UbuntuUpdates.org

Package "linux-riscv"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-riscv

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 6.17.0
  • Header files related to Linux kernel version 6.17.0
  • Header files related to Linux kernel version 6.17.0
  • Header files related to Linux kernel version 6.17.0

Latest version: 6.17.0-41.41.1
Release: questing (25.10)
Level: base
Repository: main

Links



Other versions of "linux-riscv" in Questing

Repository Area Version
base main 6.17.0-5.5.1
security main 6.17.0-40.40.1
updates main 6.17.0-40.40.1
proposed main 6.17.0-41.41.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.17.0-41.41.1 2026-06-27 17:09:46 UTC

 linux-riscv (6.17.0-41.41.1) questing; urgency=medium
 .
   * questing/linux-riscv: 6.17.0-41.41.1 -proposed tracker (LP: #2157481)
 .
   [ Ubuntu: 6.17.0-41.41 ]
 .
   * questing/linux: 6.17.0-41.41 -proposed tracker (LP: #2157484)
   * USB camera lost after suspend due to xhci endpoint_reset failure
     (LP: #2153966)
     - usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable()
   * Add intel-speed-select to linux-tools-$(uname -r) (LP: #2131077)
     - [Packaging] Add intel-speed-select to linux-tools
   * DGX Cloud GB300 clusters fail to build due zero dmac race in neighbor
     resolution (LP: #2154023)
     - IB/core: Fix zero dmac race in neighbor resolution
   * Internal display black screen on Intel Lunar Lake with eDP panel
     (LP: #2156312)
     - drm/i915/alpm: Allow LOBF only for platform that have Always on VRR TG
   * Kernel lockup on 6.17.0-1017-oem Lenovo P14s gen 6 AMD Ryzen AI 7 pro 350
     (LP: #2148538)
     - Revert "drm/amdgpu: don't attach the tlb fence for SI"
     - drm/amdgpu: rework how we handle TLB fences
   * Fix graceful fault handling after FPU softirq changes causes hard freeze
     on EFI runtime calls (LP: #2153976)
     - x86/efi: Fix graceful fault handling after FPU softirq changes
   * Questing update: upstream stable patchset 2026-06-15 (LP: #2156399)
     - readdir: require opt-in for d_type flags
     - can: at91_can: Fix memory leak in at91_can_probe()
     - net/mlx5: Fix memory leak in esw_acl_ingress_lgcy_setup()
     - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
     - net: bcmasp: fix early exit leak with fixed phy
     - net: mvpp2: cls: Fix memory leak in mvpp2_ethtool_cls_rule_ins()
     - ipv6: use the right ifindex when replying to icmpv6 from localhost
     - ixgbe: fix memory leak and use-after-free in ixgbe_recovery_probe()
     - ixgbe: fix memory leaks in the ixgbe_recovery_probe() path
     - ixgbe: don't initialize aci lock in ixgbe_recovery_probe()
     - ice: stop counting UDP csum mismatch as rx_errors
     - net/mlx5e: Account for netdev stats in ndo_get_stats64
     - net: bridge: fix static key check
     - net: phy: micrel: fix clk warning when removing the driver
     - net/mlx5: fs, Fix inverted cap check in tx flow table root disconnect
     - net/mlx5: Initialize events outside devlink lock
     - net/mlx5: Fix vhca_id access call trace use before alloc
     - net/mlx5e: Skip ESN replay window setup for IPsec crypto offload
     - wifi: mac80211: parse all TTLM entries
     - wifi: mac80211: apply advertised TTLM from association response
     - scsi: firewire: sbp-target: Fix overflow in sbp_make_tpg()
     - ASoC: soc-acpi-intel-ptl-match: fix name_prefix of rt1320-2
     - drm/xe: Skip address copy for sync-only execs
     - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion
     - gpiolib: acpi: use BIT_ULL() for u64 mask in address space handler
     - drm/amd/pm: fix race in power state check before mutex lock
     - gpio: brcmstb: correct hwirq to bank map
     - kbuild: rpm-pkg: Generate debuginfo package manually
     - of/reserved_mem: Simplify the logic of fdt_scan_reserved_mem_reg_nodes()
     - of: reserved_mem: Allow reserved_mem framework detect "cma=" kernel
       param
     - bcache: fix improper use of bi_end_io
     - bcache: use bio cloning for detached device requests
     - bcache: fix I/O accounting leak in detached_dev_do_request
     - dma/pool: distinguish between missing and exhausted atomic pools
     - drm/xe/nvm: Manage nvm aux cleanup with devres
     - sched/deadline: Document dl_server
     - sched/deadline: Fix 'stuck' dl_server
     - writeback: fix 100% CPU usage when dirtytime_expire_interval is 0
     - pinctrl: lpass-lpi: implement .get_direction() for the GPIO driver
     - pinctrl: meson: mark the GPIO controller as sleeping
     - pinctrl: qcom: sm8350-lpass-lpi: Merge with SC7280 to fix I2S2 and SWR
       TX pins
     - [Config] Remove CONFIG_PINCTRL_SM8350_LPASS_LPI
     - perf: Simplify get_perf_callchain() user logic
     - riscv: compat: fix COMPAT_UTS_MACHINE definition
     - rust: rbtree: fix documentation typo in CursorMut peek_next method
     - rust: kbuild: give `--config-path` to `rustfmt` in `.rsi` target
     - ASoC: fsl: imx-card: Do not force slot width to sample width
     - scsi: be2iscsi: Fix a memory leak in beiscsi_boot_get_sinfo()
     - ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO
     - gpio: pca953x: mask interrupts in irq shutdown
     - kbuild: rust: clean libpin_init_internal in mrproper
     - scsi: qla2xxx: edif: Fix dma_free_coherent() size
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - gpio: rockchip: Stop calling pinctrl for set_direction
     - mm/kasan: fix KASAN poisoning in vrealloc()
     - mptcp: only reset subflow errors when propagated
     - selftests: mptcp: check no dup close events after error
     - selftests: mptcp: check subflow errors in close events
     - selftests: mptcp: join: fix local endp not being tracked
     - mm/kfence: randomize the freelist on initialization
     - mm/memory-failure: fix missing ->mf_stats count in hugetlb poison
     - mm/memory-failure: teach kill_accessing_process to accept hugetlb tail
       page pfn
     - rust: bits: always inline functions using build_assert with arguments
     - scripts: generate_rust_analyzer: Add pin_init -> compiler_builtins dep
     - scripts: generate_rust_analyzer: Add pin_init_internal deps
     - scripts: generate_rust_analyzer: remove sysroot assertion
     - scripts: generate_rust_analyzer: compile sysroot with correct edition
     - scripts: generate_rust_analyzer: fix resolution of #[pin_data] macros
     - scripts: generate_rust_analyzer: Add compiler_builtins -> core dep
     - drm/msm/a6xx: fix bogus hwcg register updates
     - drm/amd/pm: fix smu v13 soft clock frequency setting issue
     - drm/amd/pm: fix smu v14 soft clock frequency settin

