2
     - i2c: qup: Vote for interconnect bandwidth to DRAM
     - i2c: pxa: fix call balance of i2c->clk handling routines
     - btrfs: make btrfs_discard_workfn() block_group ref explicit
     - btrfs: avoid linker error in btrfs_find_create_tree_block()
     - btrfs: get zone unusable bytes while holding lock at
       btrfs_reclaim_bgs_work()
     - btrfs: send: return -ENAMETOOLONG when attempting a path that is too
       long
     - i3c: master: svc: Fix missing STOP for master request
     - dlm: make tcp still work in multi-link env
     - um: Store full CSGSFS and SS register from mcontext
     - um: Update min_low_pfn to match changes in uml_reserved
     - ext4: reorder capability check last
     - scsi: st: Tighten the page format heuristics with MODE SELECT
     - scsi: st: ERASE does not change tape location
     - vfio/pci: Handle INTx IRQ_NOTCONNECTED
     - tcp: reorganize tcp_in_ack_event() and tcp_count_delivered()
     - rtc: rv3032: fix EERD location
     - ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect
     - kbuild: fix argument parsing in scripts/config
     - crypto: octeontx2 - suppress auth failure screaming due to negative
       tests
     - dm: restrict dm device size to 2^63-512 bytes
     - xen: Add support for XenServer 6.1 platform device
     - RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject()
     - posix-timers: Add cond_resched() to posix_timer_add() search loop
     - timer_list: Don't use %pK through printk()
     - netfilter: conntrack: Bound nf_conntrack sysctl writes
     - arm64/mm: Check PUD_TYPE_TABLE in pud_bad()
     - mmc: sdhci: Disable SD card clock before changing parameters
     - ipv6: save dontfrag in cork
     - auxdisplay: charlcd: Partially revert "Move hwidth and bwidth to struct
       hd44780_common"
     - ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup()
     - cpufreq: tegra186: Share policy per cluster
     - arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator
     - powerpc/prom_init: Fixup missing #size-cells on PowerBook6,7
     - tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
     - rtc: ds1307: stop disabling alarms on probe
     - ieee802154: ca8210: Use proper setters and getters for bitwise types
     - ARM: tegra: Switch DSI-B clock parent to PLLD on Tegra114
     - media: c8sectpfe: Call of_node_put(i2c_bus) only once in
       c8sectpfe_probe()
     - remoteproc: qcom_wcnss: Handle platforms with only single power domain
     - drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c
     - pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
     - net: ethernet: ti: cpsw_new: populate netdev of_node
     - net: pktgen: fix mpls maximum labels list parsing
     - ipv4: fib: Move fib_valid_key_len() to rtm_to_fib_config().
     - media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
     - clk: imx8mp: inform CCF of maximum frequency of clocks
     - x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2
     - hwmon: (gpio-fan) Add missing mutex locks
     - ARM: at91: pm: fix at91_suspend_finish for ZQ calibration
     - drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
     - fpga: altera-cvp: Increase credit timeout
     - PCI: brcmstb: Expand inbound window size up to 64GB
     - PCI: brcmstb: Add a softdep to MIP MSI-X driver
     - net/mlx5: Avoid report two health errors on same syndrome
     - selftests/net: have `gro.sh -t` return a correct exit code
     - drm/amdkfd: KFD release_work possible circular locking
     - net: xgene-v2: remove incorrect ACPI_PTR annotation
     - bonding: report duplicate MAC address in all situations
     - soc: ti: k3-socinfo: Do not use syscon helper to build regmap
     - x86/build: Fix broken copy command in genimage.sh when making isoimage
     - drm/amd/display: handle max_downscale_src_width fail check
     - x86/nmi: Add an emergency handler in nmi_desc & use it in
       nmi_shootdown_cpus()
     - cpuidle: menu: Avoid disca

 linux (5.15.0-150.160) jammy; urgency=medium
 .
   * jammy/linux: 5.15.0-150.160 -proposed tracker (LP: #2116706)
 .
   * [UBUNTU 22.04] kernel: Fix z17 elf platform recognition (LP: #2114450)
     - s390: add z16 elf platform
     - s390: Add z17 elf platform
 .
   * Jammy update: v5.15.185 upstream stable release (LP: #2115240)
     - dma-mapping: avoid potential unused data compilation warning
     - cgroup: Fix compilation issue due to cgroup_mutex not being exported
     - net: enetc: refactor bulk flipping of RX buffers to separate function
     - bpf: fix possible endless loop in BPF map iteration
     - samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora
     - kconfig: merge_config: use an empty file as initfile
     - NFSv4: Check for delegation validity in
       nfs_start_delegation_return_locked()
     - tracing: Mark binary printing functions with __printf() attribute
     - mailbox: use error ret code of of_parse_phandle_with_args()
     - fbdev: fsl-diu-fb: add missing device_remove_file()
     - fbcon: Use correct erase colour for clearing in fbcon
     - fbdev: core: tileblit: Implement missing margin clearing for tileblit
     - NFSv4: Treat ENETUNREACH errors as fatal for state recovery
     - SUNRPC: rpc_clnt_set_transport() must not change the autobind setting
     - SUNRPC: rpcbind should never reset the port to the value '0'
     - thermal/drivers/qoriq: Power down TMU on system suspend
     - dql: Fix dql->limit value when reset.
