-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 12 May 2023 06:08:40 +0200 Source: linux Architecture: source Version: 5.10.179-1 Distribution: bullseye-security Urgency: high Maintainer: Debian Kernel Team Changed-By: Salvatore Bonaccorso Closes: 1035779 Changes: linux (5.10.179-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179 - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node - netfilter: br_netfilter: fix recent physdev match breakage - [arm64,armhf] regulator: fan53555: Explicitly include bits header - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (CVE-2023-31436) - virtio_net: bugfix overflow inside xdp_linearize_page() - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP. - sfc: Fix use-after-free due to selftest_work - netfilter: nf_tables: fix ifdef to also consider nf_tables=m - i40e: fix accessing vsi->active_filters without holding lock - i40e: fix i40e_setup_misc_vector() error handling - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() - net: rpl: fix rpl header size calculation - bpf: Fix incorrect verifier pruning due to missing register precision taints - e1000e: Disable TSO on i219-LM card to increase speed - f2fs: Fix f2fs_truncate_partial_nodes ftrace event - Input: i8042 - add quirk for Fujitsu Lifebook A574/H - scsi: megaraid_sas: Fix fw_crash_buffer_show() - scsi: core: Improve scsi_vpd_inquiry() checks - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling - nvme-tcp: fix a possible UAF when failing to allocate an io queue - xen/netback: use same error messages for same errors - xfs: drop submit side trans alloc for append ioends - iio: light: tsl2772: fix reading proximity-diodes from device tree - nilfs2: initialize unused bytes in segment summary blocks - memstick: fix memory leak if card device is never registered - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id() - mm/khugepaged: check again on anon uffd-wp during isolation - sched/uclamp: Make task_fits_capacity() use util_fits_cpu() - sched/uclamp: Fix fits_capacity() check in feec() - sched/uclamp: Make select_idle_capacity() use util_fits_cpu() - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() - sched/uclamp: Make cpu_overutilized() use util_fits_cpu() - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit condition - sched/fair: Detect capacity inversion - sched/fair: Consider capacity inversion in util_fits_cpu() - sched/uclamp: Fix a uninitialized variable warnings - sched/fair: Fixes for capacity inversion detection - virtiofs: clean up error handling in virtio_fs_get_tree() - virtiofs: split requests that exceed virtqueue size - fuse: check s_root when destroying sb - fuse: fix attr version comparison in fuse_read_update_size() - fuse: always revalidate rename target dentry - fuse: fix deadlock between atomic O_TRUNC and page invalidation - Revert "ext4: fix use-after-free in ext4_xattr_set_entry" - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() - ext4: fix use-after-free in ext4_xattr_set_entry - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). - dccp: Call inet6_destroy_sock() via sk->sk_destruct(). - sctp: Call inet6_destroy_sock() via sk->sk_destruct(). - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state() - ASN.1: Fix check for strdup() success . [ Salvatore Bonaccorso ] * netfilter: nf_tables: deactivate anonymous set from preparation phase (CVE-2023-32233) * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during hotplug" * Bump ABI to 23 * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386) * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with vcpu_mask==NULL (Closes: #1035779) Checksums-Sha1: 5c42356f07f28e559267c8aff8b860897a54cc99 197238 linux_5.10.179-1.dsc e97d037e3be0352cf271466c0a2fde584c45ae5d 121881852 linux_5.10.179.orig.tar.xz fe290e9b116394ba85447f4f60a49d9342528548 1594496 linux_5.10.179-1.debian.tar.xz 559ebe4b875b60c77808340d4bc5d9e396688868 6703 linux_5.10.179-1_source.buildinfo Checksums-Sha256: 9d20731cb830b436682307108e5d6f2778ca033480cb4cc7a45f7630f933bf8d 197238 linux_5.10.179-1.dsc 254d0375733a423efd8b364b9c33c88034dec85a76e2cba1093c54a667a74dbd 121881852 linux_5.10.179.orig.tar.xz 00ed06d6564c8df03c40493c091bfd1cdb76df6cca22a56ac39db6cde46df8bc 1594496 linux_5.10.179-1.debian.tar.xz 29d7982ff34cfff46eaf2ba4c250aeed05e52f32b545f3d6e456543613ecb199 6703 linux_5.10.179-1_source.buildinfo Files: c7197fb547bece532befb122bdb52b7e 197238 kernel optional linux_5.10.179-1.dsc 0c6a7ee447e5628fa9c05c56654fa40b 121881852 kernel optional linux_5.10.179.orig.tar.xz 5ae1d3184c4fc258a7024b6bb4344b6d 1594496 kernel optional linux_5.10.179-1.debian.tar.xz c70a03d2b5329aabc223b6374669959c 6703 kernel optional linux_5.10.179-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmRdv4ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ERTYQAIsx3PWUd/Yk7YmOpaAXiMM/u/fVHHst AdXWUiJ7JUgXyisPgeJxumtTFni4x1FJdOGV8j+6WFDajV2tTPsGOtHnlQxJIwHf ymzQC3DkR0UIE3blWrf4UUv0kXhVjEcmx5Ea/lIMr7LflHqzXLMy+THkEQPvizHG dCF4tYCK/v7pV0Yb+3XOOCSUrKLQAH8zcsH5yvOwUq1JE6PrvfS/neDOgOopeYCx eisxs87VMxd3McBsCTrMokTpRLAna1+ig0YdXBWmytPALlWCkeIQxd/gzj+EGm+Q wvPy3gUJlVYCNMj8yaM4VMyyDvIE8m8UR+dg76kQ4tqFHvNSQw3uZhSfF1kpeB2w iziSgeKOptbPuKmzbo18LIRUruHpKB05xOrMH5LRS0fFmZQEvfzMnlhBYDGP9Df7 oQ7JW2v84aZHARzue3q1Wb38YIcysIb2GfKJ7J0nSkjZ6qxCDSuUe3p1BV68LLtl W59+ZUAkfCl+ZBn/N6O92ACW8mHCGp6tkL45J8x9RBcRoHg0zAMvVjmht06YoStz QDugG8HZBA0fJ4LAmChGufIZRFfI0BoRSlT0LCafyq7kZhSSC2QuoFct8zVwQqbq voz0MLP6vp0nn4rDuiAAJJvKFhRi+N+tWfGMuBYstqGojBwq5GEHWIVLI0WMoCBm r1xw6A5zP+aK =VaF1 -----END PGP SIGNATURE-----