-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 02 Jul 2026 15:50:42 +0200 Source: linux Binary: ata-modules-6.1.0-50-powerpc64le-di bpftool bpftool-dbgsym btrfs-modules-6.1.0-50-powerpc64le-di cdrom-core-modules-6.1.0-50-powerpc64le-di crc-modules-6.1.0-50-powerpc64le-di crypto-dm-modules-6.1.0-50-powerpc64le-di crypto-modules-6.1.0-50-powerpc64le-di event-modules-6.1.0-50-powerpc64le-di ext4-modules-6.1.0-50-powerpc64le-di f2fs-modules-6.1.0-50-powerpc64le-di fancontrol-modules-6.1.0-50-powerpc64le-di fat-modules-6.1.0-50-powerpc64le-di fb-modules-6.1.0-50-powerpc64le-di firewire-core-modules-6.1.0-50-powerpc64le-di fuse-modules-6.1.0-50-powerpc64le-di hypervisor-modules-6.1.0-50-powerpc64le-di i2c-modules-6.1.0-50-powerpc64le-di input-modules-6.1.0-50-powerpc64le-di isofs-modules-6.1.0-50-powerpc64le-di jfs-modules-6.1.0-50-powerpc64le-di kernel-image-6.1.0-50-powerpc64le-di libcpupower-dev libcpupower1 libcpupower1-dbgsym linux-config-6.1 linux-cpupower linux-cpupower-dbgsym linux-headers-6.1.0-50-powerpc64le linux-headers-powerpc64le linux-image-6.1.0-50-powerpc64le linux-image-6.1.0-50-powerpc64le-dbg linux-image-powerpc64le linux-image-powerpc64le-dbg linux-kbuild-6.1 linux-kbuild-6.1-dbgsym linux-libc-dev linux-perf linux-perf-dbgsym loop-modules-6.1.0-50-powerpc64le-di md-modules-6.1.0-50-powerpc64le-di mouse-modules-6.1.0-50-powerpc64le-di mtd-core-modules-6.1.0-50-powerpc64le-di multipath-modules-6.1.0-50-powerpc64le-di nbd-modules-6.1.0-50-powerpc64le-di nic-modules-6.1.0-50-powerpc64le-di nic-shared-modules-6.1.0-50-powerpc64le-di nic-usb-modules-6.1.0-50-powerpc64le-di nic-wireless-modules-6.1.0-50-powerpc64le-di ppp-modules-6.1.0-50-powerpc64le-di sata-modules-6.1.0-50-powerpc64le-di scsi-core-modules-6.1.0-50-powerpc64le-di scsi-modules-6.1.0-50-powerpc64le-di scsi-nic-modules-6.1.0-50-powerpc64le-di serial-modules-6.1.0-50-powerpc64le-di squashfs-modules-6.1.0-50-powerpc64le-di udf-modules-6.1.0-50-powerpc64le-di uinput-modules-6.1.0-50-powerpc64le-di usb-modules-6.1.0-50-powerpc64le-di usb-serial-modules-6.1.0-50-powerpc64le-di usb-storage-modules-6.1.0-50-powerpc64le-di usbip usbip-dbgsym xfs-modules-6.1.0-50-powerpc64le-di Architecture: ppc64el Version: 6.1.176-1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) Changed-By: Ben Hutchings Description: ata-modules-6.1.0-50-powerpc64le-di - ATA disk modules (udeb) bpftool - Inspection and simple manipulation of BPF programs and maps btrfs-modules-6.1.0-50-powerpc64le-di - BTRFS filesystem support (udeb) cdrom-core-modules-6.1.0-50-powerpc64le-di - CDROM support (udeb) crc-modules-6.1.0-50-powerpc64le-di - CRC modules (udeb) crypto-dm-modules-6.1.0-50-powerpc64le-di - devicemapper crypto module (udeb) crypto-modules-6.1.0-50-powerpc64le-di - crypto modules (udeb) event-modules-6.1.0-50-powerpc64le-di - Event support (udeb) ext4-modules-6.1.0-50-powerpc64le-di - ext2/ext3/ext4 filesystem support (udeb) f2fs-modules-6.1.0-50-powerpc64le-di - f2fs filesystem support (udeb) fancontrol-modules-6.1.0-50-powerpc64le-di - Apple powermac fancontrol modules (udeb) fat-modules-6.1.0-50-powerpc64le-di - FAT filesystem support (udeb) fb-modules-6.1.0-50-powerpc64le-di - Frame buffer support (udeb) firewire-core-modules-6.1.0-50-powerpc64le-di - Core FireWire drivers (udeb) fuse-modules-6.1.0-50-powerpc64le-di - FUSE modules (udeb) hypervisor-modules-6.1.0-50-powerpc64le-di - IBM 64bit hypervisor console modules (udeb) i2c-modules-6.1.0-50-powerpc64le-di - i2c support modules (udeb) input-modules-6.1.0-50-powerpc64le-di - Input devices support (udeb) isofs-modules-6.1.0-50-powerpc64le-di - ISOFS filesystem support (udeb) jfs-modules-6.1.0-50-powerpc64le-di - JFS filesystem support (udeb) kernel-image-6.1.0-50-powerpc64le-di - Linux kernel image and core modules for the Debian installer (udeb) libcpupower-dev - CPU frequency and voltage scaling tools for Linux (development fi libcpupower1 - CPU frequency and voltage scaling tools for Linux (libraries) linux-config-6.1 - Debian kernel configurations for Linux 6.1 linux-cpupower - CPU power management tools for Linux linux-headers-6.1.0-50-powerpc64le - Header files for Linux 6.1.0-50-powerpc64le linux-headers-powerpc64le - Header files for Linux powerpc64le configuration (meta-package) linux-image-6.1.0-50-powerpc64le - Linux 6.1 for Little-endian 64-bit PowerPC linux-image-6.1.0-50-powerpc64le-dbg - Debug symbols for linux-image-6.1.0-50-powerpc64le linux-image-powerpc64le - Linux for Little-endian 64-bit PowerPC (meta-package) linux-image-powerpc64le-dbg - Debugging symbols for Linux powerpc64le configuration (meta-packa linux-kbuild-6.1 - Kbuild infrastructure for Linux 6.1 linux-libc-dev - Linux support headers for userspace development linux-perf - Performance analysis tools for Linux loop-modules-6.1.0-50-powerpc64le-di - Loopback filesystem support (udeb) md-modules-6.1.0-50-powerpc64le-di - RAID and LVM support (udeb) mouse-modules-6.1.0-50-powerpc64le-di - Mouse support (udeb) mtd-core-modules-6.1.0-50-powerpc64le-di - MTD core (udeb) multipath-modules-6.1.0-50-powerpc64le-di - Multipath support (udeb) nbd-modules-6.1.0-50-powerpc64le-di - Network Block Device modules (udeb) nic-modules-6.1.0-50-powerpc64le-di - NIC drivers (udeb) nic-shared-modules-6.1.0-50-powerpc64le-di - Shared NIC drivers (udeb) nic-usb-modules-6.1.0-50-powerpc64le-di - USB NIC drivers (udeb) nic-wireless-modules-6.1.0-50-powerpc64le-di - Wireless NIC drivers (udeb) ppp-modules-6.1.0-50-powerpc64le-di - PPP drivers (udeb) sata-modules-6.1.0-50-powerpc64le-di - SATA drivers (udeb) scsi-core-modules-6.1.0-50-powerpc64le-di - Core SCSI subsystem (udeb) scsi-modules-6.1.0-50-powerpc64le-di - SCSI drivers (udeb) scsi-nic-modules-6.1.0-50-powerpc64le-di - SCSI drivers for converged NICs (udeb) serial-modules-6.1.0-50-powerpc64le-di - Serial drivers (udeb) squashfs-modules-6.1.0-50-powerpc64le-di - squashfs modules (udeb) udf-modules-6.1.0-50-powerpc64le-di - UDF modules (udeb) uinput-modules-6.1.0-50-powerpc64le-di - uinput support (udeb) usb-modules-6.1.0-50-powerpc64le-di - USB support (udeb) usb-serial-modules-6.1.0-50-powerpc64le-di - USB serial drivers (udeb) usb-storage-modules-6.1.0-50-powerpc64le-di - USB storage support (udeb) usbip - USB device sharing system over IP network xfs-modules-6.1.0-50-powerpc64le-di - XFS filesystem support (udeb) Closes: 1130365 Changes: linux (6.1.176-1) bookworm-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.175 - [x86] ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA - [x86] ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk - [arm64] media: rkvdec: reduce stack usage in rkvdec_init_v4l2_vp9_count_tbl() - [x86] ALSA: asihpi: avoid write overflow check warning - [x86] ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF - can: mcp251x: add error handling for power enable in open and resume - btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (CVE-2026-43117) - [x86] ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx - [x86] netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry (CVE-2026-43114) - [x86] ALSA: hda/realtek: add quirk for Framework F111:000F - wifi: wl1251: validate packet IDs before indexing tx_frames (CVE-2026-43113) - ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list - ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex - fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CVE-2026-43112) - [x86] ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx - [x86] pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) - HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 - [x86] ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 - HID: roccat: fix use-after-free in roccat_report_event (CVE-2026-43111) - ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 - wifi: brcmfmac: validate bsscfg indices in IF events (CVE-2026-43110) - [armhf] ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J - [armhf] soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching - [arm64] dts: imx8mq: Set the correct gpu_ahb clock frequency - PCI: hv: Set default NUMA node to 0 for devices without affinity info - [arm*] drm/vc4: Release runtime PM reference after binding V3D - [arm*] drm/vc4: Fix memory leak of BO array in hang state (CVE-2026-43105) - [arm*] drm/vc4: Fix a memory leak in hang state error path (CVE-2026-43104) - [arm*] drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock - epoll: use refcount to reduce ep_mutex contention - eventpoll: defer struct eventpoll free to RCU grace period (CVE-2026-43074) - net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684) - net: lapbether: handle NETDEV_PRE_TYPE_CHANGE (CVE-2026-43103) - ipv4: icmp: fix null-ptr-deref in icmp_build_probe() (CVE-2026-43099) - nfc: s3fwrn5: allocate rx skb before consuming bytes (CVE-2026-43098) - tracing/probe: reject non-closed empty immediate strings - ixgbevf: add missing negotiate_features op to Hyper-V ops table (CVE-2026-43094) - e1000: check return value of e1000_read_eeprom - xsk: tighten UMEM headroom validation to account for tailroom and min frame (CVE-2026-43093) - xfrm_user: fix info leak in build_mapping() (CVE-2026-43089) - netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (CVE-2026-43085) - netfilter: xt_multiport: validate range encoding in checkentry (CVE-2026-31681) - netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685) - af_unix: read UNIX_DIAG_VFS data under unix_state_lock (CVE-2026-31673) - l2tp: Drop large packets with UDP encap (CVE-2026-43080) - [arm64,armhf] gpio: tegra: fix irq_release_resources calling enable instead of disable - [x86] perf/x86/intel/uncore: Skip discovery table for offline dies (CVE-2026-43079) - Revert "drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug" (regression in 6.1.167) - netfilter: conntrack: add missing netlink policy validations (CVE-2026-31407) - [x86] drm/i915/psr: Do not use pipe_src as borders for SU area - nfc: llcp: add missing return after LLCP_CLOSED checks (CVE-2026-31629) - can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) - [arm*] i2c: s3c24xx: check the size of the SMBUS message before using it (CVE-2026-31627) - staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (CVE-2026-31626) - HID: alps: fix NULL pointer dereference in alps_raw_event() (CVE-2026-31625) - HID: core: clamp report_size in s32ton() to avoid undefined shift (CVE-2026-31624) - net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (CVE-2026-31623) - NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (CVE-2026-31622) - [arm*] drm/vc4: platform_get_irq_byname() returns an int (CVE-2026-43072) - ALSA: fireworks: bound device-supplied status before string array lookup (CVE-2026-31619) - fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (CVE-2026-31618) - usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (CVE-2026-31617) - usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (CVE-2026-31616) - [arm64,armhf] usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (CVE-2026-31615) - ksmbd: validate EaNameLength in smb2_get_ea() (CVE-2026-31612) - ksmbd: require 3 sub-authorities before reading sub_auth[2] (CVE-2026-31611) - usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607) - usb: storage: Expand range of matched versions for VL817 quirks entry - USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen - usb: port: add delay after usb_hub_set_port_power() - fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (CVE-2026-31605) - staging: sm750fb: fix division by zero in ps_to_hz() (CVE-2026-31603) - USB: serial: option: add Telit Cinterion FN990A MBIM composition - ALSA: ctxfi: Limit PTP to a single page (CVE-2026-31602) - dcache: Limit the minimal number of bucket to two (CVE-2026-43071) - media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (CVE-2026-31599) - ocfs2: fix possible deadlock between unlink and dio_end_io_write (CVE-2026-31598) - ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY (CVE-2026-31597) - ocfs2: handle invalid dinode in ocfs2_group_extend (CVE-2026-31596) - [x86] KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (CVE-2026-31590) - Revert "dmaengine: idxd: Fix not releasing workqueue on .release()" (regression in 6.1.168) - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (CVE-2025-39997) - net: add proper RCU protection to /proc/net/ptype (CVE-2026-23255) - net: sched: fix TCF_LAYER_TRANSPORT handling in tcf_get_base_ptr() - bonding: return detailed error when loading native XDP fails - bonding: check xdp prog when set bond mode (CVE-2025-22105) - drm/amdgpu: remove two invalid BUG_ON()s (CVE-2025-68201) - nf_tables: nft_dynset: fix possible stateful expression memleak in error path (CVE-2026-23399) - rxrpc: proc: size address buffers for %pISpc output (CVE-2026-31630) - [x86] KVM: x86: Use scratch field in MMIO fragment to hold small write values (CVE-2026-31588) - mm/kasan: fix double free for kasan pXds (CVE-2026-31686) - mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (CVE-2026-31586) - media: vidtv: fix nfeeds state corruption on start_streaming failure (CVE-2026-31585) - media: em28xx: fix use-after-free in em28xx_v4l2_open() (CVE-2026-31583) - ALSA: 6fire: fix use-after-free on disconnect (CVE-2026-31581) - bcache: fix cached_dev.sb_bio use-after-free and crash (CVE-2026-31580) - media: as102: fix to not free memory after the device is registered in as102_usb_probe() (CVE-2026-31578) - nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map (CVE-2026-31577) - media: vidtv: fix pass-by-value structs causing MSAN warnings (CVE-2026-43058) - media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (CVE-2026-31576) - PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown (CVE-2026-31594) - ipv6: add NULL checks for idev in SRv6 paths (CVE-2026-23442) - gfs2: Improve gfs2_consist_inode() usage - gfs2: Validate i_depth for exhash directories (CVE-2025-38710) - wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (CVE-2026-23444) - net: dsa: clean up FDB, MDB, VLAN entries on unbind (CVE-2025-37864) - [arm64: dts: imx8mq-librem5: Bump BUCK1 suspend voltage to 0.81V - [arm64] dts: imx8mq-librem5: Bump BUCK1 suspend voltage up to 0.85V - ocfs2: add inline inode consistency check to ocfs2_validate_inode_block() - ocfs2: validate