     - lockdep: Fix wait context check on softirq for PREEMPT_RT
     - PCI: dwc: ep: Ensure proper iteration over outbound map windows
     - tools/build: Don't pass test log files to linker
     - pNFS/flexfiles: Report ENETDOWN as a connection error
     - PCI: vmd: Disable MSI remapping bypass under Xen
     - mmc: host: Wait for Vdd to settle on card power off
     - wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2
     - i2c: qup: Vote for interconnect bandwidth to DRAM
     - i2c: pxa: fix call balance of i2c->clk handling routines
     - btrfs: make btrfs_discard_workfn() block_group ref explicit
     - btrfs: avoid linker error in btrfs_find_create_tree_block()
     - btrfs: get zone unusable bytes while holding lock at
       btrfs_reclaim_bgs_work()
     - btrfs: send: return -ENAMETOOLONG when attempting a path that is too
       long
     - i3c: master: svc: Fix missing STOP for master request
     - dlm: make tcp still work in multi-link env
     - um: Store full CSGSFS and SS register from mcontext
     - um: Update min_low_pfn to match changes in uml_reserved
     - ext4: reorder capability check last
     - scsi: st: Tighten the page format heuristics with MODE SELECT
     - scsi: st: ERASE does not change tape location
     - vfio/pci: Handle INTx IRQ_NOTCONNECTED
     - tcp: reorganize tcp_in_ack_event() and tcp_count_delivered()
     - rtc: rv3032: fix EERD location
     - ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect
     - kbuild: fix argument parsing in scripts/config
     - crypto: octeontx2 - suppress auth failure screaming due to negative
       tests
     - dm: restrict dm device size to 2^63-512 bytes
     - xen: Add support for XenServer 6.1 platform device
     - RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject()
     - posix-timers: Add cond_resched() to posix_timer_add() search loop
     - timer_list: Don't use %pK through printk()
     - netfilter: conntrack: Bound nf_conntrack sysctl writes
     - arm64/mm: Check PUD_TYPE_TABLE in pud_bad()
     - mmc: sdhci: Disable SD card clock before changing parameters
     - ipv6: save dontfrag in cork
     - auxdisplay: charlcd: Partially revert "Move hwidth and bwidth to struct
       hd44780_common"
     - ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup()
     - cpufreq: tegra186: Share policy per cluster
     - arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator
     - powerpc/prom_init: Fixup missing #size-cells on PowerBook6,7
     - tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
     - rtc: ds1307: stop disabling alarms on probe
     - ieee802154: ca8210: Use proper setters and getters for bitwise types
     - ARM: tegra: Switch DSI-B clock parent to PLLD on Tegra114
     - media: c8sectpfe: Call of_node_put(i2c_bus) only once in
       c8sectpfe_probe()
     - remoteproc: qcom_wcnss: Handle platforms with only single power domain
     - drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c
     - pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
     - net: ethernet: ti: cpsw_new: populate netdev of_node
     - net: pktgen: fix mpls maximum labels list parsing
     - ipv4: fib: Move fib_valid_key_len() to rtm_to_fib_config().
     - media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
     - clk: imx8mp: inform CCF of maximum frequency of clocks
     - x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2
     - hwmon: (gpio-fan) Add missing mutex locks
     - ARM: at91: pm: fix at91_suspend_finish for ZQ calibration
     - drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
     - fpga: altera-cvp: Increase credit timeout
     - PCI: brcmstb: Expand inbound window size up to 64GB
     - PCI: brcmstb: Add a softdep to MIP MSI-X driver
     - net/mlx5: Avoid report two health errors on same syndrome
     - selftests/net: have `gro.sh -t` return a correct exit code
     - drm/amdkfd: KFD release_work possible circular locking
     - net: xgene-v2: remove incorrect ACPI_PTR annotation
     - bonding: report duplicate MAC address in all situations
     - soc: ti: k3-socinfo: Do not use syscon helper to build regmap
     - x86/build: Fix broken copy command in genimage.sh when making isoimage
     - drm/amd/display: handle max_downscale_src_width fail check
     - x86/nmi: Add an emergency handler in nmi_desc & use it in
       nmi_shootdown_cpus()
     - cpuidle: menu: Avoid disca