Source diff to previous version
2153966 USB camera lost after suspend due to xhci endpoint_reset failure
2131077 Add intel-speed-select to linux-tools-$(uname -r)
2154023 DGX Cloud GB300 clusters fail to build due zero dmac race in neighbor resolution
2156312 Internal display black screen on Intel Lunar Lake with eDP panel
2148538 Kernel lockup on 6.17.0-1017-oem Lenovo P14s gen 6 AMD Ryzen AI 7 pro 350
2153976 Fix graceful fault handling after FPU softirq changes causes hard freeze on EFI runtime calls
2156399 Questing update: upstream stable patchset 2026-06-15
2156362 Questing update: upstream stable patchset 2026-06-10
2156193 Questing update: upstream stable patchset 2026-06-09
2154749 Questing update: upstream stable patchset 2026-06-01
CVE-2026-23163 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On
CVE-2026-23170 In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the
CVE-2026-23154 In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segmen
CVE-2026-23161 In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem
CVE-2026-23157 In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages
CVE-2026-23168 In the Linux kernel, the following vulnerability has been resolved: flex_proportions: make fprop_new_period() hardirq safe Bernd has reported a loc
CVE-2026-23148 In the Linux kernel, the following vulnerability has been resolved: nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference There i
CVE-2026-23156 In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always
CVE-2026-23159 In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fix perf crash with new is_user_task() helper In order to do a use
CVE-2026-23162 In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliary_dev
CVE-2026-23158 In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs rel
CVE-2026-23152 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping
CVE-2026-23167 In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported
CVE-2026-23173 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering f
CVE-2026-23166 In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer c
CVE-2026-23171 In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a
CVE-2026-23150 In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various mem
CVE-2026-23169 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() syzbot and Eulgyu Kim reporte
CVE-2026-23164 In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rocker_world_port_post_fini() In rocker_world_port_p
CVE-2026-23172 In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving da
CVE-2026-23165 In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the net_dev
CVE-2026-23212 In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races around slave->last_rx slave->last_rx and slave->ta
CVE-2026-23160 In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix memory leak in octep_device_setup() In octep_device_setup(), if
CVE-2026-23151 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp
CVE-2026-23146 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_pro
CVE-2026-23147 In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration [BUG] After commi
CVE-2026-23077 In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge Patch series "mm/
CVE-2026-23079 In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fix resource leaks on errors in lineinfo_changed_notify() On error
CVE-2026-23108 In the Linux kernel, the following vulnerability has been resolved: can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak Fix similar m
CVE-2026-23080 In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak Fix similar m
CVE-2026-23061 In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak Fix simil
CVE-2026-23075 In the Linux kernel, the following vulnerability has been resolved: can: esd_usb: esd_usb_read_bulk_callback(): fix URB memory leak Fix similar mem
CVE-2026-23058 In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar mem
CVE-2026-23085 In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with C
CVE-2026-23118 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following
CVE-2026-23116 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX
CVE-2026-23098 In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nr_route_frame() In nr_route_frame(), old_skb is imm
CVE-2026-23063 In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_qu
CVE-2026-23056 In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uacce_vm_ops to return -EPERM The current uacce_vm_o
CVE-2026-23094 In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation fe
CVE-2026-23096 In the Linux kernel, the following vulnerability has been resolved: uacce: fix cdev handling in the cleanup path When cdev_device_add fails, it int
CVE-2026-23088 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field usage When creating a syntheti
CVE-2026-23090 In the Linux kernel, the following vulnerability has been resolved: slimbus: core: fix device reference leak on report present Slimbus devices can
CVE-2026-23093 In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dma_unmap_sg() nents The dma_unmap_sg() functions should be ca
CVE-2026-23128 In the Linux kernel, the following vulnerability has been resolved: arm64: Set __nocfi on swsusp_arch_resume() A DABT is reported[1] on an android
CVE-2026-23102 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Res
CVE-2026-23107 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to resto
CVE-2026-23114 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but
CVE-2026-23073 In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct
CVE-2026-23135 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a
CVE-2026-23133 In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a
CVE-2026-23067 In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix size_t signedness bug in unmap path __arm_lpae_unmap(
CVE-2025-71200 In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When
CVE-2026-23089 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When snd_usb_create
CVE-2026-23078 In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2_usb_get_
CVE-2026-23076 In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixe
CVE-2026-23092 In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source Wh
CVE-2025-71199 In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver
CVE-2026-23097 In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadl
CVE-2026-23101 In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it is fully ready Before this c
CVE-2026-23070 In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link
CVE-2026-23129 In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers
CVE-2026-23064 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: avoid possible NULL deref tcf_ife_encode() must make sure i
CVE-2026-23086 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives
CVE-2026-23069 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The cred
CVE-2026-23119 In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to __skb_flow_dissect() After 3cbf4ffba5ee ("net
CVE-2026-23084 In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the param
CVE-2026-23124 In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndisc_router_discovery() syzbot found that ndisc_ro
CVE-2026-23121 In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev->work dev->work can re read locklessly in
CVE-2026-23081 In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am
CVE-2026-23104 In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal tem
CVE-2026-23126 In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue related to the operation on bpf_bound_progs list Th
CVE-2026-23059 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy
CVE-2026-23110 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each o
CVE-2026-23065 In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated
CVE-2026-23071 In the Linux kernel, the following vulnerability has been resolved: regmap: Fix race condition in hwspinlock irqsave routine Previously, the addres
CVE-2026-23068 In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently use
CVE-2026-23123 In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize src_node and dst_node to empty strings The de
CVE-2025-71198 In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The
CVE-2026-23113 In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is che
CVE-2026-23106 In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When __
CVE-2026-23100 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb_pmd_shared() Patch series "mm/hugetlb: fixes for PMD ta
CVE-2026-23062 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INS
CVE-2026-23131 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp
CVE-2026-23109 In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes() Above the
CVE-2026-23066 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg() unconditional requeue If rxrpc_recvmsg() fails because MSG
CVE-2026-23087 In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allo
CVE-2025-71197 In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer pass
CVE-2026-23115 In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty->port race condition Revert commit bfc467db60b7 ("seria
CVE-2026-23105 In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_
CVE-2026-23103 In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not pe
CVE-2026-23120 In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tp_tunnel_del_work() We should read sk->sk_socke
CVE-2026-23083 In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem me
CVE-2026-23095 In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak belo
CVE-2026-23125 In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT A null-ptr-deref
CVE-2026-23072 In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tp_udp_encap_recv(). syzbot reported memleak of struct l
CVE-2026-23099 In the Linux kernel, the following vulnerability has been resolved: bonding: limit BOND_MODE_8023AD to Ethernet devices BOND_MODE_8023AD makes sens
CVE-2026-23057 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce bu
CVE-2026-23122 In the Linux kernel, the following vulnerability has been resolved: igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue The previous 7 KB pe
CVE-2026-23130 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit [1] convert
CVE-2026-23025 In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has repo
CVE-2025-71194 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type Whe
CVE-2025-71185 In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make su
CVE-2025-71186 In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop
CVE-2025-71187 In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the
CVE-2026-23026 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory l
CVE-2025-71188 In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to dro
CVE-2025-71163 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop t
CVE-2025-71189 In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure t
CVE-2025-71190 In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the referen
CVE-2025-71191 In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the re
CVE-2026-23049 In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The co
CVE-2026-23144 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a conte
CVE-2026-23142 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failur
CVE-2026-23012 In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: remove call_control in inactive contexts If damon_call() is exec
CVE-2026-23055 In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 ("i2c: riic
CVE-2026-23145 In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4
CVE-2026-23009 In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xh
CVE-2026-23030 In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The