inline data i_size during inode read (CVE-2026-43076) - ocfs2: fix out-of-bounds write in ocfs2_write_end_inline (CVE-2026-43075) - rxrpc: Fix key quota calculation for multitoken keys - rxrpc: Fix call removal to use RCU safe deletion (CVE-2026-31642) - rxrpc: reject undecryptable rxkad response tickets (CVE-2026-31637) - [x86] KVM: x86: Use __DECLARE_FLEX_ARRAY() for UAPI structures with VLAs - ublk: fix deadlock when reading partition table (CVE-2025-68823) - PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup (CVE-2026-31595) - [arm64,armhf] ASoC: qcom: q6apm: move component registration to unmanaged version (CVE-2026-31587) - rxrpc: Fix recvmsg() unconditional requeue (CVE-2026-23066) - scsi: ufs: core: Fix use-after free in init error and remove paths (CVE-2025-21739) - ALSA: control: Avoid WARN() for symlink errors (CVE-2024-56657) - f2fs: fix null-ptr-deref in f2fs_submit_page_bio() (CVE-2024-53221) - wifi: iwlwifi: read txq->read_ptr under lock (CVE-2024-36922) - [arm64] mm: fix VA-range sanity check (CVE-2023-53989) - rxrpc: Fix anonymous key handling - rxrpc: only handle RESPONSE during service challenge (CVE-2026-31676) - fs/ntfs3: validate rec->used in journal-replay file record check (CVE-2026-31716) - fuse: reject oversized dirents in page cache (CVE-2026-31694) - fuse: quiet down complaints in fuse_conn_limit_write - smb: server: fix active_num_conn leak on transport allocation failure (CVE-2026-31711) - smb: server: fix max_connections off-by-one in tcp accept path - smb: client: require a full NFS mode SID before reading mode bits (CVE-2026-43350) - smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (CVE-2026-31708) - ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment (CVE-2026-31705) - ksmbd: use check_add_overflow() to prevent u16 DACL size overflow (CVE-2026-31704) - f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io() (CVE-2026-31702) - ALSA: usb-audio: apply quirk for MOONDROP JU Jiu - ALSA: caiaq: take a reference on the USB device in create_card() (CVE-2026-31701) - crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (CVE-2026-31699) - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (CVE-2026-31698) - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (CVE-2026-31697) - rxrpc: Fix missing validation of ticket length in non-XDR key preparsing (CVE-2026-31696) - ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (CVE-2026-46018) - ALSA: usb-audio: Avoid false E-MU sample-rate notifications - ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch - usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() - ALSA: usb-audio: Evaluate packsize caps at the right place - drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (CVE-2026-46006) - [x86] misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt() (CVE-2026-46022) - [x86] ibmasm: fix OOB reads in command_file_write due to missing size checks (CVE-2026-45994) - [x86] ibmasm: fix heap over-read in ibmasm_send_i2o_message() (CVE-2026-46064) - firmware: google: framebuffer: Do not mark framebuffer as busy - padata: Fix pd UAF once and for all (CVE-2025-38584) - padata: Remove comment for reorder_work - drm/amdgpu: Use vmemdup_array_user in amdgpu_bo_create_list_entry_array - drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (CVE-2026-23468) - net: enetc: fix the deadlock of enetc_mdio_lock (CVE-2025-40347) - blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none (CVE-2023-53292) - [arm64] set __exception_irq_entry with __irq_entry as a default (CVE-2023-54322) - regset: use kvzalloc() for regset_get_alloc() - device property: Make modifications of fwnode "flags" thread safe - ocfs2: split transactions in dio completion to avoid credit exhaustion (CVE-2026-46080) - driver core: Don't let a device probe until it's ready - wifi: rtw88: check for PCI upstream bridge existence - f2fs: fix to detect potential corrupted nid in free_nid_list (CVE-2025-68315) - crypto: pcrypt - Fix handling of MAY_BACKLOG requests (CVE-2026-43493) - [arm*] media: amphion: Fix race between m2m job_abort and device_run (CVE-2026-46058) - ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (CVE-2026-46088) - net: caif: clear client service pointer on teardown (CVE-2026-46098) - net: strparser: fix skb_head leak in strp_abort_strp() (CVE-2026-46102) - PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (CVE-2026-46009) - Revert "ALSA: usb: Increase volume range that triggers a warning" (regression in 6.1.162) - lib/ts_kmp: fix integer overflow in pattern length calculation - net: qrtr: ns: Fix use-after-free in driver remove() (CVE-2026-46047) - ext2: reject inodes with zero i_nlink and valid mode in ext2_iget() (CVE-2026-46002) - ALSA: ctxfi: Add fallback to default RSR for S/PDIF (CVE-2026-46049) - ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes - erofs: fix the out-of-bounds nameoff handling for trailing dirents (CVE-2026-46078) - md/raid10: fix deadlock with check operation and nowait requests (CVE-2026-46050) - nvme-pci: add NVME_QUIRK_DISABLE_WRITE_ZEROES for Kingston OM3SGP4 - nvme: respect NVME_QUIRK_DISABLE_WRITE_ZEROES when wzsl is set - rbd: fix null-ptr-deref when device_add_disk() fails (CVE-2026-46079) - io_uring/timeout: check unused sqe fields - iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() - io_uring/poll: fix signed comparison in io_poll_get_ownership() (CVE-2026-52933) - io_uring/poll: ensure EPOLL_ONESHOT is propagated for EPOLL_URING_WAKE - ALSA: core: Fix potential data race at fasync handling - ALSA: caiaq: Fix control_put() result and cache rollback - ALSA: caiaq: Handle probe errors properly (CVE-2026-46004) - ALSA: 6fire: Fix input volume change detection - iio: adc: ad7768-1: fix one-shot mode data acquisition - net: rds: fix MR cleanup on copy error (CVE-2026-46053) - net/smc: avoid early lgr access in smc_clc_wait_msg (CVE-2026-46027) - net: ks8851: Reinstate disabling of BHs around IRQ handler (CVE-2026-46031) - RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (CVE-2026-46043) - ipv4: icmp: validate reply type before using icmp_pointers (CVE-2026-46037) - libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (CVE-2026-46024) - power: supply: axp288_charger: Do not cancel work before initializing it - randomize_kstack: Maintain kstack_offset per task - mmc: block: use single block write in retry - [arm64] mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration - tpm: tpm_tis: add error logging for data transfer - userfaultfd: allow registration of ranges below mmap_min_addr - [x86] KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state - [x86] KVM: nSVM: Sync NextRIP to cached vmcb12 after VMRUN of L2 - [x86] KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (CVE-2026-45987) - [x86] KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (CVE-2026-46082) - [x86] KVM: SVM: Explicitly mark vmcb01 dirty after modifying VMCB intercepts - [x86] KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode - [x86] KVM: nSVM: Use vcpu->arch.cr2 when updating vmcb12 on nested #VMEXIT - [x86] KVM: nSVM: Always inject a #GP if mapping VMCB12 fails on nested VMRUN - [x86] KVM: nSVM: Clear GIF on nested #VMEXIT(INVALID) - [x86] KVM: nSVM: Clear tracking of L1->L2 NMI and soft IRQ on nested #VMEXIT - [x86] KVM: nSVM: Add missing consistency check for EFER, CR0, CR4, and CS - [x86] KVM: nSVM: Add missing consistency check for nCR3 validity - mtd: docg3: fix use-after-free in docg3_release() (CVE-2026-46285) - io_uring/poll: fix multishot recv missing EOF on wakeup race - ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (CVE-2026-46046) - md/raid5: fix soft lockup in retry_aligned_read() (CVE-2026-46051) - md/raid5: validate payload size before accessing journal metadata (CVE-2026-46070) - inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (CVE-2026-46040) - tcp: call sk_data_ready() after listener migration (CVE-2026-46015) - taskstats: set version in TGID exit notifications - Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CVE-2026-46056) - can: ucan: fix devres lifetime (CVE-2026-46103) - [arm64] crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit - [armel,armhf] crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (CVE-2026-46019) - [arm*] crypto: ccree - fix a memory leak in cc_mac_digest() (CVE-2026-45986) - [armel,armhf] crypto: atmel-tdes - fix DMA sync direction (CVE-2026-46077) - crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (CVE-2026-46075) - dm mirror: fix integer overflow in create_dirty_log() (CVE-2026-46023) - IB/core: Fix zero dmac race in neighbor resolution - ntfs3: add buffer boundary checks to run_unpack() (CVE-2026-46072) - ntfs3: fix integer overflow in run_unpack() volume boundary check (CVE-2026-46062) - rtmutex: Use waiter::task instead of current in remove_waiter() (CVE-2026-43499) - scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails (CVE-2026-45997) - seg6: fix seg6 lwtunnel output redirect for L2 reduced encap mode - crypto: authencesn - reject short ahash digests during instance creation (CVE-2026-46033) - ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path - ALSA: caiaq: Don't abort when no input device is available - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (CVE-2026-43501) - drm/amdgpu: fix zero-size GDS range init on RDNA4 (CVE-2026-46276) - ALSA: caiaq: fix usb_dev refcount leak on probe failure - net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (CVE-2026-46099) - netfilter: reject zero shift in nft_bitwise (CVE-2026-46101) - scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() (CVE-2026-46149) - ipmi: Add limits to event and receive message requests (CVE-2026-46177) - ipmi: Check event message buffer response for bad data (CVE-2026-46128) - ipmi:si: Return state to normal if message allocation fails (CVE-2026-46108) - fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (CVE-2026-43497) - ACPI: scan: Use acpi_dev_put() in object add error paths - ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug - [x86] ACPI: video: force native backlight on HP OMEN 16 (8A44) - ASoC: SOF: Don't allow pointer operations on unconfigured streams (CVE-2026-46179) - [arm64,armhf] spi: rockchip: fix controller deregistration - drm/amd/display: Do not skip unrelated mode changes in DSC validation (CVE-2026-31488) - [arm64,armhf] spi: meson-spicc: Fix double-put in remove path (CVE-2026-31489) - ext4: validate p_idx bounds in ext4_ext_correct_indexes (CVE-2026-31449) - [x86] KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (CVE-2026-46113) - flow_dissector: do not dissect PPPoE PFC frames (CVE-2026-46306) - net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked (CVE-2026-43496) - Bluetooth: hci_sync: Remove remaining dependencies of hci_request - Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (CVE-2026-31500) - ice: Fix memory leak in ice_set_ringparam() (CVE-2026-23389) - exit: prevent preemption of oopsing TASK_DEAD task (CVE-2026-46173) - wifi: mt76: mt7921: fix a potential clc buffer length underflow (CVE-2026-46136) - wifi: b43legacy: enforce bounds check on firmware key index in RX path (CVE-2026-46163) - wifi: rsi: fix kthread lifetime race between self-exit and external-stop (CVE-2026-46187) - wifi: ath5k: do not access array OOB (CVE-2026-46307) - wifi: b43: enforce bounds check on firmware key index in b43_rx() (CVE-2026-46122) - usb: usblp: fix heap leak in IEEE 1284 device ID via short response (CVE-2026-46151) - usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (CVE-2026-46167) - ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (CVE-2026-46146) - ALSA: usb-audio: Fix UAC3 cluster descriptor size check - USB: serial: option: add Telit Cinterion LE910Cx compositions - usb: ulpi: fix memory leak on ulpi_register() error paths (CVE-2026-46109) - ALSA: firewire-tascam: Do not drop unread control events - xfrm: provide message size for XFRM_MSG_MAPPING - ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (CVE-2026-46172) - Bluetooth: virtio_bt: clamp rx length before skb_put (CVE-2026-46123) - Bluetooth: virtio_bt: validate rx pkt_type header length (CVE-2026-46186) - Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (CVE-2026-45835) - Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (CVE-2026-45834) - fanotify: fix false positive on permission events (CVE-2026-46150) - net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo (CVE-2026-46132) - sound: ua101: fix division by zero at probe (CVE-2026-46184) - ip6_gre: Use cached t->net in ip6erspan_changelink(). (CVE-2026-46120) - net/rds: handle zerocopy send cleanup before the message is queued (CVE-2026-43502) - [x86] hwmon: (corsair-psu) Close HID device on probe errors - cifs: abort open_cached_dir if we don't request leases - cifs: change_conf needs to be called for session setup - [arm64] extcon: ptn5150: handle pending IRQ events during system resume - [arm64] hv_sock: fix ARM64 support - [ppc64el] ibmveth: Disable GSO for packets with small MSS (CVE-2026-46273) - udf: reject descriptors with oversized CRC length - spi: topcliff-pch: fix use-after-free on unbind (CVE-2026-46301) - [ppc64el] cpuidle: powerpc: avoid double clear when breaking snooze - [x86] ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table - [arm64,armhf] ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop - [arm64,armhf] ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (CVE-2026-46143) - [arm64,armhf] ASoC: qcom: q6apm: remove child devices when apm is removed - btrfs: fix double free in create_space_info() error path (CVE-2026-46129) - dm-thin: fix metadata refcount underflow (CVE-2026-46107) - dm: don't report warning when doing deferred remove - dm: fix a buffer overflow in ioctl processing (CVE-2026-46294) - dm-verity-fec: correctly reject too-small FEC devices - dm-verity-fec: correctly reject too-small hash devices - isofs: validate Rock Ridge CE continuation extent against volume size (CVE-2026-46303) - isofs: validate block number from NFS file handle in isofs_export_iget (CVE-2026-46124) - libceph: Fix slab-out-of-bounds access in auth message processing (CVE-2026-46119) - md/raid10: fix divide-by-zero in setup_geo() with zero far_copies (CVE-2026-46161) - nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free (CVE-2026-46304) - openvswitch: vport: fix self-deadlock on release of tunnel ports (CVE-2026-46165) - [arm64] RDMA/hns: Fix unlocked call to hns_roce_qp_remove() (CVE-2026-46112) - [s390x] debug: Reject zero-length input in debug_input_flush_fn() - smb/client: fix out-of-bounds read in symlink_data() (CVE-2026-46185) - PCI/AER: Clear only error bits in PCIe Device Status - PCI/AER: Stop ruling out unbound devices as error source - [x86] power: supply: max17042: avoid overflow when determining health - RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() (CVE-2026-46178) - RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() (CVE-2026-46127) - RDMA/rxe: Reject unknown opcodes before ICRC processing (CVE-2026-46133) - RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path (CVE-2026-46189) - mptcp: use MPJoinSynAckHMacFailure for SynAck HMAC failure - mptcp: use MPTCP_RST_EMPTCP for ACK HMAC validation failure - mptcp: sockopt: set timestamp flags on subflow socket, not msk - mptcp: fix scheduling with atomic in timestamp sockopt (CVE-2026-46168) - f2fs: add READ_ONCE() for i_blocks in f2fs_update_inode() - f2fs: fix fiemap boundary handling when read extent cache is incomplete - f2fs: fix incorrect multidevice info in trace_f2fs_map_blocks() - [arm64] KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value - f2fs: compress: change the first parameter of page_array_{alloc,free} to sbi - f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic (CVE-2025-38627) - exit: Sleep at TASK_IDLE when waiting for application core dump - media: uvcvideo: Enable VB2_DMABUF for metadata stream - [x86] staging: media: atomisp: Disallow all private IOCTLs (CVE-2026-46205) - media: rc: xbox_remote: heed DMA restrictions (CVE-2026-46236) - media: rc: streamzap: Error handling in probe - media: saa7164: add ioremap return checks and cleanups (CVE-2026-46235) - [x86] platform/x86: hp-wmi: Ignore backlight and FnLock events - media: pci: zoran: fix potential memory leak in zoran_probe() - media: dib8000: avoid division by 0 in dib8000_set_dds() - [armhf] media: omap3isp: drop the use count of v4l2 pipeline - [arm64,armhf] spi: imx: fix runtime pm leak on probe deferral - [armel,armhf] spi: orion: fix clock imbalance on registration failure - drm/amdgpu: Add bounds checking to ib_{get,set}_value (CVE-2026-46218) - drm/amdgpu/vce: Prevent partial address patches - drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (CVE-2026-46199) - drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (CVE-2026-46230) - drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (CVE-2026-46209) - drm/amdkfd: validate SVM ioctl nattr against buffer size (CVE-2026-46197) - drm/radeon: add missing revision check for CI - drm/amdgpu: zero-initialize GART table on allocation - drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ - drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (CVE-2026-46220) - drm/amdgpu/pm: add missing revision check for CI - drm/amdgpu/pm: align Hawaii mclk workaround with radeon - sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227) - batman-adv: fix integer overflow on buff_pos (CVE-2026-46198) - batman-adv: reject new tp_meter sessions during teardown (CVE-2026-46206) - batman-adv: stop caching unowned originator pointers in BAT IV (CVE-2026-46238) - batman-adv: bla: prevent use-after-free when deleting claims (CVE-2026-46212) - batman-adv: bla: only purge non-released claims (CVE-2026-46233) - batman-adv: bla: put backbone reference on failed claim hash insert (CVE-2026-46231) - Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb() (CVE-2026-45836) - mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` - mtd: spi-nor: sst: Fix write enable before AAI sequence - vsock: fix buffer size clamping order (CVE-2026-46234) - vsock/virtio: fix accept queue count leak on transport mismatch (CVE-2026-46214) - drm/amdgpu/vcn3: Avoid overflow on msg bound check - drm/amdgpu/vcn4: Avoid overflow on msg bound check - mtd: spi-nor: sst: Fix SST write failure - bcache: fix uninitialized closure object - blk-cgroup: wait for blkcg cleanup before initializing new disk - fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START (CVE-2026-53130) - drbd: Balance RCU calls in drbd_adm_dump_devices() (CVE-2026-53128) - nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty() (CVE-2026-53320) - pstore/ram: fix resource leak when ioremap() fails - devres: fix missing node debug info in devm_krealloc() - debugfs: check for NULL pointer in debugfs_create_str() - hrtimers: Update the return type of enqueue_hrtimer() - hrtimer: Avoid pointless reprogramming in __hrtimer_start_range_ns() - hrtimer: Reduce trace noise in hrtimer_start() - locking: Fix rwlock support in - firmware: dmi: Correct an indexing error in dmi.h - wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() - wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (CVE-2026-53112) - bpf: Add CHECKSUM_COMPLETE to bpf test progs - bpf: test_run: Fix the null pointer dereference issue in bpf_lwt_xmit_push_encap (CVE-2026-53111) - kernel: param: rename locate_module_kobject - kernel: globalize lookup_or_create_module_kobject() - bpf, devmap: Remove unnecessary if check in for loop - bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path (CVE-2026-53096) - wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() - r8152: fix incorrect register write to USB_UPHY_XTAL - [ppc64el] powerpc/crash: fix backup region offset update to elfcorehdr - macvlan: annotate data-races around port->bc_queue_len_used - bpf: fix end-of-list detection in cgroup_storage_get_next_key() (CVE-2026-45838) - wifi: brcmfmac: Fix error pointer dereference (CVE-2026-53093) - bpf: Drop task_to_inode and inet_conn_established from lsm sleepable hooks - bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() (CVE-2026-45839) - [arm64] ACPI: AGDI: fix missing newline in error message - [arm64] kexec: Remove duplicate allocation for trans_pgd - [arm64] net: bcmgenet: fix off-by-one in bcmgenet_put_txcb (CVE-2026-53088) - [arm64] net: bcmgenet: Remove TX ring full logging - [arm64] net: bcmgenet: Remove custom ndo_poll_controller() - [arm64] net: bcmgenet: add bcmgenet_has_* helpers - [arm64] net: bcmgenet: move DESC_INDEX flow to ring 0 - [arm64] net: bcmgenet: support reclaiming unsent Tx packets - [arm64] net: bcmgenet: switch to use 64bit statistics - [arm64] net: bcmgenet: fix racing timeout handler (CVE-2026-53086) - netfilter: xt_socket: enable defrag after all other checks - netfilter: nft_fwd_netdev: check ttl/hl before forwarding - 6pack: propagage new tty types - net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf (CVE-2026-53082) - net/sched: act_ct: Only release RCU read lock after ct_ft (CVE-2026-46319) - net/rds: Optimize rds_ib_laddr_check - net/rds: Restrict use of RDS/IB to the initial network namespace (CVE-2026-53077) - ppp: require CAP_NET_ADMIN in target netns for unattached ioctls (CVE-2026-53075) - bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb (CVE-2026-53074) - Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU - Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (CVE-2026-53073) - Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (CVE-2026-53072) - Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (CVE-2026-53071) - sctp: fix missing encap_port propagation for GSO fragments - net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master (CVE-2026-53069) - [arm*] drm/komeda: fix integer overflow in AFBC framebuffer size check (CVE-2026-53068) - [arm*] drm/sun4i: backend: fix error pointer dereference (CVE-2026-53066) * [armhf] ASoC: sti: use managed regmap_field allocations (CVE-2026-53065) - dm cache: fix null-deref with concurrent writes in passthrough mode (CVE-2026-53064) - dm cache: fix write path cache coherency in passthrough mode - dm cache: fix write hang in passthrough mode (CVE-2026-53063) - dm cache policy smq: fix missing locks in invalidating cache blocks (CVE-2026-53062) - dm cache: fix concurrent write failure in passthrough mode - dm cache: support shrinking the origin device - dm cache: fix dirty mapping checking in passthrough mode switching (CVE-2026-53061) - dm cache metadata: fix memory leak on metadata abort retry (CVE-2026-53060) - dm log: fix out-of-bounds write due to region_count overflow (CVE-2026-53059) - [arm64] spi: fsl-qspi: Use reinit_completion() for repeated operations - [arm*] drm/sun4i: Fix resource leaks - drm/amdgpu: Add default case in DVI mode validation - dm init: ensure device probing has finished in dm-mod.waitfor= - padata: Remove cpu online check from cpu add and removal - padata: Put CPU offline callback in ONLINE section to allow failure (CVE-2026-53314) - drm/amdgpu/gfx10: look at the right prop for gfx queue priority - [arm64] drm/msm/dpu: fix mismatch between power and frequency (CVE-2026-53056) - [arm64] drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 - [arm64,armhf] drm/panel: simple: Correct G190EAN01 prepare timing - ALSA: core: Validate compress device numbers without dynamic minors - drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled - drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs - drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock - drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 - drm/amd/pm/ci: Clear EnabledForActivity field for memory levels - drm/amd/pm/ci: Fill DW8 fields from SMC - drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board - [arm64] drm/msm/a6xx: Fix HLSQ register dumping - [arm64] drm/msm/shrinker: Fix can_block() logic - [arm64] drm/msm/a6xx: Use barriers while updating HFI Q headers - [armhf] pmdomain: ti: omap_prm: Fix a reference leak on device node - [arm64] ASoC: fsl_micfil: Fix event generation in micfil_quality_set() - [arm*] ASoC: qcom: qdsp6: topology: check widget type before accessing data (CVE-2026-53052) - PCI: Enable AtomicOps only if Root Port supports them - ALSA: scarlett2: Add missing sentinel initializer field - [x86] ASoC: SOF: amd: Fix for reading position updates from stream box. - [x86] ASoC: SOF: Prepare ipc_msg_data to be used with compress API - [x86] ASoC: SOF: Prepare set_stream_data_offset for compress API - [x86] ASoC: SOF: Add support for compress API for stream data/offset - [x86] ASoC: SOF: compress: return the configured codec from get_params - [i386] ALSA: sc6000: Use standard print API - [i386] ALSA: sc6000: Keep the programmed board state in card-private data - dm cache: fix missing return in invalidate_committed's error path - gfs2: Call unlock_new_inode before d_instantiate - quota: Fix race of dquot_scan_active() with quota deactivation (CVE-2026-53050) - gfs2: add some missing log locking (CVE-2026-53049) - gfs2: prevent NULL pointer dereference during unmount (CVE-2026-53048) - efi/capsule-loader: fix incorrect sizeof in phys array reallocation (CVE-2026-53047) - ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine (CVE-2026-53046) - [armhf] dts: mediatek: mt7623: fix efuse fallback compatible - [armhf] memory: tegra124-emc: Fix dll_change check (CVE-2026-53045) - [arm64] dts: imx8mp-evk: Enable pull select bit for PCIe regulator GPIO (M.2 W_DISABLE1) - [arm64] dts: mediatek: mt6795: Fix gpio-ranges pin count - [arm64] dts: mediatek: mt7986a: Fix gpio-ranges pin count - [arm64] dts: qcom: sm8450: Fix GIC_ITS range length - [arm64] dts: qcom: sm8450: Enable UHS-I SDR50 and SDR104 SD card modes - [arm64] dts: qcom: sdm845-xiaomi-beryllium: Mark l1a regulator as powered during boot - unshare: fix nsproxy leak in ksys_unshare() on set_cred_ucounts() failure - ocfs2/dlm: validate qr_numregions in dlm_match_regions() (CVE-2026-53043) - ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison (CVE-2026-53309) - [arm64] soc: qcom: aoss: compare against normalized cooling state - [arm64] dts: qcom: sm8250: Add missing CPU7 3.09GHz OPP - [arm64] xor: fix conflicting attributes for xor_block_template - ocfs2: fix listxattr handling when the buffer is full (CVE-2026-53041) - ocfs2: validate bg_bits during freefrag scan (CVE-2026-53040) - ocfs2: validate group add input before caching (CVE-2026-53039) - soundwire: bus: demote UNATTACHED state warnings to dev_dbg() - [armhf] dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() - tracing: Rebuild full_name on each hist_field_name() call - ima: check return value of crypto_shash_final() in boot aggregate - HID: asus: make asus_resume adhere to linux kernel coding standards - HID: asus: do not abort probe when not necessary - mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations - mtd: spi-nor: spansion: Rename s28hs512t prefix - mtd: spi-nor: spansion: Replace hardcoded values for addr_nbytes/ addr_mode_nbytes - mtd: spi-nor: spansion: Make RD_ANY_REG_OP macro take number of dummy bytes - mtd: spi-nor: spansion: Add support for Infineon S25FS256T - mtd: spi-nor: Allow post_sfdp hook to return errors - mtd: spi-nor: sfdp: introduce smpt_read_dummy fixup hook - mtd: spi-nor: sfdp: introduce smpt_map_id fixup hook - mtd: spi-nor: update spi_nor_fixups::post_sfdp() documentation - mtd: spi-nor: swp: check SR_TB flag when getting tb_mask - mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path - mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions - [armhf] mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob - HID: usbhid: fix deadlock in hid_post_reset() (CVE-2026-53037) - [arm64] bpf, arm64: Fix off-by-one in check_imm signed range check (CVE-2026-53036) - bpf, sockmap: Fix af_unix iter deadlock (CVE-2026-53035) - bpf, sockmap: Fix af_unix null-ptr-deref in proto update (CVE-2026-53034) - bpf, sockmap: Take state lock for af_unix iter (CVE-2026-53033) - bpf: Fix precedence bug in convert_bpf_ld_abs alignment check - bpf: allow UTF-8 literals in bpf_bprintf_prepare() - [armel,armhf] bpf, arm32: Reject BPF-to-BPF calls and callbacks in the JIT - perf branch: Avoid incrementing NULL - perf: tools: cs-etm: Fix print issue for Coresight debug in ETE/TRBE trace - perf expr: Return -EINVAL for syntax error in expr__find_ids() - perf util: Kill die() prototype, dead for a long time - i3c: mipi-i3c-hci: fix IBI payload length calculation for final status - dev_printk: add new dev_err_probe() helpers - [x86] platform/surface: surfacepro3_button: Drop wakeup source on remove - [s390x] tty: hvc_iucv: fix off-by-one in number of supported devices (CVE-2026-53306) - [x86] platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup - [armhf] mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() - nfs/blocklayout: Fix compilation error (`make W=1`) in bl_write_pagelist() - fs/ntfs3: terminate the cached volume label after UTF-8 conversion (CVE-2026-53023) - [x86] platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() - [x86] platform/x86: dell-wmi-sysman: bound enumeration string aggregation (CVE-2026-53022) - RDMA/core: Prefer NLA_NUL_STRING - scsi: sg: Resolve soft lockup issue when opening /dev/sgX (CVE-2026-53304) - scsi: target: core: Fix integer overflow in UNMAP bounds check (CVE-2026-53021) - [armhf] clk: imx: imx6q: Fix device node reference leak in pll6_bypassed() - [armhf] clk: imx: imx6q: Fix device node reference leak in of_assigned_ldb_sels() - [arm64] clk: imx8mq: Correct the CSI PHY sels - [arm64] clk: qoriq: avoid format string warning - [arm64] clk: xgene: Fix mapping leak in xgene_pllclk_init() - f2fs: Use sysfs_emit_at() to simplify code - f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show() (CVE-2026-53303) - [x86] drm/i915: Constify watermark state checker - [x86] drm/i915: Extract intel_dbuf_mdclk_cdclk_ratio_update() - [x86] drm/i915: Loop over all active pipes in intel_mbus_dbox_update - [x86] drm/i915/wm: Verify the correct plane DDB entry - crypto: ccp - copy IV using skcipher ivsize (CVE-2026-53016) - [arm64] dts: imx8mp-icore-mx8mp: Correct PAD settings for PMIC_nINT - [arm64] dts: imx8mp-dhcom-som: Correct PAD settings for PMIC_nINT - [x86] PCMCIA: Fix garbled log messages for KERN_CONT - [arm64] dts: imx8mn-tqma8mqnl: Correct PAD settings for PMIC_nINT - [arm64] dts: imx8mm-tqma8mqml: Correct PAD settings for PMIC_nINT - net/sched: sch_cake: fix NAT destination port not being updated in cake_update_flowkeys - nexthop: fix IPv6 route referencing IPv4 nexthop (CVE-2026-53012) - net/sched: taprio: continue with other TXQs if one dequeue() failed - net/sched: taprio: refactor one skb dequeue from TXQ to separate function - net/sched: taprio: rename close_time to end_time - net/sched: taprio: fix use-after-free in advance_sched() on schedule switch (CVE-2026-53011) - container_of: remove container_of_safe() - container_of: add container_of_const() that preserves const-ness of the pointer - tcp: preserve const qualifier in tcp_sk() - tcp: add data-race annotations around tp->data_segs_out and tp->total_retrans - tcp: annotate data-races around tp->bytes_sent - tcp: annotate data-races around tp->bytes_retrans - tcp: annotate data-races around tp->dsack_dups - tcp: annotate data-races around (tp->write_seq - tp->snd_nxt) - i40e: don't advertise IFF_SUPP_NOFCS - e1000e: Unroll PTP in probe error handling - ipv6: fix possible UAF in icmpv6_rcv() (CVE-2026-53006) - sctp: fix OOB write to userspace in sctp_getsockopt_peer_auth_chunks (CVE-2026-53004) - pppoe: drop PFC frames (CVE-2026-53003) - openvswitch: cap upcall PID array size and pre-size vport replies (CVE-2026-45840) - netfilter: nft_osf: restrict it to ipv4 - netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (CVE-2026-45841) - netfilter: conntrack: remove sprintf usage (CVE-2026-53002) - netfilter: xtables: restrict several matches to inet family (CVE-2026-53001) - ipvs: fix MTU check for GSO packets in tunnel mode - netfilter: nfnetlink_osf: fix out-of-bounds read on option matching (CVE-2026-52999) - netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check (CVE-2026-52998) - slip: reject VJ receive packets on instances with no rstate array (CVE-2026-45842) - slip: bound decode() reads against the compressed packet length (CVE-2026-45843) - [arm64] dts: meson-gxl-p230: fix ethernet PHY interrupt number - ksmbd: destroy tree_conn_ida in ksmbd_session_destroy() - ksmbd: scope conn->binding slowpath to bound sessions only (CVE-2026-52911) - net/rds: zero per-item info buffer before handing it to visitors (CVE-2026-52995) - net_sched: sch_hhf: annotate data-races in hhf_dump_stats() - net/sched: sch_pie: annotate data-races in pie_dump_stats() - net/sched: sch_fq_codel: remove data-races from fq_codel_dump_stats() - net/sched: sch_red: annotate data-races in red_dump_stats() - net/sched: sch_sfb: annotate data-races in sfb_dump_stats() - nfp: fix swapped arguments in nfp_encode_basic_qdr() calls - tipc: fix double-free in tipc_buf_append() (CVE-2026-52993) - vhost_net: fix sleeping with preempt-disabled in vhost_net_busy_poll() - fs/adfs: validate nzones in adfs_validate_bblk() (CVE-2026-52992) - fbdev: offb: fix PCI device reference leak on probe failure - mailbox: mailbox-test: free channels on probe error (CVE-2026-53296) - cgroup/rdma: fix integer overflow in rdmacg_try_charge() - mailbox: add sanity check for channel array (CVE-2026-53295) - mailbox: mailbox-test: don't free the reused channel (CVE-2026-53294) - btrfs: fix double-decrement of bytes_may_use in submit_one_async_extent() - tracing: branch: Fix inverted check on stat tracer registration - nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (CVE-2026-52989) - netfilter: arp_tables: fix IEEE1394 ARP payload parsing (CVE-2026-45844) - nvme-pci: fix missed admin queue sq doorbell write - drm/amdgpu: fix spelling typos - drm/amdgpu/uvd3.1: Don't validate the firmware when already validated - drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) - netfilter: xt_policy: fix strict mode inbound policy matching (CVE-2026-52920) - netfilter: nf_conntrack_sip: don't use simple_strtoul (CVE-2026-52986) - [arm64,armhf] drivers/spi-rockchip.c : Remove redundant variable slave - [arm64,armhf] spi: rockchip: switch to use modern name - [arm64.armhf] spi: rockchip: Read ISR, not IMR, to detect cs-inactive IRQ - cdrom, scsi: sr: propagate read-only status to block layer via set_disk_ro() - netdevsim: zero initialize struct iphdr in dummy sk_buff (CVE-2026-52985) - net/sched: netem: fix probability gaps in 4-state loss model - net/sched: netem: fix queue limit check to include reordered packets (CVE-2026-52984) - net/sched: netem: validate slot configuration - net/sched: netem: fix slot delay calculation overflow - net/sched: sch_choke: annotate data-races in choke_dump_stats() - net/sched: sch_fq_pie: annotate data-races in fq_pie_dump_stats() - vrf: Fix a potential NPD when removing a port from a VRF (CVE-2026-52925) - net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (CVE-2026-52982) - net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit - neighbour: add RCU protection to neigh_tables[] - neigh: let neigh_xmit take skb ownership (CVE-2026-52981) - ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams - net: mctp i2c: check length before marking flow active - netfilter: skip recording stale or retransmitted INIT - sctp: discard stale INIT after handshake completion - ipv4: rename and move ip_route_output_tunnel() - ipv4: remove "proto" argument from udp_tunnel_dst_lookup() - ipv4: add new arguments to udp_tunnel_dst_lookup() - ipv6: rename and move ip6_dst_lookup_tunnel() - bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() (CVE-2026-45846) - net/sched: sch_cake: annotate data-races in cake_dump_stats() (V) - net: netconsole: move newline trimming to function - netconsole: propagate device name truncation in dev_name_store() - ALSA: hda/conexant: fix some typos - ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 - ALSA: hda/conexant: Fix missing error check for jack detection (CVE-2026-53291) - futex: Prevent lockup in requeue-PI during signal/ timeout wakeup (CVE-2026-52977) - drm/amd/display: Allow DCE link encoder without AUX registers - drm/amd/display: Read EDID from VBIOS embedded panel info - bonding: 802.3ad replace MAC_ADDRESS_EQUAL with __agg_has_partner - net: bonding: add broadcast_neighbor option for 802.3ad - bonding: add support for per-port LACP actor priority - bonding: print churn state via netlink - bonding: 3ad: implement proper RCU rules for port->aggregator (CVE-2026-52975) - iavf: stop removing VLAN filters from PF on interface down - iavf: wait for PF confirmation before removing VLAN filters - iavf: add VIRTCHNL_OP_ADD_VLAN to success completion handler - ice: Pull common tasks into ice_vf_post_vsi_rebuild - ice: fix NULL pointer dereference in ice_reset_all_vfs() (CVE-2026-53289) - net: tls: fix strparser anchor skb leak on offload RX setup failure (CVE-2026-52974) - net/sched: cls_flower: revert unintended changes - smb: client: correctly handle ErrorContextData as a flexible array - smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613) - net/sched: sch_pie: annotate more data-races in pie_dump_stats() - [arm64] net: bcmgenet: Initialize u64 stats seq counter - [arm64] net: bcmgenet: fix leaking free_bds - btrfs: tracepoints: fix sleep while in atomic context in btrfs_sync_file() - ALSA: misc: Use guard() for spin locks - ALSA: core: Serialize deferred fasync state checks - [x86] ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close - [x86] ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() - mtd: spi-nor: spansion: Enable JFFS2 write buffer for S25FS256T - netconsole: avoid out-of-bounds access on empty string in trim_newline() - bonding: fix NULL pointer dereference in actor_port_prio setting - net: bonding: update the slave array for broadcast mode - crypto: af_alg - Cap AEAD AD length to 0x80000000 (CVE-2026-52972) - i40e: Cleanup PTP pins on probe failure - netfilter: nf_conntrack_sip: get helper before allocating expectation - audit: fix incorrect inheritable capability in CAPSET records (CVE-2026-53287) - netfilter: nft_ct: fix missing expect put in obj eval (CVE-2026-52970) - net: atlantic: preserve PCI wake-from-D3 on shutdown when WOL enabled - audit: enforce AUDIT_LOCKED for AUDIT_TRIM and AUDIT_MAKE_EQUIV - KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (CVE-2026-52969) - [s390x] KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic (CVE-2026-52968) - [x86] KVM: x86: Fix Xen hypercall tracepoint argument assignment - smb/client: fix possible infinite loop and oob read in symlink_data() (CVE-2026-52967) - [x86] drm/i915/dp: Fix VSC dynamic range signaling for RGB formats - ALSA: usb-audio: Bound MIDI endpoint descriptor scans (CVE-2026-52963) - ceph: fix a buffer leak in __ceph_setxattr() (CVE-2026-52962) - libceph: Fix potential out-of-bounds access in osdmap_decode() (CVE-2026-52958) - libceph: Fix potential null-ptr-deref in decode_choose_args() (CVE-2026-52957) - libceph: Fix potential out-of-bounds access in crush_decode() (CVE-2026-52955) - libceph: handle rbtree insertion error in decode_choose_args() (CVE-2026-52954) - [x86] iommu/vt-d: Disable DMAR for Intel Q35 IGFX - [x86] drm/i915: skip __i915_request_skip() for already signaled requests - [arm64,armhf] drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() - [x86] drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup - [x86] drm/gma500/oaktrail_lvds: fix hang on init failure (CVE-2026-53279) - [x86] drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init - io-wq: check that the predecessor is hashed in io_wq_remove_pending() - net/rds: reset op_nents when zerocopy page pin fails (CVE-2026-43494) - io_uring: prevent opcode speculation (CVE-2025-21863) - [s390x] debug: Reject zero-length input before trimming a newline - wifi: mac80211: check tdls flag in ieee80211_tdls_oper (CVE-2026-43052) - [x86] Revert "x86/vdso: Fix output operand size of RDPID" - [s390x] Revert "s390/cio: Fix device lifecycle handling in css_alloc_subchannel()" (regression in 6.1.165) - sysfs: don't remove existing directory on update failure - ALSA: ua101: Reject too-short USB descriptors - ALSA: asihpi: Fix potential OOB array access at reading cache - net: wwan: iosm: fix potential memory leaks in ipc_imem_init() - Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() - Bluetooth: ISO: drop ISO_END frames received without prior ISO_START - Bluetooth: bnep: Fix UAF read of dev->name - Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (CVE-2026-46275) - Bluetooth: MGMT: validate Add Extended Advertising Data length - phonet/pep: disable BH around forwarded sk_receive_skb() - [arm64] net: bcmgenet: keep RBUF EEE/PM disabled - net: ifb: report ethtool stats over num_tx_queues - netfilter: ip6t_hbh: reject oversized option lists (CVE-2026-52915) - netfilter: nf_queue: hold bridge skb->dev while queued (CVE-2026-52912) - netfilter: ipset: stop hash:* range iteration at end (CVE-2026-52921) - qed: fix double free in qed_cxt_tables_alloc() - ring-buffer: Fix reporting of missed events in iterator - vsock/vmci: fix UAF when peer resets connection during handshake - vsock/virtio: reset connection on receiving queue overflow - wifi: ath11k: clear shared SRNG pointer state on restart - ipv4: raw: reject IP_HDRINCL packets with ihl < 5 - ixgbevf: fix use-after-free in VEPA multicast source pruning - ice: fix setting promisc mode while adding VID filter - wifi: cfg80211: advance loop vars in cfg80211_merge_profile() - cifs: Fix busy dentry used after unmounting - tracing: Do not call map->ops->elt_free() if elt_alloc() fails - [arm64] KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits - [x86] scsi: isci: Fix use-after-free in device removal path - [armhf] spi: ti-qspi: fix use-after-free after DMA setup failure - RDMA/siw: Reject MPA FPDU length underflow before signed receive math - device property: set fwnode->secondary to NULL in fwnode_init() - drm/virtio: use uninterruptible resv lock for plane updates - drm/amd/display: Fix integer overflow in bios_get_image() - drm/amd/display: Validate GPIO pin LUT table size before iterating - drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async - batman-adv: mcast: fix use-after-free in orig_node RCU release - batman-adv: clear current gateway during teardown (CVE-2026-52926) - batman-adv: dat: handle forward allocation error (CVE-2026-52922) - batman-adv: fix fragment reassembly length accounting (CVE-2026-52914) - batman-adv: fix tp_meter counter underflow during shutdown (CVE-2026-52919) - batman-adv: frag: disallow unicast fragment in fragment (CVE-2026-52916) - batman-adv: bla: fix report_work leak on backbone_gw purge - batman-adv: tp_meter: avoid use of uninit sender vars (CVE-2026-52931) - batman-adv: tt: fix negative last_changeset_len - batman-adv: tt: fix negative tt_buff_len - HID: uclogic: Fix regression of input name assignment - netfilter: x_tables: unregister the templates first - tcp: Fix imbalanced icsk_accept_queue count. - ice: fix locking in ice_dcb_rebuild() - [arm64,armhf] phy: marvell: mvebu-a3700-utmi: fix incorrect USB2_PHY_CTRL register access - irq_work: Fix use-after-free in irq_work_single() on PREEMPT_RT - wifi: ath11k: fix error path leaks in some WMI WOW calls - HID: quirks: really enable the intended work around for appledisplay - net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint (CVE-2026-52941) - ethtool: fix ethnl_bitmap32_not_zero() bit interval semantics - [arm64] drm/msm/dsi: don't dump registers past the mapped region - [arm64] drm/msm: Fix iommu_map_sgtable() return value check and avoid WARN - [ppc64el] powerpc/time: Remove redundant preempt_disable|enable() calls from arch_irq_work_raise() - net/smc: reject CHID-0 ACCEPT that matches an empty ism_dev slot - net: tls: fix off-by-one in sg_chain entry count for wrapped sk_msg ring - net: tls: prevent chain-after-chain in plain text SG - [arm64] drm/msm/snapshot: fix dumping of the unaligned regions - wifi: ath11k: Trigger sta disconnect on hardware restart - wifi: ath11k: update hw params for IPQ5018 - wifi: ath11k: update ce configurations for IPQ5018 - wifi: ath11k: remap ce register space for IPQ5018 - wifi: ath11k: update hal srng regs for IPQ5018 - wifi: ath11k: initialize hw_ops for IPQ5018 - wifi: ath11k: add new hw ops for IPQ5018 to get rx dest ring hashmap - wifi: ath11k: fix rssi station dump not updated in QCN9074 - wifi: ath11k: fix peer resolution on rx path when peer_id=0 - net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer - [x86] platform/x86: hp_accel: Check ACPI_COMPANION() against NULL - [x86] platform/x86: intel-hid: Check ACPI_HANDLE() against NULL - [x86] platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL - RDMA/rtrs: Fix use-after-free in path file creation cleanup - net: bridge: Flush multicast groups when snooping is disabled - bridge: mcast: Fix a possible use-after-free when removing a bridge port - tracing: Avoid NULL return from hist_field_name() on truncation - string: add mem_is_zero() helper to check if memory area is all zeros - gpiolib: cdev: use !mem_is_zero() instead of memchr_inv(s, 0, n) - gpio: cdev: check if uAPI v2 config attributes are correctly zeroed - net: mana: validate rx_req_idx to prevent out-of-bounds array access - security/keys: fix missed RCU read section on lookup https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.176 - Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size - net/sched: cls_fw: fix NULL dereference of "old" filters before change() (CVE-2026-53080) - net: mctp: ensure our nlmsg responses are initialised (CVE-2026-45930) - net/sched: sch_sfb: Replace direct dequeue call with peek and qdisc_dequeue_peeked - drm: Remove plane hsub/vsub alignment requirement for core helpers - [armhf] net: cpsw_new: Fix potential unregister of netdev that has not been registered yet (CVE-2026-43219) - nfc: llcp: Fix use-after-free in llcp_sock_release() - nfc: llcp: Fix use-after-free race in nfc_llcp_recv_cc() - xfrm: Check for underflow in xfrm_state_mtu - nfc: nxp-nci: i2c: use rising-edge IRQ on ACPI systems - netfilter: synproxy: refresh tcphdr after skb_ensure_writable - netfilter: xt_cpu: prefer raw_smp_processor_id - netfilter: ebtables: fix OOB read in compat_mtw_from_user (CVE-2026-52927) - tun: free page on short-frame rejection in tun_xdp_one() (CVE-2026-46321) - tun: free page on build_skb failure in tun_xdp_one() (CVE-2026-46322) - net: netlink: fix sending unassigned nsid after assigned one - net: netlink: don't set nsid on local notifications - net/smc: Do not re-initialize smc hashtables - [s390x] net/iucv: fix locking in .getsockopt - ipv4: free net->ipv4.sysctl_local_reserved_ports after unregister_net_sysctl_table() - [x86] ASoC: Intel: bytcht_es8316: Fix MCLK leak on init errors - net: hsr: fix potential OOB access in supervision frame handling - tunnels: load network headers after skb_cow() in iptunnel_pmtud_build_icmp[v6]() - vxlan: do not reuse cached ip_hdr() value after skb_tunnel_check_pmtu() - tunnels: do not assume transport header in iptunnel_pmtud_check_icmp() - ASoC: codecs: simple-mux: Fix enum control bounds check - Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() - bonding: refuse to enslave CAN devices - ethtool: eeprom: add more safeties to EEPROM Netlink fallback - ipv6: rpl: fix hdrlen overflow in ipv6_rpl_srh_decompress() - Bluetooth: l2cap: clear chan->ident on ECRED reconfiguration success - Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp - [arm*] gpio: rockchip: convert bank->clk to devm_clk_get_enabled() - net: mana: Add NULL guards in teardown path to prevent panic on attach failure - sctp: fix race between sctp_wait_for_connect and peeloff - ipv6: fix possible infinite loop in rt6_fill_node() - ipv6: fix possible infinite loop in fib6_select_path() - net: skbuff: fix pskb_carve leaking zcopy pages - batman-adv: v: stop OGMv2 on disabled interface (CVE-2026-52913) - batman-adv: tvlv: abort OGM send on tvlv append failure - batman-adv: tt: reject oversized local TVLV buffers - batman-adv: bla: avoid NULL-ptr deref for claim via dropped interface - batman-adv: tvlv: reject oversized TVLV packets (CVE-2026-52934) - batman-adv: iv: recover OGM scheduling after forward packet error - batman-adv: tp_meter: directly shut down timer on cleanup - batman-adv: tt: fix TOCTOU race for reported vlans - batman-adv: tt: avoid empty VLAN responses - batman-adv: bla: avoid double decrement of bla.num_requests - mm/page_alloc: clear page->private in free_pages_prepare() (CVE-2026-43303) - bpf: Fix a few selftest failures due to llvm18 change - net/packet: convert po->tp_tx_has_off to an atomic flag - net/packet: convert po->tp_loss to an atomic flag - net/packet: convert po->has_vnet_hdr to an atomic flag - net/packet: convert po->running to an atomic flag - net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (CVE-2026-31700) - [x86] drm/i915/psr: Add defininitions for INTEL_WA_REGISTER_CAPS DPCD register - drm/dp: Add eDP 1.5 bit definition - [x86] drm/i915/psr: Read Intel DPCD workaround register - [x86] drm/i915/psr: Apply Intel DPCD workaround when SDP on prior line used - net: gro: don't merge zcopy skbs (CVE-2026-46323) - phy: mscc: Use PHY_ID_MATCH_VENDOR to minimize PHY ID table - phy: mscc: Use PHY_ID_MATCH_EXACT for VSC8584, VSC8582, VSC8575, VSC856X - hwmon: (pmbus/adm1266) serialize GPIO PMBus accesses with pmbus_lock - hwmon: (pmbus/adm1266) serialize sequencer_state debugfs read with pmbus_lock - hwmon: (pmbus/adm1266) serialize NVMEM blackbox read with pmbus_lock - iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer - usb: typec: ucsi: ccg: reject firmware images without a ':' record header - usb: typec: ucsi: displayport: NAK DP_CMD_CONFIGURE without a payload VDO - usb: typec: altmodes/displayport: validate count before reading Status Update VDO - [x86] usb: typec: wcove: don't write past struct pd_message in wcove_read_rx_buffer() - usb: typec: ucsi: validate connector number in ucsi_connector_change() - USB: serial: safe_serial: fix memory corruption with small endpoint - HID: quirks: Add ALWAYS_POLL quirk for SIGMACHIP USB mouse - Bluetooth: btusb: Allow firmware re-download when version matches - hpfs: fix a crash if hpfs_map_dnode_bitmap fails - ipc: limit next_id allocation to the valid ID range (CVE-2026-52923) - auxdisplay: line-display: fix OOB read on zero-length message_store() - Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() - Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn - Bluetooth: HIDP: fix missing length checks in hidp_input_report() - Bluetooth: ISO: fix UAF in iso_recv_frame - Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock - parport: Fix race between port and client registration (Closes: #1130365) - USB: cdc-acm: Fix bit overlap and move quirk definitions to header - wireguard: send: append trailer after expanding head - iio: dac: ad5686: fix input raw value check - iio: dac: ad5686: acquire lock when doing powerdown control - iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw - iio: gyro: itg3200: fix i2c read into the wrong stack location - iio: ssp_sensors: cancel delayed work_refresh on remove - iio: temperature: tsys01: fix broken PROM checksum validation - iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL - iio: light: cm3323: fix reg_conf not being initialized correctly - iio: buffer: hw-consumer: fix use-after-free in error path - USB: serial: omninet: fix memory corruption with small endpoint - usb: dwc2: Fix use after free in debug code - Input: elan_i2c - validate firmware size before use - bpf: sockmap: fix tail fragment offset in bpf_msg_push_data - macsec: fix replay protection at XPN lower-PN wrap - ipv6: exthdrs: refresh nh pointer after ipv6_hop_jumbo() - [arm64] ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params - ipv6: exthdrs: refresh nh after handling HAO option - ip6: vti: Use ip6_tnl.net in vti6_siocdevprivate(). - ipv6: validate extension header length before copying to cmsg - xfrm: input: hold netns during deferred transport reinjection - ip6: vti: Use ip6_tnl.net in vti6_changelink(). - HID: wacom: Fix OOB write in wacom_hid_set_device_mode() - iommu, debugobjects: avoid gcc-16.1 section mismatch warnings - nfc: hci: fix out-of-bounds read in HCP header parsing - xfrm: route MIGRATE notifications to caller's netns - xfrm: ah: use skb_to_full_sk in async output callbacks - netfilter: conntrack: tcp: do not force CLOSE on invalid-seq RST without direction check - [arm64] ASoC: qcom: q6asm-dai: close stream only when running - [arm64] ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks - xfrm: esp: restore combined single-frag length gate - Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem - [x86] Input: synaptics - add LEN2058 to SMBus passlist for ThinkPad E490 - [x86] comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() - [x86] comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() - counter: Fix refcount leak in counter_alloc() error path - [i386] tty: serial: pch_uart: add check for dma_alloc_coherent() - [arm*] usb: chipidea: core: convert ci_role_switch to local variable - usb: core: Fix up Interrupt IN endpoints with bogus wBytesPerInterval - USB: quirks: add NO_LPM for Lenovo ThinkPad USB-C Dock Gen2 hub controllers - usb: storage: Add quirks for PNY Elite Portable SSD - usbip: vudc: Fix use after free bug in vudc_remove due to race condition - usb: usbtmc: check URB actual_length for interrupt-IN notifications - usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize - USB: serial: option: add MeiG SRM813Q - USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL - USB: serial: belkin_sa: validate interrupt status length - USB: serial: cypress_m8: validate interrupt packet headers - USB: serial: keyspan: fix missing indat transfer sanity check - USB: serial: mxuport: fix memory corruption with small endpoint - USB: serial: mct_u232: fix missing interrupt-in transfer sanity check - usb: gadget: net2280: Fix double free in probe error path - usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports - usb: gadget: f_fs: copy only received bytes on short ep0 read - thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() - thunderbolt: property: Reject dir_len < 4 to prevent size_t underflow - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker - scsi: scsi_transport_fc: Widen FPIN pname walker counter to u32 - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf - scsi: target: iscsi: Validate CHAP_R length before base64 decode - drm/hyperv: validate resolution_count and fix WIN8 fallback - drm/hyperv: validate VMBus packet size in receive callback - [x86] drm/i915: Fix potential UAF in TTM object purge - drm/amd/pm/si: Disregard vblank time when no displays are connected - [arm64] serial: sh-sci: fix memory region release in error path - [arm64] serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma - drm/amdkfd: fix NULL pointer bug in svm_range_set_attr - drm/amdkfd: Check for pdd drm file first in CRIU restore path - HID: core: Add printk_ratelimited variants to hid_warn() etc - HID: pass the buffer size to hid_report_raw_event - HID: core: Fix size_t specifier in hid_report_raw_event() - RDMA/rxe: Complete the rxe_cleanup_task backport - USB: serial: digi_acceleport: fix memory corruption with small endpoints - [arm*] xhci: tegra: Fix ghost USB device on dual-role port unplug - netfilter: nf_tables: restore set elements when delete set fails (CVE-2024-27012) - USB: serial: cypress_m8: fix memory corruption with small endpoint - bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded (CVE-2026-23310) - usb: core: Fix SuperSpeed root hub wMaxPacketSize - bpf: Free reuseport cBPF prog after RCU grace period. (CVE-2026-52910) - USB: serial: mct_u232: fix memory corruption with small endpoint - [amd64] dmaengine: idxd: Fix not releasing workqueue on .release() (CVE-2026-43064) - i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl (CVE-2026-52948) - ipv6: mcast: Fix use-after-free when processing MLD queries (CVE-2026-53275) - net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS (CVE-2026-53274) - tee: optee: prevent use-after-free when the client exits before the supplicant (CVE-2026-53273) - netfilter: xt_NFQUEUE: prefer raw_smp_processor_id - ipvs: clear the svc scheduler ptr early on edit (CVE-2026-53270) - netfilter: synproxy: add mutex to guard hook reference counting (CVE-2026-53269) - netfilter: conntrack_irc: fix possible out-of-bounds read (CVE-2026-53268) - netfilter: bridge: make ebt_snat ARP rewrite writable (CVE-2026-53266) - dm cache policy smq: check allocation under invalidate lock (CVE-2026-53265) - net/sched: act_api: use RCU with deferred freeing for action lifecycle (CVE-2026-53264) - 6lowpan: fix off-by-one in multicast context address compression (CVE-2026-53263) - pcnet32: stop holding device spin lock during napi_complete_done - net: Annotate sk->sk_write_space() for