Package "linux-azure-5.15-headers-5.15.0-1087"

  linux-azure-5.15 (5.15.0-1087.96~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1087.96~20.04.1 -proposed tracker
    (LP: #2102536)

  [ Ubuntu: 5.15.0-1087.96 ]

  * jammy/linux-azure: 5.15.0-1087.96 -proposed tracker (LP: #2102537)
  * jammy/linux: 5.15.0-138.148 -proposed tracker (LP: #2102587)
  * ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J
    (LP: #2096976)
    - SAUCE: selftest: netfilter: fix null IP field in kci_test_ipsec_offload
  * CVE-2025-21756
    - vsock: Keep the binding until socket destruction
    - vsock: Orphan socket after transport release
  * CVE-2024-50256
    - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
  * CVE-2025-21702
    - pfifo_tail_enqueue: Drop new packet when sch->limit == 0
  * CVE-2025-21703
    - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
  * CVE-2025-21700
    - net: sched: Disallow replacing of child qdisc from one parent to another
  * CVE-2024-46826
    - ELF: fix kernel.randomize_va_space double read
  * CVE-2024-56651
    - can: hi311x: hi3110_can_ist(): fix potential use-after-free
  * iBFT iSCSI out-of-bounds shift UBSAN warning (LP: #2097824)
    - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
  * CVE-2024-50248
    - ntfs3: Add bounds checking to mi_enum_attr()
    - fs/ntfs3: Sequential field availability check in mi_enum_attr()
  * CVE-2022-0995
    - watch_queue: Use the bitmap API when applicable
  * CVE-2024-26837
    - net: bridge: switchdev: Skip MDB replays of deferred events on offload
  * CVE-2025-21701
    - net: avoid race between device unregistration and ethnl ops

 -- Edoardo Canepa <email address hidden> Thu, 03 Apr 2025 18:10:43 +0200

  linux-azure-5.15 (5.15.0-1086.95~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1086.95~20.04.1 -proposed tracker
    (LP: #2104388)

  [ Ubuntu: 5.15.0-1086.95 ]

  * jammy/linux-azure: 5.15.0-1086.95 -proposed tracker (LP: #2104384)
  * Additional Mana Patch Requests for 5.15 Kernel (LP: #2103651)
    - Revert "net: mana: Fix oversized sge0 for GSO packets"
    - RDMA/mana_ib: register RDMA device with GDMA
    - RDMA/mana_ib: query device capabilities
    - net: mana: Implement get_ringparam/set_ringparam for mana
    - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024
    - net: mana: Fix possible double free in error handling path
    - net: mana: Add new MANA VF performance counters for easier troubleshooting
    - net: mana: Fix perf regression: remove rx_cqes, tx_cqes counters
    - net: mana: Add gdma stats to ethtool output for mana
    - net: mana: Configure hwc timeout from hardware
    - net: mana: Fix the extra HZ in mana_hwc_send_request
    - net: netvsc: Update default VMBus channels
    - net: mana: Enable debugfs files for MANA device
    - net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    - net: mana: Add get_link and get_link_ksettings in ethtool
    - scsi: storvsc: Set correct data length for sending SCSI command without
      payload
    - net: mana: Fix oversized sge0 for GSO packets
    - net: mana: cleanup mana struct after debugfs_remove()

  linux-azure-5.15 (5.15.0-1082.91~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1082.91~20.04.1 -proposed tracker
    (LP: #2097897)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.azure-5.15/dkms-versions -- update from kernel-versions
      (main/s2025.01.13)

  [ Ubuntu: 5.15.0-1082.91 ]

  * jammy/linux-azure: 5.15.0-1082.91 -proposed tracker (LP: #2097898)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.azure/dkms-versions -- update from kernel-versions
      (main/s2025.01.13)
  * Backport "CIFS: New mount option for cifs.upcall namespace resolution"
    (LP: #2097564)
    - CIFS: New mount option for cifs.upcall namespace resolution
  * jammy/linux: 5.15.0-134.145 -proposed tracker (LP: #2097944)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/s2025.01.13)
  * CVE-2024-56672
    - blk-cgroup: Fix UAF in blkcg_unpin_online()
  * CVE-2025-0927
    - SAUCE: fs: hfs/hfsplus: add key_len boundary check to hfs_bnode_read_key

 -- Aaron Jauregui <email address hidden> Wed, 19 Feb 2025 16:39:45 +1100

  linux-azure-5.15 (5.15.0-1081.90~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1081.90~20.04.1 -proposed tracker
    (LP: #2093686)

  * Add list of source files to linux-buildinfo (LP: #2086606)
    - [Packaging] azure-5.15: Add dwarfdump package in the Build-Depends
    - [Packaging] azure-5.15: Sort build dependencies alphabetically

  [ Ubuntu: 5.15.0-1081.90 ]

  * jammy/linux-azure: 5.15.0-1081.90 -proposed tracker (LP: #2096817)
  * Ubuntu 20.04 confidential VM deployments are failing (LP: #2096813)
    - Revert "UBUNTU: SAUCE: swiotlb: Split up single swiotlb lock"
    - Revert "UBUNTU: SAUCE: swiotlb: allocate memory in a cache-friendly way"
    - Revert "UBUNTU: SAUCE: swiotlb: use bitmap to track free slots"
    - swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc()