CVE-2026-23002 In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable t
CVE-2026-23052 In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg_remaining calculation in ftra
CVE-2026-22997 In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon rece
CVE-2026-23031 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open
CVE-2026-23032 In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CON
CVE-2026-23033 In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool cre
CVE-2025-71196 In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an
CVE-2025-71193 In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime
CVE-2025-71162 In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Te
CVE-2025-71195 In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assi
CVE-2026-23034 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode q
CVE-2026-23051 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix drm panic null pointer when driver not support atomic When driv
CVE-2026-23006 In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv"
CVE-2026-22999 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_
CVE-2026-23010 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of
CVE-2026-23004 In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was
CVE-2026-23054 In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RS
CVE-2026-23013 In the Linux kernel, the following vulnerability has been resolved: net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback octep_vf_reques
CVE-2026-23035 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an
CVE-2026-22996 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an un
CVE-2026-23000 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_pro
CVE-2026-23011 In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gr
CVE-2026-23007 In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrit
CVE-2026-23001 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (st
CVE-2026-23003 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did no
CVE-2026-23141 In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before acces
CVE-2026-23036 In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget_failed() in btrfs_read_locked_inode() In btrfs_
CVE-2026-22998 In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa
CVE-2026-23037 In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx
CVE-2026-23008 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Sur
CVE-2026-23038 In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_all
CVE-2026-23053 In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadl
CVE-2026-23050 In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open() Ben Coddington r
CVE-2026-23143 In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix misalignment bug in struct virtnet_info Use the new TRAILING_OV
CVE-2026-23005 In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading
CVE-2026-23140 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_fr
CVE-2025-71182 In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939_session_activate() fail if device is no longer registered
CVE-2025-71160 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: avoid chain re-validation if possible Hamza Mahfooz repor
CVE-2026-22994 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference count leak in bpf_prog_test_run_xdp() syzbot is reporting
CVE-2026-23015 In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpio_mpsse_probe() error paths The reference
CVE-2025-71158 In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unpluggi
CVE-2026-23021 In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in update_eth_regs_async() When asynchronous
CVE-2026-22976 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_r
CVE-2026-22987 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy syzbot r
CVE-2026-23042 In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport fl
CVE-2026-22993 In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LU
CVE-2026-22985 In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is
CVE-2026-23024 In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list mainta
CVE-2026-23017 In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the init_task on load If the init_task fails during
CVE-2026-23022 In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vc_core_deinit() Make sure to free hw->lan_regs.
CVE-2026-23023 In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vpo
CVE-2026-22981 In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path fr
CVE-2026-22979 In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list(
CVE-2026-23018 In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfs_read_locked_inode()
CVE-2026-23014 In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimer_t
CVE-2026-23046 In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix device mismatch in devm_kzalloc/devm_kfree Initial rss_hdr allo
CVE-2026-23045 In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning wh
CVE-2026-22977 In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv_errqueue skbuff_fclone_cach
CVE-2026-22982 In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67
CVE-2026-23019 In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink
CVE-2026-23139 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Current
CVE-2026-22986 In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev->srcu If two drivers were calling gpiochip
CVE-2025-71201 In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collect
CVE-2026-23137 In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if
CVE-2025-71184 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting a
CVE-2025-71161 In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems wi
CVE-2026-23047 In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_tar
CVE-2026-23136 In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connec
CVE-2026-22992 In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any err
CVE-2026-22991 In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose
CVE-2026-22990 In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap
CVE-2026-22978 In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit ho
CVE-2026-23044 In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When crypto_all
CVE-2025-71192 In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_ada
CVE-2026-23138 In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was rep
CVE-2025-71180 In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQF_NO_THREAD flag An IRQ handler can either be I
CVE-2025-71183 In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename ex
CVE-2026-23020 In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be
CVE-2026-22989 In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlock_filesystem If we are trying to unl
CVE-2026-22980 In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4_end_grace Writing to v4_end_grace can race with se
CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased e
CVE-2026-46317 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_lock kvm->arch.nested_mmus[]
CVE-2026-43402 In the Linux kernel, the following vulnerability has been resolved: kthread: consolidate kthread exit paths to prevent use-after-free Guillaume rep
CVE-2026-31444 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smb_grant_oplock() smb_grant_oplock
CVE-2026-43037 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following
CVE-2026-45988 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a tempor
CVE-2026-46135 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_
CVE-2026-46195 In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parse_sec_desc()
CVE-2026-31402 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache u
CVE-2026-43378 In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via
CVE-2026-31657 In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() ca
CVE-2026-46266 In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP Yizhou Zhao reporte
CVE-2026-46289 In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch series "Fi
CVE-2026-31436 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc()
CVE-2026-31649 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode imp
CVE-2026-31659 In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_
CVE-2026-31448 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, whe
CVE-2026-43071 In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem
CVE-2026-31478 In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
CVE-2026-31682 In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses
CVE-2026-43117 In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file(
CVE-2026-31669 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table loo
CVE-2026-46115 In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used
CVE-2026-45898 In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removing work_list The commit e1168
CVE-2026-46244 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), wh
CVE-2026-43493 In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can
CVE-2026-43186 In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receiv
CVE-2026-31685 In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()`
CVE-2026-43114 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New t
CVE-2026-46325 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE The current
CVE-2026-31668 In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 l
CVE-2026-43197 In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole
CVE-2026-43083 In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace->type.bit6 is set: if (tra
CVE-2026-46043 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() curr
CVE-2026-23428 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of share_conf in compound request smb2_get_ksmbd_tcon
CVE-2026-23450 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() Syzkaller repo
CVE-2026-46185 In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlink_data() Since smb2_check_message()
CVE-2026-23455 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ9
CVE-2026-46119 In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potenti
CVE-2026-46039 In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer over
CVE-2026-23427 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parse_dur
CVE-2026-31718 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger When a du
CVE-2026-31637 In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decry
CVE-2026-43011 In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_
CVE-2026-43038 In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review
CVE-2026-31635 In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgk_verify_response()
CVE-2026-43501 In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rc
CVE-2026-43125 In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_n
CVE-2026-43185 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prep
CVE-2026-43341 In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6_fill_trac
CVE-2026-31607 In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP clie
CVE-2026-43384 In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, M
CVE-2026-43383 In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks,
CVE-2026-43376 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using call_rcu() for oplock_info ksmbd currently f
CVE-2026-46243 In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descript
CVE-2026-43414 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xx_els_dcmd_iocb() sp-
CVE-2026-43407 In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() This pa
CVE-2026-43406 In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in process_message_header() If t
CVE-2026-43304 In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that
CVE-2026-22984 In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an

Version: 6.17.0-38.38.1 2026-06-06 04:09:48 UTC

 linux-riscv (6.17.0-38.38.1) questing; urgency=medium
 .
   * questing/linux-riscv: 6.17.0-38.38.1 -proposed tracker (LP: #2151891)
 .
   [ Ubuntu: 6.17.0-38.38 ]
 .
   * questing/linux: 6.17.0-38.38 -proposed tracker (LP: #2154532)
   * Generic questing kernel oops on bootup with newer Nvidia machines
     (LP: #2154481)
     - nouveau: don't attempt fwsec on sb on newer platforms.
   * Kernel regression (6.8.0-117.generic) (LP: #2153556)
     - bonding: do not set usable_slaves for broadcast mode
   * powerpc-build in ubuntu_kernel_selftests fails to build due to
     uninitialized value (LP: #2129844)
     - selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
   * iptables connlimit traffic loss (LP: #2149872)
     - netfilter: nf_conncount: fix tracking of connections from localhost
   * On Dell system, the internal OLED display drops to a visibly low FPS after
     suspend/resume (LP: #2144712)
     - drm/i915/psr: Disable Panel Replay on Dell XPS 14 DA14260 as a quirk
     - drm/i915/psr: Fixes for Dell XPS DA14260 quirk
   * CVE-2026-23272
     - netfilter: nf_tables: unconditionally bump set->nelems before insertion
   * CVE-2026-31418
     - netfilter: ipset: drop logically empty buckets in mtype_del
   * CVE-2026-23392
     - netfilter: nf_tables: release flowtable after rcu grace period on error
   * CVE-2026-23278
     - netfilter: nf_tables: always walk all pending catchall elements
   * GRO managed-frag use-after-free leading to local privilege escalation
     (LP: #2154172)
     - net: gro: don't merge zcopy skbs
   * AppArmor Vulnerabilities (LP: #2151747)
     - SAUCE: apparmor: pass big_resp to handler
     - SAUCE: apparmor: remove redundant kref_init for listener->count
     - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47337
     - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47334
     - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47333
     - SAUCE: apparmor: fix dfa unpacking size of the notification filter
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47332
     - SAUCE: apparmor: fix size check against type instead of pointer
   * apparmor: LLVM/clang build failure due to uninitialized variable in
     notify.c (LP: #2148809) // CVE-2026-47330
     - SAUCE: apparmor: initialize variable used in uninitialized context
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47329
     - SAUCE: apparmor: fix name validation bypass on notification
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47327 //
     CVE-2026-47328
     - SAUCE: apparmor: fix glob memory leak after kstrdup
   * AppArmor Vulnerabilities (LP: #2151747) // CVE-2026-47326
     - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer
   * CVE-2026-46300
     - net: skbuff: preserve shared-frag marker during coalescing
     - net: skbuff: propagate shared-frag marker through frag-transfer helpers
   * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
     - net/rds: reset op_nents when zerocopy page pin fails
   * CVE-2026-46333
     - ptrace: slightly saner 'get_dumpable()' logic
   * CVE-2026-43500
     - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
     - rxrpc: Fix potential UAF after skb_unshare() failure
     - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
     - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
   * CVE-2026-31676 // CVE-2026-43500
     - rxrpc: only handle RESPONSE during service challenge
   * CVE-2026-43284
     - xfrm: esp: avoid in-place decrypt on shared skb frags
   * CVE-2026-31419
     - net: bonding: fix use-after-free in bond_xmit_broadcast()
   * CVE-2026-31431
     - crypto: algif_aead - Revert to operating out-of-place
     - crypto: algif_aead - snapshot IV for async AEAD requests
     - crypto: authencesn - Do not place hiseq at end of dst for out-of-place
       decryption
     - crypto: authencesn - Fix src offset when decrypting in-place
     - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
     - crypto: algif_aead - Fix minimum RX size check for decryption
   * CVE-2026-31533
     - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race

Source diff to previous version
2154481 Generic questing kernel oops on bootup with newer Nvidia machines
2153556 Kernel regression (6.8.0-117.generic)
2129844 powerpc-build in ubuntu_kernel_selftests fails to build due to uninitialized value
2149872 iptables connlimit traffic loss
2144712 On Dell system, the internal OLED display drops to a visibly low FPS after suspend/resume
2154172 GRO managed-frag use-after-free leading to local privilege escalation
2151747 AppArmor Vulnerabilities
2148809 apparmor: LLVM/clang build failure due to uninitialized variable in notify.c
2153962 net/rds: reset op_nents when zerocopy page pin fails
CVE-2026-23272 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case
CVE-2026-31418 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts
CVE-2026-23392 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call sy
CVE-2026-23278 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transact
CVE-2026-47337 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47334 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47333 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47332 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47330 Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which ca ...
CVE-2026-47329 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to val ...
CVE-2026-47327 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible N ...
CVE-2026-47328 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which in ...
CVE-2026-47326 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory lea ...
CVE-2026-46300 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() c
CVE-2026-46333 In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fu
CVE-2026-43500 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA
CVE-2026-31676 In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE pack
CVE-2026-43284 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can atta
CVE-2026-31419 In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast()
CVE-2026-31431 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commi
CVE-2026-31533 In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUS
CVE-2026-31504 In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` h

Version: 6.17.0-28.28.1 2026-04-26 18:10:02 UTC

 linux-riscv (6.17.0-28.28.1) questing; urgency=medium
 .
   * questing/linux-riscv: 6.17.0-28.28.1 -proposed tracker (LP: #2149991)
 .
   [ Ubuntu: 6.17.0-28.28 ]
 .
   * questing/linux: 6.17.0-28.28 -proposed tracker (LP: #2150051)
   * Linux kernel 6.17.0-22.22 breaks amdxdna (LP: #2149766)
     - Revert "iommu: disable SVA when CONFIG_X86 is set"

Source diff to previous version
2149766 Linux kernel 6.17.0-22.22 breaks amdxdna

Version: 6.17.0-24.24.1 2026-04-22 23:10:27 UTC

 linux-riscv (6.17.0-24.24.1) questing; urgency=medium
 .
   * questing/linux-riscv: 6.17.0-24.24.1 -proposed tracker (LP: #2148021)
 .
   [ Ubuntu: 6.17.0-24.24 ]
 .
   * questing/linux: 6.17.0-24.24 -proposed tracker (LP: #2148025)
   * Remount ext4 to readonly with data=journal mode may dump call trace
     (LP: #2147400)
     - ext4: fix stale xarray tags after writeback
   * System hangs during stress-ng stack test (LP: #2137755)
     - mm, swap: fix swap cache index error when retrying reclaim
   * BUG: kernel NULL pointer dereference when starting VM inside a container
     (LP: #2147374)
     - apparmor: fix NULL pointer dereference in __unix_needs_revalidation
   * BUG: kernel NULL pointer dereference in amdgpu (LP: #2144577)
     - drm/amdgpu: validate the flush_gpu_tlb_pasid()
     - drm/amdgpu: Fix validating flush_gpu_tlb_pasid()
   * Jellyfin Desktop Flatpak doesn't work with the current AppArmor profile
     (LP: #2142956)
     - SAUCE: apparmor5.0.0 [53/57]: apparmor: fix af_unix local addr mediation
       binding
   * Fine grained network mediation was broken if v8/v9 was used (LP: #2142860)
     - SAUCE: apparmor5.0.0 [29/57]: apparmor: fix fine grained inet mediation
       sock_file_perm
   * Enable CirrusLogic audio solution CS42L45+CS35L63 on AMD and Intel PTL
     (LP: #2143104)
     - ASoC: amd: acp: Add ACP7.0 match entries for cs35l56 and cs42l43
     - ASoC: amd: acp: soc-acpi: add is_device_rt712_vb() helper
     - ASoC: amd: acp: Sort match table into most specific first
     - ASoC: amd: acp: Rename Cirrus Logic component match entries to include
       link and uid
     - ASoC: amd: acp: Sort Cirrus Logic match entries
     - ASoC: amd: acp: Add ACP7.0 match entries for Cirrus Logic parts
     - ASoC: amd: acp: Fix Kconfig dependencies for
       SND_SOC_ACPI_AMD_SDCA_QUIRKS
     - [Config] Enable SND_SOC_ACPI_AMD_SDCA_QUIRKS
     - soundwire: amd: add clock init control function
     - soundwire: amd: refactor bandwidth calculation logic
   * CVE-2026-23112
     - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec
   * Canonical Kmod 2025 key rotation (LP: #2147447)
     - [Packaging] ubuntu-compatible-signing -- make Ubuntu-Compatible-Signing
       extensible
     - [Packaging] ubuntu-compatible-signing -- allow consumption of positive
       certs
     - [Packaging] ubuntu-compatible-signing -- report the livepatch:2025 key
     - [Config] prepare for Canonical Kmod key rotation
     - [Packaging] ubuntu-compatible-signing -- report the kmod:2025 key
     - [Packaging] ensure our cert rollups are always fresh
   * Questing update: upstream stable patchset 2026-03-24 (LP: #2146193)
     - mptcp: fallback earlier on simult connection
     - mm: consider non-anon swap cache folios in folio_expected_ref_count()
     - mptcp: ensure context reset on disconnect()
     - wifi: mac80211: Discard Beacon frames to non-broadcast address
     - net: phy: mediatek: fix nvmem cell reference leak in
       mt798x_phy_calibration
     - drm/amdgpu: Forward VMID reservation errors
     - sched/fair: Small cleanup to sched_balance_newidle()
     - sched/fair: Small cleanup to update_newidle_cost()
     - sched/fair: Proportional newidle balance
     - Revert "iommu/amd: Skip enabling command/event buffers for kdump"
     - sched/proxy: Yield the donor task
     - drm: nova: depend on CONFIG_64BIT
     - sched/core: Add comment explaining force-idle vruntime snapshots
     - mm/huge_memory: merge uniform_split_supported() and
       non_uniform_split_supported()
     - drm/amdgpu: don't attach the tlb fence for SI
     - sched_ext: fix uninitialized ret on alloc_percpu() failure
     - idpf: fix LAN memory regions command on some NVMs
     - Bluetooth: MGMT: report BIS capability flags in supported settings
     - powerpc/tools: drop `-o pipefail` in gcc check scripts
     - net: airoha: Move net_devs registration in a dedicated routine
     - net: wangxun: move PHYLINK dependency
     - platform/x86/intel/pmt: Fix kobject memory leak on init failure
     - bng_en: update module description
     - mcb: Add missing modpost build support
     - net: mdio: rtl9300: use scoped for loops
     - tools/sched_ext: fix scx_show_state.py for scx_root change
     - platform/x86/intel/pmt/discovery: use valid device pointer in
       dev_err_probe
     - net: fib: restore ECMP balance from loopback
     - RDMA/mana_ib: check cqe length for kernel CQs
     - drm/gem-shmem: Fix the MODULE_LICENSE() string
     - kunit: Enforce task execution in {soft,hard}irq contexts
     - ublk: don't pass q_id to ublk_queue_cmd_buf_size()
     - ublk: implement NUMA-aware memory allocation
     - ublk: scan partition in async way
     - drm/xe/guc: READ/WRITE_ONCE g2h_fence->done
     - IB/rxe: Fix missing umem_odp->umem_mutex unlock on error path
     - hisi_acc_vfio_pci: Add .match_token_uuid callback in
       hisi_acc_vfio_pci_migrn_ops
     - mm, swap: do not perform synchronous discard during allocation
     - clk: qcom: mmcc-sdm660: Add missing MDSS reset
     - clk: qcom: Fix SM_VIDEOCC_6350 dependencies
     - [Config] set CONFIG_SM_GCC_6350, CONFIG_SM_VIDEOCC_6350 to '-'
     - clk: qcom: Fix dependencies of QCS_{DISP,GPU,VIDEO}CC_615
     - [Config] set CONFIG_QCS_{DISP,GPU,VIDEO}CC_615 to '-'
     - arm64: dts: ti: k3-am62d2-evm: Fix regulator properties
     - arm64: dts: ti: k3-am62d2-evm: Fix PMIC padconfig
     - arm64: dts: st: Add memory-region-names property for stm32mp257f-ev1
     - arm64: dts: qcom: sm6350: Fix wrong order of freq-table-hz for UFS
     - NFSD: Make FILE_SYNC WRITEs comply with spec
     - nvmet: pci-epf: move DMA initialization to EPC init callback
     - PCI: dwc: Add support for ELBI resource mapping
     - PCI: meson: Fix parsing the DBI register region
     - power: supply: max77705: Fix potential IRQ chip conflict when probing
       two devices
     - media: iris: Refine internal buffer reconfiguration logic for resolution
       change
    

Source diff to previous version
2147400 Remount ext4 to readonly with data=journal mode may dump call trace
2137755 System hangs during stress-ng stack test
2147374 BUG: kernel NULL pointer dereference when starting VM inside a container
2144577 BUG: kernel NULL pointer dereference in amdgpu
2142956 Jellyfin Desktop Flatpak doesn't work with the current AppArmor profile
2142860 Fine grained network mediation was broken if v8/v9 was used
2147447 Canonical Kmod 2025 key rotation
2146193 Questing update: upstream stable patchset 2026-03-24
2145171 [SRU] MIPI camera is not working after upgrading to 6.17-oem
2144060 ADATA SU680 causes repeated SATA resets and I/O errors on Ubuntu unless link power management is forced to max_performance
2144637 [SRU] Fix for i915 PSR issue on SDC panels on Intel PTL
2143100 Got black screen after clicked logout button
2144522 Dell Machines cannot boot into OS with 6.17.0-1012-oem
2143083 [SRU] Duplicated entries in /proc/\u003cpid\u003e/mountinfo
2144380 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23112 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i
CVE-2025-71141 In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drm_kms_helper_poll
CVE-2025-71090 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() nfsd4_add
CVE-2025-71139 In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area *** Bug description *
CVE-2025-71152 In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description --------
CVE-2025-71142 In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as
CVE-2025-71155 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gm
CVE-2025-71134 In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: change all pageblocks migrate type on coalescing When a page is
CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved: af_unix: Give up GC if MSG_PEEK intervened. Igor Ushakov reported that GC purge
CVE-2026-23274 In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revi
CVE-2026-23209 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23351 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian r
CVE-2026-23231 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addc

Version: 6.17.0-22.22.1 2026-03-29 05:11:40 UTC

 linux-riscv (6.17.0-22.22.1) questing; urgency=medium
 .
   * questing/linux-riscv: 6.17.0-22.22.1 -proposed tracker (LP: #2143424)
 .
   [ Ubuntu: 6.17.0-22.22 ]
 .
   * questing/linux: 6.17.0-22.22 -proposed tracker (LP: #2143428)
   * Questing preinstalled server fails to boot on QCS8300 based boards
     (LP: #2134400)
     - [Config] move qcom interconnect/pinctrl/gcc as built-in for QCS8300
   * TBT call trace while connecting TBT4 monitor on TBT5 port (LP: #2137613)
     - SAUCE: thunderbolt: log path activation failures without WARN backtraces
   * efi: Fix swapped arguments to bsearch() in efi_status_to_*() SAUCE patch
     (LP: #2141276)
     - SAUCE efi: Fix swapped arguments to bsearch() in efi_status_to_*()
   * [SRU]Fix xe GPU suspend/resume crash on Battlemage (LP: #2141377)
     - drm/xe: make xe_gt_idle_disable_c6() handle the forcewake internally
   * Accumulative updates for Intel PTL-H component enabling PV rev3.0
     (LP: #2137272)
     - drm/i915/display: Optimize panel power-on wait time
     - HID: intel-ish-hid: Use dedicated unbound workqueues to prevent resume
       blocking
     - drm/xe/guc: Recommend GUC v70.49.4 for PTL, BMG
     - HID: Intel-thc-hid: Intel-thc: Use str_true_false() helper
     - HID: intel-thc-hid: intel-quicki2c: support ACPI config for advanced
       features
     - usb: typec: ucsi: Add SET_POWER_LEVEL UCSI command to debugfs
   * Questing update: upstream stable patchset 2026-03-04 (LP: #2142250)
     - bpf: Fix sleepable context for async callbacks
     - bpf: extract generic helper from process_timer_func()
     - bpf: Fix handling maps with no BTF and non-constant offsets for the
       bpf_wq
     - irqchip: Drop leftover brackets
     - irqchip: Pass platform device to platform drivers
     - arm64: dts: exynos: gs101: fix clock module unit reg sizes
     - ice: move service task start out of ice_init_pf()
     - ice: move ice_init_interrupt_scheme() prior ice_init_pf()
     - ice: ice_init_pf: destroy mutexes and xarrays on memory alloc failure
     - ice: move udp_tunnel_nic and misc IRQ setup into ice_init_pf()
     - ice: move ice_init_pf() out of ice_init_dev()
     - ice: extract ice_init_dev() from ice_init()
     - ice: move ice_deinit_dev() to the end of deinit paths
     - ice: remove duplicate call to ice_deinit_hw() on error paths
     - arm64: dts: qcom: lemans: Add missing quirk for HS only USB controller
     - tools/nolibc: x86: fix section mismatch caused by asm "mem*" functions
     - arm64: dts: ti: k3-j784s4: Fix I2C pinmux pull configuration
     - wifi: ath12k: enforce vdev limit in ath12k_mac_vdev_create()
     - ARM: dts: am33xx: Add missing serial console speed
     - arm64: tegra: Add pinctrl definitions for pcie-ep nodes
     - arm64: mm: Move KPTI helpers to mmu.c
     - arm64/mm: Allow __create_pgd_mapping() to propagate pgtable_alloc()
       errors
     - pwm: Simplify printf to emit chip->npwm in $debugfs/pwm
     - pwm: Use %u to printf unsigned int pwm_chip::npwm and pwm_chip::id
     - soc/tegra: fuse: speedo-tegra210: Update speedo IDs
     - iio: core: add missing mutex_destroy in iio_dev_release()
     - iio: core: Clean up device correctly on iio_device_alloc() failure
     - iommu/vt-d: Set INTEL_IOMMU_FLOPPY_WA depend on BLK_DEV_FD
     - of/fdt: Fix the len check in early_init_dt_check_for_elfcorehdr()
     - of/fdt: Fix the len check in early_init_dt_check_for_usable_mem_range()
     - rtla/tests: Extend action tests to 5s
     - rtla: Fix -a overriding -t argument
     - btrfs: make sure extent and csum paths are always released in
       scrub_raid56_parity_stripe()
     - iomap: allocate s_dio_done_wq for async reads as well
     - RDMA/irdma: Remove doorbell elision logic
     - selftests/landlock: Fix makefile header list
     - io_uring/kbuf: use READ_ONCE() for userspace-mapped memory
     - ALSA: wavefront: Clear substream pointers on close
     - btrfs: do not skip logging new dentries when logging a new name
     - btrfs: fix a potential path leak in print_data_reloc_error()
     - bpf, arm64: Do not audit capability check in do_jit()
     - btrfs: fix memory leak of fs_devices in degraded seed device path
     - iomap: account for unaligned end offsets when truncating read range
     - scripts/faddr2line: Fix "Argument list too long" error
     - sched/fair: Revert max_newidle_lb_cost bump
     - x86/ptrace: Always inline trivial accessors
     - ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint()
       only
     - cpufreq: dt-platdev: Add JH7110S SOC to the allowlist
     - ACPI: fan: Workaround for 64-bit firmware bug
     - cpufreq: s5pv210: fix refcount leak
     - cpuidle: menu: Use residency threshold in polling state override
       decisions
     - livepatch: Match old_sympos 0 and 1 in klp_find_func()
     - fs/ntfs3: Support timestamps prior to epoch
     - kbuild: Use objtree for module signing key path
     - hfsplus: fix volume corruption issue for generic/070
     - hfsplus: fix volume corruption issue for generic/073
     - fs/ntfs3: check for shutdown in fsync
     - wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU
     - wifi: cfg80211: stop radar detection in cfg80211_leave()
     - wifi: cfg80211: use cfg80211_leave() in iftype change
     - wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC
       load
     - wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet
     - btrfs: scrub: always update btrfs_scrub_progress::last_physical
     - gfs2: fix remote evict for read-only filesystems
     - gfs2: Fix "gfs2: Switch to wait_event in gfs2_quotad"
     - smb/server: fix return value of smb2_ioctl()
     - Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV
     - Bluetooth: btusb: MT7922: Add VID/PID 0489/e170
     - Bluetooth: btusb: MT7920: Add VID/PID 0489/e135
     - Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE
     - Bluetooth: btusb: Add new VID/PID 0x0489/0x

2134400 Questing preinstalled server fails to boot on QCS8300 based boards
2141276 efi: Fix swapped arguments to bsearch() in efi_status_to_*() SAUCE patch
2141377 [SRU]Fix xe GPU suspend/resume crash on Battlemage
2142250 Questing update: upstream stable patchset 2026-03-04
CVE-2025-68791 In the Linux kernel, the following vulnerability has been resolved: fuse: missing copy_finish in fuse-over-io-uring argument copies Fix a possible
CVE-2025-68805 In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a
CVE-2025-68812 In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in iris_vb2_s
CVE-2025-71117 In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the re
CVE-2025-71070 In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server proces
CVE-2025-71124 In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preempt_prepare_postamble after error check Move the call to
CVE-2025-71115 In the Linux kernel, the following vulnerability has been resolved: um: init cpu_tasks[] earlier This is currently done in uml_finishsetup(), but e
CVE-2025-68823 In the Linux kernel, the following vulnerability has been resolved: ublk: fix deadlock when reading partition table When one process(such as udev)
CVE-2025-68793 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu recovery Avoid a possible UAF i
CVE-2025-68807 In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbt_enable_default and IO submission When wbt_enable_de
CVE-2025-68768 In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdir_pre_exit() We have been seeing occasio
CVE-2025-71140 In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previous
CVE-2025-71156 In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are
CVE-2024-36347 Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious micr
CVE-2025-71068 In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages index in inline path svc_rdma_copy_inline_range i
CVE-2025-68772 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpen
CVE-2025-71105 In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inline_xattr_slab instead of per-sb slab cache As Hong Yun rep
CVE-2025-71130 In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initia
CVE-2025-71138 In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add missing NULL pointer check for pingpong interface It is checke
CVE-2025-71083 In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to ex
CVE-2025-71099 In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() In xe_oa_add_config_io
CVE-2025-71079 In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A dea
CVE-2025-71129 In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native cal
CVE-2025-71093 In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we rea
CVE-2025-71084 In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroye
CVE-2025-71096 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly The netlink res
CVE-2025-71136 In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_st
CVE-2025-71143 In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8
CVE-2025-71078 In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the
CVE-2025-71089 In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries
CVE-2025-71081 In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync pro
CVE-2025-71153 In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in get_file_all_info() In get_file_all_info(), if vfs_ge
CVE-2025-71135 In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt
CVE-2025-71157 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() Since nld
CVE-2025-71133 In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not
CVE-2025-71080 In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT On PREEMPT_RT kernels,
CVE-2025-71086 In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device
CVE-2025-71097 In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects Whe
CVE-2025-71085 In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exi
CVE-2025-71095 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDP_TX action There is a crash i
CVE-2025-71137 In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that th
CVE-2025-71101 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
CVE-2025-71094 In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY a
CVE-2025-71132 In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPT_RT When smc91x.c is built with PREEMP
CVE-2025-71154 In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_reg
CVE-2025-71091 In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() The
CVE-2025-71098 In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to
CVE-2025-71082 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921
CVE-2025-71131 In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_
CVE-2025-71087 In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs
CVE-2025-71100 In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() TID getti
CVE-2025-68821 In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 ("fuse: allocate ff->r
CVE-2025-71071 In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the
CVE-2025-71111 In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU The macro FAN_FROM
CVE-2025-71113 In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several cryp
CVE-2025-71149 In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: correctly handle io_poll_add() return value on update When the c
CVE-2025-68778 In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transactio
CVE-2025-71119 In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a pa
CVE-2025-71120 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy
CVE-2025-68811 In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rc_pageoff for memcpy byte offset svc_rdma_copy_inline_range added
CVE-2025-68803 In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL
CVE-2025-71148 In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() repl
CVE-2025-68788 In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inoti
CVE-2025-71125 In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do
CVE-2025-68784 In the Linux kernel, the following vulnerability has been resolved: xfs: fix a UAF problem in xattr repair The xchk_setup_xattr_buf function can al
CVE-2025-71104 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
CVE-2025-71116 In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osd
CVE-2025-71121 In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old varia
CVE-2025-71102 In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in __scs_magic __scs_magic() needs a 'void *' variab
CVE-2025-68804 In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver After unbinding
CVE-2025-68771 In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2_find_victim_chain syzbot reported a kernel BUG i
CVE-2025-68808 In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtv
CVE-2025-68810 In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot Reject attemp
CVE-2025-68769 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_recover_fsync_data() With below scripts, it will
CVE-2025-71069 In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesy
CVE-2025-68796 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reporte
CVE-2025-71065 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, the
CVE-2025-71107 In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests
CVE-2025-68782 In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset t_task_cdb pointer in error case If allocation of cmd->t_ta
CVE-2025-71075 In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() f
CVE-2025-68818 In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
CVE-2025-68797 In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in ac_ioctl Discovered by Atuin -
CVE-2025-68781 In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The
CVE-2025-68819 In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() rlen value is a
CVE-2025-71126 In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP dea
CVE-2025-68820 In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc()
CVE-2025-71123 In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't
CVE-2025-71077 In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upp
CVE-2025-68814 In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates
CVE-2025-71147 In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2_load_cmd 'tpm2_load_cmd' allocates a t
CVE-2025-71151 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3_reconfigure() In smb3_reconfigure
CVE-2025-71109 In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since
CVE-2025-71108 In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec stat
CVE-2025-71114 In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watc
CVE-2025-68783 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices get_meter_levels_from_u
CVE-2025-68776 In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() prp_get_untag
CVE-2025-68773 In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec
CVE-2025-68822 In the Linux kernel, the following vulnerability has been resolved: Input: alps - fix use-after-free bugs caused by dev3_register_work The dev3_reg
CVE-2025-71073 In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() sch
CVE-2025-68777 In the Linux kernel, the following vulnerability has been resolved: Input: ti_am335x_tsc - fix off-by-one error in wire_order validation The curren
CVE-2025-68806 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The
CVE-2025-71150 In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a
CVE-2025-68786 In the Linux kernel, the following vulnerability has been resolved: ksmbd: skip lock-range check on equal size to avoid size==0 underflow When size
CVE-2025-71076 In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open paramet
CVE-2025-68802 In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit num_syncs to prevent oversized allocations The exec and vm_bind i
CVE-2025-71112 In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be us
CVE-2025-71064 In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the num_tqps in the vf driver to apply for resources Currently
CVE-2025-68775 In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake r
CVE-2025-68816 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate format string parameters Add validation for forma
CVE-2025-68795 In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing userspace buffer on stats query The ethtool -S comma
CVE-2025-71122 In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED syzkaller fo
CVE-2025-68815 In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active list if it changes to strict W
CVE-2025-68799 In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrml_receive() The cffrml_receive() function e
CVE-2025-68813 In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs
CVE-2025-68785 In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in push_nsh() action The push
CVE-2025-68770 In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix XDP_TX path For XDP_TX action in bnxt_rx_xdp(), clearing of the ev
CVE-2025-68800 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats Cite
CVE-2025-68801 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_router: Fix neighbour use-after-free We sometimes observe use-a
CVE-2025-71066 In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdis
CVE-2025-68787 In the Linux kernel, the following vulnerability has been resolved: netrom: Fix memory leak in nr_sendmsg() syzbot reported a memory leak [1]. Whe
CVE-2025-68809 In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on m_flags in vfs_cache ksmbd maintains delete-on-close an
CVE-2025-68817 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Under hig
CVE-2025-68767 In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that S_IF
CVE-2025-68774 In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create When sync() and link
CVE-2025-71067 In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read boot_block when mounting When mounting, sb->s
CVE-2025-71118 In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node is NULL Although commit 0c999
CVE-2025-68780 In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set free_cpus for online runqueues Commit 16b269436b72 ("s
CVE-2025-68798 In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc->even
CVE-2025-68794 In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomap_adjust
CVE-2025-71072 In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are
CVE-2025-68351 In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfat_find Fix refcount leaks in `exfat_find` relat
CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or direct
CVE-2025-68353 In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlan_xmit_one Neither sock4 nor sock6 pointe
CVE-2025-68745 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx:
CVE-2025-68365 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninit
CVE-2025-68368 In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddev_init IO operations may be needed before md_run(), such
CVE-2025-68725 In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. re
CVE-2026-23111 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()
CVE-2026-23209 In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23074 In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of te
CVE-2026-23060 In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec au



About   -   Send Feedback to @ubuntu_updates