UDP SOCKMAP. - net: garp: fix unsigned integer underflow in garp_pdu_parse_attr - net: lan743x: permit VLAN-tagged packets up to configured MTU - [arm*] net: fec: fix pinctrl default state restore order on resume - Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() (CVE-2026-53256) - Bluetooth: MGMT: validate advertising TLV before type checks (CVE-2026-53255) - Bluetooth: RFCOMM: validate skb length in MCC handlers (CVE-2026-53254) - Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling - Bluetooth: bnep: reject short frames before parsing (CVE-2026-53253) - Bluetooth: fix memory leak in error path of hci_alloc_dev() (CVE-2026-53252) - Bluetooth: MGMT: Fix backward compatibility with userspace - ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options (CVE-2026-53249) - ptp: vclock: Switch from RCU to SRCU - vxlan: vnifilter: send notification on VNI add - vxlan: vnifilter: fix spurious notification on VNI update - ieee802154: 6lowpan: only accept IPv6 packets in lowpan_xmit() - net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr (CVE-2026-53245) - sctp: purge outqueue on stale COOKIE-ECHO handling (CVE-2026-52924) - ipmi: Fix rcu_read_unlock to srcu_read_unlock in handle_read_event_rsp - signal: clear JOBCTL_PENDING_MASK for caller in zap_other_threads() (CVE-2026-53352) - time: Fix off-by-one in settimeofday() usec validation - ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams (CVE-2026-53242) - fs/ntfs3: Return error for inconsistent extended attributes (CVE-2023-54125) - usb: gadget: f_ncm: Fix net_device lifecycle with device_move (CVE-2026-43421) - usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (CVE-2026-52943) - tap: free page on error paths in tap_get_user_xdp() (CVE-2026-46320) - [arm64] KVM: arm64: Remove VPIPT I-cache handling - [arm64] tlb: Allow XZR argument to TLBI ops - [arm64] tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI - iomap: don't revert iov_iter on partially completed buffered writes - xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx() (CVE-2026-53239) - netlabel: validate unlabeled address and mask attribute lengths (CVE-2026-53238) - ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (CVE-2026-53350) - tcp: restrict SO_ATTACH_FILTER to priv users (CVE-2026-53236) - net/mlx4: avoid GCC 10 __bad_copy_from() false positive - net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove (CVE-2026-52947) - ipv6: sit: reload inner IPv6 header after GSO offloads (CVE-2026-53228) - net: openvswitch: fix possible kfree_skb of ERR_PTR (CVE-2026-53227) - r8152: reduce the control transfer of rtl8152_get_version() - r8152: Block future register access if register access fails - r8152: handle the return value of usb_reset_device() - sctp: fix uninit-value in __sctp_rcv_asconf_lookup() (CVE-2026-53225) - net: guard timestamp cmsgs to real error queue skbs (CVE-2026-53223) - net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion (CVE-2026-52939) - ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() (CVE-2026-53221) - rds: mark snapshot pages dirty in rds_info_getsockopt() - netfilter: nf_conntrack: destroy stale expectfn expectations on unregister (CVE-2026-53349) - netfilter: x_tables: avoid leaking percpu counter pointers (CVE-2026-53219) - netfilter: nf_log: validate MAC header was set before dumping it (CVE-2026-52942) - netfilter: nft_exthdr: fix register tracking for F_PRESENT flag (CVE-2026-53218) - [arm*] net: mvpp2: sync RX data at the hardware packet offset (CVE-2026-53217) - [arm*] net: mvpp2: limit XDP frame size to the RX buffer (CVE-2026-53216) - [arm*] net: mvpp2: Add metadata support for xdp mode - [arm*] net: mvpp2: refill RX buffers before XDP or skb use (CVE-2026-53215) - [arm*] net: mvpp2: build skb from XDP-adjusted data on XDP_PASS - netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116) - [arm*] drm/vc4: fix krealloc() memory leak (CVE-2026-53213) - netfilter: nft_tunnel: fix use-after-free on object destroy (CVE-2026-53212) - Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend (CVE-2026-53209) - Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig (CVE-2026-53208) - [x86] drm/i915/gem: Fix phys BO pread/pwrite with offset (CVE-2026-53356) - ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL (CVE-2026-53198) - xfrm: espintcp: do not reuse an in-progress partial send (CVE-2026-52935) - USB: serial: io_ti: fix heap overflow in get_manuf_info() (CVE-2026-53196) - USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (CVE-2026-53195) - USB: serial: option: add usb-id for Dell Wireless DW5826e-m - USB: serial: kl5kusb105: fix bulk-out buffer overflow (CVE-2026-53194) - ALSA: timer: Fix UAF at snd_timer_user_params() - drm/amd/display: Reject gpio_bitshift >= 32 in bios_parser_get_gpio_pin_info() - RDMA/srp: bound SRP_RSP sense copy by the received length (CVE-2026-53186) - udp: clear skb->dev before running a sockmap verdict (CVE-2026-53184) - [armhf] socfpga: Fix OF node refcount leak in SMP setup - [armel,armhf] 9474/1: io: avoid KASAN instrumentation of raw halfword I/O - [armel,armhf] 9475/1: entry: use byte load for KASAN VMAP stack shadow (CVE-2026-53343) - mptcp: fix retransmission loop when csum is enabled - mptcp: close TOCTOU race while computing rcv_wnd - mptcp: allow subflow rcv wnd to shrink (CVE-2026-53183) - mptcp: sockopt: check timestamping ret value - wifi: nl80211: reject oversized EMA RNR lists (CVE-2026-53182) - vsock/vmci: fix sk_ack_backlog leak on failed handshake (CVE-2026-53181) - bnxt_en: Fix NULL pointer dereference (CVE-2026-53177) - IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN (CVE-2026-53176) - pidfd: refuse access to tasks that have started exiting harder - fuse: reject fuse_notify() pagecache ops on directories (CVE-2026-53168) - [arm*] i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (CVE-2026-53339) - [armhf] i2c: stm32f7: fix timing computation ignoring i2c-analog-filter - [arm*] i2c: tegra: Fix NOIRQ suspend/resume - [x86] Input: atkbd - add DMI quirk for Lenovo Yoga Air 14 (83QK) - [x86] Input: atkbd - skip deactivate for HONOR BCC-N's internal keyboard - ipc/shm: serialize orphan cleanup with shm_nattch updates (CVE-2026-52930) - [arm*] misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (CVE-2026-53161) - [arm*] misc: fastrpc: fix use-after-free race in fastrpc_map_create (CVE-2026-53160) - [arm*] misc: fastrpc: fix DMA address corruption due to find_vma misuse (CVE-2026-53159) - net/mlx5: Reorder completion before putting command entry in cmd_work_handler - net: bonding: fix NULL pointer dereference in bond_do_ioctl() (CVE-2026-53337) - [armel,armhf] net: mv643xx: fix OF node refcount - net: rds: clear i_sends on setup unwind (CVE-2026-53355) - mmc: core: Fix host controller programming for fixed driver type - [arm64] mmc: renesas_sdhi: Add OF entry for RZ/G2H SoC - mmc: sdhci: add signal voltage switch in sdhci_resume_host - sctp: diag: reject stale associations in dump_one path (CVE-2026-52917) - sctp: stream: fully roll back denied add-stream state (CVE-2026-52929) - thunderbolt: Reject zero-length property entries in validator (CVE-2026-53150) - thunderbolt: Bound root directory content to block size (CVE-2026-53149) - thunderbolt: Clamp XDomain response data copy to allocation size (CVE-2026-53148) - thunderbolt: Validate XDomain request packet size before type cast (CVE-2026-53147) - thunderbolt: Limit XDomain response copy to actual frame size (CVE-2026-53146) - slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock (CVE-2026-53331) - drm/amdgpu: restart the CS if some parts of the VM are still invalidated - drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size (CVE-2026-53137) - drm/amd/display: Clamp VBIOS HDMI retimer register count to array size (CVE-2026-53136) - drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs (CVE-2026-53135) - drm/amd/display: Use krealloc_array() in dal_vector_reserve() (CVE-2026-53329) - fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling (CVE-2026-52946) - mm/hugetlb: avoid false positive lockdep assertion - mm/damon/ops-common: call folio_test_lru() after folio_get() - mm/huge_memory: update file PMD counter before folio_put() (CVE-2026-53189) - f2fs: use kfree() instead of kvfree() to free some memory - f2fs: fix to do sanity check on dcc->discard_cmd_cnt conditionally - f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() (CVE-2026-31715) - ksmbd: require minimum ACE size in smb_check_perm_dacl() (CVE-2026-31712) - smb: client: validate the whole DACL before rewriting it in cifsacl (CVE-2026-31709) - [arm64] mm: Enable batched TLB flush in unmap_hotplug_range() - lib: test_hmm: evict device pages on file close to avoid use-after-free (CVE-2026-46280) - wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup() (CVE-2026-46069) - [arm*] spi: imx: Convert to platform remove callback returning void - [arm*] spi: imx: fix use-after-free on unbind (CVE-2026-45996) - thermal: core: Fix thermal zone governor cleanup issues (CVE-2026-46021) - media: rc: ttusbir: respect DMA coherency rules - media: rc: igorplugusb: heed coherency rules - sched: Use u64 for bandwidth ratio calculations - net: qrtr: ns: Limit the maximum number of lookups (CVE-2026-46026) - net: qrtr: ns: Change servers radix tree to xarray - net: qrtr: ns: Free the node during ctrl_cmd_bye() (CVE-2026-46038) - net: qrtr: ns: Limit the total number of nodes (CVE-2026-46003) - net: bridge: use a stable FDB dst snapshot in RCU readers (CVE-2026-46086) - spi: fix resource leaks on device setup failure (CVE-2026-46083) - fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info (CVE-2026-46065) - xfs: fix a resource leak in xfs_alloc_buftarg() (CVE-2026-46005) - udf: fix partition descriptor append bookkeeping (CVE-2026-45991) - hfsplus: fix uninit-value by validating catalog record size (CVE-2026-46169) - hfsplus: fix held lock freed on hfsplus_fill_super() (CVE-2026-46299) - erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap() (CVE-2026-45999) - ceph: only d_add() negative dentries when they are unhashed (CVE-2026-46052) - printk: add print_hex_dump_devel() - [arm*] crypto: caam - guard HMAC key hex dumps in hash_digest_key (CVE-2026-46291) - net: stmmac: avoid shadowing global buf_sz - net: stmmac: rename STMMAC_GET_ENTRY() -> STMMAC_NEXT_ENTRY() - net: stmmac: Prevent NULL deref when RX memory exhausted (CVE-2026-46110) - tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func() (CVE-2026-46196) - wifi: mac80211: remove station if connection prep fails (CVE-2026-46125) - wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task (CVE-2026-46180) - [arm*] usb: dwc3: Move GUID programming after PHY initialization - net: ipv4: stop checking crypto_ahash_alignmask - net: ipv6: stop checking crypto_ahash_alignmask - xfrm: ah: account for ESN high bits in async callbacks (CVE-2026-46193) - xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (CVE-2026-46116) - [armhf] spi: sun4i: Convert to platform remove callback returning void - [armfh] spi: sun4i: switch to use modern name - [armhf] spi: sun4i: fix controller deregistration - spi: Convert to SPI_CONTROLLER_HALF_DUPLEX - [armhf] spi: spi-ti-qspi: Convert to platform remove callback returning void - [armhf] spi: spi-ti-qspi: switch to use modern name - [armhf] spi: ti-qspi: fix controller deregistration - [arm*] spi: sun6i: fix controller deregistration - [arm*] spi: s3c64xx: Use devm_clk_get_enabled() - [arm*] spi: s3c64xx: fix NULL-deref on driver unbind (CVE-2026-46296) - mtd: spi-nor: core: fix implicit declaration warning - mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (CVE-2026-46190) - [arm*] spi: tegra114: fix controller deregistration - [arm*] spi: tegra20-sflash: fix controller deregistration - mm/hugetlb_cma: round up per_node before logging it - net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler (CVE-2026-43495) - fbcon: Avoid OOB font access if console rotation fails (CVE-2026-46191) - [i386] spi: topcliff-pch: Convert to platform remove callback returning void - btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (CVE-2026-46159) - tracing/probes: Limit size of event probe to 3K - btrfs: remove fs_info argument from btrfs_sysfs_add_space_info_type() - btrfs: fix double free in create_space_info_sub_group() error path (CVE-2026-46164) - pmdomain: core: Fix detach procedure for virtual devices in genpd (CVE-2026-46292) - smb: client: validate dacloffset before building DACL pointers (CVE-2026-46195) - smb: client: Use FullSessionKey for AES-256 encryption key derivation - btrfs: fix missing last_unlink_trans update when removing a directory (CVE-2026-46160) - mptcp: fastclose msk when linger time is 0 - mptcp: pm: prio: skip closed subflows - mptcp: pm: kernel: correctly retransmit ADD_ADDR ID 0 - mptcp: pm: ADD_ADDR rtx: allow ID 0 - mptcp: pm: ADD_ADDR rtx: fix potential data-race (CVE-2026-46137) - mptcp: pm: ADD_ADDR rtx: resched blocked ADD_ADDR quicker - f2fs: fix incorrect file address mapping when inline inode is unwritten - f2fs: fix false alarm of lockdep on cp_global_sem lock - cgroup/cpuset: Reset DL migration state on can_attach() failure - genetlink: Use internal flags for multicast groups - smb: client: require net admin for CIFS SWN netlink - Bluetooth: hci_qca: Convert timeout from jiffies to ms - mm/memory: fix spurious warning when unmapping device-private/exclusive pages - Bluetooth: Init sk_peer_* on bt_sock_alloc - Bluetooth: serialize accept_q access (CVE-2026-52918) - net: hsr: defer node table free until after RCU readers - ipv6: ioam: add NULL check for idev in ipv6_hop_ioam() - ice: fix VF queue configuration with low MTU values - mptcp: pm: fix ADD_ADDR timer infinite retry on option space insufficient - [arm64] octeontx2-af: CGX: add bounds check to cgx_speed_mbps index - mptcp: reset rcv wnd on disconnect - mptcp: do not drop partial packets - [x86] platform/x86/intel/vsec: Add private data for per-device data - [x86] platform/x86/intel/vsec: Create wrapper to walk PCI config space - [x86] platform/x86/intel/vsec: Make driver_data info const - [x86] platform/x86/intel/vsec: Fix enable_cnt imbalance on PCIe error recovery - [arm64] spi: qup: switch to use modern name - [arm64] spi: qup: fix error pointer deref after DMA setup failure - [arm64] tlb: Flush walk cache when unsharing PMD tables - phy: tegra: xusb: Disable trk clk when not in use - phy: tegra: xusb: Fix per-pad high-speed termination calibration - iio: gyro: adis16260: fix division by zero in write_raw - iio: dac: ad5686: fix ref bit initialization for single-channel parts - ALSA: firewire-motu: Protect register DSP event queue positions - [armhf] serial: samsung_tty: Use port lock wrappers - [armhf] tty: serial: samsung: use u32 for register interactions - [armhf] tty: serial: samsung: Remove redundant port lock acquisition in rx helpers - [arm64] usb: dwc3: xilinx: fix error handling in zynqmp init error paths - [armhf] usb: musb: omap2430: Fix use-after-free in omap2430_probe() - usb: gadget: f_hid: tidy error handling in hidg_alloc - usb: gadget: f_hid: fix device reference leak in hidg_alloc() - usb: typec: ucsi: Check if power role change actually happened before handling - thunderbolt: property: Cap recursion depth in __tb_property_parse_dir() - [arm64] tty: serial: qcom-geni-serial: remove unused symbols - [arm64] tty: serial: qcom-geni-serial: align #define values - [arm64] serial: qcom-geni: fix UART_RX_PAR_EN bit position - scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() - usb: typec: ucsi: Don't update power_supply on power role change if not connected - netfilter: nft_fib: fix stale stack leak via the OIFNAME register (CVE-2026-53134) - hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf (CVE-2026-53199) - mm/hugetlb: rename isolate_hugetlb() to folio_isolate_hugetlb() - mm/migrate: don't call folio_putback_active_hugetlb() on dst hugetlb folio - mm/hugetlb: rename folio_putback_active_hugetlb() to folio_putback_hugetlb() - mm/memory-failure: fix missing ->mf_stats count in hugetlb poison - mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison (CVE-2026-53207) - RDMA: Move DMA block iterator logic into dedicated files - RDMA/umem: Fix truncation for block sizes >= 4G (CVE-2026-53133) - ipvs: skip ipv6 extension headers for csum checks (CVE-2026-45850) - blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (CVE-2023-54271) - batman-adv: stop tp_meter sessions during mesh teardown (CVE-2026-46208) - batman-adv: tp_meter: fix tp_num leak on kmalloc failure - [x86] ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6 - perf build: Conditionally define NDEBUG - perf parse-events: Make YYDEBUG dependent on doing a debug build - perf build: Disable fewer bison warnings - [arm64] KVM: arm64: Wake-up from WFI when iqrchip is in userspace - ipmi:ssif: Fix a shutdown race - ipmi:ssif: Clean up kthread on errors (CVE-2026-46044) - usb: typec: tcpm: reset internal port states on soft reset AMS - lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() (CVE-2026-43492) - ipmi:ssif: Remove unnecessary indention - ipmi:ssif: NULL thread on error - [arm*] drm/v3d: Reject empty multisync extension to prevent infinite loop (CVE-2026-46314) - [arm64] Mitigate TLBI errata on various CPU cores (CVE-2025-10263): + cputype: Add NVIDIA Olympus definitions + cputype: Add C1-Ultra definitions + cputype: Add C1-Premium definitions + errata: Mitigate TLBI errata on various Arm CPUs (CVE-2026-53354) + errata: Mitigate TLBI errata on NVIDIA Olympus CPU + errata: Mitigate TLBI errata on Microsoft Azure Cobalt 100 CPU - [armhf] fbdev: vt8500lcdfb: Fix dma_free_coherent() cpu_addr parameter (regression in 6.1.165) - [x86] CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (regression in 6.1.173) - r8152: Hold the rtnl_lock for all of reset - media: rc: ttusbir: fix inverted error logic - batman-adv: tp_meter: fix tp_vars reference leak in receiver shutdown - media: rc: igorplugusb: fix control request setup packet (CVE-2026-46091) - ksmbd: OOB read regression in smb_check_perm_dacl() ACE-walk loops - batman-adv: tp_meter: fix race condition in send error reporting - batman-adv: tp_meter: avoid role confusion in tp_list - netfilter: require Ethernet MAC header before using eth_hdr() (CVE-2026-53131) . [ Ben Hutchings ] * Refresh "rxrpc: Fix conn-level packet handling to unshare RESPONSE packets" * [rt] Add new signing key for Clark Williams * [rt] Update to 6.1.176-rt64: - ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT - [x86] kvm/vmx: guard regparm(0) on vmread_error_trampoline for x86_32 only * [x86] Revert "x86/CPU: Only try to mitigate FPDSS on Zen1" as redundant * Revert "net: ipv4: stop checking crypto_ahash_alignmask" * Revert "net: ipv6: stop checking crypto_ahash_alignmask" * Revert "Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen()" * cgroup/cpuset: Fix misplaced call to reset_migrate_dl_data() * media: uvcvideo: Create an ID namespace for streaming output terminals * [ppc64el] cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state * Revert "media: rc: streamzap: Error handling in probe" * Revert "epoll: use refcount to reduce ep_mutex contention" (CVE-2025-38349, CVE-2026-46242) . [ Salvatore Bonaccorso ] * ip6_vti: set netns_immutable on the fallback device. (CVE-2026-52909) * net/sched: act_pedit: check static offsets a priori * net/sched: act_pedit: rate limit datapath messages * net/sched: fix pedit partial COW leading to page cache corruption (CVE-2026-46331) * net/sched: act_pedit: free pedit keys on bail from offset check Checksums-Sha1: 59d3d115af0776eba4d9e50d0975f1983b867c54 4816 ata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 993cc3ad38f911afb35fa49c33afa88afb2eb01e 853748 bpftool-dbgsym_7.1.0+6.1.176-1_ppc64el.deb ff1d7ccbacb62e4a7e890d9f890f9c43b1dd4959 1435828 bpftool_7.1.0+6.1.176-1_ppc64el.deb c032c125e83c422e3ab19d7f98a3e40e2510ccfe 590280 btrfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 26f7939ce0c9d2d2b9c73a2c134972e93b84c7f4 36776 cdrom-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 14aaa33abe84c459f37fedf0aa0cbe77d268954e 14468 crc-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5c3b21b7b08e053b085b5defee4b2ad8b7bc0245 25932 crypto-dm-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 2dd22cf9d0ede1ae7b50a4475c4196f2ef925bb4 63216 crypto-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7f6be2f6f2889da239ac60d4bdb4a4557d72e883 11944 event-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 60cd4dd8a9f29a35acc520b29f171ac560a0c2a6 357684 ext4-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 38f8e26e389b1c92bf068cf729c8ce3ff9f0ba49 273844 f2fs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5899463864838c68b9a505a551aa85d2bf0d2415 7116 fancontrol-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb cbdb0dd793b9c34cadced752e41140ebc0689960 51796 fat-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 62e447e2df8cb3bf1a2cf19fdaf1921d14dfa0ac 339168 fb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 6902eced32a00d240816cfac3c3c6b3a6c8c3098 65676 firewire-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 83ec75b86569df10238715ce2d8bde67539e0a8e 66160 fuse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb c6d7703c85579f6dfa0a92a1742430ac1e071c50 12684 hypervisor-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 6ee8d578b25c5a840810062395180387bc40d4a6 5984 i2c-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb e332ffc88db00e77cbdca586af761ae0eb4d54a2 453604 input-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 817dfb812047bf6f5428c467a6ce20730f7b613b 21424 isofs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 82446a0f8fadfe4ac0b3f0133d13284ecd186e50 97108 jfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 9130b11a7117f8099d4613964071ae51ff6f7540 7377660 kernel-image-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 10557060334d92641e8538f481cfb1df48ac2a54 1158384 libcpupower-dev_6.1.176-1_ppc64el.deb ae0069e0ef3114589789f18f00ed75c9b6775c80 24896 libcpupower1-dbgsym_6.1.176-1_ppc64el.deb d78587985cfb97acf643c04c1347768b5b9a4d6f 1164756 libcpupower1_6.1.176-1_ppc64el.deb b0f1edcfe9a83b0bb53a8b4810a4392025feebf4 1202116 linux-config-6.1_6.1.176-1_ppc64el.deb ace4559121928d0fc761cf5c7356e1e6ba870865 61468 linux-cpupower-dbgsym_6.1.176-1_ppc64el.deb 7570793854c40bde330e9a124e7cd9a5f1b82fa1 1197544 linux-cpupower_6.1.176-1_ppc64el.deb c200caf87bc714dcbb818e6d918d1c5f67861c3c 1591948 linux-headers-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb d4929fc229002d73dd9a925b22972341156168ab 1176 linux-headers-powerpc64le_6.1.176-1_ppc64el.deb 5dc1ec18231e7a5d4f51d794e1017aa3f7a316ca 717660264 linux-image-6.1.0-50-powerpc64le-dbg_6.1.176-1_ppc64el.deb 5def76a360693c575adb6b859bec72f243550b8a 49160448 linux-image-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb bdd92b9788bd21bbe2119795b7a028c25e10fa87 1328 linux-image-powerpc64le-dbg_6.1.176-1_ppc64el.deb 246cea4da8a9b0bfd979890f5ee08dc9ba4452c3 1436 linux-image-powerpc64le_6.1.176-1_ppc64el.deb f69f2caa41384e980fb96e8a1f469ca4dae79087 1069412 linux-kbuild-6.1-dbgsym_6.1.176-1_ppc64el.deb 3677415c751bca54f581609146c42b5a26742598 1438880 linux-kbuild-6.1_6.1.176-1_ppc64el.deb 3ab3ddc49bef2093c78a7070a64169e30a5d9567 2294576 linux-libc-dev_6.1.176-1_ppc64el.deb 2e94f7aafb65b17e1bbdfdda1c8c19a31b429e63 8129236 linux-perf-dbgsym_6.1.176-1_ppc64el.deb 025d22385f10434c3acc460bac39f16cde9a9102 3081796 linux-perf_6.1.176-1_ppc64el.deb d2374483f1fc45324edf6c5d7338736397af5597 32479 linux_6.1.176-1_ppc64el-buildd.buildinfo b9657e98e7e4f6183e91301530be3f09d05937ce 16280 loop-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 2042c7d5e447515198cb13e494f7c5f606edd8f9 588588 md-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb f57eb54db5c59cb83c76925a2094f51d503b055a 60648 mouse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 1cf0e084cc5464b3ff56ead04b701670e8cbef1c 33492 mtd-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 4c42fa59a1113ecd942cabe3b517e8876092d06c 40544 multipath-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 26f83a0c75ade026dabe3abcb7bd2e0bb91912ec 23412 nbd-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 83fab2609d1c116629ddd6607b25ebda24ec4e4e 4839584 nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ca18b7b06b96f94bb23621a4484c82bd631a606f 253816 nic-shared-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb fd371de3654a76210760539bb5025e9752b9dc50 260216 nic-usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 9a376c312473daf9fbc2c0e05f4369bb0c8ac74a 4803984 nic-wireless-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 9fa00a575db66a96f1e62eb0996fdc0f1b178e40 49440 ppp-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b2ad051f272dc5404bf2a8f83dedaf03c7fc76b2 148664 sata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb da97f5859dc1528a41188161f8030094e6bed701 64024 scsi-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb e01d5f6cb5db7905acdb3fe72599aa7ed21dd9d7 3021368 scsi-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 0e98b0911be970103a671fc7b182bf162f050caa 154352 scsi-nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 97beb5aace80dd9b6a17f826d22db062f4298741 8468 serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 68e787e69affbba71a7d810743dcf1cfaf2f21c5 29324 squashfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb fa3e6c2488906371b2852089ae572f38f3e4e155 57264 udf-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 8951a2a9142d7b632f70e24aa95ca182329af9c2 9272 uinput-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 70a86f3466194482a6ae856f0f68a8834ea0cb08 338636 usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 06c56adf41a379f8fbfc9836c7b994e62d6044b1 242420 usb-serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb dd72285b68a33963e7c4c4cd0d0de78bd1d33338 92068 usb-storage-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb bac2138998e8cbb2838a7699880e8af598cdfec4 154636 usbip-dbgsym_2.0+6.1.176-1_ppc64el.deb 60ad6da3c691356565bee0cd52373a930792f43a 1196092 usbip_2.0+6.1.176-1_ppc64el.deb 902e5e6312d1a92eb9b8849e0bb8f48e54071a5c 497456 xfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb Checksums-Sha256: e8ac98fc6a532ef772e2b51ec638767dde6df9fb00292b5ad6d9aacaae5468e6 4816 ata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb deb4da218ff2347329792139149923d508a76bb1f2abc973a1654883220b5314 853748 bpftool-dbgsym_7.1.0+6.1.176-1_ppc64el.deb b23045ef198efa953ce032235523310575c6755fe79c29e86dbb8eb8f0286259 1435828 bpftool_7.1.0+6.1.176-1_ppc64el.deb eb4c9f6e8d5de83c0e7dd9ff26dbc46d613e57fdbe4fe019108dae7ff010ce3e 590280 btrfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 4692e0f5d8fe3cbe86e0b79d8c9a81a98a396b83040cb9f72d09b5cdfdef71d9 36776 cdrom-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5f6ebcebfde83b3b210f867bbf23388fb58f86c3afdff98026c14ce73119952f 14468 crc-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb f29c92d996e974e49a744dedc03c25bd063a186f81a2b380345c2f0bd173132f 25932 crypto-dm-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb efc0e04e3abce31cad16b2768bd73e5e8916de8ae5f76de4270f1fdcc3770676 63216 crypto-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb a87b3b7a9a281b4b745f4e83485b96bdc861e86dda5ebf0292b9f2c5b3f9e1dc 11944 event-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 2d92b81e807aee1a764ee779bcaf6726b01796449dec6e9fd3b7cc72cb1bf09c 357684 ext4-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 8fc3aa76fc95a4ce011e6dd18b19e0b480b6f5213db1352352140a374fa5ab12 273844 f2fs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 28feff2cd18ea14dbc619eb6821ec892073f81ac43fcb4ff9ba7ba1b2915f54b 7116 fancontrol-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 4b570875c97b09efaad53cc83bd7d979369e89a91c1270554c928f09b2247970 51796 fat-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ebb4504f76511c3f087d5b30d251a7623a7d4101cd1449e45bc7b23424b1e5c9 339168 fb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b84bb8c6e3c328dbcbf8fa6ac828d8b7aecf2a68a0e588ff0f96abe4f9c00c4b 65676 firewire-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb a3ec2b82d383b7d09e3bf7d5e8491d85b3de2296cfb81197f75e00ebbb61bdac 66160 fuse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 467c221817d43a3d60529048f7b4b38256e15087a3a0fd69d7934c3d70aa97f5 12684 hypervisor-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb d1df947f66f069ca54ffa542d29fc234da04d802d13dbc6c92eb986fc4fd7e2c 5984 i2c-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb e5d8b162d55d37ca380744a92495cb5a887b68804ef2e1366076f6d3b13aa424 453604 input-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 52c3fe6edb8c7233371209ba4d5fd7aef86abdda577d7879ef7576afadc5a1ff 21424 isofs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 402f5907f8f335a2aeb6d197b582ec71388ce309baf2aa93ceee9de0d72502d5 97108 jfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb eb12f93dabab8cbc9f03be2e62f42f756c61361932f54e090222894876b9de40 7377660 kernel-image-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 2916b0c1c887cc8bcb33b77ec4286bfa68e50cd1d531b52dadcaef6e9f2f1586 1158384 libcpupower-dev_6.1.176-1_ppc64el.deb 61602b977a0a1090ad2eec00793db0ecbdd543cb3af1f903dacc33703e2c0bb9 24896 libcpupower1-dbgsym_6.1.176-1_ppc64el.deb a86bdb2b940d28904dd65ca25b568a1d9fec967bb906621370dd0e64f37cb232 1164756 libcpupower1_6.1.176-1_ppc64el.deb 2b1465b2e6d854c1f1abb549560c6fcb37127753af0f4a60c7c783f0ee7dae4e 1202116 linux-config-6.1_6.1.176-1_ppc64el.deb cd7f78dea8cdca2a4fdfc1008c88679683799a80eacff2dbe570b36986879fc6 61468 linux-cpupower-dbgsym_6.1.176-1_ppc64el.deb 924b612b21a4897a44292deb5c7da661de96ea4f29da1a1d91e003c789ac2b8c 1197544 linux-cpupower_6.1.176-1_ppc64el.deb 5cbb3c69b48b0804a7c5b2cac51f7189d787458eef1087cbed161385bcaf5e9d 1591948 linux-headers-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb 50a3ac2d6a9ac9b6ff2965732a9ef468f140ba76af1fa8aa116a50176768d75a 1176 linux-headers-powerpc64le_6.1.176-1_ppc64el.deb d03f5092d91016c534295a44ea31e880929541dfaaef3bb4db5b433967bd73af 717660264 linux-image-6.1.0-50-powerpc64le-dbg_6.1.176-1_ppc64el.deb 0513cb05cef43064db6e62e5b71f6a316cf4854ea4fb873263e8e50a1254999e 49160448 linux-image-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb 4f94666e1a1f6cf964868745639ac4b61cc4372498a0079fb66d68d7763522de 1328 linux-image-powerpc64le-dbg_6.1.176-1_ppc64el.deb 4ceefafb75c3f6f2df6ad7c80f1459889ad69b2b44d42ab3b7a52adca62b3a03 1436 linux-image-powerpc64le_6.1.176-1_ppc64el.deb 686a5342bf5d9b1657f639fc82bed5ceab712345e7be7ea3dc4289789b87b8cf 1069412 linux-kbuild-6.1-dbgsym_6.1.176-1_ppc64el.deb 4b6e30c59f532dbced9d5c8a345ce25e6a0172f8977fdb7978d6550058171814 1438880 linux-kbuild-6.1_6.1.176-1_ppc64el.deb 922e8933bd4a86ac0ecb3ee191a176ba7a312eca7778f294d66fbefc331a7f25 2294576 linux-libc-dev_6.1.176-1_ppc64el.deb 4f97d9652152f0ea047abe8482c46006b87c55bc235d8d2eaa4f4b93a03066a5 8129236 linux-perf-dbgsym_6.1.176-1_ppc64el.deb 5a59f124ffe13e5819fecbab2f3e71252dc0d099d30cf63833d45b001315b00f 3081796 linux-perf_6.1.176-1_ppc64el.deb c4e21f3f374239956d0fb8a070d6e398c3155f5d92e4e944a044b74fa2d55a3d 32479 linux_6.1.176-1_ppc64el-buildd.buildinfo 83259f753a4e11e4199c35743da9aaaffcd6f823a314e0cca4fa3924f09ac9f6 16280 loop-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ac05ac8d339ca4bd06f636405145b37580517e77cd846486f201b594e5196b10 588588 md-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 64a497dff67d36fc8e1b0bd927c07e83879c153717da060f07aafc0272a1cc0c 60648 mouse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 47446b0b0393c1f08694cc9dfe122ba89e91a73ff44c83a2cadcb36052fae0f4 33492 mtd-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 88e50d7695993f827bd2a9bd2d5abd694a0a2d3d1c3e1b2b93bba39d8dbdb9bc 40544 multipath-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 3aebf18c3296be7cd6b1ebd9a09228842bae05c60c459b7dc1580e4c49a1565d 23412 nbd-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 89631aae6967ed5bc4c1b55e14d6811a667ff4d3824298db8f2448506d6f34bc 4839584 nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb a39e8a30c1808144345b47094ffb68c6b9b902079113451785effdf6c2423038 253816 nic-shared-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 279ce1e490fc75745050d6bfc7c510a139f5475309f9ba7640cb8b0d703744dc 260216 nic-usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ec10db87d419732bacde64d45fe722b984906fd113948e32ab982a885a4833db 4803984 nic-wireless-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b4929ea331f3c64980bfdaafcc5603f58bdadecac34e7b2e7ba1d03a45113f03 49440 ppp-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 52f052834057b307ae9f29947dd2d0cdcb813e7bc436bbb0e344a74a655f90c1 148664 sata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b067f8e4837cd9e1339d260ad02ce841b052a1d4b8521cfd026914e687451bcf 64024 scsi-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 6a819bf346702fd96efef8c092f28c4310b9e4ad59733457a0e50dda1a84bd3d 3021368 scsi-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 0ec5d9181bbbc7bffe11f721c36cdade0f8c5b165ebf9ff2fcac1416e938721b 154352 scsi-nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b9757c092f512018b23e4710b70687d0f9265c436a7be27305044f6aabe48af7 8468 serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 1fd238d56415600104091b064811d09fcec3eade8ddc62f4712107a9ea542a9f 29324 squashfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb f586261ff386fd09e4f7f7811c86d94792b1d07846bd67b0029210d6fa693373 57264 udf-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 861cfdafec35702bdbd5e15e5658593e70ae51a8d014978c38e2c29d734233b9 9272 uinput-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb d18ee0c7d48c509cd348126c1731bd6d688f24436a9986f2dade8171923184b2 338636 usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb c7d3f55a9c0f6cba55dccc97eb4391190f756f1998c0b879499b3c9a8b1337da 242420 usb-serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5e934ce3333fa1cce85a0c2c82b6682a1e9de1d2a781602778133b6fe28d0d0c 92068 usb-storage-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b25a8dc015a638219442b6c0e4c49e784e5dadbbf794ab402bef0ffcb3040f9b 154636 usbip-dbgsym_2.0+6.1.176-1_ppc64el.deb e6690ea491dc431eaecbcb489940c5050114430edc1937423ac6e29859e89d1a 1196092 usbip_2.0+6.1.176-1_ppc64el.deb 7724e798d29f33226cd6c1e277f891834d7bffcacdc08945f86dca5941dcb271 497456 xfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb Files: c6dafb77c8dbe5f54853fdf85f10deb3 4816 debian-installer optional ata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 949ff6ada7682381bb0b5513c2be4057 853748 debug optional bpftool-dbgsym_7.1.0+6.1.176-1_ppc64el.deb 32de48262ac7edf62297fbc686461894 1435828 devel optional bpftool_7.1.0+6.1.176-1_ppc64el.deb 6e900276ff24055c575c1a9520d39766 590280 debian-installer optional btrfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 096e863bee17fed76114d887784c5748 36776 debian-installer standard cdrom-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5ddb89b47c95b930a45a827a8946215a 14468 debian-installer optional crc-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb a206d54d10a118610099ee5d4790195f 25932 debian-installer optional crypto-dm-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 610a76a5e6cf24539b472ae5d702e01f 63216 debian-installer optional crypto-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 8d63c7531184013d7f073820a3c6751e 11944 debian-installer optional event-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb e817e400808a140c2f6be5237a458dbc 357684 debian-installer standard ext4-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b532a6b913f54741f3111bdf45c79bf1 273844 debian-installer optional f2fs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 4e6fde3a9cff136e7fb3b4e9592436d5 7116 debian-installer standard fancontrol-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 66fc3572c33e8618f6ed1c341b3eebbc 51796 debian-installer optional fat-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 13537cf65cdb09538a2947932844162b 339168 debian-installer optional fb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 645847dd6323e0de4bd37b2cfc507baf 65676 debian-installer standard firewire-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7d7ee2e55d31bca0757ca64ebf3282f0 66160 debian-installer optional fuse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb b2e1a7b6ae5dc10575f71a90adf1e5e8 12684 debian-installer standard hypervisor-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb c299a9c71c2328d2b70c137d313a71d3 5984 debian-installer optional i2c-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 40dee806e6b52ee0e54b04250d0e025f 453604 debian-installer optional input-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 1bcd42726d3ccda85327bf547080faea 21424 debian-installer standard isofs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 00c7a047c6e33e8e0d342df73e630667 97108 debian-installer standard jfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 952d3bb2b165015a21239ef47f7ca167 7377660 debian-installer standard kernel-image-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 9c04a298f66bddde1a5f4a1635b51afd 1158384 libdevel optional libcpupower-dev_6.1.176-1_ppc64el.deb b90312a8dc6f7e9b1f6d5055bce0030c 24896 debug optional libcpupower1-dbgsym_6.1.176-1_ppc64el.deb 7aca8d0b24e5e01a7d70b1696df12d77 1164756 libs optional libcpupower1_6.1.176-1_ppc64el.deb 1e9790259adb35f76251a07a8095eda6 1202116 kernel optional linux-config-6.1_6.1.176-1_ppc64el.deb 51a4d3a506b2f3f4306babc85d2b8b17 61468 debug optional linux-cpupower-dbgsym_6.1.176-1_ppc64el.deb a4657f5af87cb4f9e39335922dd38ae9 1197544 admin optional linux-cpupower_6.1.176-1_ppc64el.deb 28ec6d8167ca18f67f38e18bbd393030 1591948 kernel optional linux-headers-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb 77542384c7cca17de3a178b5313fbf80 1176 kernel optional linux-headers-powerpc64le_6.1.176-1_ppc64el.deb 289f1e01aa5a6bb5d650f5ef31373086 717660264 debug optional linux-image-6.1.0-50-powerpc64le-dbg_6.1.176-1_ppc64el.deb 500f10a8d18c3ca4084c3dd902b7ec4b 49160448 kernel optional linux-image-6.1.0-50-powerpc64le_6.1.176-1_ppc64el.deb 1f22b94b6bf764bf8aed3591dc40308e 1328 kernel optional linux-image-powerpc64le-dbg_6.1.176-1_ppc64el.deb e0e0d2f7fba1e913c794a0025f10f4c2 1436 kernel optional linux-image-powerpc64le_6.1.176-1_ppc64el.deb c68d8b9a1570153fd14d50d5831f916d 1069412 debug optional linux-kbuild-6.1-dbgsym_6.1.176-1_ppc64el.deb 8abbdee31bead81771e9caf3328548d8 1438880 kernel optional linux-kbuild-6.1_6.1.176-1_ppc64el.deb e1e560295da32890ca458371135d73b5 2294576 devel optional linux-libc-dev_6.1.176-1_ppc64el.deb 2ceda3ffb41cb2a4e3a3268eab65e696 8129236 debug optional linux-perf-dbgsym_6.1.176-1_ppc64el.deb fb39f6df7c191d5c30d0824f3d4dc3ef 3081796 devel optional linux-perf_6.1.176-1_ppc64el.deb b1ce1b454753ea32dbd3a157e04e6fd7 32479 kernel optional linux_6.1.176-1_ppc64el-buildd.buildinfo da36b38db82648152a4f475fae9ef6b4 16280 debian-installer standard loop-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 37050f97e0e9b4fd8f7df80c91000284 588588 debian-installer optional md-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 01f06e43c557041fda9b5ccb61578751 60648 debian-installer optional mouse-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7eafc5cf005f4c7d6ab814cd5ea1abad 33492 debian-installer optional mtd-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 58c21e4b69b1a75dcb578263fce9e4b3 40544 debian-installer optional multipath-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb a3969449418404a6ab3d5cd75a87dd3e 23412 debian-installer optional nbd-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ed775d95dcf61f58c3ed186d755aab97 4839584 debian-installer standard nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7f0cf50d201f70d5dbd743f31f039539 253816 debian-installer standard nic-shared-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 25682cb1c88bc52823d88b8f4543e248 260216 debian-installer standard nic-usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb c90be375e9f2ab156c4d7525de358b08 4803984 debian-installer standard nic-wireless-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb de5c800d886294d78ff7f7b7bc9133d9 49440 debian-installer optional ppp-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 0e5c3baabf872d1133e9e12f82c78b8e 148664 debian-installer standard sata-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb f2f98a47a2be88d4b618d5a899b95c8a 64024 debian-installer standard scsi-core-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ab4b883dd5f41349e061b82d7c804ce6 3021368 debian-installer standard scsi-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb c91d10f1cdf9a49ff06c3419651b6926 154352 debian-installer optional scsi-nic-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb d89de642ed7c6b71b458ce54c096770c 8468 debian-installer optional serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 5b7ae362cf5c4d874db5812988231f42 29324 debian-installer optional squashfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7c20c8065d0fb613236ae95ce7ec9d13 57264 debian-installer optional udf-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 828601132f449247515a0324bd27d6f7 9272 debian-installer optional uinput-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb ee60cbc46e40df983620d00002f6c7d4 338636 debian-installer optional usb-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb d5b38e8b9fccf83cf2f4dcfb9f9abaed 242420 debian-installer optional usb-serial-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 7aa875444fa9d544142e4fbe2ad0dc05 92068 debian-installer standard usb-storage-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb 6a79219664aa67806bac523d7237c564 154636 debug optional usbip-dbgsym_2.0+6.1.176-1_ppc64el.deb 89169139edde78e7402d52d6c42fd5a7 1196092 admin optional usbip_2.0+6.1.176-1_ppc64el.deb 8fb61420dde0ad3083b9dfcda6371214 497456 debian-installer standard xfs-modules-6.1.0-50-powerpc64le-di_6.1.176-1_ppc64el.udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETLpi2USYGUNSlYhoNINNphgym2QFAmpHlfUACgkQNINNphgy m2S29g/+LOoT+garh6pN1N1SI2aEaPFJaOR0RSI9yO8JOVsRwh7c5HVkZr5U82mI Symg4X6DgitCF6/O+tDivm85qd5kROFHhHNkikkvVV0P9bG4zG77t5i1LNbQbJ+H iXSQkmFFW8fe/X29lnJwnqqszN7Ra4h3SpeZz+c+EFYFIkUbReAUEYp3yahIwhyY W7qH1zVj/F3+VXXZc43tzS8SvoGRwuEPay+UH0mMxnwEnSLzRKAPHDq+yMJTyYGo UmR+FSvTitzGvlucJP1thG4MCagbKt+lsXw+XZMsNVcJsWnSe2aeP6P5cP/580yC Vgmx417dXsO3FgZeajVGpWMhYnDP7VNHbsJLJvS7Gl61nuJ02c+6a7hdncshzrkx Ibw8796M1AKtQ8dLyrt+oQgUzrvfkzhTm6qL/NPVGJkQ8Arb5/SZWSGwUvQ9JEK9 yeT+svU4w/MCa0wsyxaVpz1xShBpUJi3eZO2/K3DUroWrLvZvHmG8ln9h8lyWjhx nEb2XUO+bGK/dnePQoplH5v5HQuPUz0Dv91p0yu0Ue4IHnlc+MGqcBlxJTzXEPiY 6I09opRkw8SmOUvUd5ZUIsXFGl35IhhowXu29cJDFCnNUpo8qD2zA/xv4LR3YpIf OYPvvVtiHcSushQZYF+MGJ52jrcd4ZVjPNLw7F07keUHiSq1LaQ= =eGEO -----END PGP SIGNATURE-----