  [ Ubuntu: 5.15.0-1080.89 ]

  * jammy/linux-azure: 5.15.0-1080.89 -proposed tracker (LP: #2093688)
  * Add list of source files to linux-buildinfo (LP: #2086606)
    - [Packaging] azure: Add dwarfdump package in the Build-Depends
    - [Packaging] azure: Sort build dependencies alphabetically
  * jammy/linux: 5.15.0-132.143 -proposed tracker (LP: #2093735)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2025.01.13)
  * KVM: Cache CPUID at KVM.ko module init to reduce latency of VM-Enter and VM-
    Exit (LP: #2093146)
    - kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule
    - KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init
  * Jammy update: v5.15.173 upstream stable release (LP: #2089541)
    - 9p: Avoid creating multiple slab caches with the same name
    - irqchip/ocelot: Fix trigger register address
    - block: Fix elevator_get_default() checking for NULL q->tag_set
    - HID: multitouch: Add support for B2402FVA track point
    - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
    - bpf: use kvzmalloc to allocate BPF verifier environment
    - crypto: marvell/cesa - Disable hash algorithms
    - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML
    - drm/vmwgfx: Limit display layout ioctl array size to
      VMWGFX_NUM_DISPLAY_UNITS
    - powerpc/powernv: Free name on error in opal_event_init()
    - vDPA/ifcvf: Fix pci_read_config_byte() return code handling
    - fs: Fix uninitialized value issue in from_kuid and from_kgid
    - HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad
    - HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard
    - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
    - md/raid10: improve code of mrdev in raid10_sync_request
    - mm/memory: add non-anonymous page check in the copy_present_page()
    - udf: Allocate name buffer in directory iterator on heap
    - udf: Avoid directory type conversion failure due to ENOMEM
    - 9p: fix slab cache name creation for real
    - Linux 5.15.173
  * Jammy update: v5.15.173 upstream stable release (LP: #2089541) //
    CVE-2024-41080
    - io_uring: fix possible deadlock in io_register_iowq_max_workers()
  * Jammy update: v5.15.172 upstream stable release (LP: #2089533)
    - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-
      excavator
    - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
    - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards
    - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion
    - arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc
    - arm64: dts: imx8mp: correct sdhc ipg clk
    - ARM: dts: rockchip: fix rk3036 acodec node
    - ARM: dts: rockchip: drop grf reference from rk3036 hdmi
    - ARM: dts: rockchip: Fix the spi controller on rk3036
    - ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin
    - NFSv3: only use NFS timeout for MOUNT when protocols are compatible
    - NFS: Add a tracepoint to show the results of nfs_set_cache_invalid()
    - NFSv3: handle out-of-order write replies.
    - nfs: avoid i_lock contention in nfs_clear_invalid_mapping
    - net: enetc: set MAC address to the VF net_device
    - can: c_can: fix {rx,tx}_errors statistics
    - net: phy: ti: add PHY_RST_AFTER_CLK_EN flag
    - net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case
    - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown"
    - media: stb0899_algo: initialize cfr before using it
    - media: dvb_frontend: don't play tricks with underflow values
    - media: adv7604: prevent underflow condition when reporting colorspace
    - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer
    - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init()
    - media: pulse8-cec: fix data timestamp at pulse8_setup()
    - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl()
    - pwm: imx-tpm: Use correct MODULO value for EPWM mode
    - drm/amdgpu: Adjust debugfs eviction and IB access permissions
    - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
    - thermal/drivers/qcom/lmh: Remove false lockdep backtrace
    - dm cache: correct the number of origin blocks to match the target length
    - dm cache: optimize dirty bit checking with find_next_bit when resizing
    - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t
      overflow
    - ALSA: usb-audio: Add quirk for HP 320 FHD Webcam
    - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone
    - io_uring: rename kiocb_end_write() local helper
    - fs: create kiocb_{start,end}_write() helpers
    - io_uring: use kiocb_{start,end}_write() helpers
    - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in
      uvc_parse_format
    - fs/proc: fix compile warning about variable 'vmcore_mmap_ops'
    - usb: dwc3: fix fault at system suspend if device was already runtime
      suspended
    - USB: serial: qcserial: add support for Sierra Wireless EM86xx
   

  linux-azure-5.15 (5.15.0-1079.88~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.15: 5.15.0-1079.88~20.04.1 -proposed tracker
    (LP: #2093529)

  [ Ubuntu: 5.15.0-1079.88 ]

  * jammy/linux-azure: 5.15.0-1079.88 -proposed tracker (LP: #2093530)
  * jammy/linux: 5.15.0-131.141 -proposed tracker (LP: #2093573)
  * CVE-2024-53164
    - net: sched: fix ordering of qlen adjustment
  * CVE-2024-53141
    - netfilter: ipset: add missing range check in bitmap_ip_uadt
  * CVE-2024-53103
    - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

 -- Vinicius Peixoto <email address hidden> Fri, 17 Jan 2025 13:40:54